On Sun, 2008-07-27 at 09:17 -0400, Bill Davidsen wrote:
> Avi Kivity wrote:
> > Bill Davidsen wrote:
> >>
> >> I have been discussing this (on this list) in another thread. Putting
> >> tcpdump on the eth0 device in the VM, the br0 device in the host, and
> >> the eth0 (physical NIC) in the host, you can see that when the VM
> >> generates a DHCP request it shows up on the br0 in the host, but
> >> never gets sent on the wire by eth0.
> >>
> >> That's the point of failure, at least using RHEL5/FC6/kvm-66 as the
> >> environment.
> >
> > Does playing with the bridge forward delay ('brctl setfd') help?
> >
> Update: Redhat has a user chain in iptables shared between INPUT and
> FORWARD (bad idea) which doesn't pass bootp packets by default.
Yeah, I've been trying to get that rule changed to allow all bridged
packets to be forwarded by default. See:
https://bugzilla.redhat.com/221828
> Adding
> the following rules to that table solved the DHCP for me.
>
> ACCEPT udp -- anywhere anywhere udp
> spt:bootps dpt:bootpc
> ACCEPT udp -- anywhere anywhere udp
> spt:bootpc dpt:bootps
>
> This seems to solve my problem, I just have to make it part of my "start
> kvm" procedure.
See here:
http://wiki.libvirt.org/page/Networking
in the 'Bridged networking (aka "shared physical device")' section:
# echo "-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT" >
/etc/sysconfig/iptables-forward-bridged
# lokkit --custom-rules=ipv4:filter:/etc/sysconfig/iptables-forward-bridged
# service libvirtd reload
Cheers,
Mark.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
