KVM bridge Networking and openvpn

KVM bridge Networking and openvpn

[jd]

Hi
   I have a openvpn network using *tap* interfaces. On the machines on the vpn network, I want to create VMs in such a way that they should all get on the vpn network.

-- I have tap0 as the openvpn interface
-- br0 as the bridge.

-- script to setup bridge and the add tap0 
ifconfig tap0 0.0.0.0 promisc up
brctl addif br0 tap0
ifconfig br0 10.4.0.2 netmask 255.255.255.0 up
route add -net 10.4.0.0 netmask 255.255.255.0 br0
route add default gw 10.4.0.1 br0

-- I have turned firewall off.

-- I have the bridge script in place (which works when I bridge eth0)

Now when I create new VM, using the command line...

qemu-system-x86_64 -net nic,vlan=0,macaddr=00:16:3e:70:8f:33 -net tap,vlan=0 -hda /mnt/vm_data/test_xp.hda.disk.xm -m 256

The VM does not seem to get the IP address :( (may be dhcp request is failing)

---- brctl show ---

bridge name     bridge id               STP enabled     interfaces
br0             8000.7e986235e99b       no              tap1
                                                        tap0

-- ifconfig             
tap0      Link encap:Ethernet  HWaddr 7E:98:62:35:E9:9B  
          inet6 addr: fe80::7c98:62ff:fe35:e99b/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:73 errors:0 dropped:0 overruns:0 frame:0
          TX packets:866 errors:0 dropped:96 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:32708 (31.9 KiB)  TX bytes:452402 (441.7 KiB)

tap1      Link encap:Ethernet  HWaddr AA:01:05:1D:29:98  
          inet6 addr: fe80::a801:5ff:fe1d:2998/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:82 errors:0 dropped:0 overruns:0 frame:0
          TX packets:129 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:13573 (13.2 KiB)  TX bytes:12571 (12.2 KiB)

br0       Link encap:Ethernet  HWaddr 7E:98:62:35:E9:9B  
          inet addr:10.4.0.2  Bcast:10.4.0.255  Mask:255.255.255.0
          inet6 addr: fe80::7c98:62ff:fe35:e99b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:135515 errors:0 dropped:0 overruns:0 frame:0
          TX packets:79483 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:189556720 (180.7 MiB)  TX bytes:20408302 (19.4 MiB)


Has anyone done similar setup ? or can shed light on the issue?

Thanks
/Jd
p.s. I do not want to install and config on all VMs if possible.






      

Re: KVM bridge Networking and openvpn

[Charles Duffy]

jd wrote:
> Now when I create new VM, using the command line...
> 
> qemu-system-x86_64 -net nic,vlan=0,macaddr=00:16:3e:70:8f:33 -net tap,vlan=0 -hda /mnt/vm_data/test_xp.hda.disk.xm -m 256
> 
> The VM does not seem to get the IP address :( (may be dhcp request is failing)

You aren't providing ifname or script arguments to your qemu -net tap; 
are you quite sure that tap1 is the device the qemu instance is 
creating? It would probably be safer to use "-net 
tap,vlan=0,script=/path/to/script", where the script in question looks 
like the following:

#!/bin/sh
/sbin/ifconfig "$1" 0.0.0.0 up
/usr/sbin/brctl addif br0 "$1"

BTW, you *do* have a DHCP server connected to the bridge somewhere that 
should be answering these requests, right? :)

Another thing -- use tcpdump or a similar tool to sniff the bridge on 
the host and see if you see DHCP requests from the client while it's 
coming up; if so, you know that you're bridged correctly; if not, you've 
got a place to start.