On 3/24/26 12:28 PM, fc26wuqa@studserv.uni-leipzig.de wrote:
Hello,
I want to set up a NAT network inside a VM (so far as I understand, the name for that is nested virtualization).
A virtual network (including one with NAT enabled) doesn't require "nested virtualization" support (which is a term normally used to refer to hardware *CPU* virtualization for L2 nested VMs that are run within an L1 virtual machine (that is a VM running on a physical host)). A libvirt "virtual network" is just a simple way to start up the following group of functionality as a unit: 1) a Linux host bridge device (which can be used to connect tap devices to each other and then forward their traffic to a physical network using IP routing 2) an instance of dnsmasq, to provide 2a) DNS and 2b) DHCP services to anything connected to the hostbridge in (1) 3) proper packet filtering rules (i.e. nftables or iptables) to permit/block traffic between the devices connected to the bridge and the host + physical network. It is called a "virtual" network because it doesn't have any physical components, but it doesn't have anything to do with the CPU virtualization of KVM (which is what "nested virtualization" refers to).
Unfortunately I only have Shell Access to the VM, and am not hosting it.
This shouldn't be a problem (for creating a virtual network within your guest VM anyway).
I installed debian. The output of `uname -a`: Linux kvm1 6.12.74+deb13+1-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.74-2 (2026-03-08) x86_64 GNU/Linux
When I run `kvm-ok` it says "INFO: Your CPU does not support KVM extensions KVM acceleration can NOT be used".
When I try to load `kvm_intel` into the kernel (even with nested=1 option), it says "modprobe: ERROR: could not insert 'kvm_intel': Operation not supported".
I can't start a network, there is no `/dev/kvm` device.
None of the above is a roadblock to creating a libvirt virtual network within the guest VM. It *will* prevent you from running nested VMs with accelerated CPU virtualization (you can still run nested VMs that use TCG i.e. software CPU virtualization, but you will be very underwhelmed by the results).
I installed libvirt with `apt installĀ --no-install-recommends qemu- system libvirt-clients libvirt-daemon-system`.
I don't use debian, so I don't know which libvirt subpackages those pull in, but for libvirt virtual network management, you need to have the package libvirt-daemon-driver-network installed - your inability to create a virtual network is because that package is missing. (Additionally if you install libvirt-daemon-config-network that will add the canonical libvirt "default network" to your config, and attempt to autostart it when your guest starts. You can either use it as-is, or edit it with "virsh net-edit" to change the subnet it uses.)
Is there a way to enable libvirt support? For me, or the admins that host the VMs? As for *CPU* virtualization (aka KVM), that's not something that you can enable from your guest VM by itself. To enable nested virt for your guest (and others), the admins of the physical host should look at something like this for guidance:
https://docs.fedoraproject.org/en-US/quick-docs/using-nested-virtualization-... Note that any nested guest you may have created prior to enabling nested virtualization will have been setup for software virtualization, and remain that way until you change its config or simply recreate it with nested virt enabled. (NB: I don't know when that was last updated, and personally don't ever use nested virt so I'm not certain if those are the best instructions)