FAQ
Hi,

I have only one ethernet port in a remote server. (eth0)

I have a public address with x.x.x.164 netmask 255.255.255.240 gw x.x.x.161

and want to use in my guest OS the next available ip address (x.x.x.165 netmask 255.255.255.240 gw x.x.x.161)

Is this posible with brctl to achieve this?

I did a file called ifcfg-xenbr0 with:


DEVICE=xenbr0

TYPE=Bridge

BOOTPROTO=dhcp

ONBOOT=yes

then reboot, after that i use:

# brctl addif xenbr0 eth0

I was connected to my remote server but problems begin when I assigned the x.x.x.165 ip addres to the guest OS with

virt-manager to begin installation. I lost the remote connection. Maybe I miss something like this? :

iptables -I FORWARD -m physdev ?physdev-is-bridged -j ACCEPT

to avoid loosing the connection ?

i'm still receiving ping from x.x.x.165 but x.x.x.164

:(

Search Discussions

  • James B. Byrne at Jun 25, 2010 at 5:09 pm
    I am having a couple of iptables issues with this type of setup
    myself. The RH manual says to insert a rule into the FORWARD chain
    like this:

    -A FORWARD -m physdev --physdev-is-bridged -j ACCEPT

    However, for the host does this not mean that every packet is
    accepted. As far as I can discern from the documentation, when one
    sets up a physically bridged network on a kvm host then every packet
    arrives across the bridge interface and, insofar as the host is
    concerned, anything that it does not orginate itself is forwarded.

    I may be wrong on this, but the behaviour of my ssh filters since
    putting that command in the FORWARD chain indicates that something
    along those lines is occurring. The i/f eth0 seems to have no
    relevence to iptables rules for the host instance.

    --
    *** E-Mail is NOT a SECURE channel ***
    James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
    Harte & Lyne Limited http://www.harte-lyne.ca
    9 Brockley Drive vox: +1 905 561 1241
    Hamilton, Ontario fax: +1 905 561 0757
    Canada L8E 3C3
  • Arun Khan at Jun 26, 2010 at 9:54 am

    On Fri, Jun 25, 2010 at 3:26 AM, Armando Montiel wrote:
    Hi,

    I have only one ethernet port in a remote server. (eth0)

    I have a public address with x.x.x.164 netmask 255.255.255.240 gw x.x.x.161
    I am assuming the above is assigned to the physical device eth0, right?
    From your netmask information the following is your IP params for your subnet.
    Network range - x.x.x.160 - x.x.x.175
    Usable range - x.x.x.161 - x.x.x.174
    and want to use in my guest OS the next available ip address (x.x.x.165 netmask 255.255.255.240 gw x.x.x.161)

    Is this posible with brctl to achieve this?

    I did a file called ifcfg-xenbr0 with:


    DEVICE=xenbr0

    TYPE=Bridge

    BOOTPROTO=dhcp

    ONBOOT=yes

    then reboot, after that i use:

    # brctl addif xenbr0 eth0

    I was connected to my remote server but problems begin when I assigned the x.x.x.165 ip addres to the guest OS with

    virt-manager to begin installation. I lost the remote connection. Maybe I miss something like this? :

    iptables -I FORWARD -m physdev ?physdev-is-bridged -j ACCEPT
    You have not disclosed how you are connecting to the "host" OS a
    priori your VM installation. Do you mean the above rule should be on
    the "host" OS? I don't think so unless you have enabled firewall on
    the host. I would suggest to disable the firewall until you are done
    with the VM setup.
    to avoid loosing the connection ?

    i'm still receiving ping from x.x.x.165 but x.x.x.164
    From the above it appears you are doing Xen virtualization. I have
    no experience with Xen but do with the Linux KVM and I do think that
    the basic networking fundamentals would be uniform, irrespective of
    the virt platform.

    (1) With Bridge, you cannot assign an IP to the physical interface, in
    your case eth0.
    (2) The IP number is assigned to the bridge instead, in your case
    x.x.x.164 would be assigned to the bridge.
    (3) My KVM setups need "tap" (tunctl) interfaces to be bound to the
    bridge interface.
    (4) The VM guest sees a regular NIC (as emulated by the host VM
    environment), which is bound to the "tap" interfaces on the host OS.
    The bridge being bound to the tap becomes the ethernet viaduct between
    the guest VM and the rest of the world.

    Therefore, I believe you need to move your host IP to the bridge,
    define a tap which is bound to the bridge and then present the tap to
    the VM in whichever way it is supposed to be for your virt. platform.

    HTH
    -- Arun Khan

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcentos-virt @
categoriescentos
postedJun 24, '10 at 5:56p
activeJun 26, '10 at 9:54a
posts3
users3
websitecentos.org
irc#centos

People

Translate

site design / logo © 2022 Grokbase