Issues with virtual machines/containers and network

[Apacelus]

Apologies for being very vague, the problem is I couldnt really get to the root of the problem. I am not sure if its just my system, but could you/someone else try running any virtual machine with qemu and see if network works?

I am having issues with virtual machine/containers and network. Wifi/Ethernet works fine on the system itself, but when I try creating a vm or a container, they have issues with network.

• Waydroid via an lxc container: I have tried installing waydroid, but I keep getting an issue with networking. The issue is described here, its where lxc tries to create a container but failes because it cant create a network for it(or something like that). I have tried all the possible solutions, but it didnt work.
• Qemu/kvm with virt manager: When creating a virtual machine with network enabled(which it is by default), it fails by saying I'm missing a package. But every package I need is installed and it works fine on my desktop pc(Pop!_OS 22.04) with the same packages installed. The error I'm getting is: libvirt.libvirtError: Unable to create bridge virbr0: Package not installed

One thing that both of these problems have in common, is that some solutions talk about some kernel module or a kernel parameter(I'm not sure which one tho).

[runcros]

libvirt.libvirtError: Unable to create bridge virbr0: Package not installed is due to a lack of kernel support.

[Apacelus]

So there is not fix for it?

[Apacelus]

Would be great if there was a way to run an android vm/container with internet.

[MilkyDeveloper]

This is fixable by changing the kernel config. I'll do it now.

[runcros]

Just to check, these packages are installed ?

• libvirt0
• libvirt-daemon-driver-qemu
• libvirt-daemon-driver-lxc

[Apacelus]

Yes, all these packages are installed on the chromebook

[runcros]

Please also check for all the packages listed here : https://wiki.archlinux.org/title/Libvirt#Server Attach the output of ls /usr/lib/libvirt/

[runcros]

If all package are installed, try also to install this package qemu-block-gluster then check if issue appear again.

[Apacelus]

Ehh, how do I install it? E: Unable to locate package qemu-block-gluster

[runcros]

Try qemu-block-extra

[runcros]

Also send the output of getent group kvm

[Apacelus]

qemu-block-extra was already installed.

$ getent group kvm
kvm:x:109:

[runcros]

You should try this fix https://bbs.archlinux.org/viewtopic.php?pid=1728381#p1728381

If it doesn't work, wait for my pr to be pulled and then update the kernel after the release.

[Apacelus]

The pr just got merged, how do I update the kernel on a non usb install?

[runcros]

A GitHub action to rebuild a kernel is necessary after that you can run updatekernel-on-emmc (it will update your installation !)

Please wait the next Linux kernel release by @MilkyDeveloper

[runcros]

The github action rebuild has finished, you can update the kernel.

[Apacelus]

Updated kernel on internal install, rebooted, tried waydroid and a virtual machine, didnt work. Created a fresh live usb, plugged it in, installed waydroid first, same error. Tried a virtual machine, same thing as before.

[runcros]

Can you replace your /usr/local/bin/updatekernel-on-emmc with the following file (remove .txt) updatekernel-on-emmc.txt It will update your kernel from my repository (I've added others kernel module)

[Apacelus]

Updated, rebooted, same errors

[runcros]

Okay I have added others kernel module (again !) try to update with the previous file. If the problem is still not solved. We should look elsewhere than in the kernel modules

[Apacelus]

No, unfortunately still the same errors

[runcros]

I added all kernel modules needed by KVM so I think the problem is elsewhere.

[dinoswong]

I've updated the latest version of kernel. And I tried to start a 'VM with NAT network' by using command qemu. The guest also cannot access the external network. And I found it missing kernel module ipt_MASQUERADE. Would you include it by default? Thanks.

[runcros]

I've added these module (you can see in the commit : https://github.com/runcros/breath/commit/ada1a1c4b13b5d4b49886cd431dd7aaaef8336fc)

CI will take ~2 hours you can try if it works after the release on my repository. Here is my updatekernel-on-emmc to update from my repo https://github.com/cb-linux/breath/files/8984512/updatekernel-on-emmc.txt

[runcros]

You can update.

[runcros]

Can you give me the exact name of the module it should looks something like this :

CONFIG_AUDIT=y
CONFIG_HAVE_ARCH_AUDITSYSCALL=y
CONFIG_AUDITSYSCALL=y

I don't know what is the time lol I am on GMT+4 the kernel was built 3 hours ago.

[dinoswong]

Sorry, it is my fault. The module has been changed to xt_MASQUERADE. It is included in the new build. My VM can access the external network via NAT. Thanks for help.

[runcros]

@Fornball is it working for you ?

[Apacelus]

No, but the error is different now. For some reason breath is using nftables-legacy instead of the normal ones.

libvirt.libvirtError: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --list-rules: # Warning: iptables-legacy tables present, use iptables-legacy to see them
iptables v1.8.7 (nf_tables): Could not fetch rule set generation id: Invalid argument

Similar issue with waydroid: From the log: iptables v1.8.7 (legacy): unknown option "--checksum-fill" Full log: waydroid.log

[dinoswong]

I've changed the iptables to use the /usr/sbin/iptables-legacy instead of /usr/sbin/iptables-nft . Under ChromeOS, it require to change it too with new version of iptables.

For detailed, please refer to the following link.

https://wiki.nftables.org/wiki-nftables/index.php/Main_Page

[runcros]

@Fornball if the fix works for you too I will add it to docs

[Apacelus]

I've changed the iptables to use the /usr/sbin/iptables-legacy instead of /usr/sbin/iptables-nft . Under ChromeOS, it require to change it too.

How do I do that?

[dinoswong]

I've changed the iptables to use the /usr/sbin/iptables-legacy instead of /usr/sbin/iptables-nft . Under ChromeOS, it require to change it too.

How do I do that?

update-alternatives --config iptables

[Apacelus]

virt manager now gives me this error: libvirt.libvirtError: Unable to open /dev/net/tun, is tun module loaded?: No such device which is supposed to resolve itself by rebooting, but I have rebooted twice now and its still there. I changed the iptables to /usr/sbin/iptables-legacy with the sudo update-alternatives --config iptables command but waydroid still shows the same errors with this iptables v1.8.7 (legacy): unknown option "--checksum-fill" Try `iptables -h' or 'iptables --help' for more information.

[runcros]

virt manager now gives me this error: libvirt.libvirtError: Unable to open /dev/net/tun, is tun module loaded?: No such device which is supposed to resolve itself by rebooting, but I have rebooted twice now and its still there. I changed the iptables to /usr/sbin/iptables-legacy with the sudo update-alternatives --config iptables command but waydroid still shows the same errors with this iptables v1.8.7 (legacy): unknown option "--checksum-fill" Try `iptables -h' or 'iptables --help' for more information.

Have you tried on clean install ?

[dinoswong]

virt manager now gives me this error: libvirt.libvirtError: Unable to open /dev/net/tun, is tun module loaded?: No such device which is supposed to resolve itself by rebooting, but I have rebooted twice now and its still there. I changed the iptables to /usr/sbin/iptables-legacy with the sudo update-alternatives --config iptables command but waydroid still shows the same errors with this iptables v1.8.7 (legacy): unknown option "--checksum-fill" Try `iptables -h' or 'iptables --help' for more information.

It seem you haven't loaded tun module. Please execute the command 'sudo modprobe tun'.

[runcros]

Should work with Breath on UEFI can you test it ? Please join the discord for information about https://discord.gg/WatsaYhXCa

[Apacelus]

Lxc containers still wont start(preventing me from running waydroid)