Help me understand KVM Networking
-
Alright, I have been tinkering with KVM for months and have no general issues with basic functionality.
Now, I want to turn up my lab as if it were production.
To my understanding, this means a network team and a bridge instead of using the macvtap settings.
I used Cockpit to setup the Team and the Bridge. But when I make a VM on the bridge, it never pulls a DHCP address.
So I am obviously doing something wrong.
My google skills failed last night as everything was returning results from 2010 or so.
Here is my host, my old desktop.
This is what it looks like now from the host.
I first made the Team selecting the two interfaces on my Intel dual port card. Like this.
I then added the bridge with these settings. I tried both with and without STP on.
In VMM, the network looks like this. But when powered on, the VM never pulls an IP address.
So, I obviously am missing something on how to setup a bridge for use with libvirt. I can easily remove the bridge and then selected the team and use a macvtap bridge, like this.
-
@jaredbusch I've always had an issue with the Network source in VVM being "empty" when selecting the bridge interface. After a reboot that seems to fix it. Now I don't have a team setup so that may be different.
-
I end going here & toggling a few of these switches...that then gets me an IP address.
-
Have you already check out this site about bridge?
https://fedoramagazine.org/build-network-bridge-fedora/ -
@black3dynamite said in Help me understand KVM Networking:
Have you already check out this site about bridge?
https://fedoramagazine.org/build-network-bridge-fedora/I do not have any issues creating a bridge. CLI or Cockpit GUI. I am trying to use it
-
When I delete the bridge, and then select this configuration:
The VM immediately pulls an IP.
-
I’ve never done it through Cockpit. I’ve always used either nmcli or nmtui to create everything. What do your ifcfg files look like for those interfaces?
-
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
-
@stacksofplates said in Help me understand KVM Networking:
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
Well, I cannot think of a reason to require host to guest communication, except that I may want to connect from a guest to the host to update the ISO store I use occasionally.
-
@stacksofplates said in Help me understand KVM Networking:
I’ve never done it through Cockpit. I’ve always used either nmcli or nmtui to create everything. What do your ifcfg files look like for those interfaces?
As I had removed it to test the macvtap, i had to recreate it. I did it with
nmclithis time.jbusch@dt-jared ~]$ ssh 10.254.103.5 Last login: Thu Dec 28 00:05:54 2017 from 10.254.103.200 [jbusch@kvm ~]$ su - Password: [root@kvm ~]# nmcli connection add ifname bridge0 type bridge con-name bridge0 Connection 'bridge0' (0febbbde-8d06-475a-a21b-a88ebdf006d8) successfully added. [root@kvm ~]# nmcli connection add type bridge-slave ifname team0 master bridge0 Connection 'bridge-slave-team0' (d44dd210-92d7-4337-b4dd-66afbd048370) successfully added. [root@kvm ~]# nmcli connection modify bridge0 bridge.stp no [root@kvm ~]# -
Do the guests have network access if you give them a static address?
-
@jaredbusch said in Help me understand KVM Networking:
@stacksofplates said in Help me understand KVM Networking:
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
Well, I cannot think of a reason to require host to guest communication, except that I may want to connect from a guest to the host to update the ISO store I use occasionally.
Ya that's really the only advantage to a full bridge.
-
@stacksofplates said in Help me understand KVM Networking:
@jaredbusch said in Help me understand KVM Networking:
@stacksofplates said in Help me understand KVM Networking:
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
Well, I cannot think of a reason to require host to guest communication, except that I may want to connect from a guest to the host to update the ISO store I use occasionally.
Ya that's really the only advantage to a full bridge.
And for my lab, colo, and most clients, I do not see that ever being an issue.
But I do have one specific client that will have a stand alone RHEL 7 box running KVM on a remote site. It will be running a single VM. I will have easy access to the VM, but not the host, because of "reasons" that have nothing to do with IT.
-
[root@kvm ~]# nmcli connection show NAME UUID TYPE DEVICE Wired connection 1 5371d5ee-0c26-3e5a-ae0d-6d3683d7d584 802-3-ethernet enp1s0f0 Wired connection 2 a2977c44-7e0a-3f9d-8ecc-74e222e150a9 802-3-ethernet enp1s0f1 bridge0 0febbbde-8d06-475a-a21b-a88ebdf006d8 bridge bridge0 eno1 3a2e709f-49c8-3ac8-aa99-aab4d616e650 802-3-ethernet eno1 team0 74aa71fe-e149-49e9-94ce-ab4a22a319e4 team team0 virbr0 0df1e6b8-e9e2-4538-a581-0f1c727495c4 bridge virbr0 bridge-slave-team0 d44dd210-92d7-4337-b4dd-66afbd048370 802-3-ethernet -- [root@kvm ~]# -
@stacksofplates said in Help me understand KVM Networking:
Do the guests have network access if you give them a static address?
I will try that.
-
@jaredbusch said in Help me understand KVM Networking:
@stacksofplates said in Help me understand KVM Networking:
@jaredbusch said in Help me understand KVM Networking:
@stacksofplates said in Help me understand KVM Networking:
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
Well, I cannot think of a reason to require host to guest communication, except that I may want to connect from a guest to the host to update the ISO store I use occasionally.
Ya that's really the only advantage to a full bridge.
And for my lab, colo, and most clients, I do not see that ever being an issue.
But I do have one specific client that will have a stand alone RHEL 7 box running KVM on a remote site. It will be running a single VM. I will have easy access to the VM, but not the host, because of "reasons" that have nothing to do with IT.
Ah ic. I really wish there was an easy way to get ovs installed on RHEL 7/CentOS 7.
-
So working, but lots of packet loss for a while.
It seems solid now.
Nevermind.. while it was trying to communicate out to get the base repo info, the pings failed. Once that timed out, the pings worked. Just tried it a couple times...
-
@stacksofplates said in Help me understand KVM Networking:
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
So how do you setup a private connection?
I have no issues with using macvtap on the team.
-
@jaredbusch said in Help me understand KVM Networking:
@stacksofplates said in Help me understand KVM Networking:
I also usually just use macvtap. If I need host to guest communication I just set up a private network for them to communicate on.
So how do you setup a private connection?
I have no issues with using macvtap on the team.
You can just create it in Virt-Manager. I'll jump on my laptop and take a screenshot.
-
Just click on your connection and go to edit -> connection details and click on the Virtual Networks tab.
Click the plus
Then run through the wizard.
If you choose NAT instead it will still work but is kind of pointless since you will already have an address through the macvtap.
You can do this through virsh as well. The host uses dnsmasq to configure everything so you can also add reservations and all of the other goodies as well. For reservations you can just add it in after the range line:
<host mac='de:ad:be:ef:ca:fe' name='test-vm' ip='192.168.30.50'/>
