3

I've created a Windows XP image and I'm booting it with qemu. I'm using qemu-bridge-helper to to setup networking. Following qemu totorials, I've configured /etc/qemu/bridge.conf to allow br0 bridge device.

This is how I boot Windows XP with qemu:

qemu-system-x86_64 --enable-kvm -m 2048 \
  -drive file=winxp.img,if=virtio \
  -net nic,model=virtio \
  -net bridge,br=br0

The image boots nicely but I don't get an IP address. The reason is that Windows is configured to use DHCP but "br0" is not providing a DHCP address as it's just a bridge interface.

My question is - how do I configure "br0" to give addresses to winxp over DHCP?

(When using "user mode networking" via -net user, Windows gets an IP assigned so Windows drivers are installed correctly.)

Boda Cydo
  • 405
  • 2
  • 7
  • 14

1 Answers1

3

br0 is only a layer 2 networking abstraction - a virtual switch, essentially. If you have a DHCP server running on your hypervisor, have a an IP address assigned to the br0 interface that the DHCP server is pointed at (on the hypervisor itself), and have the DHCP server define a subnet matching the network of your layer 3 address with an appropriate range, then this will work without any other devices.

However, in most cases when using a bridged interface, there is already a DHCP server on the broadcast domain that you're attaching to. br0 acts as a switch, so that traffic is passed to your guests. From your description of your problems, I can offer you an example configuration that will solve most of your problems.

Remember that you must honor the OSI model when stacking interfaces. What this means is that when creating a layer 2 abstraction such as a bridge, you cannot have any layer 3 addressing underneath it. It simply won't work. Since a bridge acts as a switch, you will be giving the bridge itself an IP address and attaching other interfaces in a link layer capacity only. This includes virtual interfaces for VMs and physical interfaces for bridging the external network to said VMs and to the hypervisor.

In this configuration, eth0 is attached to br0, and br0 gets your addressing. VMs attach to br0, and DHCP services (whether they're on your hypervisor or external to it on the same layer 2 domain) will give addresses to your VMs.

# cat /etc/network/interfaces

auto eth0
    iface eth0 inet manual

auto br0
    iface br0 inet dhcp
    bridge_ports eth0

This assumes you're using DHCP to get your address for br0. If not, you will need to apply static addressing to the br0 interface.

When this is done, you will need to restart networking (# systemctl stop networking && systemctl start networking). This will break your link, so you will need to have an OOB method to get into your machine if your configuration fails. If it's correct, you should be able to reconnect via SSH after the services have been started. It's very important to be able to access the machine via OOB for this kind of task, as it's very easy to get locked out.

Alternatively, and recommended

This is really a job for libvirt to handle. Using libvirt, you can easily use the built in NAT networking for VMs that don't need to be accessed from outside yet need access to the internet. It's also easier to define VMs, create consistent configurations, and to generally manage resources.

You can use a combination of virsh, virt-install, and qemu-img to manage this via the cli. There are many other graphical frontends that you could use alternatively to manage libvirt, such as oVirt or Virtual Machine Manager (virt-manager)

Spooler
  • 7,046
  • 18
  • 29
  • 1
    My br0 is setup using this command (found in qemu tutorial): `brctl addbr br0`. There are no other configuration files or settings for br0. My network is only eth0 interface with a static IP address 1.2.3.4. When I run the qemu command in my original question and do a `brctl show`, I see `br0` associated with `tap0` interface but I'm not sure what that means. Reading your answer it makes me think I should run a dhcp server on tap0 interface? I'm afraid to run `brctl addif br0 eth0` as tutorials say that will make eth0 go down. I'm remotely connected to this machine and I can't have it go down. – Boda Cydo Oct 26 '16 at 00:33
  • You're going to have to break your connection to this machine to get it configured correctly, because you're going to need to move layer 3 addressing from eth0 to br0 if you want to bridge your VM to your external network and access the host at the same time through the same interface. A bridge is a layer 2 abstraction, so cannot have layer 3 addressing on its constituent interfaces. Also, the tap interface is the VMs spawned interface for attaching to the bridge. You'd generally never touch this. I'll update my answer to better help you. – Spooler Oct 26 '16 at 00:37
  • Thank you for your help. Actually I don't think I need bridging in my use case at all. The reason is that I don't need to have inbound connections to my VM. I only need connections from within VM to work (outbound, established, related). If a VM opens a connection to internet it should get data back, but no one should be able to connect to VM. Using bridging it sounds like I'll be giving access to my VM to anyone in the world. I hope I got it right. – Boda Cydo Oct 26 '16 at 00:42
  • What I think I need is `-net tap`. Now the only question is how do I enable `dhcp` on `tap0` and how do I route connections from eth0 to tap0 and back. – Boda Cydo Oct 26 '16 at 00:43
  • Then what you need is a NAT, not a bridge. You need some kind of layer 2 abstraction to connect tap interfaces to your host networking stack, lest you have an air gap. – Spooler Oct 26 '16 at 00:53