[fedora-virt] KVM bridge wonkiness in Fedora19

Daniel Sanabria sanabria.d at gmail.com
Wed Aug 7 08:52:51 UTC 2013 

can you share your iptables config (iptables --list --numeric)?

make sure you have a forward rule that matches when the physical device is
bridge.

Cheers,

Daniel


On 7 August 2013 06:19, Udayendu Sekhar kar <udayendu.kar at gmail.com> wrote:

> Hi there,
>
> I am using Fedora 19 and configured the bridge when my "NetworkManager" is
> enabled. I am configuring the VPN through "NetworkManager", so I have to
> keep it on. Here is the configuration from my test system which is working
> absolutely fine.
>
>
> ===========
> # brctl show
> bridge name bridge id STP enabled interfaces
> br0 0080.5c260a8373dd no em1
> virbr0 8000.5254004f366e yes virbr0-nic
>
> # cat /etc/sysconfig/network-scripts/ifcfg-em1
> # Generated by dracut initrd
> DEVICE="em1"
> ONBOOT=yes
> UUID="61632098-7161-42da-b97f-9e60148f589c"
> BOOTPROTO="dhcp"
> HWADDR="xx:xx:xx:xx:xx:xx"
> TYPE=Ethernet
> NAME="em1"
> BRIDGE="br0"
>
> # cat /etc/sysconfig/network-scripts/ifcfg-br0
> DEVICE="br0"
> BOOTPROTO="dhcp"
> TYPE="Bridge"
> HWADDR="xx:xx:xx:xx:xx:xx"
> MTU=9000
> ONBOOT="yes"
>
>
> # systemctl status NetworkManager.service
> NetworkManager.service - Network Manager
>    Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled)
>    Active: active (running) since Wed 2013-08-07 10:21:41 IST; 15min ago
>  Main PID: 736 (NetworkManager)
>    CGroup: name=systemd:/system/NetworkManager.service
>            ├─ 736 /usr/sbin/NetworkManager --no-daemon
>            └─1165 /sbin/dhclient -d -sf /usr/libexec/nm-dhcp-client.action
> -pf /var/run/dhclient-br0.pid -lf
> /var/lib/NetworkManager/dhclient-d2d68553-f97e-7549-7a26-b34a26f29318-br0.lease
> -cf /var/lib/Ne...
>
> Aug 07 10:21:56 fedora.virt NetworkManager[736]: <info>   domain search '
> pnq.redhat.com.'
> Aug 07 10:21:56 fedora.virt NetworkManager[736]: <info>   domain search '
> redhat.com.'
> Aug 07 10:21:56 fedora.virt NetworkManager[736]: <info> Activation (br0)
> Stage 5 of 5 (IPv4 Configure Commit) scheduled...
> Aug 07 10:21:56 fedora.virt NetworkManager[736]: <info> Activation (br0)
> Stage 5 of 5 (IPv4 Commit) started...
> Aug 07 10:21:57 fedora.virt NetworkManager[736]: <info> (br0): device
> state change: ip-config -> secondaries (reason 'none') [70 90 0]
> Aug 07 10:21:57 fedora.virt NetworkManager[736]: <info> Activation (br0)
> Stage 5 of 5 (IPv4 Commit) complete.
> Aug 07 10:21:57 fedora.virt NetworkManager[736]: <info> (br0): device
> state change: secondaries -> activated (reason 'none') [90 100 0]
> Aug 07 10:21:57 fedora.virt NetworkManager[736]: <info> Policy set 'Bridge
> br0' (br0) as default for IPv4 routing and DNS.
> Aug 07 10:21:57 fedora.virt NetworkManager[736]: <info> Activation (br0)
> successful, device activated.
> ============
>
> This configuration will help you to configure the bridge interface over
> your em1 device while NetworkManager is on and also you can use the
> NetworkManager to configure the VPN.
>
>
> Thanks,
> Uday !
>
>
>
>
>
>
>
> On Wed, Aug 7, 2013 at 4:30 AM, Lonni J Friedman <netllama at gmail.com>wrote:
>
>> Greetings,
>> I'm attempting to get several virtual machines setup on a Fedora19
>> host system, with the traditional bridge network devices (br0, br1,
>> etc).   I've done this many times before with older versions of Fedora
>> (16, 14, etc), and it just works.  However, for reasons that I cannot
>> figure out, the bridge doesn't seem to be working in Fedora19.  While
>> I can successfully connect to the outside world (local network +
>> internet) from inside a VM, nothing can communicate with the VM from
>> outside (local network).  I'm referring to something as trivial as
>> pinging.  From inside the VM, I can ping anything successfully (0%
>> packet loss).  However, from outside the VM (on the host, or any other
>> system on the same network), I see 100% packet loss when pinging the
>> IP address of the VM.
>>
>> My first question is simply, does anyone else have this working
>> successfully in F19?  And if so, what steps did you need to follow?
>>
>> I'm not using NetworkManager at all, its all the network service.
>> There are no firewalls involved anywhere (iptables & firewall services
>> are currently disabled).  Here's the current host configuration:
>>
>>     # brctl show
>>     bridge name    bridge id        STP enabled    interfaces
>>     br0        8000.38eaa792efe5    no        em2
>>                                 vnet1
>>     br1        8000.38eaa792efe6    no        em3
>>     br2        8000.38eaa792efe7    no        em4
>>                                 vnet0
>>     virbr0        8000.525400db3ebf    yes        virbr0-nic
>>
>>     # more /etc/sysconfig/network-scripts/ifcfg-em2
>>     TYPE=Ethernet
>>     BRIDGE="br0"
>>     NAME=em2
>>     DEVICE="em2"
>>     UUID=aeaa839e-c89c-4d6e-9daa-79b6a1b919bd
>>     ONBOOT=yes
>>     HWADDR=38:EA:A7:92:EF:E5
>>     NM_CONTROLLED="no"
>>
>>     # more /etc/sysconfig/network-scripts/ifcfg-br0
>>     TYPE=Bridge
>>     NM_CONTROLLED="no"
>>     BOOTPROTO=dhcp
>>     NAME=br0
>>     DEVICE="br0"
>>     ONBOOT=yes
>>
>>     # ifconfig em2 ;ifconfig br0
>>     em2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>             inet6 fe80::3aea:a7ff:fe92:efe5  prefixlen 64  scopeid
>> 0x20<link>
>>             ether 38:ea:a7:92:ef:e5  txqueuelen 1000  (Ethernet)
>>             RX packets 100093  bytes 52354831 (49.9 MiB)
>>             RX errors 0  dropped 0  overruns 0  frame 0
>>             TX packets 25321  bytes 15791341 (15.0 MiB)
>>             TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>             device memory 0xf7d00000-f7e00000
>>
>>     br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>             inet 10.31.99.226  netmask 255.255.252.0  broadcast
>> 10.31.99.255
>>             inet6 fe80::3aea:a7ff:fe92:efe5  prefixlen 64  scopeid
>> 0x20<link>
>>             ether 38:ea:a7:92:ef:e5  txqueuelen 0  (Ethernet)
>>             RX packets 19619  bytes 1963328 (1.8 MiB)
>>             RX errors 0  dropped 0  overruns 0  frame 0
>>             TX packets 11  bytes 1074 (1.0 KiB)
>>             TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>
>> Relevant section from /etc/libvirt/qemu/foo.xml (one of the VMs with
>> this problem):
>>
>>     <interface type='bridge'>
>>           <mac address='52:54:00:26:22:9d'/>
>>           <source bridge='br0'/>
>>           <model type='virtio'/>
>>           <address type='pci' domain='0x0000' bus='0x00' slot='0x03'
>> function='0x0'/>
>>     </interface>
>>
>> I can provide additional information, if requested.  thanks!
>> _______________________________________________
>> virt mailing list
>> virt at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/virt
>
>
>
>
> --
> Thanks & Regards
> Udayendu Sekhar Kar
> mob: +919021499827
>
> _______________________________________________
> virt mailing list
> virt at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/virt
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/virt/attachments/20130807/eb484e2c/attachment-0001.html>

More information about the virt mailing list