bridge not working

[changemenemo]

I've tried to create a bridge interfaces and use it but it has failed for now. so your bridge is different from the virsh bridge? because I've set up a bridge with virsh and it add an interface in /etc/network/interface for that purpose. With yours apparently it's not the case, or is it the subsystem libvirtd which is causing my problems? Anyway, I don't see my bridge that I've created with virsh in network in your app but that's, I guess, it's normal since it would be considered by your app as an interface. But then I can't make a bridged network work from your app on my bridge interface. Is that what should happen?

[changemenemo]

So I've deleted the bridge done with vish before. I've configured my interface properly again. then created a bridge with your interface, it gave me this: KCHNET0025E: Unable to create bridge kbenp0s25. Details: internal error: failed to create (start) interface kbenp0s25: failed to execute external program - Running '/sbin/ifup kbenp0s25' failed with exit code 1: Waiting for kbenp0s25 to get ready (MAXWAIT is 32 seconds). RTNETLINK answers: File exists Failed to bring up kbenp0s25. because I guess virsh don't ifdown the old interface properly. But so I needed to reboot to make the network work again. When I've rebooted, no network in kimchi created. but the bridge interface is created

auto kbenp0s25
iface kbenp0s25 inet static
   address 192.168.5.100
   netmask 255.255.255.128
   gateway 192.168.5.1
   bridge_ports enp0s25

brctl show:

bridge name bridge id       STP enabled interfaces
docker0     8000.02426ea9475b   no      veth5eaf7fa
                            vethd32dbdd
kbenp0s25       8000.d0509975fd51   no      enp0s25
                            vnet0
virbr0      8000.52540023ea3e   yes     virbr0-nic

I've created a netwrok with br5 name on the bridge interface. Which is actually the same result that I've got when I've created the bridge with virsh I've put this br5 in a vm (that's what you see at vnet0) and still no connectivity.... So what am I missing?

[changemenemo]

I think it s a problem with iptables but I'm not sure and I need to find which rules tocreate to route packets correctly maybe for a bridge.

[changemenemo]

yes it was iptables the problem. So as I never made any rules for iptables in FORWARD cases I will need to dig up that first .

[alinefm]

@boistordu Kimchi uses libvirt the same as virsh. So everything virsh can 'see', Kimchi will see as well. Could you get the bridge created through virsh? What is the output of "virsh net-list --all' ? Is the bridge listed there?

[changemenemo]

the bridge is working fine. As i said, it was an iptables problem. Since I'm used to docker and virtualbox and other virtualization solution, I'm used to have the forward rules created for me in FORWARD but here it seems not been the case so I put the policy to accepted and I will create some specific rules later by ip address for each vms. Maybe it would be a good advice to tell us how you set up those things in general?

[alinefm]

Well, I haven't never done anything additional to get bridge working. Is firewalld enabled in your system? libvirt adds the iptables rules automatically when it is enabled.

[changemenemo]

Sorry for the delay: too much work at hand yes firewall is active on my system and apparently it didn't add any rules in iptables. And just to clarify ufw is installed but is not running. It's instlaled by default on ubuntu-server but not activated

$ sudo ufw status verbose
Status: inactive

Is it because of that? What is your host system with kvm ? Do you have any example fo rule that libvirt is supposed to activate?

[changemenemo]

if you have time of course? just a copy paste of one of your host iptables rules from forward? just like that I can see what I should have expected and see if it's a bug or something else from libvirt?

[thesahebi]

if you plan to make a bridge network interface on kimchi using CentOS 7 use the following steps

to enable the brdige interface you need to disable NetworkManager

sudo systemctl disable NetworkManager.service sudo systemctl stop NetworkManager.service

after stopping the NetworkManager remote terminal will disconnect

go to check your network interface

cd /etc/sysconfig/network-scripts/

ls

you can see the bridge interface name could be something like "kbeno1" type "nmtui" to access the network interface via graphic interface

Select kbeno1 bridge interface and edit it the eno1 interface is already slave and bridge is master scroll down fine the ipv4 settings -> go to ip setting and choose manual -> then type your IP - Mask - Gateway - DNS save it

Service network restart

now go to wok/kimchi then click visualization -> network you will be able to see the bridge interface

click on action and start the interface

[koaie]

ive the same issue but i dont have any firewall and i dont use networkmanager im using debian 9

[im2kl]

Got the same issue, using ubuntu 18.04-LiveServer

[koaie]

@im2kl kimchi automatically changes your interfaces file, I remember it doing something whacky so I had to manually set it up.

I've included my interfaces file if it's any help.

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

allow-hotplug eno2 

auto kbeno2
iface kbeno2 inet static
   address 192.168.249.20
   netmask 255.255.255.0
   gateway 192.168.249.1
   bridge_ports eno2
auto kbeno4
iface kbeno4 inet manual
   bridge_ports eno4