KVM Bridge Network

Bridge Network KB ID 0001891

Problem

Not sure why KVM does not come preconfigured for this out of the box, and it took me a very long time to work out how to do this. But if you want your KVM VMs to behave as if they are on your production LAN (rather than the default of setting up DHCP and NAT). The default is fine but if you want to access your VMs from outside the host you need to setup bridged networking.

Bridged Networking KVM

In my example I want my VMs to get an IP address from my DHCP server.

Solution : Bridge Network

Currently you probably have an IP address on the host itself (192.168.100.20) the process is to create a network bridge, Move the IP address from your network interface so that it is now ON THE BRIDGE, add the network interface to the bridge, then finally move the VMs onto the bridge.

The following commands with display your current virtual networks, and current bridges, then we will create a new bridge (br0), and finally make sure that new switch is listed.

virsh net-list --all
brctl show
sudo brctl addbr br0
brctl show

KVM Create new Bridge

We need to change the IP address location so edit your current netplan.

ls /etc/netplan
TAKE NOTE OF THE NAME
sudoedit /etc/netplan/{name-of-netplan-file}.yaml

Edit Netplan

Edit Netplan

Example (Note: you will need to enter YOUR details and your interface mat have a different name e.g. eth0)

network:
  version: 2
  renderer: networkd

  ethernets:
    ens33:
      dhcp4: false 
      dhcp6: false 

  bridges:
    br0:
      interfaces: [ens33]
      addresses: [192.168.100.20/24]
      routes:
      - to: default
        via: 192.168.100.1
        metric: 100
        on-link: true
      mtu: 1500
      nameservers:
        addresses: [192.168.100.10,192.168.100.3]
      parameters:
        stp: true
        forward-delay: 4
      dhcp4: no
      dhcp6: no

Save and exit the file.

Edit Netplan

Now we need to exempt traffic going through the bridge from being sent though the netfilter (i.e. for iptables inspection).

sudoedit /etc/sysctl.d/bridge.conf

KVM Edit Bridge conf

Paste in the following text, then save and exit.

net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-iptables=0
net.bridge.bridge-nf-call-arptables=0

KVM Edit Bridge conf

Those settings would be lost in a reboot, to make them permanent.

sudoedit /etc/udev/rules.d/99-bridge.rules

KVM Edit Bridge Rules

Paste in the following, then save and exit.

ACTION=="add", SUBSYSTEM=="module", KERNEL=="br_netfilter", \ 
RUN+="/sbin/sysctl -p /etc/sysctl.d/bridge.conf"

KVM Edit Bridge Rules

Now we will delete and undefine the built in default network.

virsh net-list --all
virsh net-destroy default
virsh net-undefine default
virsh net-list --all

KVM Remove Default Network

Now before we apply the netplan we created earlier take a look, our IP address is currently on interface ens33 when we have finished it will move to the br0 network.

ip addr
sudo netplan apply

KVM Apply netplan

Now check again, and ensure the bridge now has the IP address.

ip addr

KVM IP Added to Bridge

We are now going to define the bridge, sudoedit won’t work in the home directory so I’m using vi instead.

vi host-bridge.xml

Text

KVM Define Bridge

Paste in the following, then save and exit (Esc > wq!)

<network>
  <name>host-bridge</name>
  <forward mode="bridge"/>
  <bridge name="br0"/>
</network>

KVM Define Bridge

From the file we just created, we will define the new bridge network, start the network, then set it to autostart with the host, then finally we make sure its defined and listed.

virsh net-define host-bridge.xml
virsh net-start host-bridge
virsh net-autostart host-bridge
virsh net-list --all

KVM Bring Bridge up and autostart

Connecting VMs to the Bridge Network

List the registered VMs, then edit the VM you want to change.

virsh list all
virsh edit {VM-Machine-Name}

KVM Add VM to Bridge

Locate the source network= section and change it from default .

KVM Add VM to Bridge

To host-bridge then save and exit the file.

KVM Add VM to Bridge

I manage my VMs with Cockpit, and they were working fine, but they were asking to be restarted. I did that with mixed results. (some worked others didn’t).

KVM Shut down and Restart

I had 100% success by removing the old network connections, and adding a new one like so, this was for an Ubuntu guest VM (Note: if it’s a Windows VM, use a e1000e model card instead).

KVM cockpit configure bridged networkingt

Related Articles, References, Credits, or External Links

Install Ubuntu KVM

Author: PeteLong

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *