Re: virt-manager networking without iptables binary?
Originally Posted by
aljames2
Not sure I agree with this statement. The point of a bridge is to allow VMs to appear as just another host on the network. They can communicate with, and are reachable by other hosts on the network (subnet) because they are on a bridge. As mentioned, it's the firewall rules on each host that allow or deny traffic according to your needs. The KVM "default" network upon installation is NAT which hides VMs behind the host with only outboud internet traffic, perhaps good for a testing environment. So we can create a bridge, or other virtual network device to configure how our VMs participate on the network.
The function of the bridge is dependent upon which interfaces are included (plus firewall and routing). If a bridge is created without including the local LAN interface, how does that help your argument? I think you are only considering a limited number of bridge configurations. If I bridge my loopback interface, that won't inherently help me connect to my LAN. Consider this, you can create a bridge without any ports.
Last edited by volkswagner; March 3rd, 2024 at 11:40 PM.
Nothing is ever easy, but if it is difficult you must be doing it wrong.
Bookmarks