Ubuntu with KVM guest VM and broken bridges
- by MadPsy
I have an Ubuntu box with a KVM guest VM running. They use bridging so the guest VM attaches to the physical network of its host. The guest VM has 2 NICs in 2 different bridges.
First NIC of the VM is tap5 and is in bridge br0
br0 8000.46720f5c572e no eth0.500
tap5
Second NIC of the VM is tap2 and is in bridge br100
br100 8000.76ad2fc96661 no eth0.100
eth0.101
eth0.103
eth0.104
eth0.105
tap2
On the host, br0 has an IP and br100 does not
21: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 46:72:0f:5c:57:2e brd ff:ff:ff:ff:ff:ff
inet 192.168.100.4/24 brd 192.168.10.255 scope global br0
inet6 fe80::d6ae:52ff:febe:777/64 scope link
valid_lft forever preferred_lft forever
On the guest, its eth0 and eth1 interfaces both have IP addresses
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:3e:61:fb:7a:da brd ff:ff:ff:ff:ff:ff
inet 192.168.100.6/24 brd 192.168.100.255 scope global eth0
inet6 fe80::23e:61ff:fefb:7ada/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:3e:61:fb:7a:ea brd ff:ff:ff:ff:ff:ff
inet 172.16.50.129/25 brd 172.16.50.255 scope global eth1
inet6 fe80::23e:61ff:fefb:7aea/64 scope link
valid_lft forever preferred_lft forever
On the guest VM, a tcpdump of its eth1 interface (tap2) shows traffic from its eth0 interface (tap5), as if the 2 bridges are themselves bridged. This means any interface on br100 is now bridged across to br0 - which is completely broken.
root@chillispot:~# tcpdump -c 1 -n -v -i eth1 net 192.168.100.0/24
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
16:31:24.175583 IP (tos 0x0, ttl 64, id 48054, offset 0, flags [DF], proto TCP (6), length 148)
192.168.100.6.22 > 192.168.100.4.59505: Flags [P.], cksum 0x6c2b (correct), seq 1056321648:1056321744, ack 398642983, win 1700, options [nop,nop,TS val 197473436 ecr 200655363], length 96
What could be bridging the 2 bridges, except the guest VM (which is a stock Ubuntu install)? I am at a complete loss! Thanks.