systemd-networkd, bridge and containers: unable to ping host from guest

Thu, 11 Jul 2019 06:45:45 -0700 

Hello,

In my machine (4.19.0-5-amd64 #1 SMP Debian 4.19.37-5 (2019-06-19) x86_64 
GNU/Linux) I've setup a bridge with systemd-networkd.

I've then setup a systemd-nspawn container and some virtual machines with 
qemu/virt-manager (Debian and Windows10 guest).

The problem I'm encountering is that in all guests (Debian and Windows, DHCP or 
static IP configurations) I'm never able to ping the host system. From the host 
I'm instead able to ping the guest.
In the guests everything else seems to work and I'm able to reach the internet 
as expected.

Can someone kindly give me some hint on how to solve this issue?

I really don't know if it's related to systemd-networkd, Debian, iptables...
I'm therefore posting here this question, but I'm open to suggestions for a 
more appropriate place to ask for assistance...

The configuration files are:

`/etc/systemd/network/br0.netdev`:
[NetDev]
Name=br0
Kind=bridge
MACAddress=08:60:6e:d6:4d:7b


`/etc/systemd/network/br0.network`:
[Match]
Name=en*

[Network]
Bridge=br0


`/etc/systemd/network/20-wired.network`:
[Match]
Name=br0

[Network]
DNS=172.17.0.10
DNS=172.17.0.20

[Address]
Address=172.17.1.48/16

[Route]
Gateway=172.17.0.1


`ip a` on the host:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master 
br0 state UP group default qlen 1000
    link/ether 08:60:6e:d6:4d:7b brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a60:6eff:fed6:4d7b/64 scope link 
       valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group 
default qlen 1000
    link/ether 08:60:6e:d6:4d:7b brd ff:ff:ff:ff:ff:ff
    inet 172.17.1.48/16 brd 172.17.255.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::a60:6eff:fed6:4d7b/64 scope link 
       valid_lft forever preferred_lft forever
6: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master 
br0 state UNKNOWN group default qlen 1000
    link/ether fe:54:00:9c:89:fa brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc54:ff:fe9c:89fa/64 scope link 
       valid_lft forever preferred_lft forever
7: vb-sidcontaine@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue 
master br0 state UP group default qlen 1000
    link/ether da:a4:31:ec:1e:57 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::d8a4:31ff:feec:1e57/64 scope link 
       valid_lft forever preferred_lft forever


`brctl show` on the host:
bridge name     bridge id               STP enabled     interfaces
br0             8000.08606ed64d7b       no              enp3s0
                                                        vb-sidcontaine
                                                        vnet0

with vb-sidcontainer = systemd-nspawn container
vnet0 = qemu VM

Peace,

-- 
                                        ~ Sandro ~

Attachment: signature.asc
Description: PGP signature

Reply via email to