From owner-freebsd-virtualization@freebsd.org Tue Nov 15 11:58:40 2016 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94AE0C41B14 for ; Tue, 15 Nov 2016 11:58:40 +0000 (UTC) (envelope-from freebsd@jonathanprice.org) Received: from wright.jonathanprice.org (unknown [IPv6:2001:41d0:2:eb0d::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 324D81DC8 for ; Tue, 15 Nov 2016 11:58:39 +0000 (UTC) (envelope-from freebsd@jonathanprice.org) Received: from mail.jonathanprice.org (unknown [IPv6:2001:41d0:2:eb0d::1]) by wright.jonathanprice.org (Postfix) with ESMTPSA id B2C9325C3B; Tue, 15 Nov 2016 11:58:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=jonathanprice.org; s=default; t=1479211109; bh=DmaL86SX5uXSiS0ohMNw6DrkKG35l33bwBExCMwoGuU=; h=Date:From:Subject:To; b=mBDwhzNKaHfp4QeuYwVJ3uSjLy5iy58mWxvp1K2YxCe4hmUla+yfALNrTp1tRtcCF 9eLhaICscliL9+eBzhboDWZG3JPUm7qXTSjtTsVR/5PH17x/5qezVCDCTFMwLwG8ws H34C4FEc33L1dLRJFeOmdjgUqAj7vdBUwRJSkTQU= Mime-Version: 1.0 Date: Tue, 15 Nov 2016 11:58:29 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-ID: <4cf1a528d9a4e85d5aa351ca2ff417a9@mail.jonathanprice.org> X-Mailer: RainLoop/1.10.4.183 From: freebsd@jonathanprice.org Subject: bhyve windows guest unable to ping default gateway or external networks To: freebsd-virtualization@freebsd.org X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Nov 2016 11:58:40 -0000 Hello,=0A=0AI am trying to get a windows server VM running under bhyve. S= o far I can use VNC to install Windows, but I've been unable to get the n= etworking working. I will provide details below, and include a summary up= here. On the guest, I have installed the latest version of winvirtio, an= d I have configured static IP addressing. The guest can ping itself, but = not the host machine or anything external. It is worth noting that I am a= lso currently running a CentOS guest, and this can connect to both the ho= st and the outside world with no issues.=0A=0AHost: FreeBSD 11.0-RELEASE= =0AGuest: Tried both Windows Server 2016 Essentials and Windows Server 20= 12 Standard=0A=0Abhyve command: =0Abhyve -c 1 -H -w -m 3G -s 0,hostbridge= -s 3,ahci-cd,/iohyve/ISO// -s '4,ahci-hd,/dev/zvol/zroot/iohyve/win12/di= sk0,sectorsize=3D512' -s 10,virtio-net,tap2 -s '11,fbuf,tcp=3D0.0.0.0:590= 2,w=3D800,h=3D600,wait' -s 12,xhci,tablet -s 31,lpc -l com1,/dev/nmdm3A -= l bootrom,/iohyve/Firmware/BHYVE_UEFI.fd/BHYVE_UEFI.fd ioh-win12=0A=0Aifc= onfig output:=0Aem0: flags=3D8843= metric 0 mtu 1500=0A options=3D4219b=0A ether e0:69:95= :a2:f1:d9=0A inet 46.105.xxx.xxx netmask 0xffffff00 broadcast 46.1= 05.124.255=0A inet6 fe80::e269:95ff:xxxx:f1d9%em0 prefixlen 64 sco= peid 0x1=0A inet6 2001:41d0:2:xxxx::1 prefixlen 56=0A nd6 o= ptions=3D21=0A media: Ethernet autosele= ct (100baseTX )=0A status: active=0Alo0: flags=3D8049= metric 0 mtu 16384=0A options=3D60= 0003=0A inet6 ::1 prefixlen= 128=0A inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2=0A inet = 127.0.0.1 netmask 0xff000000=0A nd6 options=3D21=0A groups: lo=0Abridge0: flags=3D8843 metric 0 mtu 1500=0A ether 02:cf:0c:8f:13:00= =0A inet6 fd00::ffff prefixlen 112=0A inet 10.0.0.254 netma= sk 0xffffff00 broadcast 10.0.0.255=0A nd6 options=3D1= =0A groups: bridge=0A id 00:00:00:00:00:00 priority 32768 h= ellotime 2 fwddelay 15=0A maxage 20 holdcnt 6 proto rstp maxaddr 2= 000 timeout 1200=0A root id 00:00:00:00:00:00 priority 32768 ifcos= t 0 port 0=0A member: tap2 flags=3D143=0A ifmaxaddr 0 port 7 priority 128 path cost 2000= 000=0A member: tap1 flags=3D143=0A ifmaxaddr 0 port 5 priority 128 path cost 2000000=0A = member: tap0 flags=3D143=0A = ifmaxaddr 0 port 4 priority 128 path cost 2000000=0Apflog0: = flags=3D0<> metric 0 mtu 33160=0A groups: pflog=0Atap0: flags=3D89= 43 metric 0 mtu 1500=0A = description: iohyve-centos=0A options=3D80000=0A = ether 00:bd:5d:d3:e8:00=0A nd6 options=3D21=0A media: Ethernet autoselect=0A status: active= =0A groups: tap=0A Opened by PID 96206=0Atap1: flags=3D8902= metric 0 mtu 1500=0A descrip= tion: iohyve-win16es=0A options=3D80000=0A ether= 00:bd:61:ab:eb:01=0A nd6 options=3D21= =0A media: Ethernet autoselect=0A status: no carrier=0A = groups: tap=0Atap2: flags=3D8943 metric 0 mtu 1500=0A description: iohyve-win12=0A = options=3D80000=0A ether 00:bd:c9:1a:59:02=0A = nd6 options=3D21=0A media: Ethernet au= toselect=0A status: active=0A groups: tap=0A Opened = by PID 1911=0A=0AIt is using NAT with PF to reach the internet. It should= not rely on NAT to be able to ping the host machine, but I will post the= NAT configuration below anyway:=0A=0A/etc/pf.conf:=0A# Automatically NAT= any VMs=0Anat on em0 inet from bridge0:network to any -> (em0)=0A=0A=0A(= On the Guest)=0A=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A=0AC:\Users\= Administrator>ipconfig=0A=0AEthernet adapter Ethernet:=0A=0A IPv4 Address= : 10.0.0.3=0A Subnet Mask: 255.255.255.0=0A Default Gateway: 10.0.0.254= =0A =0AC:\Users\Administrator>ping 10.0.0.3=0A=0APinging 10.0.0.3 with 32= bytes of data:=0AReply from 10.0.0.3: bytes=3D32 time<1ms TTL=3D128=0ARe= ply from 10.0.0.3: bytes=3D32 time<1ms TTL=3D128=0AReply from 10.0.0.3: b= ytes=3D32 time<1ms TTL=3D128=0AReply from 10.0.0.3: bytes=3D32 time<1ms T= TL=3D128=0A=0AC:\Users\Administrator>ping 10.0.0.254=0A=0APinging 10.0.0.= 254 with 32 bytes of data:=0AReply from 10.0.0.3: Destination host unreac= hable.=0AReply from 10.0.0.3: Destination host unreachable.=0AReply from = 10.0.0.3: Destination host unreachable.=0AReply from 10.0.0.3: Destinatio= n host unreachable.=0A=0AC:\Users\Administrator>arp -a=0A=0AInterface: 10= .0.0.3 --- 0xc=0A Internet Address Physical Address Type=0A 10.0.0.25= 5 ff-ff-ff-ff-ff-ff static=0A 224.0.0.22 01-00-5e-00-00-16 static= =0A 224.0.0.252 01-00-5e-00-00-fc static=0A =0A(PF log testing)=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A=0AI was curious to se= e if PF was seeing packets on the bridge interface, so I added the follow= ing to /etc/pf.conf:=0Apass log (all) all=0A=0AI then ran the following c= ommand, which had no results when I tried a test ping:=0Asudo tcpdump -n = -e -ttt -i pflog0 host 10.0.0.3=0A=0A(I also watched live traffic on 10.0= .0.254 and saw nothing from this IP)=0A=0A=0ASummary=0A=3D=3D=3D=3D=3D=3D= =3D=3D=0A=0AI appear to be having some network connectivity issues that e= ither lies in bhyve, virtio-net or the winvirtio drivers. If anybody has = any suggestions for things I could try I'd love to hear it.=0A=0AThanks,= =0A=0AJonathan.