Network Zones with OVN networks

avml · August 16, 2022, 9:07pm

Hello LXD Friends:

I’m having a bit of trouble getting network zones to work with OVN backed network. I tried following the youtube video on the subject to the T, but it doesn’t seem to be working out for me. When I add the core.dns_address to a managed, bridged network in the default project, I seem to get further along when trying to use dig to validate the records in the zone. However, once I set the core.dns_address to the a gateway address that is in an ovn network it doesn’t seem to work. I can ping the ovn gateway address and it responds on my network, so things seem to be routed correctly. I’m suspecting I’m not adding or missing some config keys.

Thanks for the help.

Some config

config:
  cluster.https_address: < Redacted>
  core.bgp_address: 
  core.bgp_asn: 
  core.bgp_routerid: 
  core.dns_address: 192.168.47.1:8853
  core.https_address: 
  core.trust_password: true
  network.ovn.northbound_connection:

+------------------------------------------+-------------+---------+
|                   NAME                   | DESCRIPTION | USED BY |
+------------------------------------------+-------------+---------+
| 5.9.6.9.3.a.f.7.3.9.1.4.2.4.d.f.ip6.arpa |             | 1       |
+------------------------------------------+-------------+---------+
| 47.168.192.in-addr.arpa                  |             | 1       |
+------------------------------------------+-------------+---------+
| lxd.internal-services.thelabs.online     |             | 1       |
+------------------------------------------+-------------+---------+

lxc network zone show lxd.internal-services.thelabs.online
config:
  dns.nameservers: ns1.lxd.internal-services.thelabs.online
  peers.ns1.address: 192.168.46.2
name: lxd.internal-services.thelabs.online
used_by:
- /1.0/networks/internal-service

lxc network show internal-service
config:
  bridge.mtu: "1442"
  dns.zone.forward: lxd.internal-services.thelabs.online
  dns.zone.reverse.ipv4: 47.168.192.in-addr.arpa
  dns.zone.reverse.ipv6: 5.9.6.9.3.a.f.7.3.9.1.4.2.4.d.f.ip6.arpa
  ipv4.address: 192.168.47.1/24
  ipv6.address: fd42:4193:7fa3:9695::1/64
  ipv6.nat: "true"
  network: UPLINK
  volatile.network.ipv4.address: 192.168.20.32
description: ""
name: internal-service
type: ovn
used_by:
- /1.0/instances/uptime-kuma?project=internal-services
- /1.0/instances/v2?project=internal-services
- /1.0/profiles/default?project=internal-services
- /1.0/profiles/uptime-kuma?project=internal-services
managed: true
status: Created
locations:
- labhost-01
- labhost-02
- labhost-03

avml · August 16, 2022, 11:08pm

Ok today I learned that you need to add core.dns_address to the physical network or at least one that is routed to the lxd hosts. I was able to solve this by adding core.dns_address as the same ip as my lxc cluster hosts and I was able to transfer all of the zones I created in lxd.