I'm new to virt-manager, qemu and libvirt so I barely know how to use them. I use virt-manager's GUI to make it easier for me to do a transition from VirtualBox (including VBoxManage) to KVM.
By far I know how to make my Virtual Machine with the GUI, but there's a huge problem: Once my VM is started - The network of the host and the guest is losing connection.
No matter if it's NAT or Bridge, Once the VM is started - No network for the Host, nor the Guest. I can't browse the web to find a solution as long as the VM is running - I must shut it off and then the network is restored.
I went to journalctl -r (with sudo) to see what can cause it. I'm not that good at understanding the output of journalctl, so I'm sharing it here, and maybe someone can find the problem within my logs?
Apr 20 19:01:41 myuser systemd[1]: NetworkManager-dispatcher.service: Deactivated successfully.
Apr 20 19:01:32 myuser kernel: audit: type=1400 audit(1713628892.242:110): apparmor="STATUS" operation="profile_remove" profile="unconfined" name="libvirt-92b7cf2e-326>
Apr 20 19:01:32 myuser audit[59392]: AVC apparmor="STATUS" operation="profile_remove" profile="unconfined" name="libvirt-92b7cf2e-3262-4f04-ad63-37d5e4d94b70" pid=5939>
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {newlink} index 7 operstate 2 <DOWN>
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {newlink} index 7 address 52:54:00:6B:A6:9E mtu 1500
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {update} flags 4099 <UP>
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {TX} 28 packets 3938 bytes
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {RX} 40 packets 3476 bytes
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {dellink} index 8 operstate 2 <DOWN>
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {newlink} index 7 operstate 6 <UP>
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {newlink} index 7 address 52:54:00:6B:A6:9E mtu 1500
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {update} flags 4163 <UP,RUNNING>
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {TX} 28 packets 3938 bytes
Apr 20 19:01:32 myuser connmand[1102]: virbr1 {RX} 40 packets 3476 bytes
Apr 20 19:01:32 myuser connmand[1102]: Remove interface (null) [ ethernet ]
Apr 20 19:01:32 myuser connmand[1102]: (null) {remove} index 8
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {dellink} index 8 operstate 2 <DOWN>
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {newlink} index 8 operstate 2 <DOWN>
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {newlink} index 8 address FE:54:00:DB:3A:50 mtu 1500
Apr 20 19:01:32 myuser connmand[1102]: (null) {del} address 169.254.64.167/16 label vnet2
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {newlink} index 8 operstate 2 <DOWN>
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {newlink} index 8 address FE:54:00:DB:3A:50 mtu 1500
Apr 20 19:01:32 myuser connmand[1102]: (null) {del} route fe80:: gw :: scope 0 <UNIVERSE>
Apr 20 19:01:32 myuser connmand[1102]: Removing default interface route failed (No such device)
Apr 20 19:01:32 myuser connmand[1102]: Removing default interface route failed (No such device)
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {newlink} index 8 operstate 2 <DOWN>
Apr 20 19:01:32 myuser connmand[1102]: vnet2 {newlink} index 8 address FE:54:00:DB:3A:50 mtu 1500
Apr 20 19:01:32 myuser systemd-machined[935]: Machine qemu-3-linux2022 terminated.
Apr 20 19:01:32 myuser systemd[1]: machine-qemu\x2d3\x2dlinux2022.scope: Consumed 22.066s CPU time.
Apr 20 19:01:32 myuser systemd[1]: machine-qemu\x2d3\x2dlinux2022.scope: Deactivated successfully.
Apr 20 19:01:31 myuser systemd[1]: Started NetworkManager-dispatcher.service - Network Manager Script Dispatcher Service.
Apr 20 19:01:31 myuser dbus-daemon[928]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Apr 20 19:01:31 myuser systemd[1]: Starting NetworkManager-dispatcher.service - Network Manager Script Dispatcher Service...
Apr 20 19:01:31 myuser dbus-daemon[928]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service>
Apr 20 19:01:31 myuser NetworkManager[1101]: <info> [1713628891.9478] device (vnet2): released from master device virbr1
Apr 20 19:01:31 myuser NetworkManager[1101]: <info> [1713628891.9474] device (vnet2): state change: activated -> unmanaged (reason 'unmanaged', sys-iface-state: 'remo>
Apr 20 19:01:31 myuser avahi-daemon[925]: Withdrawing address record for 169.254.64.167 on vnet2.
Apr 20 19:01:31 myuser avahi-daemon[925]: Withdrawing address record for fe80::fc54:ff:fedb:3a50 on vnet2.
Apr 20 19:01:31 myuser avahi-daemon[925]: Leaving mDNS multicast group on interface vnet2.IPv4 with address ***.***.**.***.
Apr 20 19:01:31 myuser avahi-daemon[925]: Interface vnet2.IPv4 no longer relevant for mDNS.
Apr 20 19:01:31 myuser connman-vpnd[927]: virbr1 {newlink} index 7 operstate 2 <DOWN>
Apr 20 19:01:31 myuser connman-vpnd[927]: virbr1 {newlink} index 7 address 52:54:00:6B:A6:9E mtu 1500
Apr 20 19:01:31 myuser connman-vpnd[927]: virbr1 {update} flags 4099 <UP>
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {dellink} index 8 operstate 2 <DOWN>
Apr 20 19:01:31 myuser connman-vpnd[927]: virbr1 {newlink} index 7 operstate 6 <UP>
Apr 20 19:01:31 myuser connman-vpnd[927]: virbr1 {newlink} index 7 address 52:54:00:6B:A6:9E mtu 1500
Apr 20 19:01:31 myuser connman-vpnd[927]: virbr1 {update} flags 4163 <UP,RUNNING>
Apr 20 19:01:31 myuser kernel: virbr1: port 1(vnet2) entered disabled state
Apr 20 19:01:31 myuser kernel: device vnet2 left promiscuous mode
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {remove} index 8
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {dellink} index 8 operstate 2 <DOWN>
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {newlink} index 8 operstate 2 <DOWN>
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {newlink} index 8 address FE:54:00:DB:3A:50 mtu 1500
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {newlink} index 8 operstate 2 <DOWN>
Apr 20 19:01:31 myuser kernel: virbr1: port 1(vnet2) entered disabled state
Apr 20 19:01:31 myuser connman-vpnd[927]: vnet2 {newlink} index 8 address FE:54:00:DB:3A:50 mtu 1500
I have enabled libvirt in firewalld's zones: home, trusted and even public. It doesn't seem to work.
Using Debian 12.5 (Bookworm), LXQt Desktop GUI
Update: When I set the network of the VM to "Isolate", I might not have any network on my VM, but the network on my host will work. It happens on non-isolate networks
Update 2: I stopped firewalld and that didn't helped, so it's not a firewall problem
Please help me to solve this problem. Thank you
Response for @A B -
Updated - When the VM is ON (Host)*:
$ sudo bash -c "ip link; ip -br addr; ip route; ip rule; ip neigh"
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 10:7b:44:93:7e:60 brd ff:ff:ff:ff:ff:ff
3: enx00e04c6802a7: <NO-CARRIER,BROADCAST,MULTICAST,DYNAMIC,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
link/ether 00:e0:4c:68:02:a7 brd ff:ff:ff:ff:ff:ff
5: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:3a:4a:9b brd ff:ff:ff:ff:ff:ff
6: vnet0: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc noqueue master virbr0 state UNKNOWN mode DEFAULT group default qlen 1000
link/ether fe:54:00:d6:4a:49 brd ff:ff:ff:ff:ff:ff
lo UNKNOWN 127.0.0.1/8 ::1/128
enp3s0 UP 192.168.1.9/24 fe80::127b:44ff:fe93:7e60/64
enx00e04c6802a7 DOWN
virbr0 UP 192.168.100.1/24
vnet0 UNKNOWN 169.254.149.177/16 fe80::fc54:ff:fed6:4a49/64
0.0.0.0 dev vnet0 scope link
default dev vnet0 scope link
169.254.0.0/16 dev vnet0 proto kernel scope link src 169.254.149.177
192.168.1.0/24 dev enp3s0 proto kernel scope link src 192.168.1.9
192.168.1.1 dev enp3s0 scope link
192.168.100.0/24 dev virbr0 proto kernel scope link src 192.168.100.1
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
192.168.1.6 dev enp3s0 lladdr 00:00:c0:34:14:db STALE
192.168.100.202 dev virbr0 lladdr 52:54:00:d6:4a:49 STALE
192.168.1.1 dev enp3s0 lladdr 74:da:88:d6:c8:e6 STALE
198.252.206.25 dev vnet0 FAILED
192.168.1.5 dev enp3s0 lladdr 50:eb:f6:24:85:a6 STALE
fe80::76da:88ff:fed6:c8e6 dev enp3s0 lladdr 74:da:88:d6:c8:e6 router STALE
fe80::9c7a:f1bb:ca7f:4c1e dev enp3s0 lladdr 50:eb:f6:24:85:a6 STALE
$ sudo systemctl stop firewalld.service && sudo nft list ruleset
table ip filter {
}
table ip nat {
}
table ip mangle {
}
table ip6 filter {
}
table ip6 nat {
}
table ip6 mangle {
}
$ sudo cat /etc/resolv.conf
# Generated by resolvconf
nameserver 192.168.1.1
- As I said - I don't have a terminal (or I don't know how to access it) while I'm installing debian on the guest, so I can't provide the information from the guest
ip link; ip -br addr; ip route; ip rule; ip neighand also on the host (with the firewall deactivated)nft list ruleset. While at it also twice the content of/etc/resolv.conf.default dev vnet0 scope link: default route towards the VM's NIC instead of Internet. There has to be a setting that has been set wrong somewhere, but I can't guess what.