On Tue, Dec 18, 2012 at 05:45:05PM +0100, Lorenzo Milesi wrote: > From Network B, I can ping & ssh to 192.168.1.49 (another physical host on the lan), but I can only ping my kvm physical host, all TCP connection (ssh) gets lost. > I have similar problem with port forward, while I can ssh to .49 I cannot to .47. > I managed to catch a tcpdump while trying to ssh to .47: > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on vtnet0, link-type EN10MB (Ethernet), capture size 96 bytes > 12:18:21.720364 IP my.host.com.34242 > 192.168.1.47.ssh: Flags [S], seq 2689263164, win 14600, options [mss 1412,sackOK,TS val 2912170 ecr 0,nop,wscale 7], length 0 > 12:18:21.720760 IP 192.168.1.47.ssh > my.host.com.34242: Flags [S.], seq 1214622068, ack 2689263165, win 14480, options [mss 1460,sackOK,TS val 127905521 ecr 2912170,nop,wscale 7], length 0 > 12:18:22.718447 IP my.host.com.34242 > 192.168.1.47.ssh: Flags [S], seq 2689263164, win 14600, options [mss 1412,sackOK,TS val 2912420 ecr 0,nop,wscale 7], length 0 This looks like a generic networking problem with your bridges, VPN, etc. I don't see anything that points to KVM itself being involved. my.host.com sends SYN to .47 .47 replies with SYN+ACK to my.host.com ...1 second of silence... my.host.com tries sending SYN to .47 again Did you run tcpdump on my.host.com? If you did not run it on my.host.com then this output suggests that my.host.com isn't receiving the SYN+ACK reply. Therefore it doesn't complete the 3-way handshake with an ACK reply. Stefan -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
