In , I talked about how to use (OVS) fake bridges to bring VLAN support into your environment. In this article, I show you how to wrap a virtual network around your OVS fake bridge.

You might ask, “Why wrap a libvirt virtual network around an OVS fake bridge when you can just use the OVS bridge directly?” That’s a good question, and—to be perfectly honest—I don’t have a great answer. At first glance, it seems like it might make things easier if you are mixing both OVS-based networks and other types of networks, but I don’t know that for certain. If anyone has any feedback one way or the other (why this is a good idea or why it’s not a good idea), please speak up in the comments.

Now that we have that out of the way, the process for using a libvirt virtual network with an OVS fake bridge is actually pretty straightforward. First, create the appropriate OVS fake bridges using the instructions in . So, for example, you might create a fake bridge for VLAN 100 like this:

ovs-vsctl add-br vlan100 ovsbr0 100

Next, create an XML definition for a libvirt virtual network. For a fake bridge named vlan100, your XML definition might look something like this:

vlan100-net

Then, in the guest domain configuration, you reference the libvirt virtual network instead of the underlying bridge directly, like this:

...

And that’s it! Based on my testing, it even appears that you can make this change on the fly, without having to reboot the guest domain. However, I could be wrong—if anyone knows definitively, please speak up in the comments. Any other corrections, clarifications, or questions are also welcome in the comments below.