Re: virtualbox, taps and bridges

Karl Auer <kauer@xxxxxxxxxxxxxx> writes:

Anyway, the situation I got to was that the guest could access the host,
the host could access the guest, the guest could access the Internet,
the Internet could access the guest - but the host couldn't access
anything outside it's own subnet!

If the host can access other machines on the same subnet but nowhere
else, then the problem is possibly that you do not have a default route
on the host. That should be set up by "dhclient br0", as the DHCP server
will usually return the gateway. What does the output of "ip route"
show?

The script below got me to that point (virtualbox was set to use tap1
and "Host Interface"). It was cobbled together over several hours from
hints and ideas from various sources. It is to be run as root (i.e.,
with sudo).

The script is pretty much correct in that it is doing all that needs to
be done to get things working as you want. This means the problem is
likely to be somewhere else on your real network.

I think the line "ifconfig $IFACE 0.0.0.0" is suspect,

Not really. It is just doing the same as "ip link set up dev $IFACE".
I'd change it to the latter just for consistency (plus I dont use
ifconfig anymore - ip for everything).

One of the irritants
in all the HowTos was that they gave no indication at all about *why*
they took various steps. If one doesn't know the why of a thing, it's
very hard to adapt or correct it.

Think of it as a (potentially) big ethernet switch. The bridge device
itself is the switch + the connection of the host on the switch. Adding
eth0 to the switch is like plugging the cable to the real physical switch into
the virtual switch. Creating a tap device and adding it to the bridge is
like plugging a virtual machine into the switch.

Going through this step by step...

# create the bridge
brctl addbr br0

This creates the virtual switch and plugs the host into it. Right now
its a useless switch, as is any switch with only one cable plugged in.
You could just give the host an IP address manually at this stage, but
if you want to get one via DHCP from another physical host the virtual
switch will need to be connected to that physical host somehow...

# add the real ethernet interface to the bridge
ifconfig $IFACE 0.0.0.0
brctl addif br0 $IFACE

This plugs the real switch into your virtual switch via the physical
interface $IFACE.

# give the bridge an IP address
ip link set up dev br0
dhclient br0

This gives your host an IP address via the DHCP server reachable from the
"other" port on the switch ($IFACE).

# create a tap
tunctl -t tap1 -u kauer > /dev/nul
ip link set up dev tap1

Creates a virtual ethernet cable with no ends plugged in anywhere. When
you start the virtual machine telling it to use tap1, to plugs one end
of the virtual cable into the virtual machine.

# add the tap interface to the bridge too
brctl addif br0 tap1

Plugs the virtual cable into the virutal switch. We're just waiting for
the VM to start - configured with tap1 - and we'll have the VM plugged
into the virtual switch.

At this stage, you've got three devices plugged into the virtual switch
(br0): The host is automatically on it, the upstream physical switch via
$IFACE, and the virtual machine via tap1. You can go on to create more
tap devices (virtual ethernet cables) to attach more virtual machines to
the switch.

It should be good to go now. If it's not we've got to start drilling
down into the actual IP addresses you are using and the routers
everyting has to see how it all hangs together.

Hope this helps somewhat.


--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Re: Duplicate Echo Replies with Channel Bonding
    ... In this mode both interfaces receive packets, ... >When both eth0 and eth1 are up and I ping from Host C to Host A I get ... >The destination network 192.168.120.0/24 exists on both Router A and ... Switch B does not have the MAC address in its MAC address table ...
    (RedHat)
  • Re: cant ping or telnet to or from a cat 3550
    ... Logging is enabled but shows nothing at all other than a couple ... Interface FastEthernet0/18, changed state to down ... I am trying to ping from a host on Vlan 9, ... from the switch which also does not work. ...
    (comp.dcom.sys.cisco)
  • SUMMARY: switch/hub for 3 T3 Raid devices
    ... > host and I want to use all 3 devices on the same host. ... Are there seperate hub and switch type solutions and is ... Loop from one array to another from the host to each array. ...
    (SunManagers)
  • Re: NAT router confusion
    ... > into switch mode if they both appear on the same subnet (which is pretty ... Its my understanding, and it is somewhat limited, that the host that is ... > to the hub become a bottleneck? ... To connect to switches that do not autonegotiate correctly, ...
    (freebsd-questions)
  • Re: Qemu, Networking and F7
    ... but nothing I've tried produces a working network. ... If you want your host and other hosts to have unfettered access to the ... /usr/sbin/brctl addif br0 $DEV ... In your guest OS you'll need to set up the networking. ...
    (Fedora)