wiki:NetkitTutorial

A Virtual World with TFC enabled Linux Boxes

Install Netkit

This is trivial, follow the netkit official documentation and in a few steps you will have default Linux Boxes running

http://www.netkit.org

Kernel Compiling for Netkit

We need to replace the default Virtual Linux Boxes provided with Netkit with other Linux Boxes running our modified kernel.

The reader of this document should be familiar with kernel compiling. In this document we explain how to compile our modified kernel sources for the UM architecture. Such kernel will be used to run emulated Linux boxes in Netkit.

First download the kernel sources from our repository

cd /home/utente
mkdir build_um
svn co https://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject/trunk/linux-2.6.20.7-TFC myKernel
cd myKernel

In the previous code snipped we also create our target directory: build_um Modify the Makefile to specify the UM architecture (user mode)

vi Makefile

Add the following two lines:

KBUILD_OUTPUT:=../build_um
ARCH:=um

Now get the .config file

cp .config-UM ../build_um/.config

Now we are ready to compile the sources

make

keep all the default valures entering always "enter"

When the compiling process finishs let's install the modules in the correct path

make modules_install INSTALL_MOD_PATH=$NETKIT_HOME/kernel/modules ARCH=um

Now before we launch a new virtual machine we need to set up the correct links, so that a new virtual machine starts with our kernel and with the right modules

cd $NETKIT_HOME/kernel
rm netkit-kernel
ln -s /home/utente/build_um/linux netkit-kernel

Download tfc application

cd /home/utente
svn co https://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject/trunk/tfc_user_handler/ tfc_user_handler
cd tfc_user_handler
rm include/linux/xfrm.h
cp /home/utente/myKernel/include/linux/xfrm.h include/linux/xfrm.h
./compile.sh

Let's start a new machine! In this example we start a machine with 100Mb of RAM and with eth0 attached to the collision domain number 0

cd $NETKIT_HOME/
vstart myPC1 --mem=100 --eth0=0 

Warning, by default new virtual machines start with 8Mb of RAM but I experienced that if you dont pass at least --mem=48Mb the TFC Kernel will not boot!!!!

The command vstart can automatically configure tunnels (“tap interfaces”) by which a virtual machine can access an external network, with this option:

  • 10.0.0.1 IP address real pc
  • 10.0.0.2 IP address mypc1
vstart myPC1 --mem=100 --eth0=tap,10.0.0.1,10.0.0.2

Now set Security Association and Security Policy:

On the client with Security Policy in output

ifconifg eth0 192.168.1.1
cd /hosthome/tfc_user_handler
.bin/padd TFC_out_config.txt
.bin/sadd TFC_config.txt

On the client with Security Policy in input

ifconifg eth0 192.168.1.2
modprobe tfc_handler
cd /hosthome/tfc_user_handler
.bin/padd TFC_in_config.txt
.bin/sadd TFC_config.txt

If you have a problem with tunctl:

cp /$NETKIT_HOME/bin/uml_tools/tunctl /usr/bin/

or if you are running a Gentoo Box simply install tunctl

emerge usermode-utilities

Using other kernel config

If you do not use the config coming from netkit, but the default one for the server (mahe defconfig) do not forget to turn on "hostfs"

Install new software on Netkit filesystem

To install new software you need run the original Netkit filesystem (netkit-fs-F3.0a) without vstart or lstart command and use apt-get for installing new packages. Before this operation it's necessary configure a bridge device on the host pc.

The following sets up a bridge, a tap device and attaches the device to the bridge. You must do this before you start UML sessions.

brctl addbr br0
brctl setfd br0 0
brctl stp br0 off
ifconfig eth0 0.0.0.0 promisc up 
brctl addif br0 eth0
dhclient br0
tunctl -u root
ifconfig tap0 0.0.0.0 promisc up
brctl addif br0 tap0

If the first command don't work, just install package bridge-utils.

Now you can start UML sessions in the following way:

$NETKIT_HOME/kernel/netkit-kernel ubd0=$NETKIT_HOME/fs/netkit-fs-F3.0a root=98:1  \. mem=100M \. eth0=tuntap,tap0

On the guest pc you need turn on the network device eth0 with the following command:

dhclient eth0

Now you are ready to install new software (like iperf)

apt-get install iperf

Warning, if you use a proxy, it's necessary set an http and ftp proxy

export http_proxy=ip:port
export ftp_proxy=ip:port

Now, restarting netkit tool, it's possible to use the new software

Last modified 11 years ago Last modified on Dec 3, 2007, 6:32:25 PM