[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Correction: Re: Connection of a qemu guest to the 'net.

From: Berto Furth
Subject: Re: Correction: Re: Connection of a qemu guest to the 'net.
Date: Thu, 18 Mar 2021 21:53:08 +1100
User-agent: Cyrus-JMAP/3.5.0-alpha0-206-g078a48fda5-fm-20210226.001-g078a48fd

Hi Peter,

On Thu, 18 Mar 2021, at 06:45, peter@easthope.ca wrote:
> br0 received addresses here.


> > This is a long email. In answering your question I got on a roll and 
> ended up writing an essay. 
> A very helpful essay.  I wonder whether you might incorporate it into 
> the QEMU wikibook.  

I'll look into it. If one of the more experienced people who lurk on these 
forums could comment on it just in case it's pure rubbish I'd be more 
comfortable making an attempt at putting it somewhere permanent.

> I need to hypothesize some comments and ask some questions.
> Contradiction of errors welcome.
> (1) Bridging is at the OSI Data Link layer.  Interfaces and IP 
> addresses are at the OSI Network layer; immediately above the Data 
> Link.  Hence the requirement to create and configure a bridge before 
> connecting an interface to it.

My view is that Interfaces are at the Data Link and optionally at the Network 
Layer as well. For example an eth0 interface has an Ethernet MAC address (Data 
Link Layer) but if you want you can also give it an IP and IPv6 address 
(Network Layer). 

You have to create the bridge before you connect the interface to it in the 
same way that you have to put your network switch on the desk before you can 
plug your Ethernet cables into it!!

> (2) A LAN works here, with Shorewall being the most prominent 
> ingredient. No bridge is evident but a subnetted machine can access 
> Web pages on the 'net. Given (1) I am puzzled how that is possible 
> with no bridge.

Can you clarify that? Do you mean you have no bridge on the Shorewall? Does it 
have a switch in it? A "switch" and a "bridge" are functionally equivalent. 
I've never found anyone who can explain the difference. 

> (3) I'll try to reproduce your scenario 1. Therefore these lines in 
> /etc/crontab.
> @reboot root ip link add br0 type bridge
> @reboot root ip link set br0 up
> @reboot root ip addr add dev br0
> @reboot root ip addr add fd99:9999:9999:9999::1 dev br0
> (4) Check the result.
> root@joule:~# ip addr show dev br0
> 5: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default 
> qlen
> 1000
>     link/ether ce:bf:79:6f:19:e4 brd ff:ff:ff:ff:ff:ff
> So br0 was created.  Appears "ip link set br0 up" and following ip 
> commands failed.  
> If the last three lines are removed from /etc/crontab and this 
> is added to /etc/network/interfaces, progress is better.
> # Bridge to connect qemu guest.
> auto br0
> iface br0 inet static
>         address
> iface br0 inet6 static
>         address fd99:9999:9999:9999::1/64
> This is the result.
> 6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state 
> roup default qlen 1000
>     link/ether 6e:05:fd:df:e2:eb brd ff:ff:ff:ff:ff:ff
>     inet brd scope global br0
>        valid_lft forever preferred_lft forever
>     inet6 fd99:9999:9999:9999::1/64 scope global
>        valid_lft forever preferred_lft forever
>     inet6 fe80::6c05:fdff:fedf:e2eb/64 scope link
>        valid_lft forever preferred_lft forever
> I don't understand how the second inet6 address is derived. 

Excellent question. This is the IPv6 Link Local address. Every interface with 
IPv6 enabled will automagically assign itself an IPv6 address based on it's MAC 
address. This address can be used to communicate with other IPv6 hosts on the 
same network segment, but not on remote network segments. It is generally 
always FE80::YYXX:XXff:fe:XXXX where XX are the bytes in your MAC address and 
YY is the first byte with bit 5 flipped.

Most importantly could you get your guest to ping your host and vice versa?
Good luck!!


> Thanks,              ... P.
> -- 
> cell: +1 236 464 1479            Bcc: peter at easthope. ca
> VoIP: +1 604 670 0140

reply via email to

[Prev in Thread] Current Thread [Next in Thread]