Using qemu:///session with bridged network

libvirt offers two ways of using the qemu/kvm hypervisor: 1. qemu:///system: Connects to the system libvirtd instance which is running as root 2. qemu:///session: Connects to (or starts) a libvirtd instance which is running as the current user A detailed explanation can be found at: http://blog.wikichoon.com/2016/01/qemusystem-vs-qemusession.html and on the official libvirt website: http://wiki.libvirt.org/page/FAQ#What_is_the_difference_between_qemu:.2F.2F.2Fsystem_and_qemu:.2F.2F.2Fsession.3F_Which_one_should_I_use.3F. To sum it up: qemu:///session avoids permission issues because it runs as the current user whereas qemu:///system allows the use of more advanced networking options which require root. Historically qemu:///session didn't allow to connect to a bridge, instead it used qemu's usermode networking which is a standalone implementation of the tcp/ip stack. There are a couple of downsides to this:

The guest is completely isolated and can't participate in the network directly
To connect to the guest it is necessary to configure port forwarding from the host
Network performance is slow

Luckily there is now a way to use existing bridges with qemu:///session. The tool qemu-bridge-helper can configure a tap device which connects the guest to a bridge. Unfortunately it doesn't seem to be configured correctly out-of-the-box in Ubuntu. Building libvirt from source I couldn't get this to work with the version of libvirt that ships with Ubuntu (I tested 14.04 and 15.10). So this is how I built the latest libvirt from source: 1. Install dependencies: sudo apt-get install libyajl-dev libxml2-dev libdevmapper-dev libpciaccess-dev libnl-3-dev libnl-route-3-dev 2. Configure & Compile ./configure && make 3. Install it (see https://help.ubuntu.com/community/CheckInstall) sudo checkinstall 4. Update shared libraries sudo ldconfig 5. Kill existing libvirtd instances (they will be started automatically in the following steps) killall libvirtd Configuration Here are the steps that allowed me to get it working on Ubuntu 14.04 and 15.10: 1. Install libvirt, kvm and other dependencies: sudo apt-get install libvirt0 libvirt-bin virtinst qemu-kvm 2. Add the user to the group 'libvirtd'. Don't forget to logout/login after this step. sudo usermod -a -G libvirtd [user] 2. Double-check that the default libvirt network and a bridge exists: virsh net-list # Should list the network 'default' virsh net-start default # Start the network if it is inactive virsh net-info default # Should show 'Bridge: virbr0' brctl show # Should list the bridge 'virbr0' 3. Allow qemu-bridge-helper to use the bridge by putting the following into /etc/qemu/bridge.conf: allow virbr0 4. qemu-bridge-helper needs root permissions to create the tap device. To allow a normal user to do this we need to set the suid bit: sudo chmod u+s /usr/lib/qemu-bridge-helper 5. Start a new VM similar to this: virt-install --connect qemu:///session --network bridge=virbr0 --name test --ram 128 --disk path=VirtualMachines/cirros-0.3.4-i386-disk.img --boot hd The new VM should automatically get an ip address from the libvirt dhcp server and it should be possible to ping/ssh from the host to the guest.