No ARP reply on tap0 (KVM bridged networking)

arpbridgekvm-virtualizationnetworkingrouting

I wanted to assign an external IP address to my KVM guest and went the bridged networking way. Unfortunately the guest has no network connectivity and I don't know why. After investigating it seems that it doesn't get any reply for it's ARP requests.

I have one physical interface: eth0, the bridged interface: br0 and the tap interface: tap0 brought up by qemu-ifup script by kvm. The host machine runs the latest Ubuntu Server. The guest machine runs GKRML live-cd (based on slackware).

What could be a potential problem is that the host machine and the guest machine are in the different networks. Unfortunately both IP addresses were assigned to me by the datacenter and I cannot change them.

Configuration details follow. Below xx.xx are the same for both host and guest.

Host's /etc/network/interfaces:

# Loopback device:
auto lo
iface lo inet loopback

# Device: eth0
auto eth0
iface eth0 inet manual

# Device: br0
auto br0
iface br0 inet static
  address   xx.xx.110.69
  netmask   255.255.255.224
  network   xx.xx.110.64
  broadcast xx.xx.110.95
  gateway   xx.xx.110.65
  bridge_ports eth0
  bridge_fd 9
  bridge_hello 2
  bridge_maxage 12
  bridge_stp off

Host's routing table:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
xx.xx.110.64    0.0.0.0         255.255.255.224 U     0      0        0 br0
0.0.0.0         xx.xx.110.65    0.0.0.0         UG    100    0        0 br0

Host's /etc/qemu-ifup scirpt (unmodified, shipped with qemu package):

#!/bin/sh
switch=$(/sbin/ip route list | awk '/^default / { print $5 }')
/sbin/ifconfig $1 0.0.0.0 up
/usr/sbin/brctl addif ${switch} $1

Output of brctl show while the guest is running:

bridge name     bridge id               STP enabled     interfaces
br0             8000.4061862b90d5       no              eth0
                                                        tap0

KVM commandline:

kvm -cdrom grml_2009.10.iso -boot d -m 256 -vnc localhost:0 -net nic,macaddr=DE:AD:BE:EF:11:14 -net tap,script=/etc/qemu-ifup

Guest machine network setup (single eth0 interface):

$ ifconfig eth0 xx.xx.129.69/28 up
$ route add default gw xx.xx.129.65

Result of tcpdump -i tap0 while trying to ping anything from the guest:

tcpdump: WARNING: tap0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap0, link-type EN10MB (Ethernet), capture size 96 bytes
23:38:13.659655 ARP, Request who-has xx.xx.129.65 tell xx.xx.129.69, length 28
23:38:14.659687 ARP, Request who-has xx.xx.129.65 tell xx.xx.129.69, length 28
23:38:15.659655 ARP, Request who-has xx.xx.129.65 tell xx.xx.129.69, length 28
23:38:16.666350 ARP, Request who-has xx.xx.129.65 tell xx.xx.129.69, length 28
23:38:17.666319 ARP, Request who-has xx.xx.129.65 tell xx.xx.129.69, length 28
23:38:18.666324 ARP, Request who-has xx.xx.129.65 tell xx.xx.129.69, length 28

… and so on without reply.

Thanks in advance for any help!

Best Answer

  1. Are you running iptables? If so, have you enabled bridge traffic? For example the following is one solution that works on Fedora/Red Hat:

iptables -F FORWARD

iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT

iptables-save > /etc/sysconfig/iptables

  1. Have you enabled IPv4 forwarding in sysctl.conf? Again on Fedora/Red Hat in /etc/sysctl.conf you need to set

net.ipv4.ip_forward = 1