Greetings folks.
I've setup libvirtd on my manjaro linux laptop.
Got a couple of VM's running (Win10 and Debian10) through NAT without any
issues.
This is what the current network diagram looks like and it works fine:
+-----------------------------------+
| +---------------------+ |
| | +----------+ | |
| | |Win 10 VM | | |
| | |10.1.1.10 | | |
| | +----------+ | |
| Laptop | | |
| Manjaro | +-------------+ | |
| 10.0.0.10 | |Debian 10 VM | | |
+-------->+ | |10.1.1.11 | | |
| | | +-------------+ | |
| | |NAT | |
| | |10.1.1.0/24 | |
| | +---------------------+ |
+------------+ | +-----------------------------------+
|router | |
|switch +---+
|10.0.0.0/24 | | +---------+
+------------+ | |Desktop |
+-------->+Manjaro |
|10.0.0.11|
+---------+
But now I need the debian machine to be accessible from another host on the
lan 10.0.0.0/24 which of course is outside the host.
That network diagram would look like this:
+-----------------------------------------+
| +------------------+ |
| | +----------+ | |
| | |Win 10 VM | | |
| | |10.1.1.10 | | |
| | NAT +----------+ | |
| | 10.1.1.0/24 | |
| +------------------+ |
| Laptop |
+-------->+ Manjaro +------------------------+ |
| | 10.0.0.10 | +-------------+ | |
| | | |Debian 10 VM | | |
| | | |10.2.2.10 | | |
| | | Routed +-------------+ | |
+------------+ | | | 10.2.2.0/24 | |
|router | | | +------------------------+ |
|switch +---+ +-----------------------------------------+
|10.0.0.0/24 | |
+------------+ |
|
| +---------+
| |Desktop |
+-------->+Manjaro |
|10.0.0.11|
+---------+
So, I've setup a 'routed network' for the Debian 10 VM but it's
not working
as I would expect.
The host can ping the Debian VM and the Debian VM can ping the host but the
Debian VM cannot ping the router 10.0.0.1 or any ip address on the internet.
I've been using Virtual Machine Manager to set everything up.
And this is how the routed network is configured
<network connections="1">
<name>routed</name>
<uuid>970a25f7-29b6-4a6b-b890-f593eae4fc15</uuid>
<forward dev="wlo1" mode="route">
<interface dev="wlo1"/>
</forward>
<bridge name="virbr2" stp="on" delay="0"/>
<mac address="52:54:00:bf:35:42"/>
<domain name="routed"/>
<ip address="10.2.2.1" netmask="255.255.255.0">
<dhcp>
<range start="10.2.2.2" end="10.2.2.254"/>
</dhcp>
</ip>
</network>
Any idea on what i might be doing wrong?
Thanks in advance.
Cheers
Rui Correia
On Sun, Jul 19, 2020 at 11:54:06AM +0100, Rui Correia wrote:> Greetings folks. > I've setup libvirtd on my manjaro linux laptop. > Got a couple of VM's running (Win10 and Debian10) through NAT without any > issues. > > This is what the current network diagram looks like and it works fine: > > +-----------------------------------+ > | +---------------------+ | > | | +----------+ | | > | | |Win 10 VM | | | > | | |10.1.1.10 | | | > | | +----------+ | | > | Laptop | | | > | Manjaro | +-------------+ | | > | 10.0.0.10 | |Debian 10 VM | | | > +-------->+ | |10.1.1.11 | | | > | | | +-------------+ | | > | | |NAT | | > | | |10.1.1.0/24 | | > | | +---------------------+ | > +------------+ | +-----------------------------------+ > |router | | > |switch +---+ > |10.0.0.0/24 | | +---------+ > +------------+ | |Desktop | > +-------->+Manjaro | > |10.0.0.11| > +---------+ > > But now I need the debian machine to be accessible from another host on the > lan 10.0.0.0/24 which of course is outside the host. > That network diagram would look like this: > > +-----------------------------------------+ > | +------------------+ | > | | +----------+ | | > | | |Win 10 VM | | | > | | |10.1.1.10 | | | > | | NAT +----------+ | | > | | 10.1.1.0/24 | | > | +------------------+ | > | Laptop | > +-------->+ Manjaro +------------------------+ | > | | 10.0.0.10 | +-------------+ | | > | | | |Debian 10 VM | | | > | | | |10.2.2.10 | | | > | | | Routed +-------------+ | | > +------------+ | | | 10.2.2.0/24 | | > |router | | | +------------------------+ | > |switch +---+ +-----------------------------------------+ > |10.0.0.0/24 | | > +------------+ | > | > | +---------+ > | |Desktop | > +-------->+Manjaro | > |10.0.0.11| > +---------+ > > > So, I've setup a 'routed network' for the Debian 10 VM but it's not working > as I would expect. > The host can ping the Debian VM and the Debian VM can ping the host but the > Debian VM cannot ping the router 10.0.0.1 or any ip address on the internet. > I've been using Virtual Machine Manager to set everything up. > And this is how the routed network is configured > <network connections="1"> > <name>routed</name> > <uuid>970a25f7-29b6-4a6b-b890-f593eae4fc15</uuid> > <forward dev="wlo1" mode="route"> > <interface dev="wlo1"/> > </forward> > <bridge name="virbr2" stp="on" delay="0"/> > <mac address="52:54:00:bf:35:42"/> > <domain name="routed"/> > <ip address="10.2.2.1" netmask="255.255.255.0"> > <dhcp> > <range start="10.2.2.2" end="10.2.2.254"/> > </dhcp> > </ip> > </network> > > Any idea on what i might be doing wrong?Is net.ipv4.ip_forward set to 0 ? Also, for this to work fully, your router switch needs to know where to send traffic for the 10.2.2.1/24 network. IOW, you need to configure static routes on your router switch for 10.2.2.1 I've covered a similar setup to yours here: https://www.berrange.com/posts/2009/12/13/routed-subnets-without-nat-for-libvirt-managed-virtual-machines-in-fedora/ Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On 2020-07-20 05:32, Daniel P. Berrange wrote:> On Sun, Jul 19, 2020 at 11:54:06AM +0100, Rui Correia wrote: >> Greetings folks. >> I've setup libvirtd on my manjaro linux laptop. >> Got a couple of VM's running (Win10 and Debian10) through NAT without >> any >> issues. >> >> This is what the current network diagram looks like and it works fine: >> >> +-----------------------------------+ >> | +---------------------+ | >> | | +----------+ | | >> | | |Win 10 VM | | | >> | | |10.1.1.10 | | | >> | | +----------+ | | >> | Laptop | | | >> | Manjaro | +-------------+ | | >> | 10.0.0.10 | |Debian 10 VM | | | >> +-------->+ | |10.1.1.11 | | | >> | | | +-------------+ | | >> | | |NAT | | >> | | |10.1.1.0/24 | | >> | | +---------------------+ | >> +------------+ | +-----------------------------------+ >> |router | | >> |switch +---+ >> |10.0.0.0/24 | | +---------+ >> +------------+ | |Desktop | >> +-------->+Manjaro | >> |10.0.0.11| >> +---------+ >> >> But now I need the debian machine to be accessible from another host >> on the >> lan 10.0.0.0/24 which of course is outside the host. >> That network diagram would look like this: >> >> +-----------------------------------------+ >> | +------------------+ | >> | | +----------+ | | >> | | |Win 10 VM | | | >> | | |10.1.1.10 | | | >> | | NAT +----------+ | | >> | | 10.1.1.0/24 | | >> | +------------------+ | >> | Laptop | >> +-------->+ Manjaro +------------------------+ | >> | | 10.0.0.10 | +-------------+ | | >> | | | |Debian 10 VM | | | >> | | | |10.2.2.10 | | | >> | | | Routed +-------------+ | | >> +------------+ | | | 10.2.2.0/24 | | >> |router | | | +------------------------+ | >> |switch +---+ +-----------------------------------------+ >> |10.0.0.0/24 | | >> +------------+ | >> | >> | +---------+ >> | |Desktop | >> +-------->+Manjaro | >> |10.0.0.11| >> +---------+ >> >> >> So, I've setup a 'routed network' for the Debian 10 VM but it's not >> working >> as I would expect. >> The host can ping the Debian VM and the Debian VM can ping the host >> but the >> Debian VM cannot ping the router 10.0.0.1 or any ip address on the >> internet. >> I've been using Virtual Machine Manager to set everything up. >> And this is how the routed network is configured >> <network connections="1"> >> <name>routed</name> >> <uuid>970a25f7-29b6-4a6b-b890-f593eae4fc15</uuid> >> <forward dev="wlo1" mode="route"> >> <interface dev="wlo1"/> >> </forward> >> <bridge name="virbr2" stp="on" delay="0"/> >> <mac address="52:54:00:bf:35:42"/> >> <domain name="routed"/> >> <ip address="10.2.2.1" netmask="255.255.255.0"> >> <dhcp> >> <range start="10.2.2.2" end="10.2.2.254"/> >> </dhcp> >> </ip> >> </network> >> >> Any idea on what i might be doing wrong? > > Is net.ipv4.ip_forward set to 0 ?He left out, and I should hasten to make clear, it *should* be set to 1 to enable routing: ken@pirouter:/proc/sys/net/ipv4$ cat /proc/sys/net/ipv4/ip_forward 1 And, also, HOLY CROW, you must be an ASCII charting demigod. Did you use software to make those, or do them yourselves? Either way, I'm impressed... -Ken
Hi Daniel, First of all, awfully sorry for replying so late. Unfortunately your reply had gone to the Spam drawer... Also, I'm answering from Gmail's webmail which IIRC only allows for 'quote original post below'. So please forgive me for not following the proper netiquette of 'quote original post above'.> Is net.ipv4.ip_forward set to 0 ? > >I assume you're asking if this is setup on the host and not on the VM's. I've checked the host and it is configured like this: $ sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1 Should I change it to =0 ? It wouldn't make sense to me if I'd change it to =0 because that way IP Forwarding would be disabled and not enabled as I think enabled is what is needed in this particular case. Also, for this to work fully, your router switch needs to know where to> send traffic for the 10.2.2.1/24 network. IOW, you need to configure > static routes on your router switch for 10.2.2.1 >I see. So, let me get this straight. What you're saying is that in order for WAN/LAN traffic to reach my VM's I need to set up static IP routes on my router - which is the default gateway for the network - to let it know how to route the packets to the VM's, which needs to be setup to go through the KVM host. Right? But, for testing purposes (trying to reach the VM's from the KVM host) I don't need those static routes, right? Because right now I'd be ok if I could reach the VM's from the KVM host and right now I can't. I've covered a similar setup to yours here:> > > https://www.berrange.com/posts/2009/12/13/routed-subnets-without-nat-for-libvirt-managed-virtual-machines-in-fedora/ > >I've looked at your article and I can see that it resembles my setup. But I think I've got that covered. This is what the xml file for the virtual network 'routed' looks like: <network> <name>routed</name> <uuid>970a25f7-29b6-4a6b-b890-f593eae4fc15</uuid> <forward dev="wlo1" mode="route"> <interface dev="wlo1"/> </forward> <bridge name="virbr2" stp="on" delay="0"/> <mac address="52:54:00:bf:35:42"/> <domain name="routed"/> <ip address="10.2.2.1" netmask="255.255.255.0"> <dhcp> <range start="10.2.2.11" end="10.11.22.254"/> </dhcp> </ip> </network> I've got this 'routed' network in use for the virtual nic of my VM's. Weird this is, when I run a net-list command, it comes back empty... $ virsh net-list Name State Autostart Persistent ---------------------------------------- $ This doesn't look ok, right? I mean, running a net-list command it should list all the networks I have set up on this server. But it's coming back empty as if there weren't any networks. I've double checked on Virtual Machine Manager and both the 'default' and 'routed' networks are active and are set up to 'auto start on boot'. Could this somehow be related to my problem? I guess not because the 'default' network is the NAT network that I've used before and it worked and still works when I set the VM's to use it. I'm puzzled with this stuff. Hope you or someone else can put me back on the right track. Thanks in advance. Cheers, Rui Correia On Mon, Jul 20, 2020 at 10:32 AM Daniel P. Berrange <dan@berrange.com> wrote:> On Sun, Jul 19, 2020 at 11:54:06AM +0100, Rui Correia wrote: > > Greetings folks. > > I've setup libvirtd on my manjaro linux laptop. > > Got a couple of VM's running (Win10 and Debian10) through NAT without any > > issues. > > > > This is what the current network diagram looks like and it works fine: > > > > +-----------------------------------+ > > | +---------------------+ | > > | | +----------+ | | > > | | |Win 10 VM | | | > > | | |10.1.1.10 | | | > > | | +----------+ | | > > | Laptop | | | > > | Manjaro | +-------------+ | | > > | 10.0.0.10 | |Debian 10 VM | | | > > +-------->+ | |10.1.1.11 | | | > > | | | +-------------+ | | > > | | |NAT | | > > | | |10.1.1.0/24 | | > > | | +---------------------+ | > > +------------+ | +-----------------------------------+ > > |router | | > > |switch +---+ > > |10.0.0.0/24 | | +---------+ > > +------------+ | |Desktop | > > +-------->+Manjaro | > > |10.0.0.11| > > +---------+ > > > > But now I need the debian machine to be accessible from another host on > the > > lan 10.0.0.0/24 which of course is outside the host. > > That network diagram would look like this: > > > > +-----------------------------------------+ > > | +------------------+ | > > | | +----------+ | | > > | | |Win 10 VM | | | > > | | |10.1.1.10 | | | > > | | NAT +----------+ | | > > | | 10.1.1.0/24 | | > > | +------------------+ | > > | Laptop | > > +-------->+ Manjaro +------------------------+ | > > | | 10.0.0.10 | +-------------+ | | > > | | | |Debian 10 VM | | | > > | | | |10.2.2.10 | | | > > | | | Routed +-------------+ | | > > +------------+ | | | 10.2.2.0/24 | | > > |router | | | +------------------------+ | > > |switch +---+ +-----------------------------------------+ > > |10.0.0.0/24 | | > > +------------+ | > > | > > | +---------+ > > | |Desktop | > > +-------->+Manjaro | > > |10.0.0.11| > > +---------+ > > > > > > So, I've setup a 'routed network' for the Debian 10 VM but it's not > working > > as I would expect. > > The host can ping the Debian VM and the Debian VM can ping the host but > the > > Debian VM cannot ping the router 10.0.0.1 or any ip address on the > internet. > > I've been using Virtual Machine Manager to set everything up. > > And this is how the routed network is configured > > <network connections="1"> > > <name>routed</name> > > <uuid>970a25f7-29b6-4a6b-b890-f593eae4fc15</uuid> > > <forward dev="wlo1" mode="route"> > > <interface dev="wlo1"/> > > </forward> > > <bridge name="virbr2" stp="on" delay="0"/> > > <mac address="52:54:00:bf:35:42"/> > > <domain name="routed"/> > > <ip address="10.2.2.1" netmask="255.255.255.0"> > > <dhcp> > > <range start="10.2.2.2" end="10.2.2.254"/> > > </dhcp> > > </ip> > > </network> > > > > Any idea on what i might be doing wrong? > > Is net.ipv4.ip_forward set to 0 ? > > > Also, for this to work fully, your router switch needs to know where to > send traffic for the 10.2.2.1/24 network. IOW, you need to configure > static routes on your router switch for 10.2.2.1 > > I've covered a similar setup to yours here: > > > https://www.berrange.com/posts/2009/12/13/routed-subnets-without-nat-for-libvirt-managed-virtual-machines-in-fedora/ > > > > Regards, > Daniel > -- > |: https://berrange.com -o- > https://www.flickr.com/photos/dberrange :| > |: https://libvirt.org -o- > https://fstop138.berrange.com :| > |: https://entangle-photo.org -o- > https://www.instagram.com/dberrange :| > >
Hi Ken, Of course I did it all by hand. :-D No, I didn't. I'm a fraud. I used http://asciiflow.com/ which asks you to register in order to save your drawings in their cloud. If you don't register, you can still draw and export your drawings, but you can't save them for reusing those later. I see I've missed a couple of posts in this small thread. I was under the impression that I had subscribed to the list but apparently I'm only receiving the messages directly addressed to me. Hence why I took so much time to reply. I'll try to subscribe again. Thank you all in advance. Cheers, Rui Correia On Thu, Jul 23, 2020 at 3:31 PM Marc Roos <M.Roos@f1-outsourcing.eu> wrote:> > > > > you must be an ASCII charting demigod. Did you use software to make > those, or do > > them yourselves? Either way, I'm impressed... > > Search for AsciiArtStudio.exe > > > > >