---- stevens <teawater at vip.163.com> wrote: > Does TUN/TAP need openvpn running? > I didn't run openvpn when running QEMU
No, you do not need the openvpn. The TUN/TAP module is used to do the fhe following: 1) TAP device is created with a private network between the host and the guest, and full network access (IE no port filtering occurs), though if the guest also needs access to external hosts (the internet, a local network), you are probably best served by creating one TAP (local host access) and using -net user using QEMU's internal slirp firewall. 2) TAP device with the bridge module gives full access to all nodes outside of the host. Due to the way the bridge module works, unfortunately, the guest cannot see the host and vice versa. Again, access to the host could be accomplished using -net user though may be messy since you will likely be using DHCP for both the -net user and the Bridge. Probably best to use two taps. One for local host access and the other for the bridge. Ben
