[CentOS] Basic KVM networking question

Mon Sep 10 16:34:23 UTC 2012
Steve Thompson <smt at vgersoft.com>

A CentOS 6.3 box ("host") runs several KVM virtual machines, each of which 
has two interfaces attached to the two bridges br1 and br2 (and each thus 
has two IP's; one on and one on; 
net.ipv4.ip_forward on the host is 1. Simplified diagram:

                          |               |
   net1 =  |               |          net2 =
   -----------------------+  br1      br2 +---------------------------------
           |              |               |                |
           |              |               |                |
       Client A           +---------------+            Client B
                        (hosts KVM1, KVM2, etc)

Each client uses the bridge's IP address on the same side as default 
gateway. Client A can successfully ping or ssh (for example) to a KVM 
machine by IP address by using the KVM machine's net1 IP address. Client B 
can likewise communicate using the KVM machine's net2 IP address. However, 
neither client can communicate by using the address on the opposing 
segment (eg, Client A using KVM1_net2_IP); I can see from tcpdump that the 
packets are received by the virtual machine but no reply is ever made. Any