Author: Dominik Language: text
Description: Bhyve Setup Timestamp: 2015-11-17 15:53:07 +0000
View raw paste Reply
  1. Hi guys,
  2.  
  3. I am following your show since day one and I especially enjoy trying out all the different tutorials and guides you pointed me to over the time. This time I have a question regarding bhyve. A couple of days ago I needed a linux machine to run some 64 bit binaries. So it seemed to be the perfect time to try out bhyve.
  4. Setting up the host and spinning up the linuxguest (debian)I came across a problem with networking. So far everything else went pretty smooth.
  5. I was able to install the linuxguest using ZFS.
  6. Here is what I did in general.
  7.  
  8. # zfs create -V16G -o volmode=dev zroot/linuxdisk0
  9.  
  10. # grub-bhyve -m debian.map -r cd0 -M 4096M debinsky
  11. # bhyve -AI -H -P \
  12. -s 0:0,hostbridge \
  13. -s 1:0,lpc \
  14. -s 2:0,virtio-net,tap1 \
  15. -s 3:0,virtio-blk,/dev/zvol/tank/linuxdisk0 \
  16. -s 4:0,ahci-cd,debian.iso \
  17. -l com1,stdio \
  18. -c 4 -m 4096M debinsky
  19.  
  20. I created a script to boot up and enter the machine as I am wrapping up the session inside tmux.
  21.  
  22. grub-bhyve -m debian.map -r hd0,msdos1 -M 4096M debinsky
  23. bhyve -AI -H -P \
  24. -s 0:0,hostbridge \
  25. -s 1:0,lpc \
  26. -s 2:0,virtio-net,tap0 \
  27. -s 3:0,virtio-blk,/dev/zvol/tank/linuxdisk0 \
  28. -l com1,stdio \
  29. -c 4 -m 4096M debinsky
  30.  
  31. Until this point everything comes up fine and i get the login. So the only problem is not being able to get a connection from the inside of the VM. I can ping the VM from the host though.
  32. This is my hosts ifconfig.
  33. # ifconfig
  34. re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
  35.      options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
  36.         ether d4:3d:7e:da:ee:4a
  37.         inet 14x.x.x.x netmask 0xffffffe0 broadcast 14x.x.x.159
  38.         nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
  39.         media: Ethernet autoselect (1000baseT <full-duplex>)
  40.         status: active
  41. lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
  42.         options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
  43.         inet6 ::1 prefixlen 128
  44.         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
  45.         inet 127.0.0.1 netmask 0xff000000
  46.         nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
  47. pflog0: flags=100<PROMISC> metric 0 mtu 33160
  48. bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
  49.         ether 02:c1:43:df:11:00
  50.         inet 10.0.20.1 netmask 0xffffff00 broadcast 10.0.20.255
  51.         nd6 options=9<PERFORMNUD,IFDISABLED>
  52.         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
  53.         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
  54.         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
  55.         member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
  56.         ifmaxaddr 0 port 1 priority 128 path cost 20000
  57. tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
  58.         options=80000<LINKSTATE>
  59.         ether 00:bd:07:b4:e8:00
  60.         nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
  61.         media: Ethernet autoselect
  62.         status: active
  63.         Opened by PID 18391
  64.  
  65. Here are the relevant config parts:
  66.  
  67. /sysctl.conf
  68. net.link.tap.user_open=1
  69. net.link.tap.up_on_open=1
  70.  
  71. /boot/loader.conf
  72. vmm_load="YES"
  73. nmdm_load="YES"
  74. if_bridge_load="YES"
  75. if_tap_load="YES"
  76.  
  77. /rc.conf
  78. cloned_interfaces="bridge0 tap0"
  79. ifconfig_bridge0="addm re0 addm tap0"
  80. ipv4_addrs_bridge0="10.0.20.1/24"
  81.  
  82. /pf.conf
  83. set skip on tap0
  84. nat on $ext_if from 10.0.20.0/29 to any -> ($ext_if)
  85.  
  86. So far my efforts to fix the problem were without success.
  87. I checked my pflog with tcpdump but didn't see any packets being blocked by PF except the usual noise from the real life zombies that manage to hit the firewall from time to time. It would be pretty neat if you could point me in the right direction. My next attempt would be to spin up openbsd inside bhyve to take advantage of the PF so it would be awesome to get the linux guest out of the way first.
  88.  
  89. Ohter than that, thx a lot for the time and effort you guys put into the show and your businesses and still find a moment or two to spare for the BSD community and answer random questions like that. As you already know, it isn't easy to find people to chat about BSD in daily life so it is truly awesome to be able to get in touch with you plus having a high quality podcast to look forward to every week.
  90. Keep up the great work!
View raw paste Reply