Virtual Machine routing On Ubuntu

Charles Curley charlescurley at charlescurley.com
Sun Jun 20 14:37:24 MDT 2010 

Grumble. I found out that while I can ping from one VM to another I
can't ssh. I also need to use arbitrary ports above 1024.

On Sat, 19 Jun 2010 01:40:32 -0600
Mike Lovell <mike at dev-zero.net> wrote:


> are you using a gui or wrapper around libvirt to manage your VMs or
> are you using the libvirt tools directly? 

Wrapper, probably virt-manager 0.7.0-3ubuntu1.

> can you see the XML domain 
> definitions for the VMs?

I see /etc/libvirt/qemu/<hostname>.xml and they sure look like
configuration files.

> if so, how is the networking configured for
> the VMs and on the host?

This looks like the relevant stanza:

    <interface type='bridge'>
      <mac address='54:52:00:74:d1:76'/>
      <source bridge='virbr0'/>
    </interface>


> what is the full command line that was used
> to invoke the qemu process? `cat /proc/<pid of vm qemu
> process>/cmdline` to get that.

Hmm, it looks like it's KVM, rather than qemu.

root at dzur:~# cat /proc/7350/cmdline 
/usr/bin/kvm-S-Mpc-0.11-m512-smp1-namecopper-uuidcfc4cc11-6518-28d6-0ac8-b2bb1cc2836d-monitorunix:/var/run/libvirt/qemu/copper.monitor,server,nowait-bootd-drivefile=/var/lib/libvirt/images/copper.img,if=ide,index=0-drivefile=/var/lib/libvirt/images/SLES-11-SP1-DVD-i586-GM-DVD1.iso,if=ide,media=cdrom,index=2-netnic,macaddr=54:52:00:5c:d1:f5,vlan=0,name=nic.0-nettap,fd=18,vlan=0,name=tap.0-serialpty-parallelnone-usb-vnc127.0.0.1:0-ken-us-vgacirrus-soundhwes1370root at dzur:~#


> 
> as i understand it, the difference between a 'NAT' configuration and
> a 'host-only' configuration is that the necessary stuff for the host
> to perform NAT is done during the network configuration where
> host-only doesn't. so in host-only, there are no routes configured
> for the vms to reach outside networks automatically.

Ah. So NAT is the way to go most of the time. Thanks.

> 
> from your description, it almost sounds like you are configuring 
> multiple networks. one for each vm and then doing routing on the host 
> between the vms. if this is how it is done, is ip forwarding enabled
> on the host? `cat /proc/sys/net/ipv4/ip_forward` to check. it sounds
> like it might not be since you are having trouble getting to the
> outside world from your vms. my next guess would be that there are
> rules in the iptables firewall that are preventing FORWARD traffic
> from getting between the hosts.


root at dzur:~# cat /proc/sys/net/ipv4/ip_forward
0
root at dzur:~# 

Bingo.

However, writing a one to it made no difference.

> 
> these links may also help you in your quest.
> 
> http://libvirt.org/formatnetwork.html
> http://wiki.qemu.org/Documentation/Networking
> 
> hope that helps

Thanks. I'm slowly getting further with this.

> 
> mike
> 
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */



-- 

Charles Curley                  /"\    ASCII Ribbon Campaign
Looking for fine software       \ /    Respect for open standards
and/or writing?                  X     No HTML/RTF in email
http://www.charlescurley.com    / \    No M$ Word docs in email

Key fingerprint = CE5C 6645 A45A 64E4 94C0  809C FFF6 4C48 4ECD DFDB

More information about the PLUG mailing list