Debian’s, KVM, 2 subnets. 2 bridge. Correct Organization of the network.

As you already know, I use Debian + KVM bundle + virsh + virt-install + virt-manager for virtualization. Bunch has already proved its viability. Moreover, it showed excellent performance and minimal performance overhead.
But the first steps in learning I cognized the KVM SWITCH fail. Big fat fail and such. The first time I set up the servers as your manual
And it was all good, fast, fun, except for the network. Network speed was excellent, but understanding how it works, and why it is so strange to not have any. What were the problems …. Well, first of all, any FreeBSD did not want to go into the network. The FreeBSD guest gurufrâšniki to configure network …. But the Internet is hard hit. Vds It’s you and gene duplication packages, and redirrekty packages … Just not upomnû.
Causes everything to smash and rebuild was two. First, I needed to understand how it works. Second, after a reboot the host server has not expressed a desire to respond to pings. 7:0 were killed in the attempt to understand what happened and the 5 minutes it took to solve the problem.
Then came the second subnet IP addresses and their problems surfaced using …. In General, I offer you a sample network configuration for seamless KVM virtualization. Features of this method:
1 VPS) receive ip addresses, specified on their internal network interejsah and with these addresses can access the Internet. Just like physical servers.
2) VPS doesn’t understand that they are behind a gateway or network capabilities are somehow limited. So, we can raise the pptp/pppoe servers, calmly putting the ispmanager control panel and more
3), the administrator can manually change the VDSa IP address for their VPS, be it in/guest. Yes, it’s a negative, that is the problem. We will deal with in the following articles of the cycle.
4) we do not save IP addresses for the network within the framework of this manual. If you do not want to waste the IP addresses on which the bullshit” is looking for another manual.
5) we get the most efficient and transparent solution.
6) each virtual network interface will be able to obtain an IP address from one subnet. But no one bothers to virtualkam attach the second network interface.
Attention! The article is out of date and contains inaccuracies. You need article Debian, KVM, the final article. Setting up a network for the KVM. KVM and 2/3 + subnets on a single server.
Now to the practice.
We have a server. Bashoy this, the data center for ciskami. Data center network there is no DHCP, but a MAC address filter on the ciskah, which does not provide an IP address to a different server.
Our server IP address allocated from the shared subnet data centers and personal/29â subnet. Let them so:
1 common subnet mask, IP addresses in the subnet: aaa.bbb.ccc. aaa.bbb.ccc, 137.175, 176, aaa.bbb.ccc. aaa.bbb.ccc. 177
2 private subnet mask) is, IP addresses xxx.yyy.zzz. 33, xxx.yyy.zzz. 34, xxx.yyy.zzz. 35, xxx.yyy.zzz. 36, xxx.yyy.zzz. 37, xxx.yyy.zzz. 38
Total10 IP addresses into 2 subnets. Unfortunately, the virtualki will get only 7 of them. If they were all on the same subnet would get 8.
Proceed to configuration. Be careful, some options are not suitable for you. Oh and don’t forget that the following cannot be kopipastit′, you need to understand what you are doing and all the handles.
Here is the/etc to the following:
Debian: ~ # cat/etc
Auto lo
iface lo inet loopback
Auto eth0
iface eth0 inet static
aaa.bbb.ccc. address.137
broadcast aaa.bbb.ccc..191
Gateway aaa.bbb.ccc..129
# default access route to subnet
up route addnet aaa.bbb.ccc netmask gw 128. aaa.bbb.ccc. 129 eth0
Be extremely careful, check all the settings. Reload the network daemon:
Debian: ~ # cat/etc/init.d/networking restart
Now is the time to install the bridge-utils package, if you haven’t done so already (aptitude install all remember how to spell).
Now you need to activate the ability to route packets to the host kernel:
Debian: ~ # echo 1 >/proc/sys/net/ipv4/ip_forward
This line can be put in/etc/rc.local. The rest I would not advise to add there. All of the following: I have in startup script, which is already prescribed in RC.local. In which case, I can quickly remove this line from a liveCD or LivePXEboot.
Begin setting personal server subnet (xxx.yyy.zzz. 3338):
Create a virtual interface br0, who would be responsible for routing, VPS with IP addresses from the private subnet:
Debian: ~ # brctl addbr br0
Assign it the IP address of the private subnet, configure and run it:
Debian: ~ # ifconfig br0 xxx.yyy.zzz. 33 netmask up
And now, actually, we assign routing for virtual machines:
Debian: ~ # route add-host xxx.yyy.zzz. 34 dev br0
Debian: ~ # route add-host xxx.yyy.zzz. 35 dev br0
Debian: ~ # route add-host xxx.yyy.zzz. 36 dev br0
Debian: ~ # route add-host xxx.yyy.zzz. 37 dev br0
Debian: ~ # route add-host xxx.yyy.zzz. 38 dev br0
Now create a virtual interface br1. He will be responsible for the routing of VDSov from the shared subnet:
Debian: ~ # brctl addbr br1
We assign it an IP address, configure and run it:
Debian: ~ # ifconfig br1 aaa.bbb.ccc 175 up.
Pay particular attention to the fact that we do not specify netmask br1. This simple truth cost me 5:0 active gugleža and the unavailable server. The reason is very simpleif you have a 2 in linux device/interface, IP addresses which belong to the same subnet as the subnet mask should be specified for only one of them.
And now, the donastroim routing for VPS with IP addresses from the subnet:
Debian: ~ # route add-host aaa.bbb.ccc. 176 dev br1
Debian: ~ # route add-host aaa.bbb.ccc. 177 dev br1
All network is configured. Write your script or we throw in RC.local, test whether the server is available after a restart of … And proceed to the installation of its first VPS (or not, what’s the difference).
Drives the familiar us command:
Debian: ~ # virt-installn vm1-r 1024-f/vms/vm1.img-s 50-c/iso/debian-cd/5.0.4/amd64/iso-cd/debian-504-amd64-CD-1.isoaccelerateos-type = linuxos-variant = generic26vvncw bridge: brX
Pay special attention to the option-w bridge: brX. Instead of X is a set number of the us br. In principle, you can configure any bridge devices. Using wondershaper (see article/43 on this site) you can limit the total speed of all virtual machines on the same bridge device. Above all, do not forget about the netmask to br1 (or its equivalent in your terms).
Oh and the network configuration for the KVM on one of our virtualok:
IP address xxx.yyy.zzz. 34
Netmask (same as the brX interface. In the case of br1 is the same that eth0)
Gateway is xxx.yyy.zzz. 33 (brX devices IP address)
DNS servers is the same as that of the physical server.
Specify these settings in the Debian Installer network configuration or any other distro/OS and … and use)
Attention! The article is out of date and contains inaccuracies. You need article Debian, KVM, the final article. Setting up a network for the KVM. KVM and 2/3 + subnets on a single server.