On 8/2/24 11:44 AM, Germano Massullo wrote:
I am running a libvirt hostmachine (Fedora 40) which has 192.168.1.6
IP address, assigned by router's DHCP server.
I want the libvirt VMs IPs to be assigned by router's DHCP server, so
I tried to setup a bridge via
# virsh net-define foo.xml
and trying the following files as xml file, but they all failed to
achieve the task. Here I list the two XML variants I tried to use
1)
<network>
<name>bridge-no-nat</name>
<bridge name='virbr1_no-nat' stp='on' delay='0'/>
<forward mode='open'/>
</network>
RETURNS:
open forwarding requested, but no IP address provided for network
'bridge-no-nat'
This method doesn't provide at all what you want - it will give you a
bridge device that isn't directly connected to any physical interface,
so any traffic between the guests connected to the bridge and the
physical network must be *routed* vi the host's IP stack, i.e. it is on
a different segment from the physical network and so no broadcast
traffic will pass between the bridge and the physical network. This
means that the bridge device must have a separate subnet, while you've
given it no network at all. Basically the only thing such a network
would be useful for would be to connect multiple guests that have
statically configured IP addresses (on the same subnet) but isolate them
from the outside network *and* the host itself (the host could still
monitor traffic on the bridge, but none of that traffic would be sent up
to the host IP stack for routing or forwarding - that would only be done
if the bridge device was given an IP address (on the same subnet as the
guests).
2)
I created in nmtui the bridge virbr1_no_nat then I used following XML
for virsh net-define
<network>
<name>br1_no_nat</name>
<forward mode='bridge'/>
<bridge name='virbr1_no_nat'/>
<virtualport type='openvswitch'/>
Since you've used nmtui to create the bridge device, I'm guessing that
it must be a standard Linux host bridge, and *not* an openvswitch bridge
(OVS has its own commandline tools to create an OVS bridge. That being
the case, you do *not* want the "<virtualport type='openvswitch'/>"
element in your network config.
Aside from that, when you create the bridge device, you need to make
sure that you host ethernet is attached to the bridge, and that any IP
configuration that was previously on the ethernet device is now on the
bridge. (you'll be able to verify this by running "ip link show dev
$name" for the ethernet and bridge devices, the ethernet device should
say "master virbr1_no_nat" and have no IP addresses associated with it,
and the bridge device should have the IP address that was previously
(before you created the bridge) assigned to the ethernet.
Once you've done both of these things, do a "virsh net-destroy
br1_no_nat; virsh net-start br1_no_nat" and you should be able to start
up your guest and have it connected directly to the physical network.
(BTW, I would call the bridge device some shorter name BTW, most people
just call it "br0" - not only is it easier to type, but the maximum
length of a network device name is IFNAMSIZ-1 == 15, and you could
easily run into some program that used IFNAMSIZ for the length of a
buffer used to store some variation of the if name that was a few
characters longer, and your name is already just 2 shy of the limit!)
<portgroup name='default'/>
</network>
then I configure the VM network to use but when I start the VM I get
error:
internal error: Unable to add port vnet1 to OVS bridge virbr1_no_nat:
<null>
Do you know how I can solve this?
Thank you
