On 6/17/20 9:59 AM, Deventer-2, M.S.J. van wrote:> Hi, > > the first thing that comes to mind, did you set ip_forward to enable in > /etc/sysctl.conf ? > net.ipv4.ip_forward = 1 > > Should explain why you IP on the bridge works but not on the vms. >First, thanks for the reply and excellent suggestion.? Yeah, I thought about that, and while it's not specifically defined in /etc/sysctl.conf or /etc/sysctl.d/*, if I: [root at c8-kvm-pe1950-1 ~]# cat /proc/sys/net/ipv4/ip_forward 1 It shows as being defined to 1.? I'm going to try adding to sysctl.conf and see if that makes any difference, though.
On 6/17/20 11:04 AM, Lamar Owen wrote:> ... > It shows as being defined to 1.? I'm going to try adding to > sysctl.conf and see if that makes any difference, though.No difference.? What is aggravating, though, is virtually every howto on bridging out there refers to the deprecated brctl utility (from the bridge-utils package), and C8 no longer includes that package (even though it's in current Fedora 32!).? I know, I know, the new way is using the 'bridge' command or 'ip --br'....? So I grabbed the F32 source RPM and rebuilt on my C8 laptop and uploaded to the host: [root at c8-kvm-pe1950-1 ~]# brctl show bridge name ? ?? bridge id??? ? ?? ?? STP enabled??? interfaces bridge101 ?? ??? 8000.001ec9fcde9d??? yes?? ? ? ?? ??? team0.101 ??? ??? ??? ??? ??? ??? ? ? ? ? ? ? ? ? ? ? ? ? ? ?? vnet0 bridge302??? ??? 8000.001ec9fcde9d??? yes? ? ? ? ?? ?? team0.302 bridge68??? ?? ? 8000.001ec9fcde9d??? yes?? ? ? ?? ??? team0.68 Still no dice.? Next step is tcpdump.....
On 17.06.20 17:36, Lamar Owen wrote:> On 6/17/20 11:04 AM, Lamar Owen wrote: >> ... >> It shows as being defined to 1.? I'm going to try adding to >> sysctl.conf and see if that makes any difference, though. > No difference.? What is aggravating, though, is virtually every howto on > bridging out there refers to the deprecated brctl utility (from the > bridge-utils package), and C8 no longer includes that package (even > though it's in current Fedora 32!).? I know, I know, the new way is > using the 'bridge' command or 'ip --br'....? So I grabbed the F32 source > RPM and rebuilt on my C8 laptop and uploaded to the host: > [root at c8-kvm-pe1950-1 ~]# brctl show > bridge name ? ?? bridge id??? ? ?? ?? STP enabled??? interfaces > bridge101 ?? ??? 8000.001ec9fcde9d??? yes?? ? ? ?? ??? team0.101 > ??? ??? ??? ??? ??? ??? ? ? ? ? ? ? ? ? ? ? ? ? ? ?? vnet0 > bridge302??? ??? 8000.001ec9fcde9d??? yes? ? ? ? ?? ?? team0.302 > bridge68??? ?? ? 8000.001ec9fcde9d??? yes?? ? ? ?? ??? team0.68 > > > Still no dice.? Next step is tcpdump.....Just to make it sure: Did you try to disable firewalld? With my experience with libvirt and vlan bridges on Fedora, libvirt may include unwanted firewall rules which drops the traffic over the bridges. Best regards Ulf
On 18/6/20 1:36 am, Lamar Owen wrote:> ...I know, I know, the new way is using the 'bridge' command or 'ip > --br'....I learnt something new just then.? However, a search across all man pages: ??? which I believe to be accomplished via ??? ??? man -wK -- --br did not return anything related to iproute2 files - not even man ip-link Where is this gem (and possibly others) hidden? Thanks.