On 04/29/13 19:29, Paolo Bonzini wrote: > Il 29/04/2013 01:52, Laszlo Ersek ha scritto: >> I inserted the following rule at the second position manually: >> >> Chain POSTROUTING (policy ACCEPT 79 packets, 6075 bytes) >> pkts bytes target prot opt in out source >> destination >> 0 0 MASQUERADE tcp -- * * 192.168.122.0/24 >> !192.168.122.0/24 masq ports: 1024-65535 >> 1 362 ACCEPT udp -- * * 192.168.122.0/24 >> 255.255.255.255 <---- here >> 1 362 MASQUERADE udp -- * * 192.168.122.0/24 >> !192.168.122.0/24 masq ports: 1024-65535 >> 0 0 MASQUERADE all -- * * 192.168.122.0/24 >> !192.168.122.0/24 >> >> And then dhcp started to work from the shell2 command line. >> >> OTOH, now routing is broken for me too, just as for Duane (I can't ping >> anything, public IP or default GW on virbr0), but I'll post about that >> in a separate email (in the "OVMF networking for real this time" >> thread). > > It's not clear routing is broken for you even with non-OVMF guests. > > In other words, is this a libvirt bug or is the above rule just a > workaround?
I don't have any problems once the guest OS has booted up, be that RHEL-6, F19, or Windows 8; their networking works fine. I suspect that DHCP clients in these guest OSes don't care about (= don't enforce) the source port of the DHCP offer. The masquerading probably happens each time (it was captured in Gerd's tcpdump as well), but guests usually don't care. I would call that a libvirt bug that hasn't bothered anyone yet. OVMF is the first networked guest that cares. Laszlo ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
