So I have an existing QEMU/KVM setup with networks connected to a bridge
which is routed/forwarded to the host's other interfaces. I'm trying
to switch to administering at least *some* of its VMs through libvirt
(probably not all as I use QEMU snapshots extensively for some of them
and libvirt doesn't support that yet, if ever). So libvirt has to be
able to start guests connected to a particular host bridge, and give them
appropriate IP addresses.
I thought it was easy to teach libvirt about this:
spindle:/etc/libvirt/qemu/networks# cat /etc/libvirt/qemu/networks/default.xml
<network>
<name>default</name>
<uuid>ee573497-1d74-473b-a2cb-9916229209b8</uuid>
<forward mode='route'/>
<bridge name='vm-net' stp='on' delay='0' />
<ip address='192.168.20.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.20.1' end='192.168.20.254' />
</dhcp>
</ip>
</network>
However, there appears to be no way to say 'this is what the network is
already like'. That network is considered 'inactive' and can't be used by
any guests, and if I try to make it active, I get this:
virsh # net-start default
error: Failed to start network default
error: cannot create bridge 'vm-net': File exists
Of course it bloody can't create that bridge: it's already there, has an
IP address on the host, and has the host routing packets to it. There
appears to be no option to allow libvirt to assign IPs on the host...
... should I fix that, 'net-start' tries to update iptables rules!
How should I put this: I do not *not not* want libvirt pissing with the
firewall in any way at all. If I want firewall rules, I'll create them.
But there's no way to tell it 'hands off! This network is already active,
don't try to *make* it active!'
... at least, there's none in the documentation, and there's none in the
code that I can see.
Or is there?