LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   KVM on Redhat 5.7: KVM can ping outside network, outside network can't ping KVM (http://www.linuxquestions.org/questions/linux-networking-3/kvm-on-redhat-5-7-kvm-can-ping-outside-network-outside-network-cant-ping-kvm-904395/)

svandyk 09-22-2011 05:53 AM

KVM on Redhat 5.7: KVM can ping outside network, outside network can't ping KVM
 
Hi there

I've set up a RHEL5.7 server [172.16.1.197] and created a RHEL5.7 KVM [172.16.1.200].

Its possible for the KVM [.200] to ping any server on the network:

Code:

[root@172.16.1.200 ~]# ping 172.16.1.123
PING 172.16.1.123 56(84) bytes of data
64 bytes from 172.16.1.123 icmp_seq=1 ttl=64 time=1.01 ms

but whenever i try and ping .200 from any other server [even on the host machine ~ .197] i get the following:

Quote:

[from 172.16.1.197] ping 172.16.1.200
PING 172.16.1.200 (172.16.1.200) 56(84) bytes of data.
From 172.16.1.197 icmp_seq=2 Destination Host Unreachable
From 172.16.1.197 icmp_seq=3 Destination Host Unreachable
i have configured the host and guest as per the following link:

Here

Here is the 'virsh edit <KVMHOSTNAME>
Code:

<interface type='bridge'>
      <mac address= {MAC ADDRESS)/>
      <source bridge='br0'/>
      <model type='virtio'/>
    </interface>

Host server:

Code:

[root@172.16.1.197~]# brctl show
bridge name    bridge id              STP enabled    interfaces
br0            8000.782bcb44012b      no              vnet0
                                                        eth0
virbr0          8000.000000000000      yes

changes in /etc/sysctl.conf

Code:

net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

contents of ifcfg-eth0 [on host]

Code:

[root@172.16.1.197network-scripts]# vi ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
HWADDR={MAC ADDRESS}
ONBOOT=yes
BRIDGE=br0
NM_CONTROLLED=no

contents of ifcfg-br0 [on host]

Code:

DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
HWADDR={MAC ADDRESS}
IPADDR=172.16.1.197
NETMASK=255.255.255.0
GATEWAY=172.16.1.1
ONBOOT=yes
DELAY=0
NM_CONTROLLED=no

EDIT: i have switched off iptables on both host and guest system, still cannot reach the system.

I don't understand why other servers cant see the .200 at this point. any help will be greatly appreciated!

dilbert_uk 09-23-2011 06:45 AM

From the command line of the .200, can you ping the local host 127.0.0.1?


All times are GMT -5. The time now is 09:34 AM.