I have a debian-linux host running a windows vm with qemu. As network setup I have one eno1 interface which connects the linux host to the internet, an tap_inet for qemu for internet access and on bridge br_inet linking those two. With this setup and the qemu command with one network card
qemu -netdev tap,ifname=tap_inet,id=n1 -device e1000,netdev=n1,mac=00.00.00.00.00.04...
everything works find and in the vm I get an address from the router. ipconfig when started:
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br_inet state UP group default qlen 1000
link/ether 70:71:bc:6b:f4:b2 brd ff:ff:ff:ff:ff:ff
3: br_inet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 70:71:bc:6b:f4:b2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.206/24 brd 192.168.1.255 scope global dynamic br_inet
valid_lft 43031sec preferred_lft 43031sec
4: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/ether d2:b4:67:6e:b6:7e brd ff:ff:ff:ff:ff:ff
inet 172.16.17.2/24 brd 172.16.17.255 scope global tap0
valid_lft forever preferred_lft forever
The goal was to attach a network card to qemu to interface with an openvpn network. On the linux host I have an working openvpn client with the network adapter tap0. But when starting qemu with two network cards
qemu -netdev tap,ifname=tap_inet,id=n1 -device e1000,netdev=n1,mac=00.00.00.00.00.04 -netdev tap,ifname=tap_ovpn,id=n2 -device e1000,netdev=n2,mac=00.00.00.00.00.08...)
the tap_ovpn which I intended to bridge with tap0 gets automatically bridged with br_inet, which I have confirmed with brctl show.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br_inet state UP group default qlen 1000
link/ether 70:71:bc:6b:f4:b2 brd ff:ff:ff:ff:ff:ff
3: br_inet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 70:71:bc:6b:f4:b2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.206/24 brd 192.168.1.255 scope global dynamic br_inet
valid_lft 42810sec preferred_lft 42810sec
4: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/ether d2:b4:67:6e:b6:7e brd ff:ff:ff:ff:ff:ff
inet 172.16.17.2/24 brd 172.16.17.255 scope global tap0
valid_lft forever preferred_lft forever
5: tap_inet: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br_inet state UNKNOWN group default qlen 1000
link/ether 86:5f:c1:2f:f1:2b brd ff:ff:ff:ff:ff:ff
6: tap_ovpn: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br_inet state UNKNOWN group default qlen 1000
link/ether 76:d1:46:d5:74:e7 brd ff:ff:ff:ff:ff:ff
According to https://www.qemu.org/2018/05/31/nic-parameter/ this should not happen. The networks should not be bridged like with the old -net nic command. But all of the network interfaces created by qemu get automatically asigned to the bridge br_inet.
I think the openvpn config is correct, on the linux server I have an tap0 interface with an static ip 172.16.17.2 as client in my openvpn network. In the client specific configuration file I have added iroute 172.16.17.3 255.255.255.255 to the file for the linux server, to pass requests to this client and forward them to the vm.
Then I planned to bridge the tap0 interface 172.16.17.2 with the tap_ovpn interface of the vm 172.16.17.3 to forward the packets to the windows guest.
Can I directly use the tap0 openvpn interface for qemu? How can I avois that qemu automatially asigns the net tap interfaces to the bridge br_inet?
