Host to Guest Comms on KVM


So, the current solution for bridging with KVM/QEMU/Libvirt involves macvtap. This allows your VM to be seen by computers on the network which is key if you want to, say, run a server or DNS on a VM. However, there’s a catch – the host can’t reach the VM. Sometimes this doesn’t matter and sometimes it does. For example, if the guest is running DNS and you want the host to be able to use it for DNS, this is an issue. There is another way to do it, but it involves ditching Network Manager. I actually like Network Manager. So what am I to do?

Well, there are two solutions. One is to use a routed mode network. This causes the host to behave like a router and creates a subnet behind the host so if all your real computers are 192.168.1.x, the VMs would be 192.168.2.x. (Doesn’t have to be 2) For many scenarios this is the cleanest and most correct way to do this. However, it requires your real router to support static routes and it may break compatibility with consumer hardware that expects everything in a home to be on one subnet – eg networked printers, DLNA, etc.

The other solution is presented on the libvirt wiki as the “Less Painful Solution” for getting around macvtap. You create an isolated network (which you usually only do when you are testing and want to make sure that all the network traffic you’re observing comes from the VMs on said isolated network. Then you give your VM a second network interface that connects to this isolated network. You use THIS interface for host/guest communications. The part it doesn’t mention on the wiki that I plan to test as part of this blog post is to then add that entry to the Host’s /etc/hosts file so that it overrides DNS and the host is none-the-wiser that it’s not accessing it via the DNS which would be the address that the Host can’t use.

So, let’s give it a shot. I’m going to use the GUI for my first go-around.

Virt-manager - Isolated Network 1
Virt-manager – Isolated Network 1
Virt-manager - Isolated Network 2 - pick the subnet and if you're going to enable DHCP
Virt-manager – Isolated Network 2 – pick the subnet and if you’re going to enable DHCP

Step 3 is IPv6…skipping that….

Virt-manager - Isolated Network 4 - pick isolated
Virt-manager – Isolated Network 4 – pick isolated

Open the VM you want to add it to:

Virt-manager - Isolated Network -Adding the NIC
Virt-manager – Isolated Network -Adding the NIC

Run the VM and see if it took….

Virt-manager - Isolated Network - checking that it got a new IP address
Virt-manager – Isolated Network – checking that it got a new IP address

It appears that it did. So let’s see if I can SSH to it now:

Virt-manager - Isolated Network - checking SSH
Virt-manager – Isolated Network – checking SSH

OK, it all seems to be in order. Good, good. I also confirmed that adding it to the /etc/hosts file allows it to override what’s in DNS. So, there you go! That’s one solution if you want host to guest comms with KVM/QEMU/Libvirt.