Network devices as virtual Ethernet devices
Virtualize network devices as virtual Ethernet devices by configuring direct MacVTap connections or virtual switches.
- You set up separate network devices for the virtual servers that are not used for the host network traffic. This method is called full isolation. It allows the virtual network device configuration using a direct MacVTap connection or a virtual switch.
- If the virtual server network traffic shares network interfaces with the host, you can provide isolation by configuring the virtual network device using a MacVTap interface. Direct MacVTap connections guarantee the isolation of virtual server and host communication paths.
Network device configuration using a direct MacVTap connection
MacVTap provides a high speed network interface to the virtual server. The MacVTap network device driver virtualizes Ethernet devices and provides MAC addresses for virtual network devices.
If you decide to configure a MacVTap interface, be sure to set up a bonded interface which aggregates multiple network interfaces into a single entity, balancing traffic and providing failover capabilities. In addition, you can set up a virtual LAN interface, which provides an isolated communication between the virtual servers that are connected to it.
When you configure a virtual Ethernet device, you associate
it with a network interface name on the host in the configuration-XML. In Figure 2, this is
then creates a MacVTap interface from your network configuration.
Use persistent network interface names to ensure that the configuration-XMLs are still valid after a host reboot or after you unplug or plug in a network adapter. Your product or distribution might provide a way to assign meaningful names to your network interfaces. When you intend to migrate a virtual server, use network interface names that are valid for the hosts that are part of the migration.
Network device configuration using virtual switches
Virtual switches are implemented using Open vSwitch. Virtual switches can be used to virtualize Ethernet devices. They provide means to configure path redundancy, and isolated communication between selected virtual servers.
- Device Drivers, Features, and Commands, SC33-8411
- Libvirt networking documentation at wiki.libvirt.org/page/Networking