Bridge Network Not Working After 24.04 LTS Update

Support and Help
, , ,
1

I am currently using Ubuntu 24.04.1 LTS (latest version), and before the update, I was running Ubuntu 24.04 LTS (maybe). My setup includes a GUI, and I use Virt-Manager to host VMs.

After the update, my previous netplan configuration stopped working, and I lost internet connectivity on the host machine ( IP: 103.192.157.246). I have removed everything and configured the bridge network again, and the host is back online. However, my VM (AlmaLinux with WHM cPanel, IP: 103.192.157.245) cannot communicate with external networks—for example, it cannot ping gateway IP 103.192.157.241, perform system updates/upgrades, or be accessed via a browser. Despite these issues, the host (Ubuntu) can access the VM via SSH using the terminal.

Host Details:

01-netcfg.yaml

network:
  version: 2
  renderer: networkd
  ethernets:
    eth1:
      dhcp4: no
      dhcp6: no
  bridges:
    br0:
      interfaces:
        - eth1
      dhcp4: no
      dhcp6: no
      addresses: ["103.192.157.246/28"]
      routes:
      - to: default
        via: 103.192.157.241
      macaddress: 00:1e:67:ad:ec:76
      nameservers:
        addresses: [103.84.36.5]

$ ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel master br0 state DOWN group default qlen 1000
    link/ether 00:1e:67:ad:ec:77 brd ff:ff:ff:ff:ff:ff
    altname enp0s25
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
    link/ether 00:1e:67:ad:ec:76 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:1e:67:ad:ec:76 brd ff:ff:ff:ff:ff:ff
    inet 103.192.157.246/28 brd 103.192.157.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::382e:ddff:fe6e:5175/64 scope link 
       valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:32:32:0d brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
6: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UNKNOWN group default qlen 1000
    link/ether fe:65:0f:bd:a1:4d brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc65:fff:febd:a14d/64 scope link 
       valid_lft forever preferred_lft forever

$ip route

default via 103.192.157.241 dev br0 proto static onlink 
103.192.157.240/28 dev br0 proto kernel scope link src 103.192.157.246 
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

$ sudo iptables -L -n -v

Chain INPUT (policy ACCEPT 53040 packets, 67M bytes)
 pkts bytes target     prot opt in     out     source               destination         
52870   67M Bitdefender-21-in  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
52841   67M Bitdefender-22-in  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
52899   67M LIBVIRT_INP  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LIBVIRT_FWX  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LIBVIRT_FWI  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LIBVIRT_FWO  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 41205 packets, 7279K bytes)
 pkts bytes target     prot opt in     out     source               destination         
40838 7250K Bitdefender-21-out  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
40843 7251K Bitdefender-22-out  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
40932 7259K LIBVIRT_OUT  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain Bitdefender-21-in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
   33  1902 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8887 mark match ! 0x3887

Chain Bitdefender-21-out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     6    --  *      *       0.0.0.0/0            127.0.0.1            tcp dpt:8887 ! owner GID match 986 mark match ! 0x3887

Chain Bitdefender-22-in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8887 mark match ! 0x3887

Chain Bitdefender-22-out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     6    --  *      *       0.0.0.0/0            127.0.0.1            tcp dpt:8887 ! owner GID match 986 mark match ! 0x3887

Chain LIBVIRT_FWI (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     0    --  *      virbr0  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 REJECT     0    --  *      virbr0  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain LIBVIRT_FWO (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     0    --  virbr0 *       192.168.122.0/24     0.0.0.0/0           
    0     0 REJECT     0    --  virbr0 *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain LIBVIRT_FWX (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     0    --  virbr0 virbr0  0.0.0.0/0            0.0.0.0/0           

Chain LIBVIRT_INP (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     17   --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     6    --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    0     0 ACCEPT     17   --  virbr0 *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ACCEPT     6    --  virbr0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67

Chain LIBVIRT_OUT (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     17   --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 ACCEPT     6    --  *      virbr0  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
    0     0 ACCEPT     17   --  *      virbr0  0.0.0.0/0            0.0.0.0/0            udp dpt:68
    0     0 ACCEPT     6    --  *      virbr0  0.0.0.0/0            0.0.0.0/0            tcp dpt:68

$ sudo iptables -t nat -L -n -v

Chain PREROUTING (policy ACCEPT 539 packets, 52243 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  538 50842 Bitdefender-22-pre  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
  531 50478 Bitdefender-21-pre  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 3491 packets, 659K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 3333  645K Bitdefender-22-out  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
 3333  645K Bitdefender-21-out  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain POSTROUTING (policy ACCEPT 3364 packets, 648K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 3365  649K LIBVIRT_PRT  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain Bitdefender-21-out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 3333  645K MARK       0    --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0x0
    0     0 DNAT       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:21 ! owner GID match 986 to:127.0.0.1:8887
 3333  645K MARK       0    --  *      *       0.0.0.0/0            0.0.0.0/0            MARK set 0x3887

Chain Bitdefender-21-pre (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 REDIRECT   6    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED helper match "ftp" tcp dpts:1:65534 redir ports 8887
    4   220 REDIRECT   6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:21 redir ports 8887

Chain Bitdefender-22-out (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 3333  645K MARK       0    --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0x0
    0     0 DNAT       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ! owner GID match 986 to:127.0.0.1:8887
 3333  645K MARK       0    --  *      *       0.0.0.0/0            0.0.0.0/0            MARK set 0x3887

Chain Bitdefender-22-pre (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    7   364 REDIRECT   6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22 redir ports 8887

Chain LIBVIRT_PRT (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    8   605 RETURN     0    --  *      *       192.168.122.0/24     224.0.0.0/24        
    0     0 RETURN     0    --  *      *       192.168.122.0/24     255.255.255.255     
    0     0 MASQUERADE  6    --  *      *       192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
    1   635 MASQUERADE  17   --  *      *       192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
    0     0 MASQUERADE  0    --  *      *       192.168.122.0/24    !192.168.122.0/24

$ brctl show

bridge name	bridge id		STP enabled	interfaces
br0		8000.001e67adec76	    no		  eno1
							              eth1
						    	          tap0
virbr0		8000.52540032320d	yes

$ lsmod | grep tap
tap 28672 1 vhost_net

$ virsh net-list --all

 Name      State    Autostart   Persistent
--------------------------------------------
 br0       active   yes         yes
 default   active   yes         yes

$ virsh --connect qemu:///session domiflist WHM

 Interface   Type     Source   Model    MAC
-----------------------------------------------------------
 tap0        bridge   br0      virtio   52:54:00:de:68:11

VM Details:
#ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:de:68:11 brd ff:ff:ff:ff:ff:ff
    inet 103.192.157.245/28 brd 103.192.157.255 scope global noprefixroute enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fede:6811/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

#ip route

default via 103.192.157.241 dev enp1s0 proto static metric 100 
103.192.157.240/28 dev enp1s0 proto kernel scope link src 103.192.157.245 metric 100

Below found under virt-manager graphical interface View > Details > NIC > XML for the said VM:

<interface type="bridge">
  <mac address="52:54:00:de:68:11"/>
  <source bridge="br0"/>
  <target dev="tap0"/>
  <model type="virtio"/>
  <alias name="net0"/>
  <address type="pci" domain="0x0000" bus="0x01" slot="0x00" function="0x0"/>
</interface>

Trace report for both IPs (VM: 103.192.157.245 and Host: 103.192.157.246) from the external network. I have contacted my ISP they said there are no misconfiguration and firewall issues from their side.

C:\Users\Talha>tracert 103.192.157.245

Tracing route to host-157-245.cityonlinebd.net [103.192.157.245]
over a maximum of 30 hops:

  1     2 ms     2 ms     2 ms  192.168.2.1
  2     3 ms     3 ms     4 ms  192.168.1.1
  3     4 ms     3 ms     3 ms  172.16.28.1
  4     4 ms     4 ms     3 ms  192.168.239.1
  5     7 ms     7 ms     7 ms  10.220.16.225
  6     8 ms     8 ms     7 ms  10.220.30.41
  7     8 ms     8 ms     7 ms  city-online.bdix.net [103.151.196.156]
  8     9 ms     8 ms     8 ms  10.0.142.242
  9     9 ms     8 ms     7 ms  10.10.32.10
 10  10.10.32.10  reports: Destination host unreachable.

Trace complete.

C:\Users\Talha>tracert 103.192.157.246

Tracing route to host-157-246.cityonlinebd.net [103.192.157.246]
over a maximum of 30 hops:

  1     2 ms     2 ms     2 ms  192.168.2.1
  2     3 ms     3 ms     3 ms  192.168.1.1
  3    12 ms     3 ms     3 ms  172.16.28.1
  4     4 ms     3 ms     3 ms  192.168.239.1
  5     7 ms    15 ms     8 ms  10.220.16.225
  6     7 ms     8 ms     8 ms  10.220.30.41
  7     8 ms     8 ms     8 ms  city-online.bdix.net [103.151.196.156]
  8     8 ms     7 ms     8 ms  10.0.142.242
  9     8 ms     8 ms    15 ms  10.10.32.10
 10     8 ms     9 ms     9 ms  host-157-246.cityonlinebd.net [103.192.157.246]

Trace complete.

I would greatly appreciate any advice on how to resolve this issue. Thank you in advance for your help!

1 Like
2

For your posting of your:

virsh net-list --all

command, wouldn’t you expect one or the other of default or br0 but not both?

I ask because somewhere the results for me got switched back to default from my bridge:
I was getting this:

doug@s19:~/config/etc/libvirt/qemu/networks$ virsh net-list --all
 Name          State      Autostart   Persistent
--------------------------------------------------
 default       active     yes         yes
 host-bridge   inactive   no          yes

Instead of the expected this:

doug@s19:~/config/etc/libvirt/qemu/networks$ virsh net-list --all
 Name          State    Autostart   Persistent
------------------------------------------------
 host-bridge   active   yes         yes

I didn’t really notice until I started looking into your question a couple of days ago, because I have been testing VMs on another (Debian) server latley.
Otherwise, I am not sure how to help further, as I do things a little differently than you, and I don’t want to just add confusion. For example, I don’t have any autogenerated iptables rules at all. Anyway, I left some good notes behind about it.

As a result of the work, I now have an Ubutnu 25.04 development dekstop guest VM running on my Ubuntu 24.04.1 server on my LAN via my bridge.

EDIT: You could use tcodump (or wireshark, if you prefer) to see if your traceroute packets are getting to the host bridge and the guest network interface. Example for my system:

First: the host: Packets arriving:

doug@s19:~$ sudo tcpdump -n -tttt -i br0 port 33434
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
2024-12-26 14:58:02.664100 IP 192.168.111.133.39304 > 192.168.111.33.33434: UDP, length 32

Second: the guest VM packets arriving:

doug@desk-pp:~$ sudo tcpdump -n -tttt -i enp1s0 port 33434
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on enp1s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
2024-12-26 14:59:38.306329 IP 192.168.111.133.44881 > 192.168.111.33.33434: UDP, length 32

Third: The host: Packets leaving:

doug@s19:~$ sudo tcpdump -n -tttt -i br0 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
2024-12-27 08:01:57.673834 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33434 unreachable, length 68
2024-12-27 08:01:57.673855 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33435 unreachable, length 68
2024-12-27 08:01:57.673930 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33436 unreachable, length 68
2024-12-27 08:01:57.674029 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33437 unreachable, length 68
2024-12-27 08:01:57.674223 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33438 unreachable, length 68
2024-12-27 08:01:57.674253 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33439 unreachable, length 68

Fourth: The guest: Packets leaving:

doug@desk-pp:~$ sudo tcpdump -n -tttt -i enp1s0 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on enp1s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
2024-12-27 07:59:18.535180 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33434 unreachable, length 68
2024-12-27 07:59:18.535198 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33435 unreachable, length 68
2024-12-27 07:59:18.535205 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33436 unreachable, length 68
2024-12-27 07:59:18.535212 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33437 unreachable, length 68
2024-12-27 07:59:18.535214 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33438 unreachable, length 68
2024-12-27 07:59:18.535276 IP 192.168.111.33 > 192.168.111.133: ICMP 192.168.111.33 udp port 33439 unreachable, length 68

And the other computer that runs the traceroute command (I am not familiar with the tracert command you used, but assume the operation is similar):

doug@rpi3:~/boiler/c $ traceroute 192.168.111.33
traceroute to 192.168.111.33 (192.168.111.33), 30 hops max, 60 byte packets
 1  192.168.111.33 (192.168.111.33)  0.623 ms  0.466 ms  0.323 ms
3 Likes
3

Dear @dsmythies
Thank you very much for your reply. My Virt-Manager runs under a user session. However, I have deleted the default bridge. The current bridge is shown below:

$ virsh net-list --all

 Name   State    Autostart   Persistent
-----------------------------------------
 br0    active   yes         yes

/etc/libvirt/qemu/networks$ ls -l

total 8
drwxr-xr-x 2 tusharar libvirt 4096 Dec 27 04:29 autostart
-rw------- 1 root     root     367 Dec 27 04:35 br0.xml

/etc/libvirt/qemu/networks$ sudo cat br0.xml

<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
  virsh net-edit br0
or other application using the libvirt API.
-->

<network>
  <name>br0</name>
  <uuid>123e4567-e89b-12d3-a456-426614174000</uuid>
  <forward mode='bridge'/>
  <bridge name='br0'/>
</network>

For the VM virt-manager > View > Details > NIC > XML

<interface type="bridge">
  <mac address="52:54:00:de:68:11"/>
  <source bridge="br0"/>
  <target dev="tap1"/>
  <model type="virtio"/>
  <alias name="net0"/>
  <address type="pci" domain="0x0000" bus="0x01" slot="0x00" function="0x0"/>
</interface>

I have cleared all rules and removed iptables. Firewalld is disabled and masked, and nftables is also disabled and masked. However, traceroute packets are still not reaching the host bridge and the guest network interface in my case. The output is shown below (I stopped the First, Second, Third, and Fourth commands because the process did not complete within a reasonable time):

First: the host: Packets arriving:

tusharar@qolac:~$ sudo tcpdump -n -tttt -i br0 port 33434
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^Z
[1]+  Stopped                 sudo tcpdump -n -tttt -i br0 port 33434

Second: the guest VM packets arriving:

[root@server1 ~]# tcpdump -n -tttt -i enp1s0 port 33434
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on enp1s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^Z
[2]+  Stopped                 tcpdump -n -tttt -i enp1s0 port 33434

Third: The host: Packets leaving:

tusharar@qolac:~$ sudo tcpdump -n -tttt -i br0 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^Z
[16]+  Stopped                 sudo tcpdump -n -tttt -i br0 icmp

Fourth: The guest: Packets leaving:

[root@server1 ~]# sudo tcpdump -n -tttt -i enp1s0 icmp
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on enp1s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^Z
[3]+  Stopped                 sudo tcpdump -n -tttt -i enp1s0 icmp

Any advice on how to resolve this issue would be greatly appreciated. Thank you in advance for your help!

1 Like
4

Just a few thought as I look at some of this…

I may have missed it, but what is the idea you are working to achieve by involving a tap device for your VM? tun/tap devices typically involve either tunneling like with a VPN or if you are trying to assign a VM to a physical NIC.

Also, in your OP you reference a device called tap0, then here most recently it’s tap1 ?

A basic inteface definition for a VM using a bridge setup and a virtual interface would look something like this:

<interface type="bridge">
  <mac address="52:54:00:xx:xx:xx"/>
  <source bridge="br0"/>
  <target dev="vnet0"/>
  <model type="virtio"/>
  <alias name="net0"/>
  <address type="pci" domain="0x0000" bus="0x01" slot="0x00" function="0x0"/>
</interface>

Also, as mentioned already, .yaml files can be sensitive to formatting. Did you compare your current .yaml file with the one you have backed up when everything was working? May be some clues there.

On one of my hosts, my yaml file looks like this:

network:
  version: 2
  renderer: networkd
  ethernets:
    eno1:
      dhcp4: false
      dhcp6: false
  bridges:
    br0:
      interfaces: [eno1]
      addresses: [192.168.10.251/24]
      # gateway4 is deprecated, use routes instead
      routes:
      - to: default
        via: 192.168.10.1
        metric: 100
        on-link: true
      mtu: 1500
      nameservers:
        addresses: [192.168.10.1]
      parameters:
        stp: true
        forward-delay: 4
      dhcp4: no
      dhcp6: no

Is your nameserver address correct? Just a thought.

1 Like
5

I do not use virt-manager, but I do observe a difference between our configurations.
For the configuration file for my VM, /etc/libvirt/qemu/desk-pp.xml, under the network section I have:

    <interface type='bridge'>
      <mac address='52:54:00:0e:25:04'/>
      <source bridge='br0'/>
      <model type='virtio'/>
      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
    </interface>

I don’t use the “tap” method, nor do I know anything about it, other than I have seen it mentioned in the past.

1 Like