On 11/25/2012 05:08 PM, Laine Stump wrote:
(btw, you must be running with net.bridge.bridge-nf-call-iptables=1,
otherwise communications between guests (ipv4 and ipv6) would work just
fine with no extra rules)
Do you know what sets this?
On a system with no virtualization installed,
net.bridge.bridge-nf-call-iptables=0 but with virtualization (and a lot
of other stuff) installed, it is set to 1. I found only a single
reference within libvirt which tests to see if they are set to 1.
The values in /etc/sysctl.conf are all =0 so this must be related to
something virtualization is doing (but not necessarily libvirt).
Regardless, they are set so the ip6tables rule to allow guest-to-guest
commo is needed.
Gene
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list