<div dir="ltr">Hello<div><br></div><div>I was faced to the same problem after a Buster to Bullseye upgrade. The same commands as you returned the same results.</div><div><br></div><div>After a week of unsuccessful attempts, I have been able to get my VM back and apparently without regression by removing </div><div><ul><li>all my *qemu* *libvirt* *iptables* *nftables* named packages</li><li>my DHCP client packages</li><li>my orphaned packages (several runs)</li></ul>After that, I reinstalled them, nftables after all the other ones. <br></div><div><br></div><div>If it can help someone...</div><div><br></div><div>Regards</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Oct 12, 2021 at 12:03 AM James Youngman <<a href="mailto:james@youngman.org">james@youngman.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">Package: libvirt-daemon<br>
Version: 7.0.0-3<br>
Followup-For: Bug #994127<br>
<br>
I also find (after upgrade from buster to bullseye) that my default<br>
network will no longer start:<br>
<br>
jupiter:~$ sudo virsh net-list --all<br>
Name State Autostart Persistent<br>
-----------------------------------------------<br>
default inactive yes yes<br>
ipv6-net inactive yes yes<br>
<br>
jupiter:~$ sudo virsh net-info default<br>
Name: default<br>
UUID: b5472d74-d362-4d85-900c-14959e3dfd35<br>
Active: no<br>
Persistent: yes<br>
Autostart: yes<br>
Bridge: virbr0<br>
<br>
jupiter:~$ sudo virsh net-start default<br>
error: Failed to start network default<br>
error: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --list-rules: iptables v1.8.7 (nf_tables): table `filter' is incompatible, use 'nft' tool.<br>
<br>
<br>
jupiter:~$ dpkg -l nftables iptables<br>
Desired=Unknown/Install/Remove/Purge/Hold<br>
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend<br>
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)<br>
||/ Name Version Architecture Description<br>
+++-==============-============-============-==============================================================<br>
ii iptables 1.8.7-1 amd64 administration tools for packet filtering and NAT<br>
ii nftables 0.9.8-3.1 amd64 Program to control packet filtering rules by Netfilter project<br>
jupiter:~$ readlink -f /usr/sbin/iptables<br>
/usr/sbin/xtables-nft-multi<br>
jupiter:~$ update-alternatives --display iptables<br>
iptables - auto mode<br>
link best version is /usr/sbin/iptables-nft<br>
link currently points to /usr/sbin/iptables-nft<br>
link iptables is /usr/sbin/iptables<br>
slave iptables-restore is /usr/sbin/iptables-restore<br>
slave iptables-save is /usr/sbin/iptables-save<br>
/usr/sbin/iptables-legacy - priority 10<br>
slave iptables-restore: /usr/sbin/iptables-legacy-restore<br>
slave iptables-save: /usr/sbin/iptables-legacy-save<br>
/usr/sbin/iptables-nft - priority 20<br>
slave iptables-restore: /usr/sbin/iptables-nft-restore<br>
slave iptables-save: /usr/sbin/iptables-nft-save<br>
jupiter:~$ ls -l /usr/sbin/iptables /etc/alternatives/iptables /usr/sbin/iptables-nft /usr/sbin/xtables-nft-multi<br>
lrwxrwxrwx 1 root root 22 Jul 10 2019 /etc/alternatives/iptables -> /usr/sbin/iptables-nft<br>
lrwxrwxrwx 1 root root 26 Jul 10 2019 /usr/sbin/iptables -> /etc/alternatives/iptables<br>
lrwxrwxrwx 1 root root 17 Jan 17 2021 /usr/sbin/iptables-nft -> xtables-nft-multi<br>
-rwxr-xr-x 1 root root 220232 Jan 17 2021 /usr/sbin/xtables-nft-multi<br>
<br>
It appears that moving the alternative doesn't fix the problem. A<br>
bit confusingly, the command shown, if I run it manually, appears to<br>
work:<br>
<br>
jupiter:~$ sudo virsh net-start default<br>
error: Failed to start network default<br>
error: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --list-rules: iptables v1.8.7 (nf_tables): table `filter' is incompatible, use 'nft' tool.<br>
<br>
<br>
<br>
jupiter:~$ sudo /usr/sbin/iptables -w --table filter --list-rules<br>
-P INPUT ACCEPT<br>
-P FORWARD ACCEPT<br>
-P OUTPUT ACCEPT<br>
jupiter:~$ echo $?<br>
0<br>
<br>
Though of course, that doesn't get my VMs booted. None of my guest<br>
VMs can start. This is a significant problem for me.<br>
<br>
-- System Information:<br>
Debian Release: 11.1<br>
APT prefers stable-updates<br>
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')<br>
Architecture: amd64 (x86_64)<br>
<br>
Kernel: Linux 5.10.0-9-amd64 (SMP w/12 CPU threads)<br>
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE<br>
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE:en<br>
Shell: /bin/sh linked to /bin/dash<br>
Init: systemd (via /run/systemd/system)<br>
LSM: AppArmor: enabled<br>
<br>
Versions of packages libvirt-daemon depends on:<br>
ii libblkid1 2.36.1-8<br>
ii libc6 2.31-13+deb11u2<br>
ii libdevmapper1.02.1 2:1.02.175-2.1<br>
ii libgcc-s1 10.2.1-6<br>
ii libglib2.0-0 2.66.8-1<br>
ii libnetcf1 1:0.2.8-1.1<br>
ii libparted2 3.4-1<br>
ii libpcap0.8 1.10.0-2<br>
ii libpciaccess0 0.16-1<br>
ii libselinux1 3.1-3<br>
ii libudev1 247.3-6<br>
ii libvirt-daemon-driver-qemu 7.0.0-3<br>
ii libvirt0 7.0.0-3<br>
ii libxml2 2.9.10+dfsg-6.7<br>
<br>
Versions of packages libvirt-daemon recommends:<br>
ii libvirt-daemon-driver-lxc 7.0.0-3<br>
ii libvirt-daemon-driver-vbox 7.0.0-3<br>
ii libvirt-daemon-driver-xen 7.0.0-3<br>
ii libxml2-utils 2.9.10+dfsg-6.7<br>
ii netcat-openbsd 1.217-3<br>
ii qemu-system-x86 [qemu-kvm] 1:5.2+dfsg-11+deb11u1<br>
<br>
Versions of packages libvirt-daemon suggests:<br>
pn libvirt-daemon-driver-storage-gluster <none><br>
pn libvirt-daemon-driver-storage-iscsi-direct <none><br>
pn libvirt-daemon-driver-storage-rbd <none><br>
pn libvirt-daemon-driver-storage-zfs <none><br>
ii libvirt-daemon-system 7.0.0-3<br>
pn numad <none><br>
<br>
-- no debconf information<br>
<br>
</blockquote></div>