Re: [Qemu-discuss] Assigning public IPs to Guests

qemu-discuss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] Assigning public IPs to Guests

From:	Jakob Bohm
Subject:	Re: [Qemu-discuss] Assigning public IPs to Guests
Date:	Mon, 22 Jun 2015 19:21:31 +0200
User-agent:	Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0

On 21/06/2015 00:21, Peter Reid wrote:

Hi,

I'm not necessarily sure if this is the correct mailing list; but I
may as well give it a shot.

Here we go:

So I want to be able to assign public IP's to the guests that I am
running; I have a 46.105.121.xx address that I want to be my 'host
address', and then I 8 IP's in the 5.135.xx.xx range that I want to
assign to the guests that I am running.

I am running Debian 8 (Jessie), and my existing
/etc/network/interfaces config is as follows:

http://pastebin.com/gHmWtGt9

I've read about virtual bridges, but I haven't seen an explanation
that's made me understand how to set them up yet...

I'd be looking for info on how to configure it so that my VM's can
'use' those IP's and any config i need to do for each VM individually.

I can provide further info upon request

Note: My answers are based on Debian7, I have not checked the differences in Debian8.A bridge that will include only virtual machines is set up as follows in /etc/network/interfaces (I think, all mine include physical interfaces too):# The 10.xx.xx.1 address is just to avoid wasting a public IPv4.auto br0iface br0 inet static        address 10.xx.xx.1        netmask 255.255.255.0        network 10.xx.xx.0        broadcast 10.xx.xx.255        post-up ip link set br0 address y2:yy:yy:yy:yy:yy        post-up ip route add broadcast 5.135.xx.x8/29 dev br0 table local proto kernel scope link src 10.xx.xx.1        bridge_stp on        bridge_maxwait 0        bridge_fd 0iface br0 inet6 static        pre-up modprobe ipv6        address xxxx:xxxx:xxxx:xxxx::1        netmask 64        privext 0Enable forwarding on the host.You will need to choose you own locally unique MAC addresses for the virtual machines and interfaces.On the qemu command lines use something like   -netdev bridge,id=hostnet0,br=br0    -device=....,netdev=hostnet0,id=net0,mac=z2:zz:zz:zz:zz:zz,...Inside the VMs configure the virtual network interface with static IPv4 and static IPv6 addresses as usual, but with 10.xx.xx.1 as IPv4 gateway. The IPv6 gateway will of cause by xxxx:xxxx:xxxx:xxxx::1. You may or may not need to add
        post-up ip route add broadcast 10.xx.xx.1/24 dev eth0 table local proto kernel scope link src 5.135.xx.xxWith this setup, the host becomes a router between its physical network and the completely virtual network "br0". Because addressing will be static, there is no need to set up dhcpd or radvd on this network.IPv4 routing on the br0 virtual network is special because the VMs have public IPs, but the router has a private IP. So there are extra "on-link" routes for the other IP address space. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Because the virtual network above exists only within a single host machine, there is no redundancy against failure of that machine. If you want the ability to move VMs between different hosts for redundancy, you will need a different setup: Set up a VLAN on your physical network to carry 5.135.xx.xx traffic and the matching IPv6 network let's call this VLAN 1357 (any number from 2 to 4094 should do).
Make sure your physical network switches support VLANs and STP, otherwise there will be big problems. The only managed switches I have encountered with such problems was a popular HP Procurve model. A D-link managed switch did much better. On the host machines add something like this to /etc/network/interfaces: auto br1357 iface br1357 inet6 static         # pre-up modprobe ipv6        bridge_ports eth0.1357         hw-mac-address y2:yy:yy:yy:yy:yy         bridge_stp on         bridge_maxwait 0         bridge_fd 0         address xxxx:xxxx:xxxx:xxxx::xxxx:xxxx        netmask 64        privext 0Don't enable forwarding on the hosts, they are now switches, not routers. Note that the hosts have no IPv4 addresses on the public IP vlan. Management of the hosts would be done over a different VLAN not reachable from the big bad Internet.
On your actual router, set up routing of your 5.135.xx.x8/29 and its IPv6 equivalent on VLAN 1357.As explained in the single-host setup, you may be able to save a public IPv4 by giving the router a private IPv4 and setting up special on-link routing rules on both the router and the VMs.

You will need to choose you own locally unique MAC addresses for the virtual machines and interfaces.On the qemu command lines use something like   -netdev bridge,id=hostnet1357,br=br1357    -device=....,netdev=hostnet1357,id=net1357,mac=z2:zz:zz:zz:zz:zz,...Inside the VMs configure the virtual network interface with static IPv4 and static IPv6 addresses as usual.

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-discuss] Assigning public IPs to Guests, Peter Reid, 2015/06/20
- Re: [Qemu-discuss] Assigning public IPs to Guests, Jakob Bohm <=

Prev by Date: [Qemu-discuss] How to have dedicated IP for guest (that can't be used by the host)?
Next by Date: Re: [Qemu-discuss] How to have dedicated IP for guest (that can't be used by the host)?
Previous by thread: [Qemu-discuss] Assigning public IPs to Guests
Next by thread: [Qemu-discuss] How to have dedicated IP for guest (that can't be used by the host)?
Index(es):
- Date
- Thread