Yeah. There are some non-trivial forwarding rules being created by the tools there. Unfortunately, I’m not familiar enough with that sort of setup to be of much help. A few basic things to check though would be:
- Use
brctl showto make sure that the right network interfaces are actually on the right bridges. - Since you said this is using libvirt, make sure that there is a
allow br0line (or whatever your bridge name is) in /etc/qemu/bridge.conf.
If none of that works, I’d probably be down to trial-and-error experimenting with the forwarding rules. I don’t really use libvirt for anything anymore on my systems. I’ve mostly switched to using systemd-nspawn containers and using MACVLAN “bridges” to connect them to the external network. I also use systemd-networkd to configure everything manually so that I know exactly how things are wired and how they are supposed to work. I don’t like it when the tooling auto-configures a lot of stuff that I don’t know about and don’t know how to fix when things go wrong.