Date: Wed, 16 Sep 2009 00:30:39 +0200 From: Juergen Lock <nox@jelal.kn-bremen.de> To: xorquewasp@googlemail.com Cc: freebsd-emulation@freebsd.org Subject: Re: Problems with qemu networking on 7.2-RELEASE-amd64? Message-ID: <20090915223039.GA46462@triton8.kn-bremen.de> In-Reply-To: <20090915173935.GA34173@logik.internal.network> References: <20090914051402.GB44046@logik.internal.network> <20090915173935.GA34173@logik.internal.network>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 15, 2009 at 06:39:35PM +0100, xorquewasp@googlemail.com wrote:
> On 2009-09-14 06:14:02, xorquewasp@googlemail.com wrote:
> > Hello.
Hi!
> >
> > I'm having horrendous trouble getting qemu to do networking
> > on 7.2-RELEASE-amd64. I've not had any trouble on previous
> > versions of FreeBSD and qemu so this comes as a bit of a surprise.
>
> So, er, nobody's using this rather common setup on 7.2-RELEASE-amd64?
>
> I don't know if this is a problem with qemu or a problem with if_bridge.ko.
>
> Again:
>
> NetBSD x86 sees no NIC at all.
>
> OpenBSD x86 sees a NIC but it doesn't work ("ne3: device timeout").
>
Well thats unrelated, I'd say these guests just don't like most of qemu's
emulated nic choices. I don't remember about OpenBSD, but NetBSD seemed
to only really like the `pcnet' one, and that only after I patched qemu's
bios, see this thread:
http://lists.freebsd.org/pipermail/freebsd-emulation/2009-May/006207.html
> Windows XP sees a NIC, can do DNS resolution but no outgoing TCP connection
> works.
>
> NetBSD SPARC sees a NIC, can do DNS resolution but no outgoing TCP connection
> works. I can connect into the guest via SSH.
>
Well if the guest's packets reach the tap interface and come back I'd
say that mostly rules out qemu to be the cause of the problem, and also
this works just fine for me on stable/7 and stable/8, and I guess I did
it on 7.2 as well...
> This isn't a firewall issue: I can watch the pflog0, re0 and tap0 devices
> with tcpdump and clearly see that nothing is being blocked.
>
> The TCP outbound connections simply pass into the tap device and then apparently
> don't even get as far as the bridge:
>
> Working DNS resolution:
> 133779 rule 22/0(match): pass in on tap0: 10.1.3.12.65529 > 10.2.1.7.53: UDP, length 32
> 000006 rule 23/0(match): pass out on bridge0: 10.1.3.12.65529 > 10.2.1.7.53: UDP, length 32
>
> Apparently broken TCP/IP to google.com:
> 189768 rule 24/0(match): pass in on tap0: 10.1.3.12.65534 > 216.239.59.147.80: tcp 0
>
> There's no "pass out on bridge0" or "pass out on re0" as expected.
>
Hmm have you tried disabling pf to completely rule out any issues with
it? Also you may need to enable ip forwarding (net.inet.ip.forwarding
sysctl, also settable via gateway_enable in rc.conf) and/or play with
the net.link.bridge.pfil_* sysctls. (see the if_bridge manpage.)
> I've tried the recent qemu-devel patch but it's so unstable that it seems
> nearly any execution path results in a segmentation fault.
>
Oops :) Backtraces may be interesting there. Also which one you tried,
the 0.11 rc2 one or the git head snapshot?
> Any help would be appreciated - I have work to do that requires access
> to these VMs and having no outgoing network connectivity is crippling.
Oh and you could also try -net pcap... Or of course vbox too.
HTH,
Juergen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090915223039.GA46462>