LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Virtualization and Cloud (https://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/)
-   -   isolate libvirt / kvm guests in virtual network (https://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/isolate-libvirt-kvm-guests-in-virtual-network-4175666353/)

tux111 12-21-2019 01:06 PM
isolate libvirt / kvm guests in virtual network
 
All,

is it possible to isolate libvirt / kvm guests in a virtual network? (I think VirtualBox has such an option).

- Chris

berndbausch 12-21-2019 04:34 PM
You mean an isolated network?

tux111 12-22-2019 05:49 AM
Only the virtual machines should connect to each other, but not even to the KVM host.

berndbausch 12-22-2019 07:31 AM
From the above link:
Code:
<network>
  <name>private</name>
  <bridge name="virbr2"/>
  <ip address="192.168.152.1" netmask="255.255.255.0">
    <dhcp>
      <range start="192.168.152.2" end="192.168.152.254"/>
    </dhcp>
  </ip>
  <ip family="ipv6" address="2001:db8:ca2:3::1" prefix="64"/>
</network>
The only way the guests can talk to the hosts is by accessing virbr2, i.e. 192.168.152.1. If no host process listens at virbr2, there is nothing the guests can connect to. If you are still bothered by the connectivity to virbr2, use iptables to shield it totally. If you don't even want DHCP, remove the dhcp clause. I don't know if you can remove the bridge's IP address, but it would be worth a try.


All times are GMT -5. The time now is 04:28 PM.