How to setup port forwading in KVM natively?

Question

I using Virsh to manage virtual machines using KVM. Have a main host and virtual machine with http service (port 80). How to setup the port forwading to expose http service to internet without using firewalls such as iptables, firewalld or route?

Actualy i using iptables, is very hard to manage all connections type.

I can setup rules into KVM to redirect http traffic between main host and virtual machine?, by example in VirtualBox have a port forwading option in network configuration, say host ip, host port, virtual ip, virtual port and listen port in main host as localhost (0.0.0.0).

Howto made this in KVM?

I try edit the XML using native port forwading with qemu artguments but does not work:

# virsh edit demo
  > <domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
  >  <name>...
  > ...
  >   <qemu:commandline>
  >     <qemu:arg value='-redir'/>
  >     <qemu:arg value='tcp:80::80'/>
  >   </qemu:commandline>
  > </domain>
# virsh start demo
# ps -aux | grep qemu
root     30119 58.8  2.9 3421616 330084 ?      Sl   15:38   0:07 qemu-system-x86_64 -enable-kvm -name demo -S -machine pc-i440fx-xenial,accel=kvm,usb=off -cpu Haswell -m 2048 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1 -uuid c996f3b2-5e16-470f-9ad6-e591fc9a2537 -nographic -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-demo/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=discard -no-hpet -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x4.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x4 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x4.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x4.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x3 -drive file=/var/kvm/images/demo.img,format=qcow2,if=none,id=drive-virtio-disk0 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=26,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:43:ed:8d,bus=pci.0,addr=0x2 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-demo/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -device usb-tablet,id=input0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6 -redir tcp:80::80 -msg timestamp=on

Now, open from host http://192.168.123.91/ works fine, but http://127.0.0.1/ not connect, but the qemu command says -redir tcp:80::80.

What did I do wrong?

score 0 · Answer 1 · answered Jul 26 '17 at 10:14

0

what is your interface type? for port forwarding to work as per the qemu man page interface type has to be user. like <interface type="user">

answered Jul 26 '17 at 10:14

redoc

255
3
16

How to setup port forwading in KVM natively?

1 Answers1