FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Server Development

 
 
LinkBack Thread Tools
 
Old 05-10-2012, 02:35 PM
 
Default KVM network configuration issue

Hi all.

I have a KVM guest webserver VWEB which I want to give
an external IP. *My host has 4 NICs, of which I use only one presently.
*



Host:

auto eth0

iface eth0 inet manual

auto br0

iface br0 inet static

address 172.16.5.11

netmask 255.255.0.0

gateway 172.16.1.1

dns-nameservers 172.16.1.2

bridge-ports eth0



I would like to connect a cable between my host's eth3
and my company FW. *(That specific port of the FW is now in use by
my old physical web server and all is working fine for this old server).

VWEB should use eth3 on the host. *And inside VWEB,
i want to assign the fixed external IP.



I cannot find the doc for this setup. *I tried the
following:

Host: i added the following:

auto br1

iface br1 inet manual

bridge-ports eth3



-> i didn't want my host to have this external ip available,
only VWEB running as guest, so on the host I didn't configure the external
IP. *I expected the packets form VWEB to be just passed to the interface.
*It didn't work. *I have some ideas about why it may not work,
but I can't solve it. *Anyone knows how to do this?



Kind regards,



Jürgen--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 05-10-2012, 06:26 PM
Michael Zoet
 
Default KVM network configuration issue

Hi,
Hi all.

I have a KVM guest webserver VWEB which I want
to give
an external IP.



I would like to connect a cable between my host's
eth3
and my company FW.

VWEB should use eth3 on the host. *And inside
VWEB,
i want to assign the fixed external IP.




Anyone knows how to do this?









I think this is not possible with KVM because it exclusively uses
bridging for network connections. But I may be wrong with it.



Have you tried to exclusively assign eth3 to the VWEB VM? I tried
this in the past with Xen (works great ;-) ) and with KVM (does not
work for me with Intel quad port cards and at least 10.04 :-( ). I
think it is easier than setting this up with a bridge.



I have a similar setup with only one NIC. Maybe if you can assign
eth3 somehow to this setup it might work.

(in my setup the KVM server works as a router/firewall, so it sees
all traffic to the VMs through eth0)



What you may try:



- setup a bridge in /etc/network/interfaces which is in a private
subnet, with a route to the public IP:



auto bridge01

iface bridge01 inet static

******* address <IP_FROM_PRIVATE_SUBNET>

******* netmask 255.255.255.0

******* pre-up brctl addbr $IFACE

******* post-up route add -host <PUBLIC_IP> $IFACE

******* post-down brctl delbr $IFACE



- assign bridge01 to your VM VWEB as a NIC



- configure in your VWEB VM the NIC in /etc/network/interfaces:



# The primary network interface of VWEB

auto eth0

iface eth0 inet static

*address <PUBLIC_IP>

*gateway <IP_OF_YOUR_KVM_SERVER>

*netmask 255.255.255.0



So far you can reach VWEB through the public IP but traffic is
routed through the KVM server. Not what you wanted I know but it
works this way ;-). Your KVM server must have IP forwarding enabled.
If you use iptables firewall and your default policy is drop for the
FORWARD chain, you need some firewall rules to pass the network
traffic from and to your VWEB.



I am not sure how to setup eth3 in a way that the traffic is only
seen by your VWEB VM. In my opinion it should be enough to assign
eth3 to bridge01 and configure eth3 accordingly. Maybe I am wrong
with it and there is some more config stuff to do.





Perhaps it helps,

Michael

























--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 05-11-2012, 11:47 AM
Sander Smeenk
 
Default KVM network configuration issue

Quoting jurgen.depicker@let.be (jurgen.depicker@let.be):

> -> i didn't want my host to have this external ip available, only VWEB
> running as guest, so on the host I didn't configure the external IP. I
> expected the packets form VWEB to be just passed to the interface. It
> didn't work. I have some ideas about why it may not work, but I can't
> solve it. Anyone knows how to do this?

It sounds like what you describe 'should just work'.
Or i am misinterpreting your email. :-)

I run a host system which has one NIC with multiple tagged VLANs, for
each VLAN i create a bridge and KVM just uses that bridge to connect
the vnetN devices.

It looks like this on the host:
| auto eth0
| iface eth0 inet manual
| post-up /sbin/ip link set dev eth0 up
|
| auto v-dmz
| iface v-dmz inet manual
| bridge_ports eth0.10
| bridge_fd 0
| bridge_stp off
| bridge_maxwait 0

Within virt-manager/KVM we specify v-dmz as the network interface,
the vnetN device gets bridged with eth0.10 like so:
| v-dmz 8000.00199977d593 no eth0.10
| vnet16

And the virtual machine just has a static config for it's NIC:
| auto eth0
| iface eth0 inet static
| address 172.17.1.2
| netmask 255.255.255.0
| gateway 172.17.1.1

Apart from me using VLANs, this should not be different for your setup?


In a different setup i have a /29 of IPs routed to the 'main' IP-address
of my host server. The host server uses a 'numberless bridge setup' to
forward the entire /29 to the virtual machine bridge. This setup is more
complex and might not be what you are looking for, still, the host has
no IP in the /29 and all the IPs in the /29 are usable (no network or
broadcast IPs are lost).


HTH,
-Sander.
--
| It is better to regret something you HAVE done,
| than to regret something you HAVEN'T done...
| 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7 FBD6 F3A9 9442 20CC 6CD2

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 

Thread Tools




All times are GMT. The time now is 10:04 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org