Re: reaching the guest from the host through network
- From: Laine Stump <laine redhat com>
- To: gnome-boxes-list gnome org
- Subject: Re: reaching the guest from the host through network
- Date: Fri, 08 Feb 2013 19:51:14 -0500
On 02/08/2013 03:54 PM, Zeeshan Ali (Khattak) wrote:
> Hi Laine,
>
> On Fri, Feb 8, 2013 at 9:45 PM, Laine Stump <laine redhat com> wrote:
>> On 02/08/2013 01:26 PM, Lucas Meneghel Rodrigues wrote:
>>> On 02/08/2013 03:43 PM, Zeeshan Ali (Khattak) wrote:
>>>> On Fri, Feb 8, 2013 at 7:29 PM, Lucas Meneghel Rodrigues
>>>> <lmr redhat com> wrote:
>>>>> On 02/08/2013 12:36 PM, Emmanuel Touzery wrote:
>>>>>> looking at this:
>>>>>> https://bugzilla.gnome.org/show_bug.cgi?id=677688
>>>>>>
>>>>>> it seems that at least for now my best bet would be using virt-manager
>>>>>> which is more powerful than gnome-boxes. I'll try that now.
>>>>>
>>>>> Bridging requires root access, something that boxes can't provide
>>>>> you right
>>>>> now, since it can only access the unprivileged qemu session.
>> Well, to be exact, qemu is *always* unprivileged. It's libvirt that must
>> be running privileged in order to do full network setup.
>>
>> Recent libvirt has an addition that causes an unprivileged libvirt given
>> an <interface type='bridge'> configuration to tell the (also
>> unprivileged) qemu it creates to use the new qemu "suid network helper"
>> to create a tap device and connect it to an existing bridge. This is
>> about 1/10th of the capabilities possible from a privileged libvirt, but
>> it may be sufficient in some cases (in particular, if a bridge has
>> already been setup on the host).
>>
>>
>>>>> Since
>>>>> virt-manager can access the privileged qemu session, it also has
>>>>> access to
>>>>> the libvirt bridge, and it will all work fine.
>> With qemu's suid network helper, boxes could also have access to "the
>> bridge created by libvirt".
> Unfortunately this is disabled in default config of upstream qemu so
> we can't use this in Boxes :(
>
> https://bugzilla.gnome.org/show_bug.cgi?id=677688#c24
>
>>>>> Note that using wifi and having a working bridge is perfectly
>>>>> possible, a
>>>>> wifi interface is very much like an ethernet interface for bridging
>>>>> purposes.
>>>> Thats what I thought too but seems libvirt guys do not agree:
>>> I guess then I'm lucky, since I own 2 thinkpads where this works
>>> perfectly well then :)
>> I'm guessing that you don't have your wifi directly attached to the
>> bridge, but are relying on some combination of IP routing and proxy arp?
>> (Or possibly your wifi card and AP both allow multiple MAC addresses on
>> the same connection).
>>
>> Unfortunately, something as hit and miss as this can't be put into
>> libvirt. If someone comes up with a relatively non-intrusive 100%
>> reliable on all platforms way to give guests "L2 bridged" access to the
>> physical network, I would seriously love to make a new libvirt network
>> type that supports it.
> *all platforms* might make it a much bigger challenge than it already
> is.
Well, when I say "all platforms", I mean "any/every Linux distro and
version". Nothing else uses the network driver anyway (although FreeBSD
is working on it).
> If this support is added mainly for Boxes, I'd suggest not caring
> about anything other than Linux as Boxes (like rest of GNOME) is
> targeted for Linux. Keep in mind, I'm not suggesting breaking things
> for other platforms.
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
