Greetings,
I am having a networking issue using KVM that I haven't been able to figure out. I've got a host LAN (10.42.43.0/24) which my QEMU virtual host (Fedora 16) is connected to (10.42.43.100/24). I have fired up two virtual guests (CentOS 6.2 which will provide services to my host network such as Apache). These guests are running on the 10.1.1.0/24 network. I am able to ping through the virtual host from inside the virtual network to my physical LAN.
Code:
SERVER LEGEND:
SERVER ROLE IP ADDRESS NETWORK
root@gw = Gateway, 10.42.43.1, Physical LAN
root@vh1 = Virtual Host, 10.42.43.100, Physical LAN
root@vh1 = Virtual Host, 10.1.1.1, Virtual LAN
root@vps1 = Virtual Guest, 10.1.1.11, Virtual LAN
--------------------------------------------------------------------
Code:
[root@vps1 ~]# ping 10.42.43.1
PING 10.42.43.1 (10.42.43.1) 56(84) bytes of data.
64 bytes from 10.42.43.1: icmp_seq=1 ttl=63 time=0.445 ms
64 bytes from 10.42.43.1: icmp_seq=2 ttl=63 time=0.497 ms
64 bytes from 10.42.43.1: icmp_seq=3 ttl=63 time=0.525 ms
64 bytes from 10.42.43.1: icmp_seq=4 ttl=63 time=0.517 ms
^C
--- 10.42.43.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3342ms
rtt min/avg/max/mdev = 0.445/0.496/0.525/0.031 ms
--------------------------------------------------------------------
but I am not able to ping from my gateway or any other host on the physical network to the virtual network
--------------------------------------------------------------------
Code:
[root@gw ~]# ping 10.1.1.11
PING 10.1.1.11 (10.1.1.11) 56(84) bytes of data.
^C
--- 10.1.1.11 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 4999ms
--------------------------------------------------------------------
The virtual host, however, is able to ping both.
--------------------------------------------------------------------
Code:
[root@vh1 ~]# ping 10.42.43.1
PING 10.42.43.1 (10.42.43.1) 56(84) bytes of data.
64 bytes from 10.42.43.1: icmp_req=1 ttl=64 time=0.216 ms
64 bytes from 10.42.43.1: icmp_req=2 ttl=64 time=0.229 ms
64 bytes from 10.42.43.1: icmp_req=3 ttl=64 time=0.233 ms
64 bytes from 10.42.43.1: icmp_req=4 ttl=64 time=0.252 ms
^C
--- 10.42.43.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.216/0.232/0.252/0.019 ms
--------------------------------------------------------------------
Code:
[root@vh1 ~]# ping 10.1.1.11
PING 10.1.1.11 (10.1.1.11) 56(84) bytes of data.
64 bytes from 10.1.1.11: icmp_req=1 ttl=64 time=0.291 ms
64 bytes from 10.1.1.11: icmp_req=2 ttl=64 time=0.319 ms
64 bytes from 10.1.1.11: icmp_req=3 ttl=64 time=0.371 ms
64 bytes from 10.1.1.11: icmp_req=4 ttl=64 time=0.353 ms
^C
--- 10.1.1.11 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.291/0.333/0.371/0.035 ms
--------------------------------------------------------------------
The gateway cannot ping the virtual host's 10.1.1.1 (virbr0) interface:
--------------------------------------------------------------------
Code:
[root@gw ~]# ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
^C
--- 10.1.1.1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms
--------------------------------------------------------------------
All of the virtual guests are set to 'NAT to p5p1', and here is an ifconfig output from the virtual host:
--------------------------------------------------------------------
Code:
[root@vh1 ~]# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2954 errors:0 dropped:0 overruns:0 frame:0
TX packets:2954 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:681432 (665.4 KiB) TX bytes:681432 (665.4 KiB)
p5p1 Link encap:Ethernet HWaddr F4:6D:04:3B:C2:B6
inet addr:10.42.43.100 Bcast:10.42.43.255 Mask:255.255.255.0
inet6 addr: fe80::f66d:4ff:fe3b:c2b6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22267 errors:0 dropped:6 overruns:0 frame:0
TX packets:9761 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5892038 (5.6 MiB) TX bytes:1666768 (1.5 MiB)
Interrupt:52 Base address:0xe000
virbr0 Link encap:Ethernet HWaddr 52:54:00:E8:A7:16
inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:268 errors:0 dropped:10 overruns:0 frame:0
TX packets:402 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:30756 (30.0 KiB) TX bytes:39871 (38.9 KiB)
vnet0 Link encap:Ethernet HWaddr FE:54:00:43:AC:57
inet6 addr: fe80::fc54:ff:fe43:ac57/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:259 errors:0 dropped:0 overruns:0 frame:0
TX packets:2465 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:33928 (33.1 KiB) TX bytes:148185 (144.7 KiB)
vnet1 Link encap:Ethernet HWaddr FE:54:00:38:1E:32
inet6 addr: fe80::fc54:ff:fe38:1e32/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:2067 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:580 (580.0 b) TX bytes:108724 (106.1 KiB)
I have turned iptables OFF for vh1. No difference. /proc/sys/net/ipv4/ip_forward is set to on(1).
What am I missing? Also if anyone needs more information from any of the 3 systems to help troubleshoot/identify the problem, let me know and I will be more than happy to get you what you need.
