Hi. On Mon, Aug 28, 2017 at 02:52:48PM +1000, Zenaan Harkness wrote: > "Right now" my aim is to run virt-manager or qemu, with kvm > underneath, with a host-only virtual network to which I shall connect > two virtual machines, and the host machine, and run some nfs or samba > thing to share folders between all 3.
This is doable. Not 'simple' as libvirt (the thing underneath virt-manager) is trying to do too much at once, but 'doable'. > My requisite is to have a sense of full control over my virtual > networking - this means setup and tear down primarily via > /etc/network/interfaces unless some other mechanism were more highly > recommended > - this means not relying on say the virt-manager gui In e/n/i lingua you need something like this (bridge-utils package is required): auto br0 iface br0 inet static address … netmask … bridge_ports regex vnet[0-9]+ bridge_stp off bridge_maxwait 0 Meaning that: 1) You setup a conventional Linux brigde interface which *must* include libvirt-created network interfaces only (provided they exist on upping the bridge). 2) Said bridge is configured with static IP address for simplicity. 3) The bridge has STP disabled as it's highly unlikely you'll need to connect two such bridges on two hosts. 4) Finally, there's no need to wait for slave interfaces to appear in such bridge. What you *do not* need to do when using libvirt is to muck with iptables (host-only network does not require it) or create tap/tun interfaces manually. You only need to explain each 'virtual domain' (aka 'virtual machine') that they should use br0 as a 'bridge' interface, not a 'network' one. > However, I'd also like to learn how to use the virt-manager gui to > create a single "host-only virtual network" instance for a virtual > machine (or two :) You'll need to feed libvirt XML that's similar to the following (note that 'forward' is absent), which I took directly from libvirt-daemon-system package: <network> <name>default</name> <bridge name="virbr0"/> <ip address="192.168.122.1" netmask="255.255.255.0"> <dhcp> <range start="192.168.122.2" end="192.168.122.254"/> </dhcp> </ip> </network> Not only libvirt will create a bridge called virbr0, but it also will start dnsmasq on it (to serve DNS and DHCP requests) and it will throw in some iptables rules on the top of heap. While I can easily write how to feed such XML to libvirt by virsh, I'm feeling difficulty to describe which buttons should be pressed in virt-manager to achieve the same result ☺. It should be straightforward and userfriendly, at least that's what upstream is promising us. > Here are the examples/ snippets I've gleaned in the last few months: > > ## temporary ssh vpn: > iface tun0 inet static > … Unsuitable for host-only network, neat idea though > # Simple case; man bridge-utils-interfaces(5) > # Bridge interface to make VMs bridge to specific networks > auto br0 > iface br0 inet dhcp > … See above. > # Not so simple; virtual switch with host as gateway > # See http://debian-handbook.info/browse/stable/sect.virtualization.html > # Virtual interface > auto tap0 > iface tap0 inet manual > vde2-switch -t tap0 > … libvirt did not support vde2 last time I checked. > # Bridge for containers > auto br0 > iface br0 inet static > bridge-ports tap0 > address 10.0.0.1 > netmask 255.255.255.0 > … Almost hit it, but libvirt likes to call network interfaces 'vnet' not 'tap'. > # See http://wiki.debian.org/QEMU#Host_and_guests_on_same_network > auto br0 > iface br0 inet dhcp > pre-up ip tuntap add dev tap0 mode tap user <username> > … Neat, but redundant with libvirt. > # qemu/kvm host only or private/ internal network: > # - it's a form of "bridge" network - apt-get install bridge-utils > # - ho0 is the (random) name chosen for this bridge device, > # e.g. "hostonly0" might be a better memory jog > # - 10.13.13.1 is the (random) host address for this network > auto ho0 > iface ho0 inet static > address 10.13.13.1 > netmask 255.255.255.0 > pre-up brctl addbr ho0 > post-down brctl delbr ho0 Ditto. Reco