Joel: I am curious what would happen if you tried one of the simpler setups not involving NAT.
Say you have two physical hosts, A, and B, and one UML instance, C, running on B. Let A and B be connected to the same ethernet and let there be two /24 nets (10.0.1.0/24 and 10.0.2.0/24) be involved, something like this: A 10.0.1.1 eth0 B 10.0.1.2 eth0 B 10.0.2.1 tap0 C 10.0.2.2 eth0 Let C's default GW be 10.0.2.1 and let A's GW to 10.0.2.0/24 be 10.0.1.2. In other words, on A: route add -net 10.0.2.2 netmask 255.255.255.0 gw 10.0.1.2 on C: route add default gw 10.0.2.1 Enable packet forwarding on B: echo "1" > /proc/sys/net/ipv4/ip_forward Then try pinging 10.0.1.1 from C and 10.0.2.2 from A. While you are doing that, run tcpdump -i eth0 -n "icmp" and tcpdump -i tap0 -n "icmp" on B. I would be suprised if that didn't work given that you have B<->C networking working enough to ssh from host to UML instance. Once you get this setup working, try adding NAT into the mix. Until you get this simpler setup working, trying to add NAT is just asking for trouble ;-) Chris Marshall --- Joel Kreager <[EMAIL PROTECTED]> wrote: > I have been fighting with the networking setup of uml for a couple of > weeks now on and off. I have been trying to set up a connection > outside my host linux box. I can get a connection which allows me to > ssh into the uml from the host or the host from the uml, but every > setup I have tried seems to have the packets being dropped inside the > host and never reaching eth0 according to the counters. I have > followed the part about NAT: > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > as instructions say. I have also tried using a bridge as another set > of instructions suggested. Everything produces the same result -- > packets disappear before reaching eth0 or somewhere in the middle of > the bridge. Using uml_net produces the same results as the long log > of command lines I am posting does -- packets show on tap0 counters, > but don't show on eth0 counters. I've pretty much run out of ideas to > try. Am I missing something in my kernel? I've been over it a couple > of times -- everything is now built in (no modules). > > I am running gentoo with a 2.6.17 kernel > > The "Easy" NAT way > > [veryfine:/home/jkreager/uml]# tunctl -u jkreager > Set 'tap0' persistent and owned by uid 500 > [veryfine:/home/jkreager/uml]# /sbin/ifconfig tap0 192.168.0.254 netmask > 255.255.255.0 up > > [veryfine:/home/jkreager/uml]# chmod 660 /dev/net/tun > [veryfine:/home/jkreager/uml]# ls -l /dev/net/tun > crw-rw---- 1 root umlusers 10, 200 Apr 11 22:02 /dev/net/tun > > This didn't work: > [veryfine:~/uml/test01]$ linux-2.6.19-rc5 ubd0=Slackware-11-root_fs > eth0=tuntap\ ,tap0 > > > [veryfine:~/uml/test01]$ linux-2.6.19-rc5 ubd0=Slackware-11-root_fs \ > eth0=tuntap,tap0 > > UML > > [EMAIL PROTECTED]:~# ifconfig eth0 192.168.0.253 netmask 255.255.255.0 up > > Host > [veryfine:/home/jkreager/uml]# /sbin/route add -host 192.168.0.253 dev \ > tap0 > > UML > [EMAIL PROTECTED]:~# route add default gw 192.168.0.254 > [EMAIL PROTECTED]:~# ping 192.168.0.2 > PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data. > 64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.253 ms > 64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.240 ms > 64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.231 ms > > Host > > [veryfine:/home/jkreager/uml]# echo 1 > /proc/sys/net/ipv4/ip_forward > [veryfine:/home/jkreager/uml]# echo 1 > > /proc/sys/net/ipv4/conf/tap0/proxy_arp > [veryfine:/home/jkreager/uml]# /sbin/arp -Ds 192.168.0.253 eth0 pub > [veryfine:/home/jkreager/uml]# /sbin/iptables -t nat -a POSTROUTING -o > eth0 -j SNAT -to 192.168.0.2 > iptables v1.3.5: Unknown arg `-a' > Try `iptables -h' or 'iptables --help' for more information. > [veryfine:/home/jkreager/uml]# /sbin/iptables -t nat -A POSTROUTING -o > eth0 -j SNAT -to 192.168.0.2 > Bad argument `192.168.0.2' > Try `iptables -h' or 'iptables --help' for more information. > [veryfine:/home/jkreager/uml]# /sbin/iptables -t nat -A POSTROUTING -o > eth0 -j SNAT --to 192.168.0.2 > [veryfine:/home/jkreager/uml]# > > > [veryfine:/home/jkreager/uml]# /sbin/route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.0.253 0.0.0.0 255.255.255.255 UH 0 0 0 tap0 > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 > [veryfine:/home/jkreager/uml]# /sbin/route del -net 192.168.0.0 dev tap0 > netmask 255.255.255.0 > > UML > > [EMAIL PROTECTED]:~# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > 0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 > [EMAIL PROTECTED]:~# route del -net 192.168.0.0 dev eth0 netmask 255.255.255.0 > [EMAIL PROTECTED]:~# route add -host 192.168.0.2 dev eth0 > [EMAIL PROTECTED]:~# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > 0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 > [EMAIL PROTECTED]:~# > > [EMAIL PROTECTED]:~# ping 192.168.0.1 > PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. > > --- 192.168.0.1 ping statistics --- > 6 packets transmitted, 0 received, 100% packet loss, time 5031ms > > [EMAIL PROTECTED]:~# route del -host 192.168.0.2 dev eth0 > [EMAIL PROTECTED]:~# route add -host 192.168.0.254 dev eth0 > [EMAIL PROTECTED]:~# route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 192.168.0.254 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > 0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 > > Host Counters Before Ping > eth0 RX bytes:154211383 (147.0 Mb) TX bytes:4877366 (4.6 Mb) > tap0 RX bytes:4368 (4.2 Kb) TX bytes:1736 (1.6 Kb) > > Guest Counters Before Ping > eth0 RX bytes:1400 (1.3 KiB) TX bytes:4368 (4.2 KiB) > > [EMAIL PROTECTED]:~# ping -c 2 192.168.0.1 > PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. > > --- 192.168.0.1 ping statistics --- > 2 packets transmitted, 0 received, 100% packet loss, time 1001ms > > Host Counters After Ping > eth0 RX bytes:154211383 (147.0 Mb) TX bytes:4877366 (4.6 Mb) > tap0 RX bytes:4606 (4.4 Kb) TX bytes:1778 (1.7 Kb) > > Guest Counters After Ping > eth0 RX bytes:1428 (1.3 KiB) TX bytes:4606 (4.4 KiB) > > Bridging: > > Host > > [veryfine:~]# ls -l /dev/net/tun > crw-rw---- 1 root umlusers 10, 200 Apr 11 08:47 /dev/net/tun > [veryfine:~]# groups jkreager > wheel audio cdrom video usb jkreager rtc umlusers > [veryfine:~]# > > [veryfine:~]# /sbin/brctl addbr umlbridge > [veryfine:~]# /sbin/brctl setfd umlbridge 0 > [veryfine:~]# /sbin/brctl stp umlbridge off > [veryfine:~]# /sbin/ifconfig eth0 0.0.0.0 promisc up > [veryfine:~]# ifconfig umlbridge 192.168.0.2 netmask 255.255.255.0 up > bash: ifconfig: command not found > [veryfine:~]# /sbin/ifconfig umlbridge 192.168.0.2 netmask 255.255.255.0 up > [veryfine:~]# /sbin/brctl addif eth0 > Incorrect number of arguments for command > Usage: brctl addif <bridge> <device> add interface to bridge > [veryfine:~]# /sbin/brctl addif umlbridge eth0 > [veryfine:~]# tunctl -u jkreager > Set 'tap0' persistent and owned by uid 500 > [veryfine:~]# /sbin/ifconfig tap0 0.0.0.0 promisc up > [veryfine:~]# /sbin/brctl addif umlbridge tap0 > [veryfine:~]# > > [veryfine:~]# ping 192.168.0.1 > PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. > 64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=2.16 ms > 64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.778 ms > > --- 192.168.0.1 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1000ms > > Start UML > > [veryfine:~/uml/test01]$ linux-2.6.19-rc5 ubd0=Slackware-11-root_fs > eth0=tuntap,tap0 > > Inside Guest > > [EMAIL PROTECTED]:~# ifconfig eth0 192.168.0.3 up > SIOCSIFFLAGS: Permission denied > SIOCSIFFLAGS: Permission denied > [EMAIL PROTECTED]:~# > > Start UML as root > > [veryfine:/home/jkreager/uml/test01]# /home/jkreager/bin/linux-2.6.19-rc5 > ubd0=Slackware-11-root_fs eth0=tuntap,tap0 > > Inside Guest > > [EMAIL PROTECTED]:~# ifconfig eth0 192.168.0.3 up > [EMAIL PROTECTED]:~# ifconfig > eth0 Link encap:Ethernet HWaddr 2A:93:E5:15:4E:B9 > inet addr:192.168.0.3 Bcast:192.168.0.255 Mask:255.255.255.0 > === message truncated === ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ User-mode-linux-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
