** Description changed: I am using libvirt with KVM on a UBUNTU 18.04.3 LTS I have the following topology inside libvirt/KVM The default virtual network with IP range 10.0.0.0/24 on virbr0 interface with IP 10.0.0.1 and DHCP enabled Another virtual network named "confinada" with IP range 192.168.254.0/24 on virbr1 interface with no IP and DHCP disabled I have one VM with pfSense that is connected to the two networks and is acting as a gateway to the others VMs. I have one VM with UBUNTU 18.04 and one with Windows 7 The topology is as following: - 192.168.254.103 - 10.0.0.1 10.0.0.138 192.168.254.1 +-- Windows 7 - INTERNET <----------> HOST <------------> pfSense <-------------| - 192.168.11.201 (default) (confinada) +-- UBUNTU - 192.168.254.2 + + INTERNET + | + | 192.168.11.201 + HOST + | 10.0.0.1 + (default)| + | 10.0.0.138 + pfSense + | 192.168.254.1 + +--------+--------+ + | (confinada) | + | 192.168.254.2 | 192.168.254.103 + UBUNTU Windows 7 I have sucess accessing Internet on the Windows 7 VM but not on the UBUNTU machine. During debug i found that the packets from the UBUNTU machine are not being NAT'ed correctly when leaving the host machine. I compared the two VM and found that the UBUNTU VM is using device model "virtio" and the Windows VM is using "rtl8139". When i changed the device model of the UBUNTU VM to "rtl8139" it start accessing the Internet. The pfSense VM is using the device model "virtio" on both interfaces. - I tried to acess www.google.com (172.217.28.68) on the VM and used tcpdump on the host interface. I have the following results: 1 - Using "virtio" device model: # tcpdump -nN -i enp2s0 host 172.217.28.68 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes 12:16:02.347830 IP 10.0.0.138.47764 > 172.217.28.68.80: Flags [S], seq 2073890688, win 29200, options [mss 1460,sackOK,TS val 3101189393 ecr 0,nop,wscale 7], length 0 12:16:03.359092 IP 10.0.0.138.47764 > 172.217.28.68.80: Flags [S], seq 2073890688, win 29200, options [mss 1460,sackOK,TS val 3101190405 ecr 0,nop,wscale 7], length 0 12:16:05.375124 IP 10.0.0.138.47764 > 172.217.28.68.80: Flags [S], seq 2073890688, win 29200, options [mss 1460,sackOK,TS val 3101192421 ecr 0,nop,wscale 7], length 0 12:16:09.631218 IP 10.0.0.138.47764 > 172.217.28.68.80: Flags [S], seq 2073890688, win 29200, options [mss 1460,sackOK,TS val 3101196677 ecr 0,nop,wscale 7], length 0 2 - Using "rtl8139" device model: # tcpdump -nN -i enp2s0 host 172.217.28.68 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes 12:17:15.206181 IP 192.168.11.201.6085 > 172.217.28.68.80: Flags [S], seq 733025182, win 29200, options [mss 1460,sackOK,TS val 550129346 ecr 0,nop,wscale 7], length 0 12:17:15.226156 IP 172.217.28.68.80 > 192.168.11.201.6085: Flags [S.], seq 1016175004, ack 733025183, win 60192, options [mss 1360,sackOK,TS val 1081017811 ecr 550129346,nop,wscale 8], length 0 12:17:15.227137 IP 192.168.11.201.6085 > 172.217.28.68.80: Flags [.], ack 1, win 229, options [nop,nop,TS val 550129367 ecr 1081017811], length 0 12:17:15.228442 IP 192.168.11.201.6085 > 172.217.28.68.80: Flags [P.], seq 1:142, ack 1, win 229, options [nop,nop,TS val 550129368 ecr 1081017811], length 141: HTTP: GET / HTTP/1.1 + VIRTUAL NETWORK INFORMATION + virsh # net-dumpxml default + <network connections='1'> + <name>default</name> + <uuid>2d8b670b-a708-4914-9c4a-882a1958a931</uuid> + <forward dev='enp2s0' mode='nat'> + <nat> + <port start='1024' end='65535'/> + </nat> + <interface dev='enp2s0'/> + </forward> + <bridge name='virbr0' stp='on' delay='0'/> + <mac address='52:54:00:73:6f:62'/> + <domain name='default'/> + <ip address='10.0.0.1' netmask='255.255.255.0'> + <dhcp> + <range start='10.0.0.128' end='10.0.0.254'/> + </dhcp> + </ip> + </network> + virsh # - The host system informations are: + virsh # net-dumpxml confinada + <network connections='2'> + <name>confinada</name> + <uuid>3e9a02fa-5166-487a-a1ba-3d41e80686f9</uuid> + <bridge name='virbr1' stp='off' delay='0'/> + <mac address='52:54:00:9a:54:b6'/> + <domain name='confinada'/> + </network> + virsh # + + + HOST SYSTEM INFORMATION: root@jlbastos-desktop:~# lsb_release -rd Description: Ubuntu 18.04.3 LTS Release: 18.04 - root@jlbastos-desktop:~# + root@jlbastos-desktop:~# root@jlbastos-desktop:~# apt-cache policy libvirt-bin libvirt-clients libvirt-daemon libvirt0 qemu-kvm libvirt-bin: - Instalado: 4.0.0-1ubuntu8.13 - Candidato: 4.0.0-1ubuntu8.13 - Tabela de versão: - *** 4.0.0-1ubuntu8.13 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages - 100 /var/lib/dpkg/status - 4.0.0-1ubuntu8.12 500 - 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages - 4.0.0-1ubuntu8 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages + Instalado: 4.0.0-1ubuntu8.13 + Candidato: 4.0.0-1ubuntu8.13 + Tabela de versão: + *** 4.0.0-1ubuntu8.13 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 4.0.0-1ubuntu8.12 500 + 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages + 4.0.0-1ubuntu8 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages libvirt-clients: - Instalado: 4.0.0-1ubuntu8.13 - Candidato: 4.0.0-1ubuntu8.13 - Tabela de versão: - *** 4.0.0-1ubuntu8.13 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages - 100 /var/lib/dpkg/status - 4.0.0-1ubuntu8.12 500 - 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages - 4.0.0-1ubuntu8 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages + Instalado: 4.0.0-1ubuntu8.13 + Candidato: 4.0.0-1ubuntu8.13 + Tabela de versão: + *** 4.0.0-1ubuntu8.13 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 4.0.0-1ubuntu8.12 500 + 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages + 4.0.0-1ubuntu8 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages libvirt-daemon: - Instalado: 4.0.0-1ubuntu8.13 - Candidato: 4.0.0-1ubuntu8.13 - Tabela de versão: - *** 4.0.0-1ubuntu8.13 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages - 100 /var/lib/dpkg/status - 4.0.0-1ubuntu8.12 500 - 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages - 4.0.0-1ubuntu8 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages + Instalado: 4.0.0-1ubuntu8.13 + Candidato: 4.0.0-1ubuntu8.13 + Tabela de versão: + *** 4.0.0-1ubuntu8.13 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 4.0.0-1ubuntu8.12 500 + 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages + 4.0.0-1ubuntu8 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages libvirt0: - Instalado: 4.0.0-1ubuntu8.13 - Candidato: 4.0.0-1ubuntu8.13 - Tabela de versão: - *** 4.0.0-1ubuntu8.13 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages - 100 /var/lib/dpkg/status - 4.0.0-1ubuntu8.12 500 - 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages - 4.0.0-1ubuntu8 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages + Instalado: 4.0.0-1ubuntu8.13 + Candidato: 4.0.0-1ubuntu8.13 + Tabela de versão: + *** 4.0.0-1ubuntu8.13 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages + 100 /var/lib/dpkg/status + 4.0.0-1ubuntu8.12 500 + 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages + 4.0.0-1ubuntu8 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages qemu-kvm: - Instalado: 1:2.11+dfsg-1ubuntu7.20 - Candidato: 1:2.11+dfsg-1ubuntu7.20 - Tabela de versão: - *** 1:2.11+dfsg-1ubuntu7.20 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages - 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages - 100 /var/lib/dpkg/status - 1:2.11+dfsg-1ubuntu7 500 - 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages + Instalado: 1:2.11+dfsg-1ubuntu7.20 + Candidato: 1:2.11+dfsg-1ubuntu7.20 + Tabela de versão: + *** 1:2.11+dfsg-1ubuntu7.20 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages + 500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages + 100 /var/lib/dpkg/status + 1:2.11+dfsg-1ubuntu7 500 + 500 http://br.archive.ubuntu.com/ubuntu bionic/main amd64 Packages root@jlbastos-desktop:~#
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853489 Title: Ignoring the default NAT when using the virtio adapter To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1853489/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
