Hi Serge,
I have br0 correctly set up on my host.
ifconfig br0
br0 Link encap:Ethernet HWaddr c8:1f:66:e2:90:49
inet addr:175.91.242.203 Bcast:175.91.247.255 Mask:255.255.248.0
inet6 addr: fe80::ca1f:66ff:fee2:9049/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2738640 errors:0 dropped:4197 overruns:0 frame:0
TX packets:211133 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:548029766 (548.0 MB) TX bytes:149502426 (149.5 MB)
I have read the link that you pointed. But I don't understand why I
need the following steps.
~~~
The final step is to disable netfilter on the bridge:
# cat >> /etc/sysctl.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
EOF
# sysctl -p /etc/sysctl.conf
It is recommended to do this for performance and security reasons. See
Fedora bug #512206. Alternatively you can configure iptables to allow
all traffic to be forwarded across the bridge:
# echo "-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT" >
/etc/sysconfig/iptables-forward-bridged
# lokkit --custom-rules=ipv4:filter:/etc/sysconfig/iptables-forward-bridged
# service libvirtd reload
~~~
Here is what I have for the firewall on the host. Is netfilter just
for firewall?
~~~
$ sudo ufw app list
[sudo] password for pengy:
Available applications:
OpenSSH
$ sudo ufw status
Status: inactive
~~~
Anyway, I used the following command to create a bridge virtual
machine. During the installation of ubuntu on the virtual machine, it
can not recognize network, so I have to manually put the IP address,
network mask, gateway, etc.
sudo virt-install -n web_devel_bridge -r 4096 --disk
path=$PWD/web_devel_bridge.img,bus=virtio,size=8 -c
../ubuntu-13.10-server-amd64.iso --network bridge=br0,model=virtio
--graphics vnc,listen=0.0.0.0 --noautoconsole -v
The rest of the steps are the same (as on
https://help.ubuntu.com/13.10/serverguide/libvirt.html). Then, I can
ssh/ping the specified IP address of the virtual machine from the host
and I can ssh/ping the IP address of the host from the virtual
machine. But I'm not able to ping/ssh the IP address of the machine
outside the host.
Do you think this is a local network setup issue? Or a setup issue on
the host? Thanks.
On Wed, Mar 12, 2014 at 5:43 PM, Serge Hallyn <serge.hal...@ubuntu.com> wrote:
> Quoting Serge Hallyn (serge.hal...@ubuntu.com):
>> Quoting Peng Yu (pengyu...@gmail.com):
>> > Hi,
>> >
>> > https://help.ubuntu.com/13.10/serverguide/libvirt.html
>> >
>> > I followed the instructions and I'm able to create a host and access
>> > it. But its IP is something like 192.168.x.x, which is not accessible
>> > outside the host. Could anybody let me know how to create a guest with
>> > fixed IPs so that they can be accessed from outside? Thanks.
>>
>> Not really, because it depends on your host and network setup.
>> But, the easiest way in general is to bridge a nic on your host
>> and use that bridge for your VMs. Then the dhcp server serving
>> your host will handle your VMs and give them public IPs.
>
> In particular, see the Ubuntu section under
>
> http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
>
> -serge
--
Regards,
Peng
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
