Configuring networking will allow easy sharing of files through SMB.
Why additional router device is used?
- VMs and HOST behave like they are in same home-network this improves efficiency, when sharing files and accessing some services.
- Isolates VM behind OpenWRT NAT for additional security, bandwidth may be limited.
If reaching ultra-low latencies is a priority, then router doesn’t have to be used as default gateway and may serve to access LAN only.
Middle-layer between HOST and GUEST
I created a package that install service which creates bridge for virtual devices.
Enabling virtual bridge
Remember to activate virtual bridge service after installing the package
# systemctl enable --now hcinfo-vm-net.service
Visit this article
Router firmware may be downloaded from OpenWRT website, path to images for 22.03.5 version
https://downloads.openwrt.org/releases/22.03.5/targets/x86/64/ simplest way is to use
*generic-ext4-combined-efi.img as it boots up out of the box.
gzip -d openwrt-*.img.gz sudo mkdir -p /var/lib/libvirt/iso sudo cp openwrt-*.img /var/lib/libvirt/iso sudo mv openwrt-*.img /var/lib/libvirt/images/router.img
It is very important to setup first NIC to vm-bridge and setup to default NAT network before booting router first time as it will autoconfigure easily
When booting first time, user won’t have access to router web interface. It is connected to vm-bridge, but it does’nt have proper address at this moment. Proper address must be set up through VM text interface.
Manula install, architecture x86_64
Activate virtual network
Add NAT as second device
OpenWRT treats first NIC as LAN (vm-bridge) Second NIC is NAT, which is WAN by default this way, the only thing to change will be IP address and root password of OpenWRT router after installation
Reboot router domain
Set root password
Change default gateway
Configuration should look like this: Default gateway needs to be changed from 192.168.1.1 to 10.100.100.1
Reload network services
service network restart
Relevant part of router configuration amd64 arch, 1GiB of RAM, 1 pinned core, AMD specific CPU flags, and combined efi img is used.
<domain type="kvm"> <name>router</name> ... <vcpu placement="static">1</vcpu> <cputune> <vcpupin vcpu="0" cpuset="3"/> <emulatorpin cpuset="0-1"/> </cputune> ... <cpu mode="host-passthrough" check="none" migratable="on"> <topology sockets="1" dies="1" cores="1" threads="1"/> <feature policy="require" name="topoext"/> <feature policy="require" name="invtsc"/> </cpu> ... <devices> ... </devices> </domain>
Login to the webinterface using root password
OpenWRT web configuration
OpenWRT is the only device that is connected to NAT, it is also connected to vm-bridge. When VMs connect to vm-bridge they get an IP address from OpenWRT router and it will serve as a default gateway for all their networking.
- Interfaces configuration
- Interfaces configuration(2)
- NAT configuration
- DHCP in OpenWRT is used for static IP assignment