1*d6359e15SPeter Maydell.. _Network_Emulation: 2189c099fSAlex Bennée 3189c099fSAlex BennéeNetwork emulation 4189c099fSAlex Bennée----------------- 5189c099fSAlex Bennée 6189c099fSAlex BennéeQEMU can simulate several network cards (e.g. PCI or ISA cards on the PC 7189c099fSAlex Bennéetarget) and can connect them to a network backend on the host or an 8189c099fSAlex Bennéeemulated hub. The various host network backends can either be used to 9189c099fSAlex Bennéeconnect the NIC of the guest to a real network (e.g. by using a TAP 10189c099fSAlex Bennéedevices or the non-privileged user mode network stack), or to other 11189c099fSAlex Bennéeguest instances running in another QEMU process (e.g. by using the 12189c099fSAlex Bennéesocket host network backend). 13189c099fSAlex Bennée 14189c099fSAlex BennéeUsing TAP network interfaces 15189c099fSAlex Bennée~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 16189c099fSAlex Bennée 17189c099fSAlex BennéeThis is the standard way to connect QEMU to a real network. QEMU adds a 18189c099fSAlex Bennéevirtual network device on your host (called ``tapN``), and you can then 19189c099fSAlex Bennéeconfigure it as if it was a real ethernet card. 20189c099fSAlex Bennée 21189c099fSAlex BennéeLinux host 22189c099fSAlex Bennée^^^^^^^^^^ 23189c099fSAlex Bennée 24189c099fSAlex BennéeAs an example, you can download the ``linux-test-xxx.tar.gz`` archive 25189c099fSAlex Bennéeand copy the script ``qemu-ifup`` in ``/etc`` and configure properly 26189c099fSAlex Bennée``sudo`` so that the command ``ifconfig`` contained in ``qemu-ifup`` can 27189c099fSAlex Bennéebe executed as root. You must verify that your host kernel supports the 28189c099fSAlex BennéeTAP network interfaces: the device ``/dev/net/tun`` must be present. 29189c099fSAlex Bennée 30189c099fSAlex BennéeSee :ref:`sec_005finvocation` to have examples of command 31189c099fSAlex Bennéelines using the TAP network interfaces. 32189c099fSAlex Bennée 33189c099fSAlex BennéeWindows host 34189c099fSAlex Bennée^^^^^^^^^^^^ 35189c099fSAlex Bennée 36189c099fSAlex BennéeThere is a virtual ethernet driver for Windows 2000/XP systems, called 37189c099fSAlex BennéeTAP-Win32. But it is not included in standard QEMU for Windows, so you 38189c099fSAlex Bennéewill need to get it separately. It is part of OpenVPN package, so 39189c099fSAlex Bennéedownload OpenVPN from : https://openvpn.net/. 40189c099fSAlex Bennée 41189c099fSAlex BennéeUsing the user mode network stack 42189c099fSAlex Bennée~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 43189c099fSAlex Bennée 44189c099fSAlex BennéeBy using the option ``-net user`` (default configuration if no ``-net`` 45189c099fSAlex Bennéeoption is specified), QEMU uses a completely user mode network stack 46189c099fSAlex Bennée(you don't need root privilege to use the virtual network). The virtual 47189c099fSAlex Bennéenetwork configuration is the following:: 48189c099fSAlex Bennée 49189c099fSAlex Bennée guest (10.0.2.15) <------> Firewall/DHCP server <-----> Internet 50189c099fSAlex Bennée | (10.0.2.2) 51189c099fSAlex Bennée | 52189c099fSAlex Bennée ----> DNS server (10.0.2.3) 53189c099fSAlex Bennée | 54189c099fSAlex Bennée ----> SMB server (10.0.2.4) 55189c099fSAlex Bennée 56189c099fSAlex BennéeThe QEMU VM behaves as if it was behind a firewall which blocks all 57189c099fSAlex Bennéeincoming connections. You can use a DHCP client to automatically 58189c099fSAlex Bennéeconfigure the network in the QEMU VM. The DHCP server assign addresses 59189c099fSAlex Bennéeto the hosts starting from 10.0.2.15. 60189c099fSAlex Bennée 61189c099fSAlex BennéeIn order to check that the user mode network is working, you can ping 62189c099fSAlex Bennéethe address 10.0.2.2 and verify that you got an address in the range 63189c099fSAlex Bennée10.0.2.x from the QEMU virtual DHCP server. 64189c099fSAlex Bennée 65189c099fSAlex BennéeNote that ICMP traffic in general does not work with user mode 66189c099fSAlex Bennéenetworking. ``ping``, aka. ICMP echo, to the local router (10.0.2.2) 67189c099fSAlex Bennéeshall work, however. If you're using QEMU on Linux >= 3.0, it can use 68189c099fSAlex Bennéeunprivileged ICMP ping sockets to allow ``ping`` to the Internet. The 69189c099fSAlex Bennéehost admin has to set the ping_group_range in order to grant access to 70189c099fSAlex Bennéethose sockets. To allow ping for GID 100 (usually users group):: 71189c099fSAlex Bennée 72189c099fSAlex Bennée echo 100 100 > /proc/sys/net/ipv4/ping_group_range 73189c099fSAlex Bennée 74189c099fSAlex BennéeWhen using the built-in TFTP server, the router is also the TFTP server. 75189c099fSAlex Bennée 76189c099fSAlex BennéeWhen using the ``'-netdev user,hostfwd=...'`` option, TCP or UDP 77189c099fSAlex Bennéeconnections can be redirected from the host to the guest. It allows for 78189c099fSAlex Bennéeexample to redirect X11, telnet or SSH connections. 79189c099fSAlex Bennée 80189c099fSAlex BennéeHubs 81189c099fSAlex Bennée~~~~ 82189c099fSAlex Bennée 83189c099fSAlex BennéeQEMU can simulate several hubs. A hub can be thought of as a virtual 84189c099fSAlex Bennéeconnection between several network devices. These devices can be for 85189c099fSAlex Bennéeexample QEMU virtual ethernet cards or virtual Host ethernet devices 86189c099fSAlex Bennée(TAP devices). You can connect guest NICs or host network backends to 87189c099fSAlex Bennéesuch a hub using the ``-netdev 88189c099fSAlex Bennéehubport`` or ``-nic hubport`` options. The legacy ``-net`` option also 89189c099fSAlex Bennéeconnects the given device to the emulated hub with ID 0 (i.e. the 90189c099fSAlex Bennéedefault hub) unless you specify a netdev with ``-net nic,netdev=xxx`` 91189c099fSAlex Bennéehere. 92189c099fSAlex Bennée 93189c099fSAlex BennéeConnecting emulated networks between QEMU instances 94189c099fSAlex Bennée~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 95189c099fSAlex Bennée 96189c099fSAlex BennéeUsing the ``-netdev socket`` (or ``-nic socket`` or ``-net socket``) 97189c099fSAlex Bennéeoption, it is possible to create emulated networks that span several 98189c099fSAlex BennéeQEMU instances. See the description of the ``-netdev socket`` option in 99189c099fSAlex Bennée:ref:`sec_005finvocation` to have a basic 100189c099fSAlex Bennéeexample. 101