Laine wrote:
> -----Original Message----- > From: sendmail [mailto:justsendmailnothinge...@gmail.com] On Behalf > Of Laine Stump > Sent: Tuesday, March 17, 2015 3:57 PM > To: libvirt-users@redhat.com > Cc: Lentes, Bernd > Subject: Re: [libvirt-users] still possible to use traditional bridge network > setup ? > > On 03/16/2015 01:07 PM, Lentes, Bernd wrote: > > Bernd wrote: > > > >> Laine wrote: > >> > >>> -----Original Message----- > >>> From: sendmail [mailto:justsendmailnothinge...@gmail.com] On > >> Behalf Of > >>> Laine Stump > >>> Sent: Monday, March 16, 2015 4:12 PM > >>> To: libvirt-users@redhat.com > >>> Cc: Lentes, Bernd > >>> Subject: Re: [libvirt-users] still possible to use traditional > >>> bridge network setup ? > >>> > >>> On 03/16/2015 10:08 AM, Lentes, Bernd wrote: > >>>> Hi, > >>>> > >>>> i'm currently installing a SLES 12 64bit system. > >>>> libvirt-client-1.2.5- > >>> 13.3.x86_64 and libvirt-daemon-1.2.5-13.3.x86_64. > >>>> Formerly I created my vm's (KVM) using a traditional bridge in my > >>>> host > >>> systems, mostly SLES 11 SP3. > >>>> But with SLES 12 I don't succeed. I can use the macvtap device in > >>>> the > >>> host, but I like to be able to communicate between host and guest. > >>>> Is the traditional bridge setup not any longer available ? > >>> Nothing has been removed in libvirt. Traditional bridges work just > fine. > >>> What failure did you see? > >> Hi Laine, > >> > >> thank you for your answer. Well, it simply does not work: > >> > >> this is my setup: > >> > >> pc63422:/etc/sysconfig/network # cat ifcfg-br0 BOOTPROTO='dhcp4' > >> TYPE='Bridge' > >> BRIDGE='yes' > >> DEVICE='br0' > >> BRIDGE_FORWARDDELAY='0' > >> BRIDGE_PORTS='eth0' > >> BRIDGE_STP='off' > >> BROADCAST='' > >> DHCLIENT_SET_DEFAULT_ROUTE='yes' > >> ETHTOOL_OPTIONS='' > >> IPADDR='' > >> MTU='' > >> NAME='' > >> NETMASK='' > >> NETWORK='' > >> REMOTE_IPADDR='' > >> STARTMODE='auto' > >> USERCONTROL='no > >> > >> pc63422:/etc/sysconfig/network # cat ifcfg-eth0 # > BOOTPROTO='dhcp' > >> BROADCAST='' > >> ETHTOOL_OPTIONS='' > >> IPADDR='' > >> MTU='' > >> NAME='' > >> NETMASK='' > >> NETWORK='' > >> REMOTE_IPADDR='' > >> STARTMODE='auto' > >> DHCLIENT_SET_DEFAULT_ROUTE='yes' > >> PREFIXLEN='' > >> BOOTPROTO='static' > >> USERCONTROL='no' > >> BRIDGE='br0' > >> > >> > >> guest.xml: > >> ... > >> <interface type='bridge'> > >> <mac address='52:54:00:37:92:b1'/> > >> <source bridge='br0'/> > >> <model type='rtl8139'/> > >> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' > >> function='0x0'/> > >> </interface> > >> ... > >> > >> pc63422:/etc/sysconfig/network # ip addr > >> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state > UNKNOWN > >> group default > >> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > >> inet 127.0.0.1/8 scope host lo > >> valid_lft forever preferred_lft forever > >> inet6 ::1/128 scope host > >> valid_lft forever preferred_lft forever > >> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > pfifo_fast > >> master br0 state UP group default qlen 1000 > >> link/ether 78:24:af:9c:bd:a6 brd ff:ff:ff:ff:ff:ff > >> inet6 fe80::7a24:afff:fe9c:bda6/64 scope link > >> valid_lft forever preferred_lft forever > >> 27: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > noqueue > >> state UP group default > >> link/ether 78:24:af:9c:bd:a6 brd ff:ff:ff:ff:ff:ff > >> inet 10.35.34.115/24 brd 10.35.34.255 scope global br0 > >> valid_lft forever preferred_lft forever > >> inet6 fe80::7a24:afff:fe9c:bda6/64 scope link > >> valid_lft forever preferred_lft forever > >> 28: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc > >> pfifo_fast master br0 state UNKNOWN group default qlen 500 > >> link/ether fe:54:00:37:92:b1 brd ff:ff:ff:ff:ff:ff > >> inet6 fe80::fc54:ff:fe37:92b1/64 scope link > >> valid_lft forever preferred_lft forever > >> > >> > >> Attached is what I choose during creation of the vm. It's german, > >> network source means something like "name of the shared device". > >> > >> I attached the host to a network hub to be able to sniff all packets. > >> But I don't see any packet from the guest. E.g. I choosed "dhclient" > >> after booting a knoppix cd in the guest, but no packet from the > >> guest. Also using a windows 7 installation cd - no packet from the > >> guest. But I see packets from the host. > > Hi, > > > > using the above mentioned setup, i booted the guest using a knoppix > cd. Inside the guest I configured the ip address statically. I can ping from > host to guest and vice versa, but nothing else. Of course the host is able > to connect everything, but the guest just reaches the host. > > I assume your dhcp server is on a different machine (since your host is > also using dhcp on that interface), so if communication between the > guest and the outside didn't work later, it's not going to work for dhcp > either. The most common two causes of this symptom in a bridged setup > are: > > 1) there are iptables rules in place (on the host) that prevent the traffic > crossing the bridge, and the bridge module tunable net.bridge.bridge-nf- > call-iptables is set to 1 (on the host). You can determine this by running: > > sysctl net.bridge.bridge-nf-call-iptables > > If it's set to 1, set it to 0 with: > > sysctl -w net.bridge.bridge-nf-call-iptables=0 > > (Note that as of kernel 3.17 filtering of packets on the bridge isn't on by > default any more, and a new module called br_netfilter must be loaded > for it to take place. So if your kernel is 3.17 or newer, this probably > *isn't* your problem) > > 2) the switch connecting your host to the network only allows a single (or > particular) mac address on the port used to connect the host. If this is the > problem, then you'll need to talk to your network administrator. Hi Laine, the reason was the firewall. Thanks for your tip ! Bernd Helmholtz Zentrum München Deutsches Forschungszentrum für Gesundheit und Umwelt (GmbH) Ingolstädter Landstr. 1 85764 Neuherberg www.helmholtz-muenchen.de Aufsichtsratsvorsitzende: MinDir´in Bärbel Brumme-Bothe Geschäftsführer: Prof. Dr. Günther Wess, Dr. Nikolaus Blum, Dr. Alfons Enhsen Registergericht: Amtsgericht München HRB 6466 USt-IdNr: DE 129521671 _______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users
