On 13 Feb 2024 18:10 +0100, from fnat...@gmx.net (Felix Natter): > regarding virt-manager (qemu/kvm): > > Can I safely choose the "NAT" network type for a new VM > in virt-manager (Debian12):
Yes. Doing so should create a new network interface named virbr[0-9] and assign an IPv4 address range to it which will be used for VM purposes. > Can I safely say yes to > "Do you want to bring it up?"? (is it undoable?) Yes, it is undoable. You can either use virt-manager -> connection details -> virtual networks (select the network and then click the stop button below the list) or you can use $ sudo virsh net-list --all $ sudo virsh net-destroy network-name Despite the scary action name, virsh net-destroy only stops the network; it doesn't actually deconfigure it. (For that, you use virsh net-undefine. There is also virsh net-autostart.) See the virsh(1) man page. If you want to be extra certain, you can dump your firewall rules just before you bring up the KVM network so that you can restore them without a reboot. > If I choose NAT, can multiple VMs connect to each other > and with the host? I know that VMs can talk to the host through a KVM NAT interface. I haven't tested whether they can talk to each other, but I would expect so. If you are using nftables on the host, you might find my blog post at https://michael.kjorling.se/blog/2022/linux-kvm-host-nftables-guest-networking/ helpful if VMs can't talk to the network. I have received some feedback that there are easier solutions, but try as I did at the time I couldn't find them, and what I wrote up there Works For Me (tm). > (I would like to avoid making many changes that I don't understand > to a productive server) Very understandable, and prudent. You may want to consider subscribing to https://lists.libvirt.org/archives/list/us...@lists.libvirt.org/; subscription is mailto:users-j...@lists.libvirt.org. -- Michael Kjörling 🔗 https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”
