[libvirt-users] Issues with libvirt virtual networking

Joshua Atkinson joshua at atkinson.org.nz
Thu Nov 19 12:11:59 UTC 2015 

Hello all,

I am having issues getting my virtual network to work correctly. As of
current, I have set up a virtual network with virt-manager, using the
routed mode to forward network traffic. I have found guests can
see/ping themselves, the host's virtual IP and the host's real IP, but
nothing else. Guests fail to see any other device on the real network
or the internet.

My host is Arch Linux on Linux 4.2.5-1 with the VFIO kernel, and runs
a QEMU/KVM hypervisor. My main guest runs a new install of Windows 10,
with the virtio network interface.

I have only one virtual network configured, and no network interfaces
configured in virt-manager. Does anyone know why my VMs cannot see
anything other than themselves and the host?

My iptables rules (entirely set by libvirt):

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             192.168.100.0/24
ACCEPT     all  --  192.168.100.0/24     anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere
reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere
reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootpc

Output of "brctl show"

bridge name bridge id STP enabled interfaces
virbr0 8000.52540012f3ab yes virbr0-nic

Output of "ip addr":

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
state UP group default qlen 1000
    link/ether 90:2b:34:68:84:c0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.8/24 brd 192.168.1.255 scope global enp5s0
       valid_lft forever preferred_lft forever
    inet6 fe80::922b:34ff:fe68:84c0/64 scope link
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN group default
    link/ether 52:54:00:12:f3:ab brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.1/24 brd 192.168.100.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master
virbr0 state DOWN group default qlen 500
    link/ether 52:54:00:12:f3:ab brd ff:ff:ff:ff:ff:ff

Many Thanks,
Josh

More information about the libvirt-users mailing list