5

I'm trying to get a guest virtual machine connected to my network using bridging. I've come across a couple of resources online, but they seem to be out of date, deal with xen or Ubuntu or don't seem to be complete. The host is running CentOS 5.5 and I'm using libvirt to manage the VMs so I use it to create the VMs and start and stop them. I have the bridge created (br0) and have attached eth0 to it. The VM doesn't seem to get an IP address, I want to use DHCP for addresses, I'll setup a static lease for the VM.

ifconfig from the host:

br0 Link encap:Ethernet HWaddr 00:1A:4D:53:C3:A6 inet addr:192.168.1.121 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::21a:4dff:fe53:c3a6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5222 errors:0 dropped:0 overruns:0 frame:0 TX packets:470 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:753743 (736.0 KiB) TX bytes:47868 (46.7 KiB) eth0 Link encap:Ethernet HWaddr 00:1A:4D:53:C3:A6 inet6 addr: fe80::21a:4dff:fe53:c3a6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:103200 errors:0 dropped:0 overruns:0 frame:0 TX packets:116575 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:13605883 (12.9 MiB) TX bytes:63269448 (60.3 MiB) Interrupt:217 Base address:0xc000 eth1 Link encap:Ethernet HWaddr 00:1B:21:0A:25:AA inet addr:192.168.1.91 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::21b:21ff:fe0a:25aa/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3124648 errors:0 dropped:0 overruns:0 frame:0 TX packets:1693433 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:4531121842 (4.2 GiB) TX bytes:119907573 (114.3 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:27294 errors:0 dropped:0 overruns:0 frame:0 TX packets:27294 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:34266420 (32.6 MiB) TX bytes:34266420 (32.6 MiB) virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:51332 errors:0 dropped:0 overruns:0 frame:0 TX packets:89020 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2916963 (2.7 MiB) TX bytes:132997389 (126.8 MiB) vnet0 Link encap:Ethernet HWaddr FE:52:00:1A:C8:4F inet6 addr: fe80::fc52:ff:fe1a:c84f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:25 errors:0 dropped:0 overruns:0 frame:0 TX packets:518 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:4226 (4.1 KiB) TX bytes:51190 (49.9 KiB)

The output of brctl show

bridge name bridge id STP enabled interfaces br0 8000.001a4d53c3a6 no vnet0 eth0 virbr0 8000.000000000000 yes

Output from route:

Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 192.168.1.0 * 255.255.255.0 U 0 0 0 br0 192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0 169.254.0.0 * 255.255.0.0 U 0 0 0 br0 default DD-WRT 0.0.0.0 UG 0 0 0 br0

Finally, here's the networking section of the vm I'm trying to configure:

<interface type='bridge'> <mac address='54:52:00:1a:c8:4f'/> <source bridge='br0'/> </interface>
Improve this question

2 Answers 2

Reset to default
2

As you already figured out, you have everything right... It's a firewall problem. You can get around that by adding a rule to allow the traffic (as you did), turn off the firewall completely, or, as they do in newer versions of Fedora and RHEL, add the following to /etc/sysctl.conf:

# Disable netfilter on bridges. net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0

Then run sysctl -p to apply those changes.

Improve this answer
1

KVM sets up its own bridge. This is the bridge virbr0. You should be able to configure how this is networked.

On the VM the interface should show up at eth0 not a bridge. This will be the other side of the vnet0 device.

I work on Ubuntu where KVM will startup a DNSMasq server for the bridged network to hand out DHCP addresses. KVM will also play with iptables to configure access to the network for your VM.

Try removing the bridge you created and restarting the VM. I would expect it to get an address in the 192.168.122.0 range from what I see of your configuration.

I didn't like how KVM was interacting with my firewall, so did my own manual networking for KVM. My configuration uses a virtual bridge which isn't connected to an Ethernet interface. The KVM Networking page from the Ubuntu community may help you understand how KVM is doing networking now.

EDIT: I took a second look at the bridged networking. I am not sure why you have an 192.168.1.x address on eth1. You configuration looks pretty much as I would expect. Try setting a static address on the VM to see if it can communicate.

To test to see what is happening with DHCP, I would try running tcpdump on br0 or eth0 watching for DHCP traffic, or any traffic from mac address 54:52:00:1a:c8:4f. Then try to get a DHCP address. You may need to enable SPT on the bridge.

The reason I did my own networking was to enable access to my VMs from the outside. I run two bridges, one of which hosts my DMZ.

Improve this answer
2
  • I was under the impression that the bridge that KVM creates is configured for NAT, not for bridging. If its NAT, then I can not access the VM from other hosts on the network. Commented Mar 6, 2011 at 2:40
  • I left br0 configured and was able to give the VM a static IP. I added the following iptables -I RH-Firewall-1-INPUT -i br0 -j ACCEPT to my host firewall rules and was able get DHCP working. Commented Mar 8, 2011 at 1:45

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.