Re: [libvirt] libvirt/kvm config for routed networking
On Thu, Oct 08, 2009 at 09:44:45AM +0100, William Wagner wrote:
Hello,
I hope this is the right list I should post to as my question is not
development related.
I am trying to setup a kvm/libvirt VM on my host (Ubuntu jaunty). My
host has a public static IP and my VM also has a public static IP.
Unfortunately I can not use bridged networking as the hosting provider
has configured their switch to only accept packets from the MAC address
of the host.
I want to be able to setup my VM so it has the public static IP and it
appears to be directly connected to the net. I believe I can do this
with routed networking.
I have created a new routed network:
<network>
<name>routed-net</name>
<bridge name="routed%d" />
<forward mode="route" dev="eth0"/>
<ip address="10.255.255.2" netmask="255.255.255.255">
</ip>
</network>
and in my vm's config I have:
<interface type='user'>
That should be type='network' if you want the VM to associate
with the network you defined above.
<source network='routed-net'/>
<mac address='54:52:00:47:a8:38'/>
<model type='virtio'/>
</interface>
Will this mean that the VM is placed on the routed network?
Then I just need to add suitable routing rules on the host and
everything should work?
In theory yes, but I'm afraid I've never tried this type of config
myself.
Is there a way to get libvirt to add the rules automatically when the
VM
starts. I have previously used Xen where you are able to specify what
the IP address of the VM is and entries are automatically added to
iptables. Is there similar syntax for libvirt and if so what is it? If
not how do you recommend adding the routing rules?
If using type='network' then the idea is that things are all done for
you automatically. If you want todo the xen style approach manually,
then you can use type='ethernet' and use the <script> element to
point to a shell script for configuring the VM - the script would do
just the same kind of thing that would have done on Xen. We don't
particularly recommend type=ethernet as a general rule, but it is a
useful generic catch-all fallback for unusual scenarios like yours
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|