Wiki Navigation

← Previous Change
Page History
Next Change →

Changes between Version 11 and Version 12 of Automatic_Bridge_Ubuntu

Author:: klaus (IP: 88.79.199.2)
Timestamp:: 2008-01-21 20:12:47 (2 years ago)
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

Automatic_Bridge_Ubuntu

v11	v12
1	1	== HOWTO Automatically configure bridge interfaces on !VirtualBox ==
2	2
3		Version: 0.1[[BR]]
4		Author: Antonio Augusto da Silva (a.k.a. !KhaoticMind)[[BR]]
5		Date: 2007/03/16[[BR]]
	3	NOTE: This page used to describe how to set up bridging with old Ubuntu versions (up to 6.10) and old !VirtualBox versions (up to 1.3.x). As this is no longer useful except for a very small group of users, this information has been removed to avoid problems. Please read the manual about how to set up host interface networking, it contains Ubuntu/Debian-specific descriptions.
6	4
7		NOTE: as of kernel 2.6.18 and later (i.e. with Ubuntu 7.04) this stopped working, as now normal users are no longer allowed to dynamically create TAP devices. See the !VirtualBox user manual for details of how to do this is done in current versions of !VirtualBox (1.4.0 and later).
8
9		= 1. Introduction =
10
11		This is a quick tutorial on how to setup your Linux environment and !VirtualBox,
12		so that it can automatically create network interfaces and put them in bridge
13		when the VM is launched.
14
15		In fact the Vbox User Manual has all the details that you need to accomplish it, but I thought it would be better to give some more "hands on" for you guys ;)
16
17		I've tested this setup in my home computer, running Kubuntu 6.10. I've an ADSL
18		modem to which I connect through my eth0 port. The modem has DHCP, so I get my IP automatically.
19
20		= 1.1 What is bridging anyway? =
21
22		Well... I thought you would already know it (since you are reading this howto).
23		But hey... let me try to give you a brief explanation. Bridging in the sense we
24		are working here, is to configure your computer, so that, some (or all), of the
25		networks it has connected to it will look like they are in fact one single
26		network.
27
28		One example of its use is if you have a notebook that can connect to your home
29		computer through a wireless adapter and the home computer is also connect to the Internet (or to any other network) through a cable. To make the notebook able to access the Internet you have to options: routing(ref 1) and bridging(ref 2). Both solutions will work, but if you do routing only TCP/IP packets will be able to be exchanged (ok, ok, 90% of the world uses TCP/IP but hang with me). On the other hand bridging will give you a lot more of flexibility, since now the notebook will appear is it were direct connect to the other network, just like you. Doing so the notebook can then get its own IP address with DHCP, and you (and anybody on the same network than you) will be able to exchange any packet with the notebook without any problem.
30
31		What happens here is that your computer was turned in a Switch (or a HUB), and
32		simple connects all machines that are connected to it, like you had cables connection every one of them. To do this on linux you create a "virtual" interface, that will be the actual bridge, and simple "plug" all interfaces you
33		want to be connect to it. So what we will do here is configure a single bridge, and say that our network interface (usually eth0), and all network interfaces created by the VMs, will be connected to it.
34
35		= 1.2 Prerequisites =
36
37		Before continuing the first thing you're going to need is make sure you have
38		tunctl and brctl in your machine (the program `VBoxTunctl` is shipped with !VirtualBox starting from version 1.4.0). These are the programs that we will use in the next sections to create our virtual interfaces and our bridge.
39
40		In Ubuntu these two programs are on the uml-utilities and bridge-utils packages, respectively.
41
42		To install these packages issue the following command:
43
44		{{{
45		sudo apt-get install bridge-utils uml-utilities
46		}}}
47
48		= 2. Configuring the bridge =
49
50		Ok, so lets start with the fun ;)
51
52		First of all, lets configure the network setup so that you will have a br0
53		interface at boot, and your network interface (eth0) will be part of it.
54
55		To accomplish this in Ubuntu I've configured my /etc/network/interfaces to look
56		something like this:
57
58		{{{
59		auto br0
60		iface br0 inet dhcp
61		bridge_ports eth0
62
63		auto eth0
64		iface eth0 inet manual
65		}}}
66
67		Quite simple huh? With this setup you should have what we want. To test it
68		immediately run reinitialise the network:
69
70		{{{
71		sudo /etc/init.d/networking restart
72		}}}
73
74		After it finish its job, doing an
75		{{{
76		ifconfig
77		}}}
78		should show you something like this:
79
80		{{{
81		br0 Encapsulamento do Link: Ethernet Endereço de HW 00:11:D8:37:D8:B9
82		inet end.: 192.168.1.2 Bcast:192.168.1.255 Masc:255.255.255.0
83		endereço inet6: fe80::211:d8ff:fe37:d8b9/64 Escopo:Link
84		UP BROADCAST RUNNING MULTICAST MTU:1500 Métrica:1
85		pacotes RX:6973 erros:0 descartados:0 excesso:0 quadro:0
86		Pacotes TX:7301 erros:0 descartados:0 excesso:0 portadora:0
87		colisões:0 txqueuelen:0
88		RX bytes:3557787 (3.3 MiB) TX bytes:932172 (910.3 KiB)
89
90		eth0 Encapsulamento do Link: Ethernet Endereço de HW 00:11:D8:37:D8:B9
91		endereço inet6: fe80::211:d8ff:fe37:d8b9/64 Escopo:Link
92		UP BROADCAST RUNNING MULTICAST MTU:1500 Métrica:1
93		pacotes RX:184453 erros:75 descartados:0 excesso:0 quadro:0
94		Pacotes TX:255573 erros:0 descartados:0 excesso:0 portadora:0
95		colisões:0 txqueuelen:1000
96		RX bytes:23372490 (22.2 MiB) TX bytes:136539269 (130.2 MiB)
97		IRQ:217 Endereço de E/S:0x6000
98		}}}
99
100		Note that br0 is the interface that gets the IP. The eth0 is like a "dummy"
101		interface.
102
103		= 3. Giving the needed access =
104
105		Ok, now we need to give some permissions to devices and files. Note that, as
106		everything involving permissions, there is always some risk involved on it. But
107		hey, its for a good cause!
108
109		= 3.1 /dev/net/tun =
110
111		First things first, to allow VBox to automatically create the virtual interface
112		it needs to have write access to /dev/net/tun. The best way I thought of doing it (without doing a chmod 666), was to change the ownership of the device to the vboxusers group. Since everybody that will run VBox will already be part of that group, this looked like a good solution. After that we need to give write
113		permissions to the members of the group. Following are the commands:
114
115		{{{
116		sudo chown root.vboxusers /dev/net/tun
117		sudo chmod g+rw /dev/net/tun
118		}}}
119
120		= 3.2 ifconfig and brctl =
121
122		Besides that you (optionally) need to setuid in the "ifconfig" and "brtcl"
123		commands. Setuid is necessary on these commands because you need to call them on the script used to configure your network, but they both need to be run as root to do what we want.
124
125		People concerned with this security (like me) would raise an eyebrow with this,
126		since setuids always introduce some risk on the system. In my case I decided the risk was low, and decided to live with it.
127
128		But if you don't want to use setuid below I will show a way to make the bridging work without needing to do setuids (but having to put root password every time you boot/shutdown a VM).
129
130		So, to do the setuid run the following commands:
131
132		{{{
133		chmod +s /sbin/ifconfig
134		chmod +s /usr/sbin/brctl
135		}}}
136
137		= 4. The scripts =
138
139		Now that everything is in place lets configure the scripts that will be called
140		by !VirtualBox every time a VM is turned on/off. I call these scripts tapUP and
141		tapDown, but you can name them whatever you want. The commands i use are the
142		same as described in the !VirtualBox User Manual, with the exception that i don't use
143		sudo (since i did a setuid in ifconfig and brctl).
144
145		TapUP:
146		{{{
147		#!/bin/sh
148		/sbin/ifconfig $2 up
149		/usr/sbin/brctl addif br0 $2
150		}}}
151
152		!TapDown:
153		{{{
154		#!/bin/sh
155		/usr/sbin/brctl delif br0 $2
156		}}}
157
158		If you decided to not do the setuid in step 3.2, you can use kdesu (for
159		example), to ask root password when running these commands. The files would look something like this:
160
161		TapUP:
162		{{{
163		#!/bin/sh
164		kdesu "/sbin/ifconfig $2 up && /usr/sbin/brctl addif br0 $2"
165		}}}
166
167		!TapDown:
168		{{{
169		#!/bin/sh
170		kdesu /usr/sbin/brctl delif br0 $2
171		}}}
172
173		I put both command between commas and use the "&&" so that it asks for the
174		password only once.
175
176		= 5. Wrapping it up =
177
178		Well, thats it! Quite easy huh? Now all you need to do is create and virtual machine, go on its "Network" options, change the "Attached to" to "Host Interface", give the Interface a name (each machine should use a different interface!), and point the "Startup Application" and "Terminate Application", to your TapUP and !TapDown files.
179
180		I've tested it with a Windows guest, and everything worked like a charm.
181
182		= 6. Thanks =
183
184		= 7. Changelog =
	5	= Changelog =
185	6
186	7	0.1 -> Initial version[[BR]]
187	8	0.2 -> wikified it a bit more and added the note about Ubuntu 7.04 (klaus)[[BR]]
188
189		= 8. References =
190
191		[1] http://en.wikipedia.org/wiki/Routing [[BR]]
192		[2] http://en.wikipedia.org/wiki/Bridging_%28networking%29
	9	0.3 -> removed the main contents of the page (klaus)[[BR]]