Made on IRCNow

Commit Diff

Commit:: 04e3c6ea9b2aaf7d4d1c14da5db46822a1b9f5d9
From:: jrmu <jrmu@ircnow.org>
Date:: Sun Jun 16 04:00:51 2024 UTC
Message:: Daily backup
Actions:: Patch | Tree
commit - 949b5626c8c4b8fe81de932793d4c55a34a15a5f
commit + 04e3c6ea9b2aaf7d4d1c14da5db46822a1b9f5d9
blob - /dev/null
blob + 48c0fae2508edc91b30c575e539f48c758f2b0db (mode 644)
--- /dev/null
+++ wiki.d/Ifconfig.Vlan
@@ -0,0 +1,19 @@
+version=pmwiki-2.3.20 ordered=1 urlencoded=1
+agent=w3m/0.5.3+git20230121
+author=jrmu
+charset=UTF-8
+csum=
+ctime=1718401999
+host=104.167.242.140
+name=Ifconfig.Vlan
+rev=2
+targets=
+text=(:title Configuring vlans:)%0a%0aTo tag a packet with virtual network identifier:%0a%0a[@%0a# cat /etc/hostname.if0%0aup%0a# cat /etc/hostname.vlan0%0avnetid 100 parent if0%0ainet 10.0.5.2 0xffffff00%0aup%0a@]%0a%0aReplace if0 with the interface, such as vio0 for [[https://man.openbsd.org/virto.4|virtio(4)]].%0a
+time=1718402143
+title=Configuring vlans
+author:1718402143=jrmu
+diff:1718402143:1718401999:=9c9%0a%3c vnetid 100 parent if0%0a---%0a> vnetid 100 parent vio0%0a13,14d12%0a%3c %0a%3c Replace if0 with the interface, such as vio0 for [[https://man.openbsd.org/virto.4|virtio(4)]].%0a
+host:1718402143=104.167.242.140
+author:1718401999=jrmu
+diff:1718401999:1718401999:=1,12d0%0a%3c (:title Configuring vlans:)%0a%3c %0a%3c To tag a packet with virtual network identifier:%0a%3c %0a%3c [@%0a%3c # cat /etc/hostname.if0%0a%3c up%0a%3c # cat /etc/hostname.vlan0%0a%3c vnetid 100 parent vio0%0a%3c inet 10.0.5.2 0xffffff00%0a%3c up%0a%3c @]%0a
+host:1718401999=104.167.242.140
blob - /dev/null
blob + 6ef45a913aab0fc85dfcce016a9d32dcdbd45cd5 (mode 644)
--- /dev/null
+++ wiki.d/Nat.Configure
@@ -0,0 +1,25 @@
+version=pmwiki-2.3.20 ordered=1 urlencoded=1
+agent=w3m/0.5.3+git20230121
+author=jrmu
+charset=UTF-8
+csum=
+ctime=1718396087
+host=104.167.242.140
+name=Nat.Configure
+rev=4
+targets=Nat.Intro,Vmm.Configure
+text=(:title Configure NAT inside VMM:)%0a%0a[[nat/intro|Network address translation]] can be configured for virtual%0amachines run inside [[vmm/configure|vmm]].%0a%0aIn the hypervisor, we add this line inside /etc/pf.conf:%0a%0a[@%0amatch out on egress from !(egress:network) to any nat-to (egress:0)%0a@]%0a%0aThis rule matches packets that leave out on the egress (any interface that%0acan reach the default route). It applies only to packets that come from a%0anetwork that doesn't match the egress's network. If those conditions are met,%0awe automatically perform NAT to the non-aliased IP address of egress.%0a%0aWe configure the proper interfaces:%0a%0a[@%0a# cat /etc/hostname.veb0%0aadd tap0%0aadd vport0%0alink1%0a# cat /etc/hostname.vport0%0ainet 10.0.5.1 0xffffff00%0aup%0a# cat /etc/vm.conf%0asocket owner :vmdusers%0a%0aswitch "switch0" {%0a    locked lladdr%0a    interface veb0%0a}%0a%0absdiso="/home/iso/install75.iso"%0a%0avm "user" {%0a    owner user%0a    memory 2G%0a    cdrom $bsdiso%0a    disk /home/user/user.qcow2 format qcow2%0a    interface tap0 { %0a        locked lladdr ab:cd:ef:01:23:45%0a        switch "switch0"%0a    }%0a}%0a@]%0a%0aIn the virtual machine:%0a%0a[@%0a$ cat /etc/hostname.vio0%0ainet 10.0.5.2 0xffffff00%0aup%0a@]%0a
+time=1718397660
+title=Configure NAT inside VMM
+author:1718397660=jrmu
+diff:1718397660:1718397289:=11,15d10%0a%3c %0a%3c This rule matches packets that leave out on the egress (any interface that%0a%3c can reach the default route). It applies only to packets that come from a%0a%3c network that doesn't match the egress's network. If those conditions are met,%0a%3c we automatically perform NAT to the non-aliased IP address of egress.%0a
+host:1718397660=104.167.242.140
+author:1718397289=jrmu
+diff:1718397289:1718396375:=6,7c6,9%0a%3c In the hypervisor, we add this line inside /etc/pf.conf:%0a%3c %0a---%0a> On the hypervisor:%0a> %0a> Inside /etc/pf.conf we add this line:%0a> %0a11,12d12%0a%3c %0a%3c We configure the proper interfaces:%0a
+host:1718397289=104.167.242.140
+author:1718396375=jrmu
+diff:1718396375:1718396087:=11c11,12%0a%3c match out on egress from !(egress:network) to any nat-to (egress:0)%0a---%0a> match out on egress from 10.0.0.0/8 to any nat-to (em1)%0a> match out on tap1 from 10.0.0.0/8 to any nat-to (em1)%0a
+host:1718396375=104.167.242.140
+author:1718396087=jrmu
+diff:1718396087:1718396087:=1,51d0%0a%3c (:title Configure NAT inside VMM:)%0a%3c %0a%3c [[nat/intro|Network address translation]] can be configured for virtual%0a%3c machines run inside [[vmm/configure|vmm]].%0a%3c %0a%3c On the hypervisor:%0a%3c %0a%3c Inside /etc/pf.conf we add this line:%0a%3c %0a%3c [@%0a%3c match out on egress from 10.0.0.0/8 to any nat-to (em1)%0a%3c match out on tap1 from 10.0.0.0/8 to any nat-to (em1)%0a%3c @]%0a%3c %0a%3c [@%0a%3c # cat /etc/hostname.veb0%0a%3c add tap0%0a%3c add vport0%0a%3c link1%0a%3c # cat /etc/hostname.vport0%0a%3c inet 10.0.5.1 0xffffff00%0a%3c up%0a%3c # cat /etc/vm.conf%0a%3c socket owner :vmdusers%0a%3c %0a%3c switch "switch0" {%0a%3c     locked lladdr%0a%3c     interface veb0%0a%3c }%0a%3c %0a%3c bsdiso="/home/iso/install75.iso"%0a%3c %0a%3c vm "user" {%0a%3c     owner user%0a%3c     memory 2G%0a%3c     cdrom $bsdiso%0a%3c     disk /home/user/user.qcow2 format qcow2%0a%3c     interface tap0 { %0a%3c         locked lladdr ab:cd:ef:01:23:45%0a%3c         switch "switch0"%0a%3c     }%0a%3c }%0a%3c @]%0a%3c %0a%3c In the virtual machine:%0a%3c %0a%3c [@%0a%3c $ cat /etc/hostname.vio0%0a%3c inet 10.0.5.2 0xffffff00%0a%3c up%0a%3c @]%0a
+host:1718396087=104.167.242.140
blob - /dev/null
blob + 3ad8a32e8f4a6c58770dd98356d66b064bdb68a5 (mode 644)
--- /dev/null
+++ wiki.d/Nat.RecentChanges
@@ -0,0 +1,9 @@
+version=pmwiki-2.3.20 ordered=1 urlencoded=1
+agent=w3m/0.5.3+git20230121
+charset=UTF-8
+ctime=1718396087
+host=104.167.242.140
+name=Nat.RecentChanges
+rev=4
+text=* [[Nat/Configure]]  . . . @2024-06-14T20:41:00Z by [[~jrmu]]: [==]%0a
+time=1718397660