LAB: Configure network settings.

In the default KVM configuration, all connections to the VM go through the KVM host via a NAT mechanism.
With this setting, a VM can access outside but not the opposite which is a very limited configuration.
It’s better to set up a bridged configuration. Furthermore, this configuration only requires one network card.

Install the bridge-utils package:

# yum install -y bridge-utils

Create the file /etc/sysconfig/network-scripts/ifcfg-br0 file and add the following lines (here 192.168.1.5 is the host KVM IP address, 192.168.1.1 is the gateway IP address, the KVM host is the DNS server):

DEVICE="br0"
BOOTPROTO="static"
IPADDR=192.168.1.5
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=192.168.1.5
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
NM_CONTROLLED="no"
ONBOOT="yes"
TYPE="Bridge"
DELAY="0"

Note: parameters are case sensitive: specify “Bridge” and not “bridge“.

Edit the /etc/sysconfig/network-scripts/ifcfg-eth0 and put the following lines:

DEVICE=eth0
ONBOOT=yes
BRIDGE=br0
TYPE=Ethernet
BOOTPROTO=static
NM_CONTROLLED=no

If a file called /etc/sysconfig/network-scripts/ifcfg-Auto_eth0 exists, remove it:

# rm /etc/sysconfig/network-scripts/ifcfg-Auto_eth0

Stop the NetworkManager:

# service NetworkManager stop

Disable the NetworkManager at boot:

# chkconfig NetworkManager off

Restart the network configuration:

# service network restart

Activate the network service at boot:

# chkconfig network on

Activate the NTP service at boot:

# chkconfig ntpd on

Start the NTP service:

# service ntpd start

To allow connections between VM and outside, edit the /etc/sysconfig/iptables and add the following lines before the last 3 lines:

-A INPUT -i virbr0 -j ACCEPT
-A INPUT -i br0 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5900:5905 -j ACCEPT
-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT

Restart the firewall configuration:

# service iptables restart

You can find additional information on the Libvirt website or on the IBM website.