Re: [Qemu-devel] using -net dump with tap networking

[Stefan Hajnoczi]

On Thu, Feb 14, 2013 at 11:51:42AM +1100, Alexey Kardashevskiy wrote:
> On 14/02/13 05:02, Laszlo Ersek wrote:
> >On 02/13/13 15:48, Alexey Kardashevskiy wrote:
> >>Hi!
> >>
> >>I am running qemu as:
> >>
> >>qemu/ppc64-softmmu/qemu-system-ppc64 -m 1024 -M pseries -trace
> >>events=trace_events -netdev user,id=virtnet,hostfwd=tcp::5000-:22
> >>-device virtio-net-pci,netdev=virtnet -nographic -vga none -enable-kvm
> >>-kernel vml36_64k -initrd 1.cpio
> >>
> >>Now I want to enable network dump. With the old "-net" syntax I could do
> >>that with "-net dump" but I cannot with the new syntax, tried many
> >>variants, none works. What would the correct syntax be for the case above?
> >
> >Ugh, I'm a bit confused, but if I say something stupid that should still
> >help "ignite" the discussion.
> >
> >So, in general there are two ways to specify this:
> >
> >(1) -net dump,id=dump0,vlan=VLAN_ID,len=SIZE_LIMIT,file=PATHNAME
> >
> >(2) -netdev dump,id=dump0,len=SIZE_LIMIT,file=PATHNAME
> >
> >I believe the first option (legacy) should work.
> >
> >The second one will not work; actually I think it will trigger an
> >assert. The generic init code in net_client_init1() [net/net.c] says:
> >
> >         NetClientState *peer = NULL;
> >
> >         /* Do not add to a vlan if it's a -netdev or a nic with a netdev=
> >          * parameter. */
> >         if (!is_netdev &&
> >             (opts->kind != NET_CLIENT_OPTIONS_KIND_NIC ||
> >              !opts->nic->has_netdev)) {
> >             peer = net_hub_add_port(u.net->has_vlan ? u.net->vlan : 0, 
> > NULL);
> >         }
> >
> >         if (net_client_init_fun[opts->kind](opts, name, peer) < 0) {
> >
> >So in (2) we don't add the dump netdev to any hub/vlan; however the
> >specific code (net_init_dump(), [net/dump.c]) asserts (peer != NULL).
> >
> >Otherwise I think the idea would be to add the dump netdev *afterwards*
> >to a vlan/hub, by changing its vlan property. See set_vlan() in
> >[hw/qdev-properties-system.c]; it calls net_hub_port_find() [net/hub.c]
> >whose task is to "Find a available port on a hub; otherwise create one
> >new port".
> >
> >See
> ><http://lists.nongnu.org/archive/html/qemu-devel/2012-07/msg03182.html>.
> >
> >Hence I think you're back to (1), the legacy format. Assuming qemu
> >doesn't barf on that option immediately, I believe you *also* have to
> >add your "-netdev user" to the same hub as the dumper is on.
> >
> >In total you have to create both netdevs (a, b) and assign both to a
> >common hub/vlan (c, d). Again, unfortunately the dump netdev only works
> >with the legacy format, but that already includes the assignment to the
> >hub (a, c). So you have to take care of creating the other netdev
> >(-netdev user, b), and assign it through its vlan qdev property to the
> >same hub (d), so that data can flow from it to the dump netdev.
> >
> >Hm... Looks like you can't do that directly on "-netdev user" (it seems
> >to have no such property). "virtio-net-pci" does have it however. At
> >least in a quick "info qtree" check:
> >
> >bus: main-system-bus
> >   type System
> >   dev: i440FX-pcihost, id ""
> >     bus: pci.0
> >       type PCI
> >       dev: virtio-net-pci, id "net0"
> >         dev-prop: vlan = <null>
> >
> >Also confirmed by "qemu-system-x86_64 -device virtio-net-pci,help".
> >
> >So
> >
> >-netdev user,id=virtnet,hostfwd=tcp::5000-:22 \
> >-device virtio-net-pci,netdev=virtnet,vlan=2 \
> >-net dump,vlan=2,len=SIZE_LIMIT,file=PATHNAME
> >
> >Or some such...
> 
> Ok. So, there is "user" device (interface to the world) and 2 QEMU
> network devices - "virtio" and "dump", attached to the same virtual
> bridge within the QEMU.
> 
> Now let's make it more fun. Actually I want to trace a "tap" config
> (I put it into the subject but later changed the actual example in a
> hope that it makes things simpler but I was wrong :-) ):
> 
> qemu-impreza/ppc64-softmmu/qemu-system-ppc64 -m 1024 -M pseries
> -nographic -vga none -enable-kvm -kernel vml36_64k -initrd 1.cpio
>       -netdev tap,id=tapnet,ifname=tap0,script=qemu-ifup.sh
>       -device virtio-net-pci,netdev=tapnet,vlan=100
>       -net dump,vlan=100,file=./dump.lan.qemu.virtio
> 
> So I have a virtual bridge but it is in the host, not in the QEMU.
> To the command line above QEMU says:
> 
> Warning: vlan 100 is not connected to host network
> Warning: netdev tapnet has no peer
> 
> "qemu -help" says "-net tap" accepts "vlan=n" but "-netdev
> tap,vlan=100,..." generates an error (Invalid parameter 'vlan').

Those options don't make sense because:

1. A -netdev does not have a peer or a vlan.  It simply defines a host
   net device that can been peered with -device ...,netdev=<id>.
2. A -device ...,netdev=tapnet,vlan=100 doesn't make sense since netdev=
   specifies the peer and so does vlan=100.  Either it can be connected
   directly (peered) to tapnet or it can be connected to vlan 100.  You
   can't have both.

I would do:

qemu-system-ppc64 ...
      -net tap,ifname=tap0,script=qemu-ifup.sh
      -net nic,model=virtio
      -net dump,file=./dump.lan.qemu.virtio

> Sure I can run tcpdump on the host with the tap0 interface but I
> would like to catch trafic between virtio-net-pci and tap0 if it is
> possible. Is it?

-nic dump kind of does this but I'd use tcpdump -i tap0.

If you are afraid of packets being dropped internally in virtio-net-pci
then you're down to custom debug printfs anyway.

> btw is there any way to get for the -netdev device what "-device
> NAME,help" does (i.e. list of actually supported parameters)?

man qemu

Stefan