The impact of this bug is that libvirt can't start the default network:
bauermann@popigai:~$ virsh -c qemu:///system net-start default
error: Failed to start network default
error: internal error: firewalld is set to use the nftables backend, but the required firewalld 'libvirt' zone is missing. Either set the firewalld backend to 'iptables', or ensure that firewalld has a 'libvirt' zone by upgrading firewalld to a version supporting rule priorities (0.7.0+) and/or rebuilding libvirt with --with-firewalld-zone
bauermann@popigai:~$ echo $?
1
The workaround is to add a zone="trusted" attribute to the bridge node of the network XML definition:
More information I should have mentioned earlier:
The impact of this bug is that libvirt can't start the default network:
bauermann@ popigai: ~$ virsh -c qemu:///system net-start default firewalld- zone
error: Failed to start network default
error: internal error: firewalld is set to use the nftables backend, but the required firewalld 'libvirt' zone is missing. Either set the firewalld backend to 'iptables', or ensure that firewalld has a 'libvirt' zone by upgrading firewalld to a version supporting rule priorities (0.7.0+) and/or rebuilding libvirt with --with-
bauermann@ popigai: ~$ echo $?
1
The workaround is to add a zone="trusted" attribute to the bridge node of the network XML definition:
<network> default< /name> d20d5db0- 4a01-4422- 8bcb-8b582d0193 56</uuid> "52:54: 00:13:28: 6a"/> "192.168. 122.1" netmask= "255.255. 255.0"> 192.168. 122.2" end="192. 168.122. 254"/>
<name>
<uuid>
<forward mode="nat">
<nat>
<port start="1024" end="65535"/>
</nat>
</forward>
<bridge name="virbr0" zone="trusted" stp="on" delay="0"/>
<mac address=
<ip address=
<dhcp>
<range start="
</dhcp>
</ip>
</network>