> How did you configured eth2? dhcp too? why you tap as bridge port intend of eth2?
![]()
and Bob's question below on network managers:
I then did "ifdown br0", which took down eth2 as well. I added a simple dhcp stanza for eth2 to /etc/network/interfaces and ifup'd it. That works, in that I can reach the internet, but obviously it has no bridge.
When the system started /etc/network/interfaces did not mention eth2.
network-manager is installed but wicd is not.
My wireless router is currently serving as a dhcp server; it has a reserved IP for the system under discussion. This is not the long-run plan. The router keeps flaking out, perhaps in part because of some interaction with the bridging: I've had 2 or 3 problems since I started the bridging, and none since I took it down. I solve them by power cycling the router; I haven't diagnosed them further.
I thought the system hotplug behavior was doing the configuring and that network-manager was not installed. Wrong on both apparently.
That configuration did not work after a system restart: no packets traveled to outside networks.
I then did "ifdown br0", which took down eth2 as well. I added a simple dhcp stanza for eth2 to /etc/network/interfaces and ifup'd it. That works, in that I can reach the internet, but obviously it has no bridge.
As to " why you tap as bridge port intend of eth2?" I don't understand the question, even reading "intend" as "instead". But basically I was just copying a configuration and had no deep reason.
Arun made a suggestion that
> Your 'physical' device eth0/eth2 or whatever needs to be added to the bridge.
> Your 'physical' device eth0/eth2 or whatever needs to be added to the bridge.
I believe that is done by the /etc/kvm/kvm-ifup script that is executed when I launch the virtual machine.
It says, in part
switch=$(ip route ls | \
awk '/^default / {
for(i=0;i<NF;i++) { if ($i == "dev") { print $(i+1); next; } }
}'
)
awk '/^default / {
for(i=0;i<NF;i++) { if ($i == "dev") { print $(i+1); next; } }
}'
)
# i.e, switch=eth2 (RB)
# only add the interface to default-route bridge if we
# have such interface (with default route) and if that
# interface is actually a bridge.
# It is possible to have several default routes too
for br in $switch; do
if [ -d /sys/class/net/$br/bridge/. ]; then
brctl addif $br "$1"
exit # exit with status of brctl
fi
done
# have such interface (with default route) and if that
# interface is actually a bridge.
# It is possible to have several default routes too
for br in $switch; do
if [ -d /sys/class/net/$br/bridge/. ]; then
brctl addif $br "$1"
exit # exit with status of brctl
fi
done
# I think $1=tap0 as invoked, though maybe its br0 (RB)
Then again, I don't understand things well enough to know what adding something to a bridge means, or how that is accomplished.
Arun also asked
> List the output of 'brctl -show'
But that's empty (since I did ifdown br0, presumably).
More below
On Wed, Oct 2, 2013 at 1:49 AM, Bob Proulx <bob@proulx.com> wrote:
Ross Boylan wrote:Which page is "a wiki page"? I didn't find a wiki.debian.org one that
> /etc/network/interfaces has (on the advice of a wiki page on Debian and
> kvm)
had an example like it.
How about this one? It has good working examples.
http://wiki.libvirt.org/page/Networking
One thing I struggled with was that qemu-kvm, via the /etc/kvm/kvm-ifup script I mentioned above, does some stuff automatically. Help that is written without that in mind tends to include instructions that either duplicate or, perhaps, are at cross-purposes with it.
Hmm... To me it doesn't make sense to use dhcp along with a network
> auto br0
> iface br0 inet dhcp
> pre-up ip tuntap add dev tap0 mode tap user root
> pre-up ip link set tap0 up
> bridge_ports all tap0
> bridge_stp off
> bridge_maxwait 0
> bridge_fd 0
> post-down ip link set tap0 down
> post-down ip tuntap del dev tap0 mode tap
bridge. Normally you would use a bridge with a static IP address. So
that external processes can connect to the VMs.
But you are using dhcp. That implies that you are operating with
dynamic addresses. Not necessarily true. You could have the dhcp
server configured to give you reserved addresses. But if not then it
doesn't make sense.
The dhcp server is configured for a reserved address.
I think I tried a much different bridge specification with a static IP; it didn't work.
It doesn't seem to me as if the ip address of the bridge gets used, as opposed to names like eth2, br0, and tap0
I am using this:
iface eth0 inet manual
auto br0
iface br0 inet static
address 192.168.1.119
netmask 255.255.255.0
gateway 192.168.1.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0
I thought for servers the recommendation was to hook into the hotplug mechanism. For lenny I had (IP address altered slightly)
mapping ethslow
script /etc/network/trivial
map ethwan
allow-hotplug ethslow
iface ethwan inet static
address 66.181.128.33
netmask 255.255.255.0
gateway 66.181.128.1
dns-nameservers 198.144.192.2 198.144.192.4
pre-up /etc/network/rb-iptables
mapping ethslow
script /etc/network/trivial
map ethwan
allow-hotplug ethslow
iface ethwan inet static
address 66.181.128.33
netmask 255.255.255.0
gateway 66.181.128.1
dns-nameservers 198.144.192.2 198.144.192.4
pre-up /etc/network/rb-iptables
The wireless router did not serve as a dhcp server, firewall, NAT, or anything else in that configuration--which eventually is what I want to return to. The main system we're discussing is insufficiently hardened to be directly on the internet for now.
But if you want to use dhcp then I recommend dumping the bridge and
using "virt-install ... --network network=default" instead. Set the
default network to autostart "virsh net-autostart default". It is a
simpler configuration. Note that if you have Recommends: disabled (as
I do) then you need to manually ensure that dnsmasq-base (a Recommends:
package) is installed.
I'm not sure how that interacts with the kvm-ifup script I mentioned.
Even in the short run I can assign an IP address while continuing to use the external router.
Do you have network-manager or wicd installed? If so then that daemon
> My one connected interface, eth2, was brought up by hotplug with no
> mention in interfaces.
brought up the interface.
Yes, network-manager. Oops. I guess it got pulled in as part of KDE. The recommendation is not to use the package for a server, right?
If it was previously controlled by network-manager or wicd then things
> Originally, with the system up, I added the br0 stanza to interfaces and
> did ifup br0. This temporarily interrupted my network connections,
> which was not good, but they resumed afterwords.
would be in an inconsistent state with both it and ifupdown trying to
control it.
Oh my. It's amazing it's working at all :) I guess I should straighten this out before rebooting.
Bob
Can anyone explain to me what difference between tap and the bridge is? They both seem to do the same thing*, but apparently tap needs to be hooked in to a bridge. And for some reason the qemu/kvm docs seems to recommend tap.
*OK, maybe they are at different levels of the network stack. But once sharing is going on, I can't see why that matters.
Ross