bridging vmm network

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

bridging vmm network

niya levi
hi

i working out my ideas for modelling my home network,

the network will have four vether interfaces to cover the needs of my
firewall,

which will have  a lan, demilitarised zone, carp redundancy and
connection to the wan,

should i bridge all four vether interfaces to one bridge or a separate
bridge for each ?

Reply | Threaded
Open this post in threaded view
|

Re: bridging vmm network

Mike Larkin
On Thu, Mar 08, 2018 at 05:48:05PM +0000, niya wrote:

> hi
>
> i working out my ideas for modelling my home network,
>
> the network will have four vether interfaces to cover the needs of my
> firewall,
>
> which will have  a lan, demilitarised zone, carp redundancy and connection
> to the wan,
>
> should i bridge all four vether interfaces to one bridge or a separate
> bridge for each ?
>

Can you explain a bit more? Specifically, what role is vmm playing
here?

-ml

Reply | Threaded
Open this post in threaded view
|

Re: bridging vmm network

niya levi


On 09/03/2018 01:56, Mike Larkin wrote:

> On Thu, Mar 08, 2018 at 05:48:05PM +0000, niya wrote:
>> hi
>>
>> i working out my ideas for modelling my home network,
>>
>> the network will have four vether interfaces to cover the needs of my
>> firewall,
>>
>> which will have  a lan, demilitarised zone, carp redundancy and connection
>> to the wan,
>>
>> should i bridge all four vether interfaces to one bridge or a separate
>> bridge for each ?
>>
> Can you explain a bit more? Specifically, what role is vmm playing
> here?
>
> -ml
Hi Mike
sorry i think i'm refering to the wrong thing ,
i think it should be vmd in the title.
i have a test vm with a configuration of the following

cat /etc/vm.conf
switch "local" {
     add vether0
     interface bridge0
}

# Test VM
vm "test.vm" {
         disable
         owner alarm
         memory 256M
         disk "/home/alarm/vmm/test.img"
         interface tap0 { switch "local"
         lladdr fe:e1:bb:d1:23:51 }
         }

------------------------------------------------

if i create multiple vm's do i attach the tap interface for each vm to
switch "local"
or do i add a virtual switch declaration in vm.conf for each ?

shadrock

Reply | Threaded
Open this post in threaded view
|

Re: bridging vmm network

Carlos Cardenas
On Fri, Mar 09, 2018 at 12:08:42PM +0000, niya wrote:

>
>
> On 09/03/2018 01:56, Mike Larkin wrote:
> > On Thu, Mar 08, 2018 at 05:48:05PM +0000, niya wrote:
> > > hi
> > >
> > > i working out my ideas for modelling my home network,
> > >
> > > the network will have four vether interfaces to cover the needs of my
> > > firewall,
> > >
> > > which will have?? a lan, demilitarised zone, carp redundancy and connection
> > > to the wan,
> > >
> > > should i bridge all four vether interfaces to one bridge or a separate
> > > bridge for each ?
> > >
> > Can you explain a bit more? Specifically, what role is vmm playing
> > here?
> >
> > -ml
> Hi Mike
> sorry i think i'm refering to the wrong thing ,
> i think it should be vmd in the title.
> i have a test vm with a configuration of the following
>
> cat /etc/vm.conf
> switch "local" {
> ?????? add vether0
> ?????? interface bridge0
> }
>
> # Test VM
> vm "test.vm" {
> ?????????????? disable
> ?????????????? owner alarm
> ?????????????? memory 256M
> ?????????????? disk "/home/alarm/vmm/test.img"
> ?????????????? interface tap0 { switch "local"
> ?????????????? lladdr fe:e1:bb:d1:23:51 }
> ?????????????? }
>
> ------------------------------------------------
>
> if i create multiple vm's do i attach the tap interface for each vm to
> switch "local"
> or do i add a virtual switch declaration in vm.conf for each ?
>
> shadrock
>

Howdy.

What version of OpenBSD are you running?  My guess based on the vm.conf
is 6.2, is that correct?

Some comments about networking, independent of version:
* Remove "tap0" from the "test.vm" config section.  If you copied that
  verbatim to another "vm", only one would be running since you
  specified a particular tap interface to use.  Instead leave the "tap0"
  off to tell vmd to use the next available tap interface.
* If you plan on running more than 4 vms at a time (defined in vm.conf
  or via vmctl directly), create more tap interfaces now with MAKEDEV
  (example to create two more taps...cd /dev; doas ./MAKEDEV tap4 tap5).

I would recommend running --current as it has all the bug fixes for
vmm/vmd along with cdrom support, if you need it.  If you are going to
run --current, you'll need to change your switch definition in vm.conf.
Take a look at https://www.openbsd.org/faq/current.html and look for:
2017/10/29 - vmd(8): switch configuration  for more details.

+--+
Carlos