LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 10-12-2012, 09:30 AM   #1
mlpa
Member
 
Registered: May 2008
Location: Aveiro
Distribution: Slackware
Posts: 481

Rep: Reputation: 34
qemu-kvm bridge connectivity similar to virtual box


Hello I am dropping Virtual Box for qemu-kvm.
My main activity is to mount servers and services.
So I would like o know how can I have bridge connectivity similar to Virtual Box.

I already tried bridge-utils and it was rather complex. I am now trying vde, using the vde2 slackbuild and alien bob tutorial, here.

My guest debian boots without problem and has a eth0. However the interface do not get any IP.

Can some one help me with this?
 
Old 10-12-2012, 10:08 AM   #2
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,184

Rep: Reputation: Disabled
If you are running Slackware 14 you can setup a bridge in /etc/rc.d/rc.inet1.conf ; here is an example of what my KVM server has configured for a bridge with eth0 in it:
Code:
# Config information for eth0:
#IPADDR[0]=""
#NETMASK[0]=""
#USE_DHCP[0]=""
#DHCP_HOSTNAME[0]=""

# Config information for br0:
IFNAME[1]="br0"
BRNICS[1]="eth0"
IPADDR[1]="192.168.1.1"
NETMASK[1]="255.255.255.0"
USE_DHCP[1]=""
DHCP_HOSTNAME[1]=""
If you are still on Slackware 13.37 or older, you can get the bridge scripts and the .diff file to add it to your current rc.inet1 script here: http://slackware.com/~alien/rc_scripts/bridging/ . This diff is what got added to Slackware 14.

Then, what you need to do is connect the VM's to that bridge.
If you are using my vde package, then that is very easy: copy the rc.vdenetwork script to /etc/rc.d/ , make it executable and start it from /etc/rc.d/rc.local :
Code:
# Start the VDE network layer:
if [ -x /etc/rc.d/rc.vdenetwork ]; then
  echo "Starting VDE:  /etc/rc.d/rc.vdenetwork start"
  /etc/rc.d/rc.vdenetwork start
fi
Then, edit rc.vdenetwork to suit your needs, for instance these are important lines:
Code:
NETWORKTYPE="bridge"
BR_DEV=br0
TAP_DEV=kvm0
If you configured NETWORKTYPE="bridge" then the rc.vdenetwork script will bring up the tap interface, start the vde_switch (the virtual network switch to which all your virtual machines will connect) and finally add the tap interface to the host computer's network bridge.

If you start a virtual machine, you need to have the following parameters in your KVM commandline so that the VM connects to the vde_switch:
Code:
qemu-system-x86_64 -net vde,sock=/var/run/kvm0.ctl,vlan=0 -net nic,model=e1000,vlan=0
The choice of nic model is up to you of course, but e1000 works well for me.

When you do it like this, your virtual machines will be bridged and will be able to get their network configuration from the DHCP server in your LAN.

Eric
 
Old 10-12-2012, 10:18 AM   #3
mlpa
Member
 
Registered: May 2008
Location: Aveiro
Distribution: Slackware
Posts: 481

Original Poster
Rep: Reputation: 34
Thanks Eric, I will try this in the weekend.
the script that com with vde is the following:
Quote:
#!/bin/sh

#=========================== EDIT THE FOLLOWING VARIABLES ==========================
# _________________________________________________________________________________
# | |
# | Interface name to use for the TAP device |
# | |
TAP_IF="tap0"
# |_________________________________________________________________________________|
# | |
# | IP Address/Subnet in CIDR Notation for the Virtual Network |
# | |
TAP_NET="10.10.10.1/24"
# |_________________________________________________________________________________|
#
#=========================== DO NOT EDIT BELOW THIS LINE ============================

start(){
echo -n "Starting VDE Switch..."

# Load tun module
modprobe tun || { echo "Error, cannot load 'tun' module. Exiting..." ; exit 1 ; }
sleep 1

# Start tap switch
vde_switch -tap ${TAP_IF} -daemon || { echo "Error, cannot assign IP to ${TAP_IF}. Exiting..." ; exit 1 ; }

# Bring tap interface up
ip addr add ${TAP_NET} dev ${TAP_IF}
ip link set ${TAP_IF} up

#chmod 666 /tmp/vde.ctl
chmod -R a+rwx /var/run/vde.ctl

# Apply workaround
echo 1024 > /proc/sys/dev/rtc/max-user-freq
echo
}


stop(){
echo -n "Stopping VDE Switch..."

# Bring tap interface down
ip addr flush dev ${TAP_IF}
ip link set ${TAP_IF} down

# Kill VDE switch
kill $(pgrep vde_switch)
sleep 1

# Remove tun module
modprobe -r tun
echo
}


case "$1" in
start)
start
;;

stop)
stop
;;

restart)
stop
start
;;
*)
echo "Usage: $0 {start|stop|restart}"
;;
esac
Your version has a lot more things.
By the way, after reading it i think my problem was the lack of bridge interface.
I thought that vde take cared of that.
This bridge will be visible in my local network? Similar to bridge in virtual box?
Is there any problem if my network devices are controlled through Network Manger?
 
Old 10-12-2012, 02:31 PM   #4
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,184

Rep: Reputation: Disabled
Networkmanager and bridges do not play well together from what I hear. But you can attempt the following hybrid solution.

I did not try this, but the flow of rc.inet1 should allow for it:
- Define a bridge in rc.inet1.conf , using eth0 as one of the bridge's interfaces, but do not assign an IP address to it.
- Configure NetworkManager to use the bridge interface (br0 if you used that name in rc.inet1) and let NM handle it from there on.
- Let rc.vdenetwork add the tap interface to the bridge
- Virtual machines should be able to use the bridge and act as if they were actual computers on your LAN.

Please note that bridges do not like DHCP very much. Having a static IP address for a bridge is very recommended. Bridges and wireless interfaces will probably be an even bigger challenge.

Eric
 
Old 10-12-2012, 09:12 PM   #5
allend
Senior Member
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 3,378

Rep: Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824
If you only want to setup networking when you use a VM, then running this little script as root works for me.
Code:
#!/bin/sh

#Script to setup a bridge interface for use with qemu

tunctl -u <username> -g kvm

ifconfig eth0 0.0.0.0
ifconfig tap0 0.0.0.0
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 tap0
dhcpcd br0

# Load firewall rules when using br0
/etc/rc.d/rc.firewall_br0

# Load the kernel module needed by qemu
modprobe kvm-intel
To use the bridge interface I include these parameters to qemu-kvm when starting the VM
Code:
-net tap,ifname=tap0,script=no,downscript=no -net nic,model=virtio
(The choice of nic model is yours).

To bring the bridge down after using the VM I use
Code:
#!/bin/sh

# Script to bring down bridge after use by qemu

ifconfig tap0 down
brctl delif br0 tap0
tunctl -d tap0
ifconfig eth0 down
brctl delif br0 eth0
ifconfig br0 down
brctl delbr br0

# Restart networking
ifconfig eth0 up
dhcpcd eth0

# Reload firewall rules when using eth0
/etc/rc.d/rc.firewall
You need to install the tunctl package from SlackBuilds.org for this to work, and ensure that the user is a member of the kvm group.

Last edited by allend; 10-18-2012 at 06:22 AM. Reason: Added missing lines in script to bring bridge down
 
1 members found this post helpful.
Old 10-17-2012, 06:47 PM   #6
mlpa
Member
 
Registered: May 2008
Location: Aveiro
Distribution: Slackware
Posts: 481

Original Poster
Rep: Reputation: 34
Hi allend I tried to combine you solution with alien bob.
I added a bridge interface in rc.inet1.conf and set the NetworkManager to only manage my wlan0 interface.

After that I tried to use your scripts to set up a bridge connection.
My script is this
Quote:
#!/bin/bash

### VM config
MEMORY=512

### Set a bridge interface
IF="eth0"
BR="br0"
TAP=$(tunctl -u $(whoami) -b)

brctl addif $BR $TAP
ifconfig $TAP up

### Launch VM

sudo qemu-kvm -m $MEMORY \
-localtime \
-hda debian.qcow2 \
-net "nic,vlan=0,model=e1000" \
-net "tap,vlan=0,ifname=$TAP,script=no,downscript=no" \
-smp "2"
1>debian.log 2>debian.err

### Tear down bridge

ifconfig $TAP down
brctl delif $BR $TAP
tunctl -d $TAP
The VM starts normally but do not get any ip from DHCP.
It is necessary to add some rule to iptables? I saw several websites that mention forwarding rules.
Am i doing something wrong?
 
Old 10-18-2012, 06:01 AM   #7
allend
Senior Member
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 3,378

Rep: Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824
I do have these lines in my /etc/rc.d/rc.firewall_br0 so that the VM can get an IP address from my modem/router.
Code:
# DHCP uses UDP from server port 67 to  port 68 - Needed for qemu virtual machine
$IPTABLES -A INPUT -i $EXTIF -p udp --sport 67 --dport 68 -j ACCEPT
# Allow outgoing DHCP broadcast
$IPTABLES -A INPUT -i tap0 -p udp --sport 68 --dport 67 -j ACCEPT
# Initialise the FORWARD chain for use by virtual machines
$IPTABLES -A FORWARD -i $EXTIF -o $EXTIF -j ACCEPT

Last edited by allend; 10-20-2012 at 07:31 AM. Reason: Added FORWARD chain
 
Old 10-18-2012, 06:52 AM   #8
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,184

Rep: Reputation: Disabled
Quote:
Originally Posted by mlpa View Post
Code:
### Launch VM

sudo qemu-kvm -m $MEMORY \
...
The elegance of my VDE powered solution is that you do not have to run your qemu as root. With VDE, the qemu that is started under your normal user account will connect to the tnu/tap interface managed by the vde-switch (which is started as root, preferably on boot, in rc.local).
I advise you to think twice if running qemu as root is really something you want to do...

Eric
 
Old 10-19-2012, 03:18 AM   #9
mlpa
Member
 
Registered: May 2008
Location: Aveiro
Distribution: Slackware
Posts: 481

Original Poster
Rep: Reputation: 34
Quote:
Originally Posted by Alien Bob View Post
The elegance of my VDE powered solution is that you do not have to run your qemu as root. With VDE, the qemu that is started under your normal user account will connect to the tnu/tap interface managed by the vde-switch (which is started as root, preferably on boot, in rc.local).
I advise you to think twice if running qemu as root is really something you want to do...

Eric
Even without using tap interfaces, i had to run qemu-kvm as root because of the acceleration modules.
I saw in the slackbuilds a file with udev rules to put in the /ect/udev/rules.d but still asked for root.

Did i make a mistake?
 
Old 10-19-2012, 04:31 AM   #10
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,184

Rep: Reputation: Disabled
Quote:
Originally Posted by mlpa View Post
Even without using tap interfaces, i had to run qemu-kvm as root because of the acceleration modules.
I saw in the slackbuilds a file with udev rules to put in the /ect/udev/rules.d but still asked for root.

Did i make a mistake?
If youwere using my SlackBuild then you must create a group called "kvm" and add your account to it:
Code:
# groupadd kvm
# gpasswd -a mlpa kvm
Then logout, login again and you should be able to use the KVM acceleration without being root.

Eric
 
Old 10-20-2012, 06:09 AM   #11
mlpa
Member
 
Registered: May 2008
Location: Aveiro
Distribution: Slackware
Posts: 481

Original Poster
Rep: Reputation: 34
Quote:
Originally Posted by Alien Bob View Post
If youwere using my SlackBuild then you must create a group called "kvm" and add your account to it:
Code:
# groupadd kvm
# gpasswd -a mlpa kvm
Then logout, login again and you should be able to use the KVM acceleration without being root.

Eric

I am using the slackbuild provided by slackbuild.org

Finally my bridge start to work, the problem was iptables.
The default rule for forward was drop

Another questions, before marking the post as solved.
Can the host discover the IP address of the guest virtual machine?

I mainly work with server so I do not need graphics just connect to the machine using ssh.
 
Old 10-20-2012, 06:34 AM   #12
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,184

Rep: Reputation: Disabled
Quote:
Originally Posted by mlpa View Post
Can the host discover the IP address of the guest virtual machine?
I mainly work with server so I do not need graphics just connect to the machine using ssh.
If you mean, can you just start a ssh session with the virtual machine? Yes, you will b able to do that from any computer in your LAN, not just on the host. That is the nice thing about using a bridged network - your virtual machines are accessible on your LAN just like any "real" computer you may have.

Eric
 
Old 10-20-2012, 07:29 AM   #13
allend
Senior Member
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 3,378

Rep: Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824
Quote:
Finally my bridge start to work, the problem was iptables.
The default rule for forward was drop
I beg your pardon. I missed that in my /etc/rc.d/rc.firewall_br0.
I have edited my post #7 to show the forward chain.

Glad you have got it working!
 
1 members found this post helpful.
Old 10-20-2012, 08:55 PM   #14
mlpa
Member
 
Registered: May 2008
Location: Aveiro
Distribution: Slackware
Posts: 481

Original Poster
Rep: Reputation: 34
Quote:
Originally Posted by allend View Post
I do have these lines in my /etc/rc.d/rc.firewall_br0 so that the VM can get an IP address from my modem/router.
Code:
# DHCP uses UDP from server port 67 to  port 68 - Needed for qemu virtual machine
$IPTABLES -A INPUT -i $EXTIF -p udp --sport 67 --dport 68 -j ACCEPT
# Allow outgoing DHCP broadcast
$IPTABLES -A INPUT -i tap0 -p udp --sport 68 --dport 67 -j ACCEPT
# Initialise the FORWARD chain for use by virtual machines
$IPTABLES -A FORWARD -i $EXTIF -o $EXTIF -j ACCEPT
$EXTIF is the physical interface or the bridge interface?
 
Old 10-20-2012, 10:04 PM   #15
allend
Senior Member
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 3,378

Rep: Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824Reputation: 824
It is the bridge interface
Code:
EXTIF="br0"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Set up qemu-kvm-1.0+noroms as spice enabled qemu server vs qemu-kvm-spice on Ubuntu Precise LXer Syndicated Linux News 0 05-26-2012 07:41 AM
[Debian/Qemu/KVM] Why qemu --enable-kvm works but not kvm directly? gb2312 Linux - Virtualization and Cloud 2 03-21-2011 02:05 PM
LXer: Attempt of qemu-kvm-0.14 patching via Gerds Hoffmann spice/qxl: locking fix for qemu-kvm on LXer Syndicated Linux News 0 03-14-2011 01:20 PM
qemu-kvm, virtual network stalling under load cosmonate Linux - Virtualization and Cloud 4 03-10-2010 05:37 AM
KVM on Centos 5.4 - bridge issue on virtual interfaces asmar Linux - Networking 1 03-01-2010 11:11 PM


All times are GMT -5. The time now is 06:54 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration