[fedora-virt] Routed networking in libvirt
Kenni Lund
kenni at kelu.dk
Thu May 20 10:05:54 UTC 2010
Hello
I just bought a new hosted server in a data center, which I'm going to
run a few virtual machines on with libvirt/KVM.
The server have 4 public IP addresses, but due to the data center,
bridges are not an option. Luckily, I discovered that libvirt had an
option for a routed network as an alternative to full NAT or bridging.
With some help from a blogpost of Daniel P. Berrangé [1], I managed to
get it working.
I have 4 IP-addresses:
x.y.z.215 / 255.255.255.255 (the host)
x.y.z.251 / 255.255.255.192 (additional IP)
x.y.z.252 / 255.255.255.192 (additional IP)
x.y.z.253 / 255.255.255.192 (additional IP)
I've then created the following network in libvirt:
<network>
<name>name</name>
<forward mode='route'/>
<bridge name='name' />
<ip address='x.y.z.251' netmask='255.255.255.192'>
<dhcp>
<range start='x.y.z.252' end='x.y.z.253' />
</dhcp>
</ip>
</network>
This works, but I can only utilize 2 IP addresses for virtual machines
and not 3, since the third IP address is used for the routed network.
I'm wondering if it's possible to do something to workaround this?
Both .215 and .251 binds to the host, eg. I can access all the
services on the host through both IP-addresses, which I really don't
need. Is it just the way it is, or can I do something about it?
Looking at the routing tables, I don't see the .251 address mentioned
anywhere as a gateway, the routing tables seems to just use the Iface
of the routed libvirt network and not the IP address. Why is this
address needed at all?
[1] http://berrange.com/posts/2009/12/13/routed-subnets-without-nat-for-libvirt-managed-virtual-machines-in-fedora/
Best Regards
Kenni
More information about the virt
mailing list