3.6. Virtual Networking
A virtual guest's connection to any network uses the software network components of the physical host. These software components can be rearranged and reconfigured by using
libvirt's virtual network configuration. The host therefore acts as a virtual network switch, which can be configured in a number of different ways to fit the guest's networking needs.
By default, all guests on a single host are connected to the same libvirt virtual network, named
default. Guests on this network can make the following connections:
- With each other and with the virtualization host
- Both inbound and outbound traffic is possible, but is affected by the firewalls in the guest operating system's network stack and by libvirt network filtering rules attached to the guest interface.
- With other hosts on the network beyond the virtualization host
- Only outbound traffic is possible, and is affected by Network Address Translation (NAT) rules, as well as the host system's firewall.
However, if needed, guest interfaces can instead be set to one of the following modes:
- Isolated mode
- The guests are connected to a network that does not allow any traffic beyond the virtualization host.
- Routed mode
- The guests are connected to a network that routes traffic between the guest and external hosts without performing any NAT. This enables incoming connections but requires extra routing-table entries for systems on the external network.
- Bridged mode
- The guests are connected to a bridge device that is also connected directly to a physical ethernet device connected to the local ethernet. This makes the guest directly visible on the physical network, and thus enables incoming connections, but does not require any extra routing-table entries.
For basic outbound-only network access from virtual machines, no additional network setup is usually needed, as the
default network is installed along with the libvirt package, and automatically started when the
libvirtd service is started. If more advanced functionality is needed, additional networks can be created and configured using either virsh or virt-manager, and the guest XML configuration file can be edited to use one of these new networks.
For information on advanced virtual network settings, see the Red Hat Enterprise Linux 7 Virtualization Deployment and Administration Guide.
From the point of view of the guest operating system, a virtual network connection is the same as a normal physical network connection. For further information on configuring networks in Red Hat Enterprise Linux 7 guests, see the Red Hat Enterprise Linux 7 Networking Guide.