[CentOS] Connecting ethX devices directly to a KVM/QEMU guest OS (no bridging)

Chuck Munro chuckm at seafoam.net
Thu Jan 19 17:48:36 UTC 2012

On 01/19/2012 09:00 AM, Tait Clarridge wrote:
>> >
>> >  I've Googled until I'm blue in the face, but haven't found a clear
>> >  explanation of how I can assign each ethX device directly to the guest
>> >  OS rather than going thru the usual bridge configuration. I need to
>> >  allow the m0n0wall OS to assign the LAN and WAN IP addresses, if that's
>> >  possible without using a bridge.
> I would think that it is a little easier to setup a bridge but not
> assign an IP address for it on the CentOS host.
> eg.
> /etc/sysconfig/network-scripts/ifcfg-br0
> DEVICE="br0"
> TYPE="Bridge"
> BOOTPROTO="none"
> ONBOOT="yes"
> /etc/sysconfig/network-scripts/ifcfg-ethX (where X is the interface
> number of one of your intel ports and the HWADDR is the MAC address)
> DEVICE="ethX"
> ONBOOT="yes"
> BRIDGE="br0"
> HWADDR="xx:xx:xx:xx:xx:xx"
> Restart the network service, then run brctl show - the new bridges
> should show up.
> Create the 8 bridges that you need and go from there, you should be able
> to assign them in Virtual Machine Manager to the VMs.
> Then in your VM guests you should be able to assign the IPs that you
> want.
Thanks for your reply, Tait.  I came to much the same conclusion after I 
eventually found an article about tinkering with the host kernel device 
tables to remap each NIC instance.  I was going to try it until I 
discovered that the new motherboard I'm using doesn't properly support 
IOMMU in the BIOS, which the mapping trick requires.  So much for that idea.

Your method of not configuring a bridge IP address gets around having 
the NIC appear to my ISP as having some sort of rogue IP (even if I 
assign something in the 172.16... range).  I wasn't aware that I could 
bring up the bridge without an IP.

But a new problem arises ... one of the m0n0wall instances needs to use 
DHCP to get a dynamic IP from my ISP (the others are static, so they're 
ok).  How do I get the bridge to proxy the DHCP request and forward the 
response to the VM guest?  I brought up a test instance of m0n0wall but 
when it asks for an IP on its WAN side, the result is  so it 
would appear the request never makes it to the ISP.

As a sanity check, I configured the WAN-side bridge to use DHCP and that 
worked, but it's the m0n0wall VM guest that needs to make the request, 
not the CentOS host.

Suggestions anyone?  In the mean time, I'll keep looking for a solution.


More information about the CentOS mailing list