Attaching a Guest Directly to a Virtualization Host Network Interface with a macvtap Driver
External
Internal
Overview
The procedure consists in leaving the network interface unconfigured on the virtualization host and declaring a network interface of type "direct" in the guest configuration. After assignment, and after the guest boots, the corresponding interface shows up on host as follows:
3: em2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000
link/ether 18:66:da:9f:96:d7 brd ff:ff:ff:ff:ff:ff
...
11: macvtap0@em2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state LOWERLAYERDOWN qlen 500
link/ether 52:54:00:02:72:ed brd ff:ff:ff:ff:ff:ff
Procedure
Configure the Virtual Device on Guest
Leave the network interface unconfigured on the virtualization host.
Assign it to the guest in configuration with virsh edit or in the corresponding XML configuration file as follows:
... <interface type='direct'> <source dev='em2' mode='private'/> </interface> ...
where "em2" is the virtualization host network interface to be directly exposed to the guest.
Note that after creating the domain based on the XML configuration, libvirt will update the stored configuration as follows:
... <interface type='direct'> <mac address='52:54:00:02:72:ed'/> <source dev='em2' mode='private'/> <model type='rtl8139'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/> </interface> ...
Note that the MAC address declared in the configuration is different from the MAC address declared by ip addr on the virtualization host.
The new network interface shows up on the guest, alongside the default network interface eth1:
ip addr
...
2: ens8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:02:72:ed brd ff:ff:ff:ff:ff:ff
...
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:e4:e6:8a brd ff:ff:ff:ff:ff:ff
Primary Interface Name Instability
Specify the Guest Device Name for the Default Network Interface
There are situations in which, because of unspecified causes, the default network interface specified as shown below is exposed non-deterministically as either "eth0" or "eth1" on the guest, causing configuration problems:
<interface type='network'> <mac address='52:54:00:8a:39:9d'/> <source network='default'/> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface>
In order to request a specific guest device name, use "guest" as specified below:
<interface type='network'> <mac address='52:54:00:8a:39:9d'/> <source network='default'/> <model type='virtio'/> <guest dev='eth0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface>
Configure the Network Interface on Guest
NetworkManager Considerations
When NetworkManager was active on the guest after configuring it with an extra network interface as described here, there were times when the network interfaces were not properly detected at boot. The solution was to disable NetworkManager and configure the interfaces manually.
Manual Configuration
After the first boot, figure out the name of the new network interface and add a /etc/sysconfig/network-scripts/ifcfg-<interface-name> configuration file, similar to:
NAME="ens8" DEVICE="ens8" TYPE="Ethernet" ONBOOT="yes" BOOTPROTO="none" IPADDR="172.68.30.1" PREFIX="24" DEFROUTE="no" PEERDNS="no" PEERROUTES="no" IPV4_FAILURE_FATAL="yes" IPV6INIT="no" IPV6_AUTOCONF="no" IPV6_DEFROUTE="no" IPV6_PEERDNS="no" IPV6_PEERROUTES="no" IPV6_FAILURE_FATAL="no" UUID="8e9cbe3a-3582-4213-8a6d-73af4d93e3d0"
Make sure UUID is unique, you can generate a new UUID with uuidgen.
For more details on how to configure network interfaces, see
Reboot the second time, both interfaces should be operational.