I just installed opensolaris for the first time a few days ago (Developers edition 09/07) with no major problems. I am also new to Qemu, but I was able to install it with the accelerator just fine. After successfully installing FreeBSD 6.2 as an image, I wanted it to have full access to the network. I followed the instructions found here: http://www.opensolaris.org/os/project/qemu/Qemu_Networking/ I was successful in installing the bridge and the tap driver. I configured the script to use the DHCP server of my router. When I start the virtual FreeBSD, the network interface is assigned 192.168.0.30 correctly as I instructed the router to do based on the mac address. So right now, everything appears to be installed correctly. The bridge, tap, guest interface all appear to be working. The problem is that the network is not working as advertised. The host machine is at 192.168.0.22. It can not communicate with FreeBSD with either a ping or SSH. FreeBSD can not communicate with the other servers on the LAN. It can connect to external servers on the internet though. It looks like the firewall between the host and the guest system is still up. This is probably something really simple to reconfigure, but I can''t determine what I''m missing. Should ping work in this configuration? SSH should definitely work, right? Thanks for any help in advance. John -- This message posted from opensolaris.org
---- John <opensolaris at marino.st> wrote:> I just installed opensolaris for the first time a few days ago (Developers edition 09/07) with no major problems. I am also new to Qemu, but I was able to install it with the accelerator just fine. After successfully installing FreeBSD 6.2 as an image, I wanted it to have full access to the network. I followed the instructions found here: http://www.opensolaris.org/os/project/qemu/Qemu_Networking/Good, so far.> I was successful in installing the bridge and the tap driver. I configured the script to use the DHCP server of my router. When I start the virtual FreeBSD, the network interface is assigned 192.168.0.30 correctly as I instructed the router to do based on the mac address. So right now, everything appears to be installed correctly. The bridge, tap, guest interface all appear to be working.Good.> The problem is that the network is not working as advertised. The host machine is at 192.168.0.22. It can not communicate with FreeBSD with either a ping or SSH. FreeBSD can not communicate with the other servers on the LAN. It can connect to external servers on the internet though. It looks like the firewall between the host and the guest system is still up.If you''re running TAP and your guest got an address, then the TAP and your guest is working correctly, especially since your guest can connect to external servers on the internet. There is a "feature" of the bridge that doesn''t allow a guest to see it''s host and vice-versa when using TAP/Bridge (BTW, this is documented on the Qemu_Networking page).> This is probably something really simple to reconfigure, but I can''t determine what I''m missing. Should ping work in this configuration? SSH should definitely work, right? Thanks for any help in advance.No, this won''t work until OpenSolaris has a true bridge. As documented, if you need the guest to access the guest, either define another interface using -net user, or bring up another tap device and use the instructions on the Qemu networking page so the host can see the guest and vice-versa. HTH, Ben
Hi Ben, it does help.> There is a "feature" of the bridge that doesn''t allow a guest to see it''s > host and vice-versa when using TAP/Bridge (BTW, this is documented > on the Qemu_Networking page).Actually, it''s not. I read that page several times before posting and then I read it several times more after reading this. This "feature" certainly [i]should[/i] be documented on the Qemu_Networking page as it''s pretty important information.> No, this won''t work until OpenSolaris has a true bridge. As documented, > if you need the guest to access the guest, either define another interface > using -net user, or bring up another tap device and use the instructions > on the Qemu networking page so the host can see the guest and vice-versa. >This workaround is not stated on the Qemu networking page either. I suspect that both this workaround and issue are located elsewhere. I would encourage the Qemu networking page to be updated with what you just told me as I would not have needed to post if it were there! (I really, really hope I didn''t miss the text 6 times and am making myself look like an idiot, but I really don''t think it''s there.) I appreciate the help, John -- This message posted from opensolaris.org
---- John <opensolaris at marino.st> wrote:> Hi Ben, it does help. > > > > There is a "feature" of the bridge that doesn''t allow a guest to see it''s > > host and vice-versa when using TAP/Bridge (BTW, this is documented > > on the Qemu_Networking page). > > > Actually, it''s not. I read that page several times before posting and then I read it several times more after reading this. This "feature" certainly [i]should[/i] be documented on the Qemu_Networking page as it''s pretty important information.Oops. I could have sworn I added that information. Sorry for the omssion, and that you got a run around. I will get the page updated in the next day or so. Thanks for the dilligence. \> > No, this won''t work until OpenSolaris has a true bridge. As documented,> > if you need the guest to access the guest, either define another interface > > using -net user, or bring up another tap device and use the instructions > > on the Qemu networking page so the host can see the guest and vice-versa. > > > > This workaround is not stated on the Qemu networking page either.<sigh> I know when I wrote the page back in May, I thought I had documented it.> I suspect that both this workaround and issue are located elsewhere. I would encourage the Qemu networking page to be updated with what you just told me as I would not have needed to post if it were there! > > (I really, really hope I didn''t miss the text 6 times and am making myself look like an idiot, but I really don''t think it''s there.)Nope. It was an omission on my part, and my comments were based on things I had wanted put in, thoughts I put in the page and apparently never finished. Ben
Hi Ben, Thanks for updating the Networking page. Even though I had a working bridge, I decided to just use a tap coupled with a -net user to gain access to the internet. One thing this is puzzling me is that this command: ./sol_qemu_tap freebsd62.sh can only be executed by root. If i try to execute it with another user I get a failure to allocate the tap driver which I assume is caused by lack of permission to access the device. This is quote in the networking page: "What happens behind the scenes is that sol_qemu_tap invokes root privileges, creates the TAP device, and calls /etc/qemu-ifup with the name of the TAP device, which sets the network properties of the TAP. When that is complete, sol_qemu_tap drops the permissions to the calling user and invokes the shell script passed in via the first parameter." Given that, I assumed that I could execute Qemu from a non-root user. Am I misunderstanding, am I misconfigured, or is there something missing from the instructions? Thanks! John -- This message posted from opensolaris.org
---- John <opensolaris at marino.st> wrote:> Hi Ben, > > Thanks for updating the Networking page. Even though I had a working bridge, I decided to just use a tap coupled with a -net user to gain access to the internet. > > One thing this is puzzling me is that this command: > > ./sol_qemu_tap freebsd62.sh > > can only be executed by root. If i try to execute it with another user I get a failure to allocate the tap driver which I assume is caused by lack of permission to access the device.though it may not be explicitly stated, sol_qemu_tap needs to be setuid root (ie chown root sol_qemu_tap; chmod 4755 sol_qemu_tap)> > This is quote in the networking page: "What happens behind the scenes is that sol_qemu_tap invokes root privileges, creates the TAP device, and calls /etc/qemu-ifup with the name of the TAP device, which sets the network properties of the TAP. When that is complete, sol_qemu_tap drops the permissions to the calling user and invokes the shell script passed in via the first parameter."Right. The setuid-ness is used to get the privileges to build up the TAP device.> > Given that, I assumed that I could execute Qemu from a non-root user. Am I misunderstanding, am I misconfigured, or is there something missing from the instructions?No, you can execute Qemu as a non-root user. If you need to use tap or bridge, then you need the sol_qemu_tap to be setuid-root. The script drops the root privileges before starting the script to start qemu proper. HTH, Ben