> > On my 6.5 x64 system my bridged KVM guests (several kind
> > of Windows and
> many kind of Linux guests) do not get the broadcast messages. Every network
> packets reach them from the subnet except broadcast and multicast messages.
> How can that be?
My desk notes indicate we do this locally, so we can see
messaged transit iptables:
Next we have to make sure that network traffic going across
the bridge(s) can be filtered. So...
cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
EOF
sysctl -p /etc/sysctl.conf
and in iptables this rule
-A FORWARD -m physdev --physdev-is-bridged -j ACCEPT
and ip6tables
-A RH-Firewall-1-INPUT -m physdev --physdev-is-bridged -j ACCEPT
As I recall the need to do this is documented, but obscure,
involving ebtables and iptables (ip6tables)
-- Russ herrold
