[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Anyone have functioning networking with a FreeBSD host?
From: |
Christopher Nehren |
Subject: |
Re: [Qemu-devel] Anyone have functioning networking with a FreeBSD host? |
Date: |
Sun, 13 Jun 2004 18:12:36 -0400 |
User-agent: |
Mutt/1.5.6i |
On Sun, Jun 13, 2004 at 14:59:26 EDT, Bakul Shah scribbled these
curious markings:
> I am using /dev/tap based networking, not the usermode one.
> It all works fine (thanks to some help from Juergen Lock).
> BTW, I am using the latest FreeBSD port &
> Freebsd-5.2-current.
Okay, I got mine working. :)
> - when using the tap device you need to ifconfig the interface.
> You can do this manually or via a script. Either copy this
> script to /etc/qemu-ifup or run it from the command line.
> Something like
>
> echo ifconfig $1 192.168.0.1 > /etc/qemu-ifup
> chmod +x /etc/qemu-ifup
>
> This needs to be done on the *host*.
Right, got that.
> - make sure you are using -pci option (I needed this for
> a FreeBSD guest -- do not know why).
This option (the undocumented one, sigh) was the one that I needed. With
it, I can get both tap and user-mode networking to function. :) For why
it's needed, read Brat Watson's later message to this thread,
message ID <address@hidden>.
> - You may wish to use the linux-test image from the qemu
> site, for debugging all this. Give the *guest OS* an
> address like 192.168.0.2 or something in the same subnet as
> the tap interface. Once the OS is up and its interface
> configured, you should be able to ping the this address
> from the host FreeBSD. If this step works, you have a
> working connection between the guest and the host; the
> remaining work is all networking related, nothing to do
> with qemu per se.
I already had NetBSD 1.6.2 fully installed using the i386cd.iso image,
so I tested with that.
> - Networking related changes: you will have to enable
> forwarding on the host. You will likely need to add static
> routes or update your NAT rules or both. You may have to
> run dhcp proxy on the host.... Someone should come up with
> a script that figures out the right thing to do based on
> your setup.
Right; I have PF set up to do that. I love PF. With user-mode
networking, though, you don't need this.
> Some random thoughts:
>
> * When qemu opens the tap device, it always returns a new
> device. You can change this behavior by patching vl.c. On
> line 1104 change the `for' loop to start at 0 instead of -1
> -- line # as per the patched sources in the FreeBSD port.
> This loop first tries /dev/tap and then /dev/tap0,
> /dev/tap1 and so on. The change skips /dev/tap.
Actually, I didn't see this. It kept using /dev/tap, but it was showing
up in ifconfig as tap0. Weird.
> * I am not sure if removing suser() test in if_tap.c is the
> right thing to do from a security perspective so I left this
> alone.
My _guess_ is that it would prevent any old user from creating 52k tap
devices, and the consequential resource starvation. I'm going to see if
I can't add a sysctl to control this; watch hackers@ and security@ for a
post by me in the near future.
> * I don't see why /dev/tap is an exclusive open device. If
> multiple opens were allowed, a number of VMs can be on the
> same simulated network. That is, qemu for each guest can
> open the same device and they will all *see* each other as
> well as the host!
Do you mean each /dev/tap interface being exclusive? Well, it _is_ bound
to the individual process, which may have something to do with it.
> * I first thought qemu should also have a qemu-ifdown script
> but may be it is better to wrap qemu in a shell script that
> does the initial setup and final cleanup.
Perhaps a good idea. It's more configurable that way, too.
> * It would be nice if qemu exited only on a power down
> event instead of a reboot. May be as an option.
Again, a good idea, at least IMO.
> Overall this is a very impressive emulator! So far I have
> brought up Linux, FreeBSD-5.2.1 and a trial version of Window
> 2003. Kudos to Fabrice Bellard and the other wizardly
> programmers!
Indeed. 't is quite wonderful.
--
I abhor a system designed for the "user", if that word is a coded
pejorative meaning "stupid and unsophisticated". -- Ken Thompson
-
Unix is user friendly. However, it isn't idiot friendly.
pgpOaMpBGNzb_.pgp
Description: PGP signature