Am 01.04.2020 um 14:53 schrieb Jerry Geis:
> I have CentOS 7 host. Two guests on bridge network setup by GUI and
> virt-manager.
> 1 CentOS 8 guest
> 1 Win 10 guest
> Both cannot access the host. They can other machines on the network. Guests
> can access the internet just not the host.
>
> I used virt-manager GUi to set up everything. Selected the eth0:macvtap and
> Bridge.
> I "desire" bridge network.
>
> If I select something else I get access to host - but of course machine is
> not on the main network.
>
> Thoughts ?
>
> Jerry
WORKSFORME
What have you checked so far?
On the host:
# brctl show virbr1
bridge name bridge id STP enabled interfaces
virbr1 8000.525400698fd5 yes virbr1-nic
vnet0
vnet1
vnet2
vnet3
vnet4
vnet5
# ip a s virbr1
3: virbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default qlen 1000
link/ether 52:54:0069:8f:d5 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.1/24 brd 192.168.10.255 scope global virbr1
valid_lft forever preferred_lft forever
# cat /proc/sys/net/ipv4/ip_forward
1
# iptables -L FORWARD -v -n | egrep '(policy|virbr1)'
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
20337 14M ACCEPT all -- eno1 virbr1 0.0.0.0/0
192.168.10.0/24 ctstate RELATED,ESTABLISHED
29512 3243K ACCEPT all -- virbr1 eno1 192.168.10.0/24
0.0.0.0/0
0 0 ACCEPT all -- virbr1 virbr1 0.0.0.0/0
0.0.0.0/0
0 0 REJECT all -- * virbr1 0.0.0.0/0
0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all -- virbr1 * 0.0.0.0/0
0.0.0.0/0 reject-with icmp-port-unreachable
Alexander