Subject: | |
From: | |
Reply To: | |
Date: | Tue, 30 Apr 2013 23:03:04 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Things depend on how you set up the bridged device.
The way I usually set up a bridged device, I set it up to have eth0 of the bare metal host go
Through the bridge as well. If you do that, you would probably have to change the iptables rules because
Things that were once meant for eth0 would now go to your bridge device.
It would have been helpful to see the output of
"service iptables status" before you added the bridge, and now.
Also would be helpful to see output of "brctl show"
Steve Timm
-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]] On Behalf Of CS DBA
Sent: Tuesday, April 30, 2013 5:28 PM
To: scientific-linux-users
Subject: KVM Issues
Hi all;
I have a KVM server (running SL 6.3) recently I added a bridged device (for a new external facing KVM, i.e. we want to access it without being on the KVM server)
After I added the new bridge I noticed that it was not showing up as an option for the new KVM's network, So I rebooted the KVM server.
Now we have 2 new isues:
1) we use Untangle as our firewall, we have a firewall rule that forwards all traffic destined for our statis IP on a specific port to the KVM box.
the rule no longer works. Pinged the Untangle folks and they say it;s being blocked on the KVM server. Re-pointed the destination for the rule to
another Linux box in the network and it works fine.
2) we can no no longer access the intenet, or other servers in the physical network from one of the
non-bridged (i.e. just using the virtual network) KVM's
I've done some digging, and I'm baffled. Not to say that that means much
- I'm not very well versed in the network side of Linux.
Thanks in advance for any help you can offer...
Here's some of our config data:
ifconfig output (from the KVM server):
# ifconfig
eth0 Link encap:Ethernet HWaddr 68:05:CA:0D:F6:1E
inet addr:192.168.2.110 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::6a05:caff:fe0d:f61e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13275 errors:0 dropped:0 overruns:0 frame:0
TX packets:5915 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1556174 (1.4 MiB) TX bytes:1153356 (1.0 MiB)
Interrupt:24 Memory:fbfe0000-fc000000
eth1 Link encap:Ethernet HWaddr BC:AE:C5:27:AE:46
inet6 addr: fe80::beae:c5ff:fe27:ae46/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:8851 errors:0 dropped:0 overruns:0 frame:0
TX packets:562 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1326983 (1.2 MiB) TX bytes:54394 (53.1 KiB)
Interrupt:48 Memory:fbee0000-fbf00000
eth2 Link encap:Ethernet HWaddr BC:AE:C5:27:AF:40
inet6 addr: fe80::beae:c5ff:fe27:af40/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:8535 errors:0 dropped:0 overruns:0 frame:0
TX packets:91 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1301040 (1.2 MiB) TX bytes:6194 (6.0 KiB)
Interrupt:47 Memory:fbde0000-fbe00000
eth3 Link encap:Ethernet HWaddr 68:05:CA:0F:31:2D
inet addr:192.168.2.171 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::6a05:caff:fe0f:312d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5794 errors:0 dropped:0 overruns:0 frame:0
TX packets:693 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:876435 (855.8 KiB) TX bytes:106949 (104.4 KiB)
Interrupt:40 Memory:fbbe0000-fbc00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:184 errors:0 dropped:0 overruns:0 frame:0
TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:358318 (349.9 KiB) TX bytes:358318 (349.9 KiB)
virbr0 Link encap:Ethernet HWaddr 52:54:00:1B:51:B6
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3459 errors:0 dropped:0 overruns:0 frame:0
TX packets:4678 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:531194 (518.7 KiB) TX bytes:507061 (495.1 KiB)
vnet0 Link encap:Ethernet HWaddr FE:54:00:F5:60:95
inet6 addr: fe80::fc54:ff:fef5:6095/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16288 errors:0 dropped:0 overruns:0 frame:0
TX packets:18306 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1914475 (1.8 MiB) TX bytes:1866563 (1.7 MiB)
vnet1 Link encap:Ethernet HWaddr BC:AE:C5:27:AE:46
inet6 addr: fe80::beae:c5ff:fe27:ae46/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3503 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:478361 (467.1 KiB) TX bytes:468 (468.0 b)
vnet2 Link encap:Ethernet HWaddr BC:AE:C5:27:AF:40
inet6 addr: fe80::beae:c5ff:fe27:af40/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6475 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:940999 (918.9 KiB) TX bytes:1046 (1.0 KiB)
vnet3 Link encap:Ethernet HWaddr FE:54:00:75:97:82
inet6 addr: fe80::fc54:ff:fe75:9782/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11356 errors:0 dropped:0 overruns:0 frame:0
TX packets:13379 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1157294 (1.1 MiB) TX bytes:1363906 (1.3 MiB)
vnet4 Link encap:Ethernet HWaddr FE:54:00:CF:B4:21
inet6 addr: fe80::fc54:ff:fecf:b421/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13640 errors:0 dropped:0 overruns:0 frame:0
TX packets:16700 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1482213 (1.4 MiB) TX bytes:1621205 (1.5 MiB)
vnet5 Link encap:Ethernet HWaddr FE:54:00:36:60:83
inet6 addr: fe80::fc54:ff:fe36:6083/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:474 errors:0 dropped:0 overruns:0 frame:0
TX packets:3821 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:48490 (47.3 KiB) TX bytes:534549 (522.0 KiB)
vnet6 Link encap:Ethernet HWaddr FE:54:00:40:A9:5C
inet6 addr: fe80::fc54:ff:fe40:a95c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:319 errors:0 dropped:0 overruns:0 frame:0
TX packets:1207 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:36204 (35.3 KiB) TX bytes:82878 (80.9 KiB)
brctl show:
bridge name bridge id STP enabled interfaces
virbr0 8000.5254001b51b6 yes virbr0-nic
vnet0
vnet3
vnet4
vnet6
vnet1 8000.bcaec527ae46 no eth1
vnet5
vnet2 8000.bcaec527af40 no eth2
iptables -L:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
|
|
|