Join Log in
Score:0
mdzz avatar Server

vm machines cannot ping each other via bridge network

pa flag
mdzz

I created vhost1 and vhost2 by using virt-manager which run on a Ubuntu server 22.04
The Host and VMS connected via a bridge network. So here's the thing: The ping working fine between Host and VMS, but it doesn't work between VMS(vhost1 and vhost2)

Network configuration of Host:

br0: 192.168.110.161/24

/etc/netplan/netcfg.yaml

network:
  version: 2
  renderer: networkd
  ethernets:
    enp24s0f1:
      dhcp4: false
      dhcp6: false
  bridges:
    br0:
      macaddress: aa:bb:cc:11:22:33
      dhcp4: false
      dhcp6: false
      addresses:
        - 192.168.110.161/24
      routes:
        - to: default
          via: 192.168.110.1
          metric: 100
          on-link: true
      nameservers:
        addresses:
          - 223.6.6.6
      interfaces:
          - enp24s0f1
      parameters:
        stp: true
        forward-delay: 4

bridge:

(base) root@qlsj:/etc/netplan# brctl show
bridge name bridge id       STP enabled interfaces
br0     8000.aabbcc112233   yes     enp24s0f1
                            vnet6
                            vnet7
docker0     8000.0242b2287cce   no      veth1beee8b
                            veth6554059
virbr0      8000.525400dcd61a   no      vnet2
                            vnet4
(base) root@qlsj:/etc/netplan#

kvm vhost1 nic:

<interface type="bridge">
  <mac address="52:54:00:19:ab:92"/>
  <source bridge="br0"/>
  <target dev="vnet6"/>
  <model type="virtio"/>
  <alias name="net1"/>
  <address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>
</interface>

kvm vhost2 nic:

<interface type="bridge">
  <mac address="52:54:00:81:59:a2"/>
  <source network="host-bridge" portid="72753e9d-2408-4858-b8b7-806b3666afa0" bridge="br0"/>
  <target dev="vnet7"/>
  <model type="virtio"/>
  <alias name="net1"/>
  <address type="pci" domain="0x0000" bus="0x09" slot="0x00" function="0x0"/>
</interface>

Network configuration of vhost1:

enp9s0: 192.168.110.204/24

network:
  ethernets:
    # interface name
    enp9s0:
      dhcp4: false
      addresses: [192.168.110.204/24]
      routes:
        - to: default
          via: 192.168.110.1
          metric: 99
      nameservers:
        addresses: [223.6.6.6,223.5.5.5]
      dhcp6: false
  version: 2

Host ping vhost1:

(base) root@qlsj:~# ping 192.168.110.204
PING 192.168.110.204 (192.168.110.204) 56(84) bytes of data.
64 bytes from 192.168.110.204: icmp_seq=1 ttl=64 time=0.398 ms
64 bytes from 192.168.110.204: icmp_seq=2 ttl=64 time=0.280 ms
64 bytes from 192.168.110.204: icmp_seq=3 ttl=64 time=0.253 ms
^C
--- 192.168.110.204 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2025ms
rtt min/avg/max/mdev = 0.253/0.310/0.398/0.062 ms
(base) root@qlsj:~#

Network configuration of vhost2:

enp7s0: 192.168.110.169/24

# This is the network config written by 'subiquity'
network:
  ethernets:
    # interface name
    enp7s0:
      dhcp4: false
      addresses: [192.168.110.169/24]
      routes:
        - to: default
          via: 192.168.110.1
          metric: 101
      nameservers:
        # name server to bind
        addresses: [223.6.6.6,223.5.5.5]
      dhcp6: false
  version: 2

Host ping vhost2:

(base) root@qlsj:~# 
(base) root@qlsj:~# ping 192.168.110.169
PING 192.168.110.169 (192.168.110.169) 56(84) bytes of data.
64 bytes from 192.168.110.169: icmp_seq=1 ttl=64 time=0.392 ms
64 bytes from 192.168.110.169: icmp_seq=2 ttl=64 time=0.244 ms
^C
--- 192.168.110.169 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1007ms
rtt min/avg/max/mdev = 0.244/0.318/0.392/0.074 ms
(base) root@qlsj:~#

vhost1 ping vhost2:

qlsj@vhost1:~$ ping 192.168.110.169
PING 192.168.110.204 (192.168.110.204) 56(84) bytes of data.
From 192.168.110.161 icmp_seq=1 Packet filtered
From 192.168.110.161 icmp_seq=2 Packet filtered
From 192.168.110.161 icmp_seq=3 Packet filtered
^C
--- 192.168.110.204 ping statistics ---
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2034ms

qlsj@vhost1:~$

route of Host:


(base) root@qlsj:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.110.1   0.0.0.0         UG    100    0        0 br0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
192.168.110.0   0.0.0.0         255.255.255.0   U     0      0        0 br0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
(base) root@qlsj:~#

Both Host and vms configuate withnet.ipv4.ip_forward = 1, policy of iptables FORWARD chain is ACCEPT

I have no idea what to do. I tried lots of things, It doesn't work.

Please forgive my grammatical mistakes, I am not good at English.

If anything I can provide, Please comment below.

58
0 + 2
A.B avatar
cl flag
A.B
You could do this to confirm it's because of Docker (disrupting just Docker): as root user do `sysctl -w net.bridge.bridge-nf-call-iptables=0` and try again between the two VMs.
0
Reply
mdzz avatar
pa flag
mdzz
@A.B It works. Thank you very much for your answer.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.