[libvirt-users] libvirt and Bridging

Fri Aug 20 05:41:25 UTC 2010

Hello all,

Basically my problem is how can i access a virtual machine from local
network. I am able to do so from the host PC put not from other  PC's
on the same network.
here is my what i did so far
(http://wiki.libvirt.org/page/Networking#NAT_forwarding_.28aka_.22virtual_networks.22.29)

cat '/etc/libvirt/qemu/networks/default.xml'
<network>
  <name>default</name>
  <uuid>1bad08f7-0bc3-bfde-f87d-f323ab1c95eb</uuid>
  <forward mode='nat'/>
  <bridge name='virbr0' stp='on' delay='0' />
  <ip address='10.0.2.1' netmask='255.255.255.240'>
    <dhcp>
      <range start='10.0.2.2' end='10.0.2.14' />
    </dhcp>
  </ip>
</network>

cat '/etc/sysctl.conf'
# Disable packet forwarding
#net.ipv4.ip_forward=0
net.ipv4.ip_forward=1
# disable netfilter on the bridge:
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

ifconfig -a

br0       Link encap:Ethernet  HWaddr 00:1C:C0:38:AF:BA
          inet addr:10.0.1.5  Bcast:10.0.1.15  Mask:255.255.255.240
          inet6 addr: fe80::21c:c0ff:fe38:afba/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:580 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:29435 (28.7 Kb)  TX bytes:468 (468.0 b)

eth0      Link encap:Ethernet  HWaddr 00:C0:DF:13:AF:87
          inet addr:10.0.1.4  Bcast:10.0.1.15  Mask:255.255.255.240
          inet6 addr: fe80::2c0:dfff:fe13:af87/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:476362 errors:0 dropped:0 overruns:0 frame:0
          TX packets:684752 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:57147388 (54.4 Mb)  TX bytes:707797829 (675.0 Mb)
          Interrupt:22 Base address:0x800

eth1      Link encap:Ethernet  HWaddr 00:1C:C0:38:AF:BA
          inet6 addr: fe80::21c:c0ff:fe38:afba/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1142 errors:0 dropped:0 overruns:0 frame:0
          TX packets:43 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:90530 (88.4 Kb)  TX bytes:2632 (2.5 Kb)
          Memory:e3200000-e3220000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:118356 errors:0 dropped:0 overruns:0 frame:0
          TX packets:118356 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:14239239 (13.5 Mb)  TX bytes:14239239 (13.5 Mb)

virbr0    Link encap:Ethernet  HWaddr FE:54:00:45:A7:31
          inet addr:10.0.2.1  Bcast:10.0.2.15  Mask:255.255.255.240
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:180 errors:0 dropped:0 overruns:0 frame:0
          TX packets:128 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:16657 (16.2 Kb)  TX bytes:50599 (49.4 Kb)

vnet0     Link encap:Ethernet  HWaddr FE:54:00:45:A7:31
          inet6 addr: fe80::fc54:ff:fe45:a731/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14 errors:0 dropped:0 overruns:0 frame:0
          TX packets:357 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:1404 (1.3 Kb)  TX bytes:19248 (18.7 Kb)

brctl show
bridge name	bridge id		STP enabled	interfaces
br0		8000.001cc038afba	no		eth1
virbr0		8000.fe540045a731	yes		vnet0

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.1.0        0.0.0.0         255.255.255.240 U     0      0        0 eth0
10.0.1.0        0.0.0.0         255.255.255.240 U     0      0        0 br0
10.0.2.0        0.0.0.0         255.255.255.240 U     0      0        0 virbr0
0.0.0.0         10.0.1.1        0.0.0.0         UG    0      0        0 eth0

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            udp dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             10.0.2.0/28         state
RELATED,ESTABLISHED
ACCEPT     all  --  10.0.2.0/28          anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere
reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere
reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere            PHYSDEV
match --physdev-is-bridged
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             10.0.2.5            tcp dpt:smakynet
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             10.0.2.5            tcp dpt:smakynet
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             10.0.2.5            tcp dpt:smakynet

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

the IP Address for the virtual machine i am trying to access is
10.0.2.5 (vnet0). I am able only to access it from the host PC only,
therefore, how i can i access it from other PC's on the network ?

Any help would be much appreciated.

-- 
Sincerely,