[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] Networking and vlan

From: Mike Lovell
Subject: Re: [Qemu-discuss] Networking and vlan
Date: Tue, 17 Apr 2012 09:45:44 -0600
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20120313 Lightning/1.0b2 Thunderbird/3.1.20

On 04/17/2012 08:35 AM, Valerio Pachera wrote:
Hi all, I'm trying to figure out how to manage networking in qemu.

I already use qemu-kvm 0.12.5 on debian squeeze.
I have a bridge on eth0 that "connects" the taps of the guests.
-net nic,macaddr=xx.xx.xx.xx.xx.xx -net tap
Now I need something to isolate the guests net from each other.
So I tried to run a guest with
-net nic,macaddr=xx.xx.xx.xx.xx.xx,vlan=2 -net tap,vlan=2
But I can still ping the other guests (and the host).

I know the sintax I used is obsolete. I read this:

May you explain me by simple words how vlan work and what are they usefull for?

questions related to this are very common. there is a clue in the page you linked about this under "Creating a network backend." it says "It is not an 802.1q VLAN."

vlans in the context of the qemu refers to a qemu internal construct to allow one or more network backends to be connected to one or more guest network interfaces. it also behaves like an ethernet hub in that all packets emitted from one device (network backend or guest interface) on the 'vlan' will be delivered to all the others.

these are useful for specifying multiple networks that a guest may be using. for example, say a guest needs to connect to two tap devices on the host, tap0 and tap1. these two tap devices connect to different networks. if you were to just specify

'-net tap,ifname=tap0 -net nic,macaddr=xx.xx.xx.xx.xx.xx -net tap,ifname=tap1 -net nic,macaddr=yy.yy.yy.yy.yy.yy'

the result would be that both of the network backends and the guest interfaces would all be connected together in 'vlan' 0. to isolate the two networks, you would use

'-net tap,ifname=tap0,vlan=0 -net nic,macaddr=xx.xx.xx.xx.xx.xx,vlan=0 -net tap,ifname=tap1,vlan=1 -net nic,macaddr=yy.yy.yy.yy.yy.yy,vlan=1'

again. these are not 802.1q vlans. and they do not extend outside of the individual qemu processes. running a qemu guest with using vlan 1 would not mean that the vlan 1 on another qemu guest using vlan 1 in its options.

i hope that gives some clarification.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]