Discussion:
bridging vmm network
(too old to reply)
niya
2018-03-08 17:48:05 UTC
Permalink
Raw Message
hi

i working out my ideas for modelling my home network,

the network will have four vether interfaces to cover the needs of my
firewall,

which will have  a lan, demilitarised zone, carp redundancy and
connection to the wan,

should i bridge all four vether interfaces to one bridge or a separate
bridge for each ?
Mike Larkin
2018-03-09 01:56:49 UTC
Permalink
Raw Message
On Thu, Mar 08, 2018 at 05:48:05PM +0000, niya wrote:
> hi
>
> i working out my ideas for modelling my home network,
>
> the network will have four vether interfaces to cover the needs of my
> firewall,
>
> which will have  a lan, demilitarised zone, carp redundancy and connection
> to the wan,
>
> should i bridge all four vether interfaces to one bridge or a separate
> bridge for each ?
>

Can you explain a bit more? Specifically, what role is vmm playing
here?

-ml
niya
2018-03-09 12:08:42 UTC
Permalink
Raw Message
On 09/03/2018 01:56, Mike Larkin wrote:
> On Thu, Mar 08, 2018 at 05:48:05PM +0000, niya wrote:
>> hi
>>
>> i working out my ideas for modelling my home network,
>>
>> the network will have four vether interfaces to cover the needs of my
>> firewall,
>>
>> which will have  a lan, demilitarised zone, carp redundancy and connection
>> to the wan,
>>
>> should i bridge all four vether interfaces to one bridge or a separate
>> bridge for each ?
>>
> Can you explain a bit more? Specifically, what role is vmm playing
> here?
>
> -ml
Hi Mike
sorry i think i'm refering to the wrong thing ,
i think it should be vmd in the title.
i have a test vm with a configuration of the following

cat /etc/vm.conf
switch "local" {
    add vether0
    interface bridge0
}

# Test VM
vm "test.vm" {
        disable
        owner alarm
        memory 256M
        disk "/home/alarm/vmm/test.img"
        interface tap0 { switch "local"
        lladdr fe:e1:bb:d1:23:51 }
        }

------------------------------------------------

if i create multiple vm's do i attach the tap interface for each vm to
switch "local"
or do i add a virtual switch declaration in vm.conf for each ?

shadrock
Carlos Cardenas
2018-03-09 14:02:39 UTC
Permalink
Raw Message
On Fri, Mar 09, 2018 at 12:08:42PM +0000, niya wrote:
>
>
> On 09/03/2018 01:56, Mike Larkin wrote:
> > On Thu, Mar 08, 2018 at 05:48:05PM +0000, niya wrote:
> > > hi
> > >
> > > i working out my ideas for modelling my home network,
> > >
> > > the network will have four vether interfaces to cover the needs of my
> > > firewall,
> > >
> > > which will have?? a lan, demilitarised zone, carp redundancy and connection
> > > to the wan,
> > >
> > > should i bridge all four vether interfaces to one bridge or a separate
> > > bridge for each ?
> > >
> > Can you explain a bit more? Specifically, what role is vmm playing
> > here?
> >
> > -ml
> Hi Mike
> sorry i think i'm refering to the wrong thing ,
> i think it should be vmd in the title.
> i have a test vm with a configuration of the following
>
> cat /etc/vm.conf
> switch "local" {
> ?????? add vether0
> ?????? interface bridge0
> }
>
> # Test VM
> vm "test.vm" {
> ?????????????? disable
> ?????????????? owner alarm
> ?????????????? memory 256M
> ?????????????? disk "/home/alarm/vmm/test.img"
> ?????????????? interface tap0 { switch "local"
> ?????????????? lladdr fe:e1:bb:d1:23:51 }
> ?????????????? }
>
> ------------------------------------------------
>
> if i create multiple vm's do i attach the tap interface for each vm to
> switch "local"
> or do i add a virtual switch declaration in vm.conf for each ?
>
> shadrock
>

Howdy.

What version of OpenBSD are you running? My guess based on the vm.conf
is 6.2, is that correct?

Some comments about networking, independent of version:
* Remove "tap0" from the "test.vm" config section. If you copied that
verbatim to another "vm", only one would be running since you
specified a particular tap interface to use. Instead leave the "tap0"
off to tell vmd to use the next available tap interface.
* If you plan on running more than 4 vms at a time (defined in vm.conf
or via vmctl directly), create more tap interfaces now with MAKEDEV
(example to create two more taps...cd /dev; doas ./MAKEDEV tap4 tap5).

I would recommend running --current as it has all the bug fixes for
vmm/vmd along with cdrom support, if you need it. If you are going to
run --current, you'll need to change your switch definition in vm.conf.
Take a look at https://www.openbsd.org/faq/current.html and look for:
2017/10/29 - vmd(8): switch configuration for more details.

+--+
Carlos
Loading...