Re: [qubes-users] sys-net interfaces
On Fri, Dec 27, 2019 at 08:46:35AM +, 'awokd' via qubes-users wrote: What responsibilties does sys-net have in terms of forwarding DNS? The documentation specifies how things work for AppVMs, and it says there is no DNS server in the "network driver domain" (sys-net), but it does not say what sys-net actually has to do. It looks like the documentation is assuming sys-net has many more virtual NICs than it actually does? Did you check the Qubes source code responsible for setting these up? The qubes-devel mailing list might also be appropriate here... The documentation mentions the vif-route-qubes utility, but I can't tell if dom0 runs this on sys-net (to set up routing to serve AppVMs) or runs it on AppVMs / etc ... the documentation does not mention any other source code (which would be used to e.g set up DNS forwarding). I will ask on qubes-devel. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191228025332.GA1654%40danwin1210.me.
Re: [qubes-users] sys-net interfaces
tetrahedra via qubes-users: > On Thu, Dec 26, 2019 at 11:47:37AM +, 'awokd' via qubes-users wrote: >> There's a brief discussion at https://www.qubes-os.org/doc/networking/, >> but there may be more detailed notes in the source code for Qubes' VM >> networking components. Qubes uses Xen's networking, so that might be the >> best place to begin research. > > What responsibilties does sys-net have in terms of forwarding DNS? The > documentation specifies how things work for AppVMs, and it says there is > no DNS server in the "network driver domain" (sys-net), but it does not > say what sys-net actually has to do. > > Also, the docs don't appear to be entirely accurate. The documentation > specifies a fairly complex set of routing tabels for the "network driver > domain" (sys-net, I assume), but the actual routing table on my sys-net > is fairly simple > > The table from the documentation: > Destination Gateway Genmask Flags Metric Ref > Use Iface > 10.137.0.16 0.0.0.0 255.255.255.255 UH 0 0 0 > vif4.0 > 10.137.0.7 0.0.0.0 255.255.255.255 UH 0 0 0 > vif10.0 > 10.137.0.9 0.0.0.0 255.255.255.255 UH 0 > [... many lines removed ...] > 192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 > 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 > > The table from my sys-net: > [user@sys-net ~]$ sudo ip route > [user@sys-net ~]$ sudo route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > default _gateway 0.0.0.0 UG 600 0 0 > wls7 > 10.137.0.5 0.0.0.0 255.255.255.255 UH 32747 0 0 > vif5.0 > 192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 > wls7 > > > It looks like the documentation is assuming sys-net has many more > virtual NICs than it actually does? > Did you check the Qubes source code responsible for setting these up? The qubes-devel mailing list might also be appropriate here... -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/04a3284a-b538-4e60-c059-3c5a9336d410%40danwin1210.me.
Re: [qubes-users] sys-net interfaces
On Thu, Dec 26, 2019 at 11:47:37AM +, 'awokd' via qubes-users wrote: There's a brief discussion at https://www.qubes-os.org/doc/networking/, but there may be more detailed notes in the source code for Qubes' VM networking components. Qubes uses Xen's networking, so that might be the best place to begin research. What responsibilties does sys-net have in terms of forwarding DNS? The documentation specifies how things work for AppVMs, and it says there is no DNS server in the "network driver domain" (sys-net), but it does not say what sys-net actually has to do. Also, the docs don't appear to be entirely accurate. The documentation specifies a fairly complex set of routing tabels for the "network driver domain" (sys-net, I assume), but the actual routing table on my sys-net is fairly simple The table from the documentation: Destination Gateway Genmask Flags Metric Ref Use Iface 10.137.0.16 0.0.0.0 255.255.255.255 UH 0 0 0 vif4.0 10.137.0.7 0.0.0.0 255.255.255.255 UH 0 0 0 vif10.0 10.137.0.9 0.0.0.0 255.255.255.255 UH 0 [... many lines removed ...] 192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 The table from my sys-net: [user@sys-net ~]$ sudo ip route [user@sys-net ~]$ sudo route Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface default _gateway0.0.0.0 UG60000 wls7 10.137.0.5 0.0.0.0 255.255.255.255 UH32747 00 vif5.0 192.168.0.0 0.0.0.0 255.255.255.0 U 60000 wls7 It looks like the documentation is assuming sys-net has many more virtual NICs than it actually does? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191227070535.GA1464%40danwin1210.me.
Re: [qubes-users] sys-net interfaces
On Thu, Dec 26, 2019 at 11:47:37AM +, 'awokd' via qubes-users wrote: tetrahedra via qubes-users: I haven't been able to find any documentation for what network interfaces sys-net is expected to expose internally. If I want to create my own sys-net from scratch, how does Xen/Qubes send network traffic to sys-net, to be sent onwards to my NIC? There's a brief discussion at https://www.qubes-os.org/doc/networking/, but there may be more detailed notes in the source code for Qubes' VM networking components. Qubes uses Xen's networking, so that might be the best place to begin research. Thanks, that's very helpful. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191227061022.GA1186%40danwin1210.me.
Re: [qubes-users] sys-net interfaces
tetrahedra via qubes-users: > I haven't been able to find any documentation for what network > interfaces sys-net is expected to expose internally. If I want to create > my own sys-net from scratch, how does Xen/Qubes send network traffic to > sys-net, to be sent onwards to my NIC? > There's a brief discussion at https://www.qubes-os.org/doc/networking/, but there may be more detailed notes in the source code for Qubes' VM networking components. Qubes uses Xen's networking, so that might be the best place to begin research. -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/10c56f40-288c-16e3-d883-ea221b15798d%40danwin1210.me.
[qubes-users] sys-net interfaces
I haven't been able to find any documentation for what network interfaces sys-net is expected to expose internally. If I want to create my own sys-net from scratch, how does Xen/Qubes send network traffic to sys-net, to be sent onwards to my NIC? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191221153318.GA1931%40danwin1210.me.
