KVM Virtual Machines and bridged networking

Like the OP, I too have struggled with getting my VM in Cockpit to work with bridged networking so the VM could access host shares via Samba.

This thread has been a very interesting read, and has inspired me to find a solution. I came across this very useful article (skip over the 'installing KVM' part at the beginning and go to 'setup bridge networking with KVM').

Much of it follows the same steps as the OP, but with much more detail and some additional steps (notably disabling netfilter which is apparently necessary). So I did all that and it worked perfectly on my OMV setup.

One thing to add, though: once you have your host-bridge showing up in Cockpit, go to your VM's networking settings and configure them as Bridge to LAN with source br0 and model virtio. This combination is the only one that works for me; neither Direct attachment nor Virtual network were correct.

Now OMV and my VM live on the same IP subnet and have their own IP address each, and they can talk to each other. Just for kicks, I opened Firefox within the VM and browsed to the OMV IP, and sure enough the web GUI (login page) showed up.

The only remaining issue for me is a purely cosmetic one: in the web GUI, the old configuration (only my physical network interface eno1) is still showing instead of the new config. This must have something to do with the files in /etc/netplan - I wonder if I should replace 20-openmediavault-eno1.yaml with the contents of my own 00-installer-config.yaml or simply delete it instead.

Wondering if someone could weigh in on this last point?

Quote from richrt

I think I found the solution, but not sure if it works in all of your scenario.

So after installed OMV5 with OMV extras, install Docker; Portainer; Cockpit.

Next I've added HassOS KVM VM in Cockpit as a new VM.

Next in OMV5 WebUI go to Network settings and fisrt delete my Interface : enp4s0

After I added a new Bridge, with name: Bridge, and attached the enp4s0 interface to bridge.

Next I set the same static IP address, as it had before with the normal interface. Till that point I didn't Save the OMV5 config chages!!!

After Save to full configuration changes in OMV5, so you will lose the connection only for 2-5 pings.

Finally I've set the existing HassOS VM the following in Network settings: Direct connection; Model type: e1000; br0

In the end of the story, I get a valid LAN DHCP IP address to my HassOS VM, and reachable by local clients.

Display More

I cannot select Direct Attachment, it's grayed out as the other options except for Virtual Network.

Quote from richrt

I think I found the solution, but not sure if it works in all of your scenario.

So after installed OMV5 with OMV extras, install Docker; Portainer; Cockpit.

Next I've added HassOS KVM VM in Cockpit as a new VM.

Next in OMV5 WebUI go to Network settings and fisrt delete my Interface : enp4s0

After I added a new Bridge, with name: Bridge, and attached the enp4s0 interface to bridge.

Next I set the same static IP address, as it had before with the normal interface. Till that point I didn't Save the OMV5 config chages!!!

After Save to full configuration changes in OMV5, so you will lose the connection only for 2-5 pings.

Finally I've set the existing HassOS VM the following in Network settings: Direct connection; Model type: e1000; br0

In the end of the story, I get a valid LAN DHCP IP address to my HassOS VM, and reachable by local clients.

Display More

seems like it should work, however now I cant connect to the OMV web UI... did I brick it? essentially deleted the eth adapter now it doesnt connect to the network, lol I cant see the IP address of my server on my router . Is there a way to fix this new problem I created?

It seems the direkt Bridge ist the right way for Cockpit. But if you use the Bridge, the Host and the Guest System cannot communicate over their network. This is the way how KVM works.

As described by Redhat in following link:

Guest Can Reach Outside Network, but Cannot Reach Host when Using macvtap Interface

1. All devices kann reach the Host and the Guests.

2. The host cannot communicate with the Guest an vice versa

3. A Guest kann communicate with another Guest Maschine

Its the defined way for direkt (macvtap) ethernet devices in the guest.

If we want that guest and host will communicate together we have do define a second virtual Network device.

The Redhat documentation uses the virt tools for KVM to define a second device.

By the way,

Howto do this with Cockpit:

We assume that the Bridge is configured in the OMV Network settings as described in this thread.

The VM has an direkt Ethernet device to the bridge. You kann ping the Host and the Guest from outside with their own IP.

Now we create a second virtual ethernet device in Cockpit, (I named it "Isolated")

The device must be activated.

If you reboot your OMV their is an additional Network device with IP 192.168.100.1

In your VM attach a second network device

Now you have a second Ethernet device in the VM.

You have to configure the second Ethernet device in the VM with an IP address (DHCP or static like 192.168.100.20)

You need no gateway for this, because only Host an Guest will use this Network.

If the IP of your host is 172.15.18.200 and your Guest is 172.15.18.201 its reachable by every device in your Network. The Guest and the Host communikate over the 192.168.100.x network. You kann ping the host from guest with 192.168.100.1 and ping the guest from host with 192.168.100.20

In my debian VM i tried cifs mount to my OMV smb share and it works.

I dont know how to setup this in a windows vm, because i dont use windows. Can someone try this. Is there a second ethernet device in windows for the host/guest network?

I don't use any macvlan interfaces and can't wrap my head around what they are and why I would need one. *hangs head in shame*

But my system and my VM both use the bridge interface br0 (each having their own IP) and they can talk to each other just fine (the VM reads and writes two of my OMV shared folders via Samba).

I'm not sure what I am missing here...

So I Set up the bridge as talked about and still had a problem a couple weeks ago still not getting seperate IPs for my VMs from my router. I think I know what may have happened. before when I could not get the a new IP for my Cockpit VMs on my home network, the IP for the bridge configured through OMV was set to static. So I think it forced the VM traffic coming through that nic to only be set to that static IP, I changed the bridge to back accepting DHCP addresses, and now I get the connectivity I was looking for with my VMs, seperate IPs.

Not sure if that observation helps anyone.

Mostly want to use these VMs for security scans and networking type assignments for school, so I am glad its working now.

I am also in the process of setting up 1-2 VMs, which I would also like to reach from my local network.

At the moment the basic configuration only works so far that I can reach my network and the internet only from the VM.

I tried with the network settings in Cockpit, but I couldn't get it to work.

If I have understood the summarized correctly, then I must first create a bridge in OMV or the system, which is coupled on the one hand with my network adapter and where I then connect to Cockpit?

But how do I create this?

In OMV I can not set or create a bridge with the network adapter. Here I only see the VETH of my Docker containers.

Would be great if someone could write this together again, what all is necessary

There is now a KVM plugin

New openmediavault-kvm plugin

The first post is already explaining a lot.

And there is a first how-to: RE: New openmediavault-kvm plugin