On Tue 28/10/2025 at 01:31, Gareth Evans <[email protected]> wrote:
> Thus the virtual network driver in libvirt was invented. This takes the form > of an isolated bridge device (ie one with no physical NICs attached). The TAP > devices associated with the guest NICs are attached to the bridge device. > This immediately allows guests on a single host to talk to each other and to > the host OS (modulo host IPtables rules)." > ^^^ THIS DOESN'T SEEM TO BE TRUE (any more, nor for a number of years) ^^^ > https://libvirt.org/firewall Actually I misread the bit I commented on there. "Modulo host iptables rules" is the bit I have never succeeded with. That may be due to my lack of sufficient persistence, but "immediately" seems a bit much in any case ;) G
