How to forward all VLAN's to KVM virtual machine

How to forward all VLAN's to KVM virtual machine using Open vSwitch.
By default documentation, you should send all traffic via OVS... Not very good idea, because it's independent service with can be stopped or restarted or have some bugs... so, you just miss ability login to physical server. My approach - separate management and production networks.

# cat /etc/sysconfig/network-scripts/ifcfg-eno49 
DEVICE="eno49"
ONBOOT=yes
NETBOOT=yes
UUID="bf732870-bc03-4a62-a1e5-686fd958928d"
IPV6INIT=yes
BOOTPROTO=none
HWADDR="8c:dc:d4:ac:dd:cc"
TYPE=Ethernet
NAME="eno49"
MASTER=bond0
SLAVE=yes

# cat /etc/sysconfig/network-scripts/ifcfg-eno50
DEVICE="eno50"
ONBOOT=yes
NETBOOT=yes
UUID="8bd8d8fb-9392-4028-a8be-b7b808fe6cdd"
IPV6INIT=yes
BOOTPROTO=none
HWADDR="8c:dc:d4:ac:dd:cd"
TYPE=Ethernet
NAME="eno50"
MASTER=bond0
SLAVE=yes

# cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BONDING_OPTS="miimon=100 updelay=0 downdelay=0 mode=802.3ad"
TYPE=Bond
BONDING_MASTER=yes
ONBOOT=yes

# cat /etc/sysconfig/network-scripts/ifcfg-bond0.222 
DEVICE=bond0.222
ONBOOT=yes
BOOTPROTO=none
VLAN=yes
NM_CONTROLLED=no
IPADDR=111.111.111.2
PREFIX=24
GATEWAY=111.111.111.1
DNS1=1.1.1.1
DNS2=1.1.2.2

Depend of you needs stop NetworkManager and Firewalld

systemctl stop NetworkManager
systemctl disable NetworkManager
systemctl stop firewalld
systemctl disable firewalld

Start and enable OVS service

systemctl enable openvswitch.service
systemctl start openvswitch.service

Now we need add bridge and point to right port

ovs-vsctl add-br br0
ovs-vsctl add-port br0 bond0

# ovs-vsctl show
7a0c9d14-3166-4173-8813-bb43a01e39f0
    Bridge "br0"
        Port "br0"
            Interface "br0"
                type: internal
        Port "bond0"
            Interface "bond0"

Problem on this step is br0 - Down, we can't use this link directly

9: br0:  mtu 1500 qdisc noop state DOWN 
    link/ether 8c:dc:d4:ac:dd:cc brd ff:ff:ff:ff:ff:ff

But we can create virtual network

# cat /etc/libvirt/my-ovsnet.xml 

  ovs-br0

This is one time work, with no need repeat anymore

virsh net-define /etc/libvirt/my-ovsnet.xml
virsh net-list
virsh net-start ovs-br0
virsh net-autostart ovs-br0

# virsh net-list --all
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 ovs-br0              active     yes           yes

In virsh-install you can use as normal network

--network network=ovs-br0

Or example for xml

Inside virtual machine we can configure network as usual.

Search This Blog

IT

How to forward all VLAN's to KVM virtual machine

Comments

Post a Comment

Popular posts from this blog

FreeRadius and Google Workspace LDAP

pssh (parallel-ssh) problems on Debian 10 with Python 3.7

Docker persistent MAC address generation problem