| View previous topic :: View next topic |
| Author |
Message |
epsilon72
Guru
Joined: 20 Sep 2007
Posts: 416
|
 Posted: Mon Apr 27, 2009 2:48 am Post subject: How do I get networking to work with kvm? |
 |
|
I need help.
I've been trying for the past few hours to get networking to work with kvm, to no avail. All of the guides that I can find are completely different from eachother (bridge? tun? vde? iptables? what?) but after following each one to the letter I get the same outcome: No network connection with kvm.
So, I'm looking for a single definitive guide of how to get this thing going. I know next to nothing about network interfaces other than how to assign an ip to my network card, and point it at a gateway.
My kernel is set up to use masquerade/iptables, since I've seen that in more than one guide, but beyond configuring the kernel to use it I really don't have any idea what to do. If anyone can give me the exact options they pass to kvm to get their networking online that would help as well, because all of the examples I've seen are slightly different.
Has anyone been in my situation (total network/kvm newbie) and got this thing working? I'd rather not use vmware if I don't have to... |
|
| Back to top |
|
 |
Hu
Watchman
Joined: 06 Mar 2007
Posts: 6348
|
| Posted: Tue Apr 28, 2009 1:42 am Post subject: |
|
|
You are finding conflicting answers because KVM has multiple distinct ways to do networking. For each NIC visible in the guest, you can: use the Qemu user socket stack, use a tap device and have the host masquerade the traffic, use a tap device and have the host bridge the traffic, or use VDE to connect to other guests. Different choices are useful for different scenarios. The user socket stack is the easiest to set up, but is very limited in the control it gives you both for restricting guest network access and for permitting the guest to run servers. Tap devices give you flexible control over how the guest interacts with the network, but require more configuration.
Since you already have NAT support, I suggest you go the route of creating a tap device, attaching the guest to it, and setting the host to NAT the guest. The following should work, but this is from memory:
# emerge -n sys-apps/usermode-utilities
# tunctl -u user-who-runs-kvm tap0
# echo 1 > /proc/sys/net/ipv4/ip_forward
$ kvm -net nic -net tap,ifname=tap0 other-kvm-options
This should get you to the point that the guest is just like any other machine hidden behind a NAT, so the Gentoo home router guide can help you configure the NAT settings appropriately. Where that guide refers to the router, treat it as the KVM host. Where the guide refers to systems inside the LAN, treat it as the KVM guest.
Feel free to post back if you still need help, or if the steps I gave above do not work. |
|
| Back to top |
|
|
epsilon72
Guru
Joined: 20 Sep 2007
Posts: 416
|
| Posted: Fri May 01, 2009 10:13 pm Post subject: |
|
|
I'll read the gentoo routing guide, since I haven't gotten it to work yet.
I ran:
| Code: | | tunctl -u <my user name> -t tap0 |
and it then said:
| Code: | | Set 'tap0' persistent and owned by uid 1000 |
(1000 is my uid)
Then I tried:
| Code: | | kvm -net nic -net tap,ifname=tap0 <various other kvm options> |
and this returned:
| Code: | RTNETLINK answers: Operation not permitted
can't add tap0 to bridge eth0: Operation not supported
/etc/kvm/kvm-ifup: could not launch network script
Could not initialize device 'tap'
|
I have a debian install on another hard drive, and using the debian guide for kvm returned the same message
| Code: |
can't add tap0 to bridge eth0: Operation not supported
|
|
|
| Back to top |
|
|
schnake
n00b
Joined: 03 Dec 2003
Posts: 49
Location: Siegburg / Germany
|
| Posted: Sat May 02, 2009 12:23 am Post subject: |
|
|
I struggled with networking KVM recently, too. KVM's build in "Usermode" Network works (but only TCP, no UDP, no ICMP, ...). I also tried the "Bridges" way, but bridges do not always play nice with WLAN interfaces (especially when managed via WICD or NetworkManager).
The solution I finally choosed is "KVM switched networking". A "software switch" (via VDE) to which the VM's connect, and having that switch transparently providing Forwarding/NAT/DHCP to the guest OS. A Gentoo specific guide is at http://en.gentoo-wiki.com/wiki/KVMwithVDE and for general information see e.g. http://wiki.virtualsquare.org/index.php/VDE_Basic_Networking
I followed the Gentoo specific "KVM with VDE" guide, but put config and commands in init scripts / configs. That way you simply add the "kvmlan" init script to the default runlevel and are done (and never need to remember  )
/etc/conf.d/net - Add definition for the tap0 interface
| Code: | tuntap_tap0="tap"
config_tap0=( "10.1.1.1 netmask 255.255.255.0" ) |
/etc/init.d/net.tap0 - Create as symlink
| Code: | | ln -s net.lo net.tap0 |
/etc/conf.d/vde - Change (I have TUN module compiled in, and want to use group "kvm")
| Code: | # load the tun module
#VDE_MODPROBE_TUN="yes"
# virtual tap networking device to be used for vde
VDE_TAP="tap0"
# mode and group for the socket
VDE_SOCK_CHMOD="770"
VDE_SOCK_CHOWN=":kvm" |
/etc/conf.d/dnsmasq - Setting options
| Code: | | DNSMASQ_OPTS="--dhcp-range=10.1.1.1,10.1.1.20,255.255.255.0,2h --interface=tap0 --domain=kvm.lan" |
/etc/init.d/kvmlan - Create init script to enable forwarding/NAT.
| Code: | #!/sbin/runscript
TARGET_IF=$(/sbin/ip route list | awk '/^default / { sub(/.* dev /, ""); print $1 }')
depend() {
need net.${SOURCE_IF} vde dnsmasq
}
start() {
ebegin "Starting ${SVCNAME} ${SOURCE_IF} -> ${TARGET_IF}"
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ${TARGET_IF} -j MASQUERADE
eend $?
}
stop() {
ebegin "Stopping ${SVCNAME} ${SOURCE_IF} -> ${TARGET_IF}"
echo "0" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -D POSTROUTING -o ${TARGET_IF} -j MASQUERADE
eend $?
} |
/etc/conf.d/kvmlan - Create kvmlan config
Let's test it...
| Code: | /etc/init.d/kvmlan start
* Bringing up interface tap0
* Creating Tun/Tap interface tap0... [ ok ]
* 10.1.1.1... [ ok ]
* Starting vde... [ ok ]
* Starting dnsmasq... [ ok ]
* Starting kvmlan tap0 -> wlan0... [ ok ] |
... add it to default run level and forget about it 
| Code: | | rc-update add kvmlan default |
Now we can simply start KVM guests as stated in the "KVM with VDE"-Guide:
| Code: | | kvm -net vde,ifname=tap0,vlan=0 -net nic,vlan=0,macaddr=52:54:00:00:EE:03,script=no,downscript=no -m 256 -localtime -cdrom SomeCDrom.iso |
Just remember to give each VM a unique "macaddr" value.
Hope this helps. |
|
| Back to top |
|
|
schnake
n00b
Joined: 03 Dec 2003
Posts: 49
Location: Siegburg / Germany
|
| Posted: Sat May 02, 2009 12:33 am Post subject: |
|
|
Ah, and if you still prefer to go "Bridges"...
Hint: The error
| Code: | | can't add tap0 to bridge eth0: Operation not supported |
is perfectly valid! The interface eth0 is not a bridge. You must create / define / use a bridge interface (like "br0") instead. |
|
| Back to top |
|
|
Hu
Watchman
Joined: 06 Mar 2007
Posts: 6348
|
| Posted: Sat May 02, 2009 3:40 am Post subject: |
|
|
| epsilon72 wrote: |
| Code: | | Set 'tap0' persistent and owned by uid 1000 |
(1000 is my uid) |
Good.
| epsilon72 wrote: |
Then I tried:
| Code: | | kvm -net nic -net tap,ifname=tap0 <various other kvm options> |
and this returned:
| Code: | RTNETLINK answers: Operation not permitted
can't add tap0 to bridge eth0: Operation not supported
/etc/kvm/kvm-ifup: could not launch network script
Could not initialize device 'tap'
|
|
Change that second -net to be: -net tap,script=no,downscript=no,ifname=tap0 to suppress use of the start and stop scripts. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
