On Thursday, July 7 at 20:46 (+0100), john said:
Well, I see several errors, you may want to start with the first one and work your way down. > iptables is running, bridging and tun have been loaded as modules > iproute2 has now been installed but makes no odds. Not sure about brctl > as I can't find this? > > Have started libvirtd and get the following > when trying to start virt-manager > > 20:28:05.083: 5216: info : > libvirt version: 0.9.1 20:28:05.083: 5216: error : virCommandWait:1281 : > internal error Child process (/sbin/iptables --table mangle --insert > POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 > --jump CHECKSUM --checksum-fill) status unexpected: exit status 1 iptables is failing. Maybe you don't have the correct modules or have them installed. > 20:28:05.084: 5216: warning : networkAddGeneralIptablesRules:1199 : > Could not add rule to fixup DHCP response checksums on network > 'default'. 20:28:05.084: 5216: warning : > networkAddGeneralIptablesRules:1200 : May need to update iptables > package & kernel to support CHECKSUM rule. 20:28:05.256: 5216: error : > virCommandWait:1281 : internal error Child process (/sbin/ip addr add > 192.168.122.1/24 broadcast 192.168.122.255 dev virbr0) status > unexpected: exit status 1 20:28:05.256: 5216: error : > networkAddAddrToBridge:1625 : internal error cannot set IP address on > bridge 'virbr0' 20:28:05.449: 5216: error : virCommandWait:1281 : > internal error Child process (/sbin/iptables --table mangle --delete > POSTROUTING --out-interface virbr0 --protocol udp --destination-port 68 > --jump CHECKSUM --checksum-fill) status unexpected: exit status 1 > 20:28:05.481: 5216: warning : networkStartNetworkDaemon:1800 : Failed > to delete dummy tap device '(null)' on bridge 'virbr0' : Invalid > argument 20:28:05.526: 5216: error : udevGetDMIData:1493 : Failed to > get udev device for syspath '/sys/devices/virtual/dmi/id' or > '/sys/class/dmi/id' 20:28:51.078: 5219: error : > remoteDispatchAuthPolkit:5139 : Policy kit denied action > org.libvirt.unix.manage from pid 6810, uid 1000: exit status 1 > 20:31:26.177: 5218: error : do_open:1085 : no connection driver > available for No connection for URI qemu:///system > > Does mean something++++++ > no connection driver > available for No connection for URI qemu:///system > The subsequent errors may be because of the first. So I'd start with that. If you are not going to use virtual networks, then you could simply disable the virt-net USE flag and save yourself some time. As for as iptables. You need the right sub-drivers (or whatever they're called). Basically if you are using virtual networking you need to be able to do NAT. I have the following: CONFIG_NF_CONNTRACK=m CONFIG_NF_CONNTRACK_MARK=y # CONFIG_NF_CONNTRACK_EVENTS is not set # CONFIG_NF_CT_PROTO_DCCP is not set # CONFIG_NF_CT_PROTO_SCTP is not set # CONFIG_NF_CT_PROTO_UDPLITE is not set # CONFIG_NF_CONNTRACK_AMANDA is not set # CONFIG_NF_CONNTRACK_FTP is not set # CONFIG_NF_CONNTRACK_H323 is not set # CONFIG_NF_CONNTRACK_IRC is not set # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_PPTP is not set # CONFIG_NF_CONNTRACK_SANE is not set # CONFIG_NF_CONNTRACK_SIP is not set # CONFIG_NF_CONNTRACK_TFTP is not set # CONFIG_NF_CT_NETLINK is not set CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_CONNTRACK_PROC_COMPAT=y # CONFIG_IP_NF_QUEUE is not set CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_ADDRTYPE=m # CONFIG_IP_NF_MATCH_AH is not set # CONFIG_IP_NF_MATCH_ECN is not set # CONFIG_IP_NF_MATCH_TTL is not set CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=mNAT/masquerading. # CONFIG_IP_NF_TARGET_LOG is not set # CONFIG_IP_NF_TARGET_ULOG is not set CONFIG_NF_NAT=m CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m # CONFIG_IP_NF_TARGET_NETMAP is not set # CONFIG_IP_NF_TARGET_REDIRECT is not set # CONFIG_NF_NAT_SNMP_BASIC is not set # CONFIG_NF_NAT_FTP is not set # CONFIG_NF_NAT_IRC is not set # CONFIG_NF_NAT_TFTP is not set # CONFIG_NF_NAT_AMANDA is not set # CONFIG_NF_NAT_PPTP is not set # CONFIG_NF_NAT_H323 is not set # CONFIG_NF_NAT_SIP is not set CONFIG_IP_NF_MANGLE=m # CONFIG_IP_NF_TARGET_CLUSTERIP is not set # CONFIG_IP_NF_TARGET_ECN is not set # CONFIG_IP_NF_TARGET_TTL is not set # CONFIG_IP_NF_RAW is not set # CONFIG_IP_NF_ARPTABLES is not set # CONFIG_BRIDGE_NF_EBTABLES is not set I have the following modules loaded (may not all be used by libvirt though): $ lsmod|egrep 'ipt|nf' ipt_MASQUERADE 1523 3 iptable_nat 3053 1 nf_nat 11757 2 ipt_MASQUERADE,iptable_nat nf_conntrack_ipv4 8846 4 iptable_nat,nf_nat nf_defrag_ipv4 1131 1 nf_conntrack_ipv4 nf_conntrack 40786 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state ipt_REJECT 1998 2 iptable_mangle 1392 1 iptable_filter 1312 1 ip_tables 13195 3 iptable_nat,iptable_mangle,iptable_filter x_tables 13624 9 ipt_MASQUERADE,iptable_nat,xt_state,ipt_REJECT,xt_CHECKSUM,iptable_mangle,xt_tcpudp,iptable_filter,ip_tables You also need to be able do to ethernet bridging. The virtual device vibr0 is a bridge. You also need bridge-utils, but it's probably already installed. A good reference is this: http://wiki.libvirt.org/page/Networking
