This tutorial describes how to set up a dedicated network bridge for KVM slave (host) CentOS 7 server. The tutorial presumes the network interface is
eth0 and the network bridge will be called
Who is this guide for?
This tutorial is only intended for skilled network administrators and requires root-level access.
EDITOR'S NOTE: Any errors made in this process can be very serious-often resulting in corrupted network configuration and inaccessible server.
Exercise great care and make backups as often as possible when making changes to your server's network interface configuration.
What is Network Bridge?
A network bridge is a computer networking device that creates a single, aggregate network from multiple communication networks or network segment.
--Wikipedia, "Bridging (networking)"
A network bridge, works by intentionally exposing the connection (or "Bridge") between two network interfaces. By exposing this networking (intentionally, and, internally), the other VMs (guests) on the host are able create network connections in concert with the host's interfaces.
How to Create Network Bridge for KVM Hypervisor (Using CentOS 7)
Bridging requires the bridge-utils package to be installed on the server.
Check if bridge-utils is installed by running this command on the terminal, as root user:
[root@dev1 ~]# rpm -q bridge-utils
If you get an output - it's installed, if not, it needs installing:
[root@dev1 ~]# yum install bridge-utils -y
Installing the Network Bridge and Making it Permanent
As root, run the following command to view the contents of the primary network interface:
[root@dev1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
The contents should be similar to:
TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="none" DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="eth0" UUID="8d6f722c-b945-4083-b50e-9661bf62ae5f" DEVICE="enp1s0f0" ONBOOT="yes" IPADDR="192.0.0.4" PREFIX="23" GATEWAY="192.0.0.1" DNS1="22.214.171.124" IPV6_PRIVACY="no"
First, we need to create a backup of the current ifcfg-eth0 in case we need to revert back.
Create the backup by running the following command:
[root@dev1 ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/backup-ifcfg-eth0
Now, we will create the bridge file:
[root@dev1 ~]# nano -w /etc/sysconfig/network-scripts/ifcfg-br0
Copy parts of ifcfg-eth0 to it and edit the config file as per the example below obviously replacing the parts unique to your server:
TYPE=Bridge BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=bridge0 DEVICE=br0 ONBOOT=yes IPADDR=192.0.0.4 PREFIX=23 GATEWAY=192.0.0.1 DNS1=126.96.36.199 DNS2=188.8.131.52 IPV6_PRIVACY=no IPV6_PEERDNS=yes IPV6_PEERROUTES=yes HWADDR=ac:1f:6b:94:55:22
Save that file and edit ifcfg-eth0:
nano -w /etc/sysconfig/network-scripts/ifcfg-eth0
Remove the networking parts and specify the bridge:
TYPE=Ethernet NAME=eth0 UUID=8d6f722c-b945-4083-b50e-9661bf62ae5f DEVICE=eth0 ONBOOT=yes BRIDGE=br0 HWADDR=ac:1f:6b:94:55:22
You know have a network Bridge set up.
Restart the network:
[root@dev1 ~]# /etc/init.d/network restart
Once it's restarted you see the new bridge with
ifconfigcommand (for RHEL 7 and later, replace
[root@dev1 ~]# ifconfig br0 Link encap:Ethernet HWaddr ac:1f:6b:94:55:22 inet addr:192.0.0.4 Bcast:184.108.40.206 Mask:255.255.255.0 inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:48 errors:0 dropped:0 overruns:0 frame:0 TX packets:67 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2984 (2.9 KiB) TX bytes:13154 (12.8 KiB) eth0 Link encap:Ethernet HWaddr 00:27:0E:09:0C:B2 inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:31613 errors:0 dropped:0 overruns:0 frame:0 TX packets:9564 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:2981335 (2.8 MiB) TX bytes:2880868 (2.7 MiB) Memory:d0700000-d0720000
The above output shows now all the IP Address information, which previously was configured with eth0, is now configured at the br0 interface-which is the expected result. Any subsequent guests created on this host will give similar output as eth0 interface. The network bridge is the only interface with exposed public IPv4 or IPv6 details in the output of
You have successfully installed the Network Bridge on KVM hypervisor host server.