Re: Network routing!
Posted by jlehtone on 2012/3/28 20:41:22
Quote:
That is correct. eth0 is a member of the br0 and does not need any address. Let br0 and only br0 have that public address.
There actually isn't "bridged network". The eth0-br0 is an interface just to outside. The virbr0 is more like a virtual LAN that presumably connect the guest and host. Name "virbr0" looks like it is the "default" network created by libvirt.
If libvirt is used, the guest configuration can be used to bind the NIC of the guest directly to the br0. Then there would be a bridged network, but then the guest would need a public IP.
Title of the thread is routing, so lets route. Remove the br0 entirely and let the eth0 to keep the address. I presume that the guest gets IP in 192.168.122.0/24 from "DHCP", and its gateway is 192.168.122.1. (Have to presume, for only host-side info has been shown so far.) The "DHCP" is actually dnsmasq process spawned by libvirtd. Therefore, the guest should be able to connect to the host (192.168.122.1) and vice versa. dnsmasq will do NAT too. I'm quite sure the libvirt offers the configuration options for this, even in the "virt-manager" tool.
I did last week install a guest into a Fedora host, and I didn't activate routing nor tamper iptables myself. The virt-manager & libvirt did. The host routes and SNAT's packets that originate from the 192.168.122.0/24 and go out from eth0. It just works.
Summary:
1. Remove the br0.
2. Fire up 'virt-manager'
2a. Set the "default network" to NAT mode (or whatever it is called).
2b. Change type of the NIC of the guest (or remove&add).
pschaff wrote:
I am admittedly out of my depth here as I don't use KVM or bridges, but I believe that the IP address should be assigned to br0 and not to eth0. Hopefully someone with more knowledge in this domain can comment.
That is correct. eth0 is a member of the br0 and does not need any address. Let br0 and only br0 have that public address.
There actually isn't "bridged network". The eth0-br0 is an interface just to outside. The virbr0 is more like a virtual LAN that presumably connect the guest and host. Name "virbr0" looks like it is the "default" network created by libvirt.
If libvirt is used, the guest configuration can be used to bind the NIC of the guest directly to the br0. Then there would be a bridged network, but then the guest would need a public IP.
Title of the thread is routing, so lets route. Remove the br0 entirely and let the eth0 to keep the address. I presume that the guest gets IP in 192.168.122.0/24 from "DHCP", and its gateway is 192.168.122.1. (Have to presume, for only host-side info has been shown so far.) The "DHCP" is actually dnsmasq process spawned by libvirtd. Therefore, the guest should be able to connect to the host (192.168.122.1) and vice versa. dnsmasq will do NAT too. I'm quite sure the libvirt offers the configuration options for this, even in the "virt-manager" tool.
I did last week install a guest into a Fedora host, and I didn't activate routing nor tamper iptables myself. The virt-manager & libvirt did. The host routes and SNAT's packets that originate from the 192.168.122.0/24 and go out from eth0. It just works.
Summary:
1. Remove the br0.
2. Fire up 'virt-manager'
2a. Set the "default network" to NAT mode (or whatever it is called).
2b. Change type of the NIC of the guest (or remove&add).
This Post was from: https://www.centos.org/newbb/viewtopic.php?forum=58&topic_id=36602&post_id=158851