Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Virtual Networking -some Basics - All OS

  1. #1
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,764
    Blog Entries
    2

    Lightbulb Virtual Networking -some Basics - All OS

    I am posting this as a completely new thread although it's written as a continuation of a couple recent other threads titled "Bridging is broken on virt-manager" and "Beginning with KVM" because this topic about virtualization networking is an independent topic and although this is written mainly for libvirt KVM/Xen/LXC Users, is almost completely applicable to Users of VBox, VMware, Hyper-V and many other virtualization technologies as well.

    *********************************


    As I mentioned in one of my links to my earlier criticisms of the current community openSUSE virtualization documentation, this is one of the areas which IMO was lacking. And, most current SLES documentation which describes virtual networking is rather brief and generally not complete... something that might be helpful for someone with prior experience with other virtualization but not likely enough for someone brand new. The following is all off the top of my head and is not double-checked against other sources for accuracy, so as usual "Use at your own Risk" and maybe people will submit succeeding posts that will correct, clarify or ask for more about what follows.


    Let me first fill in some gaps in the KVM reference(https://www.linux-kvm.org/page/Networking) since it's the only one mentioned in a post in this thread up to this point.
    The reference describes several types of networking, but doesn't do so in simple, common terms that people might recognize.


    First is SLIRP.
    Although listed first, it's not often used.
    This is the primary means of configuring networking if you were running User Mode Linux (UML). For those who want to explore basics, I encourage looking into this. It's very simple to set up and execute, but I probably wouldn't run it for more than educational purposes... You don't need to install anything new, but you may want to download a kernel you want to use for your "machine."
    http://user-mode-linux.sourceforge.net/


    The Private Virtual Bridge and Public Virtual Bridge
    These are used in probably over 99% of all virtualization technologies granting Guests networking functionality. The "Private Virtual Bridge" is probably more easily recognized as "Host Only" networking in VBox, VMware and Hyper-V. The "Public Virtual Bridge" can be configured a number of ways, as bridging(The traditional definition where the supported ip network is the same as the existing interface) and NAT (possible variations included). Note the warning about the Public Virtual Bridge and wireless interfaces in the KVM documentation! That is where the MacVtap can be implemented instead.


    VDE
    Is a relatively new type of virtual networking.
    But since today the above "virtual networking bridge" aka Linux Bridge Devices aks ?? (you might find this described many ways in different documentation) is almost always used, VDE should not be important unless you have a special need.


    An additional useful general concept is that you can usually recognize and determine the origin of networking devices you're displaying or connecting to by its name... Note that no matter how a virtual networking bridge device is name and by what it was created, it's the <same thing>


    Physical Devices - Names like eth0, wlan0, eppl0
    Bridging Devices created by YaST, brctl, other standard tools - Names like br0, br2
    Bridging Devices created by libvirt - Names like virbr0, virbr2
    Bridging Devices created by VMware - Names like VMnet0, VMnet2
    Bridging Devices created by VBox - Unknown, on my personal machine VBox looks like it's running virtual networking bridge devices supporting IPv4 networking on top of HostOS Ipv6 interfaces


    OK...
    Now that the above has been gotten out of the way, for those who are experienced virtualization Users with experience in other technologies should have a leg up on understanding what is typically configured and might be able to just open vm manager, create a virtual network and recognize familiar stuff without needing more explanation.


    For the newbies and people who haven't paid any attention to virtual networks and virtualization bridge devices, read on. The following might serve as a first draft for something with more thought later on...


    ***************
    The Network Bridge Device (aka virtualization bridge device, bridge device, etc)
    Goes by many names, but is the way you set up networking in practically every known type of virtualization and isolation on top of every major OS including Windows and Unix. Notable exceptions are UML and Docker although I suspect that those can also be configured this way if you dig beyond the standard documentation.


    Although to the new User this might seem like an extra complication, it's actually not because it solves a number of problems and gives you powerful options compared to accessing the network interface directly (which you would do if you configured SLIRP or MacVtap).


    And, it should be recognized that libvirt like practically everywhere else will automatically set up and manage your Guests configured to use virtual networks that implement the described virtual networking bridge devices.


    Network bridge devices should not be confused with configuring a network interface in bridging mode...
    - A Network bridge device is a networking component that stands on its own and is bound to at least one networking interface.
    . A network bridging mode configuration is not a separate component, it's a standard configuration of a network interface (which can be physical or virtual) which results in the device or machine becomes invisible on the network. So, for instance a multi-homed machine's network interfaces connecting to two differnt physical networks in which the NetworkID is the same, so the machine is acting as a "network bridge" instead of a router which would require the networks to have different NetworkIDs. In the case of virtual bridge devices, this would mean that the virtual machine is seen and communicates with other remote machines like any ordinary physical or non-physical machine on the network.


    Common ways a network bridge device is configured
    As a completely separate and independent component, it can optionally define an entire virtual network internally, and possibly provide network services like DHCP to that virtual network without having to install and configure a full blown DHCP server.
    Typical and common configurations include
    Bridging - Seen and communicates on the regular physical network with physical and virtual machines both on the same HostOS and remotes on other physical machines.
    Host-Only- A virtual network in which only virtual machines on the same physical machine can communicate with each other.
    NAT - A private network. Essentially similar to a Host-Only network but with a defined DG to access the physical network. Optionally, DHCP services can be provided to the virtual network.


    When a network bridge device is bound to the network interface, depending on how it's created and configured, the HostOS may lose access to the physical interface. The simple solution in this case is to re-configure the Host to use a bridging device configured for network bridging functionality (The typical default configuration for br0).


    Creating a virtual network bridging device
    Libvirt
    This is the best way to do this, because unlike others you are walked through a graphical "wizard" of configuration steps to complete your task. There are very few ways you can make a mistake doing this and there is almost no way to create a conflicting device.


    YaST
    Just create a new device, specifying a "bridge" type.
    If you're trying to replicate the bridge device normally set up when using YaST to install virtualization, configure it as a DHCP client.
    Do not remove the physical interface as recommended in a prior post in this thread...


    brctl
    Sorry, I don't generally do this... Maybe if I was on some other distro than openSUSE, but one of the nice things about using openSUSE is that we can ignore a lot of things that are required. I do run brctl often to display bridge device information though and recommend Users become familiar with this use.


    Configuring Networking for a new Install
    When running virt-install which is part of libvirt, on the last screen before the install configuration ends, you will be presented with a dropdown populated with choices for any virtual networks that are available(ie configured virtual networking bridge devices), MacVtap or custom other...


    If you configured your virtual networking first, you'll have more options so I highly recommend reviewing your existing virtual networks before you create your first VM, and if necessary create any new networks you may need.


    But, there is no requirement for creating virtual networks first.
    It's easy to switch virtual networks later and can even be done while the Guest is running.





    HTH and as stated in the beginning...
    Corrections and suggested rewording, and questions about what is described in this post is welcomed and requested.


    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,764
    Blog Entries
    2

    Default Re: Virtual Networking -some Basics - All OS

    A loose end not mentioned in the original document which might clarify for some...

    A major reason for defining a virtual network is to enable and support multiple virtualized Guests with their own IP addresses communicating with each other.

    I don't know if something similar can be configured easily on a physical interface without a virtual networking bridge device, but even if it might be possible would have to be plenty messy with all sorts of network addresses and networks defined on that one interface. Enabling all your Guests communicating through a common virtual networking interface is much neater, where all your virtual networking configuration and functionality is separated from your physical networking.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  3. #3

    Default Re: Virtual Networking -some Basics - All OS

    Quote Originally Posted by tsu2 View Post
    YaST
    Just create a new device, specifying a "bridge" type.
    If you're trying to replicate the bridge device normally set up when using YaST to install virtualization, configure it as a DHCP client.
    Do not remove the physical interface as recommended in a prior post in this thread...
    I think this is my case. Just like you suggested in one of my previous threads, I started by installing KVM server by using Yast. When Yast finished downloading and installing the packages it asked if I wanted to setup a bridging device, for which I answered "yes". Out of my 2 physical devices, all the entire time eth0 has been on and being used -obviously-, while wlan0 totally unused ever since openSUSE installation.

    But, if Yast really configured the bridge device, and in this case you suggest not to disable eth0 -and clearly I have never done-, why is it that virt-installer's last step, in network, cannot see the bridge device? It is not being listed...

  4. #4
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,764
    Blog Entries
    2

    Default Re: Virtual Networking -some Basics - All OS

    Quote Originally Posted by F_style View Post
    I think this is my case. Just like you suggested in one of my previous threads, I started by installing KVM server by using Yast. When Yast finished downloading and installing the packages it asked if I wanted to setup a bridging device, for which I answered "yes". Out of my 2 physical devices, all the entire time eth0 has been on and being used -obviously-, while wlan0 totally unused ever since openSUSE installation.

    But, if Yast really configured the bridge device, and in this case you suggest not to disable eth0 -and clearly I have never done-, why is it that virt-installer's last step, in network, cannot see the bridge device? It is not being listed...
    Run the following command that displays all bridge devices that exist on your machine
    Code:
    brctl show
    If it exists, then it's something to investigate.
    If br0 doesn't exist, then no big deal.
    Just create a new bridging device (I recommend creating a virbr0 device using vm-manager to create the device).

    However you create your bridging device, it will then show up when you create a Guest.
    If you already have a Guest created, then you can configure the Guest Properties to use the bridging device.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  5. #5
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    29,698
    Blog Entries
    15

    Default Re: Virtual Networking -some Basics - All OS

    On Mon 21 Aug 2017 01:36:01 AM CDT, F style wrote:

    tsu2;2835000 Wrote:
    > *YaST*
    > Just create a new device, specifying a "bridge" type.
    > If you're trying to replicate the bridge device normally set up when
    > using YaST to install virtualization, configure it as a DHCP client.
    > Do not remove the physical interface as recommended in a prior post in
    > this thread...

    I think this is my case. Just like you suggested in one of my previous
    threads, I started by installing KVM server by using Yast. When Yast
    finished downloading and installing the packages it asked if I wanted to
    setup a bridging device, for which I answered "yes". Out of my 2
    physical devices, all the entire time eth0 has been on and being used
    -obviously-, while wlan0 totally unused ever since openSUSE
    installation.

    But, if Yast really configured the bridge device, and in this case you
    suggest not to disable eth0 -and clearly I have never done-, why is it
    that virt-installer's last step, in network, cannot see the bridge
    device? It is not being listed...


    Hi
    So I guess the question that hasn't been asked, is you are using wicked
    and not NetworkManager?

    --
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    openSUSE Leap 42.2|GNOME 3.20.2|4.4.79-18.26-default
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!


  6. #6

    Default Re: Virtual Networking -some Basics - All OS

    Is a virbr device only created from virt-manager, or can it be created directly from virt-installer as well (i.e., while creating the virtual machine)?

  7. #7
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    29,698
    Blog Entries
    15

    Default Re: Virtual Networking -some Basics - All OS

    Quote Originally Posted by F_style View Post
    Is a virbr device only created from virt-manager, or can it be created directly from virt-installer as well (i.e., while creating the virtual machine)?
    Hi
    During the VM install..... it's forwarded to the bridge (br0)

    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  8. #8
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,764
    Blog Entries
    2

    Default Re: Virtual Networking -some Basics - All OS

    Quote Originally Posted by malcolmlewis View Post
    Hi
    During the VM install..... it's forwarded to the bridge (br0)

    No, this is an incorrect configuration.
    To avoid messy setups, don't configure a bridge device to forward to another bridge device without good reason, it should be "bound' to a physical interface like eth0 or wlan0.

    So, in this case if br0 is bound to eth0, then virbr0 should have been configured to bind directly to eth0.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  9. #9
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,764
    Blog Entries
    2

    Default Re: Virtual Networking -some Basics - All OS

    Adding an important tip...

    Generally bridging devices created by any other method than using libvirt (vm manager) are basic, and once created you really don't know what is in the bridging device except by opening up its configuration file for inspection.

    On the other hand, any bridging devices created by libvrit (vm manager) can always be inspected later in vm-manager,
    So, is another good reason to use vm manager to create your bridging devices.

    On this topic,
    Answering a question posted elsewhere, it <does not matter> what created these bridging devices, they are and can be used by any virtualization once created. This is because once created, they are system networking objects and therefor become available to any application running on the system.

    For example, in the past I've had KVM, VMware and Virtualbox installed on the same system.
    I've used the same br0 with all of them.
    Although VMware isn't normally managed by libvirt, I've configured VMware guests to use vmnet bridge objects.
    And, I've configured KVM guests to use VMware created vmnet objects.
    (If anyone tries this kind of stuff, remember you should never run multiple virtualization apps simultaneously. Stop all before starting one).

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  10. #10

    Default Re: Virtual Networking -some Basics - All OS

    Had to -shamefully- ask a pal to briefly borrow his openSUSE box, while I broght an old Linux liveCD, because doubts and stress arouse after re-reading all the related threads...

    I sent Yast and Wicked totally to !"#$ off. I realized a bridge can be created just from Settings, the Network option (guess these options are network manager's anyway...). But I preferred the pure virt-manager way, as tsu2 always advises.

    I reviewed this article.

    It says "libvirt ships with NAT virtual networking working out of the box, one can see the bridge already existent". Except that on openSUSE this is not true. Installing KVM through Yast or zypper does not explicitly create "virbrx" devices, only the Yast's d**n br0 and br1 if one accepts.

    So one has to create the bridge (the "virtual network"?) from virt-manager. I realized I got the "Error: network is already in use by eth0" at the end of wizard if I specified the same network address as the one being used by eth0 itself. So if eth0 is in 192.168.5.0/24 I must set a different one, say 192.168.6.0/24. This way I no longer had problems with wizard, even leaving "nat forwarding" to "any physical device".

    This created 2 devices instead of one! Being them virbr0 and virbr0-nic. Output of brctl looks like
    Code:
    # brctl show
    bridge name ----- bridge id ---------- STP enabled ------ interfaces
    virbr0 -------- 8000.000000000000 ---- yes ------------- virbr0-nic
    Nevertheless in guest's settings I set its network source to the newly created "virtual network" (shouldn't it be a *bridge*!?)
    Decided to give it a try by using the Linux liveCD for the guest. Booted, started, and tried pinging. It was unexpected: guest had internet access and was able to ping openSUSE host itself and any PC in the physical LAN. As well, host and any PC in LAN was able to ping virtual guest. All even when guest in in different network!

    BTW, when guest was up brctl looked like
    Code:
    # brctl show
    bridge name ----- bridge id ---------- STP enabled ------ interfaces
    virbr0 -------- 8000.000000000000 ---- yes ------------- virbr0-nic
    -----------------------------------------------------------vnet0
    Mr tsu2 mentioned to ask if after testing some more I still didn't understand things.

    WTH with these 2 virbr0 devices? Why still 2 anyways?

    How is this "virtual NAT" thing or whatever actually working? Is it "routing" or the like? Only concept about NAT I have is the one "opening ports" in physical routers.

    When configuring the bridge in virt-manager I left NAT forward to "any physical device". Is it actually taking any *working* physical device that it detects, or what?

    How do I disable STP for the bridge? I already read very well about it and I really don't want it. I could not find any option within virt-manager to disable it...

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •