|
Howto connect physical NIC's to a firewall guest only in qemu-kvm environment
Software used:
Ubuntu server 11.10 with XFCE desktop QEMU/KVM Virtual Machine Manager and libvirt etc. Harware: Intel I7, 12 GByte Ram, 4 Nic's Problem: I want to connect a guest firewall directly to my ISP. I'm using IPCop v2.0.0. Installs without problem as qemu image. But connecting to the outside world is a huge problem. First attempt, I tried to make connections with brctl bridges. This is working but contains a huge error. The host server is making contact with all the interfaces, which is not allowed. Especially not with my ISP Internet interface. I have to connect to my ISP as a DHCP client with a certain name and I want of course put a firewall in between. The guest firewall MUST make the contact only. Second attempt. I tried VDE2 V2.3.3 but I can not combine this with qemu-kvm and the physical NIC's. /etc/interfaces (Host): auto eth3In the startup script of the virtual switch I put these lines (not complete): vde_switch -s /tmp/vde -d -g vde2-net -M /tmp/vde/mi -f /etc/vde2/sw.conf ifdown eth3sw.conf contains the setup of the virtual switch: port/sethub 0 # 1=hub 0=switchResult after making contact with vdeterm /tmp/vde/mi: >vlan/allprintIn the end no NIC's are connected to the ports. What do I do wrong??? Second question is how to connect the VDE2 vlan=0000 to qemu-kvm guests and the host itself. It seems to be impossible to use Virtual Machine Manager v0.9.0 and/or libvirt. In VMM I can only see bridges. vdeq (vde qemu wrapper) is going to be obsolete and is advised not to use and doesn't give any result either. (It's a pity I can't publish a small drawing...........) |
| All times are GMT -5. The time now is 02:10 PM. |