Help configuring qemu networking tap mode

Sat Mar 7 13:01:41 PST 2009

On Sat, Mar 7, 2009 at 6:42 AM, Scot Hetzel <swhetzel at gmail.com> wrote:
>>I would like to get networking tap mode working. I have set the
>>following already.
> :
>>For an example network that uses DHCP for 192.168.1.x, I would like to
>>have the guest os have an IP address (static or dynamic) in the same
>>range. Where do I make the necessary changes?
>
> Once you have setup up tap networking, you just have to configure the
> guest for DHCP, and it will automatically pull the DHCP address from
> your networks DHCP server.
>
> The below Qemu Tap Network Setup is how I setup my host system to
> allow the guest systems to connect to my network.  This setup doesn't
> use any qemu startup/shutdown scripts to add/remove the tap*
> interfaces from bridge0.
>
> Scot
> =============================================
> Qemu Tap Network Setup:
>
> 1. Setup tap* networking in rc.conf:
>
> cloned_interfaces="bridge0 tap0 tap1"
> ifconfig_bridge0="addm rl10 addm tap0 addm tap1"
> ifconfig_tap0="up"
> ifconfig_tap1="up"
>
> 2. modify /etc/sysctl.conf
>
> net.link.tap.up_on_open=1
> net.link.tap.user_open=1
>
> 3. create a tap group in /etc/group and add the users who can access
> the /dev/tap* to the tap group.
>
> 4. add entry to /etc/devfs.conf for tap*
>
> # /dev/tap*
> perm tap0 0660
> own tap0 root:tap
> perm tap1 0660
> own tap1 root:tap
>
> 5. reboot system
>
> Installing Windows XP on QEMU:
>
> 1. Create disk image:
>
> qemu-img create -f raw Windows_XP.img 8G
>
> 2. start qemu to install Windows XP:
>
> Place the Windows XP CD into the cdrom drive, and execute qemu:
>
> qemu -name windows_xp -localtime -m 512 -net
> nic,macaddr=52:54:DE:AD:BE:EF,model=rtl8139 -net
> tap,ifname=tap0,script=no -hda Windows_XP.img -cdrom /dev/acd0 -boot d
>
> NOTE:
> 1. /dev/acd0 can be replaced with path to a cdrom iso image
> 2. to use user mode networking just drop -net tap* and/or -net nic*.
>

With your help, I got this guest OS working. It now gets a DHCP
address. There is still a problem related to the pf firewall on the
host OS running FreeBSD 7.1. When I have the firewall disabled from
running the guest OS works meaning it gets a DHCP address and can
access the Internet. When the firewall is enabled, it doesn't get a
DHCP address and can't access the Internet. Here is a copy of the
/etc/pf.conf file.

ext_if="bfe0"
lo_if="lo0"
tcp_services="{ 22 }"
icmp_types="{ echoreq }"

set block-policy return
set loginterface $ext_if
set skip on $lo_if

scrub in

nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
nat on $ext_if from !($ext_if) -> ($ext_if:0)
rdr pass on $ext_if proto tcp to port 21 -> 127.0.0.1 port 8021

block in
block drop in quick inet6 all
block drop out quick inet6 all
pass out keep state
anchor "ftp-proxy/*"
antispoof quick for { $lo_if }

pass in on $ext_if proto tcp from any to ($ext_if) port $tcp_services
flags S/SA keep state
pass in inet proto icmp all icmp-type $icmp_types keep state

I would like to get it working as well as have it set where there is
port-forwarding for the host OS and the guest OS. Please advise and
thanks for the help so far.

Phusion