Re: [libvirt-users] issue with openssh-server running in a libvirt based centos virtual machine
On Sat, Jan 27, 2018 at 3:44 PM, Peter Crowther
<peter.crowther(a)melandra.com> wrote:
You say you can ping but not ssh. If you install tcpdump on the VM,
can you
see the ping packets arriving and leaving? If not, I suspect an address
collision - especially if ping continues to work with the VM shut down. If
you can't ping, check the other end of your bridge. I'm more familiar with
open vSwitch, but I'm somewhat concerned that your bridge definition doesn't
include a physical NIC as one of its connections.
Peter, thanks for your reply. Yes, I see the icmp request coming into
the cnetos1 VM and the icmp reply going out. I am sure this is not an
ip address collision.
The bridge in the server1 libvirt environment is created like this:
# cat /etc/sysconfig/network-scripts/ifcfg-eno1
DEVICE=eno1
BOOTPROTO=none
BRIDGE=br0
ONBOOT=YES
# cat /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
IPADDR=x.x.219.54
NETMASK=255.255.255.0
GATEWAY=x.x.219.1
ONBOOT=YES
The result of the above is the following:
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.fc15b4137688 no eno1
Then I define the above br0 bridge in libvirt, like below:
# virsh net-dumpxml br0
<network>
<name>br0</name>
<uuid>5aaf72a5-023d-4b84-9d7c-d68b0918f620</uuid>
<forward mode='bridge'/>
<bridge name='br0'/>
</network>
# virsh net-list
Name State Autostart Persistent
----------------------------------------------------------
br0 active no yes
As soon as I have the br0 bridge defined in libvirt, I start the
centos1 VM, that has eth0 interface connected to this br0 bridge:
# virsh dumpxml centos1
[...]
<interface type='network'>
<mac address='52:54:00:40:31:85'/>
<source network='br0'/>
<model type='e1000'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x03'
function='0x0'/>
</interface>
[...]
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.fc15b4137688 no eno1
vnet0
And that is all. With this setup I have the centos1 VM interface eth0
directly connected to the br0 bridge through the vnet0 tap interface.
The br0 bridge is also connected to the eno1 physical interface in
server1, so my centos1 VM should be accessible to the outside world.
However, I have the ssh issue described in my initial email, while
ping is working. In the openssh-server debug log, I see the ssh
connection established and later hanging with the last debug message
being "debug1: SSH2_MSG_KEXINIT sent [preauth]".
Am I doing something wrong with my libvirt setup above?