This is my system info:
Debian Release: 10.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.60-1-pve (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Libvirt version 5.0.0
qemu
Version: 1:3.1+dfsg-8+deb10u7
I try to get the filtering bridge to work.
This is the host, with the br0 that is connected to a trunked port
================================
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default
qlen 1000
link/ether 34:48:ed:f0:a9:e8 brd ff:ff:ff:ff:ff:ff
inet 10.12.0.13/24 brd 10.12.0.255 scope global eno1
valid_lft forever preferred_lft forever
inet6 fe80::3648:edff:fef0:a9e8/64 scope link
valid_lft forever preferred_lft forever
3: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP
group default qlen 1000
link/ether 34:48:ed:f0:a9:e9 brd ff:ff:ff:ff:ff:ff
inet6 fe80::3648:edff:fef0:a9e9/64 scope link
valid_lft forever preferred_lft forever
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group
default qlen 1000
link/ether e6:67:7b:87:b5:ca brd ff:ff:ff:ff:ff:ff
inet6 fe80::e467:7bff:fe87:b5ca/64 scope link
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
group default qlen 1000
link/ether 52:54:00:2b:e3:f7 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state
DOWN group default qlen 1000
link/ether 52:54:00:2b:e3:f7 brd ff:ff:ff:ff:ff:ff
19: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0
state UNKNOWN group default qlen 1000
link/ether fe:54:00:fc:ea:e6 brd ff:ff:ff:ff:ff:ff
inet6 fe80::fc54:ff:fefc:eae6/64 scope link
valid_lft forever preferred_lft forever
===================
bridge vlan show
port vlan ids
eno2 4
7
221
800
br0 None
virbr0 1 PVID Egress Untagged
virbr0-nic 1 PVID Egress Untagged
vnet0 800
==================
however the mac does not show up when i do
==================
brctl showmacs br0
==================
so vnet0 does not yet communicate with the bridge
inside the vm:
=============================
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether 52:54:00:fc:ea:e6 brd ff:ff:ff:ff:ff:ff
inet 195.37.235.121/26 brd 195.37.235.127 scope global enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fefc:eae6/64 scope link
valid_lft forever preferred_lft forever
===============================
and
===========
ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 195.37.235.121 icmp_seq=1 Destination Host Unreachable
From 195.37.235.121 icmp_seq=2 Destination Host Unreachable
==============
The mac address of vnet0 and enp1s0 is the same. That means they are the same entity.
yay!
The XML describing the network part of the VM is here:
=====================
<interface type='bridge'>
<mac address='52:54:00:29:b6:e0'/>
<source bridge='br0'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x01'
slot='0x00' function='0x0'/>
</interface>
=======================
what could be the problem?