Closed gerboland closed 7 years ago
Hi -- I think I can spot 2 problems:
as you suspected, port forwarding is done over virtio-vsock. There are 2 parts to this: the control interface is currently a 9P filesystem mount manipulated by vpnkit-expose-port
(although we'll probably replace this with GRPC or similar at some point). Once the port is "exposed" and vpnkit
is listening on the host, incoming connections are forwarded over AF_VSOCK
connections to a server process called vpnkit-forwarder
-- I suspect this will fail to start if the kernel doesn't support the address family.
secondly, I think there's a minor problem in the vpnkit-expose-port
command line. When incoming connections are forwarded, vpnkit
writes a short header telling vpnkit-forwarder
the final destination to connect to which is the container-ip
on the vpnkit-expose-port
command line. So I think you to give it an IP bound inside the VM instead of 0.0.0.0
:
~/vpnkit-expose-port.linux -i -host-ip 127.0.0.1 -host-port 8000 -container-ip 127.0.0.1 -container-port 8000 -no-local-ip
At one point in the past we did support using the internal network for port forwarding but unfortunately that code was removed :(
Another way you could set up access would be a reverse port forward with ssh
-- inside the VM you should be able to ssh <vpnkit gateway IP> -R localhost:8000:127.0.0.1:8000
(if I've remembered the syntax properly). This will connect to the host's sshd
and tell it to listen on localhost:8000
(on the host) and forward connections back to 127.0.0.1:8000
in the VM.
In case it's helpful, recent versions of vpnkit
should respond to DNS queries for docker.for.mac.localhost
with the vpnkit IP. (Although we'll probably have to change the DNS name used since we shouldn't have used localhost
)
Hope this helps a little!
Hey djs55, thank you so much for the info, you've cleared up a lot of for me. Reverse port forwarding sounds like a more flexible solution for my needs. Thanks again! -G
Hi guys, I'm combining vpnkit and hyperkit to boot ubuntu cloud images on my Mac with great success, but I'm hitting a wall with port forwarding. End-goal is to SSH into the VM from the host, but I'm stuck.
I'm doing the following (on OSX 10.12)
I get console access to a perfectly operational VM, which can access the network just fine.
Now I try to configure port forwarding, so inside the VM I do:
But on the host, trying to access that service hangs:
Sometimes I see vpnkit print
I've a couple of questions as a result:
Here are my logs in case they're useful: https://pastebin.ca/3842831 Any tips/tricks to debugging this would be greatly appreciated.
Many thanks in advance -G