Hello,
Presently I am running CentOS release 5.5 (Final). I am looking to setup bridging as I would like to setup some KVM virtual hosts on my system as a test lab. I am following the the instruction at this site
but I cannot figure out where I am going wrong and would be thankful if someone could point me in the right direction.
Here is what I have done:
Check bridge information with the following:
~ $ modprobe -v bridge
No issues or errors
~ $ cat /proc/modules | grep bridge bidge 91889 0 - Live 0xffffffff89247000
Check to ensure forwarding is turned on:
~ $ cat /proc/sys/net/ipv4/ip_forward 1
Checked that my interface are up and running (Was sure of this but did the check anyway):
~ $ ifconfig eth0 Link encap:Ethernet HWaddr 48:5B:39:2A:07:D5 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::4a5b:39ff:fe2a:7d5/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1059 errors:0 dropped:0 overruns:0 frame:0 TX packets:1080 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:454226 (443.5 KiB) TX bytes:120584 (117.7 KiB) Interrupt:90 Base address:0x8400
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:92 errors:0 dropped:0 overruns:0 frame:0 TX packets:92 errors:0 dropped:0 overruns:0 carrier:0[Thu Nov 25
So now I begin to create the bridge form CLI as I want to make sure everything works before committing it to the config:
brctl addbr br0 ifconfig eth0 down ifconfig br0 192.168.1.100 up ifconfig eth0 0.0.0.0 up route add default gw 192.168.1.254
I check my interfaces and routing:
~ $ ifconfig br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:398 (398.0 b)
eth0 Link encap:Ethernet HWaddr 48:5B:39:2A:07:D5 inet6 addr: fe80::4a5b:39ff:fe2a:7d5/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:64662 errors:0 dropped:0 overruns:0 frame:0 TX packets:63301 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:17699194 (16.8 MiB) TX bytes:7958063 (7.5 MiB) Interrupt:90 Base address:0x8400
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:211 errors:0 dropped:0 overruns:0 frame:0 TX packets:211 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:17346 (16.9 KiB) TX bytes:17346 (16.9 KiB)
~ $ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 br0
Time to test if ping works:
~ $ ping -c3 192.168.1.254 PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted
--- 192.168.1.254 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2000ms
I know the firewall is causing this issue so I stop the firewall:
~ $ service iptables stop Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: nat filter [ OK ] Unloading iptables modules: [ OK ]
Time to try ping again:
~ $ ping -c3 192.168.1.254 PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. From 192.168.1.100 icmp_seq=1 Destination Host Unreachable From 192.168.1.100 icmp_seq=2 Destination Host Unreachable From 192.168.1.100 icmp_seq=3 Destination Host Unreachable
--- 192.168.1.254 ping statistics --- 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 1999ms
To back out all I needed to do was:
ifconfig br0 down brctl delbr br0 service iptables start service netowrk restart
Everything is back to normal. I cannot figure out what am I missing here? Interfaces and routing look to be setup correctly. Is there something else I need to be looking at?