Virtual Switches - churchers/vm-bhyve GitHub Wiki
vm-bhyve is designed around the idea of having 'virtual switches'. You can create as many virtual switches as you like, and each switch has a simple name assigned to it.
When configuring a guest, you can specify the name of the switch to connect each interface to. When a guest is started, a virtual ethernet (tap) device is created, and it will be automatically added as a member of the specified virtual switch.
In the background, each virtual switch relates to a simple bridge interface on the system. vm-bhyve keeps track of which bridge each switch relates to (using the ifconfig groups feature) and uses this information to attach each tap interface to the correct bridge. If a switch name is less than 12 characters, the interface is called vm-{name}, which can be very useful when configuring other tools such as pf/dnsmasq.
Viewing information about virtual switches
You can view a list of switches and some basic details using the list command.
# vm switch list
NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS
public standard vm-public 192.168.8.1/24 no - - -
You can also view more detailed information, and connected guests using the info command.
# vm switch info public
------------------------
Virtual Switch: public
------------------------
type: auto
ident: bridge0
vlan: -
nat: -
physical-ports: re0
bytes-in: 385868007 (367.992M)
bytes-out: 401540470 (382.938M)
virtual-port
device: tap1
vm: wintest
Creating a simple switch called 'public'
In the example templates, each guest has a single interface connected to the public virtual switch. There is no specific reason for using this name, you could call your virtual switch anything you like.
# vm switch create public
# vm switch add public em0
Here we have created the virtual switch, and then attached em0 to it. If em0 is an interface that has Internet access, any guest connected to this virtual switch should also have Internet access.
Assigning a VLAN number
By assigning a vlan number to a virtual switch we create a vlan interface for each physical adapter connected to it. This vlan interface is then connected to the switch instead of the real interface. This should mean that guests on the switch can still communicate as normal, however packets leaving via the physical interface will pass through the vlan interface, and should be assigned the specified vlan tag.
# vm switch vlan public 10
To remove a vlan number from a virtual switch, just set it to 0
# vm switch vlan public 0
Using a custom bridge
Sometimes you may want to configure a bridge interface manually, if you want to use functionality not supported directly by vm-bhyve. In this case you can create a bridge interface manually in /etc/rc.conf, then import this into vm-bhyve.
# vm switch create -t manual -b bridge0 customswitch
This command assumes you have already created bridge0 manually. When run vm-bhyve will assign a description to the bridge interface. This means that if a guest has networkX_switch="customswitch" specified in the configuration, it will have that interface connected to your custom bridge.
NAT
Please see the Wiki page below for details on how to configure NAT.
https://github.com/churchers/vm-bhyve/wiki/NAT-Configuration
Troubleshooting
If you're unable to remove a virtual switch, check that an appropriate bridge exists for that switch. It should match the format "vm-<switch_name>", or, if the name contains the "-" character, just the bridge identifier "bridge<#>". If this is not the case, you'll need to remove the appropriate configuration for the virtual switch in question, then re-create the switch.
See https://github.com/churchers/vm-bhyve/issues/373 on working around the issue.