Bridged networking with KVM / qemu

First off, I cannot recommend Peter Membrey’s “The Definitive Guide to CentOS” enough. If you’re a new admin or just want to make sure
you’re doing it right, this is the book to get.

Some of the scientists I support at work rely on software that requires an old, defunct version of Ubuntu (6, Edgy). And because it’s starting to get hard to find hardware that will still run that old version of Linux I’m now using virtualization technology (KVM and CentOS 5.7). These instructions should work with Redhat and it’s derivatives.

The tricky part of all this (for me at least) was setting up the network. I need the virtual Ubuntu machine to appear on the network as if it were a separate host with a public IP, rather then behind a NAT router. Thus I used a bridged network setup. The method bellow worked for me, but it’s not necessarily the only or best way to accomplish this… I’ve tested these procedures on CentOS 5.7 and 6.2. Before we get started, you need to add two CentOS packages via the yum command: bridge-utils and tunctl.

Step One: Create a virtual network bridge (br0)
This particular server has one physical interface (eth0). What you have to do is create a virtual network bridge (br0), give it your public IP/GATEWAY/etc, and then add the physical interface to the bridge…

First, backup /etc/sysconfig/network-scripts/ifcfg-eth0 to another directory. My original ifcfg-eth0 looked like this
# Broadcom Corporation NetXtreme BCM5722 Gigabit Ethernet PCI Express
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.0.255
HWADDR=B8:AC:6F:99:36:95
IPADDR=192.168.0.60
NETMASK=255.255.255.0
NETWORK=192.168.0.0
ONBOOT=yes

Now copy /etc/sysconfig/network-scripts/ifcfg-eth0 to /etc/sysconfig/network-scripts/ifcfg-br0. Edit the two files so that they look like so… notice that the IP and GATEWAY are now in ifcfg-br0 and not ifcfg-eth0.

/etc/sysconfig/network-scripts/ifcfg-br0 (I had do add my GATEWAY as well as copy over IPADDR)
DEVICE="br0"
ONBOOT=yes
TYPE=Bridge
BOOTPROTO=static
IPADDR=192.168.0.60
GATEWAY=192.168.10.1
DELAY=0

/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
ONBOOT=yes
TYPE=Ethernet
HWADDR=B8:AC:6F:99:36:95
BRIDGE=br0

Now reboot, or simply restart the network via the /etc/init.d/network script. If all is working properly, your host will still have a functioning network connection. You’re half way done…

Step two: Create a virtual, TUN/TAP interface (tap0) for your first VM.

To create the tap0 interface:
/usr/sbin/tunctl -b

Bring up the new interface:
/sbin/ifconfig tap0 up

Now add tap0 to the bridge so it has access to your physical network:
/usr/sbin/brctl addif br0 tap0

Thats it!
Now, when you install or start your qemu vm, just make sure your “-net” option looks like the one bellow so that your vm has access to the tap0 interface. Most examples I’ve found on the net do these last steps in a script that then launches qemu…
#!/bin/sh
/usr/sbin/tunctl -b
/sbin/ifconfig tap0 up
/usr/sbin/brctl addif br0 tap0
qemu-system-x86_64 -hda disk.img -boot d -m 1024 -net nic -net tap,ifname=tap0,script=no -no-acpi