| View previous topic :: View next topic |
| Author |
Message |
xaviermiller
Bodhisattva
Joined: 23 Jul 2004
Posts: 8708
Location: ~Brussels - Belgique
|
 Posted: Mon Sep 15, 2014 5:18 pm Post subject: QEMU (winxp) + wireless + tap ? |
 |
|
Hello,
I have QEMU running a Windows XP VM. It can access to internet, but I would like to access to it from my Gentoo host, and vice-versa.
The difficult thing is that the working physical network interface is wireless and I've read bridging cannot be done with wireless interfaces.
I don't find a simple HOWTO on that subject... how can I achieve this ?
I've tried by creating a tap interface for my user, but without luck...
For now, my QEMU command-line is: | Code: | #!/bin/sh
ROOT=/data/winxp
export SPICE_PORT=5924
qemu-system-i386 \
-smp 2 \
-daemonize \
-enable-kvm \
-cpu host \
-drive file=${ROOT}/WindowsVM.img,if=virtio \
-net nic,model=rtl8139 -net user,hostname=windowsvm \
-smb /data \
-m 2G \
-name Windows \
-vga qxl \
-spice port=${SPICE_PORT},disable-ticketing \
-usbdevice tablet \
-device virtio-serial \
-chardev spicevmc,id=vdagent,name=vdagent \
-device virtserialport,chardev=vdagent,name=com.redhat.spice.0 \
-rtc base=localtime \
"$@"
exec spicec --title "QEMU - Windows XP" -h localhost -p ${SPICE_PORT}
|
_________________
Kind regards,
Xavier Miller |
|
| Back to top |
|
 |
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3131
|
| Posted: Mon Sep 15, 2014 8:59 pm Post subject: |
|
|
this topic is poping again and again and again, one of those was like last week.
Anyway, don't use usermode networking. Go for bridge instead.
Long time ago I wrote a launcher like this. I don't say it's perfect, but it does what I wanted it to do.
| Code: | #! /bin/bash
# HELP: This script is intended to be ran by user with limited priviliges.
# HELP: User must be allowed to run 'sudo tunctl', 'sudo brctl' and 'sudo ifconfig' in order to work.
# HELP: Intended invocation of this script is:
# HELP: "cmd=<params you want to append to qemu command line> <THIS FILE'S NAME> <virtual machines name> [name of the bridge to bind]"
# HELP: Multiple bridges are allowed. Bridges must already exist and be configured before this script is started (e.g. configured by init scripts).
# HELP: Feel free to edit contents of "static_params" near the end of this file to define set of options you want always active.
# FUNCTIONS
add_ifaces ()
{
i=1
USER=$(whoami)
while [ ${#1} -gt 0 ]
do sudo /usr/bin/tunctl -u $USER -t "${name}-${i}" > /dev/null
sudo /sbin/brctl addif $1 "${name}-${i}" > /dev/null
sudo /bin/ifconfig "${name}-${i}" up promisc > /dev/null
params="${params} -net nic,macaddr=$( printf 'DE:AD:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256)) ),vlan=$i -net tap,ifname=$name-$i,script=no,downscript=no,vlan=$i"
shift
i=$(($i+1))
done
echo $params
}
del_ifaces ()
{
i=1
while [ ${#1} -gt 0 ]
do sudo /bin/ifconfig "${name}-${i}" down > /dev/null
sudo /sbin/brctl delif $1 "${name}-${i}" > /dev/null
sudo /usr/bin/tunctl -d "${name}-${i}" > /dev/null
shift
i=$(($i+1))
done
}
main ()
{
name=$1
shift
bridges="$@"
networking="$(add_ifaces ${bridges})"
RUN="qemu-system-x86_64 -name ${name} ${static_params} ${networking} ${cmd}"
echo starting machine $name with command
echo $RUN
$RUN
del_ifaces ${bridges}
}
static_params="-enable-kvm"
main $@
|
|
|
| Back to top |
|
|
xaviermiller
Bodhisattva
Joined: 23 Jul 2004
Posts: 8708
Location: ~Brussels - Belgique
|
| Posted: Mon Sep 15, 2014 9:49 pm Post subject: |
|
|
Thanks, I will take a look at your script 
_________________
Kind regards,
Xavier Miller |
|
| Back to top |
|
|
xaviermiller
Bodhisattva
Joined: 23 Jul 2004
Posts: 8708
Location: ~Brussels - Belgique
|
| Posted: Tue Sep 16, 2014 5:24 pm Post subject: |
|
|
OK, the tap interface is created and the bridge, but I don't see how to patch all that stuff to the physical network...
For now, I don't see good explanations on how to achieve it; I see only mantras and magical stuff that don't work in my case.
_________________
Kind regards,
Xavier Miller |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3131
|
| Posted: Tue Sep 16, 2014 6:57 pm Post subject: |
|
|
ok, so there are 2 ways to do it. Bridged network and routed network.
I'm using routed network, which goes exacly the same way you would follow to use your VM host as LAN router. This means, simply enable IP forwarding in kernel and set iptables rules for forwarding
you can enable forwarding in runtime using sysctl. To make it permament make sure you have such a line:
| Quote: | # grep forward /etc/sysctl.conf
net.ipv4.ip_forward = 1
|
Allow forwarding on firewall (unless you use policy accept)
| Quote: |
# iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -i vn0 -j ACCEPT |
vn0 is my VirtualNetwork0 bridge
You might also need address translation:
| Quote: | | # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE |
eth0 obviously is the connection to the outer world
The other way, birdged networking goes like this:
| Quote: | | # brctl addif vn0 eth0 |
This way your VM host will act as a network switch.
Obviously you can just as well go for both ways at the same time if you want. Bridge yor physical LAN with VMLAN and route it to WAN :]
Tips and tricks:
* some programs might listen on vn0, eth0, tap0, and a few other interfaces stuffed together and missbehave due to the same packets arriving on multiple devices. You might want to bind those programs to bridge only.
* if you have dhcpd, make it depend on bridge rather than physical/tap devices. This will let you start dhcpd even if ethernet/wifi is not configured yet and VMs are not running. This will laso allow you share IP pool between physical segments.
Is it not magic enough to work for you?  |
|
| Back to top |
|
|
xaviermiller
Bodhisattva
Joined: 23 Jul 2004
Posts: 8708
Location: ~Brussels - Belgique
|
| Posted: Tue Sep 16, 2014 7:22 pm Post subject: |
|
|
Yeah, but adding a wirelss interface to br0 won't work...
_________________
Kind regards,
Xavier Miller |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3131
|
| Posted: Tue Sep 16, 2014 8:19 pm Post subject: |
|
|
| Code: | # brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000000000000 no
lan0 8000.00e04ceb8d77 no eth1
wlan0
tmp0 8000.000000000000 no
vn0 8000.000000000000 no
# grep -v '^[[:space:]]*#\|^$' /etc/hostapd/hostapd.conf
interface=wlan0
bridge=lan0
~~ snip ~~ |
Trust me on this, wlan0 is a wireless interface 
I think wifi must already be configured before it can be attached to a bridge. It's also possible that it depends on driver used. Example above is a hostapd-configured, old atheros wifi. Hostapd also attaches it to already configured bridge. However, since I can detach and reattach it manualy, it doesn't seem to be important. It does fail in some use scenarios that I expect to be relatively common while testing for this, so I'm not surprised you were impressed this way. (Yes, 'ifconfig wlan0 up; brctl addif lan0 wlan0', it's you I'm thinking about!) Take a good news that it works when launched in some particular way and is usable  However, since it's out of scope of qemu and networking, we better leave it at this point. |
|
| Back to top |
|
|
xaviermiller
Bodhisattva
Joined: 23 Jul 2004
Posts: 8708
Location: ~Brussels - Belgique
|
| Posted: Tue Sep 16, 2014 8:23 pm Post subject: |
|
|
I trust you
I will try again, but tomorrow
_________________
Kind regards,
Xavier Miller |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
