|
On 04/20/2014 06:31 AM, Patric Buskas
wrote:
When you say "laptop subnet", you mean the physical network, i.e. 192.168.2.0/24, correct? If your guests can reach the internet, then 1) the laptop has ip_forwarding set correctly, and 2) your router has a proper static IP to get the response packets back to the guest. And I would assume that the laptop is properly routing packets from guests that are destined for the directly-connected 192.168.2.0/24 subnet. So the two possible failure points left are: 1) possibly the laptop has some other iptables rule setup externally to libvirt which blocks either the outgoing packets towards 192.168.2.0, or incoming responses from 192.168.2.0. You should run tcpdump on the laptop's eth0 (and on the servers on the physical net) looking for packets with the guest & physical server's IP addresses to see just how far the outgoing packet gets (or if it gets all the way, how far back the response gets); that can give you a clue where rules need to be tweaked. (based on the output of iptable -L, this doesn't seem likely, but you should still verify it) 2) possibly your router isn't properly redirecting packets from 192.168.2.0 that are destined for 192.168.200.0 back out the same interface they arrived on (that would be a broken router, but I've seen worse things happen in consumer grade networking equipment). Again, you should run tcpdump on the server to see what kind of traffic it is sending out for response, and to what *MAC* address it is sending it (is it going to the router, or directly to the laptop - add "-e" to the tcpdump commandline to see the ethernet (MAC) addresses of all logged packets.
|
_______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
