blob: cb4850d425cc0474df8c2cf425ba8cd10df4e3d9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
Arch+libvirt+bridges+ufw
########################
:date: 2014-07-03 14:48
:tags: archlinux,libvirt,network-bridge,ufw,netctl
I never thought getting bridged network for libvirt
clients to work under archlinux. Here is the digest.
Adding Bridge Network with netctl
---------------------------------
eth0 needs to be up in order to get the bridge working
**/etc/netctl/bridge**
.. code-block:: bash
Description='bridge'
Interface=br0
Connection=bridge
BindsToInterface=(eth0)
IP=static # or dhcp
Address=('1.2.3.4/24')
Gateway='1.2.3.1'
DNS=('1.2.3.3')
ExecUpPost="brctl stp $Interface on||:"
**/etc/netctl/eth_bridged**
.. code-block:: bash
Description='eth0 without ip'
Interface=eth0
Connection=ethernet
IP=no
IP6=no
**enable the bridge**
.. code-block:: bash
systemctl disable dhcpcd@eth0 # if applicable
netctl enable bridge
netctl enable eth_bridged
After a reboot the interface should be available and libvirt should be able to use the bridge for libvirt clients.
If you have ufw in place, add this line to **/etc/ufw/before{,6}.rules** between \*filter and COMMIT :
.. code-block:: bash
-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
maybe you also need the following lines in **/etc/sysctl.d/bridge.conf**:
.. code-block:: bash
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
enable security changes
.. code-block:: bash
ufw disable
ufw enable
sysctl -p /etc/sysctl.d/bridge.conf
|
