The Linux kernel-based virtual machine (KVM) is a great way for virtualization on computers running Linux. It requires virtualization support by the host processor (most modern x86 CPUs have this) and a kernel module. The kernel module can be built from the KVM sources.
Unfortunately, compiling the module on the IBM Open Client 2.2 distribution doesn’t work out of the box. Instead, a patch is required. The patch is an extended version of this commit to the KVM repository and applies against the KVM-70 release tar ball.
The KVM networking documentation lists brctl(8) and tunctl(8) as requirements for a bridge between the host and the guest. On the Open Client distribution, the brctl utility is part of the bridge-utils package whereas the tunctl tool is part of uml-utils – on other distributions, that is. However, there is a Fedora Core 9 package available which seems to work.
Before starting the KVM guest, make sure that the tun kernel module is loaded. These are the steps I use to start the guest:
$ sudo modprobe tun $ MACADDR=`genmac` $ sudo qemu-system-x86_64 -hda freebsd-7.0.img -net nic,macaddr=$MACADDR -net tap,script=qemu-ifup
Note that the genmac and qemu-ifup scripts are the examples from the KVM documentation.
NAT on the bridge
Because I cannot put the KVM guest on the host network, I need to do NAT on the host. I’ve found this quick tutorial on NAT with iptables. The four steps are:
# echo 1 > /proc/sys/net/ipv4/ip_forward # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # iptables -A FORWARD -i eth0 -o tap0 -m state --state RELATED,ESTABLISHED -j ACCEPT # iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT
Also, make sure the tap0 interface has an IP address:
$ sudo ifconfig tap0 192.168.0.1/24