I have a laptop running Ubuntu 16.04.3 LTS graphical (so has Network-Manager et al installed). I think I've got KVM and QEMU installed correctly. When trying to set up a Debian VM from the netinstall ISO, it fails to get an address from DHCP. I need to be able to access the VM from outside my laptop so I can't use NAT.
I've tried following instructions from:
How do I configure bridged networking for VMs
KVM-Guests can't get past bridge - no internet connection
KVM guest is unable to access the internet
But still no luck.
The laptop is a Dell XPS 13 and has no onboard NIC. Instead, I have a TP-Link USB3.0 Gigabit ethernet adapter attached, which according to the spec page is an RTL8153 chipset. Ethernet is working fine on the host. Wifi is disabled.
I have tried configuring the bridge through the Virt-Manager GUI, through brctl and defining it in /etc/network/interfaces. As best I can tell, the bridge is up and functional, but trying to ping outside the VM results in failure. At one point I was able to ping the host laptop's IP, but no further than that (I can't remember what I did to cause this and it's no longer the case, pinging anything on the same subnet results in the packets disappearing, pinging Google results in Network is unreachable. I have stopped the ufw service and additionally flushed the iptables rules, each to no avail. I have Docker on the same machine, but I don't know if that makes any difference.
Host machine:
ifconfig:
root@DB0277:~# ifconfig
br0 Link encap:Ethernet HWaddr d4:6e:0e:06:29:c1
inet addr:10.11.x.44 Bcast:10.11.x.255 Mask:255.255.255.0
inet6 addr: fe80::d66e:eff:fe06:29c1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:667579 errors:0 dropped:0 overruns:0 frame:0
TX packets:351430 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:907499432 (907.4 MB) TX bytes:21171832 (21.1 MB)
docker0 Link encap:Ethernet HWaddr 02:42:54:45:ff:85
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
enxd46e0e0629c1 Link encap:Ethernet HWaddr d4:6e:0e:06:29:c1
inet addr:10.11.x.44 Bcast:10.11.x.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:672999 errors:0 dropped:0 overruns:0 frame:0
TX packets:354674 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:909372154 (909.3 MB) TX bytes:21561645 (21.5 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:112607 errors:0 dropped:0 overruns:0 frame:0
TX packets:112607 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:143555055 (143.5 MB) TX bytes:143555055 (143.5 MB)
vnet0 Link encap:Ethernet HWaddr fe:54:00:6d:02:e7
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2860 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:963296 (963.2 KB) TX bytes:0 (0.0 B)
brctl:
root@DB0277:~# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.d46e0e0629c1 no enxd46e0e0629c1
docker0 8000.02425445ff85 no
virbr0 8000.fe54006d02e7 yes vnet0
/etc/network/interfaces:
auto lo
iface lo inet loopback
#auto br0
iface br0 inet dhcp
bridge_ports enxd46e0e0629c1
bridge_stp off
bridge_fd 0.0
iptables:
root@DB0277:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:bootpc
Chain DOCKER (1 references)
target prot opt source destination
Chain DOCKER-ISOLATION (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
routes:
root@DB0277:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.11.x.1 0.0.0.0 UG 0 0 0 br0
10.11.x.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
10.11.y.21 10.11.x.1 255.255.255.255 UGH 100 0 0 enxd46e0e0629c1
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
The guest OS is unmodified Debian 9.0 netinstall.
Posting this in ServerFault because I've successfully set up two KVM hosts without any of these problems. What have I overlooked?
0 Answers