View previous topic :: View next topic |
Author |
Message |
Shadow_Fury Tux's lil' helper
Joined: 20 Apr 2021 Posts: 138 Location: 11.435765792823453, 143.05926743686274
|
Posted: Fri Jan 14, 2022 5:26 pm Post subject: need help configuring network passthrough for QEMU KVMs |
|
|
i'm trying to follow this guide on the gentoo wiki to try to set up a network bridge using iptables.
i've gotten down to the guest configuration section, but the VM is not detecting the network. i'm using aQEMU to manage the vm, but i'm pretty sure i've got that set correctly. what confuses me is how to carry out this instruction on the wiki:
Quote: | After starting the guest, the IP should be configured to be on the vlan and the gateway should be the IP given to the bridge. The exact process will vary based on OS. |
could someone help me with this? |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Fri Jan 14, 2022 5:52 pm Post subject: |
|
|
Do not use tun-tap manually.
Just create a linux bridge on the host with the host's ethernet interface as its slave.
Then assign this bridge to your qemu guests
It works fine this way foe qemu-libvirt.
Do you have an ethernet interface? _________________
|
|
Back to top |
|
|
Shadow_Fury Tux's lil' helper
Joined: 20 Apr 2021 Posts: 138 Location: 11.435765792823453, 143.05926743686274
|
Posted: Fri Jan 14, 2022 6:09 pm Post subject: |
|
|
well, the physical interface of the host is called eno1, i've reated a bridge br0, as well as a tap interface: tap0.
i'm a little unsuer how to proceed though. |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Fri Jan 14, 2022 6:14 pm Post subject: |
|
|
Quote: |
well, the physical interface of the host is called eno1, i've reated a bridge br0, as well as a tap interface: tap0.
|
Do not create any tap.
Just assign br0 to the guest.
br0 should have eno1 as its sole slave.
I strongly advice you to use qemu+libvirt+virt-manager than plain qemu.
How do you assign br0 to qemu guest?
Is there an xml file somewhere? _________________
|
|
Back to top |
|
|
Shadow_Fury Tux's lil' helper
Joined: 20 Apr 2021 Posts: 138 Location: 11.435765792823453, 143.05926743686274
|
Posted: Fri Jan 14, 2022 7:36 pm Post subject: |
|
|
i'm pretty new to command line networking, so i'm not sure what you mean by sole slave, or how to check that.
i've followed all of the instructions in the wiki article, and that is all i know on the matter.
aslo, i'm not using sole qemu. i'm using a graphical overlay called "aQEMU" yes, the name is a bit confusing.
the way you set network interfaces there, is by selecting a "connection type" (one of: {nic, user, channel, tap, socket, multicast socket}), and then configuring some parameters. in my case, the only parameter i have set is the "ifname, and i've set it to tap0.
i have no idea how to proceed, so it would be helpful if i was provided with the commands i need to run.
*just to clarify, i have virt-manager installed, i just don't use it. this is because, since my system is pretty much a pure qt5/kde system, virt-manager compiled without gtk, so no GUI. aQEMU is qt based so it works well with my system. i'm fine to switch if it doesn't work, though preferably to something that will respect my window decoration/other aesthetics, since a white gtk window in no way fits with my system theme (not least because the entire system is dark mode) |
|
Back to top |
|
|
Shadow_Fury Tux's lil' helper
Joined: 20 Apr 2021 Posts: 138 Location: 11.435765792823453, 143.05926743686274
|
Posted: Sun Jan 16, 2022 12:13 am Post subject: |
|
|
so, update. I tried re-compiling virt-manager with gtk, and this indeed gave me a GUI (that, indeed didn't follow my system style)
this however, fails even earlier. specifically, it fails to connect to qemu://system, thus meaning i cannot even create a VM, mutch less connect it to a network.
any help is appreciated |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Sun Jan 16, 2022 12:22 am Post subject: |
|
|
Plz start libvirtd and make sure your user is member of the group "libvirt"
Do you have libvirt emerged?
Now you dont need ANY tap/tun interfaces.
Just create a bridge out of your ethernet and assign this bridge to your virt-manager guests.
If you need help creating the bridge plz let us know. _________________
|
|
Back to top |
|
|
Shadow_Fury Tux's lil' helper
Joined: 20 Apr 2021 Posts: 138 Location: 11.435765792823453, 143.05926743686274
|
Posted: Sun Jan 16, 2022 1:18 am Post subject: |
|
|
now virt-manager just hangs when trying to connect. i've started libvirtd via openRC, and added my user to the libvirt group, what should i do? it did manage to connect once, but after the system rebooted, it stopped working
edit: got it to connect to qemu/kvm, but now creating a disk hangs, and actually connecting to qemu/kvm takes a good couple of minutes
nevermind, VM created correctly. still, the process seemed unusually slow |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Sun Jan 16, 2022 9:28 am Post subject: |
|
|
It shouldnt take all this time.
Plz post
Code: |
emerge -pv qemu libvirt virt-manager
|
to check the USE flags.
Plz make sure qemu is built with USE="usb usbredir vhost-net spice vnc"
Also plz make sure you have full iptables kernel config including bridging. _________________
|
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54237 Location: 56N 3W
|
Posted: Sun Jan 16, 2022 11:06 am Post subject: |
|
|
Shadow_Fury,
Ethernet bridging and Ethernet pass through are two different things.
A bridge is the software equivalent of an Ethernet hub. All packets on the bridge get sent to all the ports on the bridge.
The host may or may not have an IP on the bridge.
Pass through removes the device from the host and donates it to the guest. This needs hardware support on the host and the hardware being passed through.
I spent a week trying to make this word only to discover a hardware bug in my four port network card that made it impossible, so I did bridging instead.
At the outset, it's essential that your eno1 interface does not get an IP address of its own, so your /etc/conf.d/net file on the host needs
Now it can be donated to a bridge
and br0 can get configured, not eno1. That matters.
Code: | config_br0="192.168.10.254/24" |
Thats a copy/paste from mine but dhcp works too.
When you configure the guest networking in the virt-manager dropdown, br0 will be one of the options. The guest must be powered off.
When the guest boots, the interface will be called eth0 until udev does its thing.
It all works for IPv4 and IPv6.
The host need not have an IP on the bridge. My router is in a KVM and I bridge the Ethernet port used for PPPoE from the host to router KVM.
Its not useful for the host to have an IP on that bridge as PPP can only have an IP at each end.
There are lots of warts. Guests can use emulated hardware or virtio- devices-.
virtio is faster and less CPU intensive but needs kernel support in the host and guest.
Emulated hardware allows unmodified guest to be run.
virt-manager is much nicer to use than the command line but it can't do everything. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Shadow_Fury Tux's lil' helper
Joined: 20 Apr 2021 Posts: 138 Location: 11.435765792823453, 143.05926743686274
|
Posted: Sun Jan 16, 2022 11:54 am Post subject: |
|
|
it seems networking is fine now, the NAT interface provided in virt-manager works out of the box.
alamahant wrote: | It shouldnt take all this time.
Plz post
Code: |
emerge -pv qemu libvirt virt-manager
|
to check the USE flags.
Plz make sure qemu is built with USE="usb usbredir vhost-net spice vnc"
Also plz make sure you have full iptables kernel config including bridging. |
here is the output:
Code: |
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R ] app-emulation/virt-manager-3.2.0::gentoo USE="gtk policykit -sasl" PYTHON_SINGLE_TARGET="python3_9 -python3_8 -python3_10" 0 KiB
[ebuild R ] app-emulation/qemu-6.2.0-r3::gentoo USE="aio bzip2 (caps) curl doc fdt filecaps jpeg ncurses nls oss pam pin-upstream-blobs png pulseaudio sdl seccomp (selinux) slirp spice usb usbredir vhost-net vnc xattr -accessibility -alsa -bpf -capstone -debug -fuse -glusterfs -gnutls -gtk -infiniband -io-uring -iscsi -jack -jemalloc -lzo -multipath -nfs -numa -opengl -plugins -python -rbd -sasl -sdl-image -smartcard -snappy -ssh -static -static-user -systemtap -test -udev -vde -vhost-user-fs -virgl -virtfs -vte -xen -xfs -zstd" PYTHON_TARGETS="python3_9 -python3_8 -python3_10" QEMU_SOFTMMU_TARGETS="arm i386 x86_64 -aarch64 -alpha -avr -cris -hppa -m68k -microblaze -microblazeel -mips -mips64 -mips64el -mipsel -nios2 -or1k -ppc -ppc64 -riscv32 -riscv64 -rx -s390x -sh4 -sh4eb -sparc -sparc64 -tricore -xtensa -xtensaeb" QEMU_USER_TARGETS="arm i386 x86_64 -aarch64 -aarch64_be -alpha -armeb -cris -hexagon -hppa -m68k -microblaze -microblazeel -mips -mips64 -mips64el -mipsel -mipsn32 -mipsn32el -nios2 -or1k -ppc -ppc64 -ppc64abi32 -ppc64le -riscv32 -riscv64 -s390x -sh4 -sh4eb -sparc -sparc32plus -sparc64 -xtensa -xtensaeb" 0 KiB
[ebuild R ] app-emulation/libvirt-7.10.0-r2:0/7.10.0::gentoo USE="(audit) (caps) libvirtd nls policykit qemu (selinux) udev virt-network -apparmor -bash-completion -dtrace (-firewalld) -fuse -glusterfs -iscsi -iscsi-direct -libssh -lvm -lxc -nfs -numa (-openvz) -parted -pcap -rbd -sasl -verify-sig -virtualbox -wireshark-plugins -xen -zfs" 0 KiB
Total: 3 packages (3 reinstalls), Size of downloads: 0 KiB
|
as you can see, qemu is built with the required flags.
i'm fairly certain that my kernel has full iptables support. just in case, the full config can be found here. the paste password is "7WSWHwjac8" (copy between the quotes) |
|
Back to top |
|
|
Dominique_71 Veteran
Joined: 17 Aug 2005 Posts: 1877 Location: Switzerland (Romandie)
|
Posted: Thu Mar 17, 2022 3:57 pm Post subject: |
|
|
I am installing Debian into qemu and I try both aqemu and virt-manager. aqemu was not updated from 2 years ago and it use outdated qemu options, which imply I didn't succeeded to get it to work with the network. virt-manager is the way to go. It's network connection just worked out of the box.
Also, at that time with my ~amd64 gentoo system, the group the user must be in is not livirt (group don't exist) but wheel. |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54237 Location: 56N 3W
|
Posted: Thu Mar 17, 2022 9:25 pm Post subject: |
|
|
Shadow_Fury,
Both ways work. For remote inbound connections to the VM, the bridge is easier to work with.
The default NAT interface does not support IPv6, if that matters to you. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
|