How to configure bridged networking

Question

How to configure bridged networking

Closed this issue 2 years ago · 2 comments

When booting a VM with Enable network, the VM uses the DHCP mode by default. The underlying cli to launch this VM seems like this:

panda-system-x86_64 -m 1024M -hda /home/user/VMs/Windows7_x64.qcow2.snapshots/root2.qcow2 
    -usbdevice tablet -chardev socket,path=/tmp/2022-11-14T173415.896061+0800.sock,server,nowait,id=monsock 
    -monitor chardev:monsock 
    -net nic -net user,id=mynet0,net=10.0.2.0/24,dhcpstart=10.0.2.15 
    -vnc 127.0.0.1:10,password=off

I wonder how to configure the VM in other common networking settings, like bridged networking, so that it can be accessed by other hosts on the same network segment as the REVEN server.

Host Environment

REVEN Version: v2.11.0
REVEN Edition: Free Edition
REVEN Package: native Debian package with a Debian 10 buster 10.13 on a bare metal machine

Answer 1 · 2022-11-15T10:11:42.000Z

Hello renzhexigua,
On enabling Host -> Guest communication, it depends on what you want to do.

By far the simplest method is to map ports from the host to the guest, so that accessing the host's port will instead point to the guest's:

Uncheck Network in the project manager (because we specify our own options below)
Use the Override custom options to fill in the options -net nic -net user,id=mynet0,net=10.0.2.0/24,dhcpstart=10.0.2.15,hostfwd=tcp::8080-:80 to map, for example, local port 8080 to guest port 80.
You should be able to reuse live snapshots that were created with the "Network" option enabled, as this custom option creates similar virtual hardware.

If you need to go the full bridge route, you will need to create that bridge on the system first. I found that the gist at https://gist.github.com/extremecoders-re/e8fd8a67a515fee0c873dcafc81d811c provides an effective starting point, however if that does not work as-is for your system you will have to dig a bit deeper into debian's documentation.

A few REVEN-specific notes about the above guide:

the tap interface should be owned by the user REVEN is running on (usually reven), so that QEMU does not need to be root to run: tunctl -t tap0 -u reven
the -netdev ... and -device... options specified must be placed in the same Override custom options field mentionned above
Setting this option will require starting the VM and recreating a live snapshot, since the hardware option have changed.

In both situations, if the VM fails to start, you may have entered invalid options, so check the logs: in the Task & Sessions section, click on see all under Active Sessions, locate the upper-most stopped VM session, and click on the Details button.

Hope this helps.

Answer 2 · 2022-11-15T11:51:32.000Z

Thank you for your tips, and I'll give it a try :)