1:43 p.m.
Hi there,
I've recently installed F-11 and am having a problem with networking
between the host and guest with the default network configuration -
specifically that the iptables rules for virbr0 are not being inserted
by libvirt as they used to be under F-10.
I am using the default configuration of the firewall as shipped with
F-11. The guest instance is a windowsXP image created under F-10 - I
simply recreated the cconfig files by "creating" a new guest under
virt-manager and pointing it to the disk image file. The guest boots
up fine, but no networking. The output of iptables -L doesn't contain
any reference to virbr0 or vnet0 (the latter automatically created
when starting the guest OS) - I have confirmed virbr0 and vnet0 are
present using ifconfig.. In case it's relevant this machine is using
NetworkManager and has a single wired ethernet adapter configured with
a static IP.
Any suggestions on how I can debug further ?
Thanks,
jonathan
11:21 a.m.
On Thu, 2009-06-25 at 19:43 +0100, Jonathan Underwood wrote:
Hi there,
I've recently installed F-11 and am having a problem with networking
between the host and guest with the default network configuration -
specifically that the iptables rules for virbr0 are not being inserted
by libvirt as they used to be under F-10.
I am using the default configuration of the firewall as shipped with
F-11. The guest instance is a windowsXP image created under F-10 - I
simply recreated the cconfig files by "creating" a new guest under
virt-manager and pointing it to the disk image file. The guest boots
up fine, but no networking. The output of iptables -L doesn't contain
any reference to virbr0 or vnet0 (the latter automatically created
when starting the guest OS) - I have confirmed virbr0 and vnet0 are
present using ifconfig.. In case it's relevant this machine is using
NetworkManager and has a single wired ethernet adapter configured with
a static IP.
Any suggestions on how I can debug further ?
# iptables --line-numbers -L -v -n
# chkconfig libvirtd --list
# virsh net-list --all
Name State Autostart
-----------------------------------------
default active yes
# virsh net-destroy default
# virsh net-start default
# virsh help |grep net
attach-interface attach network interface
detach-interface detach network interface
domifstat get network interface stats for a domain
net-autostart autostart a network
net-create create a network from an XML file
net-define define (but don't start) a network from an XML file
net-destroy destroy a network
net-dumpxml network information in XML
net-edit edit XML configuration for a network
net-list list networks
net-name convert a network UUID to network name
net-start start a (previously defined) inactive network
net-undefine undefine an inactive network
net-uuid convert a network name to network UUID
The rules that should be inserted are found
in /var/lib/libvirt/iptables.
10:59 a.m.
Hi Jonathan,
On Thu, 2009-06-25 at 19:43 +0100, Jonathan Underwood wrote:
Hi there,
I've recently installed F-11 and am having a problem with networking
between the host and guest with the default network configuration -
specifically that the iptables rules for virbr0 are not being inserted
by libvirt as they used to be under F-10.
I am using the default configuration of the firewall as shipped with
F-11. The guest instance is a windowsXP image created under F-10 - I
simply recreated the cconfig files by "creating" a new guest under
virt-manager and pointing it to the disk image file. The guest boots
up fine, but no networking. The output of iptables -L doesn't contain
any reference to virbr0 or vnet0 (the latter automatically created
when starting the guest OS) - I have confirmed virbr0 and vnet0 are
present using ifconfig.. In case it's relevant this machine is using
NetworkManager and has a single wired ethernet adapter configured with
a static IP.
Any suggestions on how I can debug further ?
Did you figure out what the issue here was?
Thanks,
Mark.
11:29 a.m.
New subject: F-11 libvirt no longer creating firewall/iptables rules for virtual network?
Hi Mark,
2009/7/3 Mark McLoughlin <markmc(a)redhat.com>:
Did you figure out what the issue here was?
I am afraid I didn't get to the bottom of the problem because updated
packages for F-11 libvirt appeared which I installed, and they fixed
the problem. My observation was that with previous packages that a
"service libvirtd [reload|restart]" wasn't recreating the needed
iptables rules though. If it's useful I could dig deeper and try
reinstalling the old packages and try to recreate the problem, but I'm
not sure it's worth the trouble.
J.
5410
days inactive
5418
days old
3 comments
3 participants
participants (3)
-
Dale Bewley -
Jonathan Underwood -
Mark McLoughlin