Hi there,
I've recently installed F-11 and am having a problem with networking between the host and guest with the default network configuration - specifically that the iptables rules for virbr0 are not being inserted by libvirt as they used to be under F-10.
I am using the default configuration of the firewall as shipped with F-11. The guest instance is a windowsXP image created under F-10 - I simply recreated the cconfig files by "creating" a new guest under virt-manager and pointing it to the disk image file. The guest boots up fine, but no networking. The output of iptables -L doesn't contain any reference to virbr0 or vnet0 (the latter automatically created when starting the guest OS) - I have confirmed virbr0 and vnet0 are present using ifconfig.. In case it's relevant this machine is using NetworkManager and has a single wired ethernet adapter configured with a static IP.
Any suggestions on how I can debug further ?
Thanks, jonathan
On Thu, 2009-06-25 at 19:43 +0100, Jonathan Underwood wrote:
Hi there,
I've recently installed F-11 and am having a problem with networking between the host and guest with the default network configuration - specifically that the iptables rules for virbr0 are not being inserted by libvirt as they used to be under F-10.
I am using the default configuration of the firewall as shipped with F-11. The guest instance is a windowsXP image created under F-10 - I simply recreated the cconfig files by "creating" a new guest under virt-manager and pointing it to the disk image file. The guest boots up fine, but no networking. The output of iptables -L doesn't contain any reference to virbr0 or vnet0 (the latter automatically created when starting the guest OS) - I have confirmed virbr0 and vnet0 are present using ifconfig.. In case it's relevant this machine is using NetworkManager and has a single wired ethernet adapter configured with a static IP.
Any suggestions on how I can debug further ?
# iptables --line-numbers -L -v -n
# chkconfig libvirtd --list
# virsh net-list --all Name State Autostart ----------------------------------------- default active yes
# virsh net-destroy default
# virsh net-start default
# virsh help |grep net attach-interface attach network interface detach-interface detach network interface domifstat get network interface stats for a domain net-autostart autostart a network net-create create a network from an XML file net-define define (but don't start) a network from an XML file net-destroy destroy a network net-dumpxml network information in XML net-edit edit XML configuration for a network net-list list networks net-name convert a network UUID to network name net-start start a (previously defined) inactive network net-undefine undefine an inactive network net-uuid convert a network name to network UUID
The rules that should be inserted are found in /var/lib/libvirt/iptables.
Hi Jonathan,
On Thu, 2009-06-25 at 19:43 +0100, Jonathan Underwood wrote:
Hi there,
I've recently installed F-11 and am having a problem with networking between the host and guest with the default network configuration - specifically that the iptables rules for virbr0 are not being inserted by libvirt as they used to be under F-10.
I am using the default configuration of the firewall as shipped with F-11. The guest instance is a windowsXP image created under F-10 - I simply recreated the cconfig files by "creating" a new guest under virt-manager and pointing it to the disk image file. The guest boots up fine, but no networking. The output of iptables -L doesn't contain any reference to virbr0 or vnet0 (the latter automatically created when starting the guest OS) - I have confirmed virbr0 and vnet0 are present using ifconfig.. In case it's relevant this machine is using NetworkManager and has a single wired ethernet adapter configured with a static IP.
Any suggestions on how I can debug further ?
Did you figure out what the issue here was?
Thanks, Mark.
Hi Mark,
2009/7/3 Mark McLoughlin markmc@redhat.com:
Did you figure out what the issue here was?
I am afraid I didn't get to the bottom of the problem because updated packages for F-11 libvirt appeared which I installed, and they fixed the problem. My observation was that with previous packages that a "service libvirtd [reload|restart]" wasn't recreating the needed iptables rules though. If it's useful I could dig deeper and try reinstalling the old packages and try to recreate the problem, but I'm not sure it's worth the trouble.
J.
-
Dale Bewley -
Jonathan Underwood -
Mark McLoughlin