Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Defining TAP interfaces in /etc/network/interfaces
1,098 views
Skip to first unread message
Andrew Wood
Sep 12, 2016, 4:20:04 PM9/12/16
to
Im (slowly) trying to setup bridging and TAP interfaces to use with QEMU
so each VM can have a 'real' IP on the network rather than NAT.
I now have a bridge setup (br1) using eth1 which Ive done in
/etc/network/interfaces with:
auto eth1
auto br1
iface br1 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0
bridge_maxwait 0
However I cannot work out how to add TAP interfaces to this bridge using
that file. Currently I have to do it with the tunctl & brctl commands in
a separate script.
It is possible to do it in /etc/network/interfaces ?
Thanks
Andrew
so each VM can have a 'real' IP on the network rather than NAT.
I now have a bridge setup (br1) using eth1 which Ive done in
/etc/network/interfaces with:
auto eth1
auto br1
iface br1 inet dhcp
bridge_ports eth1
bridge_stp off
bridge_fd 0
bridge_maxwait 0
However I cannot work out how to add TAP interfaces to this bridge using
that file. Currently I have to do it with the tunctl & brctl commands in
a separate script.
It is possible to do it in /etc/network/interfaces ?
Thanks
Andrew
Nemeth Gyorgy
Sep 12, 2016, 4:40:05 PM9/12/16
to
Charlie Kravetz
Sep 12, 2016, 5:40:04 PM9/12/16
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Change the bridge_ports to:
bridge_ports eth1 tap0
then add the tap lines:
auto tap0
iface tap0 inet static
address 192.168.??.?
netmask 255.255.255.0
tunctl_user vboxusers
Change these as needed for your own setup. This works for me using
virtual box.
- --
Charlie Kravetz
Linux Registered User Number 425914
[http://linuxcounter.net/user/425914.html]
Never let anyone steal your DREAM. [http://keepingdreams.com]
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJX1xNUAAoJEIqui46mydCAgsIH/1fsOHvnc+Aj7aRLxqwyiclg
abcpmpKKWm3/hkottLNBa1BrKpTUzfeqD/Am8xt8/uPdwkhP8czTiOWDNGq78FD5
hlNPIakTp0jp4UQJ7TZXybUt+toUDP0bZWcMBD7tI0VMKuXjvUNsxIcA3P+LI+Q5
cD0Drq2RC+SZK6oXowkb23M9PKnzgaJJH2TzNoFYFQX4MMSqAyCCCbtd0LYCihaw
WO7k8k6/q7XIw99ruH4ApB0jfm5X8jDfm8LVqo5EUhv76+9BaTUh3JebefP3iRQC
Km21mgLAZH0oFmKoajkm4RP8LoRy2Xn3SbRA0ztMWRxAfiedtr+WnAGSQH/T1xA=
=zffI
-----END PGP SIGNATURE-----
Hash: SHA256
bridge_ports eth1 tap0
then add the tap lines:
auto tap0
iface tap0 inet static
address 192.168.??.?
netmask 255.255.255.0
tunctl_user vboxusers
Change these as needed for your own setup. This works for me using
virtual box.
- --
Charlie Kravetz
Linux Registered User Number 425914
[http://linuxcounter.net/user/425914.html]
Never let anyone steal your DREAM. [http://keepingdreams.com]
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJX1xNUAAoJEIqui46mydCAgsIH/1fsOHvnc+Aj7aRLxqwyiclg
abcpmpKKWm3/hkottLNBa1BrKpTUzfeqD/Am8xt8/uPdwkhP8czTiOWDNGq78FD5
hlNPIakTp0jp4UQJ7TZXybUt+toUDP0bZWcMBD7tI0VMKuXjvUNsxIcA3P+LI+Q5
cD0Drq2RC+SZK6oXowkb23M9PKnzgaJJH2TzNoFYFQX4MMSqAyCCCbtd0LYCihaw
WO7k8k6/q7XIw99ruH4ApB0jfm5X8jDfm8LVqo5EUhv76+9BaTUh3JebefP3iRQC
Km21mgLAZH0oFmKoajkm4RP8LoRy2Xn3SbRA0ztMWRxAfiedtr+WnAGSQH/T1xA=
=zffI
-----END PGP SIGNATURE-----
Neal P. Murphy
Sep 12, 2016, 6:30:03 PM9/12/16
to
-----auto GREEN
allow-hotplug GREEN
iface GREEN inet manual
bridge_ports eth1 regex tapGN.*
bridge_maxwait 0
post-up brctl setfd GREEN 0-----
The salient part is 'regex tapGN.*', etc.
(I actually use four bridges--GREEN/ORANGE/PURPLE/RED--because I build and test the Smoothwall Express firewall. One of them has no connection to the outside world (no slave NIC). In my case, taps for each bridge have unique and identifiable names (my script does this automatically). This is required if you should 'ifdown RED; ifup RED'; you want the tap devices reconnected.)
If you have only one bridge, you mightn't need to give the taps unique names and can use 'regex tap.*' to reconnect all taps to the bridge if it is bounced. But your mileage may vary depending on any VPNs you may use.
I also have a set of scripts in /etc/network that handle the up-down bits. Examples for my GREEN bridge:
Up:
-----
#! /bin/bash
chgrp netdev /dev/net/tun
/sbin/brctl addif GREEN $1
ip link set dev $1 up
-----
Down:
-----
#! /bin/bash
ip link set dev $1 down
/sbin/brctl delif GREEN $1
-----
(Yeah, yeah, I know. I should use ip() for bridge control. But debian's ip() hasn't been quite new enough.)
And a GREEN example of qemu options for those scripts:
-----
# netIF is either virtio or e1000
# tapGREEN is 'tapGN$tapID'
# tapID is the MAC addr (sans colons) that the script generated for that VM's GREEN NIC
NIC1="-net nic,vlan=1,macaddr=$macGREEN,model=${netIF} -net tap,vlan=1,ifname=$tapGREEN,script=/etc/network/qemuGREENup,downscript=/etc/network/qemuGREENdown"
-----
I also assign explicitly coded MAC addresses to the virtual NICs so I know which VM is being addressed in any particular packet.
I can't find it now, but I also have an init script that starts VMs marked 'AUTOSTART' and stops them, if running, on shutdown.
Andrew Wood
Sep 16, 2016, 3:50:04 PM9/16/16
to
On 12/09/16 23:23, Neal P. Murphy wrote:
>
> You might find something in here useful.
On 12/09/16 21:43, Charlie Kravetz wrote:
> Change the bridge_ports to:
> bridge_ports eth1 tap0
>
> then add the tap lines:
> auto tap0
> iface tap0 inet static
> address 192.168.??.?
> netmask 255.255.255.0
> tunctl_user vboxusers
On 12/09/16 21:33, Nemeth Gyorgy wrote:
> Change the bridge_ports to:
> bridge_ports eth1 tap0
>
> then add the tap lines:
> auto tap0
> iface tap0 inet static
> address 192.168.??.?
> netmask 255.255.255.0
> tunctl_user vboxusers
> An example:
>
> http://www.shakthimaan.com/installs/debian-tun-tap-setup.html
>
Thanks all, very useful
0 new messages