In today’s guide, we will look at how to Create and Configure Bridge Networking For KVM in Linux – RHEL / CentOS / Ubuntu / Debian / Arch Linux e.t.c. Linux bridge when used in KVM, allows a Virtual Machine to Access external network and services outside of Virtual Environment.
There are various ways of configuring Bridge Networking in Linux for use in KVM. The default network used by a Virtual Machine launched in KVM is NAT network.With NAT networking, a virtual network is created for the guest machines which is then mapped to host network to provide internet connectivity.
When you configure and use Bridged networking, guest operating systems access external network connected directly to the host machine. A bridge can be created either using Virtual Machine Manager, using virsh command line tool, by directly editing network scripts or using Linux Network management tools.
Method 1: Creating Bridge Network with NAT
Follow these steps to create a Linux bridge from Virtual Machine Manager (GUI). You need to have installed KVM on your system. The demonstration done in this method is for NATed bridge setups.
How to install KVM on RHEL/CentOS 8, Fedora, Arch Linux, CentOS, Ubuntu/Debian, SLES
Open Virtual Machine Manager, and go to Edit > Connection Details > Virtual Networks
Configure a new network interface by clicking the + at the bottom of the window. Give the virtual network a name.
Click the Forward button, on next window, provide virtual network information.
Click forward and choose if to enable IPv6.
Select the network type and forwarding policy.
Finish the setting and save your configurations. The new Virtual network should show on the overview page.
A bridge on the host system is automatically created for the network.
$ brctl show virbr4
bridge name bridge id STP enabled interfaces
virbr4 8000.525400c2410a yes virbr4-nic
Method 2: Create KVM bridge with virsh command.
Create a new bridge XML file.
vim br10.xmlAdd bridge details to the file.
<network>
<name>br10</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='br10' stp='on' delay='0'/>
<ip address='192.168.30.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.30.50' end='192.168.30.200'/>
</dhcp>
</ip>
</network>
To define a network from an XML file without starting it, use:
$ sudo virsh net-define br10.xml
Network br1 defined from br10.xmlTo start a (previously defined) inactive network, use:
$ sudo virsh net-start br10
Network br10 startedTo set network to autostart at service start:
$ sudo virsh net-autostart br10
Network br10 marked as autostartedCheck to Confirm if autostart flag is turned to yes – Persistent should read yes as well.
$ sudo virsh net-list --all
Name State Autostart Persistent
----------------------------------------------------
br10 active yes yes
default active yes yes
docker-machines active yes yes
fed290 active no yes
vagrant-libvirt active no yes
Confirm bridge creation and IP address.
$ ip addr show dev br10
28: br10: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:94:00:f5 brd ff:ff:ff:ff:ff:ff
inet 192.168.30.1/24 brd 192.168.30.255 scope global br10
valid_lft forever preferred_lft foreverMethod 3: Create a bridge by editing network scripts
We’ll consider two systems.
1) RHEL based systems
Below script will create a bridge called br10.
sudo vim /etc/sysconfig/network-scripts/ifcfg-br10
With:
DEVICE=br10
STP=no
TYPE=Bridge
BOOTPROTO=none
DEFROUTE=yes
NAME=br10
ONBOOT=yes
DNS1=8.8.8.8
DNS2=192.168.30.1
IPADDR=192.168.30.3
PREFIX=24
GATEWAY=192.168.30.1The configuration of eth0 interface that I’m bridging to will be:
$ cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
BRIDGE=br10Bring up the interfaces:
sudo ifdown br10
sudo ifup br102) Debian based systems
Configure Bridging interface:
$ sudo vim /etc/network/interfaces
auto br10
iface br10 inet static
address 192.168.1.10
network 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.1
bridge_ports eth0
bridge_stp offDisable all lines on eth0 interface section to look something like below:
auto eth0
iface eth0 inet manualRestart your networking service.
sudo systemctl restart networking.serviceMethod 5: Using Nmcli tool
Use the nmcli network management command line tool to create a Linux bridge on the desired interface. Let’s first list all available connections.
$ sudo nmcli connection show
NAME UUID TYPE DEVICE
enp1s0 498869bb-0d88-4a4c-a83a-c491d1040b0b ethernet enp1s0
Wired connection 1 0977f29f-fa2e-3d7f-831c-6f41f8782be3 ethernet enp7s0 Since my bridge will be created on the second device enp7s0, I’ll delete the existing connection then create a bridge with this device.
$ sudo nmcli connection delete 0977f29f-fa2e-3d7f-831c-6f41f8782be3
Connection 'Wired connection 1' (0977f29f-fa2e-3d7f-831c-6f41f8782be3) successfully deleted.1. Save bridge related information to variables.
BR_NAME="br10"
BR_INT="enp7s0"
SUBNET_IP="192.168.30.10/24"
GW="192.168.30.1"
DNS1="8.8.8.8"
DNS2="8.8.4.4"Where:
- BR_NAME: The name of the bridge to be created.
- BR_INT: the physical network device to be used as bridge slave.
- SUBNET_IP: IP address and subnet assigned to the bridge created.
- GW: The IP address of the default gateway
- DNS1 and DNS2: IP addresses of DNS servers to be used.
2. Define new bridge connection.
sudo nmcli connection add type bridge autoconnect yes con-name ${BR_NAME} ifname ${BR_NAME}Output:
Connection 'br0' (be6d4520-0257-49c6-97c2-f515d6554980) successfully added.3. Modify bridge to add IP address, Gateway and DNS
sudo nmcli connection modify ${BR_NAME} ipv4.addresses ${SUBNET_IP} ipv4.method manual
sudo nmcli connection modify ${BR_NAME} ipv4.gateway ${GW}
sudo nmcli connection modify ${BR_NAME} ipv4.dns ${DNS1} +ipv4.dns ${DNS2}4. Add the network device as bridge slave.
sudo nmcli connection delete ${BR_INT}
sudo nmcli connection add type bridge-slave autoconnect yes con-name ${BR_INT} ifname ${BR_INT} master ${BR_NAME}Sample output.
Connection 'enp7s0' (f033dbc9-a90e-4d4c-83a9-63fd7ec1cdc1) successfully added.Check connections.
$ sudo nmcli connection show
NAME UUID TYPE DEVICE
br0 be6d4520-0257-49c6-97c2-f515d6554980 bridge br0
enp1s0 498869bb-0d88-4a4c-a83a-c491d1040b0b ethernet enp1s0
enp7s0 f033dbc9-a90e-4d4c-83a9-63fd7ec1cdc1 ethernet enp7s0 Step 2: Bring up network bridge
Once the network bridge connection has been created, bring it up.
$ sudo nmcli connection up br10
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)View bridge details by running.
sudo nmcli connection show br10The ip addr command should give output similar to below.
$ ip ad
3: enp7s0: mtu 1500 qdisc fq_codel master br10 state UP group default qlen 1000
link/ether 52:54:00:a2:f6:a8 brd ff:ff:ff:ff:ff:ff
4: br10: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 52:54:00:a2:f6:a8 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.10/24 brd 192.168.122.255 scope global noprefixroute br10
valid_lft forever preferred_lft forever
inet6 fe80::4f2f:ce6d:dc6b:2101/64 scope link noprefixroute
valid_lft forever preferred_lft foreverCongratulations!!. You have successfully created and configured Bridge Networking for KVM on a Linux system.
Recommended Linux Books to read:
- Best Linux Books for Beginners & Experts
- Best Linux Kernel Programming Books
- Best Linux Bash Scripting Books
- Top RHCSA / RHCE Certification Study Books
Check KVM related articles below.
- How to extend/increase KVM Virtual Machine (VM) disk size
- virsh commands cheatsheet to manage KVM guest virtual machines
- How to Provision VMs on KVM with Terraform
- How to Create CentOS / Fedora / RHEL VM Templates on KVM
