[libvirt-users] Port forwarding for KVM

陳韋任 (Wei-Ren Chen) chenwj at iis.sinica.edu.tw
Sat Apr 13 01:42:06 UTC 2013 

Hi Laine,

> Aside from the problem Daniel pointed out in his reply, this is probably the
> *least* desirable way to get this functionality, and should only be used if you
> are unable to use any other network connection type.

  I tried what Daniel told me. But seems there are some problems. At first, I just
want get QEMU (inside the KVM) VNC output, so I redirect 590# port. But nothing
happened. Then I think, "let me try ssh redirect as I want to ssh into the virtual
machine". Here is my qemu option:

  <qemu:commandline>
    <qemu:arg value='-net'/>
    <qemu:arg value='user,hostfwd=tcp:127.0.0.1:2222-:22'/>
  </qemu:commandline>

But it doesn't work neither. No responding from "ssh user at 127.0.0.1 -p 2222".
I don't know what's wrong here.

>     What I am missing here? I also found there was a patch for user mode
>     port forwarding [2]. Does that mean I can write libvirt xml directly
>     to do port forwarding?
> 
> 
> 
> No, that patch "died in committee"; in general it's a good idea, but it needs
> to be done in a way that is useful for all types of interface, not just
> usermode. Unfortunately nobody has had the combination of enough time + enough
> motivation to carry it through.

  Shame, that's a good idea indeed.

>      If so, could someone give me hint on how to
>     write one? The last question is, do I have to change the interface
>     type from "network" to "user" so that I can do port forwarding?
> 
> 
> No, you don't. Please take a look here:
> 
>   http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections
> 
> Alternately (and a simpler solution), you could use a bridged or direct
> (macvtap) network connection for your guest, and then the guest would have an
> IP address directly on the physical network and no need to have any ports
> forwarded.

  I'll try what you suggest, and see if it works. Thanks! :)

Regards,
chenwj

-- 
Wei-Ren Chen (陳韋任)
Computer Systems Lab, Institute of Information Science,
Academia Sinica, Taiwan (R.O.C.)
Tel:886-2-2788-3799 #1667
Homepage: http://people.cs.nctu.edu.tw/~chenwj

More information about the libvirt-users mailing list