Ubuntu KVM 1: Bridge Network

Posted by Jared Kipe on | 0 Comments

Tags: , , ,

So you're new to virtualization and want to take your brand new computer, with its brand new OS, into KVM/libvirt nirvana with the least amount of frustration. Follow along as I start from a fresh install of Ubuntu 14.04 Trusty and configure it reasonably and easily into a dev/production web host.

Note* For these articles I'm going to assume a clean Ubuntu 14.04 Trusty server install with minimal extras (nano, htop, openssh-server etc.) and/or the outcome of previous articles.

KVM Introduction

KVM stands for kernel-based virtual machine and is quickly supplanting Xen as the go-to standard for Linux virtualization. In terms of design, support (now part of the main-line linux kernel), features and speed, there is no reason not to jump on the KVM bandwagon right now.

A virtual, or guest, OS install in KVM with the optimized kernels and IO (e.g. Trusty host with Trusty guest) will be roughly 2% slower than the bare metal host at the same tasks.

Networking: to bridge or not to bridge

When it comes to networking, you have a couple of options, but in general you will want to make one or more bridge interfaces for your virtual machines to use. Basically, this is like turning a physical interface/port on your host into a switch and allowing the virtual machines to communicate with the same network the host is already on. If you have more than one physical network interface, this probably means making more than one bridge.

By default, a fresh install will create a bridge for you, but hand out private IP addresses and proxy/NAT traffic to the virtual machines. This should be avoided unless you have a very good reason to leave it like this. (e.g. If you have a single IP address available, you would need to have port forwards for services provided by the guest network.)

Install bridge-utils

Make sure apt-get is up to date and install the bridge-utils package

#host1$
sudo apt-get update
sudo apt-get install bridge-utils

Edit Network Configuration

This next part is highly dependent on your current setup, both in terms of your physical setup, and the configuration of your network.

In general, you will change whatever you have for your physical network (em1, eth1 etc.) to not include DHCP or IP settings, then define a bridge interface (e.g. br0), and put any DHCP or network settings you had into the bridge interface itself.

# /etc/network/interfaces
auto lo
iface lo inet loopback

auto em1
iface em1 inet static
  address 10.1.1.11
  network 10.1.1.0
  netmask 255.255.255.0
  broadcast 10.1.1.255
  gateway 10.1.1.1
  dns-nameservers 10.1.1.1

Becomes...

# /etc/network/interfaces
auto lo
iface lo inet loopback

auto em1
iface em1 inet manual

auto br0
iface br0 inet static
  address 10.1.1.11
  network 10.1.1.0
  netmask 255.255.255.0
  broadcast 10.1.1.255
  gateway 10.1.1.1
  dns-nameservers 10.1.1.1
  bridge_ports em1
  bridge_stp off
  bridge_fd 0
  bridge_maxwait 0

`bridge_ports` is where you join into one or more interface devices (usually physical devices).

`bridge_stp` tells the bridge interface to participate in the spanning tree protocol convergence, in general this is not something you want (small performance gain/less broadcast traffic). I suppose, if you had two physical interfaces, both plugged into the same switch/router, and both a bridge on/bound to the bridge, you'd want STP on.

`bridge_fd` and `bridge_maxwait` both relate to STP, so they are off/0 for me.


This is a very basic bridge network setup, but this is basically what I use on all of my bare metal servers in preparation to getting some KVM or Xen hosts running. Next up is actually installing a guest using this new bridge


Post your comment

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments