[libvirt-users] what interface does virbr0 forward message to?

[Laine Stump]

On 11/26/2012 04:48 AM, Timon Wang wrote:
>
> brctl show
>

That command won't show anything relevant to the question.

The virbr0 bridge created by libvirt for the default network is not
attached directly to any physical interfaces, so brctl will not show
anything other than guest tap devices connected.

> 在 2012-11-26 下午5:10，"张章" <zhang_zhang at live.com
> <mailto:zhang_zhang at live.com>> 写道：
> >
> > Dear all:
> > Libvirt create a default network called virbr0 using for NAT.
> > I have two interface in my computer: eth0 eth1. My question is what
> interface does virbr0 forward message to?
>

All traffic from guests connected to a libvirt NATed network like the
"default" network must go through the host's IP routing stack to get to
the outside, and that is where the decision is made (on a per-packet
basis) about which interface to use for egress.

So the answer is "each packet will be sent out the appropriate interface
for that packet's destination address, according to the host's IP
routing table."

Note that you can limit the outgoing traffic from a particular network
to only be allowed on a particular interface (by adding a "dev='ethX'"
attribute to the <forward> element of the network), but that will only
serve to block traffic that would have been forwarded via other
interfaces, it won't re-route it to the allowed interface.


(BTW, please don't ask a new question as a reply to an unrelated earlier
message to the list - even if you change the subject, any proper email
client will bury it in the replies to the original message. Instead,
create a new message.)