Qemu (kvm) internal network setup
I got a new notebook, a nice Thinkpad T61 with virtualization technology. I need to run some Windows system for development so I’ve decided to use the Kernel based Virtual Machine (KVM). The VMs should communicate over an internal network but should have access to the internet and I want access via network to them. So I setup a bridge with TUN/TAP devices masqueraded to my normal interface.
HOST QEMU GUEST1
+---------------+ +--------------+
| 10.10.5.158 | | |
LAN ---+---- eth0 | | |
| | | | QEMU GUEST2
| +------+ +--+---+---- nic0 | +--------------+
| | tap0---+ | |192.168.100.5 | | |
| | tap1---+ | +--------------+ | |
| +------+ | | | |
| br0 +--+----------------------+---- nic0 |
|192.168.100.254| |192.168.100.1 |
+---------------+ +--------------+
Needed packages:
uml-utilities
bridge-utilities
kvm
Setup the network:
Create a file call kvm-network with the following content and make it executeable.
#!/bin/bash
# id of the user running qemu (kvm)
USERID=1000
# number of TUN/TAP devices to setup
NUM_OF_DEVICES=5
case $1 in
start)
modprobe tun
echo -n "Setting up bridge device br0"
brctl addbr br0
ifconfig br0 192.168.100.254 netmask 255.255.255.0 up
for ((i=0; i < NUM_OF_DEVICES ; i++)); do
echo -n "Setting up "
tunctl -b -u $USERID -t qtap$i
brctl addif br0 qtap$i
ifconfig qtap$i up 0.0.0.0 promisc
done
;;
stop)
for ((i=0; i < NUM_OF_DEVICES ; i++)); do
ifconfig qtap$i down
brctl delif br0 qtap$i
tunctl -d qtap$i
done
ifconfig br0 down
brctl delbr br0
;;
*)
echo "Usage: $(basename $0) (start|stop)"
;;
esac
br0 is the gateway to the external network.
Setting up the firewall:
Edit /etc/sysconfig/SuSEfirewall and set the following variables:
FW_DEV_INT="br0 qtap0 qtap1 qtap2 qtap3 qtap4" FW_ROUTE="yes" FW_MASQ_NETS="192.168.100.0/24" FW_PROTECT_FROM_INT="no" FW_FORWARD_ALWAYS_INOUT_DEV="br0"
If you don’t run a SUSE system use the following lines to setup masquerading:
echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
On the guest you have to set the default gateway to 192.168.100.254 which is the bridge br0 and take a look in /etc/resolv.conf to get the name servers. I run a Windows 2003 Server as a guest which is the dhcp and name server for the other guests (Vista, several Linux installations).
Setting up qemu
Guest 1:
#!/bin/bash
qemu-kvm /path/to/vm.img \
-net nic,model=rtl8139,macaddr=52:54:00:12:34:56 \
-net tap,ifname=qtap0,script=no \
-m 256 \
-smp 1 \
-usb \
-usbdevice tablet \
-localtime
Guest 2:
#!/bin/bash
qemu-kvm /path/to/vm2.img \
-net nic,model=rtl8139,macaddr=52:54:00:12:34:57 \
-net tap,ifname=qtap1,script=no \
-m 256 \
-smp 1 \
-usb \
-usbdevice tablet \
-localtime
Note that the VMs have different MAC addresses. It took me a long time to find why I couldn’t ping from one guest to another 
By the way, one of the guests is running Vista, which runs smoothly on my machine with KVM.
GlaDiaC @ July 12, 2007
on ubuntu 7.04, the package “bridge-utilities” is called “bridge-utils”
Hi, Andreas !
Thanks a LOT for KVM networking setup advice. Can you please tell me if this will work with Kernel 2.6.22, and not SuSE 2.6.18 ? Something has changed in the bridging stuff starting from 2.6.20 kernel.
Thanks in advance for any suggestion(s)
Hello,
I’ve done this on my notebook which is running openSUSE 10.3 Beta with Kernel 2.6.22.
Hi
I’ve spent some time looking for he reason why I could not ping between guests. When I check the bridge from the host brctl showmacs br0 it shows different addresses. Your wink prompted me to run ifconfig on each guest, sure enough, they are the same mac. Thank you!
Hey,
I want the guest OS’s to join the other networks windows work group, how is this possible?
Dave, please be more precise!
Hey,
I couldn’t make it work. My guests (both Ubuntu & WinXP) haven’t got connection. I think everything was setup exactly like the instruction. I just slightly changed the UserID as 0 since I ran as root.
I wonder if is that correct when I assign NIC_0 (guest_1) as the same value as TAP_0 (Tap)?
Thanks,
I’m sorry for last post since my firewall system wasn’t on as I thought. Using 2-line script to setup the masquerading is great. I got everything works now. Thanks!
I’m trying to get this working in Windows 2003, but the machine hangs dead when installing the kvmnet.sys driver. Here is my startup script:
qemu-kvm \
-M pc \
-cdrom /ISO/kvm-driver-disc-20080318.iso \
-m 512 \
-name janus1 \
-smp 2 \
-net nic,model=virtio \
-net tap,ifname=tap0,script=no \
-no-acpi \
/dev/nunez/janus
Thanks for great guide.
Nevermind, figured out that part, seems that the version 1.0.0.0 doesn’t play nice. Upgraded to 1.2.0.0 and work like a charm - 1Gbps in the system tray…:))
I’ve set up bridging using the guide at: http://www.linux-kvm.com/content/tip-how-get-maximum-network-performance-using-paravirtual-drivers-and-bridged-networking but doesn’t work, my virt machine can’t get na ip from dhcp. Help greatly appreciated