KVM - The Linux Kernel-Based Virtual Machine
News, Blogs and Resources on the Linux (KVM) Kernel-Based Virtual Machine

Fedora + KVM + Bridge = Fail

4 replies [Last post]
alphadogg
Offline
Joined: Oct 22 2008
Points: 0

Okay, I would like to run virtual machines over KVM in Fedora 10, such that the VMs would be available on the local network (192.168.1.xxx). My server has three NICs. I would like eth1 to be bridged.

I have read multiple tutorials, and they all basically revolve around:
brctl addbr br0
ifconfig eth1 0.0.0.0
brctl addif br0 eth1
ifconfig br0 192.168.1.202 netmask 255.255.255.0 up
route add -net 192.168.1.0 netmask 255.255.255.0 br0
route add default gw 192.168.1.1 br0
tunctl
iplink set tap0 up
brctl addif br0 tap0

For iptables, I have tried:
iptables -I INPUT -i br0 -j ACCEPT
service iptables save

or:
iptables -F FORWARD
iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT

net.ipv4.ip_forward = 1 was set.

To run a VM, I do: qemu-kvm -hda /root/VM_Images/test.img -m 512 -cdrom /dev/cdrom -boot c -net nic,macaddr=DE:AD:BE:EF:19:11 -net tap,script=/etc/sysconfig/networkscripts/qemu-ifup

I get a VM, but cannot pull a DHCP on the VM's nic. When I set it static to the local network, I can't ping other machines.

Any suggestions?

Haydn Solomon
Offline
Joined: Mar 7 2008
Points: 456
Re: Fedora Bridge Fail

Alphadogg,

Have you retried using the new mac generation script (macgen.py) referenced in post link below:

Achieving Maximum Network Performance usinig bridging and paravirtual drivers

 

Anonymous
Have a look at this page for

Have a look at this page for some tips:

http://wiki.libvirt.org/page/Networking

Anonymous (not verified)
got it working using virt-manager

I got this working using virt-manager and a hand rolled bridge setup:

I used the /etc/sysconfig/network-scripts config files so it comes up at boot time:

ifcfg-vmsrvbr0 contains:

DEVICE=vmsrvbr0

ONBOOT=yes

TYPE=Bridge

STP=on

NM_CONTROLLED=No

IPV6INIT=no

 

ifcfg-eth1 contains:

DEVICE=eth1

ONBOOT=yes

BRIDGE=vmsrvbr0

NM_CONTROLLED=No

IPV6INIT=no

 

My eth1 is plugged into a switch for my DMZ because my VM's sit on the Internet. In the virt-manager GUI I specify my bridge interface (vmsrvbr0) and I end up with this running config:

/usr/bin/qemu-kvm -S -M pc -m 512 -smp 1 -name mailserver -monitor pty -boot c -drive file=/dev/VIRTUAL/MAIL,if=ide,index=0,boot=on -drive file=,if=ide,media=cdrom,index=2 -net nic,macaddr=54:52:00:25:d2:f4,vlan=0 -net tap,fd=9,script=,vlan=0,ifname=vnet0 -serial pty -parallel none -usb -vnc 127.0.0.1:0 -k en-us -soundhw es1370 brctl show vmsrvbr0 produces: bridge name bridge id STP enabled interfaces virbr0 8000.000000000000 yes vmsrvbr0 80e8.0050da5d8066 yes eth1 vnet0 vnet1

 

brctl show vmsrvbr0 produces:

bridge name     bridge id               STP enabled     interfaces
virbr0          8000.000000000000       yes
vmsrvbr0                80e8.0050da5d8066       yes      eth1
                                                                                    vnet0
                                                                                    vnet1

 

So the real interface (eth1) has no IP address. It doesn't need one.  Inside my virtual machines I can assign addreses as I see fit.  I have two VM's running on this host (hence vnet0 and vnet1 part of the bridge) and each VM has its own statically assigned address.  I'm betting I could have plugged eth1 into the switch for my LAN and gotten DHCP assigned addresses if I wanted.
 

Hope that helps

Anonymous (not verified)
Attempt not at home this

Attempt not at home this ready on the way to lend a hand drv so what time to accomplish a trouble-free switch mobile phone search to cell phone lookup come across not next to home who is losing to phone number. Along with you know how to as well fritter this telephone number search with the purpose of make a phone search a propos to liar. In addition to still by a invalidate search be able to complete the invalidate cellular phone method the most excellent thing you be able to always execute but you believe on the matter of it these days.

Post new comment

The content of this field is kept private and will not be shown publicly.
Type the characters you see in this picture. (verify using audio)
Type the characters you see in the picture above; if you can't read them, submit the form and a new image will be generated. Not case sensitive.