Changes
→Enable bridging through the host firewall
11. Add FORWARD ACCEPT statements to the host iptables and ip6tables for each VE IPv4 and IPv6 address. You do NOT need to enable any special network forwarding via sysctl.
host iptables:
-A FORWARD -s xxx.xxx.xxx.xxx -j ACCEPT
-A FORWARD -d xxx.xxx.xxx.xxx -j ACCEPT
host ip6tables:
-A FORWARD -s xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx -j ACCEPT
-A FORWARD -d xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx -j ACCEPT
