实验三:KVM的网络

KVM网络

 

一、Bridge模式配置

 

1、安装brctltunctl命令行工具

#yum install bridge-utils tunctl

 

 

2、查看tun模块是否加载,如下:

# lsmod  |grep tun

tun          17095  2 vhost_net

 

 

 

3、建立一个bridge,并将其绑定到一个可以正常工作的网络接口上,同时让bridge成 为连接本机与外部网络的接口。主要的配置命令如下:

# brctl addbr brO

# brctl addif brO ethO

 

 

创建对应的网桥IP,删除eth0网口的ip地址,如下所示

# cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

TYPE=Ethernet

UUID=1f3c52a0-646c-4092-a8dc-70087171d8fc

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=static

HWADDR=00:0C:29:82:D6:85

DEFROUTE=yes

BRIDGE=br0

 

 

# cat /etc/sysconfig/network-scripts/ifcfg-br0

DEVICE=br0

TYPE=Bridge

ONBOOT=yes

NM_CONTROLLED=no

BOOTPROTO=static

IPADDR=10.0.0.250

PREFIX=24

GATEWAY=10.0.0.1

DNS1=114.114.114.114

 

 

配置完成之后重启网络,同时查看网络和网桥的配置信息

 

# ifconfig

br0       Link encap:Ethernet  HWaddr 00:0C:29:82:D6:85  

          inet addr:10.0.0.250  Bcast:10.0.0.255  Mask:255.255.255.0

          inet6 addr: fe80::20c:29ff:fe82:d685/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:459 errors:0 dropped:0 overruns:0 frame:0

          TX packets:180 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:48388 (47.2 KiB)  TX bytes:25480 (24.8 KiB)

 

eth0      Link encap:Ethernet  HWaddr 00:0C:29:82:D6:85  

          inet6 addr: fe80::20c:29ff:fe82:d685/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:8901 errors:0 dropped:0 overruns:0 frame:0

          TX packets:5523 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:8789724 (8.3 MiB)  TX bytes:448848 (438.3 KiB)

 

 

# route

Kernel IP routing table

Destination   Gateway   Genmask        Flags Metric Ref  Use Iface

10.0.0.0         *       255.255.255.0   U     0      0        0 br0

192.168.122.0    *      255.255.255.0   U     0     0         0 virbr0

link-local      *       255.255.0.0       U     1009   0        0 br0

default        10.0.0.1    0.0.0.0        UG    0      0        0 br0

 

 

 

# brctl show

bridge name     bridge id               STP enabled     interfaces

br0             8000.000c2982d685       no              eth0

virbr0          8000.525400c05caf       yes             virbr0-nic

 

 

 

4、创建/etc/qemu-ifup/etc/qemu-ifdown脚本

[root@localhost ~]# vi /etc/qemu-ifup

#!/bin/bash

switch=br0

if [ -n $1 ];then

        ifconfig $1 up

        sleep 1

        brctl addif $switch $1

        exit 0

else

        echo "Error: No Specifed interface."

        exit 1

Fi

 

 

[root@localhost ~]#vi /etc/qemu-ifdown

#!/bin/bash

switch=br0

if [ -n "$1" ]; then

tunctl -d $1

brctl delif ${switch} $1

ip link set $1 down

exit 0

else

echo Error: no interface specified

exit 1

Fi

 

 

 

 

 

 

5、用qemu-kvm命令启动bridge模式的网络

 

/usr/libexec/qemu-kvm -m 1024 -drive file=centos_65_x86_6420140327.qcow2,if=virtio -net nic,model=virtio -net tap,script=/etc/qemu-ifup -nographic -vnc :1

 

这样我们设置一个桥接的网络,我们查看网桥的接口信息可以看到默认已经绑定到br0桥。

# brctl show br0

bridge name     bridge id               STP enabled     interfaces

br0              8000.000c2982d685      no               eth0

                                                           tap0

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

二、NAT模式配置  

1、创建NAT启动脚本

[root@kvm ~]# vi /etc/qemu-ifup-NAT

#!/bin/bash

# qemu-ifup script for QEMU/KVM with NAT netowrk mode

# set your bridge name

BRIDGE=virbr0

# Network information

NETWORK=192.168.122.0

NETMASK=255.255.255.0

# GATEWAY for internal guests is the bridge in host

GATEWAY=192.168.122.1

DHCPRANGE=192.168.122.2,192.168.122.254

# Optionally parameters to enable PXE support

TFTPROOT=

BOOTP=

function check_bridge()

{

        if brctl show | grep "^$BRIDGE" &> /dev/null; then

                return 1

        else

                return 0

        fi

}

function create_bridge()

{

            brctl addbr "$BRIDGE"

            brctl stp "$BRIDGE" on

            brctl setfd "$BRIDGE" 0

            ifconfig "$BRIDGE" "$GATEWAY" netmask "$NETMASK" up

}

function enable_ip_forward()

{

        echo 1 > /proc/sys/net/ipv4/ip_forward

}

function add_filter_rules()

{

        iptables -t nat -A POSTROUTING -s "$NETWORK"/"$NETMASK" \

                ! -d "$NETWORK"/"$NETMASK" -j MASQUERADE

}

function start_dnsmasq()

{

        # don't run dnsmasq repeatedly

        ps -ef | grep "dnsmasq" | grep -v "grep" &> /dev/null

        if [ $? -eq 0 ]; then

                echo "Warning:dnsmasq is already running. No need to run it again."

                return 1

        fi

        dnsmasq \

                --strict-order \

                --except-interface=lo \

                --interface=$BRIDGE \

                --listen-address=$GATEWAY \

                --bind-interfaces \

                --dhcp-range=$DHCPRANGE \

                --conf-file="" \

                --pid-file=/var/run/qemu-dnsmasq-$BRIDGE.pid \

                --dhcp-leasefile=/var/run/qemu-dnsmasq-$BRIDGE.leases \

                --dhcp-no-override \

                ${TFTPROOT:+"--enable-tftp"} \

                ${TFTPROOT:+"--tftp-root=$TFTPROOT"} \

                ${BOOTP:+"--dhcp-boot=$BOOTP"}

}

function setup_bridge_nat()

{

        check_bridge "$BRIDGE"

        if [ $? -eq 0 ]; then

                create_bridge

        fi

        enable_ip_forward

        add_filter_rules "$BRIDGE"

        start_dnsmasq "$BRIDGE"

}

# need to check $1 arg before setup

if [ -n "$1" ]; then

        setup_bridge_nat

        ifconfig "$1" 0.0.0.0 up

        brctl addif "$BRIDGE" "$1"

        exit 0

else

        echo "Error: no interface specified."

        exit 1

Fi

 

 

2启动NAT模式下虚拟机

通过命令启动虚拟机

[root@kvm~]# /usr/libexec/qemu-kvm -m 1024 -drive file=centos65x86.img,if=virtio -net nic,model=virtio -net tap,script=/etc/qemu-ifup-NAT   -nographic -vnc :1

 

 

通过以上的命令我们生成了一个虚拟机和一个网桥,还有一个虚拟机对应的接口tap0

 

 

下图可以看出获得一个tap接口生成

 

 

posted @ 2017-10-05 10:52  chenghuan  阅读(368)  评论(0)    收藏  举报