Robert Strickler píše v St 17. 09. 2014 v 18:49 -0700: > I am trying to define a network tht just bridges the traffic between > the virtual machine network and the LAN attached to eth0 > > > No dnsmasq/dhcp as it is difficult to impossible to tie dnsmasq to the > master ISC servers on the LAN. > > > It should forward/receive packets like a standard hardware bridge > The virtual guests should get their addressing from the dhcp server on > the LAN and DNS from the server as well. > > > with the following I can not get dhcp discover reply from the LAN > server, nor can I manually code the IP/gateway/DNS and ping the hard > address (172.30.2.33) can anyone tell me what I am missing? Vhost and > vguest are both CENTOS7
There is longstanding bug in Fedora (from F13 to F20, CentOS7 incl.) which breaks bridge communication for libvirt. It is combination of systemd/NetworkManager/firewalld/libvirtd. See: https://bugzilla.redhat.com/show_bug.cgi?id=634736 and solution is described in: man sysctl.d If you disable firewalld and it will work you have the same problem. Or you can check if sysctl returns 0 or 1 for bridge (0 is correct for bridge settings) sysctl -a | grep bridge net.bridge.bridge-nf-call-arptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 or net.bridge.bridge-nf-call-arptables = 0 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 One solution is to create udev rule: echo 'ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="/usr/lib/systemd/systemd-sysctl --prefix=/proc/sys/net/bridge"' > /etc/udev/rules.d/99-bridge.rules It works for me. Pavel > ====================== > <networkstatus> > <class_id bitmap='0-2'/> > <floor sum='0'/> > <network> > <name>plain</name> > <uuid>31f78c2c-257d-4c57-82e5-0c53deadbeef</uuid> > <forward mode='bridge'/> > <bridge name='virbr1' /> > <mac address='52:54:00:b1:34:77'/> > <domain name='plain'/> > <ip address='172.30.2.1' netmask='255.255.255.0'> > <dhcp relay='yes'/> > <dhcp enable='no' relay='yes'/> > <!-- > The relay will not be started if the "enable" property is 'no': > --> > </ip> > </network> > </networkstatus> > =========================== > > > A routed environment would be acceptable, but bridged is better as it > should not be required to change my routing on the gateway router > > > TIA, > Bob > _______________________________________________ > virt mailing list > virt@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/virt -- Pavel Lisý <pavel.l...@tmapy.cz> _______________________________________________ virt mailing list virt@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/virt
