Need help with libvirt VM connectivity

Discussion in 'Virtualized Computing' started by mashie, Jun 9, 2018.

  1. mashie

    mashie Mawd Gawd

    Messages:
    4,125
    Joined:
    Oct 25, 2000
    I have a feeling it is something very basic I'm missing here but this is driving me nuts at the moment. I can't get bridging to work in a persistent way between the guests and the outside world on my server.

    The system is an old HP i7 2600 desktop with 32GB of ram running Ubuntu 16.04 x86 server. It has one NIC, eno1. That NIC is set to run dot1q via a switch to a firewall. The VM's are running QEMU.

    eno1.11 is used for host management and working fine.
    eno1.27 is used for the guests to reach the host and external connectivity.

    On VLAN 27 I use 10.71.4.129 for the external firewall, 10.71.4.130 for the host and 10.71.4.131 for the guest (once the first one is working it will be 6 guests).

    Code:
    cat /etc/network/interfaces
    
    auto lo
     iface lo inet loopback
    
    auto eno1.11
     iface eno1.11 inet static
     address 10.71.1.10
     netmask 255.255.255.192
     gateway 10.71.1.1
     dns-nameservers 8.8.8.8 8.8.4.4
     vlan-raw-device eno1
    
    auto eno1.27
     iface eno1.27 inet manual
     vlan-raw-device eno1
    
    First I created bridge "br0" here with IP 10.71.4.130 and attached eno1.27 to it. In the Virsh xml file for the VM I pointed the interface to bridge br0. No errors when starting up the VM, except the VM couldn't reach anything but the host could reach the firewall.

    So next was to scrap the br0 in /etc/network/interfaces and use the net-create function in Virsh using this xml:

    Code:
    cat host-bridge.xml
    <network>
      <name>host-bridge</name>
      <bridge name="virbr9"/>
      <forward mode="route" dev="eno1.27"/>
      <ip address="10.71.4.130" netmask="255.255.255.240">
      </ip>
    </network>
    
    After tweaking the VM xml to use virbr9 I had connectivity between the host and the guest but neither could reach the firewall.

    Next was to try and attach the eno1.27 interface to virbr9 manually:

    Code:
    brctl addif virbr9 eno1.27
    Code:
    brctl show virbr9
    bridge name     bridge id               STP enabled     interfaces
    virbr9          8000.525400820772       yes             eno1.27
                                                            virbr9-nic
                                                            vnet0
    
    At this stage everything is working, firewall, host and guest can all reach each other.

    How do I get this working whenever the server is rebooted as the brctl command isn't persistent? Any help is appreciated.
     
  2. McCHillin

    McCHillin Limp Gawd

    Messages:
    225
    Joined:
    Aug 8, 2017
    ImI not an expert.... Actually, I know very little.... But will look into it.... Have you tried the #ubuntu IRC channel?
    They are VERY helpful, if a bit egotistical.
     
  3. mashie

    mashie Mawd Gawd

    Messages:
    4,125
    Joined:
    Oct 25, 2000
    Thanks, I gave up on libvirt in the end as it seems you really need to run CentOS or Redhat for libvirt to work properly.

    I got it all running as intended in a persistent way by using GNS3 in the end.
     
    McCHillin likes this.
  4. McCHillin

    McCHillin Limp Gawd

    Messages:
    225
    Joined:
    Aug 8, 2017
    You can get it working with other distros, but it is MUCH easier with CentOS/RedHat
     
    mashie likes this.