Feature Request: Networking for KVM

[flosoft]

Hi guys,

I thought I would bring this up here. A nice thing would be automated networking for KVM. This could be realized by having a DHCP server on the TAP interfaces, and on the other side, Proxmox adding incomming routes.

Would this be possible in the near future?

Greets,

Florian Jensen

 

[dietmar]

We use a bridged network setup, so normally VMs can use DHCP when there is a DHCP server on the physical network.

If not, it should be trivial to install 'dhcp3-server' listening on 'vmbr0'.

- Dietmar

 

[flosoft]

hmm, thats not a bad idea. My question though is:

I need an IP from this range: 91.121.227.128/28, then assigned on the subnet /32 (255.255.255.255), with the gateway in another subnet. Under Linux this works with:

[FONT=monospace]
[/FONT]# ifconfig eth0 GUEST_IP/32 up[FONT=monospace]
[/FONT]# ip route add HOST_IP dev eth0[FONT=monospace]
[/FONT]# ip route add default via HOST_IP[FONT=monospace]
[/FONT]# echo "nameserver 213.186.33.99" > /etc/resolv.conf

and then on the Host I Need to say:

ip route add GUEST_IP dev vmbr0

What is the easiest way to automate this for KVM clients?

 

[dietmar]

The guest network is bridged to eth0, so it should work without setting up additional routes in the host.

- Dietmar

 

[flosoft]

Right. But not in this case, as the host machine is the gateway, right?

 

[flosoft]

Right. But not in this case, as the host machine is the gateway, right?

And then I have to forward the traffic from external to vmbr0, as otherwise the IP stays down no?

 

[dietmar]

Right. But not in this case, as the host machine is the gateway, right?

Why? - i thought you want to use another gateway.

- Dietmar

 

[flosoft]

No, I can't I need to use the host machine as gateway.

 

[dietmar]

Then simply use it as gateway, and add the route manually. I have no idea why you want such setup?

- Dietmar

 

[flosoft]

The problem is that it's a non allowed way. You cannot use a 255.255.255.255 subnet, and then a Gateway in a completely different network.

 

[dietmar]

Again, I do not understand what you want to do, and why you want do do it. Either you give me all info, or i cant help. Please explain your whole network setup.

- Dietmar

 

[flosoft]

Again, I do not understand what you want to do, and why you want do do it. Either you give me all info, or i cant help. Please explain your whole network setup.

- Dietmar

Ok, so I have the following setup.

My Host has the IP: 91.121.110.140
I have a special IP range for all the Virtual machines (KVM and OpenVZ): 91.121.227.128/28

For security reasons, these IPs are unable to access the router that the Host uses. I cannot change this.

I was told I need to setup the host to forward the traffic from an IP to vmbr0. I do this with the following command:

ip route add VPS_IP dev vmbr0

Then on the guest I need to do the following in order to make it work:

# ifconfig eth0 VPS IP/32 up                 # set IP and set subnet to 255.255.255.255
        # ip route add default dev eth0                         # add default route
        # echo "nameserver 213.186.33.99" > /etc/resolv.conf   # set dns

Now, I want to set the VPS stuff automatically via DHCP.

I hope this explains it.

 

[dietmar]

For security reasons, these IPs are unable to access the router that the Host uses. I cannot change this.

I was told I need to setup the host to forward the traffic from an IP to vmbr0. I do this with the following command:

ip route add VPS_IP dev vmbr0

This makes no sense for me. Adding an artificial route would not help at all.

Maybe they meant you should masquerade (SNAT) the addresses?

- Dietmar

 

[kro]

In OVH's setup, which I think flosofts is using, there's no bridge with eth0. The reason is, that it's made for servers in OVH's datacenters, where the next switch will shut down the port if there is more than 1 MAC address on that port.
vmbr0 is used as a bridge, but without eth0, so that users have to add a route for their guests' addresses to that bridge.

flosoft: I think it should be possible to have a dhcp server listening on vmbr0, but I haven't tried it yet. As you will have to change the config of each KVM guest anyway to change the MAC address, you can in the same time enter it in your dhcpd config to have static addresses...

 

[flosoft]

In OVH's setup, which I think flosofts is using, there's no bridge with eth0. The reason is, that it's made for servers in OVH's datacenters, where the next switch will shut down the port if there is more than 1 MAC address on that port.
vmbr0 is used as a bridge, but without eth0, so that users have to add a route for their guests' addresses to that bridge.

flosoft: I think it should be possible to have a dhcp server listening on vmbr0, but I haven't tried it yet. As you will have to change the config of each KVM guest anyway to change the MAC address, you can in the same time enter it in your dhcpd config to have static addresses...

My main problem with this static route is, that I do not know all the systems I set up. For example, I have tried to setup FreeBSD, but I couldn't for the route. So if the route + ips could be set via DHCP, that would make it all a lot easier. I would simply need to modify the host machine, and add the static lease, and add the incomming route. Or am I wrong in some point?

 

[kro]

My main problem with this static route is, that I do not know all the systems I set up.

This makes no sense to me.

For example, I have tried to setup FreeBSD, but I couldn't for the route.

Why not? What's the problem?

So if the route + ips could be set via DHCP, that would make it all a lot easier. I would simply need to modify the host machine, and add the static lease, and add the incomming route. Or am I wrong in some point?

One point I didn't think of in my last posting is that with DHCP you can tell your guest the gateway IP, but not the default route via eth0 like when you do it manually.
So finally I don't think DHCP is the solution to your problem.