Cole Robinson wrote:
Bryan Kearney wrote:
Need some help about where to look next. I am running a Fedora 9
machine, up to date on the releaed rpms. SELinux is permissive, iptables
is stopped. I have followed the instructions for NAT forwarding [1].
When I launch a guest in virt manager it uses the default network, and
is assigned an IP address in the 192.168.122 space. It can do dns
resolution, but can not wget a known website (www.cnn.com). From my host
machine, I can ssh into the guest.
Where is the next place I should look. Is the fact that I am running in
a corporate network causing me issues?
Thanks!
-- bk
I've actually had similar issues with this. I would kick off an http
install, it would get to anaconda, pull down a kickstart, and when
it would start to pull the install kernel it would get nowhere.
tcpdumping virbr0 would show that about every 5-10 seconds there
would be some communication with the server, but no apparent
progress.
However this is only on my lenovo t61, tried both f8 and f9 host.
The same exact workflow on multiple other boxes worked fine, all
machines (laptop included) using wired networking. Tried with f8,
f9, and rhel5 guests. So maybe its hardware specific?
I eventually just switched to bridged networking :/
I think this is the voodoo.
1) Add the following lines to /etc/sysconfig/iptables in the OUTPUT
chain of the *filter table:
--insert FORWARD --destination 192.168.122.0/255.255.255.0
--out-interface virbr0 --match state --state ESTABLISHED,RELATED --jump
ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
2) Restart iptables
3) Restart libvirtd
By doing (1), future reboots seem to work. But not doing (3) causes it
to appear not to work. Do any of the virt tools do (1) magically for you?
-- bk
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list