late or early

Today I wanted to create a good old segmented vm on kvm/qemu on my workstation at home.
So I created an encrypted 18.04 LTS server to use for a project to separate it from my other environment.
No need for X and fancy stuff for this installation, just ssh, python and such.

So now to the gist of the problem with sleep deprivation and bad memory :)
I forgot that both NAT and (default) mactap doesn’t work with host to guest communication in kvm/quemu.

After some searching the internetz I found this.
https://wiki.libvirt.org/page/TroubleshootMacvtapHostFail

In short, if things gets lost on the internet in the future:

Save the following XML to /tmp/isolated.xml:

<network>
  <name>isolated</name>
    <ip address='192.168.254.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.254.2' end='192.168.254.254' />
    </dhcp>
  </ip>
</network>

if the 192.168.254.0/24 network is already in use elsewhere on your network, choose a different network

Create the network, set it to autostart, and start it:

virsh net-define /tmp/isolated.xml
virsh net-autostart isolated
virsh net-start isolated

Edit (using virsh edit $guestname) the configuration of each guest that uses direct (macvtap) or NAT for its network connection and add a new in the section similar to the following:

   <interface type='network'>
     <source network='isolated'/>
     <model type='virtio'/>
   </interface>

If you use a server installation you must edit netplan conf and add dhcp to the newly created isolated nic

The guests will now be able to reach the host at the address 192.168.254.1, and the host will be able to reach the guests at whatever IP address they acquired from DHCP (alternately you can manually configure them). Since this new network is isolated to only the host and guests, all other communication from the guests will use the macvtap or NAT interface.

And at last do not forget your well earned Coffee.