Chris Adams
2021-Dec-08 04:25 UTC
[CentOS] Qemu - enabling "bridge mode" for primary physical interface for VMs
Once upon a time, Lists <lists at benjamindsmith.com> said:> I understand that it's possible to allow the 4 VM guest systems to each have a > "direct" fixed IP address and access the addresses \via the host network > adapter, while the host retains its fixed IP.If you are running NetworkManager (the default), it's not too hard. Here's an example step-by-step for changing an existing interface "em1" to be a bridge "br0": # Create a bridge interface nmcli con add type bridge ifname br0 bridge.stp no # Copy all the IPv4/IPv6 config from an existing interface nmcli con mod bridge-br0 $(nmcli -f ipv4.method,ipv4.addresses,ipv4.gateway,ipv6.method,ipv6.addresses,ipv6.gateway con show em1 | grep -v -- -- | sed 's/: */ /') # -or- just set an IPv4 address/gateway to known values nmcli con mod bridge-br0 ipv4.method manual ipv4.address 10.1.1.2/24 ipv4.gateway 10.1.1.1 ipv6.method ignore # Make a connection for the physical ethernet em1 to be part of the bridge nmcli con add type ethernet ifname em1 master bridge-br0 # Switch from the "regular" em1 to the bridge nmcli con down em1; nmcli con up bridge-br0; nmcli con up bridge-slave-em1 # Disable the original config nmcli con mod em1 autoconnect 0 Then you set your VMs to use the bridge - in the libvirt XML for example, you'd have something like: <interface type='bridge'> <mac address='52:54:00:12:34:56'/> <source bridge='br0'/> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface> Inside the VM, configure the interface just as if it was a physical system on that subnet. -- Chris Adams <linux at cmadams.net>
Lists
2021-Dec-15 06:11 UTC
[CentOS] Qemu - enabling "bridge mode" for primary physical interface for VMs
Thank you, I'll be trying this on a spare machine here before I try it in production. Carefully reading the directions, although I see where bridge-br0 is created, I don't see where bridge-slave-em1 is defined? On Tuesday, December 7, 2021 8:25:37 PM PST Chris Adams wrote:> Once upon a time, Lists <lists at benjamindsmith.com> said: > > I understand that it's possible to allow the 4 VM guest systems to each > > have a "direct" fixed IP address and access the addresses \via the host > > network adapter, while the host retains its fixed IP. > > If you are running NetworkManager (the default), it's not too hard. > Here's an example step-by-step for changing an existing interface "em1" to > be a bridge "br0": > > > # Create a bridge interface > nmcli con add type bridge ifname br0 bridge.stp no > > # Copy all the IPv4/IPv6 config from an existing interface > nmcli con mod bridge-br0 $(nmcli -f > ipv4.method,ipv4.addresses,ipv4.gateway,ipv6.method,ipv6.addresses,ipv6.gat > eway con show em1 | grep -v -- -- | sed 's/: */ /') # -or- just set an IPv4 > address/gateway to known values > nmcli con mod bridge-br0 ipv4.method manual ipv4.address 10.1.1.2/24 > ipv4.gateway 10.1.1.1 ipv6.method ignore > > # Make a connection for the physical ethernet em1 to be part of the bridge > nmcli con add type ethernet ifname em1 master bridge-br0 > > # Switch from the "regular" em1 to the bridge > nmcli con down em1; nmcli con up bridge-br0; nmcli con up bridge-slave-em1 > > # Disable the original config > nmcli con mod em1 autoconnect 0 > > > Then you set your VMs to use the bridge - in the libvirt XML for > example, you'd have something like: > > <interface type='bridge'> > <mac address='52:54:00:12:34:56'/> > <source bridge='br0'/> > <model type='virtio'/> > <address type='pci' domain='0x0000' bus='0x00' slot='0x03' > function='0x0'/> </interface> > > > Inside the VM, configure the interface just as if it was a physical system > on that subnet.-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20211214/896c7202/attachment-0004.sig>
Chris Adams
2021-Dec-15 17:03 UTC
[CentOS] Qemu - enabling "bridge mode" for primary physical interface for VMs
Once upon a time, Lists <lists at benjamindsmith.com> said:> Thank you, I'll be trying this on a spare machine here before I try it in > production. Carefully reading the directions, although I see where bridge-br0 > is created, I don't see where bridge-slave-em1 is defined?This part:> > # Make a connection for the physical ethernet em1 to be part of the bridge > > nmcli con add type ethernet ifname em1 master bridge-br0does it. If you don't specify a connection name, NM names a new bridge member connection profile as "bridge-slave-<interface name>". -- Chris Adams <linux at cmadams.net>
Lists
2022-Jan-19 18:15 UTC
[CentOS] Qemu - enabling "bridge mode" for primary physical interface for VMs
Thank you Chris Adams for excellent information! It worked, see below. On Tuesday, December 7, 2021 8:25:37 PM PST Chris Adams wrote:> Once upon a time, Lists <lists at benjamindsmith.com> said: > > I understand that it's possible to allow the 4 VM guest systems to each > > have a "direct" fixed IP address and access the addresses \via the host > > network adapter, while the host retains its fixed IP. > > If you are running NetworkManager (the default), it's not too hard. > Here's an example step-by-step for changing an existing interface "em1" to > be a bridge "br0": > > > # Create a bridge interface > nmcli con add type bridge ifname br0 bridge.stp no > > # Copy all the IPv4/IPv6 config from an existing interface > nmcli con mod bridge-br0 $(nmcli -f > ipv4.method,ipv4.addresses,ipv4.gateway,ipv6.method,ipv6.addresses,ipv6.gat > eway con show em1 | grep -v -- -- | sed 's/: */ /') # -or- just set an IPv4 > address/gateway to known values > nmcli con mod bridge-br0 ipv4.method manual ipv4.address 10.1.1.2/24 > ipv4.gateway 10.1.1.1 ipv6.method ignore > > # Make a connection for the physical ethernet em1 to be part of the bridge > nmcli con add type ethernet ifname em1 master bridge-br0 > > # Switch from the "regular" em1 to the bridge > nmcli con down em1; nmcli con up bridge-br0; nmcli con up bridge-slave-em1 > > # Disable the original config > nmcli con mod em1 autoconnect 0 > > > Then you set your VMs to use the bridge - in the libvirt XML for > example, you'd have something like: > > <interface type='bridge'> > <mac address='52:54:00:12:34:56'/> > <source bridge='br0'/> > <model type='virtio'/> > <address type='pci' domain='0x0000' bus='0x00' slot='0x03' > function='0x0'/> </interface> > > > Inside the VM, configure the interface just as if it was a physical system > on that subnet.I just wanted to say that this worked, exactly as shown, and after trying it once on development hardward, I tried it on a production server and it also worked with minimal hassle. I ran into an oddity because the software image of the production server was from a disk image, not a fresh install and I had to wrestle with some "Network Adapters" that no longer really existed. My advice to anybody trying this would be to go into Network Manager and ensure the following before starting: 1) Set up the server to manual IP addresses, not DHCP. 2) Remove all duplicitous or inactive network adapters and interfaces. 3) Make sure that in nmtui, that all editable connection(s) also show in the interface that lets you activate them. 4) Make sure you are not dependent on the network adapter you are trying to use to contact the server! In my case I ended up falling back to IPMI. Minor issue because I had it available, could have been far worse if I hadn't. ... and then do the above. Ben S -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20220119/a258758d/attachment-0003.sig>