KVM and guest DNS
I have a KVM running on CentOS 5.5, with bridge mode enabled.
/etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=none
BROADCAST=192.168.1.255
IPADDR=192.168.1.10
NETMASK=255.255.255.0
NETWORK=192.168.1.0
GATEWAY=192.168.1.1
ONBOOT=yes
/etc/sysconfig/network-scripts/ifcfg-eth0
# Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet
DEVICE=eth0
BOOTPROTO=none
HWADDR=E4:1F:13:6D:46:94
ONBOOT=yes
TYPE=Ethernet
#USERCTL=no
#IPV6INIT=no
#PEERDNS=yes
BRIDGE=br0
#NETMASK=255.255.255.0
#IPADDR=192.168.1.10
#GATEWAY=192.168.1.1
I have installed two guests (Ubuntu 10.10 (192.168.1.12) and Fedora 14 (192.168.1.11) ).
I can ping everything by IP from host: 192.168.1.1, 192.168.1.11, 192.168.1.12, centos.org ....
All sucessfuly
[root@localhost mess]# /usr/bin/nslookup www.centos.org
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: www.centos.org
Address: 72.232.194.162
[root@localhost mess]# ping 192.168.1.12
PING 192.168.1.12 (192.168.1.12) 56(84) bytes of data.
64 bytes from 192.168.1.12: icmp_seq=1 ttl=64 time=1.36 ms
64 bytes from 192.168.1.12: icmp_seq=2 ttl=64 time=0.130 ms
--- 192.168.1.12 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.130/0.747/1.364/0.617 ms
But when I try to nslookup from guests, I get a response that no servers could be reached 
Dig on host:
dig @8.8.8.8 centos.org
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> @8.8.8.8 centos.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22437
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;centos.org. IN A
;; ANSWER SECTION:
centos.org. 120 IN A 72.232.194.162
;; Query time: 39 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Nov 14 06:41:06 2010
;; MSG SIZE rcvd: 44
Dig on guest:
dig @8.8.8.8 centos.org
; <<>> DiG 9.7.1-P2 <<>> @8.8.8.8 centos.org
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
resolv.conf on guest
mess@HAL-ubuntu:~$ cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.1.1
I also can't browse, because guest don't translate domain names. Internet domain names just don't work (www.centos.org, etc)
All DNS stuff is stuck. I can ping an IP from both guests (for example 72.232.194.162) without problems.
What is wrong ?
Ubuntu-Guest: /etc/resolv.conf
nameserver 192.168.1.1
ifconfig
eth0 Link encap:Ethernet HWaddr 54:52:00:5d:c9:bc
inet addr:192.168.1.12 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::5652:ff:fe5d:c9bc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:672 errors:0 dropped:0 overruns:0 frame:0
TX packets:805 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:72918 (72.9 KB) TX bytes:76109 (76.1 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
The same problem is with fedora. Internet is just not working.
|
My getinfo.sh: http://pastebin.centos.org/35972
I have tried to set it on static and also on DHCP in /etc/sysconfig/network-scripts/ifcfg-br0. I checked in Administration/Services and NetworkManager is stopped in Runlevel 3,4,5. DNS still not working ;( Bridge seems to work fine
|
|
Solved the puzzle
This is the page with the answer:
http://wiki.libvirt.org/page/Networking
I had to do this:
# cat >> /etc/sysctl.conf <
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
EOF
# sysctl -p /etc/sysctl.conf
I have this same problem and have solved it by following your solution. Thank you so much! ^_^
One important thing to remember is you MUST use cat as the solution gave for adding configuration. I've used nano editor before and that method simply DON'T work.
Thanks
Post new comment