LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Virtualization and Cloud (https://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/)
-   -   Installed Scientific Linux 6.2 on a VM using KVM - no network access (https://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/installed-scientific-linux-6-2-on-a-vm-using-kvm-no-network-access-4175428686/)

dralexpe 09-23-2012 04:43 PM
Installed Scientific Linux 6.2 on a VM using KVM - no network access
 
2 Attachment(s)
I am running Centos 5.8 and I wanted to see how KVM and Scientific Linux 6.2 work, so I installed the SL as a VM using KVM.

The installation worked fine, I can boot the vm, but I cannot access anything from within the vm.

I created a virtual network, and at configuration I chose "NAT to eth0", which is the physical network card on the host.

Here's some output from the host:

Code:
[root@new-screamer ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:E0:81:74:C7:26
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::2e0:81ff:fe74:c726/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:68271 errors:0 dropped:0 overruns:0 frame:0
          TX packets:45914 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:67832456 (64.6 MiB)  TX bytes:4997745 (4.7 MiB)
          Interrupt:185 Memory:d2200000-d2220000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:22504 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22504 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:13951197 (13.3 MiB)  TX bytes:13951197 (13.3 MiB)

virbr0    Link encap:Ethernet  HWaddr FE:52:00:7A:C1:75
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:3386 (3.3 KiB)

vmnet1    Link encap:Ethernet  HWaddr 00:50:56:C0:00:01
          inet addr:172.16.18.1  Bcast:172.16.18.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:46 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

vmnet8    Link encap:Ethernet  HWaddr 00:50:56:C0:00:08
          inet addr:172.16.68.1  Bcast:172.16.68.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:46 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

vnet0    Link encap:Ethernet  HWaddr FE:52:00:7A:C1:75
          inet6 addr: fe80::fc52:ff:fe7a:c175/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1349 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 b)  TX bytes:73712 (71.9 KiB)

[root@new-screamer ~]# route
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
172.16.68.0    *              255.255.255.0  U    0      0        0 vmnet8
172.16.18.0    *              255.255.255.0  U    0      0        0 vmnet1
192.168.1.0    *              255.255.255.0  U    0      0        0 eth0
192.168.122.0  *              255.255.255.0  U    0      0        0 virbr0
169.254.0.0    *              255.255.0.0    U    0      0        0 eth0
default        192.168.1.254  0.0.0.0        UG    0      0        0 eth0
[root@new-screamer ~]# brctl show
bridge name    bridge id              STP enabled    interfaces
virbr0          8000.fe52007ac175      yes            vnet0
[root@new-screamer ~]# virsh net-list --all
Name                State      Autostart
-----------------------------------------
virtual_net          active    yes
[root@new-screamer ~]# iptables -L
Chain INPUT (policy ACCEPT)
target    prot opt source              destination
ACCEPT    udp  --  anywhere            anywhere            udp dpt:domain
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:domain
ACCEPT    udp  --  anywhere            anywhere            udp dpt:bootps
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:bootps
RH-Firewall-1-INPUT  all  --  anywhere            anywhere

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination
ACCEPT    all  --  anywhere            192.168.122.0/24    state RELATED,ESTABLISHED
ACCEPT    all  --  192.168.122.0/24    anywhere
ACCEPT    all  --  anywhere            anywhere
REJECT    all  --  anywhere            anywhere            reject-with icmp-port-unreachable
REJECT    all  --  anywhere            anywhere            reject-with icmp-port-unreachable
RH-Firewall-1-INPUT  all  --  anywhere            anywhere

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination

Chain RH-Firewall-1-INPUT (2 references)
target    prot opt source              destination
ACCEPT    all  --  anywhere            anywhere
ACCEPT    icmp --  anywhere            anywhere            icmp any
ACCEPT    esp  --  anywhere            anywhere
ACCEPT    ah  --  anywhere            anywhere
ACCEPT    udp  --  anywhere            224.0.0.251        udp dpt:mdns
ACCEPT    udp  --  anywhere            anywhere            udp dpt:ipp
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:ipp
ACCEPT    all  --  anywhere            anywhere            state RELATED,ESTABLISHED
ACCEPT    tcp  --  anywhere            anywhere            state NEW tcp dpt:ftp
ACCEPT    tcp  --  anywhere            anywhere            state NEW tcp dpt:ssh
ACCEPT    tcp  --  anywhere            anywhere            state NEW tcp dpt:https
ACCEPT    tcp  --  anywhere            anywhere            state NEW tcp dpt:http
REJECT    all  --  anywhere            anywhere            reject-with icmp-host-prohibited
[root@new-screamer ~]# ping 68.94.156.1
PING 68.94.156.1 (68.94.156.1) 56(84) bytes of data.
64 bytes from 68.94.156.1: icmp_seq=1 ttl=57 time=31.3 ms
64 bytes from 68.94.156.1: icmp_seq=2 ttl=57 time=26.0 ms
64 bytes from 68.94.156.1: icmp_seq=3 ttl=57 time=27.3 ms
64 bytes from 68.94.156.1: icmp_seq=4 ttl=57 time=27.0 ms

--- 68.94.156.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 26.009/27.951/31.366/2.039 ms


It seems to me that the host is alright, but the vm cannot access anything. Here is a screenshot of the vm trying to ping the DNS used by the host:http://www.linuxquestions.org/questi...1&d=1348434824

I tried to reconfigure the network interface on the vm, using system-config-network. The ifcfg-virbr0 file looks like this:
http://www.linuxquestions.org/questi...1&d=1348435481

I used the same default gateway IP 192.168.1.254 of the DSL modem which the host uses.

I am not an expert, but I feel that the virbr0 at 192.168.122.1 on the host is not connected to the virbr0 at 192.168.122.1 on the vm.

Any help will be appreciated.
Thank you

mago 09-27-2012 06:38 PM
This might be kind of obvious, but do you have ip forward enable?

dralexpe 09-28-2012 05:56 PM
Yes, ip_forward is enabled in both the host and the vm.

mago 09-28-2012 06:15 PM
Have you tried to disable all iptables rules to test and then start enabling them?

dralexpe 09-28-2012 07:00 PM
I stopped the iptables on both the host and vm with the command /etc/init.d/iptables stop. That also flushed the firewall rules.

The LAN of the host and DSL modem is 192.168.1.0, the virtual network on which virbr0 resides is 192.168.122.0. I added a route in the vm to the network 192.168.1.0 through the device virbr0, and when I tried to ping the DSL modem (at 192.168.1.254) I get destination host unreachable.

Gerard Lally 09-28-2012 09:09 PM
Quote:
Originally Posted by dralexpe (Post 4787472)
[FONT=Arial Black][SIZE=2]I am running Centos 5.8 and I wanted to see how KVM and Scientific Linux 6.2 work, so I installed the SL as a VM using KVM.

The installation worked fine, I can boot the vm, but I cannot access anything from within the vm.
Disable network-manager and configure the network manually (for example, in /etc/sysconfig/network-scripts/ifcfg-eth0).

I had to disable SELinux and the firewall as well (I use firewalling on the host instead).


All times are GMT -5. The time now is 03:44 PM.