Re: KVM networking.

To: debian-user@lists.debian.org
Subject: Re: KVM networking.
From: Sthu Deus <sthu.deus@gmail.com>
Date: Fri, 11 Nov 2011 23:23:22 +0700
Message-id: <[🔎] 4ebd4bfe.4c9bcc0a.4400.ffffbfc7@mx.google.com>
In-reply-to: <[🔎] 20111109222614.7ef98ec1@neminis.intra.loos.site>
References: <[🔎] 4eb6dd81.1478cc0a.2f0e.69b1@mx.google.com> <[🔎] 20111107213156.5284cbd1@neminis.intra.loos.site> <[🔎] 4eb8de14.4713cc0a.5728.121e@mx.google.com> <[🔎] 20111109222614.7ef98ec1@neminis.intra.loos.site>

Thank You for Your time and answer, Arno:

>Sthu Deus (sthu.deus@gmail.com on 2011-11-08 14:44 +0700):
>> 
>> >> /usr/bin/kvm -localtime -m 256 -no-reboot
>> >> -cdrom ./debian-6.0.2.1-amd64-netinst/debian-6.0.2.1-amd64-netinst.iso
>> >> -boot d -hda ./da -net nic -net tap,ifname=tap0,script=no
>> >> 
>> >> kvm: -net tap,ifname=tap0,script=no: could not
>> >> configure /dev/net/tun (tap0): Operation not permitted
>> >

[..]

>> 1. The bridges take the Internet connections for itself - thus
>> leaving the host app.s w/o Internet access, probably routing needed
>> here - but they do not make any specifications for that.
>> 
>That sounds weird. What does brctl show? A default setup with these two
>lines should already work fine:
>
>iface br0 inet dhcp
>	bridge_ports eth0
>
>Just remember to leave eth0 unconfigured...

Then how do host's app.s will get to Internet?

>> 2. As a workstation - it does not provide access from host to the
>> guest.
>> 
>You mean networking access? I've never needed it, but it should work
>once your host apps have networking access... (just tested: ping
>between host and vm works fine for me).

I mean that DHCP of KVM gives Internet access to guest and having no
interface from host to guest, I can not reach the guest from host. Of
course, host app.s and guest's app.s - both have Internet connection,
but not host-guest connection.

>> 3. W/ tap - You have seen already the problem - some unknown to me
>> permission problem - do You know why is it so?
>> 
>I can make a guess:
>
>$ ls -l /dev/net/tun
>crw-rw---- 1 root kvm 10, 200 Nov  9 21:36 tun

crw-rw-rw- 1 root root 10, 200 Nov 11 11:44 /dev/net/tun

>$ groups
>aschuring users kvm [..]

kvm:x:251:vm-user

>$ /usr/sbin/tunctl -b    
>TUNSETIFF: Operation not permitted
>$ sudo setcap cap_net_admin+ep /usr/sbin/tunctl
>$ /usr/sbin/tunctl -b             
>tap0

We have discussed w/ You already that this is not the solution we are
looking for. :)

>Yes. You can just add tunctl to your list of sudo commands, and use the
>output of ifname=$(sudo tunctl -b -u $(whoami)) on the kvm command
>line. Alternatively, set the cap_net_admin capability on tunctl and you
>won't need sudo (but still upgrade-unsafe)...
>
>This way, kvm will not need to create the interface and you won't run
>into permission problems.

Now it works - regarding the permission problem, but I need the
interface (tap).

Of course I can create by root w/:

ifconfig tap0 192.168.1.1 up

route add -host 192.168.1.1 dev tap0

but I want w/o root.

And even w/ root - I still can not get network working between host and
guest - having configured guest w/:

iface eth0 inet static
        address 192.168.1.2
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 192.168.0.1

Reply to:

Follow-Ups:
- Re: KVM networking.
  - From: Arno Schuring <aelschuring@hotmail.com>

References:
- KVM networking.
  - From: Sthu Deus <sthu.deus@gmail.com>
- Re: KVM networking.
  - From: Arno Schuring <aelschuring@hotmail.com>
- Re: KVM networking.
  - From: Sthu Deus <sthu.deus@gmail.com>
- Re: KVM networking.
  - From: Arno Schuring <aelschuring@hotmail.com>

Prev by Date: Re: dial-up modem usage
Next by Date: Re: Dead keys in Gnome3/Shell?
Previous by thread: Re: KVM networking.
Next by thread: Re: KVM networking.
Index(es):
- Date
- Thread