KVM with VDE

From Gentoo Linux Wiki

(Redirected from KVMwithVDE)
Jump to: navigation, search
Please format this article according to the Style Guidelines and Wikification suggestions, then remove this notice {{Wikify}} from the article.

Reason(s):

  • clarify what to do on the host, what to do on the client
  • explain the problem
  • explain how VDE solves said problem

Once you have setup a KVM system, you don't have UDP support yet. Some people choose to use VDE. This way you also need just one TAP interface.

VDE stands for Virtual Distributed Ethernet and is exactly what the name implies: a virtual switch. You can connect VDEs between physical machines and run multiple VLANs, separate routes, etc. This way you won't have to bother about VM configuration again - just connect them to a virtual switch which has DHCP and DNS services connected.

Contents

[edit] Kernel configuration

First, get your kernel on the host (real) machine up to speed for networking with virtual machines:

Linux Kernel Configuration: VDE kernel config 

Device drivers --->
   Network device support --->
      [M] Universal TUN/TAP device driver support

Networking support --->
   Networking options --->
      Network packet filtering framework (Netfilter) --->
         Core Netfilter Configuration --->
            <*> Netfilter connection tracking support
         IP: Netfilter Confiuration --->
            <*> IPv4 connection tracking support (required for NAT)
            <*> IP tables support (required for filtering/masq/NAT)
            <*> Full NAT
            <*>   MASQUERADE target support

Rebuild and install your kernel.

[edit] Installation

All but the last of the following commands are done on the host (real) machine:

Install net-misc/vde.

# emerge -av net-misc/vde

Load all the modules you'll need:

# modprobe kvm kvm-intel tun

Create a hub for VDE. The '-d' option make the vde_switch run in daemon mode.

# vde_switch --numports 4 --hub --mod 777 --group users --tap tap0 -d

Now that we have a hub, lets give an ip to our tap interface, netmask, etc and turn it on:

# ifconfig tap0 10.1.1.1 broadcast 10.1.1.255 netmask 255.255.255.0 # ifconfig tap0 up

If you haven't already turned on forwarding now is a good time:

# echo "1" > /proc/sys/net/ipv4/ip_forward

Now configure iptables to NAT your vms outbound assuming your real live interface is eth0:

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

I also had to allow all forwarding in iptables:

# iptables -A FORWARD -j ACCEPT

Depending to your iptable rules, you may also need to allow your virtual machine to connect to your host machine through tap0 interface. Otherwise, your vm will not be able to lease IP from the dnsmasq tool running on your host.

# iptables -A INPUT -i tap0 -j ACCEPT

You'll need some dns/dhcp for your guest operating system virtual machines. emerge dnsmasq if you don't already have it

# emerge -av dnsmasq

Run it with some options to give ip ranges, interfaces, logging, default domain names:

# dnsmasq --log-queries --dhcp-range=10.1.1.1,10.1.1.20,255.255.255.0,2h --interface=tap0 --domain=kvm.lan

Now finally, start something! A bootable CD is a good test.

# kvm -net vde -net nic,vlan=0,macaddr=52:54:00:00:EE:03 -m 256 -localtime -cdrom SomeCDrom.iso

You can monitor it's network traffic in another session with tcpdump:

# tcpdump -ni tap0

Your guest OS should get an ip automagically through dhcp, be assigned default resolv.conf parameters, etc. If you can ping something on the internets you're good! (This is the only command here that is run inside the guest OS in the virtual machine)

# ping gentoo.org

[edit] Alternative Method

If you would rather not mess around with kernel configs, TUN, iptables and dnsmasq, then you can achieve the same result with the following two commands instead;

vde_switch -daemon
slirpvde --dhcp --daemon

Then start your virtual machines with this command;

kvm -net nic,macaddr=52:54:00:00:EE:03 -net vde test.img

[edit] References

Retrieved from "http://en.gentoo-wiki.com/wiki/KVM_with_VDE"
Personal tools