Linux KVM virtual Machine nat/bridge configuration

Host NIC configuration:

Nat mode when installing KVM, it is already configured by default. If not:

Retrieving NAT:
#virsh net-define/usr/share/libvirt/networks/default.xml//target:/etc/libvirt/storage/default.xml
#virsh Net-autostart Defalut//target:/etc/libvirt/storage/autostart/d Efault.xml
#virsh Net-start Default
[Email protected] ~]# Virsh net-list
??     §°               ??? Èa?¨??? §persistent
--------------------------------------------------
Default?? ¨yes Yes

[Email protected] ~]#

Bridge mode, bridge Focus:

Disable the NetworkManager tool to enable your own network service
Chkconfig NetworkManager off
Chkconfig Network on
Service NetworkManager Stop

When testing, pay attention to the shutdown of the host and virtual machine firewall, etc., to be tested and then configured.

Host network card:

[Email protected] ~]# cat/etc/sysconfig/network-scripts/ifcfg-br0
Device=br0
Type=bridge
#UUID =498400a2-bc2d-4680-963d-d0a585cdde5b
Onboot=yes
Nm_controlled=yes
Bootproto=static
Defroute=yes
Ipv4_failure_fatal=yes
Ipv6init=no
#NAME = "System Eth4"
#HWADDR =70:e2:84:0f:08:18
ipaddr=192.168.0.239
netmask=255.255.254.0
network=192.168.0.0
Prefix=23
gateway=192.168.1.1
dns1=61.139.2.69
last_connect=1438859818
[Email protected] ~]#

[Email protected] ~]# Cat/etc/sysconfig/network-scripts/ifcfg-eth4
Device=eth4
Type=ethernet
#UUID =498400a2-bc2d-4680-963d-d0a585cdde5b
Onboot=yes
#NM_CONTROLLED =yes
#BOOTPROTO =static
#DEFROUTE =yes
#IPV4_FAILURE_FATAL =yes
#IPV6INIT =no
#NAME = "System Eth4"
Hwaddr=70:e2:84:0f:08:18
#IPADDR =192.168.0.239
#NETMASK =255.255.254.0
#PREFIX =23
#GATEWAY =192.168.1.1
#DNS1 =61.139.2.69
#LAST_CONNECT =1438859818
Bridge= "br0"
[Email protected] ~]#

After restarting the network service
Service Network restart
"Master connection not found or invalid" network error appears
Turn off NetworkManager, restart network
Service NetworkManager Stop
Service Network restart

[Email protected] ~]# Brctl Show
Bridge name Bridge ID STP enabled interfaces
Br0 8000.70e2840f0818 No Eth4
Vnet0
Virbr0 8000.52540097dc51 Yes Virbr0-nic

Bridge Br0 has been built, Eth4 and virtual machine start-up vnet0 is already in br0

[Email protected] ~]# route-n
Kernel IP Routing Table
Destination Gateway genmask Flags Metric Ref use Iface
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
192.168.0.0 0.0.0.0 255.255.254.0 U 0 0 0 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 1009 0 0 Br0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 br0
[Email protected] ~]#

Virtual machine NIC configuration:

ipaddr=192.168.0.237
netmask=255.255.254.0
network=192.168.0.0
gateway=192.168.1.1
dns1=61.139.2.69

-----------------------------------------------------------------------------------

Other references:

RHEL 6 Virtual Networks and Network Bridges
From:http://www.techotopia.com/index.php/creating_an_rhel_6_kvm_networked_bridge_interface

A KVM virtual machine running on RHEL 6 have both options in terms of networking connectivity.

One option is for it to being connected to a virtual network running within the operating system of the host computer. In this configuration any virtual machines on the virtual network can see each other but access to the external network is Provided by Network Address Translation (NAT). When using the virtual network and NAT, each of the virtual machine are represented on the external network (the network to which The host is connected) using the IP address of the host system. The the default behavior for KVM virtualization and requires no additional configuration, other than selecting the Vir Tual Network option on the network screens of the Virt-manager New Virtual Machine Wizard. Typically, a single virtual network was created by default, represented by the name default and the device Virbr0.

In order for guests to appear as individual and independent systems on the external network (i.e. with their own IP addres SES), they must is configured to share a physical network interface on the host. This was achieved by configuring a network Bridge interface on the host system to which the guests can connect. In the remainder of this chapter we'll cover the steps necessary to configure a RHEL 6 Network bridge for use by KVM Ba SED guest operating systems.
Creating an RHEL 6 Network Bridge

The creation of a network bridge involves the use of the Bridge-utils package. Begin by checking if the-already installed by executing the following command:

Rpm–q bridge-utils

If The package is not yet installed, install it using yum:

su–
Yum Install Bridge-utils

Installed it is time-to-look for the current network configuration. The easiest-to-do-is-to-run the ifconfig command. The following shows output from running ifconfig in a system on which KVM are installed, but on which a network bridge have Yet to be configured:

Eth0 Link encap:ethernet HWaddr 00:13:72:0b:14:57
inet addr:192.168.2.18 bcast:255.255.255.255 mask:255.255.255.0
Inet6 ADDR:FE80::213:72FF:FE0B:1457/64 Scope:link
Up broadcast RUNNING multicast mtu:1500 metric:1
RX packets:14715 errors:0 dropped:0 overruns:0 frame:0
TX packets:8586 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:19628565 (18.7 MiB) TX bytes:687049 (670.9 KiB)
memory:fe3e0000-fe400000

Lo Link encap:local Loopback
inet addr:127.0.0.1 mask:255.0.0.0
Inet6 addr::: 1/128 scope:host
Up LOOPBACK RUNNING mtu:16436 metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 b) TX bytes:480 (480.0 b)

Virbr0 Link encap:ethernet HWaddr 62:c1:46:30:92:37
inet addr:192.168.122.1 bcast:192.168.122.255 mask:255.255.255.0
Up broadcast RUNNING multicast mtu:1500 metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0  (0.0 b) TX bytes:4187 (4.0 KiB)

The above output, the entry for eth0 represents a physical network adaptor on the host computer. This is the connection currently used by this host to access the external network. The VIRBR0 entry represents the virtual network to which guest operating systems would connect if configured to does so.

In order to provide the option for guest operating systems to share the eth0 connection of the host it's necessary to EST Ablish a network bridge between eth0 and the virtual machines.

Begin the bridge creation process by gaining root access and changing directory to the/etc/sysconfig/network-scripts dire Ctory:

su–
Cd/etc/sysconfig/network-scripts

If the interface to being bridged is currently running it should being taken down before proceeding:

Ifdown eth0

The next step is to modify the script file for the physical network device. In this example, the device is eth0 so we need to edit the Ifcfg-eth0 file to add a bridge= line. For the purposes of this example we'll name the interface bridge0:

Device= "Eth0"
Bootproto= "DHCP"
Hwaddr= "00:13:72:0b:14:57"
ipv6init= "Yes"
ipv6_autoconf= "Yes"
Nm_controlled= "Yes"
onboot= "Yes"
Bridge= "Bridge0"

The next step is to create a script file for the bridge interface. The name of this file must take the form ifcfg-<bridgename> where <bridgename> matches the name of the bridge defined in the Bridge= directive outlined above. Given This requirement, we'll name the file IFCFG-BRIDGE0. The contents of this file for this example would read as follows:

Device= "Bridge0"
Type= "Bridge"
Bootproto= "DHCP"
onboot= "Yes"
Delay=0

Note that the device= line must refer to the bridge name previously specified (i.e. bridge0 in this instance). Save the file and then start up both interfaces:

Ifup eth1
Ifup BRIDGE0

Using the Ifconfig command, the new bridge interface should now is visible:

Bridge0 Link encap:ethernet HWaddr 00:13:72:0b:14:57
inet addr:192.168.2.18 bcast:255.255.255.255 mask:255.255.255.0
Inet6 ADDR:FE80::213:72FF:FE0B:1457/64 Scope:link
Up broadcast RUNNING multicast mtu:1500 metric:1
RX packets:951 errors:0 dropped:0 overruns:0 frame:0
TX packets:970 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:760584 (742.7 KiB) TX bytes:139643 (136.3 KiB)

Eth0 Link encap:ethernet HWaddr 00:13:72:0b:14:57
Inet6 ADDR:FE80::213:72FF:FE0B:1457/64 Scope:link
Up broadcast RUNNING Promisc multicast mtu:1500 metric:1
RX packets:15831 errors:0 dropped:0 overruns:0 frame:0
TX packets:9750 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:20420107 (19.4 MiB) TX bytes:858409 (838.2 KiB)
memory:fe3e0000-fe400000

Lo Link encap:local Loopback
inet addr:127.0.0.1 mask:255.0.0.0
Inet6 addr::: 1/128 scope:host
Up LOOPBACK RUNNING mtu:16436 metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:816 (816.0 b) TX bytes:816 (816.0 b)

Virbr0 Link encap:ethernet HWaddr 62:c1:46:30:92:37
inet addr:192.168.122.1 bcast:192.168.122.255 mask:255.255.255.0
Up broadcast RUNNING multicast mtu:1500 metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0  (0.0 b) TX bytes:4187 (4.0 KiB)

Configuring an RHEL 6 Firewall for a Network Bridge

If A firewall is enabled in the RHEL 6 host, it may necessary to add a iptables rule to allow network traffic via the Bridge interface. This was achieved by adding a, rule similar to the following to The/etc/sysconfig/iptables configuration file:

-A rh-firewall-1-input-i bridge0-j ACCEPT

The change to the firewall would not take effect until the service was restarted, so complete the configuration by running T He following command at the prompt in a terminal window:

/sbin/service iptables Restart

Configuring a Virtual machine to use the Network Bridge


During the virtual machine creation process using the Virt-manager tool, the Network Configuration screen would list now Ho St Device eth0 (Bridge ' bridge0 ') under the Advanced options sections of the final page of the new virtual machine creation Wizard

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Linux KVM virtual Machine nat/bridge configuration