Configuring KVM Network Bridge (Using Hetzner ISP)

Configuring Ubuntu 16.04 KVM Server for Bridged Networking
Network Configuration

Ubuntu 16.04 networking can be configured by modifying the /etc/network/interfaces file. It is necessary to generate a bridge for the virtual machine to route traffic through (virbr1).


auto lo
iface lo inet loopback
iface lo inet6 loopback

auto eth0
iface eth0 inet static
# route via
up route add -net netmask gw dev eth0

iface eth0 inet6 static
address 2a01:4f8:171:ed3::2
netmask 128
gateway fe80::1

auto virbr1
iface virbr1 inet static

#virbr1 has the same ip address as eth0
bridge_ports none
bridge_stp off
bridge_fd 0
pre-up brctl addbr virbr1

#add an IPV4 route through to the virtual machine's IP address
up ip route add dev virbr1
down ip route del dev virbr1

iface virbr1 inet6 static
address 2a01:4f8:171:ed3::2

#note that the IPV6 netmask is /64, 
#rather than the /128 used by eth0's  configuration
netmask 64

Modifying /etc/sysctl.cnf to enable packet forwarding

sysctl parameters need to be modified to allow IPV4 and IPV6 packets to be forwarded onto client virtual machines. These can be set temporarily with the sysctl command, or via the /etc/sysctl.cnf file.

The following parameters should be enabled in the /etc/sysctl.cnf file



Run sysctl -p to reload /etc/sysctl.cnf parameters

Firewall (UFW) Configuration

(If enabled), the UFW firewall will block traffic to machines connecting to the network bridge; The default forwarding policy will need to be modified.

This can be done by editing the /etc/default/ufw file and changing the DEFAULT_FORWARD_POLICY parameter to ACCEPT:


Ufw must be reloaded after this file has been modified, with ufw reload
Configuring Ubuntu 18.04 Virtual Machine for Bridged Networking
Ubuntu 18.04 can no longer use /etc/network/interfaces to configure networking. Networking must be configured with the /etc/netplan/50-cloud-init.yaml file.

netplan generate will generate a set of backend configuration files based on the contents of /etc/netplan/50-cloud-init.yaml.

netplan apply will apply the set of generated backend rules

The below /etc/netplan//50-cloud-init.yaml file is set to configure the device ens3 with an IPV4 address of (/26 subnet) to route through (/64 subnet), and an IPV6 address of 2a01:4f8:171:ed3::4 to route through 2a01:4f8:171:ed3::2

# /etc/netplan/50-cloud-init.yaml
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
- 2a01:4f8:171:ed3::4/64
gateway6: 2a01:4f8:171:ed3::2
search: []
optional: true
version: 2
Equivalent Ubuntu 16.04 Virtual Machine Configuration
Ubuntu 16.04 can be configured via /etc/network/interfaces. The below is the equivalent of 18.04's /etc/netplan/50-cloud-init.yaml configuration
auto ens3
iface ens3 inet static

iface ens3 inet6 static
address 2a01:4f8:171:ed3::3
netmask 64
gateway 2a01:4f8:171:ed