Setup QEMU Client network (with docker installed)

Ask Fedora
, ,
1

How to setup QEMU client networking?

I have a working network bridge:

image
image1169×646 88.5 KB

and connected the windows client;
image
image456×300 14.1 KB

The client see the adaptor and network but does not get an address from the dhcp server (like the host)

Ethernet-Adapter Ethernet:

   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter
   Physische Adresse . . . . . . . . : 52-54-00-66-87-C1
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   IPv4-Adresse (Auto. Konfiguration): 169.254.214.129(Bevorzugt)
   Subnetzmaske  . . . . . . . . . . : 255.255.0.0
   Standardgateway . . . . . . . . . :
   NetBIOS über TCP/IP . . . . . . . : Aktiviert

Are there any recent Fedora approved source to get a reliable network in a KVM client?

2

What did not work with deepseek works great with claude.io

Apparently the reason was docker. Adding this:

sudo iptables -I FORWARD -i br0 -j ACCEPT
sudo iptables -I FORWARD -o br0 -j ACCEPT

Temporary allowed a DHCP going through. With this as persistant solution:

sudo tee /etc/sysctl.d/99-bridge.conf << 'EOF'
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
EOF
sudo sysctl -p /etc/sysctl.d/99-bridge.conf

Actually it would be great if this docker/qemukvm conflict got a bit more prominence in documentation.

4

I experienced the same issue after starting to use llama.cpp docker containers; my Windows QEMU/KVM wouldn’t have network access.

Found some more helpful resources:

I honestly can’t make heads nor tails of the networking stack, especially iptables, but I assume Gerard de Leeuw’s answer (add ExecStartPost to docker.service) is enough for me. Hopefully, the explanation here is helpful to someone else.

Edit: I split iptables -I DOCKER-USER -i virbr0 -o virbr0 -j ACCEPT into two, iptables -I DOCKER-USER -i virbr0 -j ACCEPT and iptables -I DOCKER-USER -o virbr0 -j ACCEPT, and added them as ExecStartPost values. Otherwise, VM’s DHCP works but Internet doesn’t. I have virbr0 because I use the default automatically created bridge instead of making it myself, change it to whatever bridge name you have.