Using bridged networking with Virt-manager
In previous posts you can find instructions on how to configure bridged networking when managing your kvm guests by command line. However for many users experimenting with kvm, the virt-manager GUI tool is the preferred method of managing kvm guests in which case bridged networking configuration might pose a challenge. If you fall into the camp of users who prefer virt-manager and have ever wondered how to configure bridged networking , you’ll be able to use bridged networking with virt-manager after reading this post.
1. Configure your bridge
Your libvirt installation will provide default bridges for use with xen, qemu and other types of domains. For qemu/kvm, the default bridge should be called vnet0 and you can verify this by issuing the following command on your system.
# brctl show bridge name bridge id STP enabled interfaces pan0 8000.000000000000 no virbr0 8000.000000000000 yes vnet0 8000.000000000000 yes
Th first thing you need to do is add a network script for your vnet0 bridge. On Fedora this script will be located under /etc/sysconfig/network-scripts/ but may differ for other linux distributions. So go ahead and create a new script at /etc/sysconfig/network-scripts/ifcfg-vnet0 as root user and edit the contents so that it looks like the following.
DEVICE=vnet0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes
This completes set up of your vnet0 bridge.
2. Add your physical interface to the bridge
The next step is to add the physical interface that your kvm guest will be sharing to the vnet0 bridge configured above. For this post, we’ll assume that you’ll be using eth0 so to add eth0 to vnet0 bridge, issue the following command.
# brctl addif vnet0 eth0
You can verify that your eth0 was added to the vnet0 bridge issuing the brctl show command. Your output should look similar to the following.
# brctl show bridge name bridge id STP enabled interfaces pan0 8000.000000000000 no virbr0 8000.000000000000 yes vnet0 8000.0019b97ec863 yes eth0
Now you need to configure your network script for eth0. You will already have a script for eth0, but you’ll need to modify it by adding one line as BRIDGE=vnet0 so that it looks similar to the following script.
# Broadcom Corporation BCM4401-B0 100Base-TX
DEVICE=eth0
BRIDGE=vnet0
BOOTPROTO=dhcp
HWADDR=00:19:b9:7e:c8:63
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
NM_CONTROLLED=no
…
…
3. Restart your network services
In order for all the network script modifications to take effect, you need to restart your network services. Your command may differ slightly but for most linux distributions the following command will restart your network services.
# /etc/rc.d/init.d/network restart Shutting down interface vnet0: [ OK ] Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Bringing up interface vnet0: Determining IP information for vnet0... done. [ OK ]
My experience is that the dhcp on the bridge device usually takes a little longer than the other scripts so don’t worry if the line that says “determining ip information for vnet0” sits there for a min or two. Once this script completes, you’re finished with your system network configurations. Now, onto actually using bridged networking with virt-manager.
4. Configure Bridged Networking in Virt-Manager
Now comes the easy part. Configure your kvm guest in virt-manager as you normally would. When you get to the part that asks about your network type, choose to share with a physical device and you will be able to select the eth0 on bridge vnet0. Below is a screenshot of what you should see. You don’t need to specify a specific mac address unless you need to for some kind of static mapping.
Boot up your kvm guest which will be now connected to your local network. Your brctl show command will now show your kvm guest network added to your vnet0 bridge. Below is a sample output.
# brctl show
bridge name bridge id STP enabled interfaces
pan0 8000.000000000000 no
virbr0 8000.000000000000 yes
vnet0 8000.0019b97ec863 yes eth0
vnet1
Summary
Bridged networking with virt-manager is simpler than configuring bridged networking when managing kvm guests with command line since you don’t have to worry about things like qemu network scripts and generating random mac addresses. Virt-manager takes care of these things behind the scenes. What will be nice to see someday would be GUI tools for managing the bridges which would make the procedure even simpler.
- Haydn Solomon's blog
- Add new comment
- 4148 reads
- Email this page
RSS Feed
Navigation
Recent Posts
- KVM-82 Released: Nested Virtualization
- KVM-81 Released: Bug Fixes
- New VNC port allocation Feature
- KVM-80 Released: Qemu merge
- New support for Bluetooth devices using –bt option
- KVM-79 Released: pci device assignment, pci device hot plug
- KVM-78 Released: Bug Fixes, qemu merge
- Multiplexing your monitor and serial port
- KVM-77 Released: -std-vga deprecated, Improved disk performance
- Convirt 0.9.5 Released: Adds drag and drop live migration for KVM
Comments
Just to understand things...
Monday, September 22, 2008 - 12:57 Rodd Ahrenstorff (not verified)Is this available as of virt-manager 0.6.0-1 or earlier releases? How does this effect the Debain /etc/kvm/kvm-ifup script that is already in place in that distro?
Regards,
Rodd Ahrenstorff
Re: just to understand..
Monday, September 22, 2008 - 13:30 Haydn SolomonThis is available from the earlier virt-manager release (0.5.4) and the snapshots I did was actually from that version. I don't think it should affect your script but I'm not too familiar with debian.
Some issues
Wednesday, September 24, 2008 - 23:58 David CartwrightHaydn, a couple of additional points that may help some users (albeit, I know this is not the only way of achieving the same result):
1. A default installation of Fedora 9 uses the NetworkManager daemon rather than the network daemon. Hence, the services would need to be set to have NetworkManager not start and network start, e.g. as root:
/sbin/chkconfig --level 345 NetworkManager off
/sbin/chkconfig --level 345 network on
2. If the Host is running iptables, some changes would need to be made for the VM to obtain a DHCP address, e.g. I have used:
/sbin/iptables -F FORWARD
/sbin/iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
/sbin/iptables-save > /etc/sysconfig/iptables
3. IP Forwarding to be set in /etc/sysctl.conf, e.g. set:
net.ipv4.ip_forward=1
4. Reboot system for all changes to become active.
### ### ###
I presume that there is a plan by the developers to support this type of bridging within NetworkManager. For example, I note that oVirt sets up some files in /etc/libvirt/qemu/networks that include an XML configuration file that is also replicated in /etc/libvirt/qemu/networks/autostart
Any feedback you come across about configuration of bridging for a system using NetworkManager would be of great interest.
Re: network manager
Thursday, September 25, 2008 - 08:18 Haydn SolomonDavid,
I remember you did mention that fedora was planning to include some bridge control features in future release of network manager. I will keep an eye on it and post any developments.
Good tips on the iptables.
In previous posts...
Monday, October 20, 2008 - 06:34 Anonymous (not verified)Could you put a link to the previous posts, I'm needing the bit on setting up a bridged network. Thanks.
Previous post on bridging
Monday, October 20, 2008 - 08:37 Haydn SolomonHere is the link..
Configuring Bridged Networking
No vnet0
Saturday, November 29, 2008 - 19:18 alphadog (not verified)According to your post, there should be, by default, pan0, virbr0 and vnet0 bridges. On my fresh F10 install, I only have virbr0. Was vnet0 setup by you? If so, how?
Re: vnet0
Monday, December 1, 2008 - 01:13 Haydn SolomonAlphadog,
I didn't setup the vnet0, it was there by default and my tests were done on Fedora 9. Since you enquired, I decided to have a look and now there is no more vnet0, only pan0 and virbr0 on my F9 system. I believe these bridges were setup by libvirt and at the time of writing the post, I was running libvirt 0.4.4. Since then libvirt has gone through a release and could possibly be an explanation if libvirt made some changes in how the bridges are setup. I will have to investigate and post a comment since it would make the post irrelevant if this is the case.
same boat, no vnet0, no bridgee
Sunday, December 7, 2008 - 18:28 grempuppy (not verified)I'm in the same boat as alphadog. I have a fresh Fedora10 install and don't have a vnet0. My new virtual machines don't have access to a network at all. None of the interfaces present are bridged and available in the virtual machine creation wizard.
@grempuppy: The vnet0
Sunday, December 14, 2008 - 22:10 alphadog (not verified)@grempuppy: The vnet0 bridge(s) gets created by VMM. You shouldn't have one in a fresh install of F10.
corrections (on Fedora 10)
Friday, December 26, 2008 - 02:53 Allen (not verified)I have been at this for an entire day.
Your point #1 is does not seem to be necessary. The line NM_CONTROLLED=no takes care of it... I think.
As for point #2 it can be taken care of quite simply by setting the bridge to be a trusted interface. I don't know if this is safe but it is simple. Also, my virtuals are controlled by me anyway. The application to do this with is system-config-firewall.
Re: same boat, no vnet0, no bridgee
Friday, December 26, 2008 - 02:55 Allen (not verified)No problem!
Just make one up.
# brctl addbr foobar
And voila! The foobar bridge is born.
Then just continue as indicated.