From 9afeab13e790778af909a705c84cd98cbe9d2b5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= Date: Mon, 9 Nov 2020 09:25:14 +0100 Subject: [PATCH] Flesh out First attempt I still need to document the DHCP bits. --- First attempt/Index | 15 +++++++++++++++ First attempt/Using DHCP | 7 +++++++ 2 files changed, 22 insertions(+) create mode 100644 First attempt/Using DHCP diff --git a/First attempt/Index b/First attempt/Index index 66bbf9c..5915731 100644 --- a/First attempt/Index +++ b/First attempt/Index @@ -42,3 +42,18 @@ Then I made a `.network` file with a `[Match]` clause matching on names starting Finally, I configured an address on the bridge so we can communicate with the VMs from the host. This seemed to work, but the unikernel I was testing with, [Canopy](https://github.com/Engil/Canopy), fetches data from an online git repository. Since I hadn't done anything to give it access to the internet it of course failed and crashed. + +### Getting Canopy on the internet + +I found the options `IPForward=true` and `IPMasquerade=true` on the bridge did the trick. +One thing to note is `IPForward=true` and `IPForward=ipv4` sets globally the sysctl option `net.ipv4.ip_forward`, and never unsets it. +The systemd documentation says to use a firewall to work around this. +The option says to the kernel to route packets across interfaces. +The option `IPMasquerade` basically enables NAT so the packets to the internet coming from the VM will look like they come from the host. + +### Using DHCP + +So far I had been using statically configured addresses and routes. +I got it working to some degree. +Canopy seems to work fine with the ISPs DNS servers, but less so using anycast.censurfridns.dk or google's 8.8.8.8. +You can read more about it in my [next post](Using%20DHCP). diff --git a/First attempt/Using DHCP b/First attempt/Using DHCP new file mode 100644 index 0000000..1844f0c --- /dev/null +++ b/First attempt/Using DHCP @@ -0,0 +1,7 @@ +--- +title: Using DHCP for the unikernels +author: reynir +--- +# Using DHCP for the unikernels + +TBD...