The KVM network model is detailed

Today we introduce the network mode of the KVM virtual machine, the most common is the bridge mode and Nat mode, and others such as host-only mode, etc.

1, bridge mode, first attached to see

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/82/5F/wKioL1dS2lrACmR_AAAto09SjPY679.png-wh_500x0-wm_3 -wmp_4-s_378854412.png "title=" 1.png "alt=" Wkiol1ds2lracmr_aaato09sjpy679.png-wh_50 "/>

Can see here the physical host has its own physical network card eth0,eth1, virtual network card Vnet0,vnet1, bridge br0, virtual machine also has its own network card eth0, then the virtual machine packet is how to access the external network?

First, the virtual Machine network card eth0 will correspond to the physical host virtual network card VNET0, these two are one by one corresponding relationship, the virtual machine packet first through their network card eth0 to reach the physical machine virtual network card vnet0, and vnet0 and physical machine network card eth0 are bridged to a bridge br0 above, So the final packet goes out through the eth0 NIC of the physical machine.

When the response message arrives at the eth0 on the physical machine, how to determine whether this response message is sent to the virtual machine or the physical machine itself?

Turn on the promiscuous mode on the physical machine, if the MAC address is your own then forwarded to the virtual network card, if not their own then forwarded to Vnet0, this is the bridge model, because the physical machine's network card has the function of the bridge is called bridging model

2. Nat Mode

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/82/5F/wKioL1dS3LbjDr-0AAAuviJEw40093.png "title=" 2.png " alt= "Wkiol1ds3lbjdr-0aaauvijew40093.png"/>

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M00/82/60/wKiom1dS3AqQcELLAABfsG0-y9o218.png-wh_500x0-wm_3 -wmp_4-s_355044340.png "title=" 3.png "alt=" Wkiom1ds3aqqcellaabfsg0-y9o218.png-wh_50 "/>

The switch is more VIRNET10 card default address is 192.168.122.1, of course, these we can also adjust themselves, the virtual machine Gateway point to Virnet1, and then open the core of the Linux forwarding function, the virtual machine can communicate with the external, When this network mode is created is actually called the Iptables firewall to do the Snat, but also automatically create another section of the rules, of course, we can completely specify

The IP assigned to the default virtual machine is the 192.168.122 network segment, Then call iptables to create a rule only the original address is the 192.168.122 network segment, to Eth0 will be Nat translated into eth0 address out, if you understand the network model in VMware These are better understood

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/82/5F/wKioL1dS4Y-CxJJtAAEsM2ey9Tk854.png "title=" 5.png " alt= "Wkiol1ds4y-cxjjtaaesm2ey9tk854.png"/>

This article from "Martin" blog, declined reprint!

The KVM network model is detailed