Is this possible?

D

Domino

Active Member
May 17, 2020
32
8
28
56
Host nic is not being used, no IP assigned etc etc.

Would like to assign that nic to a guest where the guest retains the 'mac' address of the host nic, so that all traffic goes to the guest and back out of course. My problem is that MAC spoofing cannot be enabled on my environment due to hard limitations, thus need a workaround.

Basically like the good old mac-clone functionality.

I can't do nic hardware passthrough via VFIO or even SR-IOV unfortunately.

Someone mentioned macvtap in the forums, but as far as I can see, Proxmox devs show no interest in implementing that QEMU functionality.

Anyhow, if there is a solution to my goal, please do tell...
 
Proxmox team, please can you add macvtap to the networking options for guests? it has been asked for across the years numerous times, but it has resulted in total silence. It can't even be implemented by manually tweaking the guest config file via the args.... really really unfortunate. It is such a powerful networking facility that has been in QEMU for a while and all it takes is just a few lines of code no?

At the moment I have to do this completely outside of the proxmox UI:

First:
# ip link add link eth2 name macvtap0 type macvtap mode passthru
(where eth2 is the interface that I would like to passthru)

Then:
# ip link set macvtap0 mtu 9000 up
(where we start it up, and if needed set the mtu at the same time)

Right, so thats the macvtap up and running.

Then I start the vm up with:
(basically grab the whole commandline via 'ps axwww | grep kvm' and then remove the bridge networking config and simply add in a few words for the macvtap)

# /usr/bin/kvm -id 100 -name test,debug-threads=on -no-shutdown -chardev socket,id=qmp,path=/var/run/qemu-server/100.qmp,server=on,wait=off -mon chardev=qmp,mode=control -chardev socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5 -mon chardev=qmp-event,mode=control -pidfile /var/run/qemu-server/100.pid -daemonize -smbios type=1,uuid=eeea2751-aaa8-sss5-yyy8-b8d6d7822491 -drive if=pflash,unit=0,format=raw,readonly=on,file=/usr/share/pve-edk2-firmware//OVMF_CODE_4M.secboot.fd -drive if=pflash,unit=1,id=drive-efidisk0,format=raw,file=/dev/Virtual-Store/vm-100-disk-0,size=540672 -smp 2,sockets=1,cores=2,maxcpus=2 -nodefaults -boot menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg -vnc unix:/var/run/qemu-server/100.vnc,password=on -cpu host,+kvm_pv_eoi,+kvm_pv_unhalt -m 2048 -device intel-iommu,intremap=on,caching-mode=on -readconfig /usr/share/qemu-server/pve-q35-4.0.cfg -device vmgenid,guid=eee171ed-aaa7-sss6-yyyb-d37814528042 -device usb-tablet,id=tablet,bus=ehci.0,port=1 -device VGA,id=vga,bus=pcie.0,addr=0x3 -chardev socket,path=/var/run/qemu-server/100.qga,server=on,wait=off,id=qga0 -device virtio-serial,id=qga0,bus=pci.0,addr=0x8 -device virtserialport,chardev=qga0,name=org.qemu.guest_agent.0 -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0,max-bytes=1024,period=1000,bus=pci.1,addr=0x1d -iscsi initiator-name=iqn.1993-08.org.debian:01:130a42cb53f -drive file=/var/lib/vz/template/iso/ubuntu-24.04.1-live-server-amd64.iso,if=none,id=drive-ide2,media=cdrom,aio=io_uring -device ide-cd,bus=ide.1,unit=0,drive=drive-ide2,id=ide2,bootindex=101 -device virtio-scsi-pci,id=scsihw0,bus=pci.0,addr=0x5 -drive file=/dev/Virtual-Store/vm-100-disk-1,if=none,id=drive-scsi0,cache=writeback,aio=threads,format=raw,detect-zeroes=on -device scsi-hd,bus=scsihw0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0,id=scsi0,rotation_rate=1,bootindex=100 -net nic,model=virtio,macaddr=$(cat /sys/class/net/macvtap0/address) -net tap,fd=3 3<>/dev/tap$(cat /sys/class/net/macvtap0/ifindex) -machine type=q35+pve0,kernel-irqchip=split -monitor telnet:127.0.0.1:5801,server,nowait


So basically just this parameter string for the macvtap networking:

-net nic,model=virtio,macaddr=$(cat /sys/class/net/macvtap0/address) -net tap,fd=3 3<>/dev/tap$(cat /sys/class/net/macvtap0/ifindex)


And it works perfectly fine.
ps. you may need to adjust the addr of the VGA (or anything else using 0x1 for address on bus 0) because the virtio-net steals the address, I adjusted mine to 0x3 (eg. 'VGA,id=vga,bus=pcie.0,addr=0x3'). I'm sure you can specify an alternative address for the virtio-net too, but I tried to keep it simple.


Potential UI process suggestions:

1) So I would think in the host config UI where we create our vmbr bridges, you could just add a button to add a macvtap, and a small popup window comes up allowing to select the interface and set the mtu and type of macvtap etc just like the vmbr popup.

2) Then just include in the drop-down list when assigning a predefined vmbr to a vm also the predefined macvtaps.

3) Behind the scenes just build out that parameter string as above.


.., and then like magic suddenly we finally have macvtap networking too!


I could probably code it in a few hours myself, but Proxmox devs could probably knock it out in a few minutes! and it would be part of the build too.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back