I’m running tumbleweed, installed last week, and wanted to try kvm. I read the docs that showed the easiest way to install kvm was to use yast and so I did and selected the kvm and it’s tools in the vert section. Kvm asked me to setup a bridge and I said yes but I don’t think it’s installed. I don’t see any br0 interfaces only vibr and vnet interfaces on the host. I installed a debian vm to see if nat would work and it does but I really need to have the ability to bridge the vm to my wifi laptop adapter so the vm can pull a local lan address and be on the local lan like the other computers. The brctl command isn’t installed so I don’t think yast installed it, I found the following doc but when I try to follow the instructions of using yast to activate bridging by network settings and the overview section I get the following error.
“Network is currently handled by NetworkManager
or completely disabled. YaST is unable to configure some options.”
I’m on a laptop and use network manager to connect to the wifi. Is there a way to install a bridge so I can connect my vm/s to the local lan so it can pull a address and join. In vmware it’s easy to select a bridge network and bind it to the adapter.
Here is the doc I was trying to use. I really thought that installing kvm via yast in the virt section wold install the bridge.
That is impossible in general. WiFi adapter authenticates to AP with its MAC address; your VM will have different MAC address so any packet from it will appear unauthenticated to AP. And bridge by definition does not change MAC.
Let’s pull your post apart to clarify some things and provide some answers…
Before discussing anything, I’d suggest you run the following command which will display all your interfaces, it’s a quick check to identify the names of any interface installed including the network bridge devices… like br0 and virbr0. If you’re not sure what you’re seeing, post it with your questions, I doubt there is anything in there that should threaten your system if publicly known.
ip addr
Speaking of which, let’s straighten out some confusing terminology since the label “bridge” will be used a couple of different ways… Linux Bridge Device aka Bridge Device aka** Network Bridge Device**
A networking object that shims the network connection between the Guest VM and the network interface on the HostOS. Bridge Device aka** Bridging Device**
A device that’s invisible to the network, normally but not always has the same NetworkID on all interfaces which distinguishes it from a router (where each interface usually has a different NetworkID).
And, for a little bit more confusion, “bridge” and “bridging” might be used interchangeably for any of the above.
Sometimes the only way to really understand what is described is to listen extremely carefully at how the device is named and how it’s used.
If you understand the above, then you can start to understand that
A Bridge Device might be configured with a** Bridge** configuration.
A Bridge Device might be configured with a **NAT **configuration
A Bridge Device might be configured with a Host-only network configuration.
I agree with @arvidjaar that even when you were running VMware that you used a bridging bridge device over your Wifi connection… unless you had security turned entirely off and was running an open hotspot.
The most common configuration is to use a NAT bridge device,
It’s probably the most versatile bridge device that hardly ever requires any attention after it’s configured no matter the Host’s network connection… which might be WiFi, Wireless carrier, wired ethernet, direct to the Internet, proxied, filtered, etc.
I recommend that unless you want to connect to your Guest from another machine, you always set up a NAT configuration.
Now, regarding your post…
As I described earlier, you can run the following on your Linux host which will tell you for sure whether you have bridge devices set up like br0 (which is the general label convention) or virbr0 (which is the convention used by any bridge devices created by libvirt). Although some documentation suggests libvirt might create a vnet interface I’ve never seen it. AFAIK vnet is the label for “virtual network” which is the address space associated with the specified bridge device.
As I suggested, most people typically use a NAT bridge device so that the Guest gets its IP address automatically in a separate network from the HostOS, so will work regardless whether there is a working DHCP on the real, physical network or not.
The only reason to try to set up a Guest with a bridging bridge device is to allow remote machines to initiate a network connection to your Guest. If you really need to make this work over a wireless connection, you might try setting up a tap interface… I haven’t set this up for a very long time, and is rarely configured today by anyone. One place this is still described is buried in the deprecated section of the following KVM documentation https://www.linux-kvm.org/page/Networking
You’re using old LEAP 42.1 documentation when brctl was the standard tool to configure bridge devices.
Nowadays the following command is supposed to be used instead
ip link
This part of the YaST network configuration isn’t active or used when using Network Manager.
Network Manager is the preferred way to manage your networking because it remembers configuration settings as you move around from wireless network to wireless network.
If you only set up on one wireless network permanently or don’t mind manually setting up your network every time you move to a new network, you can change from Network Manager to Wicked (It’s the leftmost tab “Global” when you first open YaST network settings. When in Wicked mode, everything in YaST network settings becomes active but the bridge section should generally be ignored except to create and manage the bridge networking object…
You should use libvirt vm manager or kvm or qemu commands only to configure how the Guest selects and uses a bridge networking device.
If you installed KVM using the YaST Virtualization install module, you would have installed libvirt’s vm manager.
Although the navigation is a bit clunky compared to VMware, almost all the parts are the same… You can create a new virtual network and in the process create a bridge device to access that virtual network.
And, from the Guest’s properties you can configure networking properties to use a particular bridge device to access that network.
Keep in mind,
You can create network bridge devices by almost any method using any application… Using YaST, vm manager, command line, another virtualization technology, etc. Network bridge devices are very standard devices so no matter how it was created by whatever, if a VM can see it, it can be used.
Thanks for the in depth reply, it’s appreciated. I’m familiar with the brctl commands and the newer ip commands to build bridges. The brctl way makes the bridge but will not assign the wifi interface as it’s peer or slave. The ip way of doing it will build the same bridge but gives an error that it can’t enslave the interface when trying to add the wifi interface. Anyways, I want the guest to be on the same LAN as my host and the other machines so I can ssh or rdesktop whatever easy. Vmware and VB made this easy, just select in the drop down menu for the virtual machine interface that you want it bridged to another interface on the host of which you can select the wifi adapter and it just works. The guest boots us and pulls a dhcp address on my lan like all other servers and act no different network wise than anything else on the lan…no nat or pat or whatever is needed. That’s what I’m trying to achieve in kvm and virt manager. I did some research last night and saw a person say they used something called parprouted on debian and which is a arp bridge you can then assign another interface to and it worked for his wifi to do what I want but the application isn’t available for suse it appears.
Hi
Since your using Network Manager, you need to look at nmcli command, there are good examples in the (dare I say) man pages look at man nmcli-examples (Example 10 deals with a bridge).
Yes, I did that to. The main issue is that you can’t enslave a wifi interface. There seems to be some people that use 4addr to achieve this but I don’t think my AP supports this. What most people have done from old threads is use parprouted which is a arp proxy but that’s no longer in the repo since it’s so old and unmaintained. I’m going to try using ebtables and mac nats. I’m just still shocked that both vmware and VB do this so easy but it seems next to impossible with kvm and linux.
That’s apples and oranges. You need to a) make decision where to forward packets and b) actually configure system to perform forwarding. ebtables answer the second part. Alternative is to use L3 routing directly to interface. But whatever is used to implement b) you still need to decide to which packets it applies. That cannot be done using ebtables alone (it does not implement anything similar to masquerading in iptables).
Modern equivalent of parprouted should probably use nfnetlink_queue and iptables rule to forward ARP requests/replies from internal bridge ports to NFQUEUE target. It would learn IP/MAC relation from these ARP and then install ebtables rules to replace destination MAC in unicast frames targeted to this IP coming from external interface so that they are forwarded by bridge normally. Additionally it will need permanent arpreply and snat to external MAC targets on external interface.
It may be possible to mangle DHCP packets as well, but using DHCP relay is probably more simple.
The bridge device that’s created by YaST Virtualization Installation module isn’t bound to any particular interface, it should work with “all” interfaces.
If you’re invoking by command line, you’ll have to post what command you’re using… There are the libvirt virsh commands, there are the kvm commands and there are the qemu commands.