LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud
User Name
Password
Linux - Virtualization and Cloud This forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.

Notices

Reply
 
Search this Thread
Old 01-19-2010, 12:20 PM   #1
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Rep: Reputation: 40
KVM networking: Firewall blocks traffic between guests on private network


Hi all.


I'm playing with KVM, and have three computers: My host and two guest, all running linux of course. The setup is like this:

Code:
Internet -- host -- virbr1 (private network) -- guest1 and guest2
             |
             |
            virbr0 (default KVM network)-- guest1
In words I have a private network defined which uses virbr1, while the default NET'ed KVM network uses virbr0.

Now for the first question, I'm having troubles setting up the firewall. For startes, I'm trying to get guest1 and guest2 to talk to one another on the private network. The host can reach both guests on that network, but they can't reach each other. I've set up forwarding by echoing "1" into /proc/sys/net/ipv4/ip_forward, but without success. Anyone knows why the bridge virbr1 don't forward packets?

Btw, I'm using guarddog to manipulate iptables, so advice on how to get things working using guarddog would be even better.


- kenneho
 
Old 01-19-2010, 08:57 PM   #2
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 4&5, Fedora 10, CentOS 5.4, IPCop
Posts: 569

Rep: Reputation: 55
Are you using SELinux? If so, have you tried this in Permissive mode rather than enforcing?
 
Old 01-21-2010, 03:44 AM   #3
sreeharsha.t
Member
 
Registered: Jan 2009
Location: Mumbai, India
Distribution: Fedora 9, 10,11, RHEL 5
Posts: 67

Rep: Reputation: 18
I guess you need to set virbr0 and virbr1 as trusted interfaces in the host's firewall.
 
Old 12-14-2010, 09:24 PM   #4
greenpoise
Member
 
Registered: Feb 2010
Posts: 37

Rep: Reputation: 2
I am having this exact same problem. Did you get it to work? also, my virbr0 automatically assigns my router ip address thus creating a mess in my network. I have to manually change it everytime the server is rebooted. Any leads??


thanks
 
Old 12-20-2010, 05:53 AM   #5
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Original Poster
Rep: Reputation: 40
Quote:
Originally Posted by greenpoise View Post
I am having this exact same problem. Did you get it to work? also, my virbr0 automatically assigns my router ip address thus creating a mess in my network. I have to manually change it everytime the server is rebooted. Any leads??


thanks
I don't think I got this up and running successfully. Since then I've reinstalled my computer, and are running guests on the default network setup.
 
Old 12-20-2010, 10:02 AM   #6
mazda
LQ Newbie
 
Registered: Dec 2010
Posts: 2

Rep: Reputation: 0
Thanks for the info.

With new information offline help too.........Thanks for the info.
 
Old 12-21-2010, 02:51 PM   #7
greenpoise
Member
 
Registered: Feb 2010
Posts: 37

Rep: Reputation: 2
Well just an update, I got this working. It was way simpler than what I thought. I was able to run everything with libvirt. I followed this instructions(just the part of bridge networking):

https://wiki.archlinux.org/index.php...ged_Networking



and then I started a new virtual guest using virt-manager remotely. Also note that when creating a virtual guest using virt-manager you have to explicitly type the bridge network which in this case was br0. I have connectivity between host/guests and LAN. Perfect and simple

Hope this helps anyone out there who struggled like I did.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
kvm: Reset root password on guests kenneho Linux - Virtualization and Cloud 3 12-28-2012 01:43 PM
KVM: How to set up a private network between guests and the host kenneho Linux - Virtualization and Cloud 1 01-17-2010 11:19 AM
work firewall blocks ssh traffic c_mitulescu Linux - Networking 3 07-12-2006 01:44 PM
Using joystick blocks network traffic Alucard243 Slackware 3 07-09-2005 09:41 PM
SuSE 9.2 - firewall blocks internal network cannabuz Linux - Networking 0 01-17-2005 08:34 AM


All times are GMT -5. The time now is 09:06 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration