Internet connection with Emulated VLAN

[ReyHaynes]

I have created numerous installs of Ubuntu 20.04.3 Server and the one thing I cannot figure out is the Emulated VLAN port forwarding.

It seems like when Emulated VLAN is selected as the network mode, I cannot perform any actions that require an internet connection, including installing or updating packages or repos via apt. I don't have this same issue when switching to Shared Network

Is this by design or am I missing some key setup information?

And, yes, I can dig @1.1.1.1 google.com and get a valid response.

Device info:
Macbook M1 Max

UTM Settings:
Ubuntu 20.04.3 Live Server
8GB Ram
ARM64 (aarch64)
QEMU 6.2 (alias of virt-6.2)
Console Only
Emulated VLAN (virtio-net-pci) (:22 -> :2222 Port Forwarding)

[goodwinbg1906]

@ReyHaynes hello I actually am dealing with similar issue wondering if you heard a answer from outside resource

[ReyHaynes]

Unfortunately, no answer for this.

[kskosoto]

This may help - Osoto!
https://techsupport.seqrite.com/index.php?/selfhelp/view-article/How-to-Configure-VLAN-on-UTM

[aeciolevy]

Same here...

[mnalsup]

I believe I found an answer to this. I used both a Shared Network and an Emulated VLAN (with the configured port forwarding) and I was able to SSH into my VM and curl https://www.google.com. Hope this helps!

Edit:
For clarification I set the port forwarding to be 22 -> 2222 and the command I used:
ssh -p 2222 <user>@localhost

[zhangwenjia0326]

@mnalsup could you please elaborate on your solution? Did you select Emulated VLAN in UTM and then configured the port forwarding? What is the exact port forwarding configuration? I'm encountering the same issue and want to try your solution. Thank you!!

[mnalsup]

Yes, I added the port forwarding in the emulated VLAN and also added a Shared Network configuration.

1. You add one Network Device, set it to shared network.
2. Add a second Network Device, set it to Emulated VLAN
3. On the Emulated VLAN Device add the port forwarding you need. For example you might do :22 -> :2222 to be able to access your VM via ssh on port 2222.

@zhangwenjia0326 I updated the instructions to be more specific.

[zhangwenjia0326]

Awesome, I will give it a try! Thank you so much!!

[billrain]

Thanks. Actually I added more steps to get it work:
ip addr
then add 2nd interface like enp0s2 to 00-installer-config.yaml

 user@ubuntu  ~  cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    enp0s1:
      dhcp4: true
    enp0s2:
      dhcp4: true
  version: 2

update nameserver in /etc/resolv.conf

nameserver 8.8.8.8
nameserver 1.1.1.1

then I can SSH into the Ubuntu guest host from my Mac M2 local using iTerm2 and Ubuntu can access Internet

[fred666333]

Even though the thread is old, I want to contribute with my experiences.

First I needed a bridged network in order to use UTM as a web server. With the bridged network, host (MacOS 15.4.1) I could not connect to guest. After a reboot it worked for a while, but soon it stopped working. Ping, ssh. http whatever did not work. It was the same with Ubuntu, Fedora and CentOS. A bridged network works with WAN but not LAN.

Then I created a second network in UTM, emulated wlan. With portforwarding as described above, I could ssh from host to guest. In CentOS though the emulated wlan was disabled. But after I hade enabled it, portforwarding worked there as well.

I have found that the problem is that the guest os picks the bridged network as default for all connections, both external (WAN) and internal (LAN). The bridged network is labeled enp0s1 and the emulated enp0s2. For some strange reason it selects enp0s2 when you forward to port 22 with ssh. I tried the same approach to portforward to cockpit: 9090 -> 23000, but it did not work.

So you need to get the guest system to use the bridged network for external connections and the emulated vlan for internal connections. Maybe you can configure the network settings in the the guest os to achieve that. I don't know. I did it with the Firewalld in CentOS.

I use one zone (public) for external connections and add interface enp0s1 (Bridged) to that zone. I you use one zone (internal) for internal connections and add source 192.168.0.0/24 (or one or more ip:s) and add interface enp0s2 (emulated vlan) to that that zone.

Now the guest os picks the bridged network for external connections and the emulated vlan for internal connections. The host can connect to guest without port forwarding. ssh user@192.168.0.19 (my guest static internal ip) works.

I don't know if this approach can be accomplished in Debian based system with UFW and iptables.

Both the bridged network and emulated wlan use ethernet.

Hope this can be of any help.

Fred

[fred666333]

Hello again.

Better cure the cause than the symptoms...

I found this article: https://guix.gnu.org/cookbook/en/html_node/Network-bridge-for-QEMU.html

All you have to do is to create a bridged network in UTM, then run two commands in the guest os:
sudo nmcli con add type bridge con-name br0 ifname br0
sudo nmcli con add type bridge-slave ifname enp0s1 master br0

You get the name of your ethernet connection with "nmcli connection". Mine is enp0s1.

Now host can connect to guest. No need for an emulated vlan.

Fred