venkataanil/libvirt_networking

## libvirt_networking
read https://wiki.libvirt.org/page/VirtualNetworking along with below data
The above deostn't talk about bridged networking.
For bridged networking https://wiki.libvirt.org/page/Networking


[stack@gprfs036 infrared]$ brctl show
bridge name	bridge id		STP enabled	interfaces
data		8000.525400520d57	yes		data-nic
							vnet0
							vnet3
							vnet6
external		8000.5254007596f0	yes		external-nic
							vnet2
							vnet5
							vnet8
management		8000.52540017a0b2	yes		management-nic
							vnet1
							vnet4
							vnet7
virbr0		8000.525400e24bbe	yes		virbr0-nic
[stack@gprfs036 infrared]$ iptables -t nat -L | grep -i masq
iptables v1.4.21: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
[stack@gprfs036 infrared]$ sudo iptables -t nat -L | grep -i masq
MASQUERADE  tcp  --  172.16.0.0/24       !172.16.0.0/24        masq ports: 1024-65535
MASQUERADE  udp  --  172.16.0.0/24       !172.16.0.0/24        masq ports: 1024-65535
MASQUERADE  all  --  172.16.0.0/24       !172.16.0.0/24
MASQUERADE  tcp  --  10.0.0.0/24         !10.0.0.0/24          masq ports: 1024-65535
MASQUERADE  udp  --  10.0.0.0/24         !10.0.0.0/24          masq ports: 1024-65535
MASQUERADE  all  --  10.0.0.0/24         !10.0.0.0/24
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24
[stack@gprfs036 infrared]$ ip r
default via 10.16.159.254 dev em1 proto dhcp metric 100
10.0.0.0/24 dev external proto kernel scope link src 10.0.0.1
10.16.152.0/21 dev em1 proto kernel scope link src 10.16.153.105 metric 100
172.16.0.0/24 dev management proto kernel scope link src 172.16.0.1
192.168.24.0/24 dev data proto kernel scope link src 192.168.24.254
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
[stack@gprfs036 infrared]$ ps -aef | grep dnsma
nobody    2976     1  0 Jun03 ?        00:00:06 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
root      2977  2976  0 Jun03 ?        00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
nobody    6763     1  0 Jun03 ?        00:00:12 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/external.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
root      6764  6763  0 Jun03 ?        00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/external.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
nobody    6947     1  0 Jun03 ?        00:00:08 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/management.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
root      6950  6947  0 Jun03 ?        00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/management.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
nobody    7112     1  0 Jun03 ?        00:00:06 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/data.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper

For routed networking
https://jamielinux.com/docs/libvirt-networking-handbook/routed-network.html
gprfc43
-------
ip r
172.15.1.0/24 dev br-management
172.15.0.0/16 dev p4p1
ip a
br-management 172.15.1.1/24
p4p1 172.15.0.1/16
DHCP for br-management network 172.15.1.2-172.15.1.255

gprfc44
-------
ip r
172.15.2.0/24 dev br-management
172.15.0.0/16 dev p4p1
ip a
br-management 172.15.2.1/24
p4p1 172.15.0.2/16
DHCP for br-management network 172.15.2.2-172.15.2.255

sudo yum install git gcc libffi-devel openssl-devel python-virtualenv libselinux-python tmux qemu-kvm libvirt libvirt-python libguestfs-tools virt-install libguestfs libguestfs-tools-c libguestfs-tools-xfs python-lxml wget libselinux-python expect -y;systemctl enable libvirtd;systemctl start libvirtd
ip a a 172.15.0.2/16 dev p2p1

cat /tmp/mynetwork1.xml
<network>
  <name>mynetwork1</name>
  <bridge name="virbr1" />
  <forward mode="route"/>
  <ip address="172.15.2.1" netmask="255.255.255.0">
    <dhcp>
      <range start="172.15.2.2" end="172.15.2.254"/>
    </dhcp>
  </ip>
</network>


virsh net-define /tmp/mynetwork1.xml
virsh net-start mynetwork1
cp /var/lib/libvirt/images/rhel-guest-image-7-6-210-x86-64-qcow2 /var/lib/libvirt/images/test-1-disk1.qcow2
virt-install --name test-1    --disk path=/var/lib/libvirt/images/test-1-disk1.qcow2,device=disk,bus=virtio,format=qcow2,cache=unsafe    --boot hd   --network network:mynetwork1  --virt-type kvm --cpu host-passthrough --ram 6144 --vcpus 4 --os-variant rhel7 --import --noautoconsole --autostart --vnc --rng /dev/urandom
virsh set-user-password --domain test-1 --user root --password 100yard-
virsh net-dhcp-leases mynetwork1

   19  brctl addbr br-virbr19
   20  ip a
   21  brctl addifbr-virbr19  p2p1
   22  brctl addif br-virbr19  p2p1

   31  mkdir -p /var/lib/dnsmasq/bridge1
   32  touch /var/lib/dnsmasq/bridge1/hostsfile
   33  touch /var/lib/dnsmasq/bridge1/leases
   34  touch /var/lib/dnsmasq/bridge1/dnsmasq.conf
   35  vi /var/lib/dnsmasq/bridge1/dnsmasq.conf
   36  cat /var/lib/dnsmasq/bridge1/hostsfile
   37  ls /var/lib/dnsmasq/bridge1/hostsfile
   38  ip a a 172.15.0.2/16 dev br-virbr19
   39  libvirtd --help
   40  dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf --pid-file=/var/run/dnsmasq/bridge1.pid
   41  vi /var/lib/dnsmasq/bridge1/dnsmasq.conf
   42  dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf --pid-file=/var/run/dnsmasq/bridge1.pid
   43  vi /var/lib/dnsmasq/bridge1/dnsmasq.conf
   44  dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf --pid-file=/var/run/dnsmasq/bridge1.pid
   45  dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf
   46  ps -aef | grep dnsma
   47  ls /var/lib/libvirt/images/
   48  virt-install --name test-1    --disk path=/var/lib/libvirt/images/test-1-disk1.qcow2,device=disk,bus=virtio,format=qcow2,cache=unsafe    --boot hd   --network network:bridge1  --virt-type kvm --cpu host-passthrough --ram 6144 --vcpus 4 --os-variant rhel7 --import --noautoconsole --autostart --vnc --rng /dev/urandom
   49  virsh net-dhcp-leases bridge1
   50  ls /var/lib/dnsmasq/bridge1/
   51  cat /var/lib/dnsmasq/bridge1/hostsfile
   52  brctl show
   53  ip a
   54  virsh list
   55  ifconfig
   56  ip l s br-virbr19 up
   57  ip a
   58  virsh destroy test-1
   59  virsh undefine test-1
   60  brctl show
   61  virt-install --name test-1    --disk path=/var/lib/libvirt/images/test-1-disk1.qcow2,device=disk,bus=virtio,format=qcow2,cache=unsafe    --boot hd   --network network:bridge1  --virt-type kvm --cpu host-passthrough --ram 6144 --vcpus 4 --os-variant rhel7 --import --noautoconsole --autostart --vnc --rng /dev/urandom
   62  ls
	read https://wiki.libvirt.org/page/VirtualNetworking along with below data
	The above deostn't talk about bridged networking.
	For bridged networking https://wiki.libvirt.org/page/Networking


	[stack@gprfs036 infrared]$ brctl show
	bridge name bridge id STP enabled interfaces
	data 8000.525400520d57 yes data-nic
	vnet0
	vnet3
	vnet6
	external 8000.5254007596f0 yes external-nic
	vnet2
	vnet5
	vnet8
	management 8000.52540017a0b2 yes management-nic
	vnet1
	vnet4
	vnet7
	virbr0 8000.525400e24bbe yes virbr0-nic
	[stack@gprfs036 infrared]$ iptables -t nat -L \| grep -i masq
	iptables v1.4.21: can't initialize iptables table `nat': Permission denied (you must be root)
	Perhaps iptables or your kernel needs to be upgraded.
	[stack@gprfs036 infrared]$ sudo iptables -t nat -L \| grep -i masq
	MASQUERADE tcp -- 172.16.0.0/24 !172.16.0.0/24 masq ports: 1024-65535
	MASQUERADE udp -- 172.16.0.0/24 !172.16.0.0/24 masq ports: 1024-65535
	MASQUERADE all -- 172.16.0.0/24 !172.16.0.0/24
	MASQUERADE tcp -- 10.0.0.0/24 !10.0.0.0/24 masq ports: 1024-65535
	MASQUERADE udp -- 10.0.0.0/24 !10.0.0.0/24 masq ports: 1024-65535
	MASQUERADE all -- 10.0.0.0/24 !10.0.0.0/24
	MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
	MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
	MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24
	[stack@gprfs036 infrared]$ ip r
	default via 10.16.159.254 dev em1 proto dhcp metric 100
	10.0.0.0/24 dev external proto kernel scope link src 10.0.0.1
	10.16.152.0/21 dev em1 proto kernel scope link src 10.16.153.105 metric 100
	172.16.0.0/24 dev management proto kernel scope link src 172.16.0.1
	192.168.24.0/24 dev data proto kernel scope link src 192.168.24.254
	192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
	[stack@gprfs036 infrared]$ ps -aef \| grep dnsma
	nobody 2976 1 0 Jun03 ? 00:00:06 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
	root 2977 2976 0 Jun03 ? 00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
	nobody 6763 1 0 Jun03 ? 00:00:12 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/external.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
	root 6764 6763 0 Jun03 ? 00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/external.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
	nobody 6947 1 0 Jun03 ? 00:00:08 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/management.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
	root 6950 6947 0 Jun03 ? 00:00:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/management.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
	nobody 7112 1 0 Jun03 ? 00:00:06 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/data.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper

	For routed networking
	https://jamielinux.com/docs/libvirt-networking-handbook/routed-network.html
	gprfc43
	-------
	ip r
	172.15.1.0/24 dev br-management
	172.15.0.0/16 dev p4p1
	ip a
	br-management 172.15.1.1/24
	p4p1 172.15.0.1/16
	DHCP for br-management network 172.15.1.2-172.15.1.255

	gprfc44
	-------
	ip r
	172.15.2.0/24 dev br-management
	172.15.0.0/16 dev p4p1
	ip a
	br-management 172.15.2.1/24
	p4p1 172.15.0.2/16
	DHCP for br-management network 172.15.2.2-172.15.2.255

	sudo yum install git gcc libffi-devel openssl-devel python-virtualenv libselinux-python tmux qemu-kvm libvirt libvirt-python libguestfs-tools virt-install libguestfs libguestfs-tools-c libguestfs-tools-xfs python-lxml wget libselinux-python expect -y;systemctl enable libvirtd;systemctl start libvirtd
	ip a a 172.15.0.2/16 dev p2p1

	cat /tmp/mynetwork1.xml
	<network>
	<name>mynetwork1</name>
	<bridge name="virbr1" />
	<forward mode="route"/>
	<ip address="172.15.2.1" netmask="255.255.255.0">
	<dhcp>
	<range start="172.15.2.2" end="172.15.2.254"/>
	</dhcp>
	</ip>
	</network>


	virsh net-define /tmp/mynetwork1.xml
	virsh net-start mynetwork1
	cp /var/lib/libvirt/images/rhel-guest-image-7-6-210-x86-64-qcow2 /var/lib/libvirt/images/test-1-disk1.qcow2
	virt-install --name test-1 --disk path=/var/lib/libvirt/images/test-1-disk1.qcow2,device=disk,bus=virtio,format=qcow2,cache=unsafe --boot hd --network network:mynetwork1 --virt-type kvm --cpu host-passthrough --ram 6144 --vcpus 4 --os-variant rhel7 --import --noautoconsole --autostart --vnc --rng /dev/urandom
	virsh set-user-password --domain test-1 --user root --password 100yard-
	virsh net-dhcp-leases mynetwork1

	19 brctl addbr br-virbr19
	20 ip a
	21 brctl addifbr-virbr19 p2p1
	22 brctl addif br-virbr19 p2p1

	31 mkdir -p /var/lib/dnsmasq/bridge1
	32 touch /var/lib/dnsmasq/bridge1/hostsfile
	33 touch /var/lib/dnsmasq/bridge1/leases
	34 touch /var/lib/dnsmasq/bridge1/dnsmasq.conf
	35 vi /var/lib/dnsmasq/bridge1/dnsmasq.conf
	36 cat /var/lib/dnsmasq/bridge1/hostsfile
	37 ls /var/lib/dnsmasq/bridge1/hostsfile
	38 ip a a 172.15.0.2/16 dev br-virbr19
	39 libvirtd --help
	40 dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf --pid-file=/var/run/dnsmasq/bridge1.pid
	41 vi /var/lib/dnsmasq/bridge1/dnsmasq.conf
	42 dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf --pid-file=/var/run/dnsmasq/bridge1.pid
	43 vi /var/lib/dnsmasq/bridge1/dnsmasq.conf
	44 dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf --pid-file=/var/run/dnsmasq/bridge1.pid
	45 dnsmasq --conf-file=/var/lib/dnsmasq/bridge1/dnsmasq.conf
	46 ps -aef \| grep dnsma
	47 ls /var/lib/libvirt/images/
	48 virt-install --name test-1 --disk path=/var/lib/libvirt/images/test-1-disk1.qcow2,device=disk,bus=virtio,format=qcow2,cache=unsafe --boot hd --network network:bridge1 --virt-type kvm --cpu host-passthrough --ram 6144 --vcpus 4 --os-variant rhel7 --import --noautoconsole --autostart --vnc --rng /dev/urandom
	49 virsh net-dhcp-leases bridge1
	50 ls /var/lib/dnsmasq/bridge1/
	51 cat /var/lib/dnsmasq/bridge1/hostsfile
	52 brctl show
	53 ip a
	54 virsh list
	55 ifconfig
	56 ip l s br-virbr19 up
	57 ip a
	58 virsh destroy test-1
	59 virsh undefine test-1
	60 brctl show
	61 virt-install --name test-1 --disk path=/var/lib/libvirt/images/test-1-disk1.qcow2,device=disk,bus=virtio,format=qcow2,cache=unsafe --boot hd --network network:bridge1 --virt-type kvm --cpu host-passthrough --ram 6144 --vcpus 4 --os-variant rhel7 --import --noautoconsole --autostart --vnc --rng /dev/urandom
	62 ls