docs: Update README to show iptables fix

README.md

@@ -32,6 +32,15 @@ Finally, run the `vethdhcp` to create a virtual ethernet connection on the `dock
 
     make run-dhcp
 
+If you get an "address is already in use" error, try stopping the `default` network created in virt-manager. If you find that the `docker0` bridge receives DHCP Offers from dnsmasq, but the VM does not you may need to change an iptables rule.
+
+    $ ip tables -L -t nat
+    $ iptables -t nat -R POSTROUTING 1 -s 172.17.0.0/16 ! -d 172.17.0.0/16 -j MASQUERADE
+
+    POSTROUTING
+    MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0      (Original Rule 1)
+    MASQUERADE  all  --  172.17.0.0/16       !172.17.0.0/16  (Updated Rule 1)
+
 Create a PXE boot client VM using virt-manager as described above. Let the VM PXE boot using the boot config determined the MAC address to config mapping set in the config service.
 
 ## Clients

scripts/vethdhcp

@@ -12,15 +12,15 @@ LEASE_TIME=30m
 
 # create and attach the veth if it is missing
 if ! ip link show $VETH; then
-	# create a virtual ethernet device (veth pair)
-	ip link add $VETH type veth peer name ${VETH}_b
-    # attach the "b" side of the veth to the bridge
-    brctl addif $BRIDGE ${VETH}_b
-    # assign an IP address to the veth
-    ip addr add $VETH_ADDR dev $VETH
-    # set both links to be up
-    ip link set $VETH up
-    ip link set $VETH_b up
+  # create a virtual ethernet device (veth pair)
+  ip link add $VETH type veth peer name ${VETH}_b
+  # attach the "b" side of the veth to the bridge
+  brctl addif $BRIDGE ${VETH}_b
+  # assign an IP address to the veth
+  ip addr add $VETH_ADDR dev $VETH
+  # set both links to be up
+  ip link set $VETH up
+  ip link set $VETH_b up
 fi
 
 dnsmasq --no-daemon --port=0 -i $VETH --dhcp-range=$ADDR_RANGE_START,$ADDR_RANGE_END,$LEASE_TIME