On Thu, Jun 13, 2024 at 08:00:32PM GMT, Roman Bogorodskiy wrote:
Andrea Bolognani wrote:
Honestly I'm not entirely sure it makes much sense to have the network driver and especially the default network if you need to bring your own firewall rules, but that can be a separate discussion.
Hm, I think the network driver is quite usable without QEMU, e.g. I use it with bhyve.
Okay, I didn't realize that was an option. Which leads me to open a different can of worms then: if libvirt networks can be used with drivers other than QEMU, wouldn't it make sense for their configuration to live in /etc/libvirt/network instead of /etc/libvirt/qemu/networks? How difficult would it be to adopt the new path without breaking existing setups?
I also find it quite useful even without firewall rules. Most of the time internal connectivity is enough for my guests. Configuring NAT on per-network basis is also fairly easy. For more advanced scenarios hooks could be used, though I haven't done that specifically.
VMs with no connectivity to the outside world are of very limited use IMO. At the very least, a warning about the fact that connectivity is limited could be displayed upon package installation. -- Andrea Bolognani / Red Hat / Virtualization