Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentLINUX VIRTUAL SERVER 5.1 - ADMINISTRATION
141142143144145146147148149150
When these conditions occur, UDP packets sent from the host to the
guest have uncomputed checksums. This makes the host's UDP packets
seem invalid to the guest's network stack.
So lu t io n
To solve this problem, invalidate any of the four points above. The best
solution is to update the host iptables and kernel to iptables-1.4.10 or
newer where possible. Otherwise, the most specific fix is to disable the
vho st-net driver for this particular guest. To do this, edit the guest
configuration with this command:
virsh edit name_of_guest
Change or add a <d ri ver> line to the <i nterface> section:
<interface type='network'>
<model type='virtio'/>
<driver name='qemu'/>
...
</interface>
Save the changes, shut down the guest, and then restart it.
If this problem is still not resolved, the issue may be due to a conflict
between f irewalld and the default lib virt network.
To fix this, stop f irewalld with the servi ce fi rewal l d sto p
command, then restart lib virt with the servi ce l i bvi rtd restart
command.
B.9. Guest can reach out side net work, but cannot reach host when
using macvt ap int erface
Symp t o m
A guest virtual machine can communicate with other guests, but cannot connect to the host
machine after being configured to use a macvtap (also known as type='direct')
network interface.
In vest ig at io n
Even when not connecting to a Virtual Ethernet Port Aggregator (VEPA) or VN-Link capable
switch, macvtap interfaces can be useful. Setting the mode of such an interface to bri d g e
allows the guest to be directly connected to the physical network in a very simple manner
without the setup issues (or NetworkManager incompatibility) that can accompany the use of
a traditional host bridge device.
However, when a guest virtual machine is configured to use a type='direct' network
interface such as macvtap, despite having the ability to communicate with other guests and
other external hosts on the network, the guest cannot communicate with its own host.
This situation is actually not an error — it is the defined behavior of macvtap. Due to the
way in which the host's physical Ethernet is attached to the macvtap bridge, traffic into that
bridge from the guests that is forwarded to the physical interface cannot be bounced back
up to the host's IP stack. Additionally, traffic from the host's IP stack that is sent to the
Red Hat Ent erp rise Linux 6 Virt ualiz at ion Host Configurat ion and G uest Inst allat ion G uide
14 0