Oleg a écrit :
On Sat, Feb 05, 2011 at 12:57:16PM +0100, Pascal Hambourg wrote:
Another option may be to use a virtual network between virtual machines
instead of a bridge, so the host does not see the traffic between them.
I don't know whether KVM provides such option, otherwise VDE (vde2)
Oleg a écrit :
On Fri, Feb 04, 2011 at 03:54:20PM +0100, Pascal Hambourg wrote:
Any ideas?
Yes, one : just another case of undesirable interaction between bridge
and netfilter (aka bridge-netfilter).
[...]
Setting sysctl net.bridge.bridge-nf-call-iptables=0 to disable passing
bridged
On Sat, Feb 05, 2011 at 12:57:16PM +0100, Pascal Hambourg wrote:
Oleg a ?crit :
On Fri, Feb 04, 2011 at 03:54:20PM +0100, Pascal Hambourg wrote:
Any ideas?
Yes, one : just another case of undesirable interaction between bridge
and netfilter (aka bridge-netfilter).
[...]
Setting
Sorry. I forgot about routes on the host machine:
host:~# ip rou
192.168.100.0/24 dev tap0 proto kernel scope link src 192.168.100.2
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.254
192.168.200.0/24 via 192.168.100.1 dev tap0
default via 192.168.0.1 dev eth0
On Thu, Feb 03,
Hello,
Oleg a écrit :
INET -- (eth0)[host](tap0) -- [kvm1] -- [kvm2]
host:~# iptables-save
# Generated by iptables-save v1.4.10 on Thu Feb 3 15:53:45 2011
*nat
:PREROUTING ACCEPT [158:19117]
:INPUT ACCEPT [142:17947]
:OUTPUT ACCEPT [1273:77619]
:POSTROUTING ACCEPT [23:1515]
-A
On Fri, Feb 04, 2011 at 03:54:20PM +0100, Pascal Hambourg wrote:
Hello,
Oleg a ?crit :
INET -- (eth0)[host](tap0) -- [kvm1] -- [kvm2]
host:~# iptables-save
# Generated by iptables-save v1.4.10 on Thu Feb 3 15:53:45 2011
*nat
:PREROUTING ACCEPT [158:19117]
:INPUT ACCEPT
Hi.
I have a strange behaviour of iptables nat. I use several kvm instances on
my host machine in the next configuration:
INET -- (eth0)[host](tap0) -- [kvm1] -- [kvm2]
another view:
INET
^
|
192.168.0.178/24
[host]
7 matches
Mail list logo
