Hi, On 28.08.2017 15:58, Paolo wrote: > Hello everyone, > > I'm at loss as to how to translate from net to netdev syntax the following > lines: > > NET0="-net vde,vlan=0,sock=/var/run/vde.ctl00 -net > nic,vlan=0,model=rtl8139,macaddr=$NIC0MAC -net > tap,vlan=0,ifname=pub2,script=no,downscript=no" > > NET1="-net vde,vlan=1,sock=/var/run/vde.ctl01 -net > nic,vlan=1,model=rtl8139,macaddr=$NIC1MAC -net > tap,vlan=1,ifname=prv2,script=no,downscript=no" > > Usage for lines above is: qemu blah blah blah $NET0 $NET1 blah blah > (obviously NIC0MAC and NIC1MAC are declared before in the script) > > these syntax, which has been working flawlessly for ages on my pc, creates > two network cards (pubX, prvX) for each one of my virtual machines. Each of > the two network cards is attached to a vde switch, so all of pubX cards (X is > the machine) are attached to vsw0 (virtaul switch 0) and all of prvX cards > are attached to vsw1. The rationale behind this is to attach each qemu > machine to a private vlan (172.16.y.z) and to a public vlan (192.168.w.t) at > the same time. > This way the public lan is used when connected to the internet, the private > lan works always (i.e. with the router inaccessible) for accessing samba > directories on the host (of course, firewalled, ip restricted and so on). > > Translation from net to netdev is simple for the nic (-device) part and for > the tap part alike, but how can I tell qemu that the vdeswitch with socket > /var/run/vde.ctl00 belongs to the same virtual lan of tap pub2 with device > rtl8139 and mac address NIC0MAC? > > Translating from net to netdev we lose the vlan=X info.
That's interesting, I think you're the first person I know in months or even years who really seems to be using the vlan=x parameter (with x >= 1)... You're right, you can not translate your setup 1:1 to -netdev anymore, since there are no 'vlan's (or rather hubs, since 'vlan' is rather a misnomer here) available with the -netdev parameter. Question is: Why do you need it at all? I see your point that you want to have two network cards, but why does each NIC has to be wired to two host networks (vde *and* tap)? Isn't it sufficient if you connect each NIC to one VDE network? Thomas