From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48677) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bcyeY-0002Eg-5A for qemu-devel@nongnu.org; Thu, 25 Aug 2016 13:41:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bcyeT-0007IE-Vq for qemu-devel@nongnu.org; Thu, 25 Aug 2016 13:41:22 -0400 Received: from mx1.redhat.com ([209.132.183.28]:33066) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bcyeT-0007I2-Qx for qemu-devel@nongnu.org; Thu, 25 Aug 2016 13:41:17 -0400 Date: Thu, 25 Aug 2016 18:41:13 +0100 From: "Dr. David Alan Gilbert" Message-ID: <20160825174112.GA2019@work-vm> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] QEMU IP Address Accessibility List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Joey Connelly Cc: qemu-devel@nongnu.org * Joey Connelly (joeyconnelly@u.boisestate.edu) wrote: > Hey QEMU devs team, >=20 > I'm a CS graduate student working on Virtual Machine Software Security > research at Boise State University. I was hoping I could have a few min= utes > of your time to ask a few simple QEMU specific questions. >=20 > *[1.]* When creating a QEMU process, you can set the VM=E2=80=99s IP ad= dress when > created right? There are a few different ways of setting QEMUs networking up, with diffe= rent answers to your questions. The basic one (unless you specify anything else) is 'user mode' or 'SLIRP= ' which is a form of NAT, and it gives the answers of: 1) Yes you can - see the manpage under -net user and in particular the= net=3D option 2) No - not visible from the host directly but you can do specific por= t forwarding, see the hostfwd=3D option 3) No, not visible to a 3rd party host So that's all rather restricted. But that's only the basic version - you can set qemu up to connect the emulated network device to the real network of your host; this is a bit more complex to setup, but then the answers are: 1) No, you can't set the IP address with qemu, it just gets out of the= way and passes L2 packets around; it's then up to some other layer to setup IP (e.g. NAT on the host or your real networks DHCP server) 2) Yes it's accessible from the host (assuming you're not using macvta= p) 3) And yes it's accessible from a 3rd party host. For this see the tap and bridge options in the manpage. They can be a bit tricky to setup depending what exactly you want to do; If you have libvirt setup on your host it can do a lot of that (with appropriate nat/firewalling/etc) for you. Dave >=20 >=20 >=20 > *[2.]* Once a VM has been created with QEMU is its IP address accessibl= e > from the host machine? And if so, could you help me construct a valid > command that would access its IP address? >=20 >=20 >=20 > *[3.]* Is it accessible from a third party machine? And if so, could yo= u > help me construct a valid command that would access its IP address? >=20 >=20 >=20 >=20 >=20 > Thanks, >=20 > -Joey -- Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK