dracut-initqueue[588]: RTNETLINK answers: Network is unreachable

centos virtual-machine kvm libvirt nmcli
6,328

It's normal to add the network settings to the bridge; not the physical interface.

Remove the IP details from eno1 (having first make sure you know how to reinstate them if required).

Then, try:

nmcli connection add type bridge autoconnect yes con-name br1 ifname br1 
nmcli connection modify br1 ipv4.addresses aa.bb.cc.dd/29 ipv4.method manual 
nmcli connection modify br1 ipv4.gateway aa.bb.cc.ee
nmcli connection modify br1 ipv4.dns xx.xx.xx.xx

Where aa.bb.cc.dd etc are the IP settings you had on eno1.

On the host, you will need to load the br_netfilter module:

modprobe br_netfilter

Then, create /etc/sysctl.d/bridge.conf with:

net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

and load the settings:

sysctl -p /etc/sysctl.d/bridge.conf

Finally, run virt-install with --net bridge=br1

Give the guest and IP address and try to ping the next host.

Remember you may need to consider firewalls and also enable routing on the host.

Share:
6,328

Related videos on Youtube

RabT
Author by

RabT

Updated on September 18, 2022

Comments

  • RabT
    RabT over 1 year

    A CentOS 7 host needs to install a CentOS 7 guest operating system using virt-install and a kickstart file. Then BOTH the HOST and the GUEST need to be accessible via ssh using separate public static IP addresses across the internet.

    What specific commands and config need to be typed in order to enable ssh access to both the guest and the host via static public IP addresses?

    My understanding is that setting this up includes the following steps:

    1.) Configuring bridged networking on the host, to replace the default NAT
    2.) Configuring static networking on the guest

    But how should this be set up? Do we replace virbr0 with a new br0 as shown below, or do we just modify virbr0?

    Note that this setup has the following PUBLIC static IP addresses (obscured/anonymized here for security reasons): 

    host: 12.34.567.8aa
guest: 12.34.567.8cc
network gateway: 12.34.567.8bb

    Current Error:

    Using the methods outlined below, the terminal output during the installation includes the following lines relevant to this networking connectivity problem: 

    [    4.555887] 8021q: adding VLAN 0 to HW filter on device eth0
[    4.447513] dracut-initqueue[588]: RTNETLINK answers: Network is unreachable
......................
[    8.096306] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready

    First Attempt To Configure the HOST:

    The HOST's public networking (which works perfectly), was set up with the following commands: 

    nmcli con mod eno1 ipv4.addresses 12.34.567.8aa/29
nmcli con mod eno1 ipv4.gateway 12.34.567.8bb
nmcli con mod eno1 ipv4.dns "xx.xx.xx.xx xx.xx.yy.yy"
nmcli con mod eno1 ipv4.method manual
nmcli con mod eno1 connection.autoconnect yes

    Then the HOST's bridge (which DOES NOT yet work) was set up with the following commands: 

    nmcli con add type bridge con-name br0 ifname br0 autoconnect yes
nmcli con add type ethernet con-name br0-slave-1 ifname eno1 master br0 autoconnect yes
nmcli con add type ethernet con-name br0-slave-2 ifname eth0 master br0 autoconnect yes
nmcli con modify br0 bridge.stp no
nmcli connection modify br0 ipv4.addresses 12.34.567.8aa/29 ipv4.method manual ipv4.gateway 12.34.567.8bb ipv4.dns xx.xx.xx.xx,xx.xx.yy.yy 
nmcli con up br0
brctl show  br0

    Note that the preceding commands try to enslave both eth0 and eno because eth0 is defined inside the GUEST, while eno1 is defined in the HOST. Not clear what the scope of visibility is for these names, so am trying both here, but without success.

    How The Guest Is Created:

    The following are the specifics of how the guest is created:

    The kickstart file on the HOST is: 

    [root@remote-host ~]# vi /tmp/vm.ks
install
lang en_US.UTF-8
keyboard us
timezone SomeContinent/SomeCity
auth --enableshadow --passalgo=sha512
services --enabled=NetworkManager,sshd
eula --agreed

reboot

network  --bootproto=static --ip=12.34.567.8cc --netmask=255.255.255.248 --gateway=12.34.567.8bb --nameserver=xx.xx.xx.xx,xx.xx.yy.yy --device=eth0

bootloader --location=mbr
zerombr
clearpart --all --initlabel
part swap --asprimary --fstype="swap" --size=1024
part /boot --fstype xfs --size=200
part pv.01 --size=1 --grow
volgroup rootvg01 pv.01
logvol / --fstype xfs --name=lv01 --vgname=rootvg01 --size=1 --grow

# Root password
rootpw --iscrypted $someLongHashedPassword
repo --name="CentOS" --baseurl="http://mirror.centos.org/centos/7/os/x86_64/"

%packages
@core
%end
~
"/tmp/vm.ks" 30L, 1002C

    The virt-install command run from the HOST is: 

    [root@remote-host ~]# virt-install --name=public-centos7 --disk path=/home/disk_test.img,size=100 --graphics none 
--vcpus=1 --memory=2048 --location /tmp/CentOS-7-x86_64-Minimal-1611.iso --network bridge=br0 
--os-type=linux --os-variant=rhel7.0 --initrd-inject=/tmp/vm.ks --extra-args "ks=file:/vm.ks console=ttyS0"

    HOST config information:

    On the host, the nmcli details are: 

    [root@remote-host ~]# nmcli con show
NAME         UUID                TYPE            DEVICE
br0          very-long-string    bridge          br0
eno1         very-long-string    802-3-ethernet  eno1
virbr0       very-long-string    bridge          virbr0
vnet0        very-long-string    tun             vnet0
br0-slave-1  very-long-string    802-3-ethernet  --
br0-slave-2  very-long-string    802-3-ethernet  --


[root@remote-host ~]# nmcli con show br0
connection.id:                          br0
connection.uuid:                        very-long-string
connection.interface-name:              br0
connection.type:                        bridge
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.timestamp:                   1490056018
connection.read-only:                   no
connection.autoconnect-slaves:          -1 (default)
connection.gateway-ping-timeout:        0
connection.lldp:                        -1 (default)
ipv4.method:                            manual
ipv4.dns:                               xx.xx.xx.xx,xx.xx.yy.yy
ipv4.dns-options:                       (default)
ipv4.dns-priority:                      0
ipv4.addresses:                         12.34.567.8aa/29
ipv4.gateway:                           12.34.567.8bb
ipv4.routes:
ipv4.route-metric:                      -1
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-timeout:                      0
ipv4.dhcp-send-hostname:                yes
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.dad-timeout:                       -1 (default)
........skipping ipv6 stuff
bridge.stp:                             no
bridge.priority:                        32758
bridge.forward-delay:                   15
bridge.hello-time:                      2
bridge.max-age:                         20
bridge.ageing-time:                     300
bridge.multicast-snooping:              yes
GENERAL.NAME:                           br0
GENERAL.UUID:                           very-long-string
GENERAL.DEVICES:                        br0
GENERAL.STATE:                          activated
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveConnection/40
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Settings/38
GENERAL.SPEC-OBJECT:                    /
GENERAL.MASTER-PATH:                    --
IP4.ADDRESS[1]:                         12.34.567.8aa/29
IP4.GATEWAY:                            12.34.567.8bb
IP4.DNS[1]:                             xx.xx.xx.xx
IP4.DNS[2]:                             xx.xx.yy.yy
.....skipping ipv6 stuff


[root@remote-host ~]# nmcli con show virbr0
connection.id:                          virbr0
connection.uuid:                        very-long-string
connection.stable-id:                   --
connection.interface-name:              virbr0
connection.type:                        bridge
connection.autoconnect:                 no
connection.autoconnect-priority:        0
connection.timestamp:                   1490056018
connection.read-only:                   no
connection.autoconnect-slaves:          -1 (default)
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        -1 (default)
ipv4.method:                            manual
ipv4.dns-options:                       (default)
ipv4.dns-priority:                      100
ipv4.addresses:                         192.168.122.1/24 (purposely NOT obscured because this IP is private and auto-generated)
ipv4.route-metric:                      -1
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-timeout:                      0
ipv4.dhcp-send-hostname:                yes
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.dad-timeout:                       -1 (default)
.............skipping ipv6 stuff
bridge.stp:                             yes
bridge.priority:                        32xx8
bridge.forward-delay:                   2
bridge.hello-time:                      2
bridge.max-age:                         20
bridge.ageing-time:                     300
bridge.multicast-snooping:              yes
GENERAL.NAME:                           virbr0
GENERAL.UUID:                           very-long-string
GENERAL.DEVICES:                        virbr0
GENERAL.STATE:                          activated
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveConnection/1
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Settings/1
GENERAL.SPEC-OBJECT:                    /
IP4.ADDRESS[1]:                         192.168.122.1/24 (purposely NOT obscured because this IP is private and auto-generated)


[root@remote-host ~]# nmcli con show eno1
connection.id:                          eno1
connection.uuid:                        very-long-string
connection.interface-name:              eno1
connection.type:                        802-3-ethernet
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.timestamp:                   1490056018
connection.read-only:                   no
connection.autoconnect-slaves:          -1 (default)
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        -1 (default)
802-3-ethernet.speed:                   0
802-3-ethernet.auto-negotiate:          yes
802-3-ethernet.mtu:                     auto
802-3-ethernet.wake-on-lan:             1 (default)
ipv4.method:                            manual
ipv4.dns:                               xx.xx.xx.xx,xx.xx.yy.yy
ipv4.dns-options:                       (default)
ipv4.dns-priority:                      0
ipv4.addresses:                         12.34.567.8aa/29
ipv4.gateway:                           12.34.567.8bb
ipv4.route-metric:                      -1
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-timeout:                      0
ipv4.dhcp-send-hostname:                yes
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.dad-timeout:                       -1 (default)
..........skipping ipv6 stuff
GENERAL.NAME:                           eno1
GENERAL.UUID:                           very-long-string
GENERAL.DEVICES:                        eno1
GENERAL.STATE:                          activated
GENERAL.DEFAULT:                        yes
GENERAL.DEFAULT6:                       yes
GENERAL.VPN:                            no
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveConnection/3
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Settings/0
GENERAL.SPEC-OBJECT:                    /
IP4.ADDRESS[1]:                         12.34.567.8aa/29
IP4.GATEWAY:                            12.34.567.8bb
IP4.DNS[1]:                             xx.xx.xx.xx
IP4.DNS[2]:                             xx.xx.yy.yy
..........skipping ipv6 stuff


[root@remote-host ~]# nmcli con show br0-slave-1
connection.id:                          br0-slave-1
connection.uuid:                        very-long-string
connection.interface-name:              eno1
connection.type:                        802-3-ethernet
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.read-only:                   no
connection.master:                      br0
connection.slave-type:                  bridge
connection.autoconnect-slaves:          -1 (default)
connection.gateway-ping-timeout:        0
connection.lldp:                        -1 (default)
802-3-ethernet.speed:                   0
802-3-ethernet.auto-negotiate:          yes
802-3-ethernet.mtu:                     auto
802-3-ethernet.wake-on-lan:             1 (default)
bridge-port.priority:                   32
bridge-port.path-cost:                  100
bridge-port.hairpin-mode:               no


[root@remote-host ~]# nmcli con show br0-slave-2
connection.id:                          br0-slave-2
connection.uuid:                        very-long-string
connection.interface-name:              eth0
connection.type:                        802-3-ethernet
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.read-only:                   no
connection.master:                      br0
connection.slave-type:                  bridge
connection.autoconnect-slaves:          -1 (default)
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        -1 (default)
802-3-ethernet.speed:                   0
802-3-ethernet.auto-negotiate:          yes
802-3-ethernet.mtu:                     auto
802-3-ethernet.wake-on-lan:             1 (default)
bridge-port.priority:                   32
bridge-port.path-cost:                  100
bridge-port.hairpin-mode:               no

    GUEST knows its Static Public IP, but cannot get out:

    The following are the results of ping and curl commands run from inside the GUEST. As you can see, both programs run, but yet neither is able to get out of the VM to the outside world: 

    [root@localhost ~]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 12.34.567.8cc icmp_seq=1 Destination Host Unreachable
From 12.34.567.8cc icmp_seq=2 Destination Host Unreachable
From 12.34.567.8cc icmp_seq=3 Destination Host Unreachable
..........

--- 8.8.8.8 ping statistics ---
14 packets transmitted, 0 received, +13 errors, 100% packet loss, time 13004ms
pipe 4

[root@localhost ~]# curl ipinfo.io/ip
curl: (6) Could not resolve host: ipinfo.io; Unknown error

    Config inside the GUEST:

    Accessed from inside the GUEST, the auto-generated ifcfg-eth0 file is: 

    [root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
NAME="eth0"
HWADDR="11:22:33:44:55:66"
ONBOOT=yes
NETBOOT=yes
UUID="some-very-long-complex-string"
IPV6INIT=yes
BOOTPROTO=none
IPADDR="12.34.567.8cc"
NETMASK="255.255.255.248"
GATEWAY="12.34.567.8bb"
TYPE=Ethernet
DNS1="xx.xx.xx.xx,xx.xx.yy.yy"
~
"/etc/sysconfig/network-scripts/ifcfg-eth0" 13L, 281C

    The following are the results of nmcli commands run inside the GUEST: 

    [root@localhost ~]# nmcli con show
NAME  UUID              TYPE            DEVICE
eth0  very-long-string  802-3-ethernet  eth0


[root@localhost ~]# nmcli con show eth0
connection.id:                          eth0
connection.uuid:                        very-long-string
connection.type:                        802-3-ethernet
connection.autoconnect:                 yes
connection.autoconnect-priority:        0
connection.timestamp:                   1490079856
connection.read-only:                   no
connection.autoconnect-slaves:          -1 (default)
connection.gateway-ping-timeout:        0
connection.metered:                     unknown
connection.lldp:                        -1 (default)
802-3-ethernet.speed:                   0
802-3-ethernet.auto-negotiate:          yes
802-3-ethernet.mac-address:             qq:ww:ee:rr:tt:yy (not really qwerty)
802-3-ethernet.mtu:                     auto
802-3-ethernet.wake-on-lan:             1 (default)
ipv4.method:                            manual
ipv4.dns:                               xx.xx.xx.xx,xx.xx.yy.yy
ipv4.dns-options:                       (default)
ipv4.dns-priority:                      0
ipv4.addresses:                         12.34.567.8cc/29
ipv4.gateway:                           12.34.567.8bb
ipv4.route-metric:                      -1
ipv4.ignore-auto-routes:                no
ipv4.ignore-auto-dns:                   no
ipv4.dhcp-timeout:                      0
ipv4.dhcp-send-hostname:                yes
ipv4.never-default:                     no
ipv4.may-fail:                          yes
ipv4.dad-timeout:                       -1 (default)
.........skipping ipv6 stuff
GENERAL.NAME:                           eth0
GENERAL.UUID:                           very-long-string
GENERAL.DEVICES:                        eth0
GENERAL.STATE:                          activated
GENERAL.DEFAULT:                        yes
GENERAL.DBUS-PATH:                      /org/freedesktop/NetworkManager/ActiveConnection/0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/Settings/0
GENERAL.SPEC-OBJECT:                    /
IP4.ADDRESS[1]:                         12.34.567.8cc/29
IP4.GATEWAY:                            12.34.567.8bb
IP4.DNS[1]:                             xx.xx.xx.xx
IP4.DNS[2]:                             xx.xx.yy.yy
......skipping ipv6 stuff
[root@localhost ~]#

    @garethTheRed's Suggestions:

    After entering @garethTheRed's 4 nmcli commands and re-running the virt-install command with --network bridge=br1 to create a new virtual machine, the firewall setting on the HOST are now: 

    [root@remote-host ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: br0 br1 eno1
  sources:
  services: dhcpv6-client ssh
  ports:
  protocols:
  masquerade: no
  forward-ports:
  sourceports:
  icmp-blocks:
  rich rules:

[root@remote-host ~]#

    Then, on the GUEST, the firewall settings are: 

    [root@localhost ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources:
  services: dhcpv6-client ssh
  ports:
  protocols:
  masquerade: no
  forward-ports:
  sourceports:
  icmp-blocks:
  rich rules:

[root@localhost ~]#

    Similarly, the following results seem to indicate that routing is TURNED ON on the HOST: 

    [root@remote-host ~]# /sbin/sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
[root@remote-host ~]#

    While the following results seem to indicate that routing is TURNED OFF on the GUEST: 

    [root@localhost ~]# /sbin/sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
[root@localhost ~]#

    ip addr show on the HOST gives the following: 

    [root@remote-host ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet 12.34.567.8aa/29 brd 12.34.567.8(bb+1) scope global eno1
       valid_lft forever preferred_lft forever
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
41: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet 12.34.567.8aa/29 brd 12.34.567.8(bb+1) scope global br0
       valid_lft forever preferred_lft forever
50: br1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet 12.34.567.8cc/29 brd 12.34.567.8(bb+1) scope global br1
       valid_lft forever preferred_lft forever
51: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br1 state UNKNOWN qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet6 ipv6:doesnt:matter:to:me/64 scope link
       valid_lft forever preferred_lft forever
[root@remote-host ~]#

    I notice that eno1 and br0 have the same IP address. Does this mean it is safe to remove the IP from eno1 and have the outside world still be able to communicate with the machine's same IP address via br0? I am still learning how this works.

    On the GUEST, ip addr show gives the following: 

    [root@localhost ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether mm:mm:mm:mm:mm:mm brd mm:mm:mm:mm:mm:mm
    inet 12.34.567.8cc/29 brd 12.34.567.8(bb+1) scope global eth0
       valid_lft forever preferred_lft forever
[root@localhost ~]#

    Though I prefer to use nmcli and NetworkManager for everything, I am including virsh diagnostic information below as follows. Note that the HOST only sees the default network.

    All of the following were run on the HOST: 

    [root@remote-host ~]# virsh net-list --all
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 default              active     yes           yes

[root@remote-host ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.000000000000       no
br1             8000.oneLongID...       yes             vnet0
virbr0          8000.secondLongID       yes             virbr0-nic

[root@remote-host ~]# virsh edit public-centos7
    ....skipping irrelevant stuff for brevity
    <controller type='virtio-serial' index='0'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </controller>
    <interface type='bridge'>
      <mac address='qq:ww:ee:rr:tt:yy'/>
      <source bridge='br1'/>
      <model type='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>
    .....skipping irrelevant stuff
    <channel type='unix'>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>
    ....skipping irrelevant stuff
    <memballoon model='virtio'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
    </memballoon>
  </devices>
</domain>

[root@remote-host ~]# virsh net-dumpxml default
<network>
  <name>default</name>
  <uuid>some-very-long-complex-string</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='aa:nn:oo:tt:hh:er'/>
  <ip address='192.168.122.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.122.2' end='192.168.122.254'/>
    </dhcp>
  </ip>
</network>

    I then created a second network on the HOST with the following commands: 

    vi /root/test-bridge.xml

    <network>
      <name>test-bridge</name>
      <forward mode="bridge"/>
      <bridge name="br1"/>
    </network>

virsh net-create /root/test-bridge.xml

    After creating the new test-bridge, the outside world is now able to successfully ping 12.34.567.8cc. But the GUEST is still not able to get a response from the outside world with ping 8.8.8.8.

    In the GUEST, I checked to see if the route was defined, and it gave the following: 

    [root@localhost ~]# ip route
default via 12.34.567.8bb dev eth0  proto static  metric 100
12.34.567.8mm/29 dev eth0  proto kernel  scope link  src 12.34.567.8cc  metric 100

    Where 12.34.567.8bb is the physical router's correct gateway, 12.34.567.8cc is the correct/expected static public IP for the GUEST, and 12.34.567.8mm is NOT ONE OF THE STATIC PUBLIC IP ADDRESSES THAT IS ALLOCATED TO US. However, 12.34.567.8mm is equal to 12.34.567.(8aa-1), which means it may have been programatically derived from one of our 5 public IP addresses.

    When I ask virsh on the HOST to show the GUEST's interface and ip, virsh is able to show the interface, but not the ip, as follows: 

    [root@remote-host ~]# virsh domiflist public-centos7
Interface  Type       Source     Model       MAC
-------------------------------------------------------
vnet0      bridge     br1        virtio      11:22:33:44:55:66

[root@remote-host ~]# virsh domifaddr public-centos7
 Name       MAC address          Protocol     Address
------------------------------------------------------

[root@remote-host ~]#

    Adding firewall --disabled and selinux --disabled to the kickstart file and then re-installing with the same virt-install command did not result in being able to successfully ping 8.8.8.8 to the outside world from inside a newly-created VM.

    What else should I try?

  • garethTheRed
    garethTheRed about 7 years
    I wasn't aware that you don't get notified! I thought question authors always get notified - I'll remember that :-) Creating a network is an automated way of the manual method I've suggested, but if it works better, then use that method. For the outgoing ping, check that you have a default route set in the guest.
  • garethTheRed
    garethTheRed about 7 years
    I had the above working with a Linux Mint laptop (I don't have a free CentOS box to play with), but I've tried again and, like yours, it failed to ping. I'm at a loss as to why things have changed. As I don't normally manually create bridges and don't have any free boxes with which to install CentOS and test, I believe I've come to the end of the road with this one. I don't like admitting defeat, but I'm going to have to. As an aside, I use Proxmox for my VMs and it just works. Maybe you need to consider something less low-level than virsh and the likes?
  • garethTheRed
    garethTheRed about 7 years
    Just noticed your last comment - the eth0 should have the IP address of the VM and br1 should have the host's IP address. They should never have the same address.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Static IP addresses with kickstart installation of CentOS 7
KVM and libvirt: wrong CPU type in virtual host
Dynamic memory allocation in KVM
how do I build a bridge between two virtual machines?
How to configure a bridged network for a QEMU/KVM virtual machine so that it's on the same local network connected to via WiFi?
KVM package on CentOS 7 like ProXmoX
CentOS 6.5 + KVM (Virtual Machine Manager) create shortcut - Laucher for Guest Machine
Creating VM's using kvm. Error: Unit libvirtd.service could not be found?
KVM/QEMU hosts best-practice distro selection (and package)
Enable "kvm=off", "x-vga=on" and "-vga=none" from within Virt-Manager?