Skip to content

Instantly share code, notes, and snippets.

@mbodo

mbodo/libvirt-kvm-virtual-network.md

Forked from atomtigerzoo/libvirt-kvm-virtual-network.md
Created November 7, 2021 14:08
Show Gist options
  • Save mbodo/0e482eb945b3f93ede9eca332f8118d9 to your computer and use it in GitHub Desktop.
Save mbodo/0e482eb945b3f93ede9eca332f8118d9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
libvirt-kvm-virtual-network.md

Create private networks with libvirt

I assume that you have a running debian wheezy host with libvirt and qemu/kvm installed. You need two guest VMs for this. The first guest will get the IP 192.168.100.2 and the second will get 192.168.100.100. All following commands must be run with sudo or under root.

Internal Network

We create a new network named internal with libvirt and use it with the IP range of 192.168.100.2 - 192.168.100.254 to build our private network.

For the network and the two guest VMs we need MAC addresses. Create three random MACs with: (you must run it three times ;))

MACADDR="52:54:00:$(dd if=/dev/urandom bs=512 count=1 2>/dev/null | md5sum | sed 's/^\(..\)\(..\)\(..\).*$/\1:\2:\3/')"; echo $MACADDR

Copy all three to a text editor for later usage. Label the first internal network and the other tow guest 1 and guest 2 for reference.

Let's create the network. Open a new file:

nano /etc/libvirt/qemu/networks/internal.xml

Paste the following template:

<network>
  <name>internal</name>
  <forward mode='nat'/>
  <bridge name='virbr1' stp='on' delay='0'/>
  <mac address='YOUR_RANDOM_MAC_ADDRESS_FOR_THE_NETWORK'/>
  <ip address='192.168.100.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.100.2' end='192.168.122.254'/>
      <host mac='YOUR_RANDOM_MAC_ADDRESS_FOR_GUEST_1' ip='192.168.100.2'/>
      <host mac='YOUR_RANDOM_MAC_ADDRESS_FOR_GUEST_2' ip='192.168.100.100'/>
    </dhcp>
  </ip>
</network>

Now replace the uppercase strings with your created MAC addresses and save the file.

Hint I have called the bridge virbr1 because in most cases you will already have another network (virbr0). If you have multiple networks or bridges please select an unused name. Otherwise you will get an error while creating or starting the network.

Now let us define/load the new network:

virsh net-define /etc/libvirt/qemu/networks/internal.xml

From now on, if you want to edit your new network you must use virsh net-edit otherwise all changes will be overwritten (there is a warning if you open the file with a normal editor). If you want to take a look at the new network:

EDITOR=nano virsh net-edit internal

If you already had a network called internal (or want to stop another) use

virsh net-destroy <NETWORK_NAME>

Let's start the network:

virsh net-start internal

You should now be able to ping the first IP of the created range:

ping 192.168.100.1

You should see an output like:

PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data.
64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.049 ms

Stop it with ctrl+c.

If you want to autostart the internal network with boot, run:

virsh net-autostart internal

Guest NICs

Let's move on and create NICs for the each guest. We open the config of each VM and add a new interface.

Replace the uppercase strings with a) the name of your first vm to edit and b) the MAC address from above for guest 1 and run it:

virsh attach-interface --domain <NAME_OF_GUEST_1_VM> --type network --source internal --model virtio --mac <YOUR_RANDOM_MAC_ADDRESS_FOR_GUEST_1> --config --live

It should yield Interface attached successfully. Repeat the command by replacing the guest name and the MAC address with the ones for the second vm, guest 2.

You can check out the new NICs with:

virsh domiflist <NAME_OF_GUEST_1_VM>
virsh domiflist <NAME_OF_GUEST_2_VM>

It should show something like:

Interface  Type       Source     Model       MAC
-------------------------------------------------------
-          network    internal   virtio      YOUR_CREATED_MAC_ADDRESS

Perfect. Now, if the guests are running please shut them down - and I mean shut the down, don't restart them. Otherwise the network and NIC won't be attached.

virsh shutdown <NAME_OF_GUEST_1_VM>
virsh shutdown <NAME_OF_GUEST_2_VM>

Check if they are down and if they are, boot them up again:

virsh list --all

virsh start <NAME_OF_GUEST_1_VM>
virsh start <NAME_OF_GUEST_2_VM>

Add network to guests

Now we will add the newly created interface to each guest. This means you will have to repeat this step for each guest, replacing the MAC and IP accordingly.

Log into the guest:

virsh console <NAME_OF_GUEST_1_VM>

Check for the NIC:

ip a

There should be an empty interface. Note the name of it. If the VM had network access before it should be eth1. If you already have multiple interfaces, I think you know what you are doing ;)

Let's add the choosen static IP to:

nano /etc/network/interfaces

[... lo ... eth0 ...]

auto eth1
iface eth1 inet static
    address       192.168.100.2
    gateway       192.168.100.1
    netmask       255.255.255.0

Save it and close it. Restart the networking afterwards with:

/etc/init.d/networking restart

And check if you can ping the outside and your internal network on the host machine:

ping github.com

ping 192.168.100.1

If both commands return a successful ping all went well. Return the steps for your second guest now.

Add hosts to live-network

All edits to a network require a full restart of the network and all machines attached to it! You can add/remove new guests to running networks with the following:

virsh net-update <NETWORKNAME> add ip-dhcp-host "<host mac='<MACADRESS>' name='<NAME_OR_FQDN>' ip='<GUEST_IP_IN_DHCP_RANGE>' />" --live --config
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment