| View previous topic :: View next topic |
| Author |
Message |
lalebarde
Guru
Joined: 03 Sep 2006
Posts: 464
Location: France, Haute-Garonne
|
 Posted: Tue Nov 09, 2010 11:37 pm Post subject: [SOLVED] I can't manage having my openbsd qemu guest network |
 |
|
EDIT Nov 14th in dark red --> SOLVED
EDIT Nov 13th in dark blue
Hi all,
I want to use kvm-qemu with openbsd as a guest, and tun/tap to access the web with the host (my gentoo) as a router with NAT (I did not manage with the direct bridging method). I have followed this howto : http://en.gentoo-wiki.com/wiki/KVM#Enabling_the_access_to_Internet, with some help from here for tun/tap : https://forums.gentoo.org/viewtopic-t-851828.html.
But when I boot openbsd in kvm-qemu, I don't see the router, though the configuration looks ok to me (but I am a network noob).
In fact, it is not exactly I don't see it. It answers : | Code: | #ping 192.168.99.1
ping: sendto: Host is down
ping: wrote 192.168.99.1 64 chars, ret=-1 |
My interpretation is that the guest can send packets to the bridge, but receive no answer.
| Code: | # uname -a
Linux JANUS 2.6.30-tuxonice-r6 #11 SMP PREEMPT Sat Nov 6 18:03:52 CET 2010 x86_64 Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz GenuineIntel GNU/Linux |
Here is what I did :
| Code: | # cat /etc/conf.d/net
dns_domain_lo="MAISON"
bridge_br0="qtap0"
brctl_br0=( "setfd 0" "sethello 10" "stp off" )
rc_need_br0="net.qtap0"
config_eth0=( "192.168.0.10/24" )
routes_eth0=( "default via 192.168.0.1" )
dns_servers_eth0="212.27.40.240 212.27.40.241"
config_br0=( "192.168.99.1/24" )
config_qtap0=( "null" )
tuntap_qtap0="tap"
tunctl_qtap0="-u chronos"
mac_qtap0="02:5a:4b:3c:2d:1e"
|
| Code: | # ls -l /etc/init.d/net.*
lrwxrwxrwx 1 root root 6 8 nov. 00:14 /etc/init.d/net.br0 -> net.lo
lrwxrwxrwx 1 root root 6 5 nov. 23:00 /etc/init.d/net.eth0 -> net.lo
-rwxr-xr-x 1 root root 30689 5 nov. 22:57 /etc/init.d/net.lo
lrwxrwxrwx 1 root root 6 8 nov. 00:14 /etc/init.d/net.tap0 -> net.lo |
| Code: | # lsmod | egrep -i "kvm|qemu|tun"
tun 14264 1
kvm_intel 39040 0
kvm 157504 1 kvm_intel |
| Code: | # tail /etc/sysctl.conf
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-ip6tables = 0 |
| Code: | [color=darkblue]# rc-update show | egrep -i "kvm|net|bridge"[/color]
bridge_forward | default
kvm | default
local | default nonetwork
net.eth0 | default
net.lo | boot
netmount | default |
/etc/init.d/kvm and /etc/init.d/bridge_forward being the scripts from the howto. I had to change one line in kvm in the start function for the address of the host which serves as the guest router: | Code: | | /sbin/ifconfig br0 192.168.0.10 netmask 255.255.255.0 up} |
As a result, here is my network configuration : | Code: | # ifconfig -a
br0 Lien encap:Ethernet HWaddr 02:5a:4b:3c:2d:1e
inet adr:192.168.99.1 Bcast:192.168.99.255 Masque:255.255.255.0
adr inet6: fe80::5a:4bff:fe3c:2d1e/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:367 errors:0 dropped:0 overruns:0 frame:0
TX packets:394 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:10320 (10.0 KiB) TX bytes:17016 (16.6 KiB)
eth0 Lien encap:Ethernet HWaddr a4:ba:db:e9:66:02
inet adr:192.168.0.10 Bcast:192.168.0.255 Masque:255.255.255.0
adr inet6: fe80::a6ba:dbff:fee9:6602/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8526 errors:0 dropped:0 overruns:0 frame:0
TX packets:10184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
RX bytes:6556042 (6.2 MiB) TX bytes:1857714 (1.7 MiB)
Interruption:17
lo Lien encap:Boucle locale
inet adr:127.0.0.1 Masque:255.0.0.0
adr inet6: ::1/128 Scope:Hôte
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:361 errors:0 dropped:0 overruns:0 frame:0
TX packets:361 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:50193 (49.0 KiB) TX bytes:50193 (49.0 KiB)
qtap0 Lien encap:Ethernet HWaddr 02:5a:4b:3c:2d:1e
adr inet6: fe80::5a:4bff:fe3c:2d1e/64 Scope:Lien
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:389 errors:0 dropped:0 overruns:0 frame:0
TX packets:422 errors:0 dropped:18 overruns:0 carrier:0
collisions:0 lg file transmission:500
RX bytes:16418 (16.0 KiB) TX bytes:18472 (18.0 KiB)
sit0 Lien encap:IPv6-dans-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
|
| Code: | [color=darkblue]# route[/color]
Table de routage IP du noyau
Destination Passerelle Genmask Indic Metric Ref Use Iface
192.168.99.0 * 255.255.255.0 U 0 0 0 br0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default GATEWAY 0.0.0.0 UG 0 0 0 eth0
|
| Code: | # cat /etc/hosts
127.0.0.1 JANUS.MAISON JANUS localhost
#::1 localhost
192.168.0.1 GATEWAY FREEBOX |
I have no EE (error) nor WW (warnings) in dmesg. Internet works well on the host. kvm looks ok : | Code: | # dmesg | grep kvm
[ 29.847152] loaded kvm module (kvm-kmod-2.6.34.1)
[ 29.847153] kvm: paravirtual wallclock will not work reliably accross host suspend/resume
[ 170.789202] kvm: 6257: cpu0 unhandled wrmsr: 0x198 data 0 |
tun, tap also : | Code: | # dmesg | grep tun
[ 14.195902] IPv6 over IPv4 tunneling driver
[ 29.879689] tun: Universal TUN/TAP device driver, 1.6
[ 29.879691] tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
# dmesg | grep tap
[ 29.927801] device qtap0 entered promiscuous mode
[ 29.929892] br0: port 1(qtap0) entering forwarding state
[ 30.341617] br0: port 1(qtap0) entering disabled state
[ 30.353903] br0: port 1(qtap0) entering forwarding state
[ 41.048955] qtap0: no IPv6 routers present
[ 203.002125] qtap0: received packet with own address as source address
[ 203.002143] qtap0: received packet with own address as source address
[ 204.469756] qtap0: received packet with own address as source address
[ 205.656161] qtap0: received packet with own address as source address
[ 209.620494] qtap0: received packet with own address as source address
[ 210.658634] qtap0: received packet with own address as source address
[ 214.641578] qtap0: received packet with own address as source address
[ 249.699513] qtap0: received packet with own address as source address
[ 253.753471] qtap0: received packet with own address as source address
[ 254.710414] qtap0: received packet with own address as source address
[ 259.721689] qtap0: received packet with own address as source address
[ 264.722716] qtap0: received packet with own address as source address
[ 294.699835] qtap0: received packet with own address as source address
[ 299.700741] qtap0: received packet with own address as source address
[ 304.701844] qtap0: received packet with own address as source address
[ 309.703083] qtap0: received packet with own address as source address
[ 314.704215] qtap0: received packet with own address as source address
[ 354.793298] qtap0: received packet with own address as source address
[ 359.794181] qtap0: received packet with own address as source address
[ 364.795423] qtap0: received packet with own address as source address
[ 369.796571] qtap0: received packet with own address as source address
[ 374.797705] qtap0: received packet with own address as source address
[ 389.909717] br0: port 1(qtap0) entering disabled state
[ 389.916535] device qtap0 left promiscuous mode
[ 389.916537] br0: port 1(qtap0) entering disabled state
[ 389.950251] device qtap0 entered promiscuous mode
[ 389.960554] br0: port 1(qtap0) entering forwarding state
[ 390.808870] qtap0: received packet with own address as source address
[ 414.766997] qtap0: received packet with own address as source address
[ 419.767797] qtap0: received packet with own address as source address
|
This is suspicious.SOLVED
I installed the guest with : | Code: | $ qemu-img create -f qcow2 openbsd-4.8-amd64.img 10G
$ kvm -hda openbsd-4.8-amd64.img -cdrom install48.iso -boot d -m 1000 -k fr -smp 1 -cpu Nehalem -net nic,macaddr=02:5a:4b:3c:2d:1e -net tap,ifname=qtap0,script=no,downscript=no |
And I run it with : | Code: | | kvm -hda openbsd-4.8-amd64.img -m 1000 -k fr -net nic,macaddr=02:5a:4b:3c:2d:1e -net tap,ifname=qtap0,script=no,downscript=no |
replaced by : | Code: | | kvm -hda openbsd-4.8-amd64.img -m 1000 -k fr -net nic,macaddr=02:5a:4b:3c:2d:10 -net tap,ifname=qtap0,script=no,downscript=no |
Note the different MAC address.
Now let's have a look in the guest :
| Code: | # dmesg | grep re0
re0 at pci0 dev 3 function 0 "Realtek 8139" rev 0x20: RTL8139C+ (0x7480), apic 1 int 11 (irq 11), address 02:5a:4b:3c:2d:1e
rlphy0 at re0 phy 0: RTL internal PHY |
| Code: | # ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33160
priority: 0
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 02:5a:4b:3c:2d:1e
priority: 0
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.99.66 netmask 0xffffff00 broadcast 192.168.99.255
inet6 fe80::5a:4bff:fe3c:2d1e%re0 prefixlen 64 scopeid 0x1
enc0: flags=0<>
priority: 0
groups: enc
status: active
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33160
priority: 0
groups: pflog |
| Code: | # cat /etc/hostname.re0
inet 192.168.99.66 255.255.255.0 |
| Code: | # cat /etc/mygate
192.168.0.10 |
| Code: | #cat /etc/resolv.conf
lookup file bind
nameserver 212.27.40.240
nameserver 212.27.40.241 |
So I thing I could ping the host at 192.168.0.10 or whatever else as www.google.fr, but it does not work.
Any clue ?
EDIT Nov 10th : In the host, I get : | Code: | # rc-status
Runlevel: default
bridge_forward [ stopped ]
net.br0 [ stopped ] |
| Code: | # /etc/init.d/net.br0 start
* Service net.br0 starting
set hello timer failed: Invalid argument
network interface tap0 does not exist
Please verify hardware or kernel module (driver) [ !! ]
* ERROR: net.br0 failed to start |
EDIT Nov 12th : If I run bridge_forward after boot, the Nov 10th problem is solved. Their shall be some conditions to add for the service to start in the right order. | Code: | # /etc/init.d/bridge_forward start
* Service bridge_forward starting
* Service net.br0 starting
set hello timer failed: Invalid argument
* Service net.br0 started
* Service bridge_forward started |
So now my bridge and it's tap interface looks ok, and the guest looks ok too but no one can see the other. I wonder about iptables.....
EDIT Nov 13th : I have added a udev rule like described here : https://forums.gentoo.org/viewtopic-t-631334-start-0.html, but it does not solve my problem. Also found this for some explanations (in french) : http://www.adella.org/spip/QEMU-Configurer-le-reseau.
EDIT Nov 13th : One point I have understood of great importance, if I don't fool myself, is that the host bridge ip corresponds to the guest gateway. Second point, in the doc http://en.gentoo-wiki.com/wiki/KVM, for file : /etc/conf.d/net, in line : brctl_br0=( "setfd 0" "sethello 0" "stp off" ), put something else than 0 for sethello. Cf : https://forums.gentoo.org/viewtopic-t-731171.html.
EDIT Nov 13th : I tried to add ip rules found here : http://felipec.wordpress.com/2009/12/27/setting-up-qemu-with-a-nat/ | Code: | # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# iptables -I FORWARD 1 -i tap0 -j ACCEPT
# iptables -I FORWARD 1 -o tap0 -m state --state RELATED,ESTABLISHED -j ACCEPT
|
but it changes nothing.
 HELP PLEASE
EDIT Nov 14th : solved thanks to : http://hardenedgentoo.blogspot.com/2010/04/kvm-setup-with-bridged-networking.html. Contrary to what is in the doc http://en.gentoo-wiki.com/wiki/KVM | Quote: | | The key to this approach is to make sure you have unique mac addresses on both the host's tuntap interface as well as the guest. |
That is what makes it fails. The MAC address SHALL be different | Quote: | | Moreover, you need to specify mac address for the VM and it has to be different that the one specified for given tap interface in /etc/conf.d/net file. |
Thanks radegand  .I have opened a bug : https://bugs.gentoo.org/show_bug.cgi?id=345327 |
|
| Back to top |
|
 |
FranZ
Apprentice
Joined: 15 Feb 2004
Posts: 212
Location: Enschede, Holland
|
| Posted: Tue Nov 23, 2010 8:23 pm Post subject: |
|
|
Removing from unanswered posts.
_________________
Horse sense is the thing that keeps horses from betting on people. --W.C. Fields
Ask Smart Questions |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
