hello Cao. This how to access baidu.com in inmate execute it in root cell. enable forward echo 1 > /proc/sys/net/ipv4/ip_forward
iptables setup ,select one of them /sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ------------------------------------------------------------------------------------------------------------------ 在2021年3月29日星期一 UTC+8 下午5:02:57<Henning Schild> 写道: > Am Sun, 28 Mar 2021 22:16:14 +0800 (GMT+08:00) > schrieb 曹宏鹏 <[email protected]>: > > > Dear sir: > > > > As we all know, the cell could communicate with root cell by ivshmem > > in Jailhouse. And there is a virtual Network Interface Card(NIC) on > > non-root cell. When I run Jailhouse on my raspberry Pi 4 model b, I > > was successful to create a cell and assigned a address to it. The > > root cell can communicate with non-root cell , I know this is based > > on ivshmem. But I want to know > > > > 1. Whether the virtual NIC support other protocols. > > It is a virtual ethernet connection, on top you can use anything that > can be done on top of "network". It is probably best to build whatever > you need on top of Ethernet, maybe nfs, remote desktop ... but if you > really need a custom protocol at the base you can write your own driver > and choose another ".shmem_protocol" > There is ivshmem-demo giving a simple raw usage example of > JAILHOUSE_SHMEM_PROTO_UNDEFINED. > > > 2. What is difference between virtual NIC in non-root cell and NIC in > > root cell. > > There is none. Once running under jailhouse a cell might see the PCI > device for shared memory communication on the bus (depending on the > cell config). If that PCI device is of type JAILHOUSE_SHMEM_PROTO_VETH > and the cell has a driver ... you will see a new ethernet interface > becoming available. > > > 3. Why the virtual NIC cannot ping baidu.com(in China ) or > > google.com. > > You essentially have an isolated network between the two cells. To > connect the inmate to the internet, the root cell will have to become a > network router. So you would set up i.e. NAT to connect on layer3 > > The most simple solution could be to create a network bridge where you > attach the real physical network interface and later the virtual one. > (in the root cell) > After doing that the non-root should be in the same Layer2 network and > can use DHCP to get a network configuration that will allow internet > access just like the root-cell has. > > All that is basic networking and has nothing to do with jailhouse. > > regards, > Henning > > > If I get your help, I will appreciate ! > > > > > > Yours sincerely, > > HOngpeng Cao. > > > > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/288eb03e-f986-4890-8ad6-6102aef44904n%40googlegroups.com.
