From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1N63Wa-0007vi-J2
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 09:41:20 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1N63WW-0007te-Vk
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 09:41:20 -0500
Received: from [199.232.76.173] (port=48478 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1N63WW-0007tW-Lh
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 09:41:16 -0500
Received: from mx1.redhat.com ([209.132.183.28]:28787)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <avi@redhat.com>) id 1N63WW-0007iJ-04
	for qemu-devel@nongnu.org; Thu, 05 Nov 2009 09:41:16 -0500
Message-ID: <4AF2E407.9000809@redhat.com>
Date: Thu, 05 Nov 2009 16:41:11 +0200
From: Avi Kivity <avi@redhat.com>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH 4/4] Add support for -net bridge
References: <1257294485-27015-1-git-send-email-aliguori@us.ibm.com>
	<1257294485-27015-5-git-send-email-aliguori@us.ibm.com>
In-Reply-To: <1257294485-27015-5-git-send-email-aliguori@us.ibm.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Mark McLoughlin <markmc@redhat.com>, Arnd Bergmann <arndbergmann@googlemail.com>, Dustin Kirkland <kirkland@canonical.com>, Michael Tsirkin <mst@redhat.com>, Juan Quintela <quintela@redhat.com>, qemu-devel@nongnu.org

On 11/04/2009 02:28 AM, Anthony Liguori wrote:
> The most common use of -net tap is to connect a tap device to a bridge.  This
> requires the use of a script and running qemu as root in order to allocate a
> tap device to pass to the script.
>
> This model is great for portability and flexibility but it's incredibly
> difficult to eliminate the need to run qemu as root.  The only really viable
> mechanism is to use tunctl to create a tap device, attach it to a bridge as
> root, and then hand that tap device to qemu.  The problem with this mechanism
> is that it requires administrator intervention whenever a user wants to create
> a guest.
>
> By essentially writing a helper that implements the most common qemu-ifup
> script that can be safely given cap_net_admin, we can dramatically simplify
> things for non-privileged users.  We still support -net tap as a mechanism
> for advanced users and backwards compatibility.
>
> Currently, this is very Linux centric but there's really no reason why it
> couldn't be extended for other Unixes.
>
> A typical invocation of -net bridge would be:
>
>    qemu -net bridge -net nic,model=virtio
>
> The default bridge that we attach to is qemubr0.  The thinking is that a distro
> could preconfigure such an interface to allow out-of-the-box bridged networking.
>
> Alternatively, if a user wants to use a different bridge, they can say:
>
>    qemu -net bridge,br=br0 -net nic,model=virtio
>
>
> +int net_init_bridge(QemuOpts *opts, Monitor *mon, const char *name, VLANState *vlan);
> +
>    

Don't we need to tear the interface down after shutdown?

-- 
error compiling committee.c: too many arguments to function