Created
March 24, 2022 04:45
-
-
Save Miigon/57fcf990062149a9878d4f9a58322eb2 to your computer and use it in GitHub Desktop.
a backup of the instructions used to set up a win10 kvm on linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| `~/kvm` contains resourses used to set up kvm, gpu passthrough, virtio and bridged | |
| networking. | |
| `/etc/default/grub`: | |
| added 'intel_iommu=on iommu=pt kvm.ignore_msrs=1 video=efifb:off' to GRUB_CMDLINE_LINUX_DEFAULT | |
| regenerated grub config using `sudo update-grub` | |
| added `softdep nouveau pre: vfio-pci` to /etc/modprobe.d/vfio.conf so that vfio | |
| would load before nouveau. | |
| IOMMU configured according to https://wiki.archlinux.org/title/PCI_passthrough_via_OVMF | |
| run ./iommu.sh to see IOMMU groups | |
| graphics card on the host is isolated by binding it to vfio-pci | |
| (also by editing kernel parameters in /etc/default/grub) | |
| current kernel parameter for vfio | |
| vfio-pic.ids=10de:1c81,10de:0fb9,1033:0194 | |
| current virtual machine configuration: | |
| sudo virt-install --boot uefi --os-variant win10 \ | |
| --name win10 --ram=16384 --vcpus 4 \ | |
| --cpu host,-hypervisor --features kvm_hidden=on --hvm \ | |
| --disk path=/media/hdstorage/win10-gaming.img,size=600 \ | |
| --cdrom /media/hdstorage/win10_1909.iso \ | |
| --graphics vnc | |
| kvm_hidden enabled to avoid virtual machine detection | |
| `--cpu host,-hypervisor` hides the CPUID bit, also for avoiding virtual machine detection | |
| port forward 127.0.0.1:5900 to connect to vnc | |
| see https://wiki.libvirt.org/page/Networking for network configuations. | |
| a bridged network `br0` is set up by following: | |
| https://fabianlee.org/2019/04/01/kvm-creating-a-bridged-network-with-netplan-on-ubuntu-bionic/ | |
| for use by the kvm guest windows10, as well as enp3s0 (host ethernet) | |
| see `/etc/netplan/` | |
| !!IMPORTANT: disable iptables and multicast processing for bridges | |
| ``` | |
| echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables | |
| echo 0 > /sys/devices/virtual/net/br0/bridge/multicast_querier | |
| echo 0 > /sys/devices/virtual/net/br0/bridge/multicast_snooping | |
| ``` | |
| otherwise, the bridge won't relay ARP and DHCP requests. | |
| this server is configured to do this by default, | |
| by adding `net/bridge/bridge-nf-call-iptables = 0` to `/etc/ufw/sysctl.conf` | |
| (note it doesn't work on this system, strange. In the end I set iptables to ACCEPT for all bridges) | |
| final solution: `iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT` | |
| stuffs added by `virsh edit win10` after vm creation. | |
| * <cputune> for pinning vcpu to physical cpu (performance) | |
| * <topology> for enabling all 4 cpu cores | |
| * added virtio-scsi controller: <controller type='scsi' index='0' model='virtio-scsi'> | |
| * installed `virtio-win-guest-tools.exe` inside the guest os | |
| (do this strictly after adding virtio controller, but before switching drive bus mode, | |
| otherwise BSOD.) | |
| * changed <target dev='sda' bus='sata'/> to <target dev='sda' bus='scsi'/> for virtio | |
| * changed network configuration to: | |
| * <interface type='bridge'> | |
| <mac address='52:54:00:14:0e:1f'/> | |
| <source bridge='br0'/> | |
| <model type='virtio'/> | |
| </interface> | |
| (for bridged networking and virtio network card) | |
| * used <hostdev> to passthrough a NVIDIA GPU, GPU audio and a NEC USB 3.0 Controller | |
| (paths given by lspci are 01:00.0 and 01:00.1 and 04:00.0, respectively) | |
| MSI enabled on gfxcard following this guide: http://vfio.blogspot.com/2014/09/vfio-interrupts-and-how-to-coax-windows.html | |
| (for fixing distorted hdmi audio) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uploaded to GitHub Gist in case of a drive failure.