Public bug reported:
The default masquerade rule appears to be:
iptables -t nat -A POSTROUTING -s 192.168.122.0/24 -j MASQUERADE
but this causes all internally routed guest to guest traffic to be
masqueraded too (breaking such things as redhat cluster dlm connections
in my case).
replacing the rule with the following seems to be a good solution:
iptables -t nat -A POSTROUTING -s 192.168.122.0/24 -d ! 192.168.122.0/24
-j MASQUERADE
** Affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
--
overzealous masquerading affects vm to vm traffic
https://bugs.launchpad.net/bugs/227837
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
