[Novalug] KVM host setup inquiry: Accessing client vms from kvm host via ssh, or otherwise, using the requisite ip fails...

Maxwell Spangler maxlists@maxwellspangler.com
Mon Jan 14 02:13:28 EST 2013


On Sun, 2013-01-13 at 14:06 -0500, Martes Wigglesworth wrote:

> Greetings all.
> 
> After having it in the back of my head for months, I finally got a 
> chance to relax and migrate my production groupware server to a VM on 
> the new cloud dev box.  I ended up having to build a 32-bit VM due to 
> some issues with migrating the Berkeley DB data from 32-bit to 64-bit 
> platform.
> 
> However, after all the "fun" of troubleshooting that conundrum of folly, 
> I discovered that I must have left something out of my virt-manager, or 
> kvm host setup.  The KVM host is unable to see the bridged ports since 
> they actually have no ip address visible, as far as it can tell.
> 

IF I understand your correctly, your problem is that your host can't
ping your guest and your guest can't ping your host?

I had this problem recently, went googling tonight and found it's normal
for the macvtap interface.

http://wiki.libvirt.org/page/Guest_can_reach_outside_network,_but_can%
27t_reach_host_%28macvtap%29

So while macvtap definitely has advantages, the simple act of wanting to
use the host to access the guest is a challenge.

You can work-around this by enabling a host-only bridge such as the
'virbr0' (192.168.122.x) network you'll find on Redhat/Fedora/CentOS
systems.  Then, make a second virtual network interface in your VM
connect it to this bridge.  Your host and guest will be able to talk to
each other using this network and because the connection is internal
only, they will do so at very high speed.

I would also suggest setting up an admin VM bridged to the same macvtap
interface and use it for testing purposes.  You might have problems with
a network service running on the macvtap bridge that your host can't
communicate with.  So you can't perform any testing tools from the host
to investigate it, but a second VM bridged to the same network can.
You'd be able to use virsh or virt-manager to connect to the admin VM's
console, then use that to interact with the services VM.

I also noticed that on my Fedora 17 system if you have two guests using
macvtap connections and the VEPA driver, they won't be able to talk to
each other either, but they will be able to talk to any other physical
system on the network.   Changing the macvtap devices in
virt-manager/virsh to Bridge allowed them to talk to each other.

I hope this helps.. it's been bugging me for a while, but your message
tonight pushed me to investigate it.

Below is the ifconfig output for my system.

The host Fedora 17 system has one NIC, p10p1.  Both VMs primary
interfaces use macvtap in 'source mode: bridge' to connect to it.  They
can talk to each other and other physical devices on my network but not
the host.  The host also has an internal only virbr0 at 192.168.122.14
to allow communication with the VMs.

Guest 1 is a Fedora 17 VM.
Guest 2 is a Redhat 6.2 VM.

Ignore vboxnet, that's VirtualBox's internal host-only networking.


Here's my host, a Fedora 17 system:


[root@elite ~]# ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:325603 errors:0 dropped:0 overruns:0 frame:0
          TX packets:325603 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:241265506 (230.0 MiB)  TX bytes:241265506 (230.0 MiB)

macvtap0  Link encap:Ethernet  HWaddr 52:54:00:06:53:67  
          inet6 addr: fe80::5054:ff:fe06:5367/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12630 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3357 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:17365604 (16.5 MiB)  TX bytes:240632 (234.9 KiB)

macvtap1  Link encap:Ethernet  HWaddr 52:54:00:D2:60:7E  
          inet6 addr: fe80::5054:ff:fed2:607e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:844 errors:0 dropped:0 overruns:0 frame:0
          TX packets:143 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:126988 (124.0 KiB)  TX bytes:15191 (14.8 KiB)

p10p1     Link encap:Ethernet  HWaddr F4:CE:46:2E:5B:A6  
          inet addr:192.168.5.2  Bcast:192.168.5.255  Mask:255.255.255.0
          inet6 addr: fe80::f6ce:46ff:fe2e:5ba6/64 Scope:Link
          inet6 addr: fd00::f6ce:46ff:fe2e:5ba6/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13393822 errors:0 dropped:1292 overruns:0 frame:0
          TX packets:5764082 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:18101916319 (16.8 GiB)  TX bytes:661108533 (630.4 MiB)

vboxnet0  Link encap:Ethernet  HWaddr 0A:00:27:00:00:00  
          inet addr:192.168.56.1  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::800:27ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:759003 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:128797130 (122.8 MiB)

virbr0    Link encap:Ethernet  HWaddr 52:54:00:ED:6C:2B  
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:573 errors:0 dropped:0 overruns:0 frame:0
          TX packets:310 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:108279 (105.7 KiB)  TX bytes:65778 (64.2 KiB)

vnet0     Link encap:Ethernet  HWaddr FE:54:00:65:EA:64  
          inet6 addr: fe80::fc54:ff:fe65:ea64/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:56 errors:0 dropped:0 overruns:0 frame:0
          TX packets:544 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:7294 (7.1 KiB)  TX bytes:35350 (34.5 KiB)

vnet1     Link encap:Ethernet  HWaddr FE:54:00:DB:1B:37  
          inet6 addr: fe80::fc54:ff:fedb:1b37/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:30 errors:0 dropped:0 overruns:0 frame:0
          TX packets:543 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:4911 (4.7 KiB)  TX bytes:36208 (35.3 KiB)

Here's my Fedora 17 VM:

[root@f17test ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.5.117  netmask 255.255.255.0  broadcast 192.168.5.255
        inet6 fd00::5054:ff:fe06:5367  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::5054:ff:fe06:5367  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:06:53:67  txqueuelen 1000  (Ethernet)
        RX packets 6374  bytes 8690938 (8.2 MiB)
        RX errors 0  dropped 3  overruns 0  frame 0
        TX packets 3361  bytes 240920 (235.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.122.70  netmask 255.255.255.0  broadcast 192.168.122.255
        inet6 fe80::5054:ff:fe65:ea64  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:65:ea:64  txqueuelen 1000  (Ethernet)
        RX packets 664  bytes 44761 (43.7 KiB)
        RX errors 0  dropped 9  overruns 0  frame 0
        TX packets 105  bytes 14645 (14.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 16436
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 20  bytes 2136 (2.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 2136 (2.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


And here's my Redhat 6.2 VM:

[root@rhev62host ~]# ifconfig
eth1      Link encap:Ethernet  HWaddr 52:54:00:D2:60:7E  
          inet addr:192.168.5.115  Bcast:192.168.5.255  Mask:255.255.255.0
          inet6 addr: fd00::5054:ff:fed2:607e/64 Scope:Global
          inet6 addr: fe80::5054:ff:fed2:607e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:477 errors:0 dropped:0 overruns:0 frame:0
          TX packets:140 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:71347 (69.6 KiB)  TX bytes:14901 (14.5 KiB)

eth2      Link encap:Ethernet  HWaddr 52:54:00:DB:1B:37  
          inet addr:192.168.122.14  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::5054:ff:fedb:1b37/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:658 errors:0 dropped:0 overruns:0 frame:0
          TX packets:62 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:45039 (43.9 KiB)  TX bytes:9676 (9.4 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1056 (1.0 KiB)  TX bytes:1056 (1.0 KiB)


-- 
Maxwell Spangler
========================================================================
Linux System Administration / Virtualization / Development / Computing
Services
Photography / Graphics Design / Writing
Fort Collins, Colorado
http://www.maxwellspangler.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20130114/226008c0/attachment.htm>


More information about the Novalug mailing list