Hi Vadim, I was able to do something similar as a test, where I created an NFS server on the host (with "insecure" in /etc/exports) that the guest was able to access. Unfortunately I don't think that will work for us in production since there are many terabytes of data on the NFS server that I actually want to access, so I wouldn't be able to sync it all over to the host.
The kernel parameters idea might come in handy for us at some point, though, so thanks for that. Andrew > -----Original Message----- > From: Vadim Idelchuk <vadim.idelc...@mail.ru> > Sent: Tuesday, July 9, 2024 1:41 PM > To: Andrew Klaassen <andrew.klaas...@boatrocker.com>; qemu- > disc...@nongnu.org > Subject: RE: NFS mount from Qemu guest? > > [You don't often get email from vadim.idelc...@mail.ru. Learn why this is > important at https://aka.ms/LearnAboutSenderIdentification ] > > ***** [EXTERNAL EMAIL] Exercise caution with any links herein ***** > > Hi, > > I solved this problem by other way. > > 1. I defined on host NFS server with exported folder 2.IP address of the host > I > transferred to QEMU guest (Linux) as part IP parameters as gateway IP > together with guest IP address and subnet mask. > 3.I created startup service that parsed the kernel IP parameters and mounted > as NFS client to the exported folder > > Best regards > > Vadim Idelchuk > > vadim.idelc...@mail.ru > > -----Original Message----- > From: qemu-discuss-bounces+vadim.idelchuk=mail...@nongnu.org > [mailto:qemu-discuss-bounces+vadim.idelchuk=mail...@nongnu.org] On > Behalf Of Andrew Klaassen > Sent: יום ג 09 יולי 2024 19:55 > To: qemu-discuss@nongnu.org > Subject: NFS mount from Qemu guest? > > I've been trying to get an NFS share mounted on a Qemu guest from an NFS > server which does not allow connections from unprivileged ports. > > I have tried a bunch of different guestfwd options, thinking that they might > help me get my outgoing connections from the guest back down into the > privileged port range, but so far no luck. > > Here's the basic command I'm running. It's based on the Qemu command > generated by Packer, which is what I'm ultimately trying to get working: > > /usr/local/bin/qemu-system-x86_64 -serial stdio -boot once=d -drive > file=v001.qcow2,if=virtio,cache=writeback,discard=ignore,format=qcow2 - > drive file=systemrescue-11.01-amd64.iso,media=cdrom -m 2048M -vnc > 127.0.0.1:33 -cpu host -smp 1 -name packer-centos7 -device virtio- > net,netdev=user.0 -machine type=pc,accel=kvm -netdev > user,id=user.0,hostfwd=tcp::2262-:22,guestfwd= > > For the guestfwd= clause, I've tried things like: > > guestfwd=tcp:10.0.2.100:111-cmd:netcat 10.31.32.15 > 111,guestfwd=tcp:10.0.2.100:2049-cmd:netcat 10.31.32.15 > 2049,guestfwd=tcp:10.0.2.100:300-cmd:netcat 10.31.32.15 300 ...the > outgoing connections still come from unprivileged ports > > guestfwd=tcp:0.0.0.0:700-tcp:10.0.2.2:700 > ...with "sysctl -w sunrpc.min_resvport=700; sysctl -w > sunrpc.max_resvport=700" in the guest before trying the NFS mount ...same, > outgoing connections still come from unprivileged ports > > guestfwd=tcp:<nfs server ip>:700-tcp:10.0.2.2:700 ...this one breaks VNC for > some reason and I can't reach the guest to try anything > > There are a bunch of other random things I've tried, too. I obviously don't > understand what I'm doing. Does anybody have a recipe for making this > work? > Is guestfwd even the correct option to use for this? > > Thanks. > > Andrew > > > > > > -- > Это сообщение было проверено антивирусным ПО Avast на наличие > вирусов. > www.avast.com