{"id":303,"date":"2018-06-05T21:04:23","date_gmt":"2018-06-05T21:04:23","guid":{"rendered":"http:\/\/thomas.goirand.fr\/blog\/?p=303"},"modified":"2018-06-05T21:11:34","modified_gmt":"2018-06-05T21:11:34","slug":"using-a-dummy-network-interface","status":"publish","type":"post","link":"http:\/\/thomas.goirand.fr\/blog\/?p=303","title":{"rendered":"Using a dummy network interface"},"content":{"rendered":"<p>For a long time, I\u2019ve been very much annoyed by network setups on virtual machines. Either you choose a bridge interface (which is very easy with something like Virtualbox), or you choose NAT. The issue with NAT is that you can\u2019t easily get into your VM (for example, virtualbox doesn\u2019t exposes the gateway to your VM). With bridging, you\u2019re getting in trouble because your VM will attempt to get DHCP from the outside network, which means that first, you\u2019ll get a different IP depending on where your laptop runs, and second, the external server may refuse your VM because it\u2019s not authenticated (for example because of a MAC address filter, or 802.11x auth).<\/p>\n<p>But there\u2019s a solution to it. I\u2019m now very happy with my network setup, which is using a dummy network interface. Let me share how it works.<\/p>\n<p>In the modern Linux kernel, there\u2019s \u201cfake\u201d network interface through a module called \u201cdummy\u201d. To add such an interface, simply load the kernel module (ie: \u201cmodprobe dummy\u201d) and start playing. Then you can bridge that interface, and tap it, then plug your VM to it. Since the dummy interface is really living in your computer, you do have access to this internal network with a route to it.<\/p>\n<p>I&#8217;m using this setup for connecting both KVM and Virtualbox VMs, you can even mix both. For Virtualbox, simply use the dropdown list for the bridge. For KVM, use something like this in the command line: -device e1000,netdev=net0,mac=08:00:27:06:CF:CF -netdev tap,id=net0,ifname=mytap0,script=no,downscript=no<\/p>\n<p>Here\u2019s a simple script to set that up, with on top, masquerading for both ip4 and ipv6:<\/p>\n<pre class=\"brush:shell\"># Load the dummy interface module\r\nmodprobe dummy\r\n\r\n# Create a dummy interface called mynic0\r\nip link set name mynic0 dev dummy0\r\n\r\n# Set its MAC address\r\nifconfig mynic0 hw ether 00:22:22:dd:ee:ff\r\n\r\n# Add a tap device\r\nip tuntap add dev mytap0 mode tap user root\r\n\r\n# Create a bridge, and bridge to it mynic0 and mytap0\r\nbrctl addbr mybr0\r\nbrctl addif mybr0 mynic0\r\nbrctl addif mybr0 mytap0\r\n\r\n# Set an IP addresses to the bridge\r\nifconfig mybr0 192.168.100.1 netmask 255.255.255.0 up\r\nip addr add fd5d:12c9:2201:1::1\/24 dev mybr0\r\n\r\n# Make sure all interfaces are up\r\nip link set mybr0 up\r\nip link set mynic0 up\r\nip link set mytap0 up\r\n\r\n# Set basic masquerading for both ipv4 and 6\r\niptables -I FORWARD -j ACCEPT\r\niptables -t nat -I POSTROUTING -s 192.168.100.0\/24 -j MASQUERADE\r\nip6tables -I FORWARD -j ACCEPT\r\nip6tables -t nat -I POSTROUTING -s fd5d:12c9:2201:1::\/64 -j MASQUERADE\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>For a long time, I\u2019ve been very much annoyed by network setups on virtual machines. Either you choose a bridge interface (which is very easy with something like Virtualbox), or you choose NAT. The issue with NAT is that you can\u2019t easily get into your VM (for example, virtualbox doesn\u2019t exposes the gateway to your [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=\/wp\/v2\/posts\/303"}],"collection":[{"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=303"}],"version-history":[{"count":3,"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=\/wp\/v2\/posts\/303\/revisions"}],"predecessor-version":[{"id":306,"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=\/wp\/v2\/posts\/303\/revisions\/306"}],"wp:attachment":[{"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=303"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/thomas.goirand.fr\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}