KVM虚拟机操作系统网卡的工作原理 kvm虚拟机网卡直通

目录

网络模式

【1】Nat网络

【2】Bridge网络

---

网络模式

Qemu-kvm提供了三种网络模式

• 1、桥接(bridge)将虚拟机的网卡桥接到宿主机的物理网卡。虚拟机和宿主机处于同一个网络内使用同一个网段。相当于将虚拟机的网卡和宿主机的网卡接在同一台二层交换机上。
• 2、NAT宿主机需要两块网卡，一块网卡连接物理网络，另一块网卡( 通常是虚拟网卡)和虚拟机网卡做桥接。虚拟机需通过宿主机的NAT功能，转发数据包。(这时宿主机相当一台NAT路由器
• 3、qemu内部的用户模式，完全由qemu模拟出来的一种网络模式，性能相对较差

【1】Nat网络

NAT方式是kvm安装后的默认方式。它支持主机与虚拟机的互访，同时也支持虚拟机访问互联网，但不支持外界访问虚拟机，default是宿主机安装虚拟机支持模块的时候自动安装的。

看下当前网络

[root@localhost ~]# virsh net-list --all
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 default              active     yes           yes

查看有几个虚机交换机

[root@localhost ~]# brctl show
bridge name	bridge id		STP enabled	interfaces
virbr0		8000.52540045d60a	yes		virbr0-nic
							            vnet0

查看宿主机的网络，说明virbr0-nic就是虚拟交换机，vnet0是虚拟交换机的管理接口

[root@localhost ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:59:fe:78 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.147/24 brd 192.168.1.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::408a:6cf2:1f46:9da5/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:45:d6:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:45:d6:0a brd ff:ff:ff:ff:ff:ff

如果想要自己创建一个nat网络，我们需要复制一个nat网络的配置文件出来然后进行修改

[root@localhost networks]# cp default.xml nat1.xml
[root@localhost networks]# vi nat1.xml 

<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
  virsh net-edit default
or other application using the libvirt API.
-->

<network>
  <name>nat1</name>
  <uuid>2033bcb6-aea8-483d-b9c2-de275fdf6f92</uuid>
  <forward mode='nat'/>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:45:d6:0a'/>
  <ip address='192.168.122.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.122.2' end='192.168.122.254'/>
    </dhcp>
  </ip>
</network>

重启libvirtd

[root@localhost networks]# systemctl restart libvirtd

【2】Bridge网络

虚拟机和宿主机处于同一个网络内使用同一个网段。相当于将虚拟机的网卡和宿主机的网卡接在同一台二层交换机上。

桥接网络（也叫物理设备共享）被用作把一个物理设备复制到一台虚拟机。网桥多用作高级设置，特别是主机多个网络接口的情况。

网桥方式配置步骤

 【1】编辑修改网络设备脚本文件，增加网桥设备br0

# vi /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE="br0"
ONBOOT="yes"
TYPE="Bridge"
BOOTPROTO=static
IPADDR=192.168.1.22
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS1=114.114.114.114
DEFROUTE=yes

【2】编辑修改网络设备脚本文件，修改网卡设备ens33

（修改之前记得把ens33网卡备份一下）

DEVICE="ens33"
ONBOOT="yes"
BRIDGE="br0"

【3】重启libvirtd服务和重启网络服务

[root@localhost network-scripts]# systemctl restart libvirtd
[root@localhost network-scripts]# systemctl restart network

【4】客户机配置

客户机安装时注意，网络要选择用br0桥接方式。
编辑修改虚拟机配置文件 /etc/libvirt/qemu/v1.xml，增加如下内容

<interface type='bridge'>
  <mac address='52:54:00:da:c3:dc'/>
  <source bridge='br0'/>
  <model type='virtio'/>
  <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

【3】isolate网络

 我们需要复制一个nat网络的配置文件出来然后进行修改

[root@localhost networks]# cp default.xml isolated.xml
[root@localhost networks]# vi isolated.xml

<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
  virsh net-edit default
or other application using the libvirt API.
-->

<network>
  <name>isolated</name>
  <uuid>2033bcb6-aea8-483d-b9c2-de273fdf8f92</uuid>
  <bridge name='virbr1' stp='on' delay='0'/>
  <mac address='52:54:00:45:d6:64'/>
  <ip address='192.168.123.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.123.2' end='192.168.123.254'/>
    </dhcp>
  </ip>
</network>

 重启libvirtd并且开启网络，开启自启动

[root@localhost networks]# systemctl restart libvirtd
[root@localhost networks]# virsh net-start isolated
Network isolated started

[root@localhost networks]# virsh net-autostart isolated
Network isolated marked as autostarted

[root@localhost networks]# virsh net-list
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 default              active     yes           yes
 isolated             active     yes           yes

网络相关基本命令
查看一个guest主机的网络接口信息: 

# virsh domiflist 虚机名字

[root@localhost networks]# virsh domiflist node4
Interface  Type       Source     Model       MAC
-------------------------------------------------------
-          network    default    e1000       52:54:00:82:de:d5

---