11.2. Red Hat Enterprise Linux 5.0 laptop network configuration
Important
virt-manager
. NetworkManager works with virtual network devices by default in Red Hat Enterprise Linux 5.1 and newer.
<interface type='network'> <mac address='AA:AA:AA:AA:AA:AA'/> <source network='default'/> <target dev='vnet0'/> <model type='virtio'/> </interface>
xm
configuration files, virtual network devices are labeled "vif
".
ifup
or ifdown
calls to the network interface it is using. In addition wireless network cards do not work well in a virtualization environment due to Xen's (default) bridged network usage.
- You will be configuring a 'dummy' network interface which will be used by Xen. In this example the interface is called
dummy0
. This will also allow you to use a hidden IP address space for your guests. - You will need to use static IP address as DHCP will not listen on the dummy interface for DHCP requests. You can compile your own version of DHCP to listen on dummy interfaces, however you may want to look into using dnsmasq for DNS, DHCP and tftpboot services in a Xen environment. Setup and configuration are explained further down in this section/chapter.
- You can also configure NAT and IP masquerading in order to enable access to the network from your guests.
Perform the following configuration steps on your host:
- Create a
dummy0
network interface and assign it a static IP address. In our example I selected 10.1.1.1 to avoid routing problems in our environment. To enable dummy device support add the following lines to/etc/modprobe.conf
:alias dummy0 dummy options dummy numdummies=1
- To configure networking for
dummy0
, edit or create/etc/sysconfig/network-scripts/ifcfg-dummy0
:DEVICE=dummy0 BOOTPROTO=none ONBOOT=yes USERCTL=no IPV6INIT=no PEERDNS=yes TYPE=Ethernet NETMASK=255.255.255.0 IPADDR=10.1.1.1 ARP=yes
- Bind
xenbr0
todummy0
, so you can use networking even when not connected to a physical network. Edit/etc/xen/xend-config.sxp
to include thenetdev=dummy0
entry:(network-script 'network-bridge bridge=xenbr0 netdev=dummy0')
- Open
/etc/sysconfig/network
in the guest and modify the default gateway to point todummy0
. If you are using a static IP, set the guest's IP address to exist on the same subnet asdummy0
.NETWORKING=yes HOSTNAME=localhost.localdomain GATEWAY=10.1.1.1 IPADDR=10.1.1.10 NETMASK=255.255.255.0
- Setting up NAT in the host will allow the guests access Internet, including with wireless, solving the Xen and wireless card issues. The script below will enable NAT based on the interface currently used for your network connection.
Network address translation (NAT) allows multiple network address to connect through a single IP address by intercepting packets and passing them to the private IP addresses. You can copy the following script to /etc/init.d/xenLaptopNAT
and create a soft link to /etc/rc3.d/S99xenLaptopNAT
. This automatically starts NAT at boot time.
Note
#!/bin/bash PATH=/usr/bin:/sbin:/bin:/usr/sbin export PATH GATEWAYDEV=`ip route | grep default | awk {'print $5'}` iptables -F case "$1" in start) if test -z "$GATEWAYDEV"; then echo "No gateway device found" else echo "Masquerading using $GATEWAYDEV" /sbin/iptables -t nat -A POSTROUTING -o $GATEWAYDEV -j MASQUERADE fi echo "Enabling IP forwarding" echo 1 > /proc/sys/net/ipv4/ip_forward echo "IP forwarding set to `cat /proc/sys/net/ipv4/ip_forward`" echo "done." ;; *) echo "Usage: $0 {start|restart|status}" ;; esac
One of the challenges in running virtualization on a laptop (or any other computer which is not connected by a single or stable network connection) is the change in network interfaces and availability. Using a dummy network interface helps to build a more stable environment but it also brings up new challenges in providing DHCP, DNS and tftpboot services to your guest virtual machines. The default DHCP daemon shipped with Red Hat Enterprise Linux and Fedora Core will not listen on dummy interfaces, and your DNS forwarded information may change as you connect to different networks and VPNs.
dnsmasq
, which can provide all of the above services in a single package, and also allows you to configure services to be available only to requests from your dummy interface. Below is a short write up on how to configure dnsmasq
on a laptop running virtualization:
- Get the latest version of
dnsmasq
from here. - Documentation for
dnsmasq
can be found here. - Copy the other files referenced below from http://et.redhat.com/~jmh/tools/xen/ and grab the file
dnsmasq.tgz
. The tar archive includes the following files:nm-dnsmasq
can be used as a dispatcher script for NetworkManager. It will be run every time NetworkManager detects a change in connectivity and force a restart or reload ofdnsmasq
. It should be copied to/etc/NetworkManager/dispatcher.d/nm-dnsmasq
xenDNSmasq
can be used as the main startup or shutdown script for/etc/init.d/xenDNSmasq
dnsmasq.conf
is a sample configuration file for/etc/dnsmasq.conf
dnsmasq
is the binary image for/usr/local/sbin/dnsmasq
- Once you have unpacked and built
dnsmasq
(the default installation will be the binary into/usr/local/sbin/dnsmasq
) you need to edit yourdnsmasq
configuration file. The file is located in/etc/dnsmaqs.conf
. - Edit the configuration to suit your local needs and requirements. The following parameters are likely the ones you want to modify:
- The
interface
parameter allowsdnsmasq
to listen forDHCP
andDNS
requests only on specified interfaces (such as dummy interfaces). Note thatdnsmasq
cannot listen to public interfaces as well as the local loopback interface simultaneously. Add anotherinterface
line for more than one interface.interface=dummy0
is an example which listens on thedummy0
interface. - Modify
dhcp-range
to enable the integratedDHCP
server. You will need to supply the range of addresses available for lease and optionally a lease time. If you have more than one network, you will need to repeat this for each network on which you want to supplyDHCP
service. An example would be (for network 10.1.1.* and a lease time of 12 hours):dhcp-range=10.1.1.10,10.1.1.50,255.255.255.0,12h
- Modify
dhcp-option
to override the default route supplied bydnsmasq
, which assumes the router is the same machine as the one runningdnsmasq
. An example would bedhcp-option=3,10.1.1.1
- After configuring
dnsmasq
you can copy the script below asxenDNSmasq
to/etc/init.d
- If you want to automatically start
dnsmasq
during system boot, you should register it usingchkconfig(8)
:chkconfig --add xenDNSmasq
Enable it for automatic startup:chkconfig --levels 345 xenDNSmasq on
- To configure
dnsmasq
to restart every time NetworkManager detects a change in connectivity you can use the supplied scriptnm-dnsmasq
.- Copy the
nm-dnsmasq
script to/etc/NetworkManager/dispatcher.d/
- The NetworkManager dispatcher will execute the script (in alphabetical order if you have other scripts in the same directory) every time there is a change in connectivity.
dnsmasq
will also detect changes in your/etc/resolv.conf
and automatically reload them (if you start up a VPN session, for example).- Both the
nm-dnsmasq
andxenDNSmasq
script will also set up NAT if you have your guests on a hidden network to allow them access to the public network.