| View previous topic :: View next topic |
| Author |
Message |
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
 Posted: Mon Jan 10, 2022 11:00 pm Post subject: [solved] Add macvlan interface to host for host-guest access |
 |
|
Hej all,
I manually added a macvlan interface to the host system to communicate with my libvirt/qemu guest which are using bridged NICs using macvlan.
Without adding a macvlan NIC to the host, I am not able to communicate with the guests (both ways).
| Code: | ip link add macvlan0 link enp0s31f6 type macvlan mode bridge
ip address add 10.0.0.1/23 dev macvlan0
ip link set dev macvlan0 up
ip route flush dev enp0s31f6
ip route flush dev macvlan0
ip route add 10.0.0.0/23 dev macvlan0 metric 0
ip route add default via 10.0.0.254 |
This works perfectly fine. I am struggling though to translate this into Gentoos OpenRC netifrc format.
I don't even know how to start to define a macvlan interface (macvlan0) which is linked to my physical interface (enp0s31f6)
This is how it looks:
| Code: | 15: macvlan0@enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 0e:f2:99:1f:12:07 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/23 scope global macvlan0
valid_lft forever preferred_lft forever
inet6 2003:fd:df13:3200:cf2:99ff:fe1f:1207/64 scope global dynamic mngtmpaddr
valid_lft 86388sec preferred_lft 14388sec
inet6 fe80::cf2:99ff:fe1f:1207/64 scope link
valid_lft forever preferred_lft forever
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default USG 0.0.0.0 UG 0 0 0 macvlan0
10.0.0.0 0.0.0.0 255.255.254.0 U 0 0 0 macvlan0
loopback localhost 255.0.0.0 UG 0 0 0 lo
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 |
Could someone please help to translate this so it can be add to /etc/conf.d/net?
Thanks a lot,
Bjoern
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de
Last edited by blubbi on Wed Jan 12, 2022 2:50 pm; edited 1 time in total |
|
| Back to top |
|
 |
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Jan 11, 2022 12:10 am Post subject: |
|
|
You dont need to create any macvlan.
Just create a normal simple single-slave linux bridge out of your ethernet iface and assign this bridge to the kvm guests.
_________________
 |
|
| Back to top |
|
|
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
| Posted: Tue Jan 11, 2022 5:36 am Post subject: |
|
|
That would mean, that I would have to do it for each VM.
Adding a macvlan interface is a one time thing, no matter how many VMs there are.
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Jan 11, 2022 9:28 am Post subject: |
|
|
| Quote: |
That would mean, that I would have to do it for each VM.
|
No you just do it once on the host.
Then assign this bridge ie "br0" to any guest.
_________________
|
|
| Back to top |
|
|
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
| Posted: Tue Jan 11, 2022 12:12 pm Post subject: |
|
|
Could you give me an example how this would look in OpenRC netifrc format?
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Jan 11, 2022 7:36 pm Post subject: |
|
|
Sure
| Code: |
dns_domain_lo="<your domain>"
config_eth0="null"
bridge_br0="eth0"
####config_br0="dhcp" in case you need dhcp.If that is the case plz omit the below static config.
config_br0="192.168.155.40/24"
routes_br0="default via 192.168.155.1"
dns_servers_br0="1.1.1.1"
bridge_forward_delay_br0=0
bridge_hello_time_br0=1000
|
Plz adapt it to your environment.
So this way you will be using br0 as your ethernet iface for the host and at the same time you will assign it to all KVM guests enabling them to share the host LAN.
Plz dont forget to create symlinks
net.eth0
net.br0
and
rc-update add net.eth0 default
rc-update add net.br0 default
thus enabling them.
_________________
|
|
| Back to top |
|
|
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
| Posted: Tue Jan 11, 2022 8:42 pm Post subject: |
|
|
Thanks a lot for the example - I adopted it, but before testing it I have one more question.
Not sure if I am misreading this... "[...] assign it to all KVM guests enabling them to share the host LAN".
I am using bridged interfaces (macvtap) in my guests so each guest can have a dedicated IP.
Does your suggestion mean, that I have to assign a second interface to the libvirt/qemu guest in order to get a guest <-> host communication?
The beauty of the macvlan interface on the host is, that I don't need any additional config or interface in the guests. Maybe I am just misunderstanding you
(All this network stuff confuses the hell out of me)
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Jan 11, 2022 8:47 pm Post subject: |
|
|
You dont need macvtaps in the guest.
Just remove them and ONLY assign br0 as the guest iface.
When you boot your guest you will have inside an ethernet interface automatically with its dedicated IP given by dhcp which then you can configure it statically if you so desire.
The guest IP will be inside the range of the host LAN.
Automatically.
_________________
|
|
| Back to top |
|
|
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
| Posted: Tue Jan 11, 2022 9:14 pm Post subject: |
|
|
I have to check if that approach works with vagrant/libvirt out of the box.
Is the method I described not possible with the Gentoo netifrc script?
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
|
| Back to top |
|
|
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
| Posted: Wed Jan 12, 2022 7:02 am Post subject: |
|
|
That is very appreciated! Thanks a lot! I'll test it later and post some feedback.
The reason I am using macvtap and macvlan is given by vagrant:
| Quote: | | Public Network interfaces are currently implemented using the macvtap driver. The macvtap driver is only available with the Linux Kernel version >= 2.6.24. See the following Libvirt documentation for the details of the macvtap usage. |
https://github.com/vagrant-libvirt/vagrant-libvirt#networks
The entire story is:
I am switching from Vagrant/VirtualBox to Vagrant/libvirt+qemu (the transition is more complicated than I thought and gives me a lot of headache)
This is my network config on a manually created VM:
| Code: | <interface type="direct">
<mac address="52:54:00:34:49:70"/>
<source network="macvtap-net" portid="dcc21120-24fb-4bf6-bac4-0d8315751686" dev="enp0s31f6" mode="bridge"/>
<target dev="macvtap1"/>
<model type="virtio"/>
<alias name="net0"/>
<address type="pci" domain="0x0000" bus="0x01" slot="0x00" function="0x0"/>
</interface> |
No warning using this configuration:
https://i.ibb.co/ZJxxd8V/virt-manager-macvtap.png
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de |
|
| Back to top |
|
|
blubbi
Guru
Joined: 27 Apr 2003
Posts: 564
Location: Halle (Saale), Germany
|
| Posted: Wed Jan 12, 2022 2:49 pm Post subject: |
|
|
The MACVLAN config works - thanks!
I also tried your other suggestion and it works as well, but without the macvtap it looks like vagrant is bailing out.. *sigh*
_________________
-->Please add [solved] to the initial post's subject line if you feel your problem is resolved.
-->Help answer the unanswered
http://olausson.de |
|
| Back to top |
|
|
|
Networking & Security
