Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] QEMU guest networking
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
umka69
Tux's lil' helper
Tux's lil' helper


Joined: 31 Mar 2013
Posts: 124

PostPosted: Mon Sep 08, 2014 5:57 pm    Post subject: [SOLVED] QEMU guest networking Reply with quote

Hello.
I already ran minimal cd in QEMU environment.
There is a problem with network configuration of hypervisor, I think.
Can you help me with its configuration?
Host configs
Code:
den ~ # ifconfig
br0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        inet 192.168.1.4  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::813a:b125:254:c22d  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::e23f:49ff:feae:c278  prefixlen 64  scopeid 0x20<link>
        ether e0:3f:49:ae:c2:78  txqueuelen 0  (Ethernet)
        RX packets 29433  bytes 4611240 (4.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1356  bytes 273143 (266.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::e23f:49ff:feae:c278  prefixlen 64  scopeid 0x20<link>
        ether e0:3f:49:ae:c2:78  txqueuelen 1000  (Ethernet)
        RX packets 29433  bytes 5023302 (4.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1364  bytes 273791 (267.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 57673  bytes 21885826 (20.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 57673  bytes 21885826 (20.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Code:
den ~ # cat /etc/conf.d/net
config_enp3s0="null"
config_br0="dhcp"
brctl_br0="setfd 0
sethello 10
stp off"
bridge_br0="enp3s0"

Guest ifconfig
Code:
lifecd ~ # ifconfig
        enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.2.15  netmask 255.255.255.0  broadcast 10.0.2.255
        inet6 fe80::5054:ff:fe12:3456  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::59c1:f175:aeb3:433  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:12:34:56  txqueuelen 1000  (Ethernet)
        RX packets 2  bytes 1180 (1.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 17  bytes 1979 (1.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 2  bytes 140 (140.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2  bytes 140 (140.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Code:
lifecd ~ # ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2015ms

_________________
Make a wish, this text is magic. :)


Last edited by umka69 on Fri Sep 12, 2014 8:40 pm; edited 1 time in total
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3104

PostPosted: Mon Sep 08, 2014 8:21 pm    Post subject: Reply with quote

What do you want to do?
By default qemu runs network in user mode which means guest is a regular app accessing the internet the very same way any other app would do, but host is not aware of guest's network.

To get a more advanced setup you must tell qemu to bind virtual ethernet (TAP) devices instead. This would let you create bridged/routed virtual network you can configure pretty much the same way you would configure your lan.
Back to top
View user's profile Send private message
umka69
Tux's lil' helper
Tux's lil' helper


Joined: 31 Mar 2013
Posts: 124

PostPosted: Tue Sep 09, 2014 12:52 pm    Post subject: Reply with quote

Sorry. I need to set own IP address to each VM in my VLAN as well as to the hostnode.
But now network is not achievable from VM at all.
So, TUP/TUN can halp me?
But at first i think usermode must work.
_________________
Make a wish, this text is magic. :)
Back to top
View user's profile Send private message
umka69
Tux's lil' helper
Tux's lil' helper


Joined: 31 Mar 2013
Posts: 124

PostPosted: Tue Sep 09, 2014 6:17 pm    Post subject: Reply with quote

Ok. I've got TUN/TUP working.
But I cun't access to VM from my VLAN (network of host, my home VLAN) by SSH.
No SSH but it PINGing and i can see it in my router access list.
How to solve it?
_________________
Make a wish, this text is magic. :)


Last edited by umka69 on Tue Sep 09, 2014 6:28 pm; edited 1 time in total
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3104

PostPosted: Tue Sep 09, 2014 6:28 pm    Post subject: Reply with quote

Quote:
But at first i think usermode must work.

No, it doesn't. If I get you well, and you want all those VMs to be accessible from the network (no matter what kind of network), user mode networking is NOT wat you want. User mode only allows you call the internet from VM, but not the other way. It does not require any guest-side configuration at all though, as quemu provides guest with dhcpd-based network you can't even see from host's side.


What you do want is runing quemu with parameters binding it to TAP device, for example:
-net nic,macaddr="$MAC1",vlan=1 -net tap,ifname="$IFNAME",script="no",downscript="no",vlan=1

This line assumes yout $IFNAME is already configured host-side TAP device that will be assigned $MAC1 address.
You can also skip the part about scripts and have qemu's own scripts handle that, but this requires you to run qemu as root. Otherwise it won't be able to create TAP.

From this point, you can either go with bridged network (you're going to need brctl for this) or with routed network (iptables is sufficient).
Deppends on what you want to do. Either way will allow you assign a host-visible IP to your VMs

The guest config goes exacly the same way as it would in case of physical machine. E.g. you must run some services you want to use :lol:
Back to top
View user's profile Send private message
umka69
Tux's lil' helper
Tux's lil' helper


Joined: 31 Mar 2013
Posts: 124

PostPosted: Tue Sep 09, 2014 8:52 pm    Post subject: Reply with quote

Thank you! Now it is clear about network.
Guys, for all who need it! Here is useful man to the TUN/TUP approach. http://wiki.gentoo.org/wiki/QEMU/Options
I got SSH from VLAN, but still no VNC. Sorry, I'm quiet noob. :(
I'm starting VM with this script:
Code:
den ~ # cat GentooVM
#!/bin/sh
exec qemu-system-x86_64 \
        -enable-kvm \
        -boot d \
        -cdrom install-amd64-minimal-20140828.iso \
        -net tap,ifname=tap0,script=no,downscript=no -net nic,model=virtio \
        -cpu host -smp 2 \
        -drive file=/root/GentooVM.img,if=virtio \
        -m 2G \
        -vnc :0 \
        -k en-us \
        -monitor stdio \
        -name "Gentoo VM" \
        $@

It woks perfect. But no VNC form VLAN.
I'm connecting to "<HOST-IP>:5900". No result. Where is a mistake?
_________________
Make a wish, this text is magic. :)
Back to top
View user's profile Send private message
umka69
Tux's lil' helper
Tux's lil' helper


Joined: 31 Mar 2013
Posts: 124

PostPosted: Wed Sep 10, 2014 1:22 pm    Post subject: Reply with quote

Ok. The problem with external connection to VNC goes from security configuration.
It could be solved by adding VNC password. It can be made by this option:
Code:
qemu-system-x86_64 [...] -vnc :0,password [...]

QEMU monitor must be started too, so adding an option.
Code:
qemu-system-x86_64 [...] -monitor stdio [...]

Also it is necessary to setup VNC password by monitor command
Code:
(qemu) change vnc password


BUT it is not comfortable to reset password every booting.
Is there another way to set password?
PS: I know about qemu.config but it cause an error.
Code:
den ~ # sh GentooVM
qemu-system-x86_64:/etc/qemu/qemu.conf:1: no group defined

Code:
den ~ # cat GentooVM
#!/bin/sh
exec qemu-system-x86_64 \
        -enable-kvm \
        -boot d \
        -cdrom install-amd64-minimal-20140828.iso \
        -net tap,ifname=tap0,script=no,downscript=no -net nic,model=virtio \
        -cpu host -smp 2 \
        -drive file=/root/GentooVM.img,if=virtio \
        -m 2G \
        -vnc :0,password \
        -k en-us \
        -monitor stdio \
        -name "Gentoo VM" \
        $@

Code:
den ~ # cat /etc/qemu/qemu.conf
vnc_listen = "0.0.0.0"
vnc_password = "PASSWORD"

_________________
Make a wish, this text is magic. :)
Back to top
View user's profile Send private message
fargred
n00b
n00b


Joined: 19 Oct 2010
Posts: 67

PostPosted: Wed Sep 10, 2014 3:17 pm    Post subject: Reply with quote

SPICE > VNC
Back to top
View user's profile Send private message
vaxbrat
l33t
l33t


Joined: 05 Oct 2005
Posts: 731
Location: DC Burbs

PostPosted: Wed Sep 10, 2014 7:32 pm    Post subject: one other thing Reply with quote

Your /etc/conf.d/net has the bridge defaulting the spanning tree protocol setting (stp) to "off". This is meant to limit bridge to bridge traffic in larger networks. However it can block certain types of broadcast message traffic between the vm and hosts on another lan segment. For example if you have a dhcp server running in another host as a vm (eg Windows AD domain controller in VM on top of qemu hypervisor), your guest on this host will not be able to use it without stp turned "on" on both hypervisors bridges.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum