Re: [gentoo-user] *draft* for setting up network bridge with systemd (for qemu/kvm)

Tue, 29 Jan 2013 08:32:41 -0800 

Am 28.01.2013 22:49, schrieb Stefan G. Weichinger:

>>> ps: my bigger hurdle will be the bridging-setup for running
>>> KVM-virtualization. This was one of the reasons to go back to openrc
>>> back then.
>>
>> I have no experience with that, but if it works in OpenRC it should
>> work in systemd. Probably better, even.
> 
> I don't think it won't work, I just wonder how to do it in the right and
> most efficient way. I will think about that later/tomorrow maybe,
> already late here ...

I have a *draft* here for bridge.service ... I used the init.d-script
from here as a template:

http://en.gentoo-wiki.com/wiki/KVM#Script_to_ease_the_configuration

(I used a variation of that as /etc/init.d/kvm for long now)

My service-file reads variables from a separated configfile:

# cat /etc/conf.d/network_systemd
interface=eth0
address=172.32.99.12
netmask=255.255.255.0
broadcast=172.32.99.255
gateway=172.32.99.250
bridge_name=br0
tap_name=qtap0
user=sgw


and it currently looks like this:

# cat /etc/systemd/system/bridge.service
[Unit]
Description=network bridge for KVM
After=network.target

[Service]
Type=oneshot
RemainAfterExit=yes

EnvironmentFile=/etc/conf.d/network_systemd

ExecStart=/sbin/brctl addbr ${bridge_name}
ExecStart=/usr/bin/tunctl -b -u ${user} -t ${tap_name}
ExecStart=/bin/ifconfig ${bridge_name} ${address} netmask ${netmask} up
ExecStart=/bin/ifconfig ${interface} up
ExecStart=/bin/ifconfig ${tap_name} up 0.0.0.0 promisc
ExecStart=/sbin/brctl addif ${bridge_name} ${tap_name} ${interface}
ExecStart=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=1
ExecStart=iptables -t nat -A POSTROUTING -o ${interface} -j MASQUERADE
ExecStart=/bin/ip route add default via ${gateway}

ExecStop=/bin/ip route del default via ${gateway}
ExecStop=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=0
ExecStop=/bin/ifconfig ${tap_name} down
ExecStop=/sbin/brctl delif ${bridge_name} ${tap_name}
ExecStop=/usr/bin/tunctl -d ${tap_name}
ExecStop=/bin/ifconfig ${bridge_name} down
ExecStop=/bin/ifconfig ${interface} down
ExecStop=/sbin/brctl delbr ${bridge_name}
ExecStop=iptables -t nat -D POSTROUTING -o ${interface} -j MASQUERADE

[Install]
WantedBy=multi-user.target

----------

I disabled network.service and enabled bridge.service, works fine so
far, I already tested connectivity from KVM-VMs.

I am sure that this quite fresh and bloody, suggestions welcome as
always ...

Stefan

Reply via email to