Add static route on Mac OSX and Windows

Add static route on windows is very easy. Run command prompt as Administrator.

route -p add mask

Add static route on OS x, need the following steps

  1. Find the network service which can access gateway
    mac-mini:~ ladmin$ networksetup -listallnetworkservices
    An asterisk (*) denotes that a network service is disabled.
    Bluetooth DUN
    *Bluetooth PAN 2
    mac-mini:~ ladmin$ networksetup -getinfo LAN
    Manual Configuration
    IP address:
    Subnet mask:
    IPv6: Automatic
    IPv6 IP address: none
    IPv6 Router: none
    Ethernet Address: 00:1f:5b:33:1d:75
  2. set additional gateway on the network service
    mac-mini:~ ladmin$ sudo networksetup -setadditionalroutes LAN
    mac-mini:~ ladmin$ networksetup -getadditionalroutes LAN
  3. Check the route list

    mac-mini:~ ladmin$ netstat -rn
    Routing tables
    Destination        Gateway            Flags        Refs      Use   Netif Expire
    default      UGSc           18        0   vlan0
    default       UGScI           0        0     en0
    default       UGScI           0        0     en1
    default       UGScI           0        0     en2
    10/24         UGSc            0        0     en1
    127                UCS             0        0     lo0          UH             75  2330825     lo0
    169.254            link#8             UCS             1        0   vlan0
    169.254            link#4             UCSI            0        0     en0
    169.254            link#5             UCSI            0        0     en1

    Add more routing paths:

    iso@isoAir:/dev$ sudo networksetup -setadditionalroutes “Ethernet Pantalla Trabajo”
    iso@isoAir:/dev$ sudo networksetup -getadditionalroutes “Ethernet Pantalla Trabajo”


KVM access guest from outside host on CentOS

For default virbr0, it provides a way to help guest to access host (VM<–>host). But the guest cannot be accessed from outside host. But we can use the following commands to enable it temporally.

# iptables -D  FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
# iptables -D  FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable

The best way is to create another bridge for guest.

  1. create new bridge xml file (routeNetwork.xml)

      <bridge name="virbr100" />
      <forward mode="route" />
      <ip address="" netmask="" />
  2. create new bridge
    # virsh net-create routeNetwork.xml
  3. edit the bridge to enable dhcp (I think if we define DHCP at the first step, no need this one. If we don’t do this step, the persistent state is no. Not sure what the impact is.)
    # virsh net-edit routenetwork
      <forward mode='route'/>
      <bridge name='virbr100' stp='on' delay='0'/>
      <mac address='52:54:00:cc:3b:aa'/>
      <ip address='' netmask=''>
          <range start='' end=''/>
  4. Set the bridge autostart
    # virsh net-autostart routenetwork
  5. Check virtual networks
    # virsh net-list
     Name                 State      Autostart     Persistent
     default              active     yes           yes
     routenetwork         active     yes           yes
  6. add masquerade to firewalld
    # firewall-cmd --permanent --add-masquerade
  7. change guest network type
    # virsh --connect qemu:///system
    virsh # edit <VM's name>
    <interface type='bridge'>
      <mac address='52:54:00:ea:98:1a'/>
      <source bridge='virbr100'/>
      <model type='e1000'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
  8. shutdown and start the guest again
  9. add route on your router
    # sudo route -n add <host ip>

    Now the guest can access from your network via it ip 10.10.120.x.

    Other virsh commands used in managing virtual networks are:

    • virsh net-list — list virtual networks
    • virsh net-autostart [network name] — Autostart a network specified as [network name]
    • virsh net-create [XML file] — Generates and starts a new network using a preexisting XML file
    • virsh net-define [XML file] — Generates a new network from a preexisting XML file without starting it
    • virsh net-destroy [network name] — Destroy a network specified as [network name]
    • virsh net-name [network UUID] — Convert a specified [network UUID] to a network name
    • virsh net-uuid [network name — Convert a specified [network name] to a network UUID
    • virsh net-start [name of an inactive network] — Starts a previously undefined inactive network
    • virsh net-undefine [name of an inactive network] — Undefine an inactive network
    • virsh net-dumpxml [network name] — Dump network as xml file