How do you setup KVM networking on a desktop or laptop

Romo

Macvtap modes:

1. Virtual Ethernet Port Aggregator mode
   In this mode, which is the default, data between endpoints on the same lower device are sent via the lower device (Ethernet card) to the physical switch the lower device is connected to. This mode requires that the switch supports ‘Reflective Relay’ mode, also known as ‘Hairpin’ mode. Reflective Relay means the switch can send back a frame on the same port it received it on

2. Bridge mode
   When the MacVTap device is in Bridge mode, the endpoints can communicate directly without sending the data out via the lower device. When using this mode, there is no need for the physical switch to support Reflective Relay mode.

3. Private mode
   In Private mode the nodes on the same MacVTap device can never talk to each other, regardless if the physical switch supports Reflective Relay mode or not. Use this mode when you want to isolate the virtual machines connected to the endpoints from each other, but not from the outside network.

matteo nunziati

@JaredBusch I run some production machines with macvtap/VEPA: they cannot talk with host or to each other but I'm too lazy and my env is small so it is ok.

I use this as:

• I do not need the VM to talk with the host via LAN
• everytime a VM has to talk to another VM I use internal virtual network to avoid virt2virt network traffic outside the host.
  this also allows me to contact the host via the internal LAN (which should be there on 192.168.100.0/24)
  
  [sorry details in Italian]

side note: what actually happens is than in a macvtap interface traffic can't re-enter the NIC: if you had 2 NICs, VMs on NIC1 can talk to other VMs or host via NIC2.

this should be ok for creating a bridge

matteo nunziati

@matteo-nunziati more accurate: VM can re-enter the host, the host can't re-enter in VMs. just double-checked.

stacksofplates

I kind of have a mix. Most are macvtap over a bond and I just set up a private network between the host and VMs. I set reservations with libvirt for the VMs.

I have a couple with full bridge, but since I'm managing the systems from outside of the host, it really doesn't affect my workflow. The only thing that really changes is I use the private network for grabbing updates from my repo server. But if you are downloading updates and installing from the internet, this will make no difference to you.

stacksofplates

@Romo said in How do you setup KVM networking on a desktop or laptop:

@JaredBusch said in How do you setup KVM networking on a desktop or laptop:

@Romo That is what I was thinking also.

By default this is the list of options.

So I assume, I need to make a bridge first as I did not see any other settings.

Yes, you have create your bridge first so that it appears in virt-manager.

Virt-manager can create a bridge for you, but you have to disable NetworkManager and use network instead. IIRC Birthday-manager has some issues with NetworkManager.

JaredBusch

@stacksofplates said in How do you setup KVM networking on a desktop or laptop:

Birthday-manager

Hahahahahah

stacksofplates

@JaredBusch said in How do you setup KVM networking on a desktop or laptop:

@stacksofplates said in How do you setup KVM networking on a desktop or laptop:

Birthday-manager

Hahahahahah

Idk how I missed that one hahaha.

FATeknollogee

Any further updates here?

What is the "cleanest" method available so vm's can "talk" to the host?

Francesco Provino

@FATeknollogee said in How do you setup KVM networking on a desktop or laptop:

Any further updates here?

What is the "cleanest" method available so vm's can "talk" to the host?

Bridge. But sometimes is messy with the wifi in my experience, so maybe is better to use ZeroTier for a testing environment.

FATeknollogee

@msff-amman-Itofficer said in How do you setup KVM networking on a desktop or laptop:

@Romo said in How do you setup KVM networking on a desktop or laptop:

I usually use the Linux Bridge since it provides the features I require and they are relatively simple to set up.

macvtap should provide better performance cause it is the evolution of Linux bridge, and I use Fedora Virt-Manager to setup this and connect to KVM

@Francesco-Provino Why would macvtap have better performance vs bridge?

JaredBusch

@FATeknollogee said in How do you setup KVM networking on a desktop or laptop:

Any further updates here?

What is the "cleanest" method available so vm's can "talk" to the host?

I ended up just staying on macvtap. I never did any further troubleshooting.

I only use this Windows 10 VM for occasional power email sessions in Outlook when organizing 5 accounts worth of email. Usually once a week.

stacksofplates

@JaredBusch said in How do you setup KVM networking on a desktop or laptop:

@FATeknollogee said in How do you setup KVM networking on a desktop or laptop:

Any further updates here?

What is the "cleanest" method available so vm's can "talk" to the host?

I ended up just staying on macvtap. I never did any further troubleshooting.

I only use this Windows 10 VM for occasional power email sessions in Outlook when organizing 5 accounts worth of email. Usually once a week.

You'll get better performance if you install the VirtIO drivers and use that instead of rtl8139. Whether you will notice it or not for that VM, idk.