Public bug reported: The default masquerade rule appears to be:
iptables -t nat -A POSTROUTING -s 192.168.122.0/24 -j MASQUERADE but this causes all internally routed guest to guest traffic to be masqueraded too (breaking such things as redhat cluster dlm connections in my case). replacing the rule with the following seems to be a good solution: iptables -t nat -A POSTROUTING -s 192.168.122.0/24 -d ! 192.168.122.0/24 -j MASQUERADE ** Affects: libvirt (Ubuntu) Importance: Undecided Status: New -- overzealous masquerading affects vm to vm traffic https://bugs.launchpad.net/bugs/227837 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs