SDN and network traffic

Hello,

I’m going to explain my scenario in OpenNebula (updated today to 5.8.5)

  • one opennebula machine that acts as server and as kvm node too
  • one virtual network (name N_10), with Internet connection (NAT from server), with network address 10.10.10.0 and this configuration:

[oneadmin@system ~]$ onevnet show 0
VIRTUAL NETWORK 0 INFORMATION
ID : 0
NAME : Internet
USER : oneadmin
GROUP : oneadmin
LOCK : None
CLUSTERS : 0
BRIDGE : br0
VN_MAD : fw
AUTOMATIC VLAN ID : NO
AUTOMATIC OUTER VLAN ID : NO
USED LEASES : 112

PERMISSIONS
OWNER : um-
GROUP : —
OTHER : —

VIRTUAL NETWORK TEMPLATE
BRIDGE=“br0”
DESCRIPTION=“Internet access”
DNS=“my DNSs”
GATEWAY=“10.10.10.1”
NETWORK_ADDRESS=“10.10.10.0”
NETWORK_MASK=“255.255.255.0”
PHYDEV=""
SECURITY_GROUPS=“0”
VN_MAD=“fw”

ADDRESS RANGE POOL
AR 0
SIZE : 253
LEASES : 112

RANGE FIRST LAST
MAC 02:00:0a:0a:0a:02 02:00:0a:0a:0a:fe
IP 10.10.10.2 10.10.10.254

  • a second virtual network (name N_20), without internet connection, with network addres 20.20.20.0 and this configuration:

[oneadmin@system ~]$ onevnet show 1
VIRTUAL NETWORK 1 INFORMATION
ID : 1
NAME : Middle
USER : oneadmin
GROUP : oneadmin
LOCK : None
CLUSTERS : 0
BRIDGE : br2
VN_MAD : fw
AUTOMATIC VLAN ID : NO
AUTOMATIC OUTER VLAN ID : NO
USED LEASES : 177

PERMISSIONS
OWNER : um-
GROUP : —
OTHER : —

VIRTUAL NETWORK TEMPLATE
BRIDGE=“br2”
DESCRIPTION=“Middle”
NETWORK_ADDRESS=“20.20.20.0”
NETWORK_MASK=“255.255.254.0”
PHYDEV=""
SECURITY_GROUPS=“0”
VLAN_ID=""
VN_MAD=“fw”

ADDRESS RANGE POOL
AR 0
SIZE : 500
LEASES : 177

RANGE FIRST LAST
MAC 02:00:14:14:14:02 02:00:14:14:15:f5
IP 20.20.20.2 20.20.21.245

  • server doing NAT with this iptables rule in table NAT:
    *nat
    :PREROUTING ACCEPT [0:0]
    :POSTROUTING ACCEPT [0:0]
    -A POSTROUTING -s 10.10.10.0/24 -o br0 -j MASQUERADE
    COMMIT

  • a linuxbridge br0 connected to physical device eth0

[oneadmin@system ~]$ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.801844ee6b34 no eth0

  • this bridge br0 has two IP address: a public IP address and 10.10.10.1

  • another bridge, br2, with no IP address and not connected to any physical device

  • in Opennebula, both virtual network are created with “Bridged and Security Groups” mode. Neither N_10 nor N_20 have a physical device conneted

Now, I will explain what I have get this morning:
After creating two instances, both of them with two networks interfaces, each of them connected to each virtual network, I have reconfigured inside the instances the IP addresses assigned to them. For example, in both instances I have reconfigured second network interface, changing address from range 20.20.20.X to a “new” range 123.1.1.X. Opennebula scheduler doesn’t know what I have done inside the instance… Now, after restarting networking daemon, I can ping from 123.1.1.2 to 123.1.1.3… but both instances were connected to virtual network 20.20.20.0…

Why?

Thanks.