View previous topic :: View next topic |
Author |
Message |
umka69 Tux's lil' helper
Joined: 31 Mar 2013 Posts: 124
|
Posted: Wed Sep 24, 2014 4:05 pm Post subject: TUN/TAP networking |
|
|
Hello.
I'm running several VMs over QEMU. Networking is configured by TUN/TAP devices.
It works but I can't rich one VM from another one.
host ICMP to internet = works
guest1 ICMP to hostnode or internet = works
guest2 ICMP to hostnode or internet = works
guest2 ICMP to guest1 = fails
There are two questions to comuity:
1. How to configurat TUN with /etc/conf.d/net for riching one VM from another?
2. Is TUN/TAP the best way in case of problem?
Configurations of host machine's environment:
Code: | den ~ # cat /etc/conf.d/net
tuntap_tap0="tap"
tuntap_tap1="tap"
config_tap0="null"
config_tap1="null"
config_enp3s0="null"
config_br0="dhcp"
bridge_br0="enp3s0 tap0 tap1"
rc_net_br0_need="net.enp3s0 net.tap0 net.tap1"
|
_________________ Make a wish, this text is magic. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21633
|
Posted: Wed Sep 24, 2014 10:17 pm Post subject: |
|
|
Yes, TUN/TAP is a good choice here. What is the nature of the failure? What error messages appear when you try it? Can guest2 communicate with guest1 over any protocol? |
|
Back to top |
|
|
vaxbrat l33t
Joined: 05 Oct 2005 Posts: 731 Location: DC Burbs
|
Posted: Thu Sep 25, 2014 4:08 am Post subject: |
|
|
Check your /etc/sysctl.conf file:
Code: | # Disables packet forwarding
net.ipv4.ip_forward = 0
|
Should be
Code: |
# Enable packet forwarding
net.ipv4.ip_forward = 1
|
and
Code: | # Ignore ICMP broadcasts
#net.ipv4.icmp_echo_ignore_broadcasts = 1
|
becomes
Code: | # Don't Ignore ICMP broadcasts
net.ipv4.icmp_echo_ignore_broadcasts = 0
|
also you want to enable spanning tree protocol on your bridge (stp on) in /etc/conf.d/net
Code: | brctl_br0=( "setfd 0" "sethello 0" "stp on" )
|
|
|
Back to top |
|
|
umka69 Tux's lil' helper
Joined: 31 Mar 2013 Posts: 124
|
Posted: Fri Sep 26, 2014 5:59 pm Post subject: |
|
|
Thx, I did this. The same error after rebooting.
HOST configs:
Code: | HOST ~ # cat /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 0
HOST ~ # iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
HOST ~ # cat /etc/conf.d/net
tuntap_tap0="tap"
tuntap_tap1="tap"
config_tap0="null"
config_tap1="null"
config_enp3s0="null"
config_br0="dhcp"
# config_br0="192.168.1.1/24"
brctl_br0=( "setfd 0" "sethello 0" "stp on" )
mac_br0="aa:bb:cc:dd:ee:ff"
bridge_br0="enp3s0 tap0 tap1"
rc_net_br0_need="net.enp3s0 net.tap0 net.tap1"
|
GUEST2 network status
Code: | GUEST2 ~ # ping -c3 192.168.1.9
PING 192.168.1.9 (192.168.1.9) 56(84) bytes of data.
From 192.168.1.7: icmp_seq=1 Destination Host Unreachable
From 192.168.1.7: icmp_seq=2 Destination Host Unreachable
From 192.168.1.7: icmp_seq=3 Destination Host Unreachable
--- 192.168.1.9 ping statistics ---
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 1999ms
pipe 3
GUEST2 ~ # traceroute 192.168.1.9
traceroute to 192.168.1.9 (192.168.1.9), 30 hops max, 60 byte packets
1 192.168.1.7 (192.168.1.7) 3005.668 ms !H 3005.640 ms !H 3005.636 ms !H
|
PS: GUEST2=192.168.1.7 GUEST1=192.168.1.9 _________________ Make a wish, this text is magic. |
|
Back to top |
|
|
|