Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
network configuration with Qemu [SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
mounty1
l33t
l33t


Joined: 06 Jul 2006
Posts: 839
Location: Queensland

PostPosted: Sun Jul 11, 2010 2:49 am    Post subject: network configuration with Qemu [SOLVED] Reply with quote

Hello, I'm trying to run Qemu with two networks. The host is ppc64 with 32 bit userland. The problem is that one network doesn't work as expected, owing I think to NAT misconfiguration. The Qemu startup command is:
Code:
qemu -hda .qemu/"MS Windows 2000".img -cdrom vault/"some CD".iso -net nic,vlan=0 -net user,vlan=0 -net nic,vlan=1 -net tap,vlan=1,ifname=$(sudo /usr/bin/tunctl -b -u mounty),script=bin/ifup,downscript=bin/ifdown -m 256
and
cat bin/ifup:
#!/bin/sh

sudo /sbin/ifconfig "$1" qemu-host up
and
cat bin/ifdown:
#!/bin/sh

sudo /sbin/ifconfig "$1" down
So the intention is that the virtual machine has two networks. vlan1 is local to the machine and has 192.168.2.0/24 interfaces and works as expected. vlan0 is supposed to connect to the external internet via the host's default interface, which is a mobile broadband USB stick on 10.224.160.191 (obviously dhcp so could change). On the guest, I run these commands:
Code:
C:\>ipconfig

Windows 2000 IP Configuration

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 10.0.2.15
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.0.2.2

Ethernet adapter Local Area Connection 2:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.2.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :

C:\>ping 192.168.2.1

Pinging 192.168.2.1 with 32 bytes of data:

Reply from 192.168.2.1: bytes=32 time=15ms TTL=64
Reply from 192.168.2.1: bytes=32 time<10ms TTL=64
Reply from 192.168.2.1: bytes=32 time<10ms TTL=64
Reply from 192.168.2.1: bytes=32 time<10ms TTL=64

Ping statistics for 192.168.2.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  15ms, Average =  3ms

C:\>ping www.gentoo.org

Pinging www-bytemark.gentoo.org [89.16.167.134] with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 89.16.167.134:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  0ms, Average =  0ms
The puzzling command is that last ping www.gentoo.org. It picks up the IP correctly, so it must be able to talk to the ISP's DNS server (10.0.2.3) but having got www.gentoo.org's IP, it is unable to contact it. I did try disabling interface 2 but that made no difference to the ping www.gentoo.org output. I'm not an expert at IP configuration. What am I doing wrong ?
_________________
Michael Mounteney


Last edited by mounty1 on Mon Jul 12, 2010 12:14 pm; edited 1 time in total
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15995

PostPosted: Sun Jul 11, 2010 3:46 am    Post subject: Re: network configuration with Qemu Reply with quote

mounty1 wrote:
I'm not an expert at IP configuration. What am I doing wrong ?
You are using -net user. I see no mention of this in the Qemu documentation, but I would be surprised if a non-privileged Qemu hypervisor process can successfully send ICMP packets, since that typically requires use of raw sockets on Linux. Given that you have sudo access and seem to control the machine, why are you not using -net tap for both guest interfaces?
Back to top
View user's profile Send private message
BradN
Advocate
Advocate


Joined: 19 Apr 2002
Posts: 2391
Location: Wisconsin (USA)

PostPosted: Sun Jul 11, 2010 3:55 am    Post subject: Reply with quote

I would try it with a more "normal" internet connection to see if something the mobile ISP is doing might affect things.

I'm a little confused as to your IP arrangement on that network...

10.224.160.191 - interface address on your host machine (right?) Or is it an upstream address possessed by your connection hardware?

10.0.2.1 - ??
10.0.2.2 - gateway
10.0.2.3 - DNS server
10.0.2.15 - guest VM

These are two separate networks, 10.0.*.* is local to the host machine (and VM) then correct? If so, why is the gateway different than the DNS server?
Back to top
View user's profile Send private message
mounty1
l33t
l33t


Joined: 06 Jul 2006
Posts: 839
Location: Queensland

PostPosted: Sun Jul 11, 2010 4:08 am    Post subject: Re: network configuration with Qemu Reply with quote

[quote="Hu"]
mounty1 wrote:
Given that you have sudo access and seem to control the machine, why are you not using -net tap for both guest interfaces?
Because I'm not an expert ? :oops::-)

My best shot at creating a tunnel to the host's internet connection is
Code:
... -net nic,vlan=0 -net tap,vlan=0,ifname=ppp0 ...
but that results in
Code:
warning: could not configure /dev/net/tun: no virtual network emulation
qemu: Could not initialize device 'tap'
What is the right invocation to get a connection to the host's internet connection ?
_________________
Michael Mounteney
Back to top
View user's profile Send private message
mounty1
l33t
l33t


Joined: 06 Jul 2006
Posts: 839
Location: Queensland

PostPosted: Sun Jul 11, 2010 4:19 am    Post subject: Reply with quote

BradN wrote:
I'm a little confused as to your IP arrangement on that network...

10.224.160.191 - interface address on your host machine (right?) Or is it an upstream address possessed by your connection hardware?
No, it's the IP of the default interface on the host.
BradN wrote:
10.0.2.1 - ??
10.0.2.2 - gateway
10.0.2.3 - DNS server
10.0.2.15 - guest VM

These are two separate networks, 10.0.*.* is local to the host machine (and VM) then correct? If so, why is the gateway different than the DNS server?
I don't know. I didn't set any of these values. They all arose through ISP/DHCP magic. Probably the most simple solution is to use a tap interface, and I am hoping that Hu will tell me how to do that, as per other answer in this thread.

Funny isn't it that Gentoo now consider me a guru because of the number of postings I've made.
_________________
Michael Mounteney
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15995

PostPosted: Sun Jul 11, 2010 9:45 pm    Post subject: Reply with quote

I am not sure why you need my advice on setting up a tap device. Your original post says you already have one. You just need to create another in the same way, and arrange for traffic on that one to be forwarded or bridged to the Internet. Forwarding is less disruptive to your normal network configuration, and likely safer if you are running something as insecure as an old version of Microsoft Windows. Enabling inbound connections is automatic with a bridged connection, whereas it requires extra steps for a forwarding setup. Configuring forwarding of traffic from a TAP device is no different than using forwarding for a home router, so the Gentoo home router guide should be helpful. Treat your Gentoo host as the home router and your Windows guest as part of the private LAN. If you still have questions after reading that, please ask and I will do my best to answer.
Back to top
View user's profile Send private message
py-ro
Veteran
Veteran


Joined: 24 Sep 2002
Posts: 1733
Location: St. Wendel

PostPosted: Sun Jul 11, 2010 10:28 pm    Post subject: Reply with quote

With net user ping just doesn't work. It is written in the documentation. Other Connections should work as expected with NAT.

Py
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15995

PostPosted: Sun Jul 11, 2010 11:37 pm    Post subject: Reply with quote

py-ro wrote:
With net user ping just doesn't work. It is written in the documentation.
Could you cite specifically which documentation? It is not in the man page for qemu-kvm-0.12.4.
Back to top
View user's profile Send private message
BradN
Advocate
Advocate


Joined: 19 Apr 2002
Posts: 2391
Location: Wisconsin (USA)

PostPosted: Mon Jul 12, 2010 12:17 am    Post subject: Reply with quote

http://hub.opensolaris.org/bin/view/Project+qemu/Qemu_Networking
Quote:
Note: Ping from the QEMU Guest is unreliable. Do not use ping to test connectivity from a QEMU Guest when the network model is "User Net".


This makes sense because either qemu itself needs root privileges to send pings or it needs a way into the networking stack that only root can provide. Even a normal user in linux cannot ping except as root - this is why the ping utility is setuid root.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15995

PostPosted: Mon Jul 12, 2010 1:16 am    Post subject: Reply with quote

Yes, that explanation is what I said in my first post in this thread. :) I only wanted a citation because I had not found an official confirmation in the shipped documentation. It seems you did not either, since you had to cite an OpenSolaris page. ;)
Back to top
View user's profile Send private message
BradN
Advocate
Advocate


Joined: 19 Apr 2002
Posts: 2391
Location: Wisconsin (USA)

PostPosted: Mon Jul 12, 2010 1:18 am    Post subject: Reply with quote

Indeed, sadly in many cases unofficial documention trumps the official stuff, and sometimes random forum posts or bug reports are more useful than any of it :)
Back to top
View user's profile Send private message
py-ro
Veteran
Veteran


Joined: 24 Sep 2002
Posts: 1733
Location: St. Wendel

PostPosted: Mon Jul 12, 2010 5:44 am    Post subject: Reply with quote

http://wiki.qemu.org/Documentation/Networking

Seems Official. ;)

Py
Back to top
View user's profile Send private message
mounty1
l33t
l33t


Joined: 06 Jul 2006
Posts: 839
Location: Queensland

PostPosted: Mon Jul 12, 2010 12:13 pm    Post subject: Doh ! Reply with quote

So if I'd just opened IE rather than trying to ping, none of this thread would have been necessary !

Thanks all for the replies.
_________________
Michael Mounteney
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum