I've been trying to get an NFS share mounted on a Qemu guest from an NFS server which does not allow connections from unprivileged ports.
I have tried a bunch of different guestfwd options, thinking that they might help me get my outgoing connections from the guest back down into the privileged port range, but so far no luck. Here's the basic command I'm running. It's based on the Qemu command generated by Packer, which is what I'm ultimately trying to get working: /usr/local/bin/qemu-system-x86_64 -serial stdio -boot once=d -drive file=v001.qcow2,if=virtio,cache=writeback,discard=ignore,format=qcow2 -drive file=systemrescue-11.01-amd64.iso,media=cdrom -m 2048M -vnc 127.0.0.1:33 -cpu host -smp 1 -name packer-centos7 -device virtio-net,netdev=user.0 -machine type=pc,accel=kvm -netdev user,id=user.0,hostfwd=tcp::2262-:22,guestfwd= For the guestfwd= clause, I've tried things like: guestfwd=tcp:10.0.2.100:111-cmd:netcat 10.31.32.15 111,guestfwd=tcp:10.0.2.100:2049-cmd:netcat 10.31.32.15 2049,guestfwd=tcp:10.0.2.100:300-cmd:netcat 10.31.32.15 300 ...the outgoing connections still come from unprivileged ports guestfwd=tcp:0.0.0.0:700-tcp:10.0.2.2:700 ...with "sysctl -w sunrpc.min_resvport=700; sysctl -w sunrpc.max_resvport=700" in the guest before trying the NFS mount ...same, outgoing connections still come from unprivileged ports guestfwd=tcp:<nfs server ip>:700-tcp:10.0.2.2:700 ...this one breaks VNC for some reason and I can't reach the guest to try anything There are a bunch of other random things I've tried, too. I obviously don't understand what I'm doing. Does anybody have a recipe for making this work? Is guestfwd even the correct option to use for this? Thanks. Andrew
