7:07 p.m.
Hi,
I met a problem setting up virt-manager and libvirt:
I want to use an existing customized network bridge with libvirt
(I need special iptables rules and a custom DHCP setup).
So I created a network definition file like this:
<network>
<name>NAT</name>
<bridge name='br-nat' />
</network>
Unfortunately, I'm unable to activate this network, because libvirt
tries to create the bridge `br-nat' and fails, because it already
exists:
# virsh net-start NAT
error: Failed to start network NAT
error: cannot create bridge 'br-nat': File exists
I just want libvirt to attach the guest's tap devices to this existing
bridge. I don't want libvirt to manage the network.
Is there any chance to realize this set-up?
It should work with virt-manager using the graphical wizard.
Thanks!
Regards
Sascha
2:14 a.m.
Sascha Frey wrote:
Hi,
I met a problem setting up virt-manager and libvirt:
I want to use an existing customized network bridge with libvirt
(I need special iptables rules and a custom DHCP setup).
So I created a network definition file like this:
<network>
<name>NAT</name>
<bridge name='br-nat' />
</network>
Unfortunately, I'm unable to activate this network, because libvirt
tries to create the bridge `br-nat' and fails, because it already
exists:
# virsh net-start NAT
error: Failed to start network NAT
error: cannot create bridge 'br-nat': File exists
I just want libvirt to attach the guest's tap devices to this existing
bridge. I don't want libvirt to manage the network.
Is there any chance to realize this set-up?
It should work with virt-manager using the graphical wizard.
Yes, just don't define a new network. To use existing bridges, you just need to
edit your guest XML files to use something like:
<interface type='bridge'>
<mac address='00:16:3e:4a:f6:89'/>
<source bridge='br0'/>
</interface>
Note that configured bridges should also show up in virt-manager, I believe.
--
Chris Lalancette
2:18 a.m.
Le lundi 19 octobre 2009 à 09:14 +0200, Chris Lalancette a écrit :
--
Daniel Berteaud
FIREWALL-SERVICES SARL.
Société de Services en Logiciels Libres
Technopôle Montesquieu
33650 MARTILLAC
Tel : 05 56 64 15 32
Fax : 05 56 64 15 32
Mail: daniel(a)firewall-services.com
Web : http://www.firewall-services.com
Sascha Frey wrote:
> Hi,
> I met a problem setting up virt-manager and libvirt:
> I want to use an existing customized network bridge with
libvirt
> (I need special iptables rules and a custom DHCP setup).
> So I created a network definition file like this:
> <network>
> <name>NAT</name>
> <bridge name='br-nat' />
> </network>
> Unfortunately, I'm unable to activate this network,
because libvirt
> tries to create the bridge `br-nat' and fails, because it already
> exists:
> # virsh net-start NAT
> error: Failed to start network NAT
> error: cannot create bridge 'br-nat': File exists
> I just want libvirt to attach
the guest's tap devices to this existing
> bridge. I don't want libvirt to manage the network.
> Is there any chance to realize this set-up?
> It should work with virt-manager using the graphical wizard.
Yes, just don't define a new network. To use existing bridges, you just need to
edit your guest XML files to use something like:
<interface type='bridge'>
<mac address='00:16:3e:4a:f6:89'/>
<source bridge='br0'/>
</interface>
Note that configured bridges should also show up in virt-manager, I believe.
Existing bridge shows up in virt-manager when run on the local machine.
If you use a remote connection (at least qemu+ssh), you don't see it,
you need to manually edit the guest XML.
(btw, is this a known "problem" or a bug ?)
Regards, Daniel
9:07 a.m.
On 10/19/2009 03:18 AM, Daniel Berteaud wrote:
Le lundi 19 octobre 2009 à 09:14 +0200, Chris Lalancette a écrit :
> Sascha Frey wrote:
>> Hi,
>>
>> I met a problem setting up virt-manager and libvirt:
>>
>> I want to use an existing customized network bridge with libvirt
>> (I need special iptables rules and a custom DHCP setup).
>>
>> So I created a network definition file like this:
>> <network>
>> <name>NAT</name>
>> <bridge name='br-nat' />
>> </network>
>>
>> Unfortunately, I'm unable to activate this network, because libvirt
>> tries to create the bridge `br-nat' and fails, because it already
>> exists:
>>
>> # virsh net-start NAT
>> error: Failed to start network NAT
>> error: cannot create bridge 'br-nat': File exists
>>
>>
>> I just want libvirt to attach the guest's tap devices to this existing
>> bridge. I don't want libvirt to manage the network.
>>
>> Is there any chance to realize this set-up?
>> It should work with virt-manager using the graphical wizard.
>
> Yes, just don't define a new network. To use existing bridges, you just need to
> edit your guest XML files to use something like:
>
> <interface type='bridge'>
> <mac address='00:16:3e:4a:f6:89'/>
> <source bridge='br0'/>
> </interface>
>
> Note that configured bridges should also show up in virt-manager, I believe.
Existing bridge shows up in virt-manager when run on the local machine.
If you use a remote connection (at least qemu+ssh), you don't see it,
you need to manually edit the guest XML.
(btw, is this a known "problem" or a bug ?)
For a while, libvirt didn't support a way to enumerate bridge devices on
a remote machine. That support now exists, but virt-manager needs to be
updated to use it (nontrivial). Known issue.
- Cole
7:24 a.m.
Daniel Berteaud wrote:
[...]
> > I just want libvirt to attach the guest's tap devices to
this existing
> > bridge. I don't want libvirt to manage the network.
> >
> > Is there any chance to realize this set-up?
> > It should work with virt-manager using the graphical wizard.
>
> Yes, just don't define a new network. To use existing bridges, you just need to
> edit your guest XML files to use something like:
>
> <interface type='bridge'>
> <mac address='00:16:3e:4a:f6:89'/>
> <source bridge='br0'/>
> </interface>
>
> Note that configured bridges should also show up in virt-manager, I believe.
Existing bridge shows up in virt-manager when run on the local machine.
If you use a remote connection (at least qemu+ssh), you don't see it,
you need to manually edit the guest XML.
Bridges with physical ethernet interfaces attached are listed.
Bridges with a dummy interface attached are not.
I'm not sure why, but I think libvirt gets its information from HAL and
HAL doesn't see these dummy interfaces.
I need to set up a system, which allows a non-root user to create a
virtual machine using some graphical interface.
And the most important part is: we need a secure network configuration
with strict packet filtering and custom DHCP setup.
It doesn't seem to be possible that libvirt uses my manually defined
network bridges without manual editing the guests XML files.
Regards,
Sascha
5510
days inactive
5514
days old
4 comments
4 participants
participants (4)
-
Chris Lalancette -
Cole Robinson -
Daniel Berteaud -
Sascha Frey