[CentOS] Virtualization Networking

Wed Sep 28 15:43:05 UTC 2016
tdukes at palmettoshopper.com <tdukes at palmettoshopper.com>

Hello,

I'm a little confused on which networking option I need to choose when
setting up a VM.

I set up two VMs this past weekend both with NAT. Both able to were
access the internet.

The first one, I created in my / file system but didn't really have the
space so I deleted it.

The second one, I created in /home/kvm, but deleted it as well when I
couldn't access it FROM the internet. I had a full backup scheduled for
that night and deleted it as well.

I have one of those free domains/DNS from no-ip.com, centos7vm.ddns.net
I plan to use as the host name.

I want to be able to access this VM from the internet.

So, how much in the network setup for the new installation do I need to
do? Do I need to go with NAT or bridged?


I did four installations last night and could get any of the access the
internet with ym. Must have been dumb luck the first two times.

I think it maybe something in iptables from one of the previous installs
causing the problem. In ifconfig, I still have virbr0 and virbr1. Didn't
have those before.

Here's my iptables:

# Generated by iptables-save v1.4.7 on Tue Sep 27 22:17:35 2016
*mangle
:PREROUTING ACCEPT [29980:14598541]
:INPUT ACCEPT [4740:1518258]
:FORWARD ACCEPT [25240:13080283]
:OUTPUT ACCEPT [6749:1743387]
:POSTROUTING ACCEPT [30207:14647456]
-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM
--checksum-fill 
-A POSTROUTING -o virbr1 -p udp -m udp --dport 68 -j CHECKSUM
--checksum-fill 
-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM
--checksum-fill 
-A POSTROUTING -o virbr1 -p udp -m udp --dport 68 -j CHECKSUM
--checksum-fill 
COMMIT
# Completed on Tue Sep 27 22:17:35 2016
# Generated by iptables-save v1.4.7 on Tue Sep 27 22:17:35 2016
*nat
:PREROUTING ACCEPT [1130:73984]
:POSTROUTING ACCEPT [20:1245]
:OUTPUT ACCEPT [245:19366]
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j
MASQUERADE --to-ports 1024-65535 
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j
MASQUERADE --to-ports 1024-65535 
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE 
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j
MASQUERADE --to-ports 1024-65535 
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j
MASQUERADE --to-ports 1024-65535 
-A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE 
-A POSTROUTING -o eth1 -j MASQUERADE 
-A POSTROUTING -o br0 -j MASQUERADE 
-A POSTROUTING -o eth0 -j MASQUERADE 
COMMIT
# Completed on Tue Sep 27 22:17:35 2016
# Generated by iptables-save v1.4.7 on Tue Sep 27 22:17:35 2016
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:IP4BOGONS - [0:0]
:f2b-default - [0:0]
:f2b-dovecot-pop3imap - [0:0]
-A INPUT -m set --match-set blacklistnet src -j DROP 
-A INPUT -m set --match-set blacklist src -j DROP 
-A INPUT -s 127.0.0.1/32 -j ACCEPT 
-A INPUT -m set --match-set block src -j DROP 
COMMIT
# Completed on Tue Sep 27 22:17:35 2016


And my ifconfig:

eth0      Link encap:Ethernet  HWaddr 44:37:E6:53:1E:E2  
          inet addr:192.168.1.110  Bcast:192.168.1.255 
Mask:255.255.255.0
          inet6 addr: fe80::4637:e6ff:fe53:1ee2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:601486 errors:0 dropped:0 overruns:0 frame:0
          TX packets:601818 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:412662650 (393.5 MiB)  TX bytes:508284675 (484.7 MiB)
          Interrupt:20 Memory:fe500000-fe520000 

eth1      Link encap:Ethernet  HWaddr 00:1B:21:AF:6D:22  
          inet addr:192.168.0.111  Bcast:255.255.255.255 
Mask:255.255.255.0
          inet6 addr: fe80::21b:21ff:feaf:6d22/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:260 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:53372 (52.1 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:44216 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44216 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:26786210 (25.5 MiB)  TX bytes:26786210 (25.5 MiB)

virbr0    Link encap:Ethernet  HWaddr 00:00:00:00:00:00  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:162 (162.0 b)

virbr1    Link encap:Ethernet  HWaddr 00:00:00:00:00:00  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:244 (244.0 b)


Currently, the are no VMs installed or running.

Any help would be greatly appreciated!