[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dhcp bridge for virtual machines using KVM

Le 22/09/2020 à 22:57, James Allsopp a écrit :
> 
> 
> On Tue, 22 Sep 2020 at 17:58, Fabien Roucaute <fabien.roucaute@free.fr
> <mailto:fabien.roucaute@free.fr>> wrote:
> 
>     Le 22/09/2020 à 18:50, James Allsopp a écrit :
>     >
>     > I've tried that but I get the same result.
>     > Thanks
>     > James
>     >
> 
>     You need to answer to the mailing-list email address, not mine.
>     If it still doesn't work, we need more information, like the result of
>     the following commands (you should modify the public IP that appears in
>     if it's the case)
>     'ip a'
>     'iptables-save'
>     'brctl show'
> 
> 
> Here's ip a
>  ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> group default qlen 1000
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 <http://127.0.0.1/8> scope host lo
>        valid_lft forever preferred_lft forever
>     inet6 ::1/128 scope host
>        valid_lft forever preferred_lft forever
> 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
> state DOWN group default qlen 1000
>     link/ether 00:1d:7d:0d:2a:9f brd ff:ff:ff:ff:ff:ff
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> master br0 state UP group default qlen 1000
>     link/ether 00:1d:7d:0d:2a:9d brd ff:ff:ff:ff:ff:ff
> 4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UP group default qlen 1000
>     link/ether b4:ee:b4:84:37:2a brd ff:ff:ff:ff:ff:ff
>     inet 192.168.1.174/24 <http://192.168.1.174/24> brd 192.168.1.255
> scope global dynamic noprefixroute wlan0
>        valid_lft 27656sec preferred_lft 27656sec
>     inet6 fde6:4511:f54::a55/128 scope global noprefixroute
>        valid_lft forever preferred_lft forever
>     inet6 fde6:4511:f54:0:f195:8361:215d:5f17/64 scope global noprefixroute
>        valid_lft forever preferred_lft forever
>     inet6 fe80::4bf0:ca57:25f0:ed7f/64 scope link noprefixroute
>        valid_lft forever preferred_lft forever
> 5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UP group default qlen 1000
>     link/ether 00:1d:7d:0d:2a:9d brd ff:ff:ff:ff:ff:ff
>     inet 192.168.1.206/24 <http://192.168.1.206/24> brd 192.168.1.255
> scope global dynamic br0
>        valid_lft 27655sec preferred_lft 27655sec
>     inet6 fde6:4511:f54:0:21d:7dff:fe0d:2a9d/64 scope global dynamic
> mngtmpaddr
>        valid_lft forever preferred_lft forever
>     inet6 fe80::21d:7dff:fe0d:2a9d/64 scope link
>        valid_lft forever preferred_lft forever
> 6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
> state DOWN group default
>     link/ether 02:42:12:5f:1a:5e brd ff:ff:ff:ff:ff:ff
>     inet 172.17.0.1/16 <http://172.17.0.1/16> brd 172.17.255.255 scope
> global docker0
>        valid_lft forever preferred_lft forever
> 8: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> master br0 state UNKNOWN group default qlen 1000
>     link/ether fe:54:00:8a:6e:57 brd ff:ff:ff:ff:ff:ff
>     inet6 fe80::fc54:ff:fe8a:6e57/64 scope link
>        valid_lft forever preferred_lft forever
> 
> 
> Here's iptables -L
>  iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination        
> 
> Chain FORWARD (policy DROP)
> target     prot opt source               destination        
> DOCKER-USER  all  --  anywhere             anywhere            
> DOCKER-ISOLATION-STAGE-1  all  --  anywhere             anywhere            
> ACCEPT     all  --  anywhere             anywhere             ctstate
> RELATED,ESTABLISHED
> DOCKER     all  --  anywhere             anywhere            
> ACCEPT     all  --  anywhere             anywhere            
> ACCEPT     all  --  anywhere             anywhere            
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination        
> 
> Chain DOCKER (1 references)
> target     prot opt source               destination        
> 
> Chain DOCKER-ISOLATION-STAGE-1 (1 references)
> target     prot opt source               destination        
> DOCKER-ISOLATION-STAGE-2  all  --  anywhere             anywhere            
> RETURN     all  --  anywhere             anywhere            
> 
> Chain DOCKER-ISOLATION-STAGE-2 (1 references)
> target     prot opt source               destination        
> DROP       all  --  anywhere             anywhere            
> RETURN     all  --  anywhere             anywhere            
> 
> Chain DOCKER-USER (1 references)
> target     prot opt source               destination        
> RETURN     all  --  anywhere             anywhere     
> 
> and brctl show
> 
> bridge name     bridge id               STP enabled     interfaces
> br0             8000.001d7d0d2a9d       no              eth1
>                                                         vnet0
> docker0         8000.0242125f1a5e       no
> 
> Thanks!
> James

I forgot to ask for the routing table, could you post the result of 'ip
r' ? Otherwise, can I ask why you think you need a Wifi connection and
wired one but assigned to them ip addresses that are in the same subnet?
Because you can access the host and the VMs on different IPs with only
the wired NIC.
Reply to: