这可能是常见问题,我尝试了很多方法,但仍然没有成功,只能在这里寻求帮助。我在这里看到了类似的问题,但没有解决,请指教。我的 kvm vm 客户机无法访问互联网。只能 ping 主机-客户机。我已经将 virtualbox vm centos 设置为主机并安装了 kvm 虚拟机管理程序。我通过主机 enp0s3 接口 (dhcp) 创建 br0,我的 centos vm 可以 ping 路由器网关、我的物理电脑并可以访问互联网。好的……virtualbox 主机 VM centos 工作正常。
然后我安装了 kvm(参见 web)和虚拟管理器。我创建了默认网络(virbr0),192.168.122.0/24。libvrt 正在运行。然后我在主机 vm centos 中创建新的客户 ubuntu vm,并使用 br0(dhcp)创建 ubuntu vm 并能够获取 dhcp ip(与 vm centos 和物理 pc 相同的子网)。
Vm ubuntu 客户机能够 ping 通 Vm centos,反之亦然。这里的问题是客户机 vm ubuntu 无法访问互联网,也无法 ping 通物理 PC 或局域网中的任何其他 PC。我尝试停止主机防火墙,停止 selinux,但问题仍然存在。我甚至创建了另一个连接到 virbr0(nat)的 vm,而该 vm 甚至无法从 virbr0 获取 dhcp ip(当 ifconfig 仅显示 lo ip 时...尝试添加手动 ens3 接口仍然无法获取 ip)...我的 kvm 设置有问题吗?请帮帮我...我已经解决这个问题将近一个星期了,但没有任何进展...谢谢。
Setup:-
(dhcp)
PC Physical(virtualbox) ---- VM Centos(KVM) -----VM Ubuntu
192.168.0.141 192.168.0.186 192.168.0.197
promiscuous mode - enable all.
Host ifconfig (VM Centos):-
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.186 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::a00:27ff:fee3:4a2a prefixlen 64 scopeid 0x20<link>
inet6 2001:e68:5435:ccce:a00:27ff:fee3:4a2a prefixlen 64 scopeid 0x0<global>
ether 08:00:27:e3:4a:2a txqueuelen 1000 (Ethernet)
RX packets 65476 bytes 5739488 (5.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 78582 bytes 31486452 (30.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::a00:27ff:fee3:4a2a prefixlen 64 scopeid 0x20<link>
ether 08:00:27:e3:4a:2a txqueuelen 1000 (Ethernet)
RX packets 65950 bytes 6904753 (6.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 99518 bytes 43841885 (41.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 120478 bytes 254106018 (242.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 120478 bytes 254106018 (242.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
inet6 fe80::fc54:ff:fe8e:eff prefixlen 64 scopeid 0x20<link>
ether fe:54:00:a7:e4:02 txqueuelen 1000 (Ethernet)
RX packets 133 bytes 35092 (34.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9 bytes 698 (698.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc54:ff:fea7:e402 prefixlen 64 scopeid 0x20<link>
ether fe:54:00:a7:e4:02 txqueuelen 1000 (Ethernet)
RX packets 103 bytes 32268 (31.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1107 bytes 57804 (56.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vnet1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc54:ff:fe08:d031 prefixlen 64 scopeid 0x20<link>
ether fe:54:00:08:d0:31 txqueuelen 1000 (Ethernet)
RX packets 1289 bytes 66978 (65.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2083 bytes 232676 (227.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s3
TYPE=Ethernet
#PROXY_METHOD=none
#BROWSER_ONLY=no
BOOTPROTO=dhcp
#DEFROUTE=yes
#IPV4_FAILURE_FATAL=no
#IPV6INIT=yes
#IPV6_AUTOCONF=yes
#IPV6_DEFROUTE=yes
#IPV6_FAILURE_FATAL=no
#IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp0s3
#UUID=2d8ceee7-bef3-4bba-b5bc-4b83df69530a
DEVICE=enp0s3
ONBOOT=yes
BRIDGE=br0
HWADDR=08:00:27:e3:4a:2a
NM_CONTROLLED=no
br0
#This is for using DHCP
DEVICE=br0
BOOTPROTO=dhcp
#IPV6INIT=yes
#IPV6_AUTOCONF=yes
ONBOOT=yes
TYPE=Bridge
STP=on
DELAY=0
NM_CONTROLLED=no
virsh netlist:-
Name State Autostart Persistent
----------------------------------------------------------
default active no yes
brctl show:-
bridge name bridge id STP enabled interfaces
br0 8000.080027e34a2a yes enp0s3
vnet1
virbr0 8000.fe5400a7e402 yes vnet0
route host (vm centos)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 br0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
nmcli c show --active
NAME UUID TYPE DEVICE
virbr0 95561712-74ce-42c9-a9d8-6a0baf6cbaeb bridge virbr0
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
INPUT_direct all -- anywhere anywhere
INPUT_ZONES_SOURCE all -- anywhere anywhere
INPUT_ZONES all -- anywhere anywhere
DROP all -- anywhere anywhere ctstate INVALID
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
FORWARD_direct all -- anywhere anywhere
FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere
FORWARD_IN_ZONES all -- anywhere anywhere
FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere
FORWARD_OUT_ZONES all -- anywhere anywhere
DROP all -- anywhere anywhere ctstate INVALID
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:bootpc
ACCEPT all -- anywhere anywhere
OUTPUT_direct all -- anywhere anywhere
Chain FORWARD_IN_ZONES (1 references)
target prot opt source destination
FWDI_public all -- anywhere anywhere [goto]
FWDI_public all -- anywhere anywhere [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
target prot opt source destination
Chain FORWARD_OUT_ZONES (1 references)
target prot opt source destination
FWDO_public all -- anywhere anywhere [goto]
FWDO_public all -- anywhere anywhere [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target prot opt source destination
Chain FORWARD_direct (1 references)
target prot opt source destination
Chain FWDI_public (2 references)
target prot opt source destination
FWDI_public_log all -- anywhere anywhere
FWDI_public_deny all -- anywhere anywhere
FWDI_public_allow all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
Chain FWDI_public_allow (1 references)
target prot opt source destination
Chain FWDI_public_deny (1 references)
target prot opt source destination
Chain FWDI_public_log (1 references)
target prot opt source destination
Chain FWDO_public (2 references)
target prot opt source destination
FWDO_public_log all -- anywhere anywhere
FWDO_public_deny all -- anywhere anywhere
FWDO_public_allow all -- anywhere anywhere
Chain FWDO_public_allow (1 references)
target prot opt source destination
Chain FWDO_public_deny (1 references)
target prot opt source destination
Chain FWDO_public_log (1 references)
target prot opt source destination
Chain INPUT_ZONES (1 references)
target prot opt source destination
IN_public all -- anywhere anywhere [goto]
IN_public all -- anywhere anywhere [goto]
Chain INPUT_ZONES_SOURCE (1 references)
target prot opt source destination
Chain INPUT_direct (1 references)
target prot opt source destination
Chain IN_public (2 references)
target prot opt source destination
IN_public_log all -- anywhere anywhere
IN_public_deny all -- anywhere anywhere
IN_public_allow all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
Chain IN_public_allow (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW,UNTRACKED
ACCEPT tcp -- anywhere anywhere tcp dpt:websm ctstate NEW,UNTRACKED
Chain IN_public_deny (1 references)
target prot opt source destination
Chain IN_public_log (1 references)
target prot opt source destination
Chain OUTPUT_direct (1 references)
target prot opt source destination
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
Guest ifconfig (vm ubuntu) (I cannot ssh as no ssh server install, i just type here to show d info)
ens3 inet addr:192.168.0.197
lo inet addr:127.0.0.1
route:-
destination gateway genmask use iface
0.0.0.0 192.168.0.1 0.0.0.0 ens3
192.168.0.0 0.0.0.0 255.255.255.0 ens3
ens3
auto ens3
iface ens3 inet dhcp