Libvirt virtual network vs linux host bridge

Issues related to configuring your network
Post Reply
sawozny
Posts: 46
Joined: 2019/07/13 22:19:14

Libvirt virtual network vs linux host bridge

Post by sawozny » 2020/08/17 00:27:12

Greetings, Gurus! :)

Looking to see what the hive mind’s experience is choosing between using virsh to create virtual networks to attach KVMs to vs building bridges in CentOS and then connecting the VM interfaces to those bridges. Not doing anything particularly fancy, so feature set isn’t a high priority. Mostly looking to see what people’s experiences have been with stability and performance. Looking through the docs I’m comfortable with either approach. The virtual network approach keeps more config inside Libvirt so that could be considered a slight advantage, but not if it’s going to cost me any appreciable amount in throughput.

Any suggestions, advice or sharing of experiences would be appreciated.

Thanks,

Scott

User avatar
jlehtone
Posts: 3044
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Libvirt virtual network vs linux host bridge

Post by jlehtone » 2020/08/17 07:00:39

"Virtual network" created by libvirt is technically a bridge.

When libvirt creates "routed network" (or "isolated"), it starts dnsmasq (DHCP+DNS) and adds firewall rules for that network too.
That is either convenient (the DHCP part) or mind-boggling (firewall).

When libvirt creates "bridged network", the only difference is that the bridge connection is created either by libvirtd.service or NetworkManager/network.service. No stability or performance differences.


If you have bridged network and the host must have IP address in that network, then you should not create that bridge with libvirt.
This is actually what I primarily use. The host network config creates the bridges whether host has address in their subnets or not, and whether I start VMs or not.

sawozny
Posts: 46
Joined: 2019/07/13 22:19:14

Re: Libvirt virtual network vs linux host bridge

Post by sawozny » 2020/08/17 23:05:13

Thanks so much for your response! I was worried that libvirt created virtual networks were some sort of bloated userland monstrosity, but I see what you're saying about them really being OS bridges under the hood with some advanced services I don't need in this context.

So I think I'll build the bridges I need in the OS and attach my VMs to them with libvirt. Now to figure out if I want to build them with brctl or nmcli. :)

Thanks,

Scott

User avatar
jlehtone
Posts: 3044
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Libvirt virtual network vs linux host bridge

Post by jlehtone » 2020/08/19 11:17:01

If you configure network with NetworkManager.service, then that is what you use. (i.e. nmcli)

If you configure network with network.service, then you edit files. The scripts will call brctl.

sawozny
Posts: 46
Joined: 2019/07/13 22:19:14

Re: Libvirt virtual network vs linux host bridge

Post by sawozny » 2020/08/19 18:33:20

Yeah, that was the crux of the decision I'm facing. Seeing as RH is pushing NetworkManager over the classic network service I'm just gonna go with the flow and use NetworkManager for everything. It'll make the transition to 8 smoother, when the time comes.

Again, thanks very much for your feedback.

Scott

Post Reply

Return to “CentOS 7 - Networking Support”