I had just a few requirements:
- I wanted to record the traffic to pcap files for wireshark analysis. This is essential for diagnosing PXE failures and for understanding exactly what's going on.
- I needed to add and remove machines easily without changing the configuration on the other virtual machines.
- I wanted it to be easy. No root access, no messing with bridging or tun/tap interfaces.
QEMU Networking
QEMU has a few handy features which make this really easy. For the full story check out the QEMU Networking page that Mark McLoughlin put together.
Multicast networks allow multiple VMs to communicate with each other just like if they were all connected to a single hub. Any ethernet frame sent to the network interface on one machine gets sent to all other machines.
-net socket,mcast=239.255.0.1:1234
The second feature is the "dump" network type which will dump any packet to a file.
-net dump,file=log.pcap
Because the multicast "hub" sends all frames to all virtual machines you only need to use the "-net dump" on one of the machines and you will capture all packets.
Launching the VMs
Launch the first machine like this:
$ qemu -hda one.img -net nic -net socket,mcast=239.255.0.1:1234 -net dump,file=log.pcap
And all other machines like this:
$ qemu -hda two.img -net nic -net socket,mcast=239.255.0.1:1234
Multiple NICs
If you have more than one network interface on a machine, you must use the "vlan" option to make sure the options are applied to the correct interface.
If I wanted a gateway VM with eth0 connected through the host to the internet, and eth1 connected to all other virtual machines, it would be launched like this:
$ qemu -hda one.img -net nic,vlan=0 -net user,vlan=0 -net nic,vlan=1 -net socket,vlan=1,mcast=239.255.0.1:1234 -net dump,vlan=1,file=log.pcap
Live capture in Wireshark
If you'd like to see the packet capture in realtime you can use mkfifo to create a FIFO to stream the packets into wireshark's live capture display. Set it up like this:
$ mkfio live.pcap $ wireshark -k -i live.pcap & $ qemu -hda one.img -net nic -net socket,mcast=239.255.0.1:1234 -net dump,file=live.pcap
Enjoy!
Hi! That is the finish of this post. I generally use virtualbox but for this project I decided to QEMU.Cephx is an easy to use, cloud-based system that provides Orthodontists and Dentists with accurate Cephalometric analyses and convenient image storage. cephalometric angles
ReplyDeleteHi, Great.. Tutorial is just awesome..It is really helpful for a newbie like me.. I am a regular follower of your blog. Really very informative post you shared here. Kindly keep blogging. If anyone wants to become a .Net developer learn from .Net Training in Chennai. or learn thru ASP.NET Essential Training Online
DeleteUsed your hints in my work with electronic data room . Waiting for new articles from you.
ReplyDeleteps. followed
it's really nice and meanful. it's really cool blog. Linking is very useful thing.you have really helped lots of people who visit blog and provide them usefull information.
ReplyDeletemason soiza
It proved to be Very helpful to me and I am sure to all the commentators here!
ReplyDeleteMason Soiza
Great Article
ReplyDeleteNetwork Security Projects for CSE
Project Centers in Chennai
JavaScript Training in Chennai
JavaScript Training in Chennai
Keeps an eye on can likewise rely upon correspondences channels of moderate to high information rates.Experts Network
ReplyDelete