Centos 6 and KVM - how to setup bridged networking in KVM in a -Class B- environment?
Hi guys
I have a Centos 6 box with a KVM Centos 6 VM inside it. I've been googling for days now and tried many howtos and setups to try and get the Centos 6 VM to be able to communicate over a bridged eth device to the host Centos 6. No Luck. The idea is to run a Centos 6 VM guest to do server duties - DHCP, DNS and Samba serving - out over the physical network to real clients, on the physical Centos 6 box. From there the need to use a bridged approach. To external clients, the Centos 6 VM must appear indistinguishable from the "real" Centos 6 inside which the VM is in fact running. Is this at all possible? All the guides I've tried (some altering network scripts, some setting up a tap device, some using tunneling, some all of these and some only certain ones) destroy connectivity on the physical Centos box instantly and do not allow the Centos VM any form of network access. The big issue is also I have to make the VM work in a Class B network and all examples I can find are strictly Class C. The physical Centos box is already doing DHCP, DNS and Samba perfectly in a Class B environment - we literally just want to move those functionalities into a Centos VM, but I simply -cannot- get -any- form of connectivity for the VM. So my questions are 1. Is the above at all possible? Use a VM to virtualise the DNS, DHCP, smbd and nmbd services so external peers "don't know" if they're "talking" to a "real Centos" or "KVM Centos"? 2. How do I get any form of bridged connectivity into the KVM Centos 6 instance, WITHOUT destroying all connectivity on the physical host machine? 3. How do I do all this in a CLASS B network setup? E. g. my physical Centos box is 172.16.1.1, and sample clients are 172.16.1.51 and 172.16.1.53 - the services 172.16.1.51 and 172.16.1.53 get from 172.16.1.1 is what I want to virtualise. Also, I cannot loose connectivity on the physical host (as there are active clients to it for DHCP, DNS, and Samba) while doing the bridge to the KVM instance. I simply cannot get any form of connectivity going in the KVM Centos 6 instance, no matter what I try. All attempts so far result in the physical Centos box losing all connectivity to any other machine on the Class B network, and the VM not having anyting at all either. Any ideas where I can start? Thanks! |
Yes, it is definitely possible to do. Look at my reply to a similar question here:
http://www.linuxquestions.org/questi...et-4175433134/ A Class C ( /24 ) and a Class B ( /16 ) netword setup is not that much different. Basically, you just need to use different netmask and network settings. For Class C, you would use these: netmask 255.255.255.0 network xxx.xxx.xxx.0 <- where xxx.xxx.xxx are the first 3 bytes of your network segment. For a Class B you should use these: netmask 255.255.0.0 network xxx.xxx.0.0 <- where xxx.xxx are the first 2 bytes of your network segment. Also, have you tried disabling SELinux and your iptables firewall on your host? |
Please also note that under no circumstance you should use the same IP address on your host and on your guest at the same time. You must use a different IP address on your guest.
|
Quote:
Yes, SELinux and iptables are disabled. Thanks for replying! I managed to get this going by using different bridge setup commands - it appears I had to let the VM run for a few minutes for everything to settle down. Things are fine now, I'm running DHCP, DNS and SAMBA from inside the KVM virtual Centos machine inside the physical Centos machine. I'll see about posting another mini-howto on this below. Thanks for the reply and assistance! Kind regards |
Quote:
My host has to be at 172.16.1.1. Therefore I reasoned that my VM, if bridged out, also has to be at this IP for it to work? This seems to be the case in practice... my physical Centos box is at 172.16.1.1 and I've setup the VM to also be at this address. E.g. if I'm right, bridging the two like IPs merely means that any traffic the physical box receives on its 172.16.1.1 address, gets passed to the 172.16.1.1 address inside the VM? I'm testing now, but everything works - DHCP, DNS, Samba, all work with both guest and VM at 172.16.1.1 - or is this by coincedence? Which IP should I change? I'm assuming I can change the IP inside the VM and if it is bridged have it still respond at 172.16.1.1 if the containing physical machine is at 172.16.1.1?? Thanks! |
No, you should not set the same IP address for the host and the guest. Think of it like this: A virtual machine is just like another physical machine. Both your host machine and your guest machine are on the same network. So thay cannot have the same IP address, because that would cause an IP address conflict on your network. If you assign the same IP to both your host and your guest, those two machines won't be able to communicate with each other via the TCP/IP protocol.
As per what IP to change, it is up to you. As I understand, you want to move services from your host machine to inside the VM and you already have other physical machines that are configured to communicate with your server at 172.16.1.1, so in your case I would change the host's IP to a previously unused IP for example to 172.16.1.2 and setup your guest inside the VM that is running on your host to 172.16.1.1 so it could take over the roles of your host. |
Hi Zoltan
Ok, I've done this - nothing has changed, everything is still working. Thanks for the help though! Kind regards |
Hi guys
Turns out my stuff was still broken! Started getting random disconnects when I tried to SSH into the VM and the host - the VM at 172.16.1.1 and the host at 172.16.1.2 - this only emerged after some extensive testing of what I though was the solution. Zoltan was correct, and I -thought- I had listened to this "don't use the same IP on host and guest" suggestion, when in fact I did not: In the tap0 setup script that sets up a bridged connection so the KVM VM can access the network, I made two mistakes. The first mistake was to setup the bridge based on the wrong IP address. ! I did exactly what Zoltan told me NOT to do, e. g. I put the host AND guest on he same IP - this caused very weird failures and errors with both SSH'ing into the machine(s) and getting onto the KVM Qemu instance with VNC. The second mistake was to use the wrong netmask for the Class B network I was on. Once I corrected both of the above, everything started working. First, the rationale. What I wanted was this: 172.16.1.1 - static IP of physical Centos 6 machine (host) 172.16.1.2 - static IP of virtual Centos 6 KVM qemu machine (e. g. the guest which runs "inside" a KVM on 172.16.1.1) So here is my qemu-ifup.sh for the above: Code:
#!/bin/sh Code:
ETH0IP=172.16.1.2 Code:
ETH0IP=172.16.1.1 The problem line at the bottom was Code:
/sbin/ifconfig br0 $ETH0IP netmask 255.255.0.0 broadcast $BROADCAST Code:
/sbin/ifconfig br0 $ETH0IP netmask 255.255.255.0 broadcast $BROADCAST Also, both accesses are stable and I no longer get the "random ssh daemon" problem I had earlier. Clearly it was all my fault, I had let IPs clash in the bridging step and I was using the incorrect netmask for a class B network. Once the above ifup script is done, I start my KVM Qemu instance - something like so: Code:
sh -f /home/verisharepdc/Desktop/qemu-ifup.sh tap0 Note that in the above, the VNC feed for the running QEmu KVM instance is available at 172.16.1.2:1 - if I pass this as is to TightVNC (for example) it works fine and I can see the XWindows instance running inside the qemu KVM instance. For reference, here is my qemu-ifdown.sh: Code:
#!/bin/sh Code:
#!/bin/sh Code:
ETH0IP=172.16.1.2 Here's my Qemu KVM instance's /etc/rc.local: Code:
#!/bin/sh Hope this helps somebody... |
All times are GMT -5. The time now is 08:54 PM. |