I am in the process of doing some thesis research about using ebtables and iptables on a KVM host to perform on-the-fly firewall restrictions to KVM guest VM's.
Here is the problem:
I have a bridge set up on eth0 called br0. This works fine. I then have added two tap devices: tap0 and tap1 to use br0.
For some strange reason in the KVM GUI, only 1 of the tap devices is being recognized as a bridge device. The other one is saying macvtap. I don't understand why this is the case. I don't recall having this issue on another system that I am running this on, but I am having this issue on a ThinkPad.
Below is a screenshot of the GUI showing what I am talking about:
Why is tap1 getting the "(Bridge 'br0')" label instead of tap0? They both should be recognized as bridges.
I am running this on CentOS 6, and below are the ifcfg files for the taps:
For tap0:
DEVICE="tap0"
TYPE="Tap"
BRIDGE="br0"
and for tap1:
DEVICE="tap1"
TYPE="Tap"
BRIDGE="br0"
In theory, this should be working…
EDIT: Would re-installing CentOS be a good idea? I'm wondering if maybe the host's settings got screwed up somewhere…
EDIT 2: I examined my issues a bit more, and I am still very puzzled as to why only one tap interface is being seen as a bridged interface. Also strange, is that the br0 interface is not showing up in that list. I recall on my other system, it would also list that as well. Just to prove that tap0 and tap1 are in the bridge, here is the output from the brctl show command:
bridge name bridge id STP enabled interfaces
br0 8000.001c25990400 no eth0
tap0
tap1
As you can see, eth0, tap0, and tap1 are added to the br0 bridge…so… this should be working….
Best Answer
If your goal it is to used bridge br0 as switch for your vm's. You can delete tap0 and tap1. In virt-manager choose Specify shared device name and enter br0 int textfield.
There is no need to manualy create tap0 and tap1. Just configure your VM like in the picture below. LibVirt creates vnet devices on the fly for you.