Daniel P. Berrange wrote:
> Personally I'd just say the bridge config task is the management tool's
> problem to deal with. A mgmt tool UI shouldn't really need to expose
> the raw details of physical NICs, bond devices, VLAN devices & bridge
> devices to the user. Instead allow them to say 'create a network sharing
> two physical NICs on VLAN 53', and then have it automagically setup the
> neccessary individal devices behind the scenes.
That's a nice idea, but it depends so intimately on the host's network
configuration, that it doesn't work in practice (in my experince),
except in some rather fixed configurations.
The problem is: when you attach a bridge device, then all the host's
IP configuration has to be done on the bridge device instead of the
host's network interfaces.
That means either:
- Host's network configuration (outside the management tool) must
create bridges in advance (with one port) _just_ so that VM
management can attach to the bridge. It's hardly transparent.
Doesn't work at all with NetworkManager or any ordinary host
network configurations, for example. And you have to do it in
advance, not when starting VMs.
- Or, the VM management tool must create bridges when VMs are
started, and then copy the IP configuration from the host
network interface to the bridge, and it must somehow trick the
host's DHCP client to moving to the bridge interface, etc. This
doesn't work with NetworkManager either.
Quite possibly it's a mess because of the way Linux does bridging, but
still it is.
I haven't found any solution which works on a laptop running
NetworkManager or other automatic network binding service.
For servers with static IPs and simple network configuration it is
easier, and of course a VM management tool can always handle specific
cases like that, if told to. But even on servers, I find if they have
a complex host network configuration (e.g. policy routing tables),
adding bridges for the VMs is not something that can be done
Ideally, there would be a way to add a "bridge for VM" which hangs off
the edge of the host's networking, instead of disruptively having to
be in the middle.
The pcap interface is close to that for ease of configurability, but a
bridge would behave better, especially with multiple VMs, and maybe