Red Hat Training
A Red Hat training course is available for Red Hat Enterprise Linux
Chapter 11. Network Configuration
This chapter provides an introduction to the common networking configurations used by libvirt based guest virtual machines. For additional information, consult the libvirt network architecture documentation: http://libvirt.org/intro.html.
Red Hat Enterprise Linux 6 supports the following networking setups for virtualization:
- virtual networks using Network Address Translation (NAT)
- directly allocated physical devices using PCI device assignment
- directly allocated virtual functions using PCIe SR-IOV
- bridged networks
You must enable NAT, network bridging or directly assign a PCI device to allow external hosts access to network services on guest virtual machines.
11.1. Network Address Translation (NAT) with libvirt
One of the most common methods for sharing network connections is to use Network Address Translation (NAT) forwarding (also known as virtual networks).
Host Configuration
Every standard libvirt
installation provides NAT-based connectivity to virtual machines as the default virtual network. Verify that it is available with the virsh net-list --all
command.
# virsh net-list --all Name State Autostart ----------------------------------------- default active yes
If it is missing, the example XML configuration file can be reloaded and activated:
# virsh net-define /usr/share/libvirt/networks/default.xml
The default network is defined from
/usr/share/libvirt/networks/default.xml
Mark the default network to automatically start:
# virsh net-autostart default Network default marked as autostarted
Start the default network:
# virsh net-start default Network default started
Once the
libvirt
default network is running, you will see an isolated bridge device. This device does not have any physical interfaces added. The new device uses NAT and IP forwarding to connect to the physical network. Do not add new interfaces.
# brctl show bridge name bridge id STP enabled interfaces virbr0 8000.000000000000 yes
libvirt
adds iptables
rules which allow traffic to and from guest virtual machines attached to the virbr0
device in the INPUT
, FORWARD
, OUTPUT
and POSTROUTING
chains. libvirt
then attempts to enable the ip_forward
parameter. Some other applications may disable ip_forward
, so the best option is to add the following to /etc/sysctl.conf
.
net.ipv4.ip_forward = 1
Guest Virtual Machine Configuration
Once the host configuration is complete, a guest virtual machine can be connected to the virtual network based on its name. To connect a guest to the 'default' virtual network, the following could be used in the XML configuration file (such as /etc/libvirtd/qemu/myguest.xml
) for the guest:
<interface type='network'> <source network='default'/> </interface>
Note
Defining a MAC address is optional. If you do not define one, a MAC address is automatically generated and used as the MAC address of the bridge device used by the network. Manually setting the MAC address may be useful to maintain consistency or easy reference throughout your environment, or to avoid the very small chance of a conflict.
<interface type='network'> <source network='default'/> <mac address='00:16:3e:1a:b3:4a'/> </interface>