Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
11-04-2013, 06:18 PM
|
#1
|
LQ Newbie
Registered: Nov 2013
Posts: 3
Rep:
|
KVM Nested VM Networking Issue..PLz Help
I have a problem in communication between the host and the nested VM.This is my layout.
I have installed KVM on host machine having a single nic interface (public ip) running Ubuntu.On top of this,I have VM running Ubuntu.I have installed KVM in this VM too.I then have a VM inside this running a web server. I am able to ping the host from this web server VM and ssh into it.But from host to VM ,ping is being unsuccessful.
The VM (named L1hyp) on host was created using libvirt-manager and has IP of 192.168.122.8. The vswitch interface created at host is in default config (NAT-ed). Its IP is 192.168.122.1.
Now this VM is also having a vswitch interface which is in default config (NAT-ed).Its IP is 192.168.100.1. The Web server VM is created on top of this L1hyp VM, is having an IP of 192.168.100.186. The Webserver VM uses 192.168.100.1 as its default gw. The L1hyp uses 192.168.122.1 as its default gw.
From Host:
ping 192.168.122.8 - SUCCEEDS
ping 192.168.122.1 - SUCCEEDS
ping 192.168.100.1 - SUCCEEDS
ping 192.168.100.186 - FAILS
Comes up with Destination Host Unreachable From 192.168.122.1
But there is route to 192.168.100.0/24 subnet from host.Ping to 192.168.100.1 succeeds.
From Webserver VM:
ping 192.168.100.1 - SUCCEEDS
ping 192.168.122.1 - SUCCEEDS
SSH from web server VM to host succeeds.
Can anyone help me out what needs to be modified to have two way communication between the host and Webserver VM at the earliest?
I am pondering over this problem for over a week now..
|
|
|
11-05-2013, 04:51 AM
|
#2
|
LQ Veteran
Registered: Sep 2003
Posts: 10,532
|
Running a VM inside another VM (nested) isn't supported by most (if not all) VM's. I personally don't see the point in doing so....
That said: I have seen people do this, but a lot of trail and error was needed to get it to work.
Do a internet search (example: linux vm inside vm) if you still want to nest VM's. Maybe you'll get lucky and someone has succeeded in setting up your scenario.
|
|
|
11-08-2013, 05:07 PM
|
#3
|
Member
Registered: Sep 2012
Distribution: RHEL5/6, CentOS5/6
Posts: 218
Rep:
|
can you ping the WebserverVM from your L1hyp?
if you would sniff for IP packets on all your machines, can you follow the ICMP packet path all the way through, e.g. see it coming in into WebserverVM, travelling L1hyp, leaving host and all the way back?
Usually your scenario should just work. I'm using similar setups (vm in vm) wuite often while setting up test servers in virtual environments, which is a clone of a production server running on bare metal and hosting a few VMs.
This can certainly done by KVM (I'm using RHEL/CentOS5.9/6.4)
|
|
|
11-08-2013, 05:11 PM
|
#4
|
LQ Newbie
Registered: Nov 2013
Posts: 3
Original Poster
Rep:
|
Hello,
When I did a tcpdump for a ping requests to Webserver VM, on eth0 of L1Hyp (192.168.122.8 connected to 192.168.122.1) ,I am able to see the ping request from the host. I did a tcpdump in virbr0 of L1Hyp (192.168.100.1) to which the Web Server VM is connected. I don't see any requests being forwarded.
Can you please let me know the iptables rules that u have on both host and L1hyp?
Quote:
Originally Posted by dt64
can you ping the WebserverVM from your L1hyp?
if you would sniff for IP packets on all your machines, can you follow the ICMP packet path all the way through, e.g. see it coming in into WebserverVM, travelling L1hyp, leaving host and all the way back?
Usually your scenario should just work. I'm using similar setups (vm in vm) wuite often while setting up test servers in virtual environments, which is a clone of a production server running on bare metal and hosting a few VMs.
This can certainly done by KVM (I'm using RHEL/CentOS5.9/6.4)
|
|
|
|
11-08-2013, 05:17 PM
|
#5
|
Member
Registered: Sep 2012
Distribution: RHEL5/6, CentOS5/6
Posts: 218
Rep:
|
looks like your virtual bridge within L2hyp isn't connected to L1hyp's eth0 both ways.
Check if you have IP forwarding enabled.
it could be down to IP tables, but doesn't need to.
My IPtables settings wouldn't help you much since I'm not using the virtbr0 nat interfaces which come with KVM by default but some manual bridging.
|
|
|
11-08-2013, 05:23 PM
|
#6
|
LQ Newbie
Registered: Nov 2013
Posts: 3
Original Poster
Rep:
|
The ip forwarding is enabled in the L1hyp.
When I did a tcpdump on the eth interface of L1hyp, I see arp req of "who-has 192.168.100.186 tell 192.168.122.1"
On the virbr0 of L1hyp,I don't see anything.
Quote:
Originally Posted by dt64
looks like your virtual bridge within L2hyp isn't connected to L1hyp's eth0 both ways.
Check if you have IP forwarding enabled.
it could be down to IP tables, but doesn't need to.
My IPtables settings wouldn't help you much since I'm not using the virtbr0 nat interfaces which come with KVM by default but some manual bridging.
|
|
|
|
All times are GMT -5. The time now is 11:30 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|