Ubuntu 22.04 not internet, but internet works

Hello good day!

I have a weird problem, my ubuntu 22.04 server connects just fine to the internet for almost all cases. However there are a couple of instances that don’t have access to the internet.

Screenshot from 2025-04-19 20-49-041162×980 90.1 KB

For example, I cannot add online accounts. Furthermore, I’ve set up qemu, and also here is no internet.

The latter is actually kind of annoying because I would like to have a windows instance for the rare cases where I am forced to use windows.

I think I know the cause of the problem. A couple of months ago I created a VM to build an easy to ship version of an application I am working on. In the process of setting this up I did a lot of fiddling on the server in order for my VM obtain it’s own static IP from my router rather than a bridge of some sort. I did this because I wanted to connect the VM to my nginx proxy manager.

I have since deleted the VM because it turned our it was easier to set up a docker container of it. Deploying docker containers is easy, but building one proved quite difficult. Luckily I managed to do it.

Back to my question, I think in the process of creating the VM I broke something in my networking system.

Unfortunately I have no idea how i can debug and fix this problem.

My start would be the following output, but from here I have no idea how to proceed. Looking at my networks config makes me very confused. Snaps makes debugging these problems quite difficult because i apparently have 108 network instances…

Can anyone help me fix this please?

Your help is truly appreciated.

ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
    link/ether 1c:69:7a:62:9e:0b brd ff:ff:ff:ff:ff:ff
    altname enp0s31f6
3: wlp0s20f3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 56:f5:8c:48:20:61 brd ff:ff:ff:ff:ff:ff permaddr d8:3b:bf:50:6c:d4
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 3e:52:f8:a4:ce:c2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.250/24 brd 192.168.2.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fd8c:b993:bb49:7c88:3c52:f8ff:fea4:cec2/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 1435sec preferred_lft 1435sec
    inet6 fe80::3c52:f8ff:fea4:cec2/64 scope link 
       valid_lft forever preferred_lft forever
5: br-12fc6fc04025: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 4e:c8:c6:8a:16:9c brd ff:ff:ff:ff:ff:ff
    inet 192.168.64.1/20 brd 192.168.79.255 scope global br-12fc6fc04025
       valid_lft forever preferred_lft forever
    inet6 fe80::4cc8:c6ff:fe8a:169c/64 scope link 
       valid_lft forever preferred_lft forever
6: br-41995dedb449: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 86:eb:97:5d:20:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.32.1/20 brd 192.168.47.255 scope global br-41995dedb449
       valid_lft forever preferred_lft forever
7: br-483c3663dd23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 96:e1:3e:c7:1e:7c brd ff:ff:ff:ff:ff:ff
    inet 172.19.0.1/16 brd 172.19.255.255 scope global br-483c3663dd23
       valid_lft forever preferred_lft forever
    inet6 fe80::94e1:3eff:fec7:1e7c/64 scope link 
       valid_lft forever preferred_lft forever
8: br-55abfd00a826: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 0e:8d:b9:ed:6e:56 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-55abfd00a826
       valid_lft forever preferred_lft forever
    inet6 fe80::c8d:b9ff:feed:6e56/64 scope link 
       valid_lft forever preferred_lft forever
9: br-62cb6dfc27a6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 9a:d8:7c:af:6d:ae brd ff:ff:ff:ff:ff:ff
    inet 172.23.0.1/16 brd 172.23.255.255 scope global br-62cb6dfc27a6
       valid_lft forever preferred_lft forever
    inet6 fe80::98d8:7cff:feaf:6dae/64 scope link 
       valid_lft forever preferred_lft forever
10: br-a64f35858e90: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:91:7a:06:c8:ab brd ff:ff:ff:ff:ff:ff
    inet 172.20.0.1/16 brd 172.20.255.255 scope global br-a64f35858e90
       valid_lft forever preferred_lft forever
    inet6 fe80::ec91:7aff:fe06:c8ab/64 scope link 
       valid_lft forever preferred_lft forever
11: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 4e:47:98:13:2f:04 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::4c47:98ff:fe13:2f04/64 scope link 
       valid_lft forever preferred_lft forever
12: br-12e7ea52fbf2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 0a:75:0b:17:3a:26 brd ff:ff:ff:ff:ff:ff
    inet 172.21.0.1/16 brd 172.21.255.255 scope global br-12e7ea52fbf2
       valid_lft forever preferred_lft forever
34: cali84be666b758@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-cabbff27-962e-c921-36e0-78d78c829a34
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
35: cali9ef2ca550b7@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-17ebf623-11b8-40ba-3ab7-4ef8c41c11a7
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
36: caliab7bb467db7@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-4069b418-44e8-b23e-7bce-86d6cc05e225
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
37: cali6d55d0fcd5b@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-01124dbe-1ad5-2ba7-d7ae-a5d0fe55709b
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
38: calidb89c5c550a@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-5e814548-5aa9-0c7e-4c86-ae96ee5dba75
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
39: cali4e3f42ded4c@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-7a7e2e7c-8b2a-7e49-dae7-831f152ef281
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
40: caliba400f0ef55@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-11c2f9a4-e5ef-7e1a-4c1d-75030bd50fa4
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
41: caliad442cc56ba@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-54a026a0-9449-d974-1f78-106cfa05ae20
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
42: cali0399de1aa1d@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-585dbe3e-01fc-b6ae-7e93-209c363f0d4d
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
43: calic4f9df93190@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-9efc7292-9778-5d5f-8cb7-2a94e0ad9686
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
44: califee36422fdd@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-5bf6709d-361e-0a0d-3a10-8502a22b2568
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
45: cali3796c15a1a8@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-1496f58f-8996-d943-203d-871d2d49a5d6
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever
48: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default 
    link/ether 66:af:58:c7:03:8e brd ff:ff:ff:ff:ff:ff
    inet 10.1.178.0/32 scope global vxlan.calico
       valid_lft forever preferred_lft forever
    inet6 fe80::64af:58ff:fec7:38e/64 scope link 
       valid_lft forever preferred_lft forever
70: veth61ac532@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether a2:be:44:9a:a0:75 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::a0be:44ff:fe9a:a075/64 scope link 
       valid_lft forever preferred_lft forever
71: veth4387e36@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a64f35858e90 state UP group default 
    link/ether c2:da:88:b0:d2:8f brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::c0da:88ff:feb0:d28f/64 scope link 
       valid_lft forever preferred_lft forever
72: vethae25e02@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 2a:0e:9d:bf:e3:05 brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::280e:9dff:febf:e305/64 scope link 
       valid_lft forever preferred_lft forever
74: veth24936ea@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether a2:c5:eb:70:29:15 brd ff:ff:ff:ff:ff:ff link-netnsid 4
    inet6 fe80::a0c5:ebff:fe70:2915/64 scope link 
       valid_lft forever preferred_lft forever
76: veth8ba1220@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether c2:50:d2:69:6d:29 brd ff:ff:ff:ff:ff:ff link-netnsid 6
    inet6 fe80::c050:d2ff:fe69:6d29/64 scope link 
       valid_lft forever preferred_lft forever
78: veth6fd77cf@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether ce:f3:c7:8f:30:12 brd ff:ff:ff:ff:ff:ff link-netnsid 8
    inet6 fe80::ccf3:c7ff:fe8f:3012/64 scope link 
       valid_lft forever preferred_lft forever
80: veth347148b@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-62cb6dfc27a6 state UP group default 
    link/ether 1a:78:29:e0:62:fe brd ff:ff:ff:ff:ff:ff link-netnsid 10
    inet6 fe80::1878:29ff:fee0:62fe/64 scope link 
       valid_lft forever preferred_lft forever
81: veth1f97f18@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a64f35858e90 state UP group default 
    link/ether 62:38:02:cf:32:31 brd ff:ff:ff:ff:ff:ff link-netnsid 11
    inet6 fe80::6038:2ff:fecf:3231/64 scope link 
       valid_lft forever preferred_lft forever
82: veth0aaa69a@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-12fc6fc04025 state UP group default 
    link/ether b2:be:07:ce:fd:0e brd ff:ff:ff:ff:ff:ff link-netnsid 12
    inet6 fe80::b0be:7ff:fece:fd0e/64 scope link 
       valid_lft forever preferred_lft forever
83: veth93f75d7@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-62cb6dfc27a6 state UP group default 
    link/ether fa:73:b1:7e:84:b3 brd ff:ff:ff:ff:ff:ff link-netnsid 13
    inet6 fe80::f873:b1ff:fe7e:84b3/64 scope link 
       valid_lft forever preferred_lft forever
85: veth612e1bb@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a64f35858e90 state UP group default 
    link/ether e2:56:b6:51:87:8e brd ff:ff:ff:ff:ff:ff link-netnsid 15
    inet6 fe80::e056:b6ff:fe51:878e/64 scope link 
       valid_lft forever preferred_lft forever
87: veth61a8282@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 62:11:fa:a8:d9:ac brd ff:ff:ff:ff:ff:ff link-netnsid 17
    inet6 fe80::6011:faff:fea8:d9ac/64 scope link 
       valid_lft forever preferred_lft forever
88: vethfa7af58@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-12fc6fc04025 state UP group default 
    link/ether 86:4e:05:6f:38:2c brd ff:ff:ff:ff:ff:ff link-netnsid 18
    inet6 fe80::844e:5ff:fe6f:382c/64 scope link 
       valid_lft forever preferred_lft forever
89: veth1cbc67c@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 12:8d:07:2b:a2:42 brd ff:ff:ff:ff:ff:ff link-netnsid 19
    inet6 fe80::108d:7ff:fe2b:a242/64 scope link 
       valid_lft forever preferred_lft forever
90: vethf3a355d@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 16:cc:a1:5b:18:a9 brd ff:ff:ff:ff:ff:ff link-netnsid 20
    inet6 fe80::14cc:a1ff:fe5b:18a9/64 scope link 
       valid_lft forever preferred_lft forever
92: veth11353bb@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a64f35858e90 state UP group default 
    link/ether 42:cc:37:9e:18:2c brd ff:ff:ff:ff:ff:ff link-netnsid 34
    inet6 fe80::40cc:37ff:fe9e:182c/64 scope link 
       valid_lft forever preferred_lft forever
94: vethf66e364@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a64f35858e90 state UP group default 
    link/ether 12:da:db:28:dc:6f brd ff:ff:ff:ff:ff:ff link-netnsid 33
    inet6 fe80::10da:dbff:fe28:dc6f/64 scope link 
       valid_lft forever preferred_lft forever
97: vethcda2eb1@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a64f35858e90 state UP group default 
    link/ether fe:19:1e:44:76:5d brd ff:ff:ff:ff:ff:ff link-netnsid 5
    inet6 fe80::fc19:1eff:fe44:765d/64 scope link 
       valid_lft forever preferred_lft forever
98: veth8b9ddea@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-55abfd00a826 state UP group default 
    link/ether 9e:c2:41:34:b0:23 brd ff:ff:ff:ff:ff:ff link-netnsid 7
    inet6 fe80::9cc2:41ff:fe34:b023/64 scope link 
       valid_lft forever preferred_lft forever
100: veth33d07b4@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-483c3663dd23 state UP group default 
    link/ether aa:17:47:54:d3:24 brd ff:ff:ff:ff:ff:ff link-netnsid 9
    inet6 fe80::a817:47ff:fe54:d324/64 scope link 
       valid_lft forever preferred_lft forever
102: veth35194a2@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-483c3663dd23 state UP group default 
    link/ether fe:e6:42:5d:4b:f1 brd ff:ff:ff:ff:ff:ff link-netnsid 16
    inet6 fe80::fce6:42ff:fe5d:4bf1/64 scope link 
       valid_lft forever preferred_lft forever
104: veth16af95e@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-483c3663dd23 state UP group default 
    link/ether 6e:9c:e5:d1:15:2e brd ff:ff:ff:ff:ff:ff link-netnsid 3
    inet6 fe80::6c9c:e5ff:fed1:152e/64 scope link 
       valid_lft forever preferred_lft forever
106: vethec7cb6a@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-483c3663dd23 state UP group default 
    link/ether 6a:ee:fd:94:fb:6b brd ff:ff:ff:ff:ff:ff link-netnsid 14
    inet6 fe80::68ee:fdff:fe94:fb6b/64 scope link 
       valid_lft forever preferred_lft forever

Thank you kind people!

You’re likely right that the changes made for the previous VM setup are the root cause, especially since you involved bridging (br0) to give the VM its own IP.

First, looking at your ip addr show output:

1. eno1: This is your physical Ethernet port. Notice it’s master br0 and doesn’t have an IP address itself. This is expected when it’s part of a bridge.
2. br0: This is the network bridge you likely created. It has your server’s main IP address (192.168.2.250/24). Your server’s primary connection to your local network (and the internet) is now going through this bridge.
3. The many other br-xxxx, docker0, cali-xxxx, vxlan.calico, and vethxxxx interfaces are mostly related to Docker and potentially Kubernetes/Calico networking. While they add noise, they are probably not the direct cause of the host system’s or QEMU’s specific issues, though misconfigurations could interfere. The large number is normal if you run several Docker containers/networks.

The core issue seems to be that while basic connectivity works, some specific services or setups (like Online Accounts, QEMU VMs) are failing. This often points towards issues with DNS, routing, firewall rules, or subtle bridge misconfigurations left over from the old setup.

Let’s gather some more information to diagnose this. Could you please run the following commands on your server and share the output?

1. Check Default Route: This shows where your server sends internet-bound traffic.

   ip route show
   

   (We want to see if the default route is correctly pointing to your router’s IP via the br0 interface).

2. Check DNS Resolution: This shows which DNS servers your system is configured to use.

   resolvectl status
   

   (Or, if that doesn’t give much detail, cat /etc/resolv.conf).

3. Test Basic Connectivity (Gateway & Internet IP): Let’s assume your router’s IP is 192.168.2.1 (change if different).

   ping -c 4 192.168.2.1 
   ping -c 4 8.8.8.8 
   

   (This tests if you can reach your gateway and a public IP address directly).

4. Test DNS Lookup + Connectivity:

   ping -c 4 google.com
   

   (This tests if DNS resolution is working and you can reach the resolved IP).

5. Show Netplan Configuration: Since you’re on 22.04, your network is likely managed by netplan. This is crucial for understanding how eno1 and br0 are configured.

   cat /etc/netplan/*.yaml
   

   (Please share the content of any .yaml files in that directory. Redact any sensitive info if necessary, though usually these files don’t contain passwords).

6. Check Firewall Status: A firewall could be blocking specific outgoing connections.

   sudo ufw status verbose
   

   (If you’re not using ufw, let us know if you’re using iptables directly or another firewall).

7. QEMU Network Configuration: How are you configuring the network for your QEMU VMs? Are you trying to bridge them to br0, or using the default user-mode networking (SLIRP)? Knowing the QEMU command line arguments or configuration related to -netdev or -net would be helpful.

Once we have this information, especially the netplan configuration and the routing/DNS details, we should have a much better idea of where the problem lies. It might be a case of needing to adjust the br0 configuration in netplan or clean up residual rules.

Hi there!

Thank you for taking the time to help me out!

Please find the debug information below:

ip route show
default via 192.168.2.254 dev br0 proto static 
blackhole 10.1.178.0/26 proto 80 
10.1.178.5 dev calidb89c5c550a scope link 
10.1.178.7 dev calic4f9df93190 scope link 
10.1.178.13 dev cali9ef2ca550b7 scope link 
10.1.178.17 dev caliad442cc56ba scope link 
10.1.178.20 dev cali4e3f42ded4c scope link 
10.1.178.31 dev cali6d55d0fcd5b scope link 
10.1.178.32 dev caliab7bb467db7 scope link 
10.1.178.33 dev caliba400f0ef55 scope link 
10.1.178.40 dev califee36422fdd scope link 
10.1.178.47 dev cali0399de1aa1d scope link 
10.1.178.52 dev cali3796c15a1a8 scope link 
10.1.178.63 dev cali84be666b758 scope link 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
172.18.0.0/16 dev br-55abfd00a826 proto kernel scope link src 172.18.0.1 
172.19.0.0/16 dev br-483c3663dd23 proto kernel scope link src 172.19.0.1 
172.20.0.0/16 dev br-a64f35858e90 proto kernel scope link src 172.20.0.1 
172.21.0.0/16 dev br-12e7ea52fbf2 proto kernel scope link src 172.21.0.1 linkdown 
172.22.0.0/16 dev br-42b13626e1f4 proto kernel scope link src 172.22.0.1 linkdown 
172.23.0.0/16 dev br-62cb6dfc27a6 proto kernel scope link src 172.23.0.1 
172.24.0.0/16 dev br-f42c805f2d6c proto kernel scope link src 172.24.0.1 
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.250 
192.168.32.0/20 dev br-41995dedb449 proto kernel scope link src 192.168.32.1 linkdown 
192.168.64.0/20 dev br-12fc6fc04025 proto kernel scope link src 192.168.64.1 
213.232.87.97 via 192.168.2.254 dev br0 

and

resolvectl status
Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: foreign
Current DNS Server: 8.8.8.8
       DNS Servers: 8.8.8.8 8.8.4.4

Link 2 (eno1)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (wlp0s20f3)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 4 (br0)
Current Scopes: DNS
     Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 8.8.8.8 8.8.4.4 fe80::7e77:16ff:fe8f:47c0%21966

Link 5 (br-12fc6fc04025)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 6 (br-41995dedb449)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 7 (br-483c3663dd23)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 8 (br-55abfd00a826)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 9 (br-62cb6dfc27a6)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 10 (br-a64f35858e90)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 11 (docker0)
Current Scopes: none

and

ping -c 4 8.8.8.8 
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=60 time=7.82 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=60 time=8.07 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=60 time=8.06 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=60 time=8.16 ms

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 7.821/8.027/8.161/0.125 ms

and

ping -c 4 192.168.2.254
PING 192.168.2.254 (192.168.2.254) 56(84) bytes of data.
64 bytes from 192.168.2.254: icmp_seq=1 ttl=64 time=0.659 ms
64 bytes from 192.168.2.254: icmp_seq=2 ttl=64 time=0.609 ms
64 bytes from 192.168.2.254: icmp_seq=3 ttl=64 time=0.577 ms
64 bytes from 192.168.2.254: icmp_seq=4 ttl=64 time=0.453 ms

--- 192.168.2.254 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3103ms
rtt min/avg/max/mdev = 0.453/0.574/0.659/0.075 ms

and

ping -c 4 google.com
PING google.com (142.250.179.142) 56(84) bytes of data.
64 bytes from ams17s10-in-f14.1e100.net (142.250.179.142): icmp_seq=1 ttl=60 time=8.57 ms
64 bytes from ams17s10-in-f14.1e100.net (142.250.179.142): icmp_seq=2 ttl=60 time=8.15 ms
64 bytes from ams17s10-in-f14.1e100.net (142.250.179.142): icmp_seq=3 ttl=60 time=7.90 ms
64 bytes from ams17s10-in-f14.1e100.net (142.250.179.142): icmp_seq=4 ttl=60 time=8.33 ms

--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 7.899/8.237/8.572/0.246 ms

and

# Let NetworkManager manage all devices on this system

#network:
#  version: 2
#  renderer: NetworkManager

network:
  version: 2
  renderer: networkd
  ethernets:
    eno1:
      dhcp4: no
  bridges:
    br0:
      interfaces:
        - eno1
      addresses:
        - 192.168.2.250/24
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4]
      routes:
        - to: default
          via: 192.168.2.254

and

sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW IN    Anywhere                  
3389                       ALLOW IN    Anywhere                  
3350                       ALLOW IN    Anywhere                  
32400                      ALLOW IN    Anywhere                  
5789                       ALLOW IN    Anywhere                  
5786                       ALLOW IN    Anywhere                  
5787                       ALLOW IN    Anywhere                  
5876                       ALLOW IN    Anywhere                  
5757                       ALLOW IN    Anywhere                  
5696                       ALLOW IN    Anywhere                  
5622                       ALLOW IN    Anywhere                  
5291                       ALLOW IN    Anywhere                  
5660                       ALLOW IN    Anywhere                  
6057                       ALLOW IN    Anywhere                  
5762                       ALLOW IN    Anywhere                  
5591                       ALLOW IN    Anywhere                  
8080                       ALLOW IN    Anywhere                  
8081                       ALLOW IN    Anywhere                  
8989                       ALLOW IN    Anywhere                  
7878                       ALLOW IN    Anywhere                  
8686                       ALLOW IN    Anywhere                  
2234                       ALLOW IN    Anywhere                  
59692                      ALLOW IN    Anywhere                  
6789                       ALLOW IN    Anywhere                  
1197                       ALLOW IN    Anywhere                  
6767                       ALLOW IN    Anywhere                  
21                         ALLOW IN    Anywhere                  
8123                       ALLOW IN    Anywhere                  
80/tcp                     ALLOW IN    Anywhere                  
8765                       ALLOW IN    Anywhere                  
Anywhere                   ALLOW IN    172.30.32.0/23            
7277                       ALLOW IN    Anywhere                  
9700                       ALLOW IN    Anywhere                  
6443                       ALLOW IN    Anywhere                  
80                         ALLOW IN    Anywhere                  
443                        ALLOW IN    Anywhere                  
8472                       ALLOW IN    Anywhere                  
10250                      ALLOW IN    Anywhere                  
Anywhere                   ALLOW IN    172.17.0.0/23             
Anywhere                   ALLOW IN    10.42.0.0/23              
9700/tcp                   ALLOW IN    Anywhere                  
9000                       ALLOW IN    Anywhere                  
81                         ALLOW IN    Anywhere                  
1234                       ALLOW IN    Anywhere                  
1235                       ALLOW IN    Anywhere                  
3306                       ALLOW IN    Anywhere                  
90                         ALLOW IN    Anywhere                  
91                         ALLOW IN    Anywhere                  
453                        ALLOW IN    Anywhere                  
8000                       ALLOW IN    Anywhere                  
8111                       ALLOW IN    Anywhere                  
8112                       ALLOW IN    Anywhere                  
85                         ALLOW IN    Anywhere                  
445                        ALLOW IN    Anywhere                  
80,443/tcp (Nginx Full)    ALLOW IN    Anywhere                  
8083                       ALLOW IN    Anywhere                  
8084                       ALLOW IN    Anywhere                  
3333                       ALLOW IN    Anywhere                  
9090                       ALLOW IN    Anywhere                  
1883                       ALLOW IN    Anywhere                  
1880                       ALLOW IN    Anywhere                  
3003                       ALLOW IN    Anywhere                  
3004                       ALLOW IN    Anywhere                  
9001                       ALLOW IN    Anywhere                  
3000                       ALLOW IN    Anywhere                  
8086                       ALLOW IN    Anywhere                  
5800                       ALLOW IN    Anywhere                  
9084                       DENY IN     Anywhere                  
8282                       ALLOW IN    Anywhere                  
8090                       ALLOW IN    Anywhere                  
8050                       ALLOW IN    Anywhere                  
Anywhere on vxlan.calico   ALLOW IN    Anywhere                  
Anywhere on cali+          ALLOW IN    Anywhere                  
6881                       ALLOW IN    Anywhere                  
62689                      ALLOW IN    Anywhere                  
8091                       ALLOW IN    Anywhere                  
8888                       ALLOW IN    Anywhere                  
Anywhere on br0            ALLOW IN    Anywhere                  
67/udp on br0              ALLOW IN    Anywhere                  
53/tcp on br0              ALLOW IN    Anywhere                  
53/udp on br0              ALLOW IN    Anywhere                  
Anywhere                   ALLOW IN    192.168.2.251             
8005                       ALLOW IN    Anywhere                  
8096                       ALLOW IN    Anywhere                  
3010                       ALLOW IN    Anywhere                  
9900                       ALLOW IN    Anywhere                  
9905                       ALLOW IN    Anywhere                  
9904                       ALLOW IN    Anywhere                  
3456                       ALLOW IN    Anywhere                  
1111                       ALLOW IN    Anywhere                  
2222                       ALLOW IN    Anywhere                  
7575                       ALLOW IN    Anywhere                  
2283                       ALLOW IN    Anywhere                  
8978                       ALLOW IN    Anywhere                  
8008                       ALLOW IN    Anywhere                  
5900                       ALLOW IN    Anywhere                  
5091                       ALLOW IN    Anywhere                  
5901                       ALLOW IN    Anywhere                  
137,138/udp (Samba)        ALLOW IN    Anywhere                  
139,445/tcp (Samba)        ALLOW IN    Anywhere                  
9100                       ALLOW IN    Anywhere                  
22/tcp (v6)                ALLOW IN    Anywhere (v6)             
3389 (v6)                  ALLOW IN    Anywhere (v6)             
3350 (v6)                  ALLOW IN    Anywhere (v6)             
32400 (v6)                 ALLOW IN    Anywhere (v6)             
5789 (v6)                  ALLOW IN    Anywhere (v6)             
5786 (v6)                  ALLOW IN    Anywhere (v6)             
5787 (v6)                  ALLOW IN    Anywhere (v6)             
5876 (v6)                  ALLOW IN    Anywhere (v6)             
5757 (v6)                  ALLOW IN    Anywhere (v6)             
5696 (v6)                  ALLOW IN    Anywhere (v6)             
5622 (v6)                  ALLOW IN    Anywhere (v6)             
5291 (v6)                  ALLOW IN    Anywhere (v6)             
5660 (v6)                  ALLOW IN    Anywhere (v6)             
6057 (v6)                  ALLOW IN    Anywhere (v6)             
5762 (v6)                  ALLOW IN    Anywhere (v6)             
5591 (v6)                  ALLOW IN    Anywhere (v6)             
8080 (v6)                  ALLOW IN    Anywhere (v6)             
8081 (v6)                  ALLOW IN    Anywhere (v6)             
8989 (v6)                  ALLOW IN    Anywhere (v6)             
7878 (v6)                  ALLOW IN    Anywhere (v6)             
8686 (v6)                  ALLOW IN    Anywhere (v6)             
2234 (v6)                  ALLOW IN    Anywhere (v6)             
59692 (v6)                 ALLOW IN    Anywhere (v6)             
6789 (v6)                  ALLOW IN    Anywhere (v6)             
1197 (v6)                  ALLOW IN    Anywhere (v6)             
6767 (v6)                  ALLOW IN    Anywhere (v6)             
21 (v6)                    ALLOW IN    Anywhere (v6)             
8123 (v6)                  ALLOW IN    Anywhere (v6)             
80/tcp (v6)                ALLOW IN    Anywhere (v6)             
8765 (v6)                  ALLOW IN    Anywhere (v6)             
7277 (v6)                  ALLOW IN    Anywhere (v6)             
9700 (v6)                  ALLOW IN    Anywhere (v6)             
6443 (v6)                  ALLOW IN    Anywhere (v6)             
80 (v6)                    ALLOW IN    Anywhere (v6)             
443 (v6)                   ALLOW IN    Anywhere (v6)             
8472 (v6)                  ALLOW IN    Anywhere (v6)             
10250 (v6)                 ALLOW IN    Anywhere (v6)             
9700/tcp (v6)              ALLOW IN    Anywhere (v6)             
9000 (v6)                  ALLOW IN    Anywhere (v6)             
81 (v6)                    ALLOW IN    Anywhere (v6)             
1234 (v6)                  ALLOW IN    Anywhere (v6)             
1235 (v6)                  ALLOW IN    Anywhere (v6)             
3306 (v6)                  ALLOW IN    Anywhere (v6)             
90 (v6)                    ALLOW IN    Anywhere (v6)             
91 (v6)                    ALLOW IN    Anywhere (v6)             
453 (v6)                   ALLOW IN    Anywhere (v6)             
8000 (v6)                  ALLOW IN    Anywhere (v6)             
8111 (v6)                  ALLOW IN    Anywhere (v6)             
8112 (v6)                  ALLOW IN    Anywhere (v6)             
85 (v6)                    ALLOW IN    Anywhere (v6)             
445 (v6)                   ALLOW IN    Anywhere (v6)             
80,443/tcp (Nginx Full (v6)) ALLOW IN    Anywhere (v6)             
8083 (v6)                  ALLOW IN    Anywhere (v6)             
8084 (v6)                  ALLOW IN    Anywhere (v6)             
3333 (v6)                  ALLOW IN    Anywhere (v6)             
9090 (v6)                  ALLOW IN    Anywhere (v6)             
1883 (v6)                  ALLOW IN    Anywhere (v6)             
1880 (v6)                  ALLOW IN    Anywhere (v6)             
3003 (v6)                  ALLOW IN    Anywhere (v6)             
3004 (v6)                  ALLOW IN    Anywhere (v6)             
9001 (v6)                  ALLOW IN    Anywhere (v6)             
3000 (v6)                  ALLOW IN    Anywhere (v6)             
8086 (v6)                  ALLOW IN    Anywhere (v6)             
5800 (v6)                  ALLOW IN    Anywhere (v6)             
9084 (v6)                  DENY IN     Anywhere (v6)             
8282 (v6)                  ALLOW IN    Anywhere (v6)             
8090 (v6)                  ALLOW IN    Anywhere (v6)             
8050 (v6)                  ALLOW IN    Anywhere (v6)             
Anywhere (v6) on vxlan.calico ALLOW IN    Anywhere (v6)             
Anywhere (v6) on cali+     ALLOW IN    Anywhere (v6)             
6881 (v6)                  ALLOW IN    Anywhere (v6)             
62689 (v6)                 ALLOW IN    Anywhere (v6)             
8091 (v6)                  ALLOW IN    Anywhere (v6)             
8888 (v6)                  ALLOW IN    Anywhere (v6)             
Anywhere (v6) on br0       ALLOW IN    Anywhere (v6)             
67/udp (v6) on br0         ALLOW IN    Anywhere (v6)             
53/tcp (v6) on br0         ALLOW IN    Anywhere (v6)             
53/udp (v6) on br0         ALLOW IN    Anywhere (v6)             
8005 (v6)                  ALLOW IN    Anywhere (v6)             
8096 (v6)                  ALLOW IN    Anywhere (v6)             
3010 (v6)                  ALLOW IN    Anywhere (v6)             
9900 (v6)                  ALLOW IN    Anywhere (v6)             
9905 (v6)                  ALLOW IN    Anywhere (v6)             
9904 (v6)                  ALLOW IN    Anywhere (v6)             
3456 (v6)                  ALLOW IN    Anywhere (v6)             
1111 (v6)                  ALLOW IN    Anywhere (v6)             
2222 (v6)                  ALLOW IN    Anywhere (v6)             
7575 (v6)                  ALLOW IN    Anywhere (v6)             
2283 (v6)                  ALLOW IN    Anywhere (v6)             
8978 (v6)                  ALLOW IN    Anywhere (v6)             
8008 (v6)                  ALLOW IN    Anywhere (v6)             
5900 (v6)                  ALLOW IN    Anywhere (v6)             
5091 (v6)                  ALLOW IN    Anywhere (v6)             
5901 (v6)                  ALLOW IN    Anywhere (v6)             
137,138/udp (Samba (v6))   ALLOW IN    Anywhere (v6)             
139,445/tcp (Samba (v6))   ALLOW IN    Anywhere (v6)             
9100 (v6)                  ALLOW IN    Anywhere (v6)             

Anywhere                   ALLOW OUT   Anywhere on vxlan.calico  
Anywhere                   ALLOW OUT   Anywhere on cali+         
Anywhere                   ALLOW OUT   Anywhere on br0           
68/udp                     ALLOW OUT   Anywhere on br0           
53/tcp                     ALLOW OUT   Anywhere on br0           
53/udp                     ALLOW OUT   Anywhere on br0           
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on vxlan.calico
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on cali+    
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on br0      
68/udp (v6)                ALLOW OUT   Anywhere (v6) on br0      
53/tcp (v6)                ALLOW OUT   Anywhere (v6) on br0      
53/udp (v6)                ALLOW OUT   Anywhere (v6) on br0 

As for qemu, I’ve tried all configs
But mainly I use the guides from chris titus.

Thank you for your time!

Hi everyone!

Does anyone maybe have some time to look at my logs please ?

Maybe grand master lord majesty mister @popey ?

hi

Your resolvecfg is foreign, so not the systemds’ handling. If you are not using a custom DNS manger then revert to that maybe?

sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
sudo systemctl restart systemd-resolved

You could try enabling routed traffic
now disabled: Default: deny (incoming), allow (outgoing), deny (routed)
enable: sudo ufw default allow routed

Try launching your quemu:

qemu-system-x86_64 \
  -enable-kvm \
  -m 4096 \
  -cpu host \
  -smp 4 \
  -hda /path/to/your/windows.img \
  -netdev bridge,id=net0,br=br0 \
  -device virtio-net-pci,netdev=net0 \
  -display gtk

NOTE:
Your IP6 traffic is wide open: Anywhere (v6) on br0 ALLOW IN Anywhere (v6)

Thanx for the reply ivasan!

I’ve managed to ge qemu working by routing the traffic over br0 indeed.

Now my next task is to remove the bridhe network and revert to the old config. I’ve set a static IP inside ubuntu somewhere but cant seem to track down where

Thank you for the help!

Are you using now the netplan right?

• So in /etc/netplan/.yaml dhcp should be true for eno1 interface.
• Check what you have in /etc/network/interfaces
• Check network manger: nmcli connection show. Is there somehwere there ipv4.method manual? yes, delete.

If your Portainer and Docker is running probably you want to keep the bridge, since the containers are using that. Just not communicate via that to the internet.

The static IP, your Ubuntu machine gets is from this line, in your /etc/netplan/.yaml file

bridges:
  br0:
    addresses:
      - 192.168.2.250/24

if you want to have dynamic IP for the ubuntu machine you can update netplan config file as follows

network:
  version: 2
  renderer: networkd
  ethernets:
    eno1:
      dhcp4: no   # eno1 stays as a passthrough
  bridges:
    br0:
      interfaces:
        - eno1
      dhcp4: yes   # Enable DHCP on the bridge
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4]   # Optional: can also remove this if using DHCP-provided DNS

• This tells Netplan: “Don’t use static IP. Get an IP dynamically via DHCP on br0.”
• eno1 stays as a passthrough — which is what you want in a bridge setup.

you may then apply this config using

sudo netplan apply

Or for safety:

sudo netplan try

Please don’t forget to backup the config files before editing.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.