Masquerading local broadcast breaks DHCP replies for some clients. There has been a report about broken local multicast too. (See references in the patches.) Testing: build tested the upstream series. Tested the RHEL-6.4.z and RHEL-7.0 backports with OVMF netboot on virbr0. Changes between v1 (at http://www.redhat.com/archives/libvir-list/2013-May/msg01872.html ) and v2: - forward-ported to current upstream master (commit 49a5262d). This includes conflict resolution for: commit 477a619e1b37694e3c59c0d6c84ede6d2e28b878 Author: Roman Bogorodskiy <bogorodskiy@xxxxxxxxx> Date: Fri Jun 28 00:52:30 2013 -0400 Drop iptablesContext in both patches #1 and #2, and for commit 4ac708f250867f65091a20b153c204862d389cb9 Author: Roman Bogorodskiy <bogorodskiy@xxxxxxxxx> Date: Wed Jul 24 16:22:54 2013 +0400 bridge driver: extract platform specifics in patch #2. Laszlo Ersek (2): util/viriptables: add/remove rules that short-circuit masquerading bridge driver: don't masquerade local subnet broadcast/multicast packets src/util/viriptables.h | 8 ++++ src/network/bridge_driver_linux.c | 70 +++++++++++++++++++++++++++++-- src/util/viriptables.c | 88 +++++++++++++++++++++++++++++++++++++++ src/libvirt_private.syms | 2 + 4 files changed, 164 insertions(+), 4 deletions(-) -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list