I'm having frequent network connectivity failures under the QEMU/KVM/virt-manager stack on openSUSE Leap 15.1. I have a single VM running a software firewall, which is losing connectivity every few days, taking down internet connectivity as a result. I am at a loss as to how to troubleshoot this as there is no evidence of hardware faults and nothing helpful in either dmesg or journalctl to go on.
The host has two physical NICs, one of which is physically connected to my ISP's CPE (modem) and is logically connected to the firewall VM via macvtap. The other physical NIC connects to my internal network and is logically connected to the host and the firewall VM via a bridge. The bridge provides Internet connectivity to the host.
Normally, this configuration works fine. However, on a seemingly random basis, either the bridge or the macvtap link stops transferring data to the VM. I have not lost both links at the same time; only one link fails at once so far. The host does not lose internal connectivity over the bridge nor does running ethtool on the host show show loss of physical link.
Restarting the firewall inside the VM does not restore connectivity. I have to "power off" and restart the VM through virt-manager to make the VM's network links work again.
As far as I can tell, something in the qemu-kvm-etc stack simply stops delivering packets to the VM.
The only relevant report in journalctl is when NetworkManager detects the loss of Internet connectivity (i.e. "NetworkManager state is now CONNECTED_SITE") due to the firewall VM losing connectivity but there is nothing leading up to this entry.
I have noticed that VM connectivity failures are sometimes proceeded by the host end of the bridge losing IPv6 support. For whatever reason, the bridge interface spontaneously loses all of its IPv6 addresses (including link local) despite IPv6 being enabled. When this happens, the bridge also stops passing IPv6 traffic to the VM even though IPv4 continues to work for a little while.
Any suggestions on how to approach this?