SCALE box with 2 NICS. I created a bridge br1 and added the second NIC to it, then gave br1 the ip alias of 10.1.1.2/16.
The NIC is connected directly to my router (10.1.1.1/16) to serve as a DMZ.
I added br1 to a VM, and gave it (statically) the IP of 10.1.2.3/16, with 10.1.1.1 as the gateway.
From the VM, I can't ping out to the internet (either by IP or by domain name). I can SSH into the VM from my LAN (192.168.X.X/16). I can also ping 10.1.1.1 (the DMZ interface on the router) from VM, however I can't get out to the internet from there.
From the router itself, I can ping out to the internet via 10.1.1.1. When I connect that same NIC to another 10.1.X.X interface on a different machine, that machine can reach the internet without issue.
I've verified that the router's firewall rules allow the DMZ to go out the WAN (which is also verified by the fact that I don't have the problem with a different machine with a similar configuration on that DMZ network.
I tired reboot the VM and re-adding the br1 bridge, to no avail.
The NIC is connected directly to my router (10.1.1.1/16) to serve as a DMZ.
I added br1 to a VM, and gave it (statically) the IP of 10.1.2.3/16, with 10.1.1.1 as the gateway.
From the VM, I can't ping out to the internet (either by IP or by domain name). I can SSH into the VM from my LAN (192.168.X.X/16). I can also ping 10.1.1.1 (the DMZ interface on the router) from VM, however I can't get out to the internet from there.
From the router itself, I can ping out to the internet via 10.1.1.1. When I connect that same NIC to another 10.1.X.X interface on a different machine, that machine can reach the internet without issue.
I've verified that the router's firewall rules allow the DMZ to go out the WAN (which is also verified by the fact that I don't have the problem with a different machine with a similar configuration on that DMZ network.
I tired reboot the VM and re-adding the br1 bridge, to no avail.