[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Xen host WiFi bridge for guest VMs

  • To: xen-users@xxxxxxxxxxxxx
  • From: "Austin S. Hemmelgarn" <ahferroin7@xxxxxxxxx>
  • Date: Wed, 10 Feb 2016 07:30:29 -0500
  • Delivery-date: Wed, 10 Feb 2016 12:33:01 +0000
  • List-id: Xen user discussion <xen-users.lists.xen.org>

On 2016-02-09 22:54, sm8ax1@xxxxxxxxxxx wrote:
Not sure if you tried, but I've always had to enable "proxy arp" on the
wireless interface (and the bridge possibly) to get routers to accept
packets from the guest. I won't go into detail since there is plenty of
information out there on the topic, but basically its a simple sysctl
parameter, and you may need to tweak your firewall to allow MAC
addresses to be proxied. Note that your bridge (or the host-side of the
virtual adapter) must be assigned an IP in the same subnet as the host's
LAN address. After that it should "just work" like a normal ethernet
bridge. If memory serves, no special guest-side configuration is
necessary. No idea how PEAP might interfere though. YMMV. If you still
can't get it to work I'll try to dig up some notes I took when I set it
up (this was on Arch).

On that note, you may need to configure your wireless adapter in AP mode (or run hostapd). The fact that your wi-fi network requires actual authentication instead of plain encryption may also be interfering, many networks that are configured like that also are picky about stuff like MAC addresses.

I don't have much advice beyond that I can give about bridging, but I can say the manually configured NAT routing that I use works perfectly. Of course, in my case I don't need (and in fact, don't want) external devices to have access to my VM's unless I specifically allow it, which means I only need 3 rules for the basic routing, and 1 for each interface I wish to use for outgoing traffic.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.