Red Hat Summit10.2. Bridged networking with libvirt
Bridged networking (also known as physical device sharing) is used for dedicating a physical device to a virtual machine. Bridging is often used for more advanced setups and on servers with multiple network interfaces.
Disable Xen network scripts
If your system was using a Xen bridge, it is recommended to disable the default Xen network bridge by editing /etc/xen/xend-config.sxp and changing the line:
(network-script network-bridge)
(network-script network-bridge)
To:
(network-script /bin/true)
(network-script /bin/true)
Disable NetworkManager
NetworkManager does not support bridging. Running NetworkManager will overwrite any manual bridge configuration. Because of this, NetworkManager should be disabled in order to use networking via the network scripts (located in the /etc/sysconfig/network-scripts/ directory):
chkconfig NetworkManager off chkconfig network on service NetworkManager stop service network start
# chkconfig NetworkManager off
# chkconfig network on
# service NetworkManager stop
# service network start
Note
As an alternative to turning off NetworkManager, add "
NM_CONTROLLED=no" to the ifcfg-* scripts used in the examples. If you do not either set this parameter or disable NetworkManager entirely, any bridge configuration will be overwritten and lost when NetworkManager next starts.
Creating network initscripts
Create or edit the following two network configuration files. This step can be repeated (with different names) for additional network bridges.
Change to the
/etc/sysconfig/network-scripts directory:
cd /etc/sysconfig/network-scripts
# cd /etc/sysconfig/network-scripts
Open the network script for the device you are adding to the bridge. In this example,
ifcfg-eth0 defines the physical network interface which is set as part of a bridge:
Note
You can configure the device's Maximum Transfer Unit (MTU) by appending an
MTU variable to the end of the configuration file.
MTU=9000
MTU=9000
Create a new network script in the
/etc/sysconfig/network-scripts directory called ifcfg-br0 or similar. The br0 is the name of the bridge; this name can be anything as long as the name of the file is the same as the DEVICE parameter.
Note
IP address configuration, be it dynamic or static, should be configured on the bridge itself (for example, in the
ifcfg-br0 file). Network access will not function as expected if IP address details are configured on the physical interface that twehe bridge is connected to.
Warning
The line,
TYPE=Bridge, is case-sensitive. It must have uppercase 'B' and lower case 'ridge'.
After configuring, restart networking or reboot.
service network restart
# service network restart
Configure
iptables to allow all traffic to be forwarded across the bridge.
iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT service iptables save service iptables restart
# iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
# service iptables save
# service iptables restart
Note
Alternatively, prevent bridged traffic from being processed by
iptables rules. In /etc/sysctl.conf append the following lines:
net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
Reload the kernel parameters configured with
sysctl.
sysctl -p /etc/sysctl.conf
# sysctl -p /etc/sysctl.conf
Restart the
libvirt daemon.
service libvirtd reload
# service libvirtd reload
You should now have a "shared physical device", which guests can be attached and have full LAN access. Verify your new bridge:
brctl show
# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.000000000000 yes
br0 8000.000e0cb30550 no eth0
Note, the bridge is completely independent of the
virbr0 bridge. Do not attempt to attach a physical device to virbr0. The virbr0 bridge is only for Network Address Translation (NAT) connectivity.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}