Centos/OVH: public IP on KVM virtual machine

networking centos ip kvm-virtualization bridge
6,101

I have the same issue here. I want to be able to have host and VM guest on public IP. Communication between host and VM seems to work fine, but VM cannot reach the internet or vice versa.

My provider also has rule to have just one MAC address per switchport. Essentially VMAC addresses are used for failover in networking appliances like VRRP and some other protocols, that means if first switch fails the second link to another switch takes over and you get "replicated" switchport with actual MAC address and everything.

I don't see how can you benefit from this.

The best solution is to put 2 public IPs on host Ethernet interface, one for host second for VM. And do some policy routing.

Regards

Share:
6,101

Related videos on Youtube

Sébastien
Author by

Sébastien

Updated on September 18, 2022

Comments

  • Sébastien
    Sébastien over 1 year

    Since a few days, I'm trying to configure my KVM vm to have a public IP address, without any success.

    First, I'm on OVH, and you need to know they don't allow networking from different mac addresses. I have so registered a virtual mac address associated with my failover IP

    Here's my configuration:

    Guest wanted IP: 46.105.40.x
    Host IP: 176.31.240.x

    Host configuration

    dummy0 interface: ifcfg-dummy0

    BOOTPROTO=static
IPADDR=10.0.0.1
NETMASK=255.0.0.0
ONBOOT=yes
NM_CONTROLLED=no
ARP=yes
BRIDGE=br0

    br0 bridge: ifcfg-br0

    DEVICE=br0
TYPE=Bridge
DELAY=0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.1
NETMASK=255.255.255.0
PEERDNS=yes
NM_CONTROLLED=no
ARP=yes

    Failover ip is redirected to the br0 bridge with ip route add 46.105.40.xxx dev br0

    > cat /proc/sys/net/ipv4/ip_forward
1
> cat /proc/sys/net/ipv4/conf/vnet0/proxy_arp
1
> route -n
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         176.31.240.254  0.0.0.0         UG    0      0        0 eth0
46.105.40.x     0.0.0.0         255.255.255.255 UH    0      0        0 br0
176.31.240.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br0

    Guest configuration:

    KVM:

    <interface type='bridge'>
  <mac address='02:00:00:30:22:05'/>
  <source bridge='br0'/>
  <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</interface>

    I've borrowed most of the OVH configuration here (in french, http://guides.ovh.com/BridgeClient) for the guest configuration
    eth0 interface: ifcfg-eth0

    DEVICE="eth0"
BOOTPROTO=none
HWADDR="02:00:00:30:22:05"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="e9138469-0d81-4ee6-b5ab-de0d7d17d1c8"
USERCTL=no
PEERDNS=yes
IPADDR=46.105.40.xxx
NETMASK=255.255.255.255
GATEWAY=176.31.240.254
ARP=yes

    For the routes, I have in route-eth0:

    176.31.240.254 dev eth0
default via 176.31.240.254 dev eth0

    With this configuration, I don't have any access to the internet. The only thing I can do is to ping the public ip of the host, nothing more. My final conclusion is that the route does not work, because, when, on the guest, I run ping 8.8.8.8, I have, on the host:

    > tcpdump -i vnet0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:38:09.009324 IP 46-105-40-xxx.kimsufi.com > google-public-dns-a.google.com: ICMP echo request, id 50183, seq 1, length                  64
13:38:09.815344 IP 46-105-40-xxx.kimsufi.com > google-public-dns-a.google.com: ICMP echo request, id 50183, seq 2, length                  64

    I never get the ping reply, only the request. It seems Guest -> Host communication is fine.

    On eth0:

    > tcpdump -i eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
13:39:40.240561 IP 46-105-40-xxx.kimsufi.com > google-public-dns-a.google.com: ICMP echo request, id 50439, seq 1, length 64
13:39:40.250161 IP google-public-dns-a.google.com > 46-105-40-xxx.kimsufi.com: ICMP echo reply, id 50439, seq 1, length 64

    I have the request and the reply on eth0, but reply is not forwarded to the bridge. I really don't understand why, I though it was the aim of the route to do that!

    IPtables is disabled on both host and guest.

    I really hope some of you will be able to help me!

    Many thanks in advance,

    Sébastien

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Assign ipv6 address to KVM guests on bridge mode
VirtualBox: ifconfig does not show my ip address
how do I build a bridge between two virtual machines?
bridge does not forwarding packets centos
Centos 6.2 static IP: only getting IPV6 address and need IPV4
Unable to access the internet from my VirtualBox CentOS VM via wireless connection
can't ssh into KVM VM despite using bridged network
IP Config resets to default settings in Linux every night
Use one NIC to create multiple interfaces for Linux KVM
How do I configure bridged networking for VMs