user-mode-linux virtual ethernet using multicast transport (C) 2001 by Harald Welte ====================================================================== This new transport for user-mode-linux networking allwos you to build virtual ethernet segments on top of IP multicasting (on a real network). You can use this for running multiple user-mode-linux'es on one or more machines in a TCP/IP network and create virtual ethernet segments between them. 1. Prerequirements on the Host(s) and Network Your host system(s) will need a multicast-enabled kernel. This is a standard kernel config option since 2.2.x kernels. If you want to route the virtual ethernet over multiple network segments, you will need a working multicast routing setup. Running it on one machine, or only within one physical network segment does not require this. 2. Configuration of the user-mode-linux'es Parameters for the kernel boot command line are: ethX=mcast,hwaddr,mcastgroup,port,ttl you MUST specify at least mcast and a hwaddr, as we cannot derive the hardware address from the IP address (== multicast group), because it would be the same on all machines. [ Note - this is not true - if not specified, the hwaddr will be defaulted from the IP address of the UML side of the interface, which will make it unique if the IP addresses assigned by the user are unique - jdike ] mcastgroup has a default of 239.192.168.1 (which is a RFC-compliant multicast address for organization-local use). port has a default of 1102, use your favourite number or leave it. TTL is set to 1 by default. Multicast TTL of one means, that the packet will never leave the local network segment. If you want route your uml virtual network using multicast routers, you will need to set this TTL value to a reasonable, higher value. Example: eth0=mcast,00:03:E3:00:30:47,224.2.3.4:5555,3 3. Security None. If you run this on an untrusted network, anybody on the network will be able to sniff all the packets (you're multicasting them!) and insert fake pakets in your network. It is, however, not possible for anybody inside your virtual ethernet to get outside. If you want this, you will have to set up one UML which acts as a router between a TUN/TAP interface and the multicast virtual ethernet. 4. Scalability Medium. You have to note that every participating UML will receive all packets, even the ones which are for other UML's. It's basically like an ethernet where all machines have promiscuous mode turned on. So don't put too many UML's onto one virtual ethernet, unless you have plenty of CPU left and not too much network traffic. 5. Questions / Bugs / Comments Send them to laforge@gnumonks.org