making firewall to allow multipath-tcp packets

If a multipath-tcp-capable guest VM cannot communicate to the Internet, try to check the firewall on the host, # iptables -L FORWARD target prot opt source destination REJECT all — anywhere anywhere reject-with icmp-host-prohibited You need to allow packets with multipath TCP (TCP option 30). # iptables -D FORWARD -p all -j REJECT –reject-with icmp-host-prohibited … [Read more…]