Bridged Networking

This guide describes how to deploy Bridged networks. In this mode, the Virtual Machine traffic is directly bridged through the Linux bridge on the hypervisor nodes. Bridged networks can operate in four different modes depending on the additional traffic filtering made by OpenNebula:

  • Dummy Bridged, no filtering, no bridge setup (legacy no-op driver).
  • Bridged, no filtering is made, managed bridge.
  • Bridged with Security Groups, iptables rules are installed to implement security groups rules.

OpenNebula Configuration

The following configuration parameters can be adjusted in /var/lib/one/remotes/etc/vnm/OpenNebulaNetwork.conf:

ParameterDescription
:ipset_maxelemMaximum number of entries in the IP set (used for the security group rules)
:keep_empty_bridgeSet to true to preserve bridges with no virtual interfaces left.
:ip_bridge_conf(Hash) Options passed to ip cmd. on bridge create (ip link add <bridge> type bridge ...)

Defining Bridged Network

To create a virtual network, include the following information in the template:

AttributeValueMandatory
VN_MADDriver:

* dummy for the Dummy Bridged mode
* bridge for the Bridged mode
* fw for Bridged with Security Groups		YES
BRIDGEName of the Linux bridge on the NodesNO (unless dummy)
PHYDEVName of the physical network device that will be attached to the bridge
(does not apply for dummy driver)		NO

For example, you can define a Bridged with Security Groups type network with the following template:

NAME    = "private1"
VN_MAD  = "fw"

VLAN filtering and trunking

By default the Linux bridge driver does not perform any filtering on the VLAN traffic generated by the Virtual Machines. You can limit the allowed VLAN to trunk in the VM ports with following attributes:

AttributeValueMandatory
VLAN_TAGGED_IDSpecify a range of VLANs that are allowed for the VM traffic.
Comma-separated list of tags, ranges are supported.		NO

For example to only allow a VM to use the VLANS IDs 100, 105, 106 and 107, add to the network:

VLAN_TAGGED_ID = "100,105-107"