LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 07-31-2009, 08:08 AM   #1
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Rep: Reputation: 18
qemu and vde help


hi everyone,

i installed qemu and vde (following alienbob's awesome wiki http://alien.slackbook.org/dokuwiki/...=slackware:vde) but am having trouble getting the networking going...

i can ssh into the guest from the host, but cannot ssh into the guest from another machine on my lan. can someone point out what am i doing wrong? (lan has 192.168.1.xxx addresses handed out by the router)

Code:
root@helios:/etc/rc.d# cat rc.vdenetwork 
#!/bin/sh
# QEMU/VDE/DnsMasq environment preparation script
# ---------------------------------------------------------------------------
#
# After running this startup script, run a QEMU virtual machine in this way:
#
#     vdeqemu [qemu_option [qemu_option], ...]
#
# The vdeqemu program will automatically connect
# the QEMU virtual machine to the VDE switch.
#
# ---------------------------------------------------------------------------

# The IP configuration for the tap device that will be used for
# the virtual machine network:

TAP_DEV=tap0
TAP_IP=10.111.112.254
TAP_MASK=255.255.255.0

TAP_BCAST=`/bin/ipmask ${TAP_MASK} ${TAP_IP} | cut -f 1 -d ' '`

# Host interfaces that need to be NAT-ed (in case we're not bridging):
NAT_IFS="eth+"

# Definitions for the LAN segment the Qemu virtual machines will be in.
# These definitions will be fed to dnsmasq - this program will provide DNS
# and DHCP to the Qemu LAN.

# The VM_IPLOW and VM_IPHIGH addresses must agree with the definitions for
# the tap0 device above. These 'low' and 'high' values are the IP address
# range for the DHCP server to use.

VM_DOMAIN=qemu.lan
VM_IPLOW=10.111.112.128
VM_IPHIGH=10.111.112.199
VM_BCAST=${TAP_BCAST}
VM_MASK=${TAP_MASK}

# For additional options to dnsmasq:
#DNSMASQ_OPTIONS="--server /my.net/192.168.1.1"
DNSMASQ_OPTIONS=""

# See how we were called.

case "$1" in
  start)
        echo -n "Starting VDE network for QEMU: "

        # Load tun module
        /sbin/modprobe tun 2>/dev/null
        # Wait for the module to be loaded
        while ! /bin/lsmod |grep -q "^tun"; do echo Waiting for tun device;sleep 1; done

        # Start tap switch
        vde_switch -tap ${TAP_DEV} -daemon

        # Bring tap interface up
        ifconfig ${TAP_DEV} ${TAP_IP} broadcast ${TAP_BCAST} netmask ${TAP_MASK}

        # Start IP Forwarding
        echo "1" > /proc/sys/net/ipv4/ip_forward
        for NIC in ${NAT_IFS}; do
          iptables -t nat -A POSTROUTING -o ${NIC} -j MASQUERADE
        done

        # Change pipe permission (vde2 uses a different pipe directory)
        if vde_switch -v | grep -q "^VDE 1" ; then
          chmod 666 /tmp/vde.ctl
        else
          chmod -R a+rwx /var/run/vde.ctl
        fi

        # If we are not running 2.6, apply workaround
        if uname -r | grep '^2.4'; then
          echo 1024 > /proc/sys/dev/rtc/max-user-freq
        fi

        # Start dnsmasq, the DNS/DHCP server
        # for our Virtual Machines behind the tap0 interface
        /usr/sbin/dnsmasq \
          --log-queries \
          --user=nobody \
          --dhcp-leasefile=/var/state/dhcp/qemu-dhcpd.leases \
          --dhcp-range=${VM_IPLOW},${VM_IPHIGH},${VM_MASK},${VM_BCAST},8h \
          --interface=${TAP_DEV} \
          --domain=${VM_DOMAIN} \
          $DNSMASQ_OPTIONS
        echo
        ;;
  stop)
        echo -n "Stopping VDE network for QEMU: "
        {
        # Delete the NAT rules
        for NIC in ${NAT_IFS}; do
          iptables -t nat -D POSTROUTING -o ${NIC} -j MASQUERADE
        done
        # Bring tap interface down
        ifconfig ${TAP_DEV} down
        # Kill VDE switch
        pgrep -f vde_switch | xargs kill -TERM
        # Remove the control socket
        rm -f /tmp/vde.*
        rmdir /var/run/vde.ctl
        # Stop dnsmasq
        pgrep -f dnsmasq | xargs kill -TERM
        } >/dev/null 2>&1
        echo
        ;;
  restart|reload)
        $0 stop
        sleep 1
        $0 start
        ;;
  *)
        echo "Usage: $0 {start|stop|restart|reload}"
        exit 1
esac

Code:
$ cat slackwarevm_start 
#!/bin/sh
#
# Start a VM in QEMU using VDE for better network support
 
PARAMS=$*
 
# Qemu can use SDL sound instead of the default OSS
export QEMU_AUDIO_DRV=sdl
 
# Whereas SDL can play through alsa:
export SDL_AUDIODRIVER=alsa
 
# Change this to the directory where _you_ keep your QEMU images:
IMAGEDIR=/mnt/data/.virtual_hdd
 
# Change this to the directory where _you_ keep your installation CDROM's ISO images:
ISODIR=/home/alien/ISOS
 
# Now, change directory to your image directory
cd $IMAGEDIR
 
vdeqemu -net vde,vlan=0 -net nic,vlan=0,macaddr=52:54:00:00:EE:02 -m 1024 -localtime -hda slackware.img
#vdeqemu -net vde,vlan=0 -net nic,vlan=0,macaddr=52:54:00:00:EE:02 -m 1024 -localtime -soundhw all -hda slackware.img
Code:
root@helios:~# ls -l /var/log/packages/qemu*
-rw-r--r-- 1 root root 2997 2009-07-27 20:48 /var/log/packages/qemu-0.10.5-i486-1_SBo
root@helios:~# ls -l /var/log/packages/kqemu*
-rw-r--r-- 1 root root 1078 2009-07-27 20:30 /var/log/packages/kqemu-1.4.0pre1_2.6.27.8_smp-i486-1_SBo
root@helios:~# ls -l /var/log/packages/vde*
-rw-r--r-- 1 root root 1807 2009-07-31 21:09 /var/log/packages/vde2-2.1.6-i486-1_SBo

by the way... i have never seen this before... happened a few hours ago in a vm... http://i25.tinypic.com/2aguf77.jpg
 
Old 07-31-2009, 10:28 AM   #2
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,443

Rep: Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662
The problem you are experiencing is that my setup is meant to be able to work comfortably with the virtual machines (guests) from the host computer. Your ethX network interface is configured as a NAT routing interface which means the virtual machines all have easy access to the outside world. This NAT setup prevents other computers on your LAN from accessing the virtual machines.
You basically have two options:

(1) bridge the tap interface and your ethernet interface - that will make the virtual machines visible on the LAN and they will also be able to use the LAN's DHCP/DNS server. My Wiki does not cover bridging however, so you are on your own here.

(2) add portforwarding on the NAT interface, so that at least some ports on your host will connect to ports on the virtual machines (so that you can expose SSH or HTTP services for instance). I think I should perhaps enhance my rc.vdenetwork script with some portforwarding capability.

Eric
 
Old 07-31-2009, 07:14 PM   #3
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by Alien Bob View Post
(1) bridge the tap interface and your ethernet interface - that will make the virtual machines visible on the LAN and they will also be able to use the LAN's DHCP/DNS server. My Wiki does not cover bridging however, so you are on your own here.
bridge the one tap device the vde uses? will vde then allow multiple vms to appear on lan with one tap interface? or are you suggesting to have a tap interface for each vm?
 
Old 08-01-2009, 06:12 AM   #4
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,443

Rep: Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662
Quote:
Originally Posted by zoran119 View Post
bridge the one tap device the vde uses? will vde then allow multiple vms to appear on lan with one tap interface? or are you suggesting to have a tap interface for each vm?
You only need VDE and a single tap device. If you bridge the tap and the internet device, then the bridged virtual "network" that VDE has created behind the tap interface will become part of your LAN. Meaning that any VM you activate will be on your LAN, getting it's DHCP address from your LAN's dhcp-server.

Eric
 
Old 08-01-2009, 10:12 AM   #5
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by Alien Bob View Post
You only need VDE and a single tap device. If you bridge the tap and the internet device, then the bridged virtual "network" that VDE has created behind the tap interface will become part of your LAN. Meaning that any VM you activate will be on your LAN, getting it's DHCP address from your LAN's dhcp-server.

Eric
ok. i have to take it slowly... i'm going to try a tap interface bridged to the network card... vde will come later.

i did some reading and some of my old scripts and this is what i have so far

Code:
#!/bin/bash

modprobe tun
kill -9 `pidof dhcpcd`

tunctl -t tap1 -u zoran
chown root.users /dev/net/tun
chmod g+rw /dev/net/tun

brctl addbr br0
ifconfig eth0 0.0.0.0 promisc 
brctl addif br0 eth0
dhclient br0

brctl addif br0 tap1 
ifconfig tap1 up
and this gives me
Code:
root@helios:~# ifconfig 
br0       Link encap:Ethernet  HWaddr 00:24:1d:1f:e3:72  
          inet addr:192.168.1.8  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::224:1dff:fe1f:e372/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1290 (1.2 KiB)  TX bytes:1836 (1.7 KiB)

eth0      Link encap:Ethernet  HWaddr 00:24:1d:1f:e3:72  
          inet6 addr: fe80::224:1dff:fe1f:e372/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:4778768 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3005132 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1819289841 (1.6 GiB)  TX bytes:944951644 (901.1 MiB)
          Interrupt:219 Base address:0xa000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:196091 errors:0 dropped:0 overruns:0 frame:0
          TX packets:196091 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:32912885 (31.3 MiB)  TX bytes:32912885 (31.3 MiB)

tap1      Link encap:Ethernet  HWaddr d2:8c:91:ef:44:1e  
          inet6 addr: fe80::d08c:91ff:feef:441e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:3 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
but this is what i get when i try to run qemu
Code:
$ qemu -net nic,tap1 -localtime -m 1024 -hda /mnt/data/.virtual_hdd/slackware.img
Warning: vlan 0 is not connected to host network
i'm thinking that my -net option when starting qemu is not right... the vm cannot get to the router to get an ip address. any suggestions on how to fix this error?
 
Old 08-02-2009, 05:03 AM   #6
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Original Poster
Rep: Reputation: 18
the method i have described in the above post works with virtualbox... the vm gets an ip from the router and it's all sweet! so it seems to me that i am not starting qemu correctly... anyone know what i am doing wrong?
 
Old 08-02-2009, 07:36 AM   #7
niels.horn
Senior Member
 
Registered: Mar 2007
Location: Rio de Janeiro - Brazil
Distribution: Slackware64-current
Posts: 1,004

Rep: Reputation: 90
I start my Qemu machines with:
Code:
qemu -net nic,macaddr=xxxxx -net tap,ifname=tap1 -localtime (etc... etc...)
Supplying the macaddr is necessary if you run several VMs at the same time.

I use bridging to have the virtual machines accessible from my LAN, with a script almost equal to yours.
 
Old 08-03-2009, 04:04 AM   #8
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by niels.horn View Post
I start my Qemu machines with:
Code:
qemu -net nic,macaddr=xxxxx -net tap,ifname=tap1 -localtime (etc... etc...)
Supplying the macaddr is necessary if you run several VMs at the same time.

I use bridging to have the virtual machines accessible from my LAN, with a script almost equal to yours.
this is what i am getting...

Code:
root@helios:~# qemu -net nic,macaddr=00:24:1d:1f:e3:74 -net tap,ifname=tap1 -localtime -m 1024 -hda /mnt/data/.virtual_hdd/slackware.img
/etc/qemu-ifup: could not launch network script
Could not initialize device 'tap'
or as a normal user:

Code:
$ qemu -net nic,macaddr=00:24:1d:1f:e3:74 -net tap,ifname=tap1 -localtime -m 1024 -hda /mnt/data/.virtual_hdd/slackware.img
warning: could not configure /dev/net/tun: no virtual network emulation
Could not initialize device 'tap'
and i don't have this /etc/qemu-ifup file... any ideas?
 
Old 08-03-2009, 05:09 AM   #9
niels.horn
Senior Member
 
Registered: Mar 2007
Location: Rio de Janeiro - Brazil
Distribution: Slackware64-current
Posts: 1,004

Rep: Reputation: 90
ok, you need a script called qemu-ifup in /etc
It is called with the name of the interface as a parameter (in the example: tap1)

This script could be something like:
Code:
#!/bin/sh

ifconfig $1 192.168.1.200 netmask 255.255.255.0
brctl addif br0 $1
This assumes you already have started your bridge in rc.local for example, with a script like you set up.

Try this as root, if it works we'll solve the problem of starting qemu as a normal user
 
Old 08-03-2009, 06:30 AM   #10
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Original Poster
Rep: Reputation: 18
Quote:
Originally Posted by niels.horn View Post
ok, you need a script called qemu-ifup in /etc
It is called with the name of the interface as a parameter (in the example: tap1)

This script could be something like:
Code:
#!/bin/sh

ifconfig $1 192.168.1.200 netmask 255.255.255.0
brctl addif br0 $1
This assumes you already have started your bridge in rc.local for example, with a script like you set up.

Try this as root, if it works we'll solve the problem of starting qemu as a normal user
awesome! it works!

i wrote /etc/qemu-ifdown... hope it is ok... seems to work

Code:
root@helios:~# cat /etc/qemu-ifdown 
#!/bin/sh

ifconfig $1 down
brctl delif br0 $1
yeah... non-root user still has problems... what could be the problem?

Code:
$  qemu -net nic,macaddr=00:24:1d:1f:e3:74 -net tap,ifname=tap1 -localtime -m 1024 -hda /mnt/data/.virtual_hdd/slackware.img
warning: could not configure /dev/net/tun: no virtual network emulation
Could not initialize device 'tap'
 
Old 08-03-2009, 06:48 AM   #11
niels.horn
Senior Member
 
Registered: Mar 2007
Location: Rio de Janeiro - Brazil
Distribution: Slackware64-current
Posts: 1,004

Rep: Reputation: 90
I actually start qemu with "sudo qemu ...."

Qemu creates the tapX device, something only root can do in a standard setup.

So I added some lines to my sudoers file so that all users belonging to a group "vm" (that I created) can start "qemu", "ifconfig" and "brctl".

Here is an example of the lines you could put in your sudoers file:
Code:
Cmnd_Alias	VM=/sbin/brctl, /sbin/ifconfig, /usr/bin/qemu

%vm		ALL=NOPASSWD: VM
After this, you'll have to change the script that starts qemu (or start it manually) to read
Code:
sudo /usr/bin/qemu
and change the qemu-ifup/down scripts to start ifconfig & brctl with "sudo /sbin/ifconfig ..." and "sudo /sbin/brctl ..." etc.
 
Old 08-03-2009, 07:08 AM   #12
zoran119
Member
 
Registered: Dec 2007
Posts: 217

Original Poster
Rep: Reputation: 18
excellent!!! it is working!!! thanks for your help.

it is crashing x when the vm window gets focus for the first time (not all the time but once out of 5 maybe)... anyone experienced anything similar?
 
Old 08-03-2009, 07:11 AM   #13
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,443

Rep: Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662Reputation: 7662
Quote:
Originally Posted by niels.horn View Post
I actually start qemu with "sudo qemu ...."

Qemu creates the tapX device, something only root can do in a standard setup.
This is one of the reasons to want to use VDE.
The VDE is started by root (as part of a rc script for instance) and controls the tun/tap interface. It allows normal users to interact with it without the need to be root.

You can combine the use of VDE and a bridge. There will also be no need for /etc/qemu-ifup/down scripts if you use VDE.

Eric
 
Old 08-03-2009, 09:09 AM   #14
niels.horn
Senior Member
 
Registered: Mar 2007
Location: Rio de Janeiro - Brazil
Distribution: Slackware64-current
Posts: 1,004

Rep: Reputation: 90
Quote:
Originally Posted by Alien Bob View Post
This is one of the reasons to want to use VDE.
The VDE is started by root (as part of a rc script for instance) and controls the tun/tap interface. It allows normal users to interact with it without the need to be root.

You can combine the use of VDE and a bridge. There will also be no need for /etc/qemu-ifup/down scripts if you use VDE.

Eric
I know, I know... Using VDE definitely has its advantages But it is a bit trickier to set up. Since the O.P. asked for a solution without VDE for now:
Quote:
i'm going to try a tap interface bridged to the network card... vde will come later.
and for other readers not willing to install and configure VDE, this solution using sudo is an alternative.

In the end, what matters is that it works without compromising security too much.

But I do encourage everyone to use VDE in the end!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Create a LAN for Virtual Servers with KVM and VDE LXer Syndicated Linux News 0 11-12-2008 03:40 PM
installing VDE (Virtual Distributed Ethernet) on OS X 10.4.9 n00bDanimal Other *NIX 0 04-13-2007 02:22 AM
qemu paul_mat Linux - General 3 12-09-2005 12:48 PM
QEMU and VDE fr_laz Linux - Networking 0 07-06-2005 08:06 AM
qemu: qemu stopped right after command exec bitpicker Linux - Software 1 03-04-2005 11:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 06:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration