KVM - QEMU - how to configure NIC for VM Pfsense, other vm's and physical devices

[luckypt]

Hello,

I'm having problems to config one interface in KVM-QEMU, because I don't know how I have to do it.
I have one VM with PfSense - one nic (LAN) on bridge to give ip to the host and other VM's and one nic (WAN) on passthrough.
I want to configure a 3rd NIC to use with only the VM pfsense as a dhcp server to physical devices and other VM's (need network interface for this VM).
Do I need to add it in the interfaces? as a virtual network? I don't want the host machine to have access directly to the 3rd NIC.

Can anyone help me?

Thank you

[hunter86_bg]

I guess that everyone is puzzled what you are trying to achive.
Maybe a short diagram could lead to more responses...

[MrCalvin]

This is my setup using Debian buster as host. Debian uses ipupdown, I don't know if that the case with CentOS(?)
/etc/network/interface:

Code: Select all

#Physical interface:
iface eno1 inet manual
iface eno2 inet manual

#Bridge interfaces br0:
auto brLAN
iface brLAN inet static
        bridge_ports eno1
        address 10.0.1.10
        netmask 255.255.255.0
        gateway 10.0.1.1
        bridge_stp off
        bridge_maxwait 0
        bridge_fd 0

#Bridge interfaces brwan:
auto brWAN
iface brWAN inet manual
        bridge_ports eno2
        #address 10.1.1.1
        #netmask 255.255.255.0
        bridge_stp off
        bridge_maxwait 0
        bridge_fd 0
     
#Loopback interface lo:
auto lo
iface lo inet loopback

Overview:

Code: Select all

ID   Name   Link     IP4        Source    MAC                Type      Details
---  -----  -------  ---------  --------  -----------------  --------  ------------------------------------------------------------
1    lo     UNKNOWN  127.0.0.1  loopback  00:00:00:00:00:00  Virtual   Loopback device
2    eno1   UP                  manual    ac:1f:6b:91:0e:b2  Physical  I210 Gigabit Network Connection [1533]
3    eno2   UP                  manual    ac:1f:6b:91:0e:b3  Physical  I210 Gigabit Network Connection [1533]
4    brLAN  UP       10.0.1.10  StaticIP  ac:1f:6b:91:0e:b2  Virtual   Bridge (child interface: eno1 vnet0 vnet2 vnet3 vnet4 vnet5)
5    brWAN  UP                  manual    ac:1f:6b:91:0e:b3  Virtual   Bridge (child interface: eno2 vnet1)
6    vnet0  UNKNOWN             0         fe:54:00:f4:8d:37  Virtual
7    vnet1  UNKNOWN             0         fe:de:27:f6:d4:b3  Virtual
8    vnet2  UNKNOWN             0         fe:54:00:81:bf:a5  Virtual
9    vnet4  UNKNOWN             0         fe:54:00:f0:b2:e4  Virtual
10   vnet5  UNKNOWN             0         fe:54:00:ed:b3:c0  Virtual
11   vnet3  UNKNOWN             0         fe:54:00:16:27:1c  Virtual

NAMESERVERS:
-------------------
10.0.1.1

GATEWAY/ROUTES:
-------------------
Default route: brLAN / 10.0.1.1
Additional route:

BRIDGES:
-------------------
bridge name     bridge id               STP enabled     interfaces
brLAN           8000.ac1f6b910eb2       no              eno1
                                                        vnet0
                                                        vnet2
                                                        vnet3
                                                        vnet4
                                                        vnet5
brWAN           8000.ac1f6b910eb3       no              eno2
                                                        vnet1

My OPNsense VM is using brWAN/vnet1