Hi there,
I am doing some libvirt/kvm virtualization using bridged network.
I have the following ebtables rule:
ebtables -t filter -A FORWARD -p IPv4 -o vnet0 --ip-dst 209.5.171.7 --ip-proto tcp --ip-dport 22 --log-level debug --log-prefix "TCP" --log-ip --log-arp -j ACCEPT
Where vnet0 is the tap device created on br2 on top of eth3.
Then when I do an SSH connection to this VM at 209.5.171.7, my system log shows the following:
TCP IN=eth3 OUT=vnet0 MAC source = 00:01:30:05:7e:00 MAC dest = 00:00:d1:05:ab:07 proto = 0x0800 IP SRC=139.142.54.201 IP DST=209.5.171.7, IP tos=0x00, IP proto=6 SPT=62197 DPT=22
I can understand most of this record. The MAC dest is the MAC address seen inside the virtual machine. However, I cannot understand MAC source. It is not the MAC address of vnet0, br2 or eth3, nor is it the MAC address of my client machine (or the routers). It seems to me that this address of "MAC source = 00:01:30:05:7e:00" is created out of nowhere.
Could you please explain to me how this MAC source is used and is it possible to find it out on my Linux host with command such as ifconfig?
Thank you very much.
--
Shi Jin, PhD
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
