shmick/wiki
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
c83b847568fa85427c84bd9b7fac20ce55fa8e84
wiki/KVM_Network_Bridge.md

2.9 KiB
Raw Blame History

title, description, published, date, tags, editor, dateCreated
title description published date tags editor dateCreated
Network Bridge Guide to create a network bridge for KVM guests true 2022-04-30T20:10:36.036Z network, nmcli, networkmanager, kvm, virt-manager markdown 2022-04-29T14:05:54.201Z

The best way to run virtual machines under Linux is the virt-manager UI for qemu. Virt-manager unfortunately insists on creating a NAT network by default - which takes over DNS port 53 and throws the VM onto a different subnet.

To recitify this, the best solution is to generate a network bridge.

There are several ways to go about it, chiefly with the ip command, the bridgeutils package, or NetworkManager with nmcli.

Since bridgeutils is a seperate, older utility and the ip procedure tends to hamstring the internet connection (probably solveable, but still), I used nmcli.

Arch wiki has a great page on bridge networking. {.is-info}

Create the bridge

In essence:

  1. Create the bridge: nmcli connection add type bridge ifname [bridge name] stp no

  2. Add your main internet interface as a slave: nmcli connection add type bridge-slave ifname [internet interface name] master [bridge name]

  3. Bring your internet interface down: ncmli connection down [internet interface name]

  4. Bring the bridge up: nmcli connection up bridge-[bridge-name] (note how nmcli appends bridge- before the bridge name).

  5. Assign an IP address to the bridge using your favourite tool (ip, nmcli, nmtui and the GNOME GUI all work well).

Register the bridge with Virt-Manager

For Virt-Manager to see your bridge, you must add it as an xml:

  1. From the main window, select Edit -> Preferences -> Enable XML editing.

  2. Hover over a VM -> Edit -> Connection Details -> + -> XML

  3. Paste the following:

<network>
    <name>bridged-network</name>
    <forward mode="bridge" />
    <bridge name="[bridge-name]" />
</network>

Note you do not need to add the bridge- beforehand.

  1. You can now use the bridge for virtual machines. Success!

Enable internet access for bridged guests

If all you want is a VM on your subnet and guest-to-host access, you're all done.

Source: LinuxConfig.org {.is-info}

However, if you want the guest to have internet access, you must enable it via sysctl by disabling the Bridge Netfilter:

  1. Edit vim /etc/sysctl.d/99-netfilter-bridge.conf and write the following:
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

  1. Load the br_netfilter module with modprobe br_netfilter

  2. Enable the module at bootime by editing /etc/modules-load.d/br_netfilter.conf and adding br_netfilter.

  3. Load the new settings into sysctl with sysctl -p /etc/sysctl.d/99-netfilter-bridge.conf

Enjoy your networked KVM guests, yo.