[solved] KVM Network Bridge Issues

I am on arch-lts with qemu 3.0

I configured a network bridge with netctl and attached my win10-gaming vm to it. My host has internet the bridge br0 works as intended with VirtualBox.

My vfio win10-gaming VM though won’t receive an IP address unless i do a

sudo systemctl start firewalld
sudo systemctl stop firewalld

i mean it works but it is annoying as f… - so maybe somebody can help me solve this strange behavior.

where is the IP address assignment supposed to come from? do you have a router that is not the host machine? is the host machine running a DHCP server?

also: can you show us your /etc/network/interfaces file?

thanks for replying.

i have a external pfsense router device that handles all my network services, including dhcp and dns in my local network.
my host machine is not running a dhcp server. all VMs running on my host use the netctl bridge br0 - virtualbox and kvm and they all receive an ip from my pfsense box. but for kvm vms i need to start/stop firewalld once after logging into my host system.

since i am on arch i dont have the file you requested but i can show you this:

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether 30:9c:23:60:d6:0d brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 30:9c:23:60:d6:0d brd ff:ff:ff:ff:ff:ff
inet 1.3.10.88/24 brd 1.3.10.255 scope global br0
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:ec:8e:8c:17 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:54:a9:85 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:54:a9:85 brd ff:ff:ff:ff:ff:ff

and also the netctl bridge

$ cat /etc/netctl/bridge
Description=“bridge”
Interface=br0
Connection=bridge
BindsToInterfaces=(eth0)
IP=static
Address=‘1.3.10.88/24’
Gateway=‘1.3.10.7’
DNSOptions=(‘resolv_conf_local_only=no’)
DNS=(‘1.3.10.7’)
MACAddressOf=eth0
SkipForwardingDelay=yes

solved it

added udev rule
/etc/udev/rules.d/99-bridge.rules

ACTION=="add", SUBSYSTEM=="module", KERNEL=="br_netfilter", RUN+="/lib/systemd/systemd-sysctl --prefix=/net/bridge"

and disabled the netfilter on the bridge by adding (as described in their network config)

net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

to the file /etc/sysctl.d/bridge.conf