如何在 KVM/QEMU 运行时使用 OpenVPN?

tag-icon tag-icon networking openvpn kvm-virtualization qemu
如何在 KVM/QEMU 运行时使用 OpenVPN?

我正在运行 Ubuntu 18.04,在启动 QEMU VM 时无法运行内置 OpenVPN。

启动虚拟机时,我首先允许 docker 转发:

sudo iptables -I FORWARD -i br0 -o br0 -j ACCEPT

然后我开始qemu-system-x86_64

        -netdev type=tap,id=net0,ifname=vmtap0,vhost=on \
        -device virtio-net-pci,netdev=net0,mac=00:16:3e:00:01:0

结果如下ifconfig

$ ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.9.100  netmask 255.255.255.0  broadcast 192.168.9.255
        inet6 fe80::1e1b:dff:fe0a:af13  prefixlen 64  scopeid 0x20<link>
        ether 1c:1b:0d:0a:af:13  txqueuelen 1000  (Ethernet)
        RX packets 14708065  bytes 12863127264 (12.8 GB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6249196  bytes 1392733021 (1.3 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        inet6 fe80::42:e5ff:fe02:b209  prefixlen 64  scopeid 0x20<link>
        ether 02:42:e5:02:b2:09  txqueuelen 0  (Ethernet)
        RX packets 295217  bytes 67796005 (67.7 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 306486  bytes 927997166 (927.9 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp13s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 1c:1b:0d:0a:af:13  txqueuelen 1000  (Ethernet)
        RX packets 30472540  bytes 26078774896 (26.0 GB)
        RX errors 0  dropped 25431  overruns 0  frame 0
        TX packets 10338022  bytes 1848563846 (1.8 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 393157  bytes 178857883 (178.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 393157  bytes 178857883 (178.8 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:ed:91:d2  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vmtap0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::c028:9aff:fe58:22c7  prefixlen 64  scopeid 0x20<link>
        ether c2:28:9a:58:22:c7  txqueuelen 1000  (Ethernet)
        RX packets 3958383  bytes 434402907 (434.4 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9653217  bytes 13133380396 (13.1 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

然后,如果我尝试使用网络管理器打开 VPN 连接,我会收到以下错误:

Oct 28 16:32:27 ubuntuDesktop NetworkManager[1481]: <info>  [1572294747.6958] audit: op="connection-activate" uuid="0a31f86a-30c7-4f34-b47e-006840beee14" name="TEST" pid=12451 uid=385601105 result="fail" reason="Could not find source connection."

如果我随后关闭虚拟机,ifconfig则恢复到:

$ ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.9.100  netmask 255.255.255.0  broadcast 192.168.9.255
        inet6 fe80::1e1b:dff:fe0a:af13  prefixlen 64  scopeid 0x20<link>
        ether 1c:1b:0d:0a:af:13  txqueuelen 1000  (Ethernet)
        RX packets 14712121  bytes 12864137571 (12.8 GB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6251514  bytes 1393401949 (1.3 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        inet6 fe80::42:e5ff:fe02:b209  prefixlen 64  scopeid 0x20<link>
        ether 02:42:e5:02:b2:09  txqueuelen 0  (Ethernet)
        RX packets 295217  bytes 67796005 (67.7 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 306486  bytes 927997166 (927.9 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp13s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 1c:1b:0d:0a:af:13  txqueuelen 1000  (Ethernet)
        RX packets 30476940  bytes 26079980374 (26.0 GB)
        RX errors 0  dropped 25439  overruns 0  frame 0
        TX packets 10340684  bytes 1849271674 (1.8 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  

enx00e04c102162: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.144.101  netmask 255.255.255.0  broadcast 192.168.144.255
        inet6 fe80::ab0d:9782:7036:9a9  prefixlen 64  scopeid 0x20<link>
        ether 00:e0:4c:10:21:62  txqueuelen 1000  (Ethernet)
        RX packets 127  bytes 12808 (12.8 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 182  bytes 20384 (20.3 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 393407  bytes 178885568 (178.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 393407  bytes 178885568 (178.8 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:ed:91:d2  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

VPN 开始在网络管理器中工作。您知道如何在 QEMU 运行时让 VPN 工作吗?

相关内容