stevea
15th August 2011, 05:11 PM
The setup of a network bridge for use by KVM virtualization is an important issue for creating fast highly efficient access to virtualized servers. The procedure for setup has changed a bit since F14.
The host system must be setup to forward packets.
The control files for the interface to be bridged, and for the bridge must each have an ifcfg-* file.
The network must be controlled by the network.service since NetworkManager.service cannot manage bridges.
Also the guest system must have the correct bridge device associated with it's interface.
# install the necessary packages
sudo yum -y install qemu-system-x86 libvirt bridge-utils
# This example assumes the LAN for the VMs is on interface 'em1' with MAC address 00:18:F3:68:67:40
# The new bridge is called 'br0'
# Create the config files
## notes -
## - you can generate a new UUID for uuigen command
## - MTU setting in the bridge config file is optional.
## - BOOTPROTO setting in the bridge config file is optional, if a fixed IP is supplied.
cd /etc/sysconfig/network-scripts
sudo cat <<EOF >ifcfg-em1
BRIDGE=br0
DEVICE=em1
HWADDR=00:18:F3:68:67:40
NAME="em1"
NM_CONTROLLED=no
ONBOOT=yes
USERCTL=no
UUID=a9cd0273-46ba-40b0-8a40-f29ba46397a3
EOF
sudo cat <<EOF >ifcfg-br0
BOOTPROTO=dhcp
DELAY=0
DEVICE=br0
DHCP_HOSTNAME=myhostname.localdomain
IPV6INIT=no
MTU=9000
ONBOOT=yes
TYPE=Bridge
EOF
# Change the service selections to allow 'network' and not 'NetworkManager'
sudo systemctl disable NetworkManager.service
sudo systemctl enable network.service
sudo systemctl stop NetworkManager.service
sudo systemctl start network.service
# Test & examine the network at this point using the commands
sudo ip link
sudo ip route
brctl showmacs br0
sudo cat /etc/resolv.conf
ping google.com
# setup forwarding
sed -e s/ip_forward\ =\ 0/ip_forward\ =\ 1/ -i /etc/sysctl.conf
sysctl -p
# the sysctl -p should produce output containing a line like:
# "net.ipv4.ip_forward = 1"
At this point, assuming all has gone well, all em1 network traffic occurs through the new bridge 'br0'.
To associate a VM's enet with this bridge - the following procedures apply.
# First make sure the libvirtd.service is running
sudo systemctl enable libvirtd.service
sudo systemctl start libvirtd.service
Start virt-manager, either from the command line of the gui interface.
Make sure the virt-manager is connected to localhost (right-click and select 'connect' if necessary).
FOR A NEW VM ....
right-click localhost, and select 'New',.
Proceed through the 'Create a new virtual machine' screens to "step 5 of 5"
Select 'Advanced options'
select "Specify shared device name" from the pulldown menu.
enter "br0" (without quotes) as the "Bridge name:"
FOR AN EXISTING VM ...
right-click on the VM name in virt-manager and select "Open".
In the new window, select View->Details.
Select the NIC you want on the bridge.
in the "Source device:" menu select "Specify shared device".
In the "Bridge name:" field, enter "br0" (without the quotes).
In the bottom right corner, select the "Apply" button.
NOTE:
guest VMs with this bridged configuration can use all LAN resources.
They can resolve their network settings from the LAN DHCP service.
They can be accessed directly from the LAN.
TO TEST:
a/ verify you can ping the host and then google.com from the running guest.
b/ verify that you can ping the guest from your LAN, or hat ports are open
(e.g. nmap virtmailserv.localdomain)
REFERENCES
http://www.linux-kvm.org/page/Networking
The host system must be setup to forward packets.
The control files for the interface to be bridged, and for the bridge must each have an ifcfg-* file.
The network must be controlled by the network.service since NetworkManager.service cannot manage bridges.
Also the guest system must have the correct bridge device associated with it's interface.
# install the necessary packages
sudo yum -y install qemu-system-x86 libvirt bridge-utils
# This example assumes the LAN for the VMs is on interface 'em1' with MAC address 00:18:F3:68:67:40
# The new bridge is called 'br0'
# Create the config files
## notes -
## - you can generate a new UUID for uuigen command
## - MTU setting in the bridge config file is optional.
## - BOOTPROTO setting in the bridge config file is optional, if a fixed IP is supplied.
cd /etc/sysconfig/network-scripts
sudo cat <<EOF >ifcfg-em1
BRIDGE=br0
DEVICE=em1
HWADDR=00:18:F3:68:67:40
NAME="em1"
NM_CONTROLLED=no
ONBOOT=yes
USERCTL=no
UUID=a9cd0273-46ba-40b0-8a40-f29ba46397a3
EOF
sudo cat <<EOF >ifcfg-br0
BOOTPROTO=dhcp
DELAY=0
DEVICE=br0
DHCP_HOSTNAME=myhostname.localdomain
IPV6INIT=no
MTU=9000
ONBOOT=yes
TYPE=Bridge
EOF
# Change the service selections to allow 'network' and not 'NetworkManager'
sudo systemctl disable NetworkManager.service
sudo systemctl enable network.service
sudo systemctl stop NetworkManager.service
sudo systemctl start network.service
# Test & examine the network at this point using the commands
sudo ip link
sudo ip route
brctl showmacs br0
sudo cat /etc/resolv.conf
ping google.com
# setup forwarding
sed -e s/ip_forward\ =\ 0/ip_forward\ =\ 1/ -i /etc/sysctl.conf
sysctl -p
# the sysctl -p should produce output containing a line like:
# "net.ipv4.ip_forward = 1"
At this point, assuming all has gone well, all em1 network traffic occurs through the new bridge 'br0'.
To associate a VM's enet with this bridge - the following procedures apply.
# First make sure the libvirtd.service is running
sudo systemctl enable libvirtd.service
sudo systemctl start libvirtd.service
Start virt-manager, either from the command line of the gui interface.
Make sure the virt-manager is connected to localhost (right-click and select 'connect' if necessary).
FOR A NEW VM ....
right-click localhost, and select 'New',.
Proceed through the 'Create a new virtual machine' screens to "step 5 of 5"
Select 'Advanced options'
select "Specify shared device name" from the pulldown menu.
enter "br0" (without quotes) as the "Bridge name:"
FOR AN EXISTING VM ...
right-click on the VM name in virt-manager and select "Open".
In the new window, select View->Details.
Select the NIC you want on the bridge.
in the "Source device:" menu select "Specify shared device".
In the "Bridge name:" field, enter "br0" (without the quotes).
In the bottom right corner, select the "Apply" button.
NOTE:
guest VMs with this bridged configuration can use all LAN resources.
They can resolve their network settings from the LAN DHCP service.
They can be accessed directly from the LAN.
TO TEST:
a/ verify you can ping the host and then google.com from the running guest.
b/ verify that you can ping the guest from your LAN, or hat ports are open
(e.g. nmap virtmailserv.localdomain)
REFERENCES
http://www.linux-kvm.org/page/Networking
