OpenVPN in QEMU on FreeBSD 6.x ...

Marc G. Fournier scrappy at
Thu Feb 23 22:12:35 PST 2006

On Thu, 23 Feb 2006, illoai at wrote:

> On 2/23/06, Eric Schuele <e.schuele at> wrote:
>> Marc G. Fournier wrote:
>>> Did some searching tonight, to see what was available as an OSS
>>> alternative to VMWare, and came across QEMU ... what I'm interested in
>>> doing is running a QEMU vServer that runs FreeBSD inside of it, and will
>>> support having outside connections talking to it as a VPN "hub(?)" ...
>>> basically, I don't want to have to futz at the Host OS level, only the
>>> Client OS level, as far as networking is concerned ...
>> Good chance I can't help.... I'm just curious.
>> You want to have a VPN endpoint running in FreeBSD as a guest OS within
>> Qemu, on a FreeBSD host?  You want it in Qemu so you don't have to
>> modify the host's network setup and/or install the necessary software?
>> In any case, take a look here (if you haven't already):
>> Might find something useful.
>> The Qemu site states "The QEMU VM behaves as if it was behind a firewall
>> which blocks all incoming connections."  So on first glance, its sounds
>> as if it might not be supported.  But I'd read over the docs in more
>> detail if I were you.
> Qemu's default behaviour (-net user) is as a firewalled machine,
> some futzing around and searching on google, and using tap(4),
> along side ng_bridge(4), you can make it behave as a normal
> network node (albeit one at 10baseTX), which should support
> your needs in this one instance.
>>> Wishful thinking, or does this make sense?  Has anyone done it?
>>> Pointers to docs on this, if so?
> has a *BSD subsexion, from whence
> I managed to get mine working:
> (assuming I cut and pasted okay this time)
> Honestly, if you're going to run FreeBSD inside the VM, you might
> look into chroot and jail, as I'm sure those would be faster.  I know
> exactly nothing about networking in jails and/or chroot environments,
> so qemu may be the thing.

To do OpenVPN (or some such) within a Jail involves a fair amount of work 
on the root server itself ... something I *may* eventually do, but was/am 
hoping that by using a more true virtualization environment may be 
simplier to implement ...

Marc G. Fournier           Hub.Org Networking Services (
Email: scrappy at           Yahoo!: yscrappy              ICQ: 7615664

More information about the freebsd-questions mailing list