Henri Cook

20 Feb, 2009

Configuring KVM Guests (In a bridge fashion) on a network using statically routed IPs

Posted by: Henri Cook In: Server Admin| Technical Support| Ubuntu

I recently co-located a new server to find that I was given one ‘main ip’ on subnet X and all my additional IPs were on subnet Y. This has happened in the past but the Datacentre setup usually has a gateway on each subnet to allow for internet access. This was not the case in this instance, instead the additional IPs were expected to use the host machine as a gateway (bound to lo:* addresses). In my previous KVM setups i’ve had br0 as a bridge over eth0 and all guests have received unadulterated access to the network to use the standard network config (i.e. the same gateway as the host machine).

In this case that didn’t work (as machines with their primary IPs on subnet Y could not access the subnet X gateway, and there wasn’t one for subnet Y).

Instead with a lot of help from the Bluesquare support team we were able to come up with a solution, using a virtual device (br:0) bound to one of the IPs in subnet Y to act as a gateway, effectively bridging the connections between addresses on subnet Y with the main address on subnet X. This is best explained by showing you my /etc/network/interfaces on both host and example client, both running Ubuntu Linux (Server ed.):

Throughout please assume 192.168.1.100 is the machine’s main IP (on subnet X) and 192.168.2.xxx is subnet Y with 192.168.2.101 being the additional IP chosen to act as our ‘virtual gateway’:

On the host:

# The primary network interface
auto eth0
iface eth0 inet manual

# Standard bridge interface on the main IP
auto br0
iface br0 inet static
address 192.168.1.100
network 192.168.1.0
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1
bridge_ports eth0
bridge_fd 0
bridge_hello 2
bridge_maxage 12
bridge_stp off
# Virtual Bridge for additional IPs
auto br0:1
iface br0:1 inet static
address 192.168.2.101
netmask 255.255.255.0

On the guest:

# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.2.105
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.101

auto br0:1
iface br0:1 inet static
address 192.168.2.101

In the Libvirt Configuration file (or convert to command line if you so wish):

<interface type=’bridge’>
<mac address=’00:16:3e:01:00:15′/>
<model type=’e1000′/>
<source bridge=’br0′/>
</interface>

Finally:

Make sure “echo 1 > /proc/sys/net/ipv4/ip_forward” has been executed – IP forwarding will be needed for this.

Conclusions:

I actually like this approach, although it wastes one of my paid for IPs it allows all my guests to use one of my own IPs as a gateway. If for any reason I ever need to change the gateway of the host, I no longer have to go through each individual client and change the settings there as well.

Please post any comments/questions.

6 Responses to "Configuring KVM Guests (In a bridge fashion) on a network using statically routed IPs"

1 | kannada guy

March 15th, 2009 at 6:57 am

Avatar

Hi,
If I have configured the guests to obtain IP addresses dynamically, how do I get the list of guest IP address using virsh? Any idea.

In other words – I have created 10 guests and I have to login to each and do a ifconfig – to determine its IP .

However is it not possible to use virsh – and get the IP addresses assigned to each vm ?

K,

2 | Henri Cook

March 15th, 2009 at 11:45 am

Avatar

I don’t think that KVM maintains any sort of IP list, especially if you’re assigning them statically (if you’re having them assigned by internal DHCP there may be a list somewhere). I just maintain my own records and wrap virsh in my own basic management application.

3 | Christopher Hunt

April 7th, 2009 at 3:58 pm

Avatar

I’ve no experience with VPS but if each of your guests has a unique MAC address then running “arp -n” from the host machine to correlate their MACs to their IP addresses
HTH
-chris

4 | Christopher Hunt

April 7th, 2009 at 4:25 pm

Avatar

I think you forgot to replace your public IP address. I think iface br0:1 on the host machine should be 192.168.2.101. Also, if STP is off in net:bridge you may want to set your fd=0. It will make a network interface come up 27 seconds faster (net:bridge delays 3xfd even when stp is off)

-chris

5 | Henri Cook

April 7th, 2009 at 4:31 pm

Avatar

Thanks Chris, that’s great input – I had no idea about the fd thing – i’ve updated the post with both your changes.

Many thanks,

Henri

6 | Christopher Hunt

April 7th, 2009 at 10:56 pm

Avatar

I don’t understand why you appear to have to ip addresses on the guest config though. It seems to me you’d configure eth0 with 192.168.1.100 and br0 with 192.168.2.101. Then you’d configure eth0 on the guest with 192.168.2.103 and you’re done? i’m trying to lab this up as we speak.

-chris

Comment Form

Categories

Archives

Search


  • Matteo Gallinucci: Great, I just don't succeed to run Steam under proxy with Freecap (I use Win7 64bit), so it's working using Proxier...but it isn't free, do you know a
  • Vinayak: Had the same problem in red hat linux, but above code doesn't seem to work . Can you provide any pointers ?
  • ramunfafe: Hello, I am getting conflicting info about this and wanted to hear from someone who has recently traveled to the country. What's the departure tax you

About

Henri Cook is a postgraduate Computer Science student at Durham University, UK. His interests range from the technical and geeky through to watersports through to psychology. Please take the time to look around and comment, the author values your feedback.

Copyright © 2007 Henri Cook is proudly powered by WordPress

Fervens - A Theme is created by: Design Disease brought to you by Smashing Magazine