[CentOS] CentOS 7 host with guests as bridge cannot access host

Wed Apr 1 20:07:25 UTC 2020
Alexander Dalloz <ad+lists at uni-x.org>

Am 01.04.2020 um 21:56 schrieb Jerry Geis:
> Thanks for the info.
> 
> brctl show virbr0
> bridge name     bridge id               STP enabled     interfaces
> virbr0          8000.525400fc34af       yes             virbr0-nic
> 
> brctl show virbr1
> bridge name     bridge id               STP enabled     interfaces
> virbr1          8000.5254009c3902       yes             virbr1-nic

Why is no VM started?

> ip a s virbr0
> 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
> DOWN group default qlen 1000
>      link/ether 52:54:00:fc:34:af brd ff:ff:ff:ff:ff:ff
>      inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
>         valid_lft forever preferred_lft forever
> 
> ip a s virbr1
> 5: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
> DOWN group default qlen 1000
>      link/ether 52:54:00:9c:39:02 brd ff:ff:ff:ff:ff:ff
>      inet 192.168.100.1/24 brd 192.168.100.255 scope global virbr1
>         valid_lft forever preferred_lft forever
> 
>   cat /proc/sys/net/ipv4/ip_forward
> 1
> 
>   iptables -L FORWARD -v -n | egrep '(policy|virbr1)'
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> 
> iptables -L FORWARD -v -n | egrep '(policy|virbr0)'
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

Is that different when the VMs are up?

> So looks like my IPTables is not correct.
> 
> What commands do you run for that ?

Simply firewalld. Docker acts by itself.

> Thanks,
> 
> Jerry

Alexander