[clug] [CLUG] KVM Bridge networking - Update 1

steve jenkin sjenkin at canb.auug.org.au
Sun Apr 12 07:45:51 UTC 2020 

> On 11 Apr 2020, at 12:07, George at Clug via linux <linux at lists.samba.org> wrote:
> 
> Hi,
> 
> In my quest for isolated bridges for a KVM host, I have had some success, but only by disabling IPv6 on the bridge itself (thanks Bob for the suggestion of disabling IPv6).
> 
> If you understand this stuff better than myself, please point out any stupid errors may have made.  (this has been a four day intensive research journey for myself).
> 
> I would prefer not to have had to disable IPv6 on the bridge, but until I learn how to stop "systemd-networkd" from re-enabling my efforts to disable autoconfiguration on the bridge, it will have to do as a solution.
> 
> First I found this statement, which if true explains why I was not able to disable IPv6 addresses, even after setting IPv6 autoconfiguration as disabled.
> 
> "The problem with Ubuntu 18 and ipv6 is that systemd-networkd controls kernel parameters, so though one might disable ipv6 with sysctl, networkd will be more than happy switching them on for you, if the configuration does not state otherwise."
> 
> The below web page provided some help ful suggestions
> https://hsmr.cc/Freifunk/GatewayKonfiguration

======

I’ve never heard of “KVM Bridged Networking” before and searching for a description, simple or not, didn’t enlighten me.
Perhaps after you’ve solved your problem you might send the list a link to a page or two that covers this.

I understand the need to bridge interfaces and have done that occasionally, but not with VM’s. Have relied on the default NAT interface and a single NIC in my simple VM’s.

As a general point, default IPv6 configuration is often not what people want or need, generally because they don’t use it on their LAN and their ISP doesn’t route it.

IPv6 defaults have been the source of significant intrusions in the past, disabling it altogether is good security practice at the moment.

Hope these notes help.

stevej

======

0, I’ve no idea of “what" you’re trying to do, though you keep repeating to the list the same “how I want to do things”. repeating something in the same words doesn’t make others get the point.

	See #3 for an example of someone who described his problem clearly and succinctly.
	Perhaps elements of his solution (MAC addresses that changed) might work for you.


1. Do either of these recent pages match your environment and problem? [Note, no mention of IPv6] 

How to Install and Configure KVM on Ubuntu 18.04 LTS Server. 
<https://www.linuxtechi.com/install-configure-kvm-ubuntu-18-04-server/>


KVM: Creating a bridged network with NetPlan on Ubuntu bionic
<https://fabianlee.org/2019/04/01/kvm-creating-a-bridged-network-with-netplan-on-ubuntu-bionic/>



2. This youtube video (mute it or go mad) is a step-by-step for old-style sysinit (pre-systemd & services).
to be clear: DO NOT FOLLOW THIS

 Included because the screen capture is quite through and easy enough for me to follow & be confident.
Perhaps you could find such a tutorial for netplan / systemd + services

KVM Bridge Networking in Ubuntu
2012 
	 warning, NOT systemd
<https://www.youtube.com/watch?v=AcdMhEzu36o>


3. A problem + solution using  RHEL 6.5, co-incidentally ’systemd’ + service.
	I like the clear way he outlines his problem, the hardware setup and his intended outcome.
	Leaves out extraneous details.

KVM Bridge networking is a real pain
<https://access.redhat.com/discussions/1286653>


4. An old article, pre-systemd, but does try to explain for the likes of me, what  “KVM Bridged Networking” is,
and why I might be interested.

How to setup bridged networking in KVM - Tutorial
	2011
<https://www.dedoimedo.com/computers/kvm-bridged.html>

There are two ways we can try doing this.

One, we will create a bridge. 
Two devices will be bridged. 
Our physical device eth1 and the virtual device called vnet0. 
After we ascertain that our bridge works properly, 
we will commit the changes to a network configuration file on the disk. 
Virtual machines will lease their IP addresses from the router. 
This is similar to what we did with VirtualBox. 
This is the method we will cover here.

Limitations

There are many things that can go wrong. 
Your router may not support bridging. 
Your network interface may not support bridging. 
Your available pool of IP address leases may be limited. 
You may have a firewall interfering. 
Lastly, specifically for Ubuntu, you might encounter problems and conflicts if the Network Manager is managing the bridged interface.




--
Steve Jenkin, IT Systems and Design 
0412 786 915 (+61 412 786 915)
PO Box 38, Kippax ACT 2615, AUSTRALIA

mailto:sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin

More information about the linux mailing list