OpenVPN in QEMU on FreeBSD 6.x ...

[illoai at gmail.com]

On 2/23/06, Eric Schuele <e.schuele at computer.org> wrote:
> Marc G. Fournier wrote:
> >
> > Did some searching tonight, to see what was available as an OSS
> > alternative to VMWare, and came across QEMU ... what I'm interested in
> > doing is running a QEMU vServer that runs FreeBSD inside of it, and will
> > support having outside connections talking to it as a VPN "hub(?)" ...
> > basically, I don't want to have to futz at the Host OS level, only the
> > Client OS level, as far as networking is concerned ...
> >
>
> Good chance I can't help.... I'm just curious.
>
> You want to have a VPN endpoint running in FreeBSD as a guest OS within
> Qemu, on a FreeBSD host?  You want it in Qemu so you don't have to
> modify the host's network setup and/or install the necessary software?
>
> In any case, take a look here (if you haven't already):
>    http://www.qemu.org/qemu-doc.html#SEC20
> Might find something useful.
>
> The Qemu site states "The QEMU VM behaves as if it was behind a firewall
> which blocks all incoming connections."  So on first glance, its sounds
> as if it might not be supported.  But I'd read over the docs in more
> detail if I were you.
>

Qemu's default behaviour (-net user) is as a firewalled machine,
some futzing around and searching on google, and using tap(4),
along side ng_bridge(4), you can make it behave as a normal
network node (albeit one at 10baseTX), which should support
your needs in this one instance.

>
> > Wishful thinking, or does this make sense?  Has anyone done it?
> > Pointers to docs on this, if so?
> >

qemu.dad-answers.com has a *BSD subsexion, from whence
I managed to get mine working:
http://tinyurl.com/pazdu
(assuming I cut and pasted okay this time)

Honestly, if you're going to run FreeBSD inside the VM, you might
look into chroot and jail, as I'm sure those would be faster.  I know
exactly nothing about networking in jails and/or chroot environments,
so qemu may be the thing.
--
--