issue with kvm/libvirt and linux-namespaces

Question

I have an issue with kvm/libvirt virtualization and network namespaces on my Ubuntu 16.04 LTS. What I want to do is the following fenced setup:

One network namespace (the fence)
Two Linux bridges in the namespace.
Each bridge has it's own ip network.
Allow ip forwarding between these two bridges.
Two VMs. VM1 is connected to bridge1 and VM2 is conncted to bridge2.
Ping VM1 to VM2.

The intention is to get a little lab on my laptop which is fully independent from the host's remaining network setup that has communication to the outside world and it seems to me that network namespaces are the way to attain this but I hit some snags.

Until now I've set up the following:

ip netns add internalSpielwiese
ip netns exec internalSpielwiese bash
    ip addr add 127.0.0.1/8 dev lo
    ip link set lo up
    ip link add name iBr0 type bridge
    ip addr add 172.0.0.1/24 dev iBr0
    ip link set iBr0 up
    ip link add name iBr1 type bridge
    ip addr add 172.0.1.1/24 dev iBr1
    ip link set iBr1 up

Pinging the ips inside the namespace is successful. IP forwarding is enabled. Outside the namespace the bridges are not visible/existent. Now it would be time to make the bridges in libvirt known. But it doesn't work. I tried it with this xml


  internalBr0
  3f4647d9-0c19-509f-b512-9cac91c7149b

and appropriate virsh net-define and net-start commands. I edited a VM's xml file and started the VM but the result was this:

virsh # start kirke2
error: Failed to start domain kirke2
error: Cannot get interface MTU on 'iBr0': No such device

Obviously, libvirt didn't find the iBr0 in the namespace internalSpielwiese and after some googling I've got the impression that libvirt is not able to deal with network namespaces. Or is there a way? How?

issue with kvm/libvirt and linux-namespaces

Answers (1)

Related Questions