Discussion:
Can't ssh from hypervisor to guest host using KVM
JLMS
2012-04-20 12:00:18 UTC
Permalink
Hello,

I am setting up a series of systems and while in my host at home I can
happily do ssh from the hypervisor to the guests (CentOS 6.2 &
Fedora16 respectively) I can't do the same in the host I am working
with in the datacentre.

Whenever I try to ssh I get the following:

[***@ip-192-168-3-130 log]# ssh ***@192.168.111.199
ssh: connect to host 192.168.111.199 port 22: No route to host
[***@ip-192-168-3-130 log]#

while in my home server, I can do this with abandon:

[***@pinguino-centos jlms]# ssh ***@192.168.111.50
***@192.168.111.50's password:
[***@pinguino-centos jlms]#

in both cases the guests can happily ssh to the hypervisor, and in
both cases each host can ping each other, traceroute finds its way to
each host both ways...

The major difference is that in the setup at home I disabled
NetworkManger and gave the guest a static address, but I fail to see
if that would impact in any way how this all hangs together.

This must be a common setup and I suppose most SAs would expect to be
able to ssh as explained, what I am missing?

Thanks!
--
Gllug mailing list - ***@gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
Richard W.M. Jones
2012-04-20 21:39:09 UTC
Permalink
Post by JLMS
Hello,
I am setting up a series of systems and while in my host at home I can
happily do ssh from the hypervisor to the guests (CentOS 6.2 &
Fedora16 respectively) I can't do the same in the host I am working
with in the datacentre.
ssh: connect to host 192.168.111.199 port 22: No route to host
in both cases the guests can happily ssh to the hypervisor, and in
both cases each host can ping each other, traceroute finds its way to
each host both ways...
The major difference is that in the setup at home I disabled
NetworkManger and gave the guest a static address, but I fail to see
if that would impact in any way how this all hangs together.
This must be a common setup and I suppose most SAs would expect to be
able to ssh as explained, what I am missing?
What you really need to do is tcpdump the traffic on the bridge device
(virbrX or similar), and compare it to a tcpdump of the traffic seen
by the guest.

Also have a look at the routing table in the host, which should have a
route to the bridge:

$ netstat -rn
[...]
192.168.111.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
Post by JLMS
From the error, it sounds like this route is missing.
Finally, you are actually using the right IP address for the guest?

Rich.
--
Richard Jones
Red Hat
--
Gllug mailing list - ***@gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
Loading...