Installation guide
Chapter 10. Network Configuration
78
5. Configure iptables
Configure iptables to allow all traffic to be forwarded across the bridge.
# iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
# service iptables save
# service iptables restart
Disable iptables on bridges
Alternatively, prevent bridged traffic from being processed by iptables rules. In /etc/
sysctl.conf append the following lines:
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
Reload the kernel parameters configured with sysctl.
# sysctl -p /etc/sysctl.conf
6. Restart the libvirt service
Restart the libvirt service with the service command.
# service libvirtd reload
7. Verify the bridge
Verify the new bridge is available with the bridge control command (brctl).
# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.000000000000 yes
br0 8000.000e0cb30550 no eth0
A "Shared physical device" is now available through virt-manager and libvirt, which guests can be
attached and have full network access.
Note, the bridge is completely independent of the virbr0 bridge. Do not attempt to attach a physical
device to virbr0. The virbr0 bridge is only for Network Address Translation (NAT) connectivity.