Understand some simple network knowledge related to virtual machines in OpenStack-1. TUN/TAP Network Interfaces

Last Update:2018-07-17 Source: Internet

Author: User

Tags nameserver

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

TUN/TAP Virtual Network device provides the ability to send and receive network packets for user-space programs. He can be either a point-to-point device (TUN) or an Ethernet device (TAP). In fact, not only does Linux support TUN/TAP virtual network devices, but other UNIX is supported, and there is only a slight difference between them.

Tun/tap Virtual Network device principle is relatively simple, he added a TUN/TAP virtual network device driver in the Linux kernel and a related character device/dev/net/tun, character device TUN as user space and kernel space Exchange data interface. When the kernel sends packets to a virtual network device, the packet is guaranteed to be in a device-related queue until the user-space program is read by the Tun descriptor of the open character device, and it is copied into the buffer of the user space, and the effect is equivalent to the packet being sent directly to the user space. This is similar to the principle of sending a packet through system call write.

The default mode for QEMU virtual Machine Network is NAT, where the virtual machine can access the extranet through host, but the host and extranet cannot access the virtual machine. You can use tap if you want the host to access the virtual machine.

It connects the Guestsystem network to the host system's network.

Through Tun/tapadapter, a virtual NIC tap on host system is generated, and Tun establishes the network device of point to Point, making the guest system's network card and tap virtual NIC a pair, thereby guest All network packets for system can be received by host system.

As shown in the figure:

The process is created as follows

(1) Create Bridge br0 on host machine

Brctl ADDBR Br0

(2) Set the br0 to up

IP link Set br0 up

(3) Create tap device

# tunctl–b Tap0

(4) Set the tap0 to up

IP link Set tap0 up

(5) Add tap0 to the BR0

Brctl addif br0 tap0

(6) Start the virtual machine

Qemu-system-x86_64-enable-kvm-name ubuntutest-m 2048-hda ubuntu-14.04.img-boot c-vnc:19-net nic,model=virtio-net t Ap,ifname=tap0,script=no,downscript=no

Virtual Machine Connection Tap0,tap0 connection Br0

(7) After the virtual machine started, the NIC is not configured, so it is unable to connect to the extranet, first to br0 set an IP

Ifconfig br0192.168.57.1/24

(8) In the virtual machine, set the address to the network card

Ifconfig eth0192.168.57.2/24

This time in the virtual machine can ping the pass 192.168.57.1, but still can not access the extranet

(9) Set NAT on host and enable IP forwarding

# sysctl-p
Net.ipv4.ip_forward = 1

sudo iptables-t nat-apostrouting-o eth0-j Masquerade

(10) Set the default gateway inside the virtual machine

Route Add–net DEFAULTGW 192.168.57.1

This time, you can ping the extranet gateway

Ping 16.158.164.1

(11) Then in the virtual machine to set up DNS, you can do Apt-get

# cat/etc/resolv.conf
# Dynamic resolv.conf (5) file for glibc resolver (3) generated by resolvconf (8)
# don't EDIT this FILE by HAND-YOUR CHANGES'll beoverwritten
NameServer 16.110.135.52
NameServer 16.110.135.51

(12) so as mentioned above

We can verify the use of this feature on a virtual machine on a OpenStack environment:

# View by Login compute Node
# virsh dumpxml instance-00000517
<interface type= ' bridge ' >
  <mac address= ' fa:16:3e : 5c:fd:01 '/> <source bridge= ' qbr7522d763-26 '/> ' <target dev=
  ' tap7522d763-26 '/>
  < Model type= ' Virtio '/> <alias name= ' net0 '/> <address ' type= '
  pci ' domain= ' 0x0000 ' bus= ' 0x00 ' ' slot= '
  0x03 ' function= ' 0x0 '/>
</interface>

# ps-ef|grep instance-00000517
root      3421  2874  0 16:46 pts/30   00:00:00 grep--color=auto instance-00000517
qemu     31996     1  3 Dec06?        19:59:03/usr/libexec/qemu-kvm-name Guest=instance-00000517-netdev tap,fd=30,id=hostnet0,vhost=on,vhostfd=39- Device virtio-net-pci,netdev=hostnet0,id=net0,mac=fa:16:3e:5c:fd:01,bus=pci.0,addr=0x3 ...

The TAP device associated with the virtual organization is the first 11 bits of the TAP7522D763-26 (Tap+neutron assigned port)

Virtual agency Bridge is qbr7522d763-26.

The mode of the virtual machine network is tap mode

Reference Documentation:

Https://www.cnblogs.com/popsuper1982/p/3841838.html

http://blog.csdn.net/batmancn/article/details/50668399

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More