KVM vm's and Ubuntu 22.04 host = internet blocked

Lx_pollywog

Member
Joined
Nov 26, 2020
Messages
38
Reaction score
7
Credits
358
Using many os's in kvm virtual machines. Host os is Ubuntu 22.04.

Vm's i initially setup months ago still connecting to internet no problem. Any new vm's impossible to get web. Also the Host system(Ubuntu)
does not connect to web. Must be in a vm for internet connection.

Also i can't access web unless i connect to vpn(nordvpn) when using any kvm os's.

Like being in jail.
Hard for me easy for you ?
Thanks
 


This happened also last time i wiped pc total, no one knew. This is recuring. l
I can't even install akvm scice agent since host cannot connect to web.
 
FWIW, none of my Linux boxes will connect to the web in a virtual machine.
I'd have to purchase a dongle I found out.

Sorry I don't know more to help you virtual machines are not my speciality.

Maybe @KGIII or @f33dm3bits can help.
 
Which VM are you using? QEMU or something else? if it's QEMU do you use libvirt frontend or some other UI frontend?
Is virtual switch default one or custom like openvswitch?

More information would be helpful, please share as much info about your VM setup and VM network as you can.
 
More information would be helpful, please share as much info about your VM setup and VM network as you can.
This as it's impossible to guess your network setup. I do have a guess though.
Also i can't access web unless i connect to vpn(nordvpn) when using any kvm os's.
Because you said this, I think it may have to do with that. I know most vpn providers have a kill switch and/or lock-down mode. A kill switch prevents your traffic from leaking outside of your vpn tunnel and lock down mode you are required to be connected to your vpn provider and all other network traffic will be blocked.

Vm's i initially setup months ago still connecting to internet no problem.
Since your vm's can access the internet I would guess you have setup a physical bridge(ie: br0) which your vm's are connected to. So that once your vpn becomes active they can access the internet because if they were using a virtual bridge(ie: virbr0) they would have the same problem as your host. So my guess is that your host is losing connection due to some network configuration or configuration that makes the vpn app think that you lost network connection to your vpn which causes the kill switch to kick in for your host.


I would look in that direction.
 
Last edited:
Are you installing your new VMs with NAT or are you bridging them to the local network?

Are your older working VM's bridged mode or are they NAT'ed on an internal subnet?

Do you have 'net.ipv4.ip_forward = 1' in your /etc/sysctl.conf?
 
Last edited:
I just saw the VPN thing. What makes no sense is your VPN software can find the internet, but nothing else.

This makes me think you have a DNS issue on your local network. Your VPN software probably connects via an IP address (pure guess here) So that doesn't require DNS.
Then once you are connected to the VPN, that connection sets it's own DNS server which it can now access via the VPN.

Check your /etc/resolv.conf or even better, run the command "resolvectl status" and find the DNS servers listed.

If that command doesn't work, you need to installed systemd-resolved and then enable the service.

Bash:
# For Redhat dnf based systems.  You can substitute yum for dnf if you don't have dnf.
dnf install systemd-resolved -y
systemctl enable systemd-resolved --now
systemd-resolve status
-------------------------------
 resolvectl status
Global
         Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: foreign
Current DNS Server: 172.x.x.x
       DNS Servers: 172.x.x.x 172.x.x.x 172.x.x.x
        DNS Domain: fakedomain.com

You can use nmtui to set your DNS servers from a cli. If you have some GUI interface, there are other ways also.
 
Last edited:
I just saw the VPN thing. What makes no sense is your VPN software can find the internet, but nothing else.

This makes me think you have a DNS issue on your local network. Your VPN software probably connects via an IP address (pure guess here) So that doesn't require DNS.
Then once you are connected to the VPN, that connection sets it's own DNS server which it can now access via the VPN.
The entire problem doesn't make any sense but the given information is very limited and my desktop is setup with a a VPN and both the vm's(with a physical bridge and virtual bridge) and host can access the internet. Either way I would start by removing a layer because each layer adds a complication and then work up from there until you have a working situation. So I would first remove the VPN software and see if the problem exists then and then add it again if that gives a working situtation.

The DNS guess also sounds like logical direction to look into, it actually reminds me last time I did my setup(5 days ago because I reinstalled my system) I ran into issues of me being not able to access the internet because I used a Wireguard profile which I imported into NetworkManager and when having turned it on I wasn't able to access the internet either, I didn't test then if my any of my vm's had internet access then, but that could be another direction to look into because what I ended up doing downloading Mullvad's vpn app and using that to enable my vpn connection and that worked without having to pull any other weird hacks.
 
Last edited:

Members online


Top