Re: [Qemu-devel] Win32 usermode only network possible? [was: multiple VMs]

["John R. Hogerhuis" <jhoger@speakeasy.net>]

[-- Attachment #1: Type: text/plain, Size: 2362 bytes --]

On Wed, 2004-04-07 at 15:16, Joe Batt wrote:
> When NATing, you don't have to match the original source port, so we
> should be able to have a NAT run in a non root mode (if source port <
> 1024, use a different source port).
> 
> Before I spent so much time looking for it today, I would have expected
> that there was a userspace NAT program available (something that spoke
> the TUN stream format perhaps), but I didn't see anything.  (TUN stream
> format would have been cool, because it QEMU already speaks that, but it
> would have been slower.)  I would expect the TCP packet to TCP socket
> mapping to be the hard part.  UDP should be easy.
> 
The problem with just doing a NAT is getting your packets forwarded by
the host OS. Normally with NAT you just patch up the source port/IP,
fixup the checksum and forward the packet out another interface. The
hard part if you want qemu to be able to run userspace only is the
forwarding part. Most OSs don't allow unprivileged raw network access,
and that includes at least Linux and Windows.

So one way or another QEMU must go through Sockets. One way is SLiRP. It
doesn't allow inbound (since there is no packet which appears on the
network indicating some app wants to "listen").

Now SOCKS, or a transparent proxy which replaces sockets would allow
capturing of Listens and thereby allow binding to unprivileged ports if
the user wishes to.

> Wont we also need a customized DHCP server to server up IP addresses and
> DNS servers?
> 
> I would think that the goal is that you can 'qemu -hda somepartition' or
> 'qemu -cdrom someiso' and have a running NATed machine without any host
> configuration.
> 

Even VmWare has a tough time with running off of raw partitions. I've
never gotten it to work. I guess it all depends on what you want to do
with QEMU. My project is to have a zero install Morphix which autoruns
emulated on windows desktop when you pop in the cd. Given that, if I
have to do a little tweaking in Morphix apps, or insert a transparent
proxy its not a big deal. Ideally one wouldn't have to do ANY
configuration of the emulated image, but in my case it's all about
whatever works while giving the user experience I want... what Fabrice
is doing may be sufficient since most apps don't require peer-to-peer
communication anyway.

-- John.

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]