Skip to content

Instantly share code, notes, and snippets.

@shpark

shpark/ch-net.md

Last active October 28, 2021 08:00
Show Gist options
  • Save shpark/a664fafc107b7b857c75a02c164cd5ed to your computer and use it in GitHub Desktop.
Save shpark/a664fafc107b7b857c75a02c164cd5ed to your computer and use it in GitHub Desktop.
Download ZIP
Setup cloud-hypervisor guest with the Internet connectivity without a bridge
Raw
ch-net.md

Original documentation 1 suggests setting up network for CH guest using virtio-net deivces, host TAP and bridge interfaces.

This note is an alternative way of achieving a the Internet connectivity without setting up a bridge--spoiler alert--with iptables. (Similar setup used by smoltcp 2)

Create and configure a TAP interface

ip tuntap add dev chtap0 mode tap
ip addr add 192.168.12.1/24 dev chtap0
ip link set chtap0 up # later

Configure iptable

iptables -t nat -A POSTROUTING -s 192.168.12.0/24 -j MASQUERADE
sysctl net.ipv4.ip_forward=1

iptables -A FORWARD -i chtap0 -s 192.168.12.0/24 -j ACCEPT
iptables -A FORWARD -o chtap0 -d 192.168.12.0/24 -j ACCEPT

Run CH

$ ./cloud-hypervisor/target/release/cloud-hypervisor \
	--kernel ./hypervisor-fw \
	--disk path=focal-server-cloudimg-amd64.raw \
	--cpus boot=4 \
	--memory size=1024M \
	--net "tap=chtap0,mac=,ip=192.168.12.100,mask=" \
	--rng

Note the tap name and the IP address.

Inside the VM

ip addr add 192.168.12.100/24 dev ens3 # interface may have a different name
ip route add default via 192.168.12.1
ping 1.1.1.1

Configure DNS

For exmaple, add nameserver 1.1.1.1 to /etc/resolv.conf and test nslookup google.com.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment