libvirt无法与主机通信解决回顾
先放结论
If firewalld is active on the host, libvirt will attempt to place the bridge interface of a libvirt virtual network into the firewalld zone named **“libvirt” ** (thus making all guest->host traffic on that network subject to the rules of the “libvirt” zone).
我需要在firewalld (I am using a Fedora host)的libvirt
区域中添加对应的放行规则:
sudo firewall-cmd --permanent --zone=libvirt --add-port=8000/tcp
sudo firewall-cmd --permanent --zone=libvirt --add-service=samba
记得确保区域与接口的绑定正确
sudo firewall-cmd --permanent --zone=libvirt --change-interface=virbr0
这样guest就可以访问host上的8000/tcp端口和samba服务了。
How did it unfold?
由于libvirt不支持桥接无线网卡
Important Note: Unfortunately, wireless interfaces cannot be attached to a Linux host bridge, so if your connection to the external network is via a wireless interface (“wlanX”), you will not be able to use this mode of networking for your guests.
我一时只能用NAT模式让虚拟机上网。但是我发现host和guest互ping都能通。host能访问guest上的服务,但是反过来却不行。
我最后才怀疑到是防火墙的问题。但是不是一开始就猜到点上。我先后尝试了“kvm guest cannot connect to host” ,然后才注意到上面提到的链接。