Re: How to make a VM guest look like just another metal machine on my LAN?
Alok Prasad writes: > Just a simple Bridge configuration is too daunting to configure with QMEU. > serious some helper script /config is need to make this simpler for user of > qemu to use this. Generally we advise using a higher layer VM manager based on libvirt to do these sorts of things. They make the process of configuring networks a lot easier than doing it all by hand. > > On Sun, Feb 21, 2021 at 2:16 PM Steve Litt > wrote: > >> Hi all, >> >> My LAN at home is on 192.168.0.0/24, connected to the Internet via a >> cablemodem/firewall/router/gateway at 192.168.0.1. My Daily Driver >> Desktop (DDD), which will after this be referred to as the "host" or >> "metal host" is at 192.168.0.2. I have a printer with an http interface >> at 192.168.0.13. Throughout this post I'm careful to discriminate >> between the metal host and the VM guest, which is created on the metal >> host, for all config options. >> >> What I'm trying to accomplish is to launch a VM guest (Devuan) on my >> metal host (Void Linux), such that the VM guest performs as if it were >> just another physical computer on my LAN. >> >> I've been reading and experimenting for four days and still don't have >> what I need. Here are some of the documents I've used trying to get >> this done: >> >> https://wiki.qemu.org/Documentation/Networking#User_Networking_.28SLIRP.29 >> >> >> https://ahelpme.com/linux/howto-do-qemu-full-virtualization-with-bridged-networking/ >> >> http://www.mpaoli.net/~root/bin/TEMPLATE >> >> >> https://www.debian.org/doc/manuals/debian-handbook/sect.virtualization.en.html#sect.lxc.network >> >> I'm trying to do it purely with ip commands, although I could use brctl >> if necessary. I'm staying away from virt-manager and aqemu because they >> don't work on my Void Linux metal host, and would just add even more >> variables and ambiguity. >> >> Speaking of ambiguity, every document I've read (and I've read dozens) >> has the following ambiguities: >> >> 1) When discussing a setting, they don't indicate whether that setting >>should be on the metal host or the VM guest. Perhaps to a person who >>thoroughly understands virtual machines, such a distinction would be >>obvious via context, but it's not obvious to me. >> >> 2) When specifying an "id=whatever", they don't indicate how the id >>would be used, or what other references to that id need to be made. >> >> 3) They include no realistic steps for troubleshooting a "warning: >>netdev mybridge0 has no peer" type warning, nor even explain what it >>means more than a few guesses and "have you tried...". >> >> Based on the previously listed links, I deduce that the TAP is created >> by the guest VM, in such a way that it attaches to the bridge created on >> the metal host, and therefore I have no need to create a TAP on the >> metal host. >> >> Here's my progress so far, based on the links listed above and my >> other readings and experimentation: >> >> *** >> >> I build the bridge purely with ip commands. Also, I don't mess >> with the firewall (which perhaps has been my problem all along). I'll >> investigate the firewall aspect tomorrow. >> >> Below are some scripts and stuff I'm using. The following is >> upnet.sh, which I use to set up networking on the metal host, which >> happens to run Void Linux, which has no /etc/network/interfaces: >> >> = >> #!/bin/sh >> >> use_bridge=1 >> use_tap=0 >> >> dev="enp40s0" >> ipaddr_major="192.168.0.2" >> ipaddr_minor="192.168.0.102" >> gateway="192.168.0.1" >> >> error_tap_without_bridge(){ >>echo -n "ERROR: Can\'t set TAP without " >>echo -n "BRIDGE! " >>echo Aborting... >>exit 1 >> } >> >> >> enable_ip_forwarding(){ >>echo 1 > /proc/sys/net/ipv4/ip_forward >> } >> >> unset_everything(){ >>dev=$1 >>ip_maj=$2 >>ip_min=$3 >>gateway=$4 >>echo "Unsetting everything for $dev, $ip_maj and $ip_min" >>ip link set dev tap0 down >>brctl delif br0 tap0 >>ip link del tap0 >>ip link set dev br0 down >>ip addr del $ip_min/24 dev br0 >>ip addr del $ip_maj/24 dev br0 >>brctl delbr br0 >>ip link set dev $dev down >>ip addr del $ip_min/24 dev $dev >>ip addr del $ip_maj/24 dev $dev >>echo "" >> } >> >> set_hostname_and_localhost(){ >>echo "Setting hostname and localhost" >>hostname=`grep -v "^\s*#" /etc/hostname | head -n1` >>ip link set dev lo up >>echo "" >> } >> >> create_phys_device_link(){ >>dev=$1 >>echo Creating device link for $dev >>ip link set dev $dev up >>echo "" >> } >> >> set_phys_device_addr(){ >>dev=$1 >>ip_maj=$2 >>ip_min=$3 >>gateway=$4 >>echo -n "Setting physical device addresses " >>echo -n "$ip_maj " >>echo -n "and $ip_min " >>echo -n "for $physdev " >>echo "with gateway $gateway" >>ip link set dev $dev down >>ip addr add $ip_maj/24 dev $dev >>ip addr add $ip_min/24 dev $dev >>ip link set dev $dev
Re: How to make a VM guest look like just another metal machine on my LAN?
Just a simple Bridge configuration is too daunting to configure with QMEU. serious some helper script /config is need to make this simpler for user of qemu to use this. On Sun, Feb 21, 2021 at 2:16 PM Steve Litt wrote: > Hi all, > > My LAN at home is on 192.168.0.0/24, connected to the Internet via a > cablemodem/firewall/router/gateway at 192.168.0.1. My Daily Driver > Desktop (DDD), which will after this be referred to as the "host" or > "metal host" is at 192.168.0.2. I have a printer with an http interface > at 192.168.0.13. Throughout this post I'm careful to discriminate > between the metal host and the VM guest, which is created on the metal > host, for all config options. > > What I'm trying to accomplish is to launch a VM guest (Devuan) on my > metal host (Void Linux), such that the VM guest performs as if it were > just another physical computer on my LAN. > > I've been reading and experimenting for four days and still don't have > what I need. Here are some of the documents I've used trying to get > this done: > > https://wiki.qemu.org/Documentation/Networking#User_Networking_.28SLIRP.29 > > > https://ahelpme.com/linux/howto-do-qemu-full-virtualization-with-bridged-networking/ > > http://www.mpaoli.net/~root/bin/TEMPLATE > > > https://www.debian.org/doc/manuals/debian-handbook/sect.virtualization.en.html#sect.lxc.network > > I'm trying to do it purely with ip commands, although I could use brctl > if necessary. I'm staying away from virt-manager and aqemu because they > don't work on my Void Linux metal host, and would just add even more > variables and ambiguity. > > Speaking of ambiguity, every document I've read (and I've read dozens) > has the following ambiguities: > > 1) When discussing a setting, they don't indicate whether that setting >should be on the metal host or the VM guest. Perhaps to a person who >thoroughly understands virtual machines, such a distinction would be >obvious via context, but it's not obvious to me. > > 2) When specifying an "id=whatever", they don't indicate how the id >would be used, or what other references to that id need to be made. > > 3) They include no realistic steps for troubleshooting a "warning: >netdev mybridge0 has no peer" type warning, nor even explain what it >means more than a few guesses and "have you tried...". > > Based on the previously listed links, I deduce that the TAP is created > by the guest VM, in such a way that it attaches to the bridge created on > the metal host, and therefore I have no need to create a TAP on the > metal host. > > Here's my progress so far, based on the links listed above and my > other readings and experimentation: > > *** > > I build the bridge purely with ip commands. Also, I don't mess > with the firewall (which perhaps has been my problem all along). I'll > investigate the firewall aspect tomorrow. > > Below are some scripts and stuff I'm using. The following is > upnet.sh, which I use to set up networking on the metal host, which > happens to run Void Linux, which has no /etc/network/interfaces: > > = > #!/bin/sh > > use_bridge=1 > use_tap=0 > > dev="enp40s0" > ipaddr_major="192.168.0.2" > ipaddr_minor="192.168.0.102" > gateway="192.168.0.1" > > error_tap_without_bridge(){ >echo -n "ERROR: Can\'t set TAP without " >echo -n "BRIDGE! " >echo Aborting... >exit 1 > } > > > enable_ip_forwarding(){ >echo 1 > /proc/sys/net/ipv4/ip_forward > } > > unset_everything(){ >dev=$1 >ip_maj=$2 >ip_min=$3 >gateway=$4 >echo "Unsetting everything for $dev, $ip_maj and $ip_min" >ip link set dev tap0 down >brctl delif br0 tap0 >ip link del tap0 >ip link set dev br0 down >ip addr del $ip_min/24 dev br0 >ip addr del $ip_maj/24 dev br0 >brctl delbr br0 >ip link set dev $dev down >ip addr del $ip_min/24 dev $dev >ip addr del $ip_maj/24 dev $dev >echo "" > } > > set_hostname_and_localhost(){ >echo "Setting hostname and localhost" >hostname=`grep -v "^\s*#" /etc/hostname | head -n1` >ip link set dev lo up >echo "" > } > > create_phys_device_link(){ >dev=$1 >echo Creating device link for $dev >ip link set dev $dev up >echo "" > } > > set_phys_device_addr(){ >dev=$1 >ip_maj=$2 >ip_min=$3 >gateway=$4 >echo -n "Setting physical device addresses " >echo -n "$ip_maj " >echo -n "and $ip_min " >echo -n "for $physdev " >echo "with gateway $gateway" >ip link set dev $dev down >ip addr add $ip_maj/24 dev $dev >ip addr add $ip_min/24 dev $dev >ip link set dev $dev up >ip route add default via $gateway >echo "" > } > > set_bridge(){ >dev=$1 >ip_maj=$2 >ip_min=$3 >gateway=$4 >echo Setting bridge for $dev >echo -n "Creating and setting bridge addresses " >echo -n "$ip_maj " >echo -n "and $ip_min " >echo -n "for $physdev " >echo "with gateway $gateway" > >ip link add n
Re: How to make a VM guest look like just another metal machine on my LAN?
Hi, Am 21.02.21 um 09:46 schrieb Steve Litt: > Hi all, > . . . > > Steve Litt > Autumn 2020 featured book: Thriving in Tough Times > http://www.troubleshooters.com/thrive > i have only partly read your mail. but i think it sounds like a problem similar to one i have had with the "firewalld" and ssh from outside to a virtual machine. (a year or so in past) (i am here at host opensuse tumbleweed and different virtual machines startet by virtmanager. so i have set inside yast (host) the bridge device "br0" and have permanent set the hardware-network-card (host) as a slave to this bridge. the connection to the guest will be done automaticaly by virt-manager. no need to write a script.) BUT i run into a routing problem, solved here: i was following this: https://superuser.com/questions/990855/configure-firewalld-to-allow-bridged-virtual-machine-network-access in detail: firewall-cmd --permanent --direct --passthrough ipv4 -I FORWARD -i br0 -j ACCEPT firewall-cmd --permanent --direct --passthrough ipv4 -O FORWARD -i br0 -j ACCEPT firewall-cmd --reload this will create a file: /etc/firewalld/direct.xml with the above entries. i tested also then: iptables-save -f dateiname iptables-restore -f dateiname iptables -L now there is a line more inside: -A FORWARD -i br0 -j ACCEPT but i do not recall why i have done this. my working configuration did not have the last "-A" line inside. hope this will help you. for test purpose i would (if possible inside your enviorement) stop the firewall (host) completely and check if its then running. if its running, you know for sure its a firewall problem. simoN -- www.becherer.de signature.asc Description: OpenPGP digital signature
How to make a VM guest look like just another metal machine on my LAN?
Hi all, My LAN at home is on 192.168.0.0/24, connected to the Internet via a cablemodem/firewall/router/gateway at 192.168.0.1. My Daily Driver Desktop (DDD), which will after this be referred to as the "host" or "metal host" is at 192.168.0.2. I have a printer with an http interface at 192.168.0.13. Throughout this post I'm careful to discriminate between the metal host and the VM guest, which is created on the metal host, for all config options. What I'm trying to accomplish is to launch a VM guest (Devuan) on my metal host (Void Linux), such that the VM guest performs as if it were just another physical computer on my LAN. I've been reading and experimenting for four days and still don't have what I need. Here are some of the documents I've used trying to get this done: https://wiki.qemu.org/Documentation/Networking#User_Networking_.28SLIRP.29 https://ahelpme.com/linux/howto-do-qemu-full-virtualization-with-bridged-networking/ http://www.mpaoli.net/~root/bin/TEMPLATE https://www.debian.org/doc/manuals/debian-handbook/sect.virtualization.en.html#sect.lxc.network I'm trying to do it purely with ip commands, although I could use brctl if necessary. I'm staying away from virt-manager and aqemu because they don't work on my Void Linux metal host, and would just add even more variables and ambiguity. Speaking of ambiguity, every document I've read (and I've read dozens) has the following ambiguities: 1) When discussing a setting, they don't indicate whether that setting should be on the metal host or the VM guest. Perhaps to a person who thoroughly understands virtual machines, such a distinction would be obvious via context, but it's not obvious to me. 2) When specifying an "id=whatever", they don't indicate how the id would be used, or what other references to that id need to be made. 3) They include no realistic steps for troubleshooting a "warning: netdev mybridge0 has no peer" type warning, nor even explain what it means more than a few guesses and "have you tried...". Based on the previously listed links, I deduce that the TAP is created by the guest VM, in such a way that it attaches to the bridge created on the metal host, and therefore I have no need to create a TAP on the metal host. Here's my progress so far, based on the links listed above and my other readings and experimentation: *** I build the bridge purely with ip commands. Also, I don't mess with the firewall (which perhaps has been my problem all along). I'll investigate the firewall aspect tomorrow. Below are some scripts and stuff I'm using. The following is upnet.sh, which I use to set up networking on the metal host, which happens to run Void Linux, which has no /etc/network/interfaces: = #!/bin/sh use_bridge=1 use_tap=0 dev="enp40s0" ipaddr_major="192.168.0.2" ipaddr_minor="192.168.0.102" gateway="192.168.0.1" error_tap_without_bridge(){ echo -n "ERROR: Can\'t set TAP without " echo -n "BRIDGE! " echo Aborting... exit 1 } enable_ip_forwarding(){ echo 1 > /proc/sys/net/ipv4/ip_forward } unset_everything(){ dev=$1 ip_maj=$2 ip_min=$3 gateway=$4 echo "Unsetting everything for $dev, $ip_maj and $ip_min" ip link set dev tap0 down brctl delif br0 tap0 ip link del tap0 ip link set dev br0 down ip addr del $ip_min/24 dev br0 ip addr del $ip_maj/24 dev br0 brctl delbr br0 ip link set dev $dev down ip addr del $ip_min/24 dev $dev ip addr del $ip_maj/24 dev $dev echo "" } set_hostname_and_localhost(){ echo "Setting hostname and localhost" hostname=`grep -v "^\s*#" /etc/hostname | head -n1` ip link set dev lo up echo "" } create_phys_device_link(){ dev=$1 echo Creating device link for $dev ip link set dev $dev up echo "" } set_phys_device_addr(){ dev=$1 ip_maj=$2 ip_min=$3 gateway=$4 echo -n "Setting physical device addresses " echo -n "$ip_maj " echo -n "and $ip_min " echo -n "for $physdev " echo "with gateway $gateway" ip link set dev $dev down ip addr add $ip_maj/24 dev $dev ip addr add $ip_min/24 dev $dev ip link set dev $dev up ip route add default via $gateway echo "" } set_bridge(){ dev=$1 ip_maj=$2 ip_min=$3 gateway=$4 echo Setting bridge for $dev echo -n "Creating and setting bridge addresses " echo -n "$ip_maj " echo -n "and $ip_min " echo -n "for $physdev " echo "with gateway $gateway" ip link add name br0 type bridge ip link set dev $dev master br0 ip addr add $ip_maj/24 dev br0 ip addr add $ip_min/24 dev br0 ip link set dev br0 up ip route add default via $gateway echo "" } set_tap(){ echo Setting tap ip tuntap add tap0 mode tap brctl addif br0 tap0 #ip addr add 192.168.0.66/24 dev tap0 ip link set dev tap0 up echo "" } show_networking(){ echo -n "Networking follows in 3 seconds..." sleep 3 echo "\n" echo "==