Comprehensive network settings for VMware and Qemu virtual machines

Article title: comprehensive network settings for VMware and Qemu virtual machines. Linux is a technology channel of the IT lab in China. Includes desktop applications, Linux system management, kernel research, embedded systems, open source, and other basic classification Qemu Internet access methods:
　　
User mode network:
　　
It is very easy to implement virtual machine Internet access in this way, similar to nat in VMware. when qemu is started, The-user-net parameter is added. The virtual machine can communicate with the Internet through dhcp, however, the communication between the VM and the host is inconvenient.
　　
Tap/tun network:
　　
This method is more complex than the user mode, but after the virtual machine is set, the VM <--> Internet virtual machine <--> host communication is easy.
　　
This method is similar to VMware's host-only. qemu uses the tun/tap device to add a virtual network device (tun0) to the host, and then you can configure it like a real Nic.
　　
First, the kernel supports the tap/tuns device:
　　
Device Drivers --->
Networking support --->
[M] Universal TUN/TAP device driver support
　　
If the current kernel does not support this function, you can recompile and add only the corresponding modules. the method is simple:
　　
Run the current kernel configuration file cp under the kernel source code directory:
　　
[Root @ LFS ~] # Cp/boot/config-[kernel-version]/usr/src/linux
[Root @ LFS ~] # Cd/usr/src/linux
　　
Configure the kernel and select the TUN/TAP module (M), as shown in the following figure:
　　
[Root @ LFS ~] # Make menuconfig
　　
Recompile only the module (M), not the core (*) supported stuff:
　　
[Root @ LFS ~] # Make modules
　　
After compilation, you can find tun. ko in/usr/src/linux/drivers/net:
　　
[Root @ LFS net] # ls-l/usr/src/linux/drivers/net/tun. ko
-Rw-r -- 1 root 11116 Mar 23/usr/src/linux/drivers/net/tun. ko
[Root @ LFS net] #
　　
Cp to the corresponding location of the module directory of the current kernel:
　　
[Root @ LFS net] # cp/usr/src/linux/drivers/net/tun. ko/lib/modules/'uname-r'/kernel/drivers/net
　　
Re-establish the module dependency:
　　
[Root @ LFS net] # depmod
　　
Now you can load it:
　　
[Root @ LFS net] # modprobe tun
　　
Check:
　　
[Root @ LFS net] # lsmod | grep tun
Tun 8704 0
[Root @ LFS net] #
　　
OK. The entire kernel is not re-compiled and added to the support of special modules.
　　
If your xx card is not supported by the kernel and can be compiled into modules, you can use this method to compile only the modules you need if you are afraid of a problem after re-compiling the kernel, then manually install it to the corresponding location and then load it.
　　
In this way, the compilation speed is faster than that of the entire kernel. without any damage to the system, you can use the XX card. Pai_^
　　
Note the following three points:
　　
1. the source code of the kernel must be exactly the same as that of the current kernel version. Otherwise, the compiled modules cannot be used.
　　
2. Note that only make modules (compilation module) does not have make modules_install (the module is automatically installed under/lib/modules)
　　
3. run depmod before loading the newly compiled module. otherwise, modprobe cannot find it.
　　
In fact, you can use the current kernel configuration file (/boot/config-[kernel-version]) to add only the modules you need without making any changes. make modules_install should not be faulty.
　　
However, the safest way is to install it manually. the control is more reliable in your own hands :-)
　　
OK, go back to qemu for Internet access
　　
If you use udev to manage devices (udev is usually used in 2.6.x kernel releases), after modprobe tun, the/dev/net directory is automatically created and the tun device is created, link:
　　
[Root @ LFS net] # ls-l/dev/net/tun
Lrwxrwxrwx 1 root 6 Mar 25 :35/dev/net/tun-> ../tun
[Root @ LFS net] #
　　
If unfortunately you don't see it, you need to do it manually.
　　
[Root @ LFS ~] # Mkdir/dev/net
[Root @ LFS ~] # Mknode/dev/net/tun c 10 200
　　
OK. the related device is ready. you also need a tun/tap initialization script:
　　
/Etc/qemu-ifup:
#! /Bin/sh
/Sbin/ifconfig $1 172.20.0.1
　　
Then, you can grant the qemu-ifup x execution permission under/etc.
　　
This script can only be executed by the root user. to use qemu for normal users, you need to change it to sudo/sbin/ifconfig... and then set sudo-related permissions.
　　
After qemu is started, it adds a virtual network device (tun0) to the host ):
　　
[Root @ LFS ~] # Ifconfig tun0
Tun0 Link encap: Ethernet HWaddr 0A3: 8A: 5D: 97: CD
Inet addr: 172.20.0.1 Bcast: 172.20.255.255 Mask: 255.255.0.0
Up broadcast running multicast mtu: 1500 Metric: 1
RX packets: 0 errors: 0 dropped: 0 overruns: 0 frame: 0
TX packets: 0 errors: 0 dropped: 0 overruns: 0 carrier: 0
Collisions: 0 fig: 500
RX bytes: 0 (0.0 B) TX bytes: 0 (0.0 B)
[Root @ LFS ~] #
　　
Now you can start qemu to configure virtual machine network parameters, just like VMware host-only:
　　
The ip address is the same as tun0, the gateway is tun0, and the other parameters are the same as tun0, and the dns is the same as the host:
　　
Tun0: ip: 172.20.0.1 broadcast: 172.20.255.255 netmask: 255.255.0.0
Qemu: ip: 172.20.0.100 broadcast: 172.20.255.255 netmask: 255.255.0.0 gateway: 172.20.0.1
　　
Similar to host-only, in this way, only virtual machines <----> can communicate with each other. you also need to set a router to enable nat to connect to the Internet.
　　
[Root @ LFS ~] # Echo 1>/proc/sys/net/ipv4/ip_forward
[Root @ LFS ~] # Iptables-t nat-a postrouting-o eth0-s 172.20.0.0/24-j MASQUERADE
[Root @ LFS ~] #