LoginSignup
3
2

More than 5 years have passed since last update.

@okayadokari

CentOS7でKVM(仮想環境)を構築② ネットワークブリッジ設定編

Posted at

CentOS7でKVM(仮想環境)を構築① インストール編( https://qiita.com/okayadokari/items/df3e266f5a7bb135afc1 )の状態では下記の構成になっています。

# nmcli device
DEVICE      TYPE      STATE      CONNECTION
em1         ethernet  connected  em1
virbr0      bridge    connected  virbr0
lo          loopback  unmanaged  --
virbr0-nic  tun       unmanaged  --

# brctl show
bridge name     bridge id               STP enabled     interfaces
virbr0          8000.5254006dd5fa       yes             virbr0-nic

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 34:17:eb:c1:91:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.100/24 brd 192.168.100.255 scope global noprefixroute em1
       valid_lft forever preferred_lft forever
    inet6 2001:268:c0cc:c9cf:a27a:7546:dfc3:21ed/64 scope global noprefixroute dynamic
       valid_lft 7079sec preferred_lft 3479sec
    inet6 fe80::2f36:6dab:4f5b:3214/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6d:d5:fa brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6d:d5:fa brd ff:ff:ff:ff:ff:ff


少しわかりづらいので、絵にしてみます。まだ仮想マシンはありませんが、192.168.122.0/24 → 192.168.100.100にNATする形になります。
br01.png


これでは不便なため、192.168.100.0を仮想マシンに割り当てられるようブリッジを再構成します。


新ブリッジvirbr1を接続名virbr1で作成します。con-nameを指定しないとデフォルトでbridge-という名前が付与されます。

# nmcli con add type bridge ifname virbr1 con-name virbr1

# brctl show
DEVICE      TYPE      STATE      CONNECTION         
em1         ethernet  connected  Wired connection 1 
virbr0      bridge    connected  virbr0             
virbr1      bridge    connected  virbr1             
lo          loopback  unmanaged  --                 
virbr0-nic  tun       unmanaged  --


STPを無効化します。

# nmcli con mod virbr1 bridge.stp no


virbr1にIPアドレスなどを付与します。

# nmcli con modify virbr1 ipv4.method manual ipv4.addresses "192.168.100.100/24" ipv4.gateway "192.168.100.1"  ipv4.dns "192.168.100.1"


virbr1のスレーブに物理NICem1virbr1-em1として接続します。

# nmcli con add type bridge-slave ifname em1 master virbr1 con-name virbr1-em1


# brctl show
DEVICE      TYPE      STATE      CONNECTION         
em1         ethernet  connected  Wired connection 1 
virbr0      bridge    connected  virbr0             
virbr1      bridge    connected  virbr1             
lo          loopback  unmanaged  --                 
virbr0-nic  tun       unmanaged  --

#nmcli device
bridge name bridge id       STP enabled interfaces
virbr0      8000.5254006dd5fa   yes     virbr0-nic
virbr1      8000.000000000000   no


物理NIC"em1"を接続名"em1"から切断します。これにより前で接続した、virbr1のみに接続されます。

# con del em1 ; reboot


# brctl show
DEVICE      TYPE      STATE      CONNECTION 
virbr1      bridge    connected  virbr1     
virbr0      bridge    connected  virbr0     
em1         ethernet  connected  virbr1-em1 
lo          loopback  unmanaged  --         
virbr0-nic  tun       unmanaged  --    

#nmcli device
bridge name bridge id       STP enabled interfaces
virbr0      8000.5254006dd5fa   yes     virbr0-nic
virbr1      8000.3417ebc1912c   no      em1


# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr1 state UP group default qlen 1000
    link/ether 34:17:eb:c1:91:2c brd ff:ff:ff:ff:ff:ff
3: virbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 34:17:eb:c1:91:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.100/24 brd 192.168.100.255 scope global noprefixroute virbr1
       valid_lft forever preferred_lft forever
    inet6 2001:268:c0cc:c9cf:1d8e:7248:42c:99c5/64 scope global noprefixroute dynamic 
       valid_lft 7164sec preferred_lft 3564sec
    inet6 fe80::2ca6:74b8:2bf3:6c0c/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6d:d5:fa brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6d:d5:fa brd ff:ff:ff:ff:ff:ff


最後に不要になったvirbr0を無効化します。すっきりしました。

# virsh net-destroy default
# virsh net-autostart default --disable

# virsh net-list --all
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 default              inactive   no            yes

# nmcli device
DEVICE  TYPE      STATE      CONNECTION
virbr1  bridge    connected  virbr1
em1     ethernet  connected  virbr1-em1
lo      loopback  unmanaged  --

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr1 state UP group default qlen 1000
    link/ether 34:17:eb:c1:91:2c brd ff:ff:ff:ff:ff:ff
3: virbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 34:17:eb:c1:91:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.100/24 brd 192.168.100.255 scope global noprefixroute virbr1
       valid_lft forever preferred_lft forever
    inet6 2001:268:c0cc:c9cf:1d8e:7248:42c:99c5/64 scope global noprefixroute dynamic
       valid_lft 6997sec preferred_lft 3397sec
    inet6 fe80::2ca6:74b8:2bf3:6c0c/64 scope link noprefixroute
       valid_lft forever preferred_lft forever


# nmcli
virbr1: connected to virbr1
        "virbr1"
        bridge, 34:17:EB:C1:91:2C, sw, mtu 1500
        ip4 default, ip6 default
        inet4 192.168.100.100/24
        route4 192.168.100.0/24
        route4 0.0.0.0/0
        inet6 2001:268:c0cc:c9cf:1d8e:7248:42c:99c5/64
        inet6 fe80::2ca6:74b8:2bf3:6c0c/64
        route6 fe80::/64
        route6 2001:268:c0cc:c9cf::/64
        route6 ::/0
        route6 2001:268:c0cc:c9cf:d016:b45a:d6e9:2/128
        route6 ff00::/8

em1: connected to virbr1-em1
        "Intel I217-LM"
        ethernet (e1000e), 34:17:EB:C1:91:2C, hw, mtu 1500
        master virbr1
        route6 ff00::/8

lo: unmanaged
        "lo"
        loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536

DNS configuration:
        servers: 192.168.100.1
        interface: virbr1

        servers: fe80::d216:b4ff:fe5a:d6e9
        interface: virbr1


絵にすると下図のようになります。
br02.png

3
2
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
3
2