Port forwarding "pinhole" lost when running Linux bridge

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
1 post Page 1 of 1
by kfritz » Thu Aug 15, 2013 7:26 pm
I just though I'd post this here in case anyone else runs into a similar problem. I run a Linux host behind the Pace modem, and have the Pace configured to forward ssh. Occasionally, I'm unable to ssh from a remote location.

I'm also running a VM on this host (using kvm). For connectivity to the VM, I run a bridge interface, which I add eth0 and a tap interface for the VMs (using vde_switch if that matters). Well, it turns out that the default creation of a tap interface in Linux assigns a random MAC address, and the bridge interface will take the lowest MAC address as its own. About 10% of the time (in my case), the random tap MAC is lower, so to the Pace modem thinks this is a new host with a new MAC address, and the port forwarding won't work.

The solution was to change my script that brings up the tap interface (vde_switch) -- after the interface is created, I run

Code: Select all

/usr/sbin/ip link set tap0 addr fe:ff:ff:ff:ff:ff
So, my eth0 MAC is always lower than this, and all works fine.

Well, I guess if anyone has a similar problem, they could probably figure it out on their own... :geek:
1 post Page 1 of 1

Who is online

In total there are 30 users online :: 0 registered, 0 hidden and 30 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 30 guests