1*324b2298SPaolo Bonzini.. _pcsys_005fnetwork: 2*324b2298SPaolo Bonzini 3*324b2298SPaolo BonziniNetwork emulation 4*324b2298SPaolo Bonzini----------------- 5*324b2298SPaolo Bonzini 6*324b2298SPaolo BonziniQEMU can simulate several network cards (e.g. PCI or ISA cards on the PC 7*324b2298SPaolo Bonzinitarget) and can connect them to a network backend on the host or an 8*324b2298SPaolo Bonziniemulated hub. The various host network backends can either be used to 9*324b2298SPaolo Bonziniconnect the NIC of the guest to a real network (e.g. by using a TAP 10*324b2298SPaolo Bonzinidevices or the non-privileged user mode network stack), or to other 11*324b2298SPaolo Bonziniguest instances running in another QEMU process (e.g. by using the 12*324b2298SPaolo Bonzinisocket host network backend). 13*324b2298SPaolo Bonzini 14*324b2298SPaolo BonziniUsing TAP network interfaces 15*324b2298SPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 16*324b2298SPaolo Bonzini 17*324b2298SPaolo BonziniThis is the standard way to connect QEMU to a real network. QEMU adds a 18*324b2298SPaolo Bonzinivirtual network device on your host (called ``tapN``), and you can then 19*324b2298SPaolo Bonziniconfigure it as if it was a real ethernet card. 20*324b2298SPaolo Bonzini 21*324b2298SPaolo BonziniLinux host 22*324b2298SPaolo Bonzini^^^^^^^^^^ 23*324b2298SPaolo Bonzini 24*324b2298SPaolo BonziniAs an example, you can download the ``linux-test-xxx.tar.gz`` archive 25*324b2298SPaolo Bonziniand copy the script ``qemu-ifup`` in ``/etc`` and configure properly 26*324b2298SPaolo Bonzini``sudo`` so that the command ``ifconfig`` contained in ``qemu-ifup`` can 27*324b2298SPaolo Bonzinibe executed as root. You must verify that your host kernel supports the 28*324b2298SPaolo BonziniTAP network interfaces: the device ``/dev/net/tun`` must be present. 29*324b2298SPaolo Bonzini 30*324b2298SPaolo BonziniSee :ref:`sec_005finvocation` to have examples of command 31*324b2298SPaolo Bonzinilines using the TAP network interfaces. 32*324b2298SPaolo Bonzini 33*324b2298SPaolo BonziniWindows host 34*324b2298SPaolo Bonzini^^^^^^^^^^^^ 35*324b2298SPaolo Bonzini 36*324b2298SPaolo BonziniThere is a virtual ethernet driver for Windows 2000/XP systems, called 37*324b2298SPaolo BonziniTAP-Win32. But it is not included in standard QEMU for Windows, so you 38*324b2298SPaolo Bonziniwill need to get it separately. It is part of OpenVPN package, so 39*324b2298SPaolo Bonzinidownload OpenVPN from : https://openvpn.net/. 40*324b2298SPaolo Bonzini 41*324b2298SPaolo BonziniUsing the user mode network stack 42*324b2298SPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 43*324b2298SPaolo Bonzini 44*324b2298SPaolo BonziniBy using the option ``-net user`` (default configuration if no ``-net`` 45*324b2298SPaolo Bonzinioption is specified), QEMU uses a completely user mode network stack 46*324b2298SPaolo Bonzini(you don't need root privilege to use the virtual network). The virtual 47*324b2298SPaolo Bonzininetwork configuration is the following:: 48*324b2298SPaolo Bonzini 49*324b2298SPaolo Bonzini guest (10.0.2.15) <------> Firewall/DHCP server <-----> Internet 50*324b2298SPaolo Bonzini | (10.0.2.2) 51*324b2298SPaolo Bonzini | 52*324b2298SPaolo Bonzini ----> DNS server (10.0.2.3) 53*324b2298SPaolo Bonzini | 54*324b2298SPaolo Bonzini ----> SMB server (10.0.2.4) 55*324b2298SPaolo Bonzini 56*324b2298SPaolo BonziniThe QEMU VM behaves as if it was behind a firewall which blocks all 57*324b2298SPaolo Bonziniincoming connections. You can use a DHCP client to automatically 58*324b2298SPaolo Bonziniconfigure the network in the QEMU VM. The DHCP server assign addresses 59*324b2298SPaolo Bonzinito the hosts starting from 10.0.2.15. 60*324b2298SPaolo Bonzini 61*324b2298SPaolo BonziniIn order to check that the user mode network is working, you can ping 62*324b2298SPaolo Bonzinithe address 10.0.2.2 and verify that you got an address in the range 63*324b2298SPaolo Bonzini10.0.2.x from the QEMU virtual DHCP server. 64*324b2298SPaolo Bonzini 65*324b2298SPaolo BonziniNote that ICMP traffic in general does not work with user mode 66*324b2298SPaolo Bonzininetworking. ``ping``, aka. ICMP echo, to the local router (10.0.2.2) 67*324b2298SPaolo Bonzinishall work, however. If you're using QEMU on Linux >= 3.0, it can use 68*324b2298SPaolo Bonziniunprivileged ICMP ping sockets to allow ``ping`` to the Internet. The 69*324b2298SPaolo Bonzinihost admin has to set the ping_group_range in order to grant access to 70*324b2298SPaolo Bonzinithose sockets. To allow ping for GID 100 (usually users group):: 71*324b2298SPaolo Bonzini 72*324b2298SPaolo Bonzini echo 100 100 > /proc/sys/net/ipv4/ping_group_range 73*324b2298SPaolo Bonzini 74*324b2298SPaolo BonziniWhen using the built-in TFTP server, the router is also the TFTP server. 75*324b2298SPaolo Bonzini 76*324b2298SPaolo BonziniWhen using the ``'-netdev user,hostfwd=...'`` option, TCP or UDP 77*324b2298SPaolo Bonziniconnections can be redirected from the host to the guest. It allows for 78*324b2298SPaolo Bonziniexample to redirect X11, telnet or SSH connections. 79*324b2298SPaolo Bonzini 80*324b2298SPaolo BonziniHubs 81*324b2298SPaolo Bonzini~~~~ 82*324b2298SPaolo Bonzini 83*324b2298SPaolo BonziniQEMU can simulate several hubs. A hub can be thought of as a virtual 84*324b2298SPaolo Bonziniconnection between several network devices. These devices can be for 85*324b2298SPaolo Bonziniexample QEMU virtual ethernet cards or virtual Host ethernet devices 86*324b2298SPaolo Bonzini(TAP devices). You can connect guest NICs or host network backends to 87*324b2298SPaolo Bonzinisuch a hub using the ``-netdev 88*324b2298SPaolo Bonzinihubport`` or ``-nic hubport`` options. The legacy ``-net`` option also 89*324b2298SPaolo Bonziniconnects the given device to the emulated hub with ID 0 (i.e. the 90*324b2298SPaolo Bonzinidefault hub) unless you specify a netdev with ``-net nic,netdev=xxx`` 91*324b2298SPaolo Bonzinihere. 92*324b2298SPaolo Bonzini 93*324b2298SPaolo BonziniConnecting emulated networks between QEMU instances 94*324b2298SPaolo Bonzini~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 95*324b2298SPaolo Bonzini 96*324b2298SPaolo BonziniUsing the ``-netdev socket`` (or ``-nic socket`` or ``-net socket``) 97*324b2298SPaolo Bonzinioption, it is possible to create emulated networks that span several 98*324b2298SPaolo BonziniQEMU instances. See the description of the ``-netdev socket`` option in 99*324b2298SPaolo Bonzini:ref:`sec_005finvocation` to have a basic 100*324b2298SPaolo Bonziniexample. 101