Creating Network Bridge for KVM Hypervisor


This tutorial describes how to set up a dedicated network bridge for KVM slave (host) CentOS 7 server. The tutorial presumes the network interface is eth0 and the network bridge will be called br0.

Who is this guide for?

This tutorial is only intended for skilled network administrators and requires root-level access.

EDITOR'S NOTE: Any errors made in this process can be very serious-often resulting in corrupted network configuration and inaccessible server.

Exercise great care and make backups as often as possible when making changes to your server's network interface configuration.

What is Network Bridge?

network bridge is a computer networking device that creates a single, aggregate network from multiple communication networks or network segment.

--Wikipedia, "Bridging (networking)"

A network bridge, works by intentionally exposing the connection (or "Bridge") between two network interfaces. By exposing this networking (intentionally, and, internally), the other VMs (guests) on the host are able create network connections in concert with the host's interfaces.

How to Create Network Bridge for KVM Hypervisor (Using CentOS 7)

Prerequisite:

Bridging requires the bridge-utils package to be installed on the server.

Check if bridge-utils is installed by running this command on the terminal, as root user:

[root@dev1 ~]# rpm -q bridge-utils

If you get an output - it's installed, if not, it needs installing:

[root@dev1 ~]# yum install bridge-utils -y

Installing the Network Bridge and Making it Permanent

As root, run the following command to view the contents of the primary network interface: 

[root@dev1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

The contents should be similar to:

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="eth0"
UUID="8d6f722c-b945-4083-b50e-9661bf62ae5f"
DEVICE="enp1s0f0"
ONBOOT="yes"
IPADDR="192.0.0.4"
PREFIX="23"
GATEWAY="192.0.0.1"
DNS1="8.8.8.8"
IPV6_PRIVACY="no"

First, we need to create a backup of the current ifcfg-eth0 in case we need to revert back.

  1. Create the backup by running the following command:

    [root@dev1 ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/backup-ifcfg-eth0

  2. Now, we will create the bridge file:

    [root@dev1 ~]# nano -w /etc/sysconfig/network-scripts/ifcfg-br0

  3. Copy parts of ifcfg-eth0 to it and edit the config file as per the example below obviously replacing the parts unique to your server:

    TYPE=Bridge
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=bridge0
DEVICE=br0
ONBOOT=yes
IPADDR=192.0.0.4
PREFIX=23
GATEWAY=192.0.0.1
DNS1=8.8.8.8
DNS2=8.8.4.4
IPV6_PRIVACY=no
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
HWADDR=ac:1f:6b:94:55:22

  4. Save that file and edit ifcfg-eth0:

    nano -w /etc/sysconfig/network-scripts/ifcfg-eth0

  5. Remove the networking parts and specify the bridge:

    TYPE=Ethernet
NAME=eth0
UUID=8d6f722c-b945-4083-b50e-9661bf62ae5f
DEVICE=eth0
ONBOOT=yes
BRIDGE=br0
HWADDR=ac:1f:6b:94:55:22

  6. You know have a network Bridge set up.

  7. Restart the network:

    [root@dev1 ~]# /etc/init.d/network restart

  8. Once it's restarted you see the new bridge with ifconfig command (for RHEL 7 and later, replace ifconfig with ip addr)

    [root@dev1 ~]# ifconfig
br0       Link encap:Ethernet  HWaddr ac:1f:6b:94:55:22
          inet addr:192.0.0.4  Bcast:192.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2984 (2.9 KiB)  TX bytes:13154 (12.8 KiB)
 
eth0      Link encap:Ethernet  HWaddr 00:27:0E:09:0C:B2
          inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:31613 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9564 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2981335 (2.8 MiB)  TX bytes:2880868 (2.7 MiB)
          Memory:d0700000-d0720000

The above output shows now all the IP Address information, which previously was configured with eth0, is now configured at the br0 interface-which is the expected result. Any subsequent guests created on this host will give similar output as eth0 interface. The network bridge is the only interface with exposed public IPv4 or IPv6 details in the output of ifconfig or ip addr.

You have successfully installed the Network Bridge on KVM hypervisor host server.

  • solusvm, network bridge, network interface, network configuration, control panel software
  • 8 Users Found This Useful
Was this answer helpful?

Related Articles

Forcefully Delete an IP Address from SolusVM

If at any point you find you have an orphaned ipaddress, you can delete it by running the...

Do You Offer a Hardware Firewall Solution?

Yes, we have a very limited selection of hardware firewalls available. We appreciate the specific...

View Server PHP Environment with phpinfo.php

The phpinfo() function outputs a huge amount of information about the system you're using, such...

How to Create Sudo User on CentOS

This article provides step-by-step setup guide for adding Sudo user to CentOS system. The sudo...

How to Use Sudo

This article provides a guide to using a Sudo user on CentOS server. From the command line,...