On 9/19/07, KokMengLoh <[EMAIL PROTECTED]> wrote: > > Hi, > > I'm trying to set up a virtual DNS server using QEMU. Basically, I'm > running the virtual instance in user networking mode and I'm using the > "-redir" command to redirect UDP/53 and TCP/53 from the host to the > virtual instance. The TCP redirection works fine. I am able to get a DNS > resolution. However, UDP redirection is funny. > > I have the following packet capture from all interfaces. > > [EMAIL PROTECTED] ~]# tcpdump -ni any port 53 > tcpdump: WARNING: Promiscuous mode not supported on the "any" device > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 > bytes > 01:33:54.135019 IP 192.168.100.50.33563 > 192.168.100.68.domain: 54649+ > A? www.asgent-tech.com. (37) > 01:33:54.159184 IP 192.168.100.50.33563 > 192.168.100.68.domain: 54649+ > A? www.asgent-tech.com. (37) > 01:33:54.150120 IP 127.0.0.1.domain > 127.0.0.1.33563: 54649* 1/2/2 > A[|domain] > > It seems that the packet from 192.168.100.50 came in from eth0 for > 192.168.100.68 port 53 (domain). The second packet is came from the > peth0 interface (there is a bridge involved). The problem is that the > return packet (packet no. 3) seems to have replaced the src and dst ip > with 127.0.0.1. > > I've already stopped all my iptable rules, so there is no masquerading > here.
I don't have a solution, but I'm feeling rich... so here's 2 cents =) 1. using redir / user mode networking will have the tcp/udp session terminated at the host, and a new one started to the guest. Maybe this will, together with some other unrevealed info, shed light on that 127.0.01-> 127.0.0.1 response. 2. can i suggest you use dnat instead of user mode redirect? you obviously have root anyway, so you can do that. some other advantages: you don't have to run qemu as root user, and logging on the guest will actually turn up meaningful client ips.
_______________________________________________ Slugnet mailing list [email protected] http://www.lugs.org.sg/mailman/listinfo/slugnet
