twobee - Fotolia

Tip

Use virsh commands to manage KVM networking

Virsh commands enable you to manage network properties and can be used alongside brctl commands to help you create additional virtual bridges in your KVM environment.

With the libvirt interface, you can set up all the aspects of KVM networking using Virtual Machine Manager. But to unleash the full power of all the available management options, you're better off using virsh commands.

Virsh commands enable you to edit the XML configuration files used to define VMs and all their related configurations. Even if it's possible to edit the configuration files directly, I don't recommend it because of potential locking issues and the risk that modifications might get lost during a system update.

The virsh interface can be used two ways. You can use the command with all of the required options from the command line or you can open the virsh shell to configure your virtual environment from there.

To manage networking, two important components are involved. The interface component manages virtual bridges and enables you to assign interfaces to it and edit bridge properties. Virsh commands enable you to manage the network properties themselves. Apart from that, there are nwfilter commands that can help you manage firewall rules for your virtual environment.

To set up a complete network from the command line, you'll need more than just virsh, though. The virsh utility talks to the virtual bridges and switches that are provided in the network. For that reason, we'll also cover how to set up a virtual bridge using brctl commands.

Manage KVM networking with virsh commands

Getting insight into your virtual environment is a good start. Use virsh list for an overview of your current networking setup. You should see two networks: the default network and the local-only network. You can request more information about the networks using virsh net-info <netname>. In Figure A, you can see what this command looks like for the default network.

Network information
Figure A. Display information about the networks.

To see more details about the network configuration, you can use virsh net-dumpxml <netname>. This will show the current configuration, like in Figure B. You can see the name of the bridge, including some of its properties; the IP address configuration; and the forwarding mode, which, in most cases, is network address translation (NAT). 

Network configuration
Figure B. Show the current network configuration.

In some cases, you also need to change the networking properties. You can do so using virsh net-edit, which shows the XML code in an editor. You can apply any change you'd like from here to write the configuration to the current environment.

Create additional networks with virsh commands

KVM network management relies on XML files. If, for instance, you'd like to create a new network, the best approach is to define a new network configuration file in the /etc/libvirt/qemu/networks. Just copy the XML file that defines a current network and edit it with any interfaces, IP address configurations and other parameters you'd like to use.

After defining the new network, you can use a couple different virsh commands: virsh net-define to add the network to the current configuration without starting it, or virsh net-create if you want to start the network, as well.

Manage bridges with brctl and virsh

In KVM virtualization, all networks need to be connected to a virtualization bridge. The bridges can be managed using brctl commands. For an overview of the current configuration, use brctl show; it will show the bridges that currently exist. Notice that a bridge can be created using either the virsh net-define command or the brctl addbr command.

Defining a bridge won't automatically assign a network interface to the bridge, though. To define which interface should be assigned to the bridge, use brctl addif <bridgename> <ifname>. Any existing network interface can be assigned to a bridge this way, but I don't recommend doing this on interfaces that are currently in use, as it will break your current networking.

Dig Deeper on IT systems management and monitoring

Software Quality
App Architecture
Cloud Computing
SearchAWS
TheServerSide.com
Data Center
Close