0

Today i just ran into a problem i just wanted to ask a question to all of you

I have just install kvm in my system and i have some how managed to get a node installed and working in the system Now what i want is i want to host a server in the node

I have access to the KVM host server with its public ip (eth0) The only interface

Not i have a public ip to give to the node but i am not understanding how to do it

Every time i make a bridge connection between eth0 and new br0 interface it fails and i lost my connection

So how can i acess my kvm node from outside world any tips i am very new TO KVM so plz do help me with the steps about how to link what network

sanjib
  • 63
  • 7

2 Answers2

1

Don't bridge your eth0. Leave its IP address and configuration as it is. Instead, make your host a router for your VMs.

Let's assume that network on your host works and it is able to access an Internet.

You have to create a "pure virtual" bridge, which won't have any member assigned at first. Let's call the bridge br0:

ip link add name br0 type bridge
ip link set br0 up

Nevertheless, that bridge must have some "internal" address, I presume, from the IANA private space. Let it be 192.168.95.1/24:

ip address add 192.168.95.1/24 dev br0

Now, you configure a masquerading NAT on your box and enable ip forwarding:

sysctl net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.95.0/24 -j MASQUERADE

All your VM's vNICs must be put into the bridge br0. You'll give them IP addresses from 192.168.95.2÷254 range and specify a 192.168.95.1 as the default gateway. You may use any public DNS service, for example, Google's 8.8.8.8 and 8.8.4.4 for simplicity. If you want, you may set up a DHCP and DNS servers for your VMs, for example, using dnsmasq (which is designed specifically for such cases).

Essentially, you are creating a simple "NAT" router, which will have a eth0 interface as the WAN side and br0 inteface as the LAN side.

Nikita Kipriyanov
  • 10,947
  • 2
  • 24
  • 45
  • Hello, Basically What i want is i have a public ip to give to the kvm node i want to give the kvm host a public ip and want to make it accessible from the internet for anyone hope you understand my answer so the scenario is i can access the KVM host server where KVM is installed with a public ip int it now i want to give a public ip to the kvm node and want to aceess it any idea how can i do that .... Thanks .... – sanjib Feb 17 '21 at 04:10
  • This is exactly what you get with this answer. – Nikita Kipriyanov Feb 17 '21 at 07:16
  • Hey thank for the answer what the scenarion is is that i have an publi ip 110.90.11.101 do i have to assign it to the bridge network As per your answer you have attached a ip to the bridge interface and what about the dns gateway and all plz clarify once all the process if possible Is the task only to change this ip 192.168.95.1/24 to my public ip in my server.. Thanks – sanjib Feb 17 '21 at 07:22
  • The process described as if you start with clean network configuration on the server, when it has working access to the Internet. It is described in detail; I don't use CentOS so can't suggest a detailed network configs, sorry, please adapt it yourself. // Also note, on ServerFault we expect from users that they have at least a basic knowledge of technologies and a little familiarity with systems they are going to deploy and manage. Please, educate yourself at least up to the level when you are able to understand and follow instructions like above before asking further questions. – Nikita Kipriyanov Feb 17 '21 at 07:55
  • Basically i am understanding what you are saying but the issue here is i am in an ssh connection and dif i fail anything i will be ddisconnected so i wanted to make sure i am right and wont loose connection again which may cost me a long time as the maintainance of network takes a long time from the office ............................. THANKS – sanjib Feb 17 '21 at 08:01
  • You won't lose your connection. The process doesn't do anything with pre-existing connection, it creates additional virtual interface and shares that pre-existing connection via NAT. – Nikita Kipriyanov Feb 17 '21 at 09:13
  • Thanks @Nikita.........Is this method persistent or will the bridge interface survive a reboot in guess ip command is not for permanent use ??? – sanjib Feb 17 '21 at 10:00
  • No, this is not persistent. I don't know modern CentOS well enough to suggest how to do this persistently. – Nikita Kipriyanov Feb 17 '21 at 11:42
1

If you want your node to share a public IP address with host (i.e. NAT), then @Nikita's answer applies.

However, if you want the node to access the same subnet as the host with a separate IP address, then you need to bridge the real interface eth0 and connect both the host and the node to the network through the bridge.

If you only have one network interface, making a change like this remotely is risky. If the server is hosted at a datacenter, ther eis often a remote hands service available to help you make changes like this.

1. bridge the physical port

edit your current configuration (/etc/sysconfig/network-scripts/ifcfg-eth0) to remove any IP address configuration and add:

BRIDGE=br0

2. Assign

Create a new configuration for your virtual bridge (/etc/sysconfig/network-scripts/ifcfg-br0).

DEVICE=br0
TYPE=Bridge
IPADDR=xxx.xxx.xxx.xxx
NETMASK=xxx.xxx.xxx.xxx
GATEWAY=xxx.xxx.xxx.xxx
ONBOOT=yes
BOOTPROTO=none
NM_CONTROLLED=no
DELAY=0

3. Apply Changes

With changes like this, restarting the host is the most reliable way to apply the changes.

Once restarted, you should see your bridge in brctl show.

Remote Changes

Network changes like this are best done in person. If you make an error in the configuration, you will need physical access to fix it.

In the past, I have written a watchdog script to help me make risky network changes remotely. When enabled, it polled an upstream server to detect network connectivity and, if the network was unavailable, it would revert to the last good network configuration.