Hey Guys,

I'm building a linux virtualization node based on CentOS 6.3 with kvm and libvirt (using virsh as interface). I have a cheapass server at OVH with two public ipv4 addresses, i want to use the second address as primair address for a NAT network. The first virtual server (vm1) should be the gateway which communicates with the outside world.

So i bridged eth0 and assigned the bridge to the virtual machine's config. I expect that i can assign a public address to the virtual machine. However if i put the secundair ip to the virtual machine's network config with the correct gateway, broadcast and netmask i can still not communicate from outside.

bridge config:

ifconfig
br0 Link encap:Ethernet HWaddr 00:25:90:04:05:44
inet addr:91.***.11.*** Bcast:91.***.11.*** Mask:255.255.255.0
inet6 addr: 2001:***:1:***::1/64 Scope:Global
inet6 addr: ***::225:***:fe04:***/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3117 errors:0 dropped:0 overruns:0 frame:0
TX packets:3384 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:318507 (311.0 KiB) TX bytes:451534 (440.9 KiB)

# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.002590040544 yes eth0

tcpdump while pinging secundairy ip from outside:
tcpdump -i br0 icmp -n
listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
18:48:18.670758 IP **.210.**.25 > 94.**.***.169: ICMP echo request, id 5607, seq 17, length 64


proxy ip is turned on to avoid problems with different MAC's:
sysctl.conf:
# proxy arp
net.ipv4.conf.eth0.proxy_arp = 1
net.ipv4.conf.br0.proxy_arp = 1
#bypass iptables for bridging
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0


libvirt virtual machine config:
<interface type='bridge'>
<mac address='52:54:00:59:6c:43'/>
<source bridge='br0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>


Does someone have an idea if i do something wrong, or forget something?

Thanks!!