Skip to content

Problems

DHCP from lab-lan

Using the lan-lab.xml configuration:

<network>
    <name>lan-lab</name>
    <bridge name='virbr1' stp='on' delay='0'/>
    <ip address='10.0.0.1' netmask='255.255.255.0'>
        <dhcp>
            <range start='10.0.0.100' end='10.0.0.200'/>
        </dhcp>
    </ip>
</network>

Hosts were automatically receiving IP addresses via DHCP from the virbr1 network.This was incorrect, because OPNsense should be responsible for DHCP management, not libvirt.

In this setup, the libvirt network should act as a pure Layer 2 bridge, without any IP address or DHCP configuration.

Verifying the configuration

First, check the current network configuration:

sudo virsh net-dumpxml lan-lab

If the configuration contains an and/or section, for example:

<ip address='10.0.0.1' ...>
    <dhcp>
        ...
    </dhcp>
</ip>

then the network must be reconfigured.

Reconfiguring the libvirt network

⚠️ WARNING

After performing the following steps, it will no longer be possible to access the OPNsense GUI directly from the host OS (Arch Linux in this case).

This is expected, because the host will no longer have an IP address in the virbr1 network.

To access the GUI, you must:

  • create a VM connected to virbr1, and
  • configure the LAN interface and DHCP server in OPNsense
  • via option 2) Set interface IP address in the console.

Stop the network:

sudo virsh net-destroy lan-lab

Edit the network definition and remove the and sections:

sudo EDITOR="nano" /etc/libvirt/qemu/networks/lan-lab.xml

Any editor may be used (e.g. nano, vim, "subl -w").

Redefine the network:

sudo virsh net-define /etc/libvirt/qemu/networks/lan-lab.xml

Start the network and enable autostart:

sudo virsh net-start lan-lab
sudo virst net-autostart lan-lab

Network status showing DOWN

After editing the configuration, the virbr1 bridge may appear as DOWN.

This is normal libvirt behavior. The bridge will only become active when at least one virtual machine is connected to it.

Possible solutions:

  • start a VM that uses the lan-lab network, or
  • stop and start the network again after attaching a VM.

⚠️ WARNING

A host reboot alone may not bring the bridge up.

Changing the hostname

In OPNSense connected host-01 (rocky linux) has * hostname.

Set the hostname

sudo hostnamectl set-hostname host-01
sudo nano /etc/hosts

Edit /etc/hosts:

sudo nano /etc/hosts

Recommended content:

127.0.0.1   localhost
127.0.1.1   host-01
::1         localhost

Applying network changes

If the interface is managed by NetworkManager, reapply the configuration:

sudo nmcli device reapply <interface>

Otherwise, restart the appropriate network service.