KVM & bridging



  • greetings, I have become confused or deluded. Nonetheless, what I am trying to accomplish is a simple
    kvm virtualized setup, The Host has a static routable IP, and all traffic to be forwarded to a firewall/router, then nat'ed to
    2 or 3 vms. The vms need to be reachable from the Internet (outside). I thought I could set this up on a local lan, and simulate a 'real production' type of deployment. I have used 192.168.23.5/24 as the static ip. This is how far I have been able to get. the hostname's reflect the function of the box. I think I may have read to many guides/tutorials, that cover too many years. I am also trying to do this with cli only, as generally when I do things this way, I develop a better understanding of the pieces and how they interact. I am struggling on completing the bridge part. I thought I could just apply the static ip (192.168.23.5) to the interface of the firewall/router and connect it to the bridge. However I ahve not had any success in doing that and turn to this group for guidance.

    0_1524797671308_kvm_network_4.png

    and the info from the host ( I have removed any reference to other nic's that won't be used on the host)
    [email protected]:~# ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
    2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
    link/ether 78:2b:cb:1e:fc:c8 brd ff:ff:ff:ff:ff:ff
    7: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
    link/ether fe:54:00:42:e4:ff brd ff:ff:ff:ff:ff:ff
    8: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 78:2b:cb:1e:fc:c8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.23.5/24 brd 192.168.23.255 scope global br0
    valid_lft forever preferred_lft forever
    inet6 fe80::7a2b:cbff:fe1e:fcc8/64 scope link
    valid_lft forever preferred_lft forever

    and the firewall/router
    0_1524798058058_firewall_nic.PNG

    any/all advice is appreciated.



  • How about using this setup instead?

    Internet > Firewall/router > KVM host > VM1 and VM2

    And then use port forward to access your VMs?



  • @pattonb Well, first of all, you need 2 adapters assigned to a firewall/router. If you don't have a 2nd IP available, you'll need to assign the public IP to the firewall/router vm, or just accept that your virtual host will have to hand the firewall/routing for the network.

    It's generally not required to setup a bridge when using a single network adapter (physical or virtual adapters). Setting up a virtual adapter should be quite easy: https://linuxconfig.org/how-to-configure-virtual-network-interface-on-redhat-7-linux



  • @black3dynamite said in KVM & bridging:

    How about using this setup instead?

    Internet > Firewall/router > KVM host > VM1 and VM2

    And then use port forward to access your VMs?

    I'm guessing, @pattonb will have to answer for sure, that it's a server he's renting or doesn't have physical access to for whatever reason. I've done the same sort of setup with my rental server I use as a home lab box, but I have 5 IP addresses, which makes it a little easier to get setup initially.



  • Define “bridged”


Log in to reply