DISCLAIMER: Some parts of this howto have been snarfed from here. Much thanks goes to Dan Walrond for writing such wonderful documentation on bridged networking, which allowed me to figure this out.
If you're still not entirely certain of what this is, and you want to understand why, here's a diagram and an explanation:
Okay, so it's not a very good diagram, admittedly, but hopefully you get the idea. When a file (particularly large files) needs to be transferred between the QEMU virtual machine and the real machine, it's slower to have it go someplace outside your real machine only to have that data come right back. Host-only networking allows transfers between the host and the QEMU guest to run at speeds of MB/sec and not merely KB/sec, and all without having to hog bandwidth on the external network.
Prerequisites
There are a few things you'll need before you go on:
- Bridge Utilities: Under Debian, this is the bridge-utils package. Check with your distribution's package selection, or just download it at the aforementioned link. If you're using something besides Linux, I would recommend trying to figure out how to obtain similar functionality. For FreeBSD, look here.
- TUN/TAP module: I'm sure you're already familiar with this, but just in case you're not, it's a kernel module, and its related utilities in Debian are in the uml-utilities package. Check with your OS for something similar.
The first step is to setup a TAP interface for the host. Remember that /dev/net/tun must exist to use the TUN/TAP interface. I won't go over it here because that's rather well covered in other places. This is necessary so that the bridge we create below has something to which it can bridge. In this howto, I will refer to this interface as tap1. Just remember to substitute tap1 in the scripts for the name you wish to use. This is also true of the private network used in this howto. This should work with any of the other private network classes.
Obviously, create the tap interface and bring the interface up (it doesn't require an IP address, but feel free to give it one nonetheless)::
- Code: Select all
tunctl -t tap1
ifconfig tap1 up
The second thing that needs to be done is the network bridge interface needs to be set up. This will be the interface through which all data between the host and the guest passes. I will be using the name br1 as the name for this interface, but feel free to use any other name.
The bridge needs to be created, and bridged to tap1:
- Code: Select all
brctl addbr br1
brctl addif br1 tap1 #this bridges br1 to tap1
I would recommend putting all the above into a script, or, even better, use your OS' network interface configuration scripts. Under Debian, I put the following into /etc/network/interfaces:
- Code: Select all
# Host-only networking for QEMU
auto br1
iface br1 inet static
pre-up /usr/sbin/tunctl -u ndogg -t tap1
pre-up ifconfig tap1 up
address 172.25.0.1
network 172.25.0.0
netmask 255.255.255.0
broadcast 172.25.0.255
bridge_ports tap1
post-down ifconfig tap1 down
post-down tunctl -d tap1
Next we need to set up the TAP interface for the guest. This interface won't be given an IP address except by the guest. This TAP interface will also be bridged to br1--the bridge we just set up above. For this to happen, QEMU needs to be given a qemu-ifup script to execute that will bring up the TAP interface, and then bridge it to br1. This TAP interface will henceforth be called tap2, but feel free to name it as you please.
The script that I use for this is called qemu-ifup.host-only, and the code is below:
- Code: Select all
#!/bin/sh
echo "Executing /etc/qemu-ifup.host-only"
echo "Bringing up $1 for bridged mode..."
sudo /sbin/ifconfig $1 0.0.0.0 promisc up
echo "Adding $1 to br1..."
sudo /usr/sbin/brctl addif br1 $1
sleep 2
Now, within the guest, set the virtual network card connected to tap2 to have the IP address of 172.25.0.2, gateway 172.25.0.1, netmask 255.255.255.0, and network (if needed) to be 172.25.0.0. If you're here, you probably don't need a tutorial on setting up networking within the guest.
PS I've included the image as an attachment just in case something happens to my friend's server.
