I am trying to install KVM. I did follow many blogs and “How to” about KVM in opensuse. The last kind of installation went by this link
In all installation kind after do the bridge I lost connection host and KVM VM too. At my scenario my host has a stattic IP (10.1.1.x)
I did try manually kvm install and for last one by Yast. I did try with Oracle VM and It works nice. I want use KVM because, reading about, seems it is better than Oracle VM
Besides your need to upgrade to 15.1,
You should know that of the 3 screenshots you posted,
The first and third screenshots are of br0,
But your second screenshot is of virbr0 which is very different than br0.
As always, verify your Guest properties are connected to a valid and correct bridge device,
Then depending on how your bridge device is configured you can set up your Guest accordingly.
If your bridge device is set up as bridging and you have a DHCP server on your network, then you can set up your Guest as a DHCP client.
But no matter what your bridge device is supposed to do and regardless whether you have a DHCP server available or not, you can configure manually or as a DHCP client to troubleshoot.
I switch to 15.1 new install and all did stay the same
After install KVM by Yast (yast2-vm packages and all it brakes/stops the network connection when bridge went build
I do not know what to do
serverti@linux-aghj:~> ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether a4:bf:01:58:70:c4 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether a4:bf:01:58:70:c5 brd ff:ff:ff:ff:ff:ff
6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a4:bf:01:58:70:c5 brd ff:ff:ff:ff:ff:ff
inet 10.1.1.16/24 brd 10.1.1.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::a6bf:1ff:fe58:70c5/64 scope link
valid_lft forever preferred_lft forever
serverti@linux-aghj:~>
serverti@linux-aghj:~> sudo bridge link show
3: eth1 state UP : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 19
sudo bridge fdb show
33:33:00:00:00:01 dev eth0 self permanent
84:25:19:54:0d:ff dev eth1 master br0
b4:2e:99:f2:b5:53 dev eth1 master br0
30:5a:3a:9f:77:4e dev eth1 master br0
a4:bf:01:58:70:c5 dev eth1 master br0 permanent
00:13:f7:ca:44:b9 dev eth1 master br0
38:d5:47:26:b6:9f dev eth1 master br0
3c:2a:f4:42:db:13 dev eth1 master br0
a4:bf:01:58:70:c5 dev eth1 vlan 1 master br0 permanent
fc:aa:14:fd:04:30 dev eth1 master br0
0c:c4:7a:11:1b:8f dev eth1 master br0
08:9e:01:d1:61:52 dev eth1 master br0
00:26:73:92:37:70 dev eth1 master br0
bc:5f:f4:8d:f1:9a dev eth1 master br0
a0:1d:48:74:15:9a dev eth1 master br0
18:60:24:c8:00:cd dev eth1 master br0
c8:9c:dc:4c:9f:a0 dev eth1 master br0
64:1c:67:70:0c:bd dev eth1 master br0
e0:d5:5e:f6:68:e7 dev eth1 master br0
58:10:8c:67:e3:6b dev eth1 master br0
00:24:1d:f5:83:4d dev eth1 master br0
f8:a9:63:65:29:3f dev eth1 master br0
d8:9d:67:f0:d3:62 dev eth1 master br0
00:25:11:c5:55:56 dev eth1 master br0
00:1d:92:e7:25:41 dev eth1 master br0
58:10:8c:67:e3:6a dev eth1 master br0
ec:08:6b:58:c9:af dev eth1 master br0
90:2b:34:fe:15:5c dev eth1 master br0
30:5a:3a:9f:5b:c2 dev eth1 master br0
b4:b5:2f:ff:66:1a dev eth1 master br0
84:25:19:56:81:55 dev eth1 master br0
04:92:26:48:f1:5f dev eth1 master br0
e4:1f:13:c2:8a:e4 dev eth1 master br0
2c:27:d7:10:7f:93 dev eth1 master br0
4c:ed:fb:76:14:24 dev eth1 master br0
9c:8e:99:05:f0:b2 dev eth1 master br0
c4:34:6b:17:52:cf dev eth1 master br0
00:26:73:77:09:f9 dev eth1 master br0
84:25:19:9d:35:28 dev eth1 master br0
00:26:73:27:80:cb dev eth1 master br0
00:25:22:89:9b:43 dev eth1 master br0
b4:2e:99:f2:b4:ef dev eth1 master br0
64:d1:54:e5:48:d1 dev eth1 master br0
7c:7a:91:d4:d5:64 dev eth1 master br0
01:00:5e:00:00:01 dev eth1 self permanent
33:33:00:00:00:01 dev br0 self permanent
01:00:5e:00:00:01 dev br0 self permanent
33:33:ff:58:70:c5 dev br0 self permanent
01:00:5e:00:00:fb dev br0 self permanent
33:33:00:00:00:fb dev br0 self permanent
serverti@linux-aghj:~>
OK,
Everything looks good.
Some things to note,
You have 2 ethernet ports on your machine, make sure you’re using eth1 and not eth0.
You don’t have a virbr0 configured, is this machine different than the first image you posted?
If you have some kind of problem,
Describe what issue you’re having, is it your Host machine?
Is it when you create a Guest?
If you’re creating a Guest, what is the Guest network properties setup?
If you’re configuring a Guest to use virbr0, that would be a problem because it doesn’t exist at the moment… You’ll have to either create it on the fly during the install (which I personally dislike even if it should work) or set up the virtual network beforehand in vm manager which would automatically create the associated bridge device (like virbr0). This latter procedure is my own preference, I generally avoid creating requirements on the fly, I prefer setting up all requirements beforehand so that they’re available when needed.
Everything looks good.
Some things to note,
You have 2 ethernet ports on your machine, make sure you’re using eth1 and not eth0. Yes, I am using eth1
You don’t have a virbr0 configured, is this machine different than the first image you posted?
**Yes, it is a new installation Opensuse 15.1. I still not start config virbr0 and guest because I did want to show how it stops/lost network connection after building bridge.
**
If you have some kind of problem,
Describe what issue you’re having, is it your Host machine?
Is it when you create a Guest?
If you’re creating a Guest, what is the Guest network properties setup?
Maybe, sometimes I cannot follow the right way to create the Guest or network but, I did read a lot of kind tutorials to try create them. Why after build bridge stops/lost connection? I did read again
With Oracle VM, works fine without problems. I can use static IP, and ok, works
**Now I would like to use KVM. It seems better than Oracle VM
**
If you’re configuring a Guest to use virbr0, that would be a problem because it doesn’t exist at the moment… You’ll have to either create it on the fly during the install (which I personally dislike even if it should work) or set up the virtual network beforehand in vm manager which would automatically create the associated bridge device (like virbr0). This latter procedure is my own preference, I generally avoid creating requirements on the fly, I prefer setting up all requirements beforehand so that they’re available when needed.
**
Ohhh, right
I will to keep try
[QUOTE=tsu2;2930276]OK,
I see you are describing HostOS networking without setting up a Guest.
From your Host,
Run the following
traceroute 8.8.8.8
followed by
traceroute www.google.com
Hello
serverti@linux-aghj:~> sudo traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
connect: the network is out of reach
serverti@linux-aghj:~>
serverti@linux-aghj:~> sudo traceroute www.google.com
www.google.com: unknown name or service
Cannot handle "host" cmdline arg `www.google.com' on position 1 (argc 1)
Do both work, or does either fail?
As you can see the both fail
And, if both work,
What network application are you trying to use, a web browser or something else?
At the first point I only did simple test with firefox. But, if firefox does not navigate, I think others services cannot work well at the host and guest kvm.
Or maybe switch to other distro like debian or Ubuntu BUT, I like Opensuse to server side.
Because you’ve been configured to use eth1, I’d assumed you were connecting to the network using a hard-wired connection.
Are you actually connecting to your network using WiFi some other kind of wireless or some other non-802.3 type connection?
I think that use WIFI at server side is not good way. For this server I am only using cable connection. Follow the image about server: network connection kvm - Imgur
an observation: this server is behind pfsense without no dhcp mode.
Is this can switch mode operation about kvm or not?
The above error is highly unusual and possibly a strong clue to your problem.
How is your pfsense set up to provide networking?
Are you running any special kind of authentication, possibly some kind of 802.1x where a machine like your openSUSE has to authenticate to the pfsense to have network access?
Are you configuring anything special about your ethernet connection like vlans or other network management?
A way to narrow down the issue is whether there are any other machines behind your pfsense…
If any exist, how are they configured and how are they connecting to the Internet?
If no other machines are already set up, set up another machine as generic as possible and make it connect to the Internet, then compare it with your current machine.
Our pfsense there are lan and wan configuration
Wan: Public Static IP
Lan: internal 10.1.1.0
No DHCP client at pfsense side, all machines has your IP to connect internet / service (principal place about 250 devices - printers, pcs, notebooks, wifi routers)
There are more 43 routes points for out sectors
No vlan configured
No authentication 802.1x
This opensuse server is on principal place, where I manually configure IP 10.1.1.16 (free IP to use) as you can see at post before where pictures from bridge configuration was showed.
I do not understand. When I did test with Oracle VM, it works nice - no stop/brake connection, more VMs with internal IP 10.1.1.x and working
When describing networks, always describe not only a network address but also the network mask, only by doing so can the NetworkID part of the address be known without guessing.
From what you posted, my main question at the moment is the routing you described, 43 route points? out sectors? You’ll need to describe what you mean here or use standard terminology.
I’m mainly looking for some way your clients may be authenticating to your firewall, and may be related to if you are routing clients different ways.
I posted the problem in pfsense forum.
I believe the problem its on pfsense configuration options network that not accept kvm/xen if not disable some options
If you want check:
Have you disabled checksum offloading?
https://docs.netgate.com/pfsense/en/latest/book/config/advanced-networking.html?highlight=kvm
Yes, your pfsense is a strong candidate to be the problem.
You need to isolate the problem to determine if that is really your problem or not.
From your description, I assume that you are running your pfsense on its own physical hardware and not in a virtual machine.
BTW - One of your eventual options might be to deploy pfsense in a virtual machine which might solve your problems, but talk it over with your IT and officers in your company so everyone understands the pros and cons. Done properly, there is little risk but there are many ways to go wrong if you don’t understand networking or aren’t vigilant about configuration and deployment.
Configure or connect another machine (even your personal laptop) to a port on the same external network as your KVM so your laptop is connected directly to your KVM machine without passing through pfsense, maybe at most connecting through a switch. If your Guests are configured with bridging bridge devices (typically br0), your laptop should be able to communicate with them without a problem.
You can try setting up a machine or router in parallel with the pfsense machine, at least for testing purposes. As I warned above, be sure you get clearance for this particular testing because it does open up a possible network compromise although it’s unlikely would be found and hacked if it’s set up only for a very short period of time. Maybe set up at least some level of security if it helps people to be more comfortable. If you can successfully connect to remote network(s) bypassing pfsense, this would be almost conclusive evidence the problem with pfsense.
I’m not sure why you’re doing both routing and firewalling in pfsense. If things like the checksum offloading is found to be the problem, then you can re-deploy pfsense to do only firewalling and use something else to do your routing. Again, if you end up re-deploying networking functions to different devices, you have both physical and virtual options you can consider.
Bottom line,
My suggestions are steps to narrow down your problem to the specific issue and if pfsense is where the problem is.
Once you’ve determined that, you can then take next steps to either narrow down other possible causes or to fix the problem you find.
Post again when you have questions about what you find or what options to resolve if you don’t get direction, particularly from the pfsense community if it’s determined to be a pfsense problem.
I would like to thank you about all attention and help until now
About this your post. I wiil try to do new configuration with a new pfsense version and start from zero
The pfsense of now is a production machine
For now I did new oracle VM
Host - Opensuse
guest - opensuse for different services
/24 mask and static IP
But, my guest OS network only works with Network Manager and wicked service NOT URRRRRGGGGHHHHH
Tell me, please:
Is there some problems about this?
I did read some PROS and cons wicked x Network manager
to be honest: I think that if works is Bless
You may need to open the necessary ports on both your HostOS and Guest.
It will not matter if you are running Wicked or Network Manager on your machines as long as they are configured properly…
Remembering that if you are running Network Manager that by default your networking will be configured properly only after your User is logged (you need to configure Network Manager to apply network settings on boot).
If no wireless networking is involved, and in some cases even then,
You’re highly recommended to use Wicked.