Results 1 to 4 of 4

Thread: Libvirt nat portforwarding

  1. June 5th, 2013 #1
    Yahya5678
    Yahya5678 is offline First Cup of Ubuntu
    Join Date
    Apr 2013
    Beans
    3

    Libvirt nat portforwarding

    Hello guys,

    I have server A with libvirt installed. On that server, there are several vms (managed by libvirt) that are on NATTEd network behind a bridge on server A.

    I have another server (diff network) that I connect to server A that hosts libvirt but it does not allow me to ping to the vms hosted on server A.

    Someone suggested to me that I have to do some port forwarding using ip tables on server A.

    Is this the way forward or do I have to do something else?

    Any help, greatly appreciated

    Thanks
    Advanced reply Adv Reply  
  2. June 5th, 2013 #2
    NigelRen
    NigelRen is offline 5 Cups of Ubuntu
    Join Date
    Aug 2010
    Beans
    27

    Re: Libvirt nat portforwarding

    I had the same problem, the solution in my case was that iptables was rejecting any connection to the machine. When I did iptables -L -n I get something like

    Code:
    Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            192.168.122.0/24     state RELATED,ESTABLISHED
ACCEPT     all  --  192.168.122.0/24     0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
    I had to delete these last two rules using something like iptables -D FORWARD 5 also same for iptables -D FORWARD 4. This then seemed to pass through al traffic to the virtual machine.

    General IP tables stuff - https://help.ubuntu.com/community/IptablesHowTo
    Advanced reply Adv Reply  
  3. June 5th, 2013 #3
    Yahya5678
    Yahya5678 is offline First Cup of Ubuntu
    Join Date
    Apr 2013
    Beans
    3

    Re: Libvirt nat portforwarding

    Hi nigelren, but what if I want to ping or connect to vms that are hosted on server A and I want to ping them directly from server B without connecting to server A first. Does that make sense
    Advanced reply Adv Reply  
  4. June 5th, 2013 #4
    NigelRen
    NigelRen is offline 5 Cups of Ubuntu
    Join Date
    Aug 2010
    Beans
    27

    Re: Libvirt nat portforwarding

    I use a virtual machine as an apt-cache server so I needed to connect from machine B to a VM which was running on server A. This is where when I attempted to connect I was getting a port unreachable error - which is where iptables reject was causing the problem.
    The iptables configuration has to be done on server A, this then allowed other machines to connect to the VM.
    Advanced reply Adv Reply  
« Previous Thread | Next Thread »

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Ubuntu Forums Code of Conduct