[libvirt-users] UDP broadcasts vs. nat Masquerading issue
Daniel P. Berrangé
berrange at redhat.com
Fri Jul 5 16:27:22 UTC 2019
On Fri, Jul 05, 2019 at 07:26:41PM +0300, Nikolai Zhubr wrote:
> Hi Daniel and Laine,
>
> [...]
> > > -A POSTROUTING -o br0 -j MASQUERADE
> > > -A POSTROUTING -o enp0s25 -j MASQUERADE
> > > -A POSTROUTING -o virbr2_nic -j MASQUERADE
> > > -A POSTROUTING -o vnet0 -j MASQUERADE
> >
> > *None* of those rules were added by libvirt (unless your build of
> [...]
> > You can verify my "counter-claim" by running "virsh net-destroy" for all
> > of your libvirt networks, and seeing that the offending rules haven't
> > been removed.
> >
> > In short, you need to look elsewhere for the culprit.
>
> Yes, found it. You were both right, essentially.
> The offending rules were added by a firewall in response to new interfaces
> created by libvirt dynamically, due to some dubious relict settings left in
> the firewall. (Silly me.)
>
> So this it not an issue of libvirt indeed!
>
> Tons of thanks for the quick and precise hit!
No worries, thanks for confirming the root cause you found too.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvirt-users
mailing list