Next: Custom NAT-based network for libvirt, Previous: Network bridge for QEMU, Up: Virtual Machines [Contents][Index]
If the machine hosting your virtual machines is connected wirelessly to
the network, you won’t be able to use a true network bridge as explained
in the preceding section (see Network bridge for QEMU). In this
case, the next best option is to use a virtual network switch
with static routing and to configure a libvirt-powered virtual machine
to use it (via the virt-manager GUI for example). This is
similar to the default mode of operation of QEMU/libvirt, except that
instead of using NAT (Network Address Translation), it relies on
static routes to join the VM (virtual machine) IP address to the
LAN (local area network). This provides two-way connectivity to
and from the virtual machine, which is needed for exposing services
hosted on the virtual machine.
A virtual network switch consists of a virtual network device called a ‘virtual bridge’, DHCP server (dnsmasq) and firewall rules (iptables). See the libvirt Wiki article on Virtual Networking for more details on the modes of operation, management and implementation of virtual network switches.
The virsh command, provided by the libvirt
package, makes it very easy to create a virtual switch. You first need
to choose a network subnet for your virtual switch; if your home LAN is
in the ‘192.168.1.0/24’ network, you could opt to use e.g.
‘192.168.2.0/24’. Define an XML file, e.g.
/tmp/virbr0.xml, containing the following:
<network>
<name>virbr0</name>
<bridge name="virbr0" />
<forward mode="route"/>
<ip address="192.168.2.0" netmask="255.255.255.0">
<dhcp>
<range start="192.168.2.1" end="192.168.2.254"/>
</dhcp>
</ip>
</network>
Then create and configure the interface using the virsh
command, as root:
virsh net-define /tmp/virbr0.xml virsh net-autostart virbr0 virsh net-start virbr0
The ‘virbr0’ interface should now be visible e.g. via the ‘ip address’ command. It will be automatically started every time your libvirt virtual machine is started.
If you configured your virtual machine to use your newly created ‘virbr0’ virtual bridge interface, it should already receive an IP via DHCP such as ‘192.168.2.15’ and be reachable from the server hosting it, e.g. via ‘ping 192.168.2.15’. There’s one last configuration needed so that the VM can reach the external network: adding static routes to the network’s router.
In this example, the LAN network is ‘192.168.1.0/24’ and the router configuration web page may be accessible via e.g. the http://192.168.1.1 page. On a router running the libreCMC firmware, you would navigate to the Network → Static Routes page (https://192.168.1.1/cgi-bin/luci/admin/network/routes), and you would add a new entry to the ‘Static IPv4 Routes’ with the following information:
lan
192.168.2.0
255.255.255.0
server-ip
unicast
where server-ip is the IP address of the machine hosting the VMs, which should be static.
After saving/applying this new static route, external connectivity should work from within your VM; you can e.g. run ‘ping gnu.org’ to verify that it functions correctly.
Next: Custom NAT-based network for libvirt, Previous: Network bridge for QEMU, Up: Virtual Machines [Contents][Index]