Configuring virtual networks

KVM hosts on IBM Z® support networks with three types of Linux® bridges. All types make a communication setup addressable as a network or bridge.

• Bridge with network address translation (NAT)
• Open vSwitch bridge
• Bridge with IP routing

Each bridge type has a different forwarding mode as specified with the <forward> element. Omitting the <forward> element results in a virtual network among the virtual servers, without a connection to a physical network.

Bridge with network address translation (NAT)

With network address translation, traffic of all virtual servers to the physical network is routed through the host's routing stack and uses the host's public IP address. This type of network supports outbound traffic only.

Forwarding mode

nat

Example

<network>
  <name>net0</name>
  <uuid>fec14861-35f0-4fd8-852b-5b70fdc112e3</uuid>
  <forward mode="nat">
    <nat>
      <port start="1024" end="65535"/>
    </nat>
  </forward>
  <bridge name="virbr0" stp="on" delay="0"/>
  <ip address="192.0.2.1" netmask="255.255.255.0">
    <dhcp>
      <range start="192.0.2.2" end="192.0.2.254"/>
    </dhcp>
  </ip>
</network>

Open vSwitch bridge

With an Open vSwitch bridge, the switch implements a subnet. The <bridge> element must reference an already existing Open vSwitch.

Forwarding mode

bridge

Example

<network>
  <name>ovs</name>
  <uuid>58681f9f-20e1-4673-97a0-5c819660db3e</uuid>
  <forward mode="bridge"/>
  <bridge name="ovs-br0"/>
  <virtualport type="openvswitch"/>
</network>

Bridge with IP routing

Forwarding mode

route

Example

<network>
  <name>net1</name>
  <uuid>34fc97f4-86c5-4d65-887a-cc8b33d2a260</uuid>
  <forward mode="route"/>
  <bridge name="iedn" stp="off" delay="0"/>
  <mac address="f6:2b:85:a9:bf:d9"/>
  <ip address="198.51.100.1" netmask="255.255.255.0">
  </ip>
</network>