Put KVM VMs on the LAN with a virtual bridge.

RedHat’s virtualization solution known as the Kernel Virtualization Module, or KVM is quite useful. KVM makes it possible to operate several virtual guest operating systems concurrently with relatively modest host hardware. Any given guest VM could then be used as an http server, a mail server, or even a directory server like OpenLDAP or FreeIPA. However, the default networking environment for a KVM setup is to allow your virtual machine guests access to your host’s network via Network Address Translation, or NAT, through the host’s ethernet interface. This is fine for a desktop environment that would only ever need to call out to request web pages or rpm packages but a server is going to require bi-directional access to and from the network. The solution is bridged networking.

This HowTo assumes the following hardware setup:

  1. A host computer with at least one wired network interface
  2. A typical residential networking setup (a wired/ wifi/or combination wired/wifi residential router which may or may not provide internet access from an ISP)
  3. Other networked machines to test the final product on (a smartphone, tablet, another computer, etc.)

This HowTo assumes the following software setup:

  1. A Fedora/RHEL/CentOS host configured with qemu
  2. The Virtual Machine Manager application (/usr/bin/virt-manager)
  3. A guest VM installed in KVM (my configuration examples will use a CentOS guest)

Step 1 : Disable NetworkManager

NetworkManager is great but it’s going to need to be turned off for this to work properly since the daemon has a habit of rewriting your network-scripts. Turning off the service and turning on networkd is accomplished with systemctl:

As root:

  1. # systemctl stop NetworkManager
  2. # systemctl disable NetworkManager
  3. # systemctl enable network
  4. # systemctl start network

Step2 : Edit /etc/sysconfig/network-scripts

This is the heart of the project. You’ll be creating bridge br0 and binding your physical network interface to it. Going forward both your VM host and guest(s) will communicate with your home LAN via this bridge. Again as root:

  1. # vi /etc/sysconfig/network-scripts/ifcfg-br0 , copy what follows below and then edit to match your local setup:
  • Note that in the directive TYPE=Bridge that Bridge begins with a capital ‘B’
  • Choose an available ip address that agrees with your local setup
  • Choose a network mask expressed as CIDR notation for the PREFIX directive, here 24 is synonymous with 255.255.255.0
  • Choose a gateway and DNS if your host and guests will be routed beyond your router, my home router at 192.168.1.1/24 handles this
  1. Edit the /etc/sysconfig/network-scripts/ifcfg-xxx file for your local physical interface. If you used NetworkManager to create your existing network setup then you will have a file in your /etc/sysconfig/network-scripts directory named ifcfg-“the name of your physical interface”. This usally takes the form of the system assigned UDEV name of the network device. Mine is ifcfg-enp0s31f6 since it’s the first (and only) embedded network interface.
  • # vi /etc/sysconfig/network-scripts/ifcfg-“Name of your physical ethernet interface”
  • Remove the directive BOOTPROTO=xxx
  • Append the directive BRIDGE=br0

Step 4 : Configure your VM Guest to use br0

All that remains now is to configure QEMU to talk out through your newly created network bridge. I use virt-manager to do this.

  1. # /usr/bin/virt-manger
  2. Right-click on QEMU-KVM and choose ‘Details’
  3. Click on Network Interfaces in the Connection Details window that opens
  4. Verify that you now have br0 listed among your valid network interfaces
  • Close the Connection Details window
  • Choose one of your KVM guests from the Virtual Machine Manager window and click open
  • Choose View > Details, or click on the lightbulb icon
  • Click on NIC from the items listed along the left hand side to edit the guest’s network interface options
  • Choose your bridge from the drop down menu of Network Sources:
  • Click ‘Apply’ and then start/restart your KVM guest
  • Step 5 : Restart Networkd and test

    You’re almost there. All that remains is to restart the Network daemon and run some ping checks. As root:

    1. # systemctl restart network
    2. Ping the bridge, located at 192.168.1.150 in this example
    3. Ping another host on the LAN or something on the internet if you’re connected to it
    4. Open your KVM guest and run steps 2 and 3 above from a terminal there
    5. Ping your KVM guest from another host on the LAN such as another computer, tablet, or smartphone.

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out /  Change )

    Google photo

    You are commenting using your Google account. Log Out /  Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out /  Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out /  Change )

    Connecting to %s

    This site uses Akismet to reduce spam. Learn how your comment data is processed.