Star Hype News.

Premium celebrity moments with standout appeal.

news

Bridge networking for 18.04 NetworkManager host and KVM netplan guest

By Sophia Hammond

The goal is to have the guest on the same network as the host (use the same DHCP server as the host uses).

I got to the point where the host is configured via external DHCP, guest is configured with static IP, they can communicate, host can communicate with the rest of the network but the guest can't.

I'm following the guide about creating a bridge with NetworkManager and using it in KVM (I've also removed all Wi-Fi connections from host and default bridge from KVM):

$ nmcli con add ifname br0 type bridge con-name br0
$ nmcli con add type bridge-slave ifname enp59s0 master br0
$ nmcli con modify br0 bridge.stp no
$ nmcli con up br0
$ nmcli c
NAME UUID TYPE DEVICE
br0 39f90a3b-6090-4b4f-a9c4-76d6b980c8c4 bridge br0
bridge-slave-enp59s0 dd58e274-8cfa-4102-b524-fd16d96516b8 ethernet enp59s0
docker0 901ac863-2d2b-4351-9b81-fbc2096e398b bridge docker0
$ brctl show br0
bridge name bridge id STP enabled interfaces
br0 8000.54bf6428c24c no enp59s0

In ip a br0 gets the IP, enp59s0 is a slave interface so it shows no IP.

/tmp/br0.xml:

<network> <name>br0</name> <forward mode="bridge"/> <bridge name="br0" />
</network>

Setting up KVM:

$ virsh net-define /tmp/br0.xml
$ virsh net-start br0
$ virsh net-autostart br0
$ virsh net-list --all Name State Autostart Persistent
---------------------------------------------------------- br0 active yes yes

Guest /etc/netplan/01-netcfg.yaml:

network: version: 2 renderer: networkd ethernets: ens3: addresses: [192.168.5.100/24] gateway4: 192.168.5.254 dhcp4: no dhcp6: no

When the VM is running there is vnet0:

$ nmcli c
NAME UUID TYPE DEVICE
br0 39f90a3b-6090-4b4f-a9c4-76d6b980c8c4 bridge br0
bridge-slave-enp59s0 dd58e274-8cfa-4102-b524-fd16d96516b8 ethernet enp59s0
docker0 901ac863-2d2b-4351-9b81-fbc2096e398b bridge docker0
vnet0 1e6cdf02-8f57-4670-b6a7-b72e15151137 tun vnet0
$ brctl show br0
bridge name bridge id STP enabled interfaces
br0 8000.54bf6428c24c no enp59s0 vnet0

In Wireshark on host on br0 I see all packets that try to go from guest to the network and from the network to the guest (I try to ping/connect to an external server from guest and ping/connect from that external server to the guest). But the connections aren't going through, the guest can't communicate with the rest of the network.

That looks like a host bridge problem. What's wrong with the bridge?

1 Answer

Ok, needed to allow forwarding in iptables. A script /etc/NetworkManager/dispatcher.d/br0.sh:

#!/bin/bash
if [ "$1" == br0 ]; then case "$2" in up) /sbin/iptables -A FORWARD -i br0 -j ACCEPT ;; down) /sbin/iptables -D FORWARD -i br0 -j ACCEPT ;; esac
fi

Can also add virsh net-destroy br0 and virsh net-start br0 to it to reinit the KVM part.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Related Archive

More in news