Re: [kvm-devel] Network definitions in a guest (FC6) under kvm

[Luca Tettamanti]

(don't top post)

Il Thu, Jul 12, 2007 at 03:56:07PM +0300, David Shwatrz ha scritto: 
> Hello,
> And I just want to add some info :
> 
> running :
> "brctl show"
> 
> gives:
> bridge name     bridge id               STP enabled     interfaces
> virbr0          8000.000000000000       no
> 
> which means that there is no interface enslaved to this bridge.

Hum, this depends on what the script (/etc/kvm/kvm-ifup, or
/etc/qemu-ifup) is doing...


> On 7/12/07, David Shwatrz <[EMAIL PROTECTED]> wrote:
> >
> >Thanks;
> >I am not sure I got you !
> >running "ifconfig -a "  on the host shows the following:
> >
> >eth0      Link encap:Ethernet  HWaddr 00:1B:24:1D:EC:C0
> >          inet addr: 192.168.0.31  Bcast:192.168.0.255  Mask:255.255.255.0
> >          inet6 addr: fe80::21b:24ff:fe1d:ecc0/64 Scope:Link
> >          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >          RX packets:10164222 errors:0 dropped:0 overruns:0 frame:0
> >          TX packets:95594 errors:0 dropped:0 overruns:0 carrier:0
> >          collisions:0 txqueuelen:1000
> >          RX bytes:3427235680 (3.1 GiB)  TX bytes:27635785 (26.3 MiB)
> >          Interrupt:19
> >
> >
> >lo        Link encap:Local Loopback
> >          inet addr:127.0.0.1  Mask:255.0.0.0
> >          inet6 addr: ::1/128 Scope:Host
> >          UP LOOPBACK RUNNING  MTU:16436  Metric:1
> >          RX packets:5821 errors:0 dropped:0 overruns:0 frame:0
> >          TX packets:5821 errors:0 dropped:0 overruns:0 carrier:0
> >          collisions:0 txqueuelen:0
> >          RX bytes:804856 (785.9 KiB)  TX bytes:804856 (785.9 KiB)
> >
> >virbr0    Link encap:Ethernet  HWaddr 00:00:00:00:00:00
> >          inet addr: 192.168.122.1  Bcast:192.168.122.255  Mask:
> >255.255.255.0
> >          inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
> >          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >          TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
> >          collisions:0 txqueuelen:0
> >          RX bytes:0 (0.0 b)  TX bytes:21586 ( 21.0 KiB)

This configuration is a bit different from the one described in
the first mail though.

> >As you can see, there is not "sit" interface here. There is a virbr0
> >(bridge) but on 192.168.122.1

sit0 is the TUN device used by default, i.e. unless you're passing
-no-tap to the kvm script. If you're calling the qemu binary without
using the 'kvm' python wrapper then you should use something like this:

/path/to/kvm/qemu-whatever -hda disk-image.qcow -cdrom cd.iso -net tap
-net nic (plus optional stuff)

So: how are you creating the virtual machine? What is the content of the
network startup file?

Your kernel must also support the TUN device (CONFIG_TUN).

> >Please advice; also if you can please send the script, maybe I can get
> >some ideas from it regarding what to do.

$ cat /etc/kvm/kvm-ifup

#!/bin/sh

BRIDGE_DEV=br0
BRIDGE_ADDR=172.20.0.1/16
BRIDGE_BCAST=172.20.255.255
BRIDGE_ADDR6=fec0:2::1/64
#MAINIF=eth1

#set -x

ip link show dev $BRIDGE_DEV > /dev/null 2>&1
if [ $? -ne 0 ]; then
        # Set up the bridge
        brctl addbr $BRIDGE_DEV

        if [ -n $MAINIF ]; then
                ip link set $MAINIF up
                brctl addif $BRIDGE_DEV $MAINIF
        fi
        ip addr add $BRIDGE_ADDR broadcast $BRIDGE_BCAST dev $BRIDGE_DEV

        if [ -n $BRIDGE_ADDR6 ]; then
                ip addr add $BRIDGE_ADDR6 dev $BRIDGE_DEV

                if [ -e /etc/init.d/radvd ]; then
                        /etc/init.d/radvd reload
                fi
        fi

        ip link set $BRIDGE_DEV up
fi

# Add new interface
ip link set $1 up
brctl addif $BRIDGE_DEV $1

The configuration is done with the vars at the beginning. What the
script does is:

- Check whether the bridge $BRIDGE_DEV is alread there, if not:
  - Create the bridge
  - Enslave $MAINIF, if required. This can be used to e.g. create a
    bridged ethernet with one of your NICs. Leave MAINIF empty if you
    want to use a separate subnet for the VMs.
  - Configure IPv6, is requested
- Enslave the new interface ($1)

Note that if the bridge with the VMs is on a separate network (in your
case the LAN on eth0 is 192.168.0.0/24, while the "virtual" LAN is
192.168.122.0/24) you must enable the forwarding between the 2
interfaces:

# echo 1 > /proc/sys/net/ipv4/ip_forward

This allows the guest to talk with the host. To communicate with an
external host (be it another machine on the LAN or a server on the
Internet) you'll have to set up a NAT (or - simpler - MASQUERADE) with
iptables.

This setup allows you to make a clear separation between the VMs and the
rest of the net. Of course you can also create a bridge with eth0 and
the interface of the VM (e.g. set MAINIF="eth0" in my script) and it
will "just work".

Option 3 is: forget about the bridge and do the routing at IP level.

HTH,
Luca
-- 
Dicono che  il cane sia  il miglior  amico dell'uomo. Secondo me  non e`
vero. Quanti dei vostri amici avete fatto castrare, recentemente?

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
kvm-devel mailing list
kvm-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kvm-devel