July 23, 20169 yr Hi, I'm making some vm machines at the moment, and trying to understand the difference in the network modes available. Bridged vs host etc. I understand with bridged, that I draw an ip from the dhcp as a unique device, but I'm not sure the implications of this. Could someone provide a scenario where I would want host instead of bridged, the differences etc? Also, say I'm creating a vm that I don't want to have access to the rest of the network, the workgroup, shared network folders etc, I just want it to emulate it's own private network. Which mode would facilitate that? Thanks for all the help, you guys are great!
July 23, 20169 yr Are you sure you are talking about VM'sand not dockers? There are no options for host/bridge for VM's. You can only choose the virtual bridge, which gives your VM access to the outside, but you can't connect to the VM, or the public bridge that gives you an IP from the dhcp server.
July 23, 20169 yr Author Ah, I guess I was confused. It's looks like it's just br0, virbr0 and docker0. I don't know what any of those do except br0 i guess lol. It pulls an IP from dhcp on br0, and I'm able to see the network drives from the vm. Is there anyway to isolate it?
July 23, 20169 yr Author Awesome thanks! That mostly solved my problem. Everything is inaccessible now, but I'd prefer the network wasn't visible at all however. No way to do that really? Also, what would be the simplest way to impose bandwidth control on an individual vm machine? I want to limit how many resources it can hog. Other than a qos setup from the router which forces me to bridge the unit also lol.
July 24, 20169 yr Author So, I'm trying to accomplish this via tc, since I can just put a htb rate on the virbr0 adapter. However, I'm getting RTNETLINK answers: operation not supported What is the cause of this?
July 24, 20169 yr I am not sure if any rate limiting can be applied to the virbr0 adapter, but why would you? First virbr0 represents ALL VMs and doesn't give you a per VM control. Next, if any restrictions are required then these should apply to WAN traffic, there is no reason to cap your LAN traffic. My recommendation is to do this on your router (gateway). It is also more common to restrict certain types of traffic then to restrict a user when bandwidth control is required.
July 24, 20169 yr Author Well, all my other vms are directly bridged, so they are on the br0 adapter. Or does vibr0 encompass that? I only have one setup on vibr0 that I need to control. So if I went the router route, I would have to also bridge it like the others, giving it an ip I could qos on. However, then that brings me back to the issue at the start of this thread, where it's not network isolated anymore. Notably, I tried all the eth0 options and I get that error no matter. Must be part of the modified unraid kernel?
July 24, 20169 yr Why don't you install a software on the VM that controls the bandwidth for the different applications?
July 24, 20169 yr I don't have any experience with this myself, but apparently libvirt has built-in QoS support. See for example http://serverfault.com/questions/473930/how-to-control-vm-traffic-on-kvm All of this would require direct editing of the XML file, none of this is in the GUI.
July 24, 20169 yr Author Saarg - For the same reason I want the network isolated for that vm , I need the solution to be above the user access level on this machine. I suppose a password protected application or something might work but not really what I'm looking for. bonienl - This solution sounds simple and perfect! I always wondered if there must be something like this, as with vmware produts you can just right click the emulated nic and impose a quota. Thanks a lot, I'll try it out and let everyone know how it worked
July 24, 20169 yr Author :( sad, <bandwidth> </bandwidth> tags in xml pulls the same error as manually trying to enter it with tc. RTNETLINK operation not supported, Really wish whatever is missing from the kernel gets built in for supporting individual level QOS. I don't want to manage that through the router, and it forces me to bridge the vm then also
July 24, 20169 yr Author Perhaps someone could tell me what it would entail to get TC working on the unraid kernel?
July 25, 20169 yr Author Sorry to bump this, but I am still looking for a solution to this issue. I really need the solution to operate above the OS level and not be handled by QOS on the router. The easiest route seems to be the bandwidth tags in the xml, but those invoke the TC command which seems to be unsupported. How can I edit the kernel functionality to regain this control? Or perhaps someone can offer an easier solution? Thanks for all the help!
Archived
This topic is now archived and is closed to further replies.