[libvirt-users] Network questions

paul.worner at thomsonreuters.com paul.worner at thomsonreuters.com
Wed Nov 16 16:18:48 UTC 2011


Hi all,

When creating a new network:


1)    Is there a way to disable automatic spawning of dnsmasq on network creation?  I read that leaving out the <DHCP> section should accomplish this, but that is not what I am seeing.

2)    Is there a way to disable automatic installation of iptables rules?

3)    For that matter, what is the purpose of the default iptables rule set?  Doesn't line 3 let all traffic pass anyway?

Thanks,
Paul


Running libvirt 0.9.2 on Ubuntu 11.10 server.

Here's the libvirt network config:

RAW CONFIG
<network>
  <name>test</name>
  <bridge name="virbr%d" stp="off" delay="0"/>
  <forward mode="route"/>
  <ip address="192.168.0.1" netmask="255.255.255.0">
  </ip>
</network>

COMMAND
virsh net-create test.xml

RESULTS
virsh net-dumpxml test
<network>
  <name>test</name>
  <uuid>2eff5e7f-847a-1fbf-ec82-01a46ef0f6c2</uuid>
  <forward mode='route'/>
  <bridge name='virbr3' stp='off' delay='0' />
  <mac address='52:54:00:47:E6:15'/>
  <ip address='192.168.0.1' netmask='255.255.255.0'>
  </ip>
</network

ps aux | grep dns
nobody    4391  0.0  0.0  21616   916 ?        S    09:45   0:00 dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/test.pid --conf-file= --except-interface lo --listen-address 192.168.0.1

iptables -L --line-numbers
Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             192.168.0.0/24
2    ACCEPT     all  --  192.168.0.0/24       anywhere
3    ACCEPT     all  --  anywhere             anywhere
4    REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable
5    REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20111116/02e39aa9/attachment.htm>


More information about the libvirt-users mailing list