Host Interface Networking and Bridging on OpenSolaris Hosts

Discussions related to using VirtualBox on Solaris hosts.
Post Reply
jtjm
Posts: 2
Joined: 12. Feb 2008, 19:11

Host Interface Networking and Bridging on OpenSolaris Hosts

Post by jtjm »

Has anyone managed to configure an OpenSolaris host so that Host Interface Networking can be used to bridge a guest's network interfaces to it? If so, I'd be very grateful for some pointers.
lidgaca
Posts: 3
Joined: 13. Feb 2008, 09:04

Post by lidgaca »

No, but I'd like to join in the fun !

I've just put VB up on a Ultra 40 (twin Opterons), running the latest OpenSolaris developer edition. All VB networking setting have been left at default. I've got an Ubuntu partition which has loaded up ok, and looking at ifconfig on the Ubuntu system I can see an eth0, configured to 10.0..2.15. netstat -rn on the Ubuntu system shows a default router at 10.0.2.2, and I can ping these two 10.0.2.0/24 addresses. Unfortunately they seem to be *all* I can ping - I can't ping the configured IP address of my native solaris box at all. Annoyingly the Ubuntu CD edition that I loaded from does not come with traceroute, although to be honest I don't think it would tell me much.

Anyone any good ideas ??


-- Chris
jtjm
Posts: 2
Joined: 12. Feb 2008, 19:11

Post by jtjm »

I've done some more research, and it looks like the lack of bridging support in OpenSolaris makes the use of host interface networking impossible for now.

However, port-forwarding to a guest that's using NAT seems to work fine, and can be a reasonable substitute for testing servers in a guest. See section 6.2 of the VirtualBox user manual for details.

I use the following hack of a script to set up and clear forwarding. Set your guest name in $vm and change the calls to port_forward() at the end, and then run it without arguments on the host to set up forwards (you have to do this before you start the guest). Note that it clears any existing rules before setting the new ones, since if you manage to configure conflicting rules for the same port, your guest will usually crash on boot up.

You can check which rules you've configured with:

Code: Select all

VBoxManage getextradata <vmname> enumerate
Obviously, you can't have more than one guest listening on the same host port, but it's better than nothing for now.

Code: Select all

#!/usr/bin/perl -w                                                                                                
use strict;

my $VBOXMANAGE = "/usr/bin/VBoxManage";
my $PREFIX = "VBoxInternal/Devices/pcnet/0/LUN#0/Config/";

sub port_forward
{
    my ($vm, $host_port, $guest_port, $proto) = @_;
    $proto = defined $proto || "TCP";
    unless (defined $vm and defined $host_port and defined $guest_port) {
        die "One or more arguments undefined, expected port_forward(<vm>, <host_port>, <guest_port>, [<proto>]\n"\
;
    }
    my $prefix = $PREFIX . "fwd" . $host_port . "-" . $guest_port;
    system ($VBOXMANAGE, "-nologo", "setextradata",  $vm, $prefix . "/Protocol", $proto);
    system ($VBOXMANAGE, "-nologo", "setextradata",  $vm, $prefix . "/GuestPort", $guest_port);
    system ($VBOXMANAGE, "-nologo", "setextradata",  $vm, $prefix . "/HostPort", $host_port);
}

sub clear_forwards
{
    my $vm = shift;
    open (KEYS, "$VBOXMANAGE getextradata $vm enumerate|")
        or die "Failed to run '$VBOXMANAGE getextradata $vm enumerate': $!\n";

    while (<KEYS>) {
        if (/Key: ($PREFIX.*),/) {
            my $key = $1;
            print "Clearing ".$key."\n";
            system ($VBOXMANAGE, "-nologo", "setextradata", $vm, $key);
        }
    }
}

#---------------------------------------------------------------------------                                      
# main                                                                                                            
# port_forward (vm, host_port, guest_port);                                                                       

my $vm = "guest1";

clear_forwards($vm);

port_forward($vm, 4022, 22); # ssh to port 4022 to get to the guest
port_forward($vm, 80, 80);
port_forward($vm, 443, 443);
port_forward($vm, 9090, 9090);
port_forward($vm, 9070, 9070);
JackSA
Posts: 22
Joined: 13. Mar 2008, 21:48

Post by JackSA »

Hi there,

TAP/TUN drivers and brdgadm compiled and works fine in Sol10_u4)x86. I've compiled these the other day and configured it to run WinXP and SUSE10.3 as guest VM's.

You sure it doesn't work on OpenSolaris?

Cheers,
-JackSA
Karsten Bolz
Posts: 5
Joined: 5. Mar 2008, 11:54

TAP/TUN drivers and brdgadm compiled and works fine...

Post by Karsten Bolz »

I could download and compile / install TAP/TUN drivers and brdgadm on my Solaris notebook (Toshiba Tecra M5 with Solaris x86 snv66 (Nevada Build 66)).
However, I don't have any clue how to get it working with VirtualBox 1.5.51.
Anybody there who has a clue how to configure it properly?
JackSA
Posts: 22
Joined: 13. Mar 2008, 21:48

Post by JackSA »

I had it running on 79 ... so I'll give it a shot on 66. What's your "ifconfig -a" output?

-JackSA
pjjw
Posts: 6
Joined: 19. Mar 2008, 01:15

Post by pjjw »

I've gotten this working - when running as root - so I can verify that the device works on solaris, and VirtualBox can work with it, but running as root isn't exactly best practices when it's unnecessary.

However I'm a bit of a Solaris newbie, and can't figure out how to fix the permissions on the tun/tap devices so that a normal user account can access them. I've added net_rawaccess to defaultprivs for the virtualbox-using account, but it seems that the tap device doesn't respect this. I've tried using

Code: Select all

update_drv -a -p 'read_priv_set=net_rawaccess write_priv_set=net_rawaccess' tun
update_drv -a -p 'read_priv_set=net_rawaccess write_priv_set=net_rawaccess' tap
but it doesn't take.

Code: Select all

push:~ pjjw$ getdevpolicy /dev/tap
/dev/tap
        read_priv_set=none
        write_priv_set=none
Even the Google doesn't offer much help. Any real Solaris users got tips for the noob?
pjjw
Posts: 6
Joined: 19. Mar 2008, 01:15

Re: TAP/TUN drivers and brdgadm compiled and works fine...

Post by pjjw »

Karsten Bolz wrote:Anybody there who has a clue how to configure it properly?
This is for running as root, as I said I'm having trouble getting it going any other way.

install the drivers, brdgadm, and tunctl-- untar, make, make install for each. do the following:

Code: Select all

tunctl -t tap0
ifconfig tap0 plumb
brdgadm -a <interface>
brdgadm -a tap0
VBoxManage modifyvm <vm> -nic1 hostif -hostifdev tap0
..and you should be set. Of course, this also means you have to run VirtualBox as root, but if someone else can figure out the above problem, you should be able to create a custom permission class that gives access to the tap device and assign it to users of VirtualBox.
rdhalstead
Posts: 52
Joined: 26. Feb 2008, 18:58
Location: Las Vegas

Re: TAP/TUN drivers and brdgadm compiled and works fine...

Post by rdhalstead »

pjjw wrote:
Karsten Bolz wrote:Anybody there who has a clue how to configure it properly?
This is for running as root, as I said I'm having trouble getting it going any other way.

install the drivers, brdgadm, and tunctl-- untar, make, make install for each. do the following:

Code: Select all

tunctl -t tap0
ifconfig tap0 plumb
brdgadm -a <interface>
brdgadm -a tap0
VBoxManage modifyvm <vm> -nic1 hostif -hostifdev tap0
..and you should be set. Of course, this also means you have to run VirtualBox as root, but if someone else can figure out the above problem, you should be able to create a custom permission class that gives access to the tap device and assign it to users of VirtualBox.
I compiled tunctl and brdgadm successfully on opensolaris nv85 but there are no /dev/tun and /dev/tap devices. Any ideas?

--ron
pjjw
Posts: 6
Joined: 19. Mar 2008, 01:15

Post by pjjw »

tried 'pfexec devfsadm -a' ?
stacey.pellegrino
Posts: 1
Joined: 24. Apr 2008, 20:18

Re: TAP/TUN drivers and brdgadm compiled and works fine...

Post by stacey.pellegrino »

rdhalstead wrote:
pjjw wrote:
Karsten Bolz wrote:Anybody there who has a clue how to configure it properly?
This is for running as root, as I said I'm having trouble getting it going any other way.

install the drivers, brdgadm, and tunctl-- untar, make, make install for each. do the following:

Code: Select all

tunctl -t tap0
ifconfig tap0 plumb
brdgadm -a <interface>
brdgadm -a tap0
VBoxManage modifyvm <vm> -nic1 hostif -hostifdev tap0
..and you should be set. Of course, this also means you have to run VirtualBox as root, but if someone else can figure out the above problem, you should be able to create a custom permission class that gives access to the tap device and assign it to users of VirtualBox.
I compiled tunctl and brdgadm successfully on opensolaris nv85 but there are no /dev/tun and /dev/tap devices. Any ideas?

I have both the /dev/tun and /dev/tap devices and all works fine until I issue the VBoxManage command, whereby I get the following error:

Code: Select all

# VBoxManage modifyvm gentoo -nic1 hostif -hostifdev tap0
VirtualBox Command Line Management Interface Version 1.5.51
(C) 2005-2008 innotek GmbH
All rights reserved.

error: Invalid NIC number ''

My ifconfig output is as follows:

Code: Select all

# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
skge0: flags=1004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4> mtu 1500 index 2
        inet 192.168.150.3 netmask ffffff00 broadcast 192.168.150.255
        ether 0:1e:c2:7:d4:2e 
tap0: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
        inet 0.0.0.0 netmask 0 
        ether a:0:20:93:40:70 
lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 index 1
        inet6 ::1/128

Any ideas on how to fix this problem so that the host interface network is bridged with the guest network interface? How will Solaris be able to access the guest OS once this has been properly configured?

-Stace
reedarx
Posts: 1
Joined: 30. Apr 2008, 10:15

proxy can't work in Inidna RC2

Post by reedarx »

If I enable port forwarding, indiana will hang or abort abnormally every time.
Does anyone has any good idea?

Thanks,
Reed
jtjm wrote:I've done some more research, and it looks like the lack of bridging support in OpenSolaris makes the use of host interface networking impossible for now.

However, port-forwarding to a guest that's using NAT seems to work fine, and can be a reasonable substitute for testing servers in a guest. See section 6.2 of the VirtualBox user manual for details.

I use the following hack of a script to set up and clear forwarding. Set your guest name in $vm and change the calls to port_forward() at the end, and then run it without arguments on the host to set up forwards (you have to do this before you start the guest). Note that it clears any existing rules before setting the new ones, since if you manage to configure conflicting rules for the same port, your guest will usually crash on boot up.

You can check which rules you've configured with:

Code: Select all

VBoxManage getextradata <vmname> enumerate
Obviously, you can't have more than one guest listening on the same host port, but it's better than nothing for now.

Code: Select all

#!/usr/bin/perl -w                                                                                                
use strict;

my $VBOXMANAGE = "/usr/bin/VBoxManage";
my $PREFIX = "VBoxInternal/Devices/pcnet/0/LUN#0/Config/";

sub port_forward
{
    my ($vm, $host_port, $guest_port, $proto) = @_;
    $proto = defined $proto || "TCP";
    unless (defined $vm and defined $host_port and defined $guest_port) {
        die "One or more arguments undefined, expected port_forward(<vm>, <host_port>, <guest_port>, [<proto>]\n"\
;
    }
    my $prefix = $PREFIX . "fwd" . $host_port . "-" . $guest_port;
    system ($VBOXMANAGE, "-nologo", "setextradata",  $vm, $prefix . "/Protocol", $proto);
    system ($VBOXMANAGE, "-nologo", "setextradata",  $vm, $prefix . "/GuestPort", $guest_port);
    system ($VBOXMANAGE, "-nologo", "setextradata",  $vm, $prefix . "/HostPort", $host_port);
}

sub clear_forwards
{
    my $vm = shift;
    open (KEYS, "$VBOXMANAGE getextradata $vm enumerate|")
        or die "Failed to run '$VBOXMANAGE getextradata $vm enumerate': $!\n";

    while (<KEYS>) {
        if (/Key: ($PREFIX.*),/) {
            my $key = $1;
            print "Clearing ".$key."\n";
            system ($VBOXMANAGE, "-nologo", "setextradata", $vm, $key);
        }
    }
}

#---------------------------------------------------------------------------                                      
# main                                                                                                            
# port_forward (vm, host_port, guest_port);                                                                       

my $vm = "guest1";

clear_forwards($vm);

port_forward($vm, 4022, 22); # ssh to port 4022 to get to the guest
port_forward($vm, 80, 80);
port_forward($vm, 443, 443);
port_forward($vm, 9090, 9090);
port_forward($vm, 9070, 9070);
holden
Posts: 4
Joined: 24. May 2008, 23:21

Re: TAP/TUN drivers and brdgadm compiled and works fine...

Post by holden »

stacey.pellegrino wrote:
I have both the /dev/tun and /dev/tap devices and all works fine until I issue the VBoxManage command, whereby I get the following error:

Code: Select all

# VBoxManage modifyvm gentoo -nic1 hostif -hostifdev tap0
VirtualBox Command Line Management Interface Version 1.5.51
(C) 2005-2008 innotek GmbH
All rights reserved.

error: Invalid NIC number ''

My ifconfig output is as follows:

Code: Select all

# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
skge0: flags=1004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4> mtu 1500 index 2
        inet 192.168.150.3 netmask ffffff00 broadcast 192.168.150.255
        ether 0:1e:c2:7:d4:2e 
tap0: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
        inet 0.0.0.0 netmask 0 
        ether a:0:20:93:40:70 
lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 index 1
        inet6 ::1/128

Any ideas on how to fix this problem so that the host interface network is bridged with the guest network interface? How will Solaris be able to access the guest OS once this has been properly configured?

-Stace

same here. I have Solaris 10 u4

anybody worked this out?
aribi
Posts: 36
Joined: 12. Apr 2008, 00:36

Re: VBoxManage fails on setting hostifdev

Post by aribi »

Sorry for if this makes you blush, but all the modifyvm subcommands for a nic nead the interface number:
  • % VBoxManage --help
    ............
    [-nic<1-N> none|null|nat|hostif|intnet]
    [-nictype<1-N> Am79C970A|Am79C973|82540EM]
    [-cableconnected<1-N> on|off]
    [-nictrace<1-N> on|off]
    [-nictracefile<1-N> <filename>]
    [-nicspeed<1-N> <kbps>]
    [-hostifdev<1-N> none|<devicename>]
Your command should have -hostifdev1:
# VBoxManage modifyvm gentoo -nic1 hostif -hostifdev tap0
kind regards, Arie Bikker
Post Reply