Host to use VM as DHCP server & default gateway

autkin · April 14, 2026, 6:17pm

I created an OpenWRT VM in Incus, gave that VM a physical uplink NIC, and now am trying to set up a virtual interface between host and VM which would make it easy to point host’s NetworkManager to it, to obtain IPv4 and even more importantly IPv6 automatic configuration from OpenWRT VM.

What partially worked is

incus network create --type=bridge openwrt-lan
# edited until looks like this:
 # incus network show openwrt-lan
config:
  ipv4.address: 10.77.77.254/24
  ipv4.dhcp: "false"
  ipv4.firewall: "true"
  ipv4.nat: "false"
  ipv4.routing: "true"
  ipv6.address: 2a11:2646:113e:3::3/64
  ipv6.dhcp: "false"
  ipv6.firewall: "true"
  ipv6.nat: "false"
  ipv6.routing: "true"
description: ""
name: openwrt-lan
type: bridge
used_by:
- /1.0/instances/client-of-openwrt-lan
- /1.0/instances/openwrt-uplinks
managed: true
status: Created
locations:
- none
project: default

incus network attach openwrt-lan openwrt-uplinks lan
ip route add default via 10.77.77.1 dev openwrt-lan

This has let through IPv4 pings and TCP from the _host_ to the internet. But I doubt I should tell NetworkManager to run DHCPv4+DHCPv6 on such interface as it’s managed by Incus. (But I can try it.)

I tried the following (and configured OpenWRT side of the interface), but the pings between VM and host didn’t go through. Is this supposed to work?

nmcli con add connection.id owrt-lan-dhcp type bridge ifname owrt-lan-dhcp
incus config device add openwrt-uplinks owrt-lan-dhcp nic nictype=routed parent=owrt-lan-dhcp host_name=ow-lan-dhcp-if ipv4.address=172.29.90.1 ipv4.host_address=172.29.90.2

Foreseeing the question “why such perversion”, I agree it is, and the reason is that NetworkManager fails to configure IPv6 on my uplink, while OpenWRT succeeds: Making sure you're not a bot!

stgraber · April 15, 2026, 5:05pm

Wouldn’t a p2p interface make more sense here? You can then treat that as a LAN interface on the OpenWRT side and run a normal DHCP client on it on the host side.

autkin · April 16, 2026, 7:24pm

Thanks @stgraber !

This is promising (I suspect nictype=routed similarly is), it’s apparently NetworkManager which lets me down.

After I do

incus config device add openwrt-uplinks owrt_lan_p2p nic nictype=p2p host_name=owrt_lan_p2p

the interface on both sides gets IPv6 autoconf fe80::… addresses which can ping each other immediately.

But setting up DHCP client using NM doesn’t work - on TAP interface directly, or intermediated by a bridge. I think it’s just bugginess of the path less traveled.

 $ nmcli con add connection.id owrt-lan-p2p-br type bridge ifname owrt_lan_p2p_b
 $ nmcli connection add type tun mode tap ifname owrt_lan_p2p master owrt_lan_p2p_b port-type bridge connection.id olpb-slave
 $ nmcli con up olpb-slave
Error: Connection activation failed: Failed to find a compatible device for this connection

And this actually worked

systemctl enable --now dhcpcd@owrt_lan_p2p