[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] Network Configuration question




On 09 Feb 2009, at 14:17, Hugh O. Brock wrote:

On Sun, Feb 08, 2009 at 10:34:06PM +0100, Remko Nolten wrote:
Hi!

For a shared virtual hosting project with some friends we need a pretty specialized network configuration. Because we have virtually no time for
experimenting (no pun intended), and the hosting organization has no
experience with libvirt/KVM configurations they suggested to try and ask
here.

So, this is the situation: We have a server with one physical
connection. Each user gets one virtual machine with its own IP- address (we have our own ip-range). The hosting organization gives us one "main" address 'A' with netmask 255.255.255.0 (/24) and a default gateway for our host machine. Besides this we get a number of addresses B1, B2, etc.
with netmask 255.255.255.255 (/32) and without a default gateway. The
switch just routes the traffic to our server for each ip-address we own
(A and Bn).

According to our hosting organization, the normal solution is to
configure a loopback interface for each of the ip-addresses on the
server so you can configure your software just to use one of the
addresses. But we are not sure how this will work out in our virtual
environment. Our intuition tells us we need to use the routing network
forwarding mode, but when we bring the server to the data center we
don't want to have any surprises. :)

Hi there.

This actually sounds like a fairly standard configuration. What you
want to do is set the single NIC on your server to bridge, following
the instructions at
http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
. Each VM can then have its own IP, which in your case sounds like it
will be static.

Hope this helps,
--Hugh




Hi Hugh!

Thanks for your response. I'm afraid this will not work since the ip- addresses for the VM's have a /32 netmask and no default gateway which is required when you create a interface using a bridge.

This how it works in a (non-virtualized) system at our hosting organization: For example, my server has one main ip-address, 10.255.255.0 on eth0, and our hosting organization gives us 3 extra ip-addresses (so our range is 10.255.255.0/30) which are routed to 10.255.255.0. On our server, we can add the ip-addresses using:

	ip addr add 10.255.255.1/32 dev lo
	ip addr add 10.255.255.2/32 dev lo
	ip addr add 10.255.255.3/32 dev lo

So, our server gets the routed packages and will recognize them as one of his own which enables us to add listeners to the ip-addresses like Apache or a mail-server.

In our case, we don't want the server to route the packages to the loopback interface (so that services can listen to it), but we want the server to route the traffic to the virtual machine. The more I think of it, I suspect we need the "route" network option like this:

<network>
	<name>local</name>
	<bridge name="virbr%d" />
	<forward mode="route" dev="eth0"/>
<!-- dev is the device which is directly connected to the network and has ip 10.255.255.0-->
	<ip address="10.255.255.0" netmask="255.255.255.4">
	  <dhcp>
	    <range start="10.255.255.1" end="10.255.255.3" />
	  </dhcp>
	</ip>
</network>

Is this correct?

--
Remko Nolten
Tel: 		06-45600767
E-mail: 	remko nolten nu




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]