Configure a bridged network interface for KVM using RHEL 5.4 or later?

environment

• Red Hat Enterprise Linux 5.4 or later
• Red Hat Enterprise Linux 6.0 or later
• KVM virtual machines

question

• How do I configure a bridged network interface for KVM using Red Hat Enterprise Linux 5.4 or later?
• On RHEL 6, what is the recommended procedure for creating a virtual machine network that can receive an external IP address?
• How to configure bridge network for my kvm guest ?

resolution

By default, kvm uses NAT networking through a libvirt-managed bridge called virbr0. If you require your guest to appear as another host on the same network as the hypervisor, a bridged interface may be used to achieve this. However, virtualization hosts configured to use KVM will not automatically create a bridged interface for the Ethernet devices on your system. A configuration must be created to set up the bridge when the network is started.

Note: The host should be accessed through a console or serial session as changes to the network configuration files may cause the network access to be lost.

Configuration Tool

Red Hat supply a KVM Bridge Configuration tool via the Customer Portal:  https://access.redhat.com/labs/kvmbridgeconfiguration/

Manual Configuration

• If the interface that will be bridged is currently running, stop it using the ifdown command. For example:

# ifdown eth0

Now two files will be created or modified to setup the bridge (ifcfg-brX) and physical interface (ifcfg-ethX). Change to the /etc/sysconfig/network-scripts directory:

# cd /etc/sysconfig/network-scripts

• Open the network script for the device you are adding to the bridge. In this example, ifcfg-eth0 defines the physical network interface which is part of a bridge:

DEVICE=eth0
HWADDR=00:16:76:D6:C9:45    # change the hardware address to match the hardware address your NIC uses
ONBOOT=yes
BRIDGE=br0
NM_CONTROLLED=no

• Create a new network script in the /etc/sysconfig/network-scripts directory called ifcfg-br0 or similar. The br0 is the name of the bridge, this can be anything as long as the name of the file is the same as the DEVICE parameter, and the name is specified correctly in the previously created physical interface configuration (ifcfg-ethX):

DEVICE=br0
TYPE=Bridge
BOOTPROTO=dhcp
ONBOOT=yes
DELAY=0

If using a static IP address, the configuration will look similar to:

DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
IPADDR=<Static IP address>
NETMASK=<Netmask>
GATEWAY=<Gateway>
ONBOOT=yes

• Start the Ethernet device and the bridge device using the ifup command:

# ifup eth0
# ifup br0

• Test to make sure that the host can still communicate with the network:

# ping www.redhat.com

• Add the lines below into /etc/sysctl.conf:

net.ipv4.ip_forward = 1

net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

Apply the configurations:

# sysctl -p /etc/sysctl.conf

• Now, reload the libvirt daemon:

# service libvirtd reload

• Check the bridges:

# brctl show

For more detailed information about bridged networking on KVM environment, please refer to the RHEL 5 or RHEL 6 Virtualization Guides.

Alternatively, a bridge can be created using the virt-manager GUI program, however this sort of bridge will be started with the libvirt service on boot, so should not be used as the primary network connectivity for the hypervisor.