[CentOS-virt] How to connect a guest to a fixed routable address?

Wed May 26 22:34:55 UTC 2010
compdoc <compdoc at hotrodpc.com>

I had to figure it out on my own with a lot of testing, and I'm sure there
are other ways to do things. But I found bridges to be the best way to go
for attaching to the lan or wan, and virtual nets are great for
guest-to-guest, or guest-to-server communication.

A bridge lets several guests share one nic, but they can also be used to
assign one guest to one nic. There is no magic involved, however - if you
have too many guests sharing one network card, you're going to develop a
bottleneck.

Virtual networks travel across the server's internal buses, so you aren't
sending traffic out to the network switch, which lowers traffic on your lan.
And it's pretty fast. Of course, you can connect a virtual lan to the
outside world by using the server's real nic as a gateway, but you'll still
develop a bottleneck with too many guests.

I think it's best to stick as many real nics into a server as you can and
bridge them for the guests, but use one solely for the server's use (for
updates, VNC management, ect.)



-----Original Message-----
From: centos-virt-bounces at centos.org [mailto:centos-virt-bounces at centos.org]
On Behalf Of James B. Byrne
Sent: Wednesday, May 26, 2010 2:37 PM
To: centos-virt at centos.org
Subject: [CentOS-virt] How to connect a guest to a fixed routable address?

I am experimenting with kvm on a quad x86_64 running CentOS-5.5.  I have
created my first virtual guest and it seems to run fine.  Now I wish to
assign that particular guest to a fixed, public IP address. 
There seems to be at least two ways to proceed and I am soliciting comments
on the preferred approach.

In the first instance I can use brctl to create a bridged 'shared physical
device' and presumably add that device to the network configuration of the
guest, assigning the IP connection details there.

In the second, I can continue to use the virtual networking system, albeit
with fixed private as opposed to DHCP assigned addresses.  In this case I
gather that I must use ifconfig to add public IP addresses to the eth0
interface of the host and use iptables to route the public to the private
address.

Firstly, are my inferences correct? Are there any other approaches that I
cannot discern? If these are the only two methods then which is the
preferred one?  I get the sense that bridging works in a manner that permits
only one guest to access that physical device, however the documentation is
not explicit on the matter.

I have looked extensively for guidance but I suspect that a great deal of
what I have read is somewhat dated and likely to cause me more trouble than
help.