Using wireless interface or NAT on the host

[rodyaj]

Hi. Is it possible for an iohyve guest to share the internet connection of a wireless interface on the host? I have read that this is possible by creating a NAT, but it is beyond my experience as to how I would set this up. It would be a nice feature for iohyve to have an inbuilt option for this e.g., for people using laptops as the host to test VMs on the move.

[pr1ntf]

I don't think it is possible to set up an if_bridge(4) device directly to a wireless interface. Everything I have tried thus far has failed on my setup.

You mention NAT, that is what I heard works as well. I think vm-bhyve has some dnsmasq stuff. I've been working on something similar, but with VIMAGE/VNET similar to iocage.

That work was started simply because I want a network of iohyve guests to use the same public IP address. (IPv4 is precious these days) All of my work with that has been with pf but I am trying different methods. I'm also open to ideas on this matter.

[rodyaj]

I'd prefer a pf setup, as I already use it for some iocage jails, but the only material I've found for bhyve discusses using ipfw. This post by Allan Jude seems relevant to using wifi. Also, the personal notes on someones blog discusses public IPv4 addresses. I'm not sure if that is any help to you, because networking goes a bit over my head, to be honest.

[pr1ntf]

Thanks for the info! I'll keep everyone posted on progress in this thread.

Did not mean to close this early

[pr1ntf]

I've made some recent progress getting guests to have internet via WiFi on my laptop.

The solution I found was using pf to set up a NAT. I'll put up a quick how-to on the Wiki this week, but I wouldn't expect iohyve to handle pf rules for a while. There is still a lot of work and testing that needs to be done before iohyve will set up pf rules.

[rodyaj]

Can you detail the pf rules and settings needed in /etc/rc.conf? I did have this working with ipfw and kernel nat (I will share the rules when I get them working again) but for some reason I can't recreate the setup since a fresh install.

[pr1ntf]

I used an old setup I used for testing out VIMAGE stuff. I'm working on a full write up for the wiki, but here's the config files:

/etc/rc.conf

iohyve_enable="YES"
iohyve_flags="kmod=1"

cloned_interfaces="bridge0 tap0"
ifconfig_bridge0="addm wlan0 10.10.123.1/24 up addm tap0"

gateway_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.conf"
pflog_enable="yes"

/etc/pf.conf

pub="192.168.XXX.XXX"
jail_net="10.10.123.00/24"
example_fbsd="10.10.123.10"
example_win="10.10.123.11"
if="wlan0"

set block-policy return
set skip on lo
scrub in

# NAT
nat on $if from $example_fbsd to !$jail_net -> $pub
nat on $if from $example_win to !$jail_net -> $pub

# default
pass out on $if from $pub to any
block in log on $if

[rodyaj]

Ok thanks for the quick response.

[pr1ntf]

:+1:

[pr1ntf]

This has been added to the wiki.

Thanks for the idea!