I am trying to set up qemu/kvm hosted on Manjaro to run a Guest (initially Debian). That part runs ok. Problem is, I can’t get any network connections from/to Host and Guest and the Guest has no access to the internet (via the Host).
My requirement is to connect over a fixed IP in the 10.0.0.0/24 range, treating it as part of the local network which could be accessed using Thunar. Also, it seems access to the host from the guest’s file manager is via 10.0.2.2, which is not within my /24; can that be altered, and if so where?
The state I’ve got it to now has somehow removed two of my local computers from Thunar’s Network list, though they are still there in the SMB Windows Network (the missing ones are one windows VPS and one linux Mint m/c).
I’ve attempted to follow a couple of dozen different web pages, including relevant wikis, purporting to help me in this but most are not for Manjaro and even the Arch setup seems somewhat different. The Manjaro wiki does not cover the network aspect (that I can find).
I understand I need to use a bridge but am having difficulty setting it up. The most useful web page I found was fine up to the point of adding a new bridge, when it showed pics that had no likeness to my machine manager tabs.
If someone could enumerate the steps in connecting Qemu between Host and Guest in simple and absolute terms, complete with filenames and paths, I would appreciate it. Hopefully, such a doc could be added to an FAQ on the site? Or if there is one already, please point me to it.
Well, lots of people use qemu, but plain qemu without any toplevel management, like libvirt or similar, is not that common.
Also your post does not contain that much information.
Lets start with some basic questions. Do you really use plain qemu? Do you want to access the VM from your local network? Why do you want to use a 10.0.0.0/24 range? Is SMB really necessary? There are better ways available for sharing data between a Linux VM and a Linux Host.
I would recommend you switch to libvirt, which makes it a lot easier to manage your VMs and create networks for it.
If you want to do it manually with qemu, I doubt you will find a complete guide on that.
I would create a Nat for all VM. The VMs are connected to a bright. You create a route to connect the VM bright with the host network. After that you can access the VM network form the host. If you need to access the VM from your LAN create port forwarding for the ports you need from your Host to your VM.
I want to access the VM from my local network, preferably from all machines on the network but a single machine would be acceptable - the one it’s installed on.
The 10.0.0.0/24 range because that’s what my local machines have always used, going way back.
Not sure how SMB got into the mix but whatever works that will permit internet access and preferably allow Thunar direct access.
I’ve got the bridge part-way installed but nothing seems to connect to/from it - which is the main question. I’m stuck on this.
I have read a lot of the archwiki on the subject but I can’t apply it, probably because of my lack of understanding but some of the paths seem not to match manjaro. Also, some terms used are unfamiliar to me and are not sufficiently explained.
I’ll go through the two wiki links again and work through the other two links but part of the problem may be my misunderstanding of terms used.
One impression I get is that I must disable my host machine’s internet Ethernet connection enp3s0 and instead use the bridge. I feel that can’t be right and am afraid I’ll lose my internet connection if I do so.
A bit of background: I set up a hyper-v linux machine on a windows server host a few years back (still working) and also a windows server on a linux (ubuntu) host using vmware on one of my local machines, but it was some time back and I tend to lose track of things I’ve done if they are infrequent. The reason I’m tring qemu now rather than vmware is the latter is not in the official manjaro repository, whereas qemu is.
To access the VM network from the Host is one of the more simple network setups with libvirt.
It will be using a NAT and I would disable IPv6, but you can access all ports and you don’t need to worry about a Firewall. Also you don’t need to change the Host network. You can assign static IPs with the internal libvirt DHCP Server. If you want hostname resolution add the hostname with IPv4 to your etc/hosts or use the libvirt nsswitch adapter.
This is a very simple config, it uses eth0 from the host to access the internet. It assigns via DCHP IPv4 from 192.168.3.200 to 192.168.3.254 and some static IPv4 that are not in that range.
Do not use the same network range for your VMs and your LAN. It needs to be different. To access a VM use for example ssh root@192.168.3.10
Yes you would need to do that, the normal Ethernet device needs to be part of that bridge. And this is one of the reasons I don’t like it on a normal desktop system. It makes it complicated and not “user friendly”. Because with the NAT network, you can split the set up. Use NetworkManager for your normal LAN setup and use Libvirt to set up the VM network. You can access the VM directly because it is on the same machine, but other devices in your LAN see just your main system. With a bridge, it looks form the outside as if all VM are independent systems with a own Ethernet device. This means for example your LAN DHCP Server will start assign IPv4 addresses to the VMs. This is a good setup for a Server that is used to run many independent VMs that provide services. But a bridge is a little bit harder to manage with NetworkManager or other desktop network setup programs. Maybe even remove NM completely and use systemd-networkd, but this means no Network Gui.
This is basically what you need to do. But do not disable netfilter! Also do not create a bridge config yourself. Use NM or a similar tool for it. Let the DHCP Server from your LAN assign a IPv4 to that bridge. Don’t forget to remove your Ethernet connection(s). Your Ethernet devices will the first device that is added to the bridge and if not VM is running, it will be the only device. https://jamielinux.com/docs/libvirt-networking-handbook/bridged-network.html
Test if your Host has connectivity. Programs should use the bridge direly, connections will be made form the IPv4 that is assigned to the bridge. If you use a Firewall, make the appropriate changes.
After that edit the network config from every VM that it looks like this
Thanks for that, xabbu. That looks as if I do not actually need a bridge and NAT would do the job. I’ll work through it over the next few days, in between setting up manjaro on a new machine and various other things.
I was unaware of the necessity to use a second network; I do not recall seeing that before. I’ll try that and see where it gets me. Obviously one of the more important points is that I have internet access in order to update and install extras on the VM, since this is a test to try out debian for a mail server.
