Virtual-Machines

虛擬機的 KVM 橋接不起作用?

  • December 28, 2011

我目前正在設置一個帶有多個 VM 來賓的 KVM。我創建了第一個,但我已經遇到了第一個問題:

root@vm1:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 88.140.40.50: icmp_seq=2 Redirect Host(New nexthop: 88.140.40.1)
From 88.140.40.50: icmp_seq=3 Redirect Host(New nexthop: 88.140.40.1)

那麼顯然主機配置不正確?

主機 - /etc/network/interfaces:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
 address 88.140.40.50
 netmask 255.255.0.0
 gateway 88.140.40.1
 pointopoint 88.140.40.1
 bridge_ports eth0
 bridge_stp off
 bridge_fd 0
 bridge_hello 2
 bridge_maxage 12
 bridge_maxwait 0
 up route add -host 192.168.0.1 dev br0

192.168.0.1 是來賓 vm 的 ip。

主機 - iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:bootps 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:bootps 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  192.168.0.1          anywhere            
ACCEPT     all  --  anywhere             192.168.0.1         
ACCEPT     all  --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable 
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

來賓 - /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
 address 192.168.0.1
 netmask 255.255.255.255
 gateway 88.140.40.50
 pointopoint 88.140.40.50

來賓 - /etc/resolv.conf

nameserver 88.140.40.50
nameserver 88.140.40.1

您遺漏了一些關於網路的關鍵點,而不是嚴格與虛擬化相關的。

您需要在主機上配置偽裝(NAT)(取決於發行版,搜尋通用網關howto),否則將無法正常工作。

奇怪的是你有一個私有 IP (192.168.0.1) 和一個公共 IP (88.140.40.50)。您是否在防火牆上添加了 NAT?你ping 88.140.40.50能檢查一下你的pointopoint是否工作嗎?

引用自:https://serverfault.com/questions/344676