Welcome to the new location of Alien's Wiki, sharing a single dokuwiki install with the SlackDocs Wiki.
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
Previous revisionLast revision | |||
— | slackware:vde [2006/04/12 12:07] – alien | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ===== A networking powerhouse ===== | ||
+ | ==== QEMU, VDE and Dnsmasq ==== | ||
+ | |||
+ | In another [[slackware: | ||
+ | Running a guest Operating System like MS Windows in the QEMU machine virtualizer on your Slackware host is really cool, and for some people this is an opportunity to get away from the requirement to have a Windows desktop running all the time. With QEMU's " | ||
+ | |||
+ | However, when your networking demands are higher, user-mode networking just is not enough.\\ | ||
+ | The drawback of user-mode networking is that is is based on the SLIRP protocol which does not allow for UDP connections, | ||
+ | |||
+ | Another example: you are running several QEMU virtual machines in parallel, and the Guest OS-es need to communicate with each other - this is impossible with user-mode networking. To be truthful, this __was__ impossible until version 0.8.0 of QEMU. The 0.8.0 release was the first to support //VLAN//, an elegant but limited way to connect multiple Guest OS-es to each other. But even with the //vlan// option added, the Host OS will still not be able to connect to any of the Guests.\\ | ||
+ | QEMU offers a slightly more advanced way of bridged networking using a //tap// device, so that two-way communication between Host and Guests becomes possible, but the disadvantages of using a tap device with QEMU are, that you have to setup a separate tap device for each Virtual Machine, and root access (or '' | ||
+ | |||
+ | |||
+ | ==== VDE ==== | ||
+ | |||
+ | The solution is a small but powerful piece of software called [[http:// | ||
+ | |||
+ | === Getting a VDE package === | ||
+ | |||
+ | I have created a Slackware package for VDE that you'll find in my [[http:// | ||
+ | |||
+ | |||
+ | ==== DNSMasq ==== | ||
+ | |||
+ | From the [[http:// | ||
+ | " | ||
+ | Dnsmasq is targeted at home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection but would be a good choice for any small network where low resource use and ease of configuration are important." | ||
+ | |||
+ | I could not have said it better myself. We will use dnsmasq to compensate for the loss of the QEMU-internal DHCP Server (because we abandon user-mode networking). Note that a Slackware full-install contains a dnsmasq package already, and a ''/ | ||
+ | |||
+ | Dnsmasq will pick up any existing network configuration information of your computer, by reading ''/ | ||
+ | |||
+ | ====Tying it all together ==== | ||
+ | |||
+ | This section documents how to combine the functionality of vde, dnsmasq and iptables and achieve what we set out to do: have better, no-fuss networking functionality for QEMU. | ||
+ | |||
+ | |||
+ | === How it works === | ||
+ | |||
+ | * First of all, we load the " | ||
+ | CONFIG_TUN=m (Device Drivers - Network device support -> Universal TUN/TAP device driver support) | ||
+ | CONFIG_IP_NF_CONNTRACK=m (Connection tracking) | ||
+ | CONFIG_IP_NF_IPTABLES=m (IP tables support) | ||
+ | CONFIG_IP_NF_NAT=m (Full NAT)</ | ||
+ | mkdir /dev/net | ||
+ | mknod / | ||
+ | chmod 660 / | ||
+ | </ | ||
+ | |||
+ | * The tap0 interface is used by the program // | ||
+ | vde_switch -tap tap0 -daemon | ||
+ | </ | ||
+ | chmod -R a+rwx / | ||
+ | </ | ||
+ | |||
+ | * Then we configure the resulting //tap0// network interface with an IP address. The QEMU Virtual Machines that you'll be running will all be available on a subnetwork that is " | ||
+ | ifconfig tap0 10.111.111.254 broadcast 10.111.111.255 netmask 255.255.255.0 | ||
+ | </ | ||
+ | |||
+ | * Traffic to and from the subnet behind the tap0 interface must be forwarded < | ||
+ | echo " | ||
+ | </ | ||
+ | iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | ||
+ | </ | ||
+ | |||
+ | * We've setup the foundation now, and need to finish by starting //dnsmasq// to have a DHCP/DNS server in case the QEMU Guest OS needs these: < | ||
+ | / | ||
+ | --log-queries \ | ||
+ | --user=named \ | ||
+ | --dhcp-leasefile=/ | ||
+ | --dhcp-range=10.111.111.129, | ||
+ | --interface=tap0 \ | ||
+ | --domain=qemu.lan | ||
+ | </ | ||
+ | |||
+ | * We're done! If you're running a 2.4 kernel and get the following warning message when starting QEMU: < | ||
+ | Could not configure '/ | ||
+ | error, but for better emulation accuracy either use a 2.6 host Linux kernel | ||
+ | or type 'echo 1024 > / | ||
+ | </ | ||
+ | echo 1024 > / | ||
+ | </ | ||
+ | |||
+ | |||
+ | === Implementation === | ||
+ | |||
+ | To activate your VDE powered virtual ethernet expansion every time the computer boots, you add an //init// script to Slackware' | ||
+ | |||
+ | * Use the example in the last section to create a file that you call ''/ | ||
+ | vi / | ||
+ | chmod +x / | ||
+ | </ | ||
+ | |||
+ | * Add the following lines to the file ''/ | ||
+ | if [ -x / | ||
+ | # echo "VDE network: | ||
+ | / | ||
+ | fi | ||
+ | </ | ||
+ | |||
+ | * Important variables in the ''/ | ||
+ | TAP_DEV=tap0 | ||
+ | TAP_IP=10.111.111.254 | ||
+ | TAP_MASK=255.255.255.0 | ||
+ | VM_IPLOW=10.111.111.128 | ||
+ | VM_IPHIGH=10.111.111.199 | ||
+ | # The VM_IPLOW an VM_IPHIGH addresses must all lie within | ||
+ | # the same IP subnetwork, defined by TAP_IP and TAP_MASK | ||
+ | VM_DOMAIN=qemu.lan | ||
+ | NAT_IFS=" | ||
+ | # that should be configured as external NAT interfaces. | ||
+ | # If you have a eth0 and wlan0 device, you could use | ||
+ | # NAT_IFS=" | ||
+ | # "all network interfaces starting with ' | ||
+ | DNSMASQ_OPTIONS="" | ||
+ | </ | ||
+ | |||
+ | * You can now reboot, or if you don't want to reboot, just run < | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | |||
+ | ==== Example scripts ==== | ||
+ | |||
+ | Save this code as ''/ | ||
+ | #!/bin/sh | ||
+ | # QEMU/ | ||
+ | # --------------------------------------------------------------------------- | ||
+ | # | ||
+ | # After running this startup script, run a QEMU virtual machine in this way: | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # The vdeqemu program will automatically connect | ||
+ | # the QEMU virtual machine to the VDE switch. | ||
+ | # | ||
+ | # --------------------------------------------------------------------------- | ||
+ | |||
+ | # The IP configuration for the tap device that will be used for | ||
+ | # the virtual machine network: | ||
+ | |||
+ | TAP_DEV=tap0 | ||
+ | TAP_IP=10.111.111.254 | ||
+ | TAP_MASK=255.255.255.0 | ||
+ | |||
+ | TAP_BCAST=`/ | ||
+ | |||
+ | # Host interfaces that need to be NAT-ed (in case we're not bridging): | ||
+ | NAT_IFS=" | ||
+ | |||
+ | # Definitions for the LAN segment the Qemu virtual machines will be in. | ||
+ | # These definitions will be fed to dnsmasq - this program will provide DNS | ||
+ | # and DHCP to the Qemu LAN. | ||
+ | |||
+ | # The VM_IPLOW and VM_IPHIGH addresses must agree with the definitions for | ||
+ | # the tap0 device above. These ' | ||
+ | # range for the DHCP server to use. | ||
+ | |||
+ | VM_DOMAIN=qemu.lan | ||
+ | VM_IPLOW=10.111.111.128 | ||
+ | VM_IPHIGH=10.111.111.199 | ||
+ | VM_BCAST=${TAP_BCAST} | ||
+ | VM_MASK=${TAP_MASK} | ||
+ | |||
+ | # For additional options to dnsmasq: | ||
+ | # | ||
+ | DNSMASQ_OPTIONS="" | ||
+ | |||
+ | # See how we were called. | ||
+ | |||
+ | case " | ||
+ | start) | ||
+ | echo -n " | ||
+ | |||
+ | # If we are running 2.6, load tun module | ||
+ | if uname -r | grep ' | ||
+ | / | ||
+ | # Wait for the module to be loaded | ||
+ | while ! /bin/lsmod |grep -q " | ||
+ | fi | ||
+ | |||
+ | # Start tap switch | ||
+ | vde_switch -tap ${TAP_DEV} -daemon | ||
+ | |||
+ | # Bring tap interface up | ||
+ | ifconfig ${TAP_DEV} ${TAP_IP} broadcast ${TAP_BCAST} netmask ${TAP_MASK} | ||
+ | |||
+ | # Start IP Forwarding | ||
+ | echo " | ||
+ | for NIC in ${NAT_IFS}; do | ||
+ | iptables -t nat -A POSTROUTING -o ${NIC} -j MASQUERADE | ||
+ | done | ||
+ | |||
+ | # Change pipe permission (vde2 uses a different pipe directory) | ||
+ | if vde_switch -v | grep -q "^VDE 1" ; then | ||
+ | chmod 666 / | ||
+ | else | ||
+ | chmod -R a+rwx / | ||
+ | fi | ||
+ | |||
+ | # If we are not running 2.6, apply workaround | ||
+ | if uname -r | grep ' | ||
+ | echo 1024 > / | ||
+ | fi | ||
+ | |||
+ | # Start dnsmasq, the DNS/DHCP server | ||
+ | # for our Virtual Machines behind the tap0 interface | ||
+ | / | ||
+ | --log-queries \ | ||
+ | --user=named \ | ||
+ | --dhcp-leasefile=/ | ||
+ | --dhcp-range=${VM_IPLOW}, | ||
+ | --interface=${TAP_DEV} \ | ||
+ | --domain=${VM_DOMAIN} \ | ||
+ | $DNSMASQ_OPTIONS | ||
+ | echo | ||
+ | ;; | ||
+ | stop) | ||
+ | echo -n " | ||
+ | { | ||
+ | # Delete the NAT rules | ||
+ | for NIC in ${NAT_IFS}; do | ||
+ | iptables -t nat -D POSTROUTING -o ${NIC} -j MASQUERADE | ||
+ | done | ||
+ | # Bring tap interface down | ||
+ | ifconfig ${TAP_DEV} down | ||
+ | # Kill VDE switch | ||
+ | pgrep -f vde_switch | xargs kill -TERM | ||
+ | # Remove the control socket | ||
+ | rm -f /tmp/vde.* | ||
+ | # Stop dnsmasq | ||
+ | pgrep -f dnsmasq | xargs kill -TERM | ||
+ | } >/ | ||
+ | echo | ||
+ | ;; | ||
+ | restart|reload) | ||
+ | $0 stop | ||
+ | $0 start | ||
+ | ;; | ||
+ | *) | ||
+ | echo " | ||
+ | exit 1 | ||
+ | esac | ||
+ | </ | ||
+ | |||
+ | A script that you can use to start QEMU, connect it to the vde_switch, and have sound in the VM is presented here. Note that if you run more than one QEMU session, the Virtual Machines will see each other on the network provided by the VDE switch. This means that all of them must have unique MAC addresses. Since QEMU will assign the //same// MAC address to each VM by default, we will have to pass each QEMU instance it's own MAC Address. So, for running multiple QEMU powered VM's, you'll have to create multiple copies of the following script (or think up some magic to generate unique MAC addresses). Actually, I also provide this same example script on the [[slackware: | ||
+ | #!/bin/sh | ||
+ | # | ||
+ | # Start Windows XP Pro in QEMU using VDE for better network support | ||
+ | |||
+ | PARAMS=$* | ||
+ | |||
+ | # Qemu can use SDL sound instead of the default OSS | ||
+ | export QEMU_AUDIO_DRV=sdl | ||
+ | |||
+ | # Whereas SDL can play through alsa: | ||
+ | export SDL_AUDIODRIVER=alsa | ||
+ | |||
+ | # Change this to the directory where _you_ keep your QEMU images: | ||
+ | IMAGEDIR=/ | ||
+ | |||
+ | # Change this to the directory where _you_ keep your installation CDROM' | ||
+ | ISODIR=/ | ||
+ | |||
+ | # Now, change directory to your image directory | ||
+ | cd $IMAGEDIR | ||
+ | |||
+ | # If you want to boot from the WinXP CD add a '-boot d' parameter to the commandline; | ||
+ | # if you don't need the CDROM present in the VM, leave ' | ||
+ | # I made the MAC address up - make sure it is unique on your (virtual) network. | ||
+ | |||
+ | # This command returns to the command prompt immediately, | ||
+ | # and QEMU's error output is redirected to files. | ||
+ | vdeqemu -net vde,vlan=0 -net nic, | ||
+ | </ |