Developers Blog

Blog > Qemu and vde switch

on Sep 11, 2010

By using QEMU or KVM virtual machines (to test Tryphon Boxes for example), you have to configure a network access. Even if tap/tun and NAT/bridge configurations have no secret for you, configuring a tap0 device on each qemu boot or managing several tap devices are quickly painful.

A great solution is creating a virtual network where all QEMU/KVM virtual machines will be connected. You simply have to connect it to your “real” network.

You can create this virtual network with VDE and its VDE Switch.

tap interface and vde2-switch

Configure a tap0 interface in /etc/network/interfaces to connect your vde-switch to the real network :

auto tap0
iface tap0 inet static
  address 10.0.3.1
  netmask 255.255.255.0
  vde2-switch -

The vde switch is managed automatically with the vde2-switch extension provided by the vde2 Debian package.

The vde2-switch will be started when the tap0 is started : ifup tap0.

DHCP (and DNS) server

This small and virtual network needs a real DNS and DHCP server. You can use dnsmasq for that. Configure dnsmasq into /etc/dnsmasq.d/vde-network for example :

interface=tap0
dhcp-range=tap0,10.0.3.2,10.0.3.255
domain=vde.mylaptop.priv,10.0.3.1,10.0.3.255

Forward and NAT

The last step is connecting your VDE network to the world. For that, the network trafic must be forwarded between your network interfaces. This small line in /etc/sysctl.conf will allow your kernel to do so :

net.ipv4.ip_forward=1

Reload this setting with sudo sysctl -p.

You need to NAT trafic from the vde network. Create a /etc/network/if-up.d/vde-network small script :

#!/bin/bash
case $IFACE in
  lo|tap0)
    # Ignored interface
  ;;
  *)
    /sbin/iptables -t nat -A POSTROUTING -s 10.0.3.1/24 -o $IFACE -j MASQUERADE
  ;;
esac

Don’t forget to make it executable : sudo chmod +x /etc/network/if-up.d/vde-network.

Start virtual machine

Your user must be in the vde2-net group :

sudo adduser $USER vde2-net
newgrp vde2-net

You can start now your qemu/kvm instance by using vde network :

qemu -net nic -net vde,sock=/var/run/vde2/tap0.ctl dist/disk

In your /var/log/syslog, you should see DHCP requests managed by dnsmasq :

Sep 11 20:24:34 hyppo dnsmasq-dhcp[13608]: DHCPDISCOVER(tap0) 52:54:00:12:34:56 
Sep 11 20:24:34 hyppo dnsmasq-dhcp[13608]: DHCPOFFER(tap0) 10.0.3.126 52:54:00:12:34:56 
Sep 11 20:24:34 hyppo dnsmasq-dhcp[13608]: DHCPREQUEST(tap0) 10.0.3.126 52:54:00:12:34:56 
Sep 11 20:24:34 hyppo dnsmasq-dhcp[13608]: DHCPACK(tap0) 10.0.3.126 52:54:00:12:34:56 streambox

The virtual machine has a nice hostname like http://streambox.vde.mylaptop.priv in this example.