Difference between revisions of "Tutorial"

From VNUML-WIKI
Jump to: navigation, search
 
m (Redirecting to Tutorial 1.8)
 
(135 intermediate revisions by 3 users not shown)
Line 1: Line 1:
<h2 style="text-align: center;">VNUML Tutorial<br>
+
#REDIRECT [[Tutorial 1.8]]
<small>version 1.6</small></h2>
 
 
 
<h3 style="text-align: center;">Authors:<br>
 
Ferm&iacute;n Gal&aacute;n
 
(<a href="mailto:galan at dit.upm.es">galan at dit.upm.es</a>)<br>
 
David Fern&aacute;ndez (<a href="mailto:david at dit.upm.es">david at dit.upm.es</a>)</h3>
 
 
 
<h4 style="text-align: center;">August 12th, 2005</h4><br>
 
 
 
          <td style="text-align: right; vertical-align: top;" width=
 
          "208"><a href="http://www.dit.upm.es/vnuml"><img alt=
 
          "Virtual Network User Mode Linux" src=
 
          "../images/vnuml.png" border="0" align="right" width=
 
          "200"></a></td>
 
        </tr>
 
 
 
        <!-- C O N T E N T S -->
 
 
 
        <tr>
 
          <td class="title" colspan="2">Contents</td>
 
        </tr>
 
 
 
        <tr>
 
          <td rowspan="1" colspan="2"><br>
 
          <a href="#introduction">1. Introduction</a><br>
 
          &#160;&#160;&#160; <a href="#tutorial_requirements">1.1. Tutorial Requirements</a><br>
 
          &#160;&#160;&#160; <a href="#privileges">1.2. Privileges</a><br>       
 
          <a href="#limited_user_privileges">2. Limited User Privileges</a><br>
 
          &#160;&#160;&#160; <a href="#writting_spec">2.1. Writing the VNUML Specification</a><br>
 
          &#160;&#160;&#160; <a href="#building_simulation">2.2. Building the Simulation</a><br>
 
          &#160;&#160;&#160; <a href="#testing_simulation">2.3. Testing the Simulation</a><br>
 
          &#160;&#160;&#160; <a href="#releasing_simulation">2.4. Releasing the Simulation</a><br>
 
          <a href="#user_privileges">3. User Privileges</a><br>
 
          &#160;&#160;&#160; <a href="#connecting_sim_host">3.1. Connecting Simulation to Host</a><br>
 
          &#160;&#160;&#160; <a href="#executing_commands">3.2. Executing Commands</a><br>
 
          &#160;&#160;&#160;&#160;&#160;&#160; <a href="#generate_ssh_key">3.2.1. Generating SSH key</a><br>
 
          &#160;&#160;&#160;&#160;&#160;&#160; <a href="#management_network">3.2.2. Management Network</a><br>
 
          &#160;&#160;&#160;&#160;&#160;&#160; <a href="#command_sequences">3.2.3. Command Sequences</a><br>
 
          <a href="#full_root_privileges">4. Full Root Privileges</a><br>
 
          &#160;&#160;&#160; <a href="#host_configuration">4.1. Host Configuration</a><br>
 
          &#160;&#160;&#160; <a href="#private_management">4.2. Private Management</a><br>
 
          &#160;&#160;&#160; <a href="#layer_2_interconnection">4.3. Layer 2 Interconnection</a><br>
 
          <a href="#nat">5. Configuring NAT</a><br>         
 
          <a href="#tips">6. Additional Tips</a><br>
 
          <a href="#further_reading">7. Further Reading</a>
 
         
 
          <!--a href="#appendix_0">Appendix: Execution Logs (1.6.0)</a><br-->
 
          <!--a href="#appendix_1">Appendix: Execution Logs (1.3.1)</a><br-->
 
          <br></td>
 
        </tr>
 
 
 
<!-- 1. I N T R O D U C T I O N  -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name="introduction">1.
 
          Introduction</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
 
 
    <p>VNUML (Virtual Network User Mode Linux) is a general purpose
 
    virtualization tool designed to easily create complex
 
    network simulation scenarios based on
 
    <a href=http://user-mode-linux.sourceforge.net/>User Mode Linux (UML)</a>
 
    virtualization software. It has been initially developed in
 
    the context of <a href="http://www.euro6ix.org">Euro6IX</a> research
 
    project to simulate IPv6 IX scenarios based on Linux and
 
    zebra routing daemon. However, it is a useful tool that can be used
 
    to simulate general Linux based network scenarios.</p>
 
 
 
    <p>VNUML is aimed to help in testing network applications and
 
    services over complex testbeds made of several nodes (even tens)
 
    and networks inside one Linux machine, without involving the
 
    investment and management complexity needed to create it using real
 
    equipment.</p>
 
 
 
        <p>This tutorial explains in detail how to use VNUML tool to simulate
 
        a simple networking scenario. It is intended as a
 
    hands-on approach for people that wants to start using VNUML tool, as well
 
    as an overview of the philosophy and features behind VNUML tool for people
 
    that do not want to install it yet.</p>
 
 
 
    <p>Although VNUML hides from the user most of the details needed to use UML
 
        virtualization software, a minimum knowledge about UML and how
 
    it works is needed. The reader is referred to
 
    <a href="http://user-mode-linux.sourceforge.net">UML</a> Web site to
 
        gain that knowledge.</p>
 
 
 
    <p>Throughout this document and the rest of the documentation, we refer to
 
    the machine where VNUML is running as the <b>&quot;host&quot;</b>. The Linux virtual
 
        machines that run over the host using UML virtualization software are
 
    typically referred as <b>&quot;virtual machines&quot;</b> or simply <b>&quot;UMLs&quot;</b>.</p>
 
 
 
        <p>This tutorial covers VNUML language version 1.6 and vnumlparser.pl 1.6.X.</p>
 
       
 
        <h3><a name="tutorial_requirements">1. 1. Tutorial Requirements</a></h3>
 
 
 
<p>In order to properly follow this tutorial you need:</p>
 
 
 
<ul>
 
 
 
    <li>VNUML properly installed in your system. Please, refer to the
 
    <a href="../install/index.html">VNUML Installation Guide</a> for more details.</li>
 
   
 
    <li>X-window environment. Some steps in the tutorial will launch xterm terminals,
 
    so you need a X server.</li>
 
   
 
      <li>Be able to log as root in the host (for <a href="#user_privileges">step 3</a>
 
      and <a href="#full_root_privileges">step 4</a>).</li>
 
     
 
      <li>The 10.0.x.x and 10.250.x.x address ranges are used in the VNUML specifications shown in this
 
      tutorial. If these ranges collide with assigned addresses in you host environment
 
      you must to change them to other prefixes.</li>
 
 
 
</ul>
 
       
 
        <h3><a name="privileges">1. 2. Privileges</a></h3>
 
       
 
        <p>Old versions of VNUML parser (previous to 1.6.0) were very root-focused. Fortunately,
 
        VNUML support for conventional users has been highly improved in version 1.6.0.</p>
 
       
 
        <p>There are three ways of using VNUML, depending of what privileges you want
 
        to use:</p>
 
       
 
        <ul>
 
       
 
        <li><strong>Limited User Privileges.</strong> To run vnumlparser.pl without root privileges.
 
        The main limitation is that there is no network access to the virtual machines from/to host
 
        and, therefore, no access to the external network the host is connected to (if any). The only way
 
        to interact with the virtual machines is through direct login (typically, a xterm). As
 
        a consequence, vnumlparser.pl can not be used to automatically run command sequences on
 
        the virtual machines.</li>
 
       
 
        <li><strong>User Privileges.</strong> To run vnumlparser.pl without root privileges,
 
        but use root privileges to enable host network access (management network) and access to
 
        external networks using the root as router/NAT (layer 3 interconnection). Command
 
        sequences can be run by vnumlparser.pl in the virtual machines using the management
 
        network.</li>
 
       
 
        <li><strong>Full Root Privileges.</strong>To run vnumlparser.pl as root. This allow
 
        host configuration performed by vnumlparser.pl, private management, mapping of
 
        virtual machine names in /etc/hosts and direct connection of virtual machines to
 
        external networks the host is connected to (layer 2 interconnection).</li>
 
                     
 
        </ul>
 
       
 
        <p>The rest of the tutorial describe these three ways in detail, starting with
 
        <a href="#limited_user_privileges">Limited User Privileges</a>, going to
 
        <a href="#user_privileges">User Privileges</a> and finally,
 
        <a href="#full_root_privileges">Full Root Privileges</a>.</p>
 
 
 
            <br>
 
          </td>
 
        </tr>
 
 
 
        <!-- 2. L I M I T E D  U S E R  P R I V I L E G I E S  -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name=
 
          "limited_user_privileges">2. Limited User Privileges</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
 
 
        <h3><a name="writting_spec">2. 1. Writing the VNUML Specification</a></h3>
 
 
 
    <p>VNUML tool is made of two main components: the VNUML language used
 
    for describing simulations in XML; and the interpreter of the language
 
    (vnumlparser.pl), that builds and manages the simulation, hiding all
 
        UML complex details to the user.</p>
 
 
 
        <p>If you managed to successfully install VNUML parser and all
 
    related software packages, one of the hardest steps is over :). Now
 
        it is time to create the XML description of the scenario to be
 
        simulated using VNUML language (see <a href=
 
    "../reference/index.html">VNUML Language Reference</a> for a complete
 
        description of the language).</p>
 
 
 
    <p>The specification of the tutorial scenario in VNUML language follows:</p>
 
 
 
<div align="center">
 
<img alt="Tutorial Limited User Scenario" src="tutorial_limited_user.png" width="480" height="164" border="0">   
 
</div>
 
 
 
<pre class="box">
 
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
 
&lt;!DOCTYPE vnuml SYSTEM "/usr/local/share/xml/vnuml/vnuml.dtd"&gt;
 
 
 
&lt;vnuml&gt;
 
  &lt;global&gt;
 
    &lt;version&gt;1.6&lt;/version&gt;
 
    &lt;simulation_name&gt;tutorial-lu&lt;/simulation_name&gt;
 
    &lt;automac/&gt;
 
    &lt;vm_mgmt type="none" /&gt;
 
    &lt;default_filesystem type="cow"&gt;/usr/local/share/vnuml/filesystems/root_fs_tutorial&lt;/default_filesystem&gt;
 
    &lt;default_kernel&gt;/usr/local/share/vnuml/kernels/linux&lt;/default_kernel&gt;
 
  &lt;/global&gt;
 
  &lt;net name="Net0" mode="uml_switch" /&gt;
 
  &lt;net name="Net1" mode="uml_switch" /&gt;
 
  &lt;net name="Net2" mode="uml_switch" /&gt;
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml2"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml3"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.3&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.2"&gt;10.0.2.0/24&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml4"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.1"&gt;default&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml5"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.2.1"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
&lt;/vnuml&gt;
 
</pre>
 
 
 
    <p>Just copy the above XML code to a file named <b>tutorial_limited_user.xml</b>
 
    and save it (if you don&#39;t want to do the copy-paste, you can
 
        find it in the examples directory after VNUML installation, usually
 
        /usr/local/share/vnuml/examples).</p>
 
 
 
    <p>Some initial comments about this description file:</p>
 
 
 
            <ul>
 
      <li>The <b>&lt;global&gt;</b> section defines certain parameters and options
 
              that apply to the whole simulation. For example, the default kernel
 
              and filesystem file that will be used for the virtual machines.
 
          </li>
 
 
 
              <li>Virtual networks are created using the <a href=
 
      "../reference/index.html#net">&lt;net&gt;</a> tag. Each
 
      network is identified by a name (e.g., "Net0") which is used later
 
      in virtual machines descriptions to define the network each virtual
 
              interface is connected to.
 
              </li>
 
 
 
              <li>Virtual machines (or UMLs) are created and described using the <a href=
 
      "../reference/index.html#vm">&lt;vm&gt;</a> tag. Inside
 
      &lt;vm&gt; section, several different tags can be included to define each
 
      UML characteristics. There are lot of tags that can be used in a virtual
 
      machine but, well, this is a tutorial :), so only the
 
      basic ones are shown here:
 
 
 
      <ul>
 
 
 
              <li><a href=
 
              "../reference/index.html#con0">&lt;con0&gt;</a>
 
      tag is used to specify the login mechanism, a xterm in this case,</li>
 
      <li><a href="../reference/index.html#if">&lt;if&gt;</a> tag is
 
              used to create and describe network interfaces (<a href=
 
              "../reference/index.html#ipv4">&lt;ipv4&gt;</a> tag is used to set up the IP
 
      address; <a href=
 
              "../reference/index.html#ipv6">&lt;ipv6&gt;</a> is supported also), </li>
 
      <li><a href=
 
              "../reference/index.html#route">&lt;route&gt;</a> tag is used to
 
      add static routes, and </li>
 
              <li><a href=
 
              "../reference/index.html#forwarding">&lt;forwarding&gt;</a>
 
              to enable forwarding.</li>
 
 
 
              </ul>
 
 
 
            </ul>
 
             
 
          <h3><a name="building_simulation">2. 2. Building the Simulation</a></h3> 
 
           
 
    <p>Once you have the VNUML specification written, you can build the scenario
 
    using <b>"-t"</b> switch of VNUML parser. That is:</p>
 
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -t tutorial_limited_user.xml -v
 
</pre>
 
 
 
        <p>This command builds the virtual network topology
 
    described in tutorial_limited_user.xml file and boots all the virtual machines
 
    defined inside it.</p>
 
   
 
    <p>After the command execution, you will see a lot of output messages,
 
        showing what the parser is
 
        exactly doing. That is because "-v" (verbose) switch is being used (we
 
        recommend always using "-v" to see how things are going).</p>
 
 
 
        <p>By default, the output of each UML is redirected to the null device; if you
 
        want to see that output (getting a even more verbose output) use &quot;-o&quot; switch (for
 
        example &quot;-o /tmp/boot&quot;).</p>
 
 
 
        <p>After a few seconds, you should see five xterms popping up in
 
        sequence: each one
 
        correspond to one of the virtual machines defined in the simulation. After
 
        the booting process you would identify each one by the name in the login
 
        prompt (uml1, uml2, uml3, uml4 and uml5). VNUML allows several modes to
 
        interact with the virtual machines, xterm is the only way allowed if
 
        you don't have root privileges.</p>
 
 
 
    <p>Be patient, because the boot process of each UML takes a while
 
    (think about how long it takes a conventional Linux kernel to boot;
 
        virtualized ones can take even more).
 
    It can take easily several minutes to boot each UML, so it could
 
    take from 1 minute (or less!) to around 10-15 minutes to boot the tutorial scenario (time
 
        depends greatly on the host machine characteristics).</p>
 
 
 
        <h3><a name="testing_simulation">2. 3. Testing the Simulation</a></h3>
 
       
 
        <p>You can log in the virtual machines as root user using xxxx (for times
 
        the 'x' letter) as password.
 
        After logging, you can execute commands as in a conventional GNU/Linux
 
        machine. For example try: 'ls /', 'ifconfig', 'df -h' or 'uname -ra'.</p>
 
       
 
        <p>To check connectivity between virtual machines you can use ping or traceroute, as
 
        shown in the examples below. For example, from uml1 try
 
        (you should see a similar trace, if everything is going right):</p>
 
               
 
<pre class="box">
 
uml1:~ # traceroute -n 10.0.2.2
 
traceroute to 10.0.2.2 (10.0.2.2), 30 hops max, 38 byte packets
 
1  10.0.0.3  1.282 ms  0.726 ms  0.678 ms
 
2  10.0.1.2  1.243 ms  1.462 ms  1.010 ms
 
3  10.0.2.2  1.396 ms  1.345 ms  1.303 ms
 
</pre>
 
            <p>From uml5 try:</p>
 
 
 
<pre class="box">
 
uml5:~ # traceroute -n 10.0.0.1
 
traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 38 byte packets
 
1  10.0.2.1  0.916 ms  0.743 ms  0.681 ms
 
2  10.0.1.1  1.072 ms  1.019 ms  1.009 ms
 
3  10.0.0.1  1.420 ms  1.363 ms  1.352 ms
 
</pre>
 
 
 
<p>You will see (using ifconfig) that the interfaces in the virtual machines starts with eth1,
 
not with eth0 as usual. Actually the eth0 interface is reserved to the
 
management network, <a href="#management_network">that will be described later</a>.</p>
 
                       
 
        <h3><a name="releasing_simulation">2. 4. Releasing the Simulation Scenario</a></h3>
 
       
 
                    <p>Once you have finished playing around with the simulation scenario,
 
            you can release it in a "polite way" by means of "-d" switch of
 
            VNUML parser.</p>
 
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -d tutorial_limited_user.xml -v
 
</pre>
 
 
 
            <p>This sends a CAD (Ctrl+Alt+Delete) to each virtual machine, then
 
            you will see how the halting process begins.  After waiting
 
            for a while (think that a conventional kernel
 
            can take a couple of minutes to halt, so a set of virtualized
 
            ones take quite a bit longer), the simulation scenario should be released
 
            (all virtual machines should have been halted, xterms closed and
 
            virtual networks released).</p>
 
 
 
            <p>After releasing the scenario in this way, you can
 
            recreate it with &quot;-t&quot;. Note that releasing a scenario
 
            does not mean that filesystems changes are lost. On the
 
            contrary, any change performed on them remains after the
 
            scenario has been released and restarted again. You can check it:
 
            'touch /root/foo.bar' and you will see how the file /root/foo.bar
 
            remains next time you start using &quot;-t&quot; (the magic
 
            behind this resides in certain files under ~/.vnuml that stores
 
            user additions to the virtual machine filesystems: this files
 
            can be erases using the &quot;-P&quot;, keep reading :).</p>
 
 
 
<p>You can also use the -F switch in the releasing mode, as follows:</p>
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -d tutorial_limited_user.xml -v -F
 
</pre>
 
 
<p>Instead of sending the CAD signal to the virtual machines, this
 
sends a HALT signal, that is stronger: the virtual kernel halts
 
immediately. <strong>This could corrupt the virtual filesystems</strong> so you
 
only should use it when plain -d has failed.</p>
 
 
 
<p>There is even a stronger way to release the simulation: the purge mode
 
(-P), but it should only be used as a last-resort measure. See <a href=
 
            "../user/index.html#how_to_destroy">VNUML User Manual</a>
 
            for more details when -d mode fails (including the purge mode -P).</p>
 
           
 
            <p>When you get familiar starting and releasing simulation, continue to
 
            main section in the tutorial: User Privileges.</p>
 
       
 
            <br>           
 
          </td>
 
</tr>
 
 
 
        <!-- 2. U S E R  P R I V I L E G I E S  -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name=
 
          "user_privileges">3. User Privileges</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
 
 
<p>In this mode, you are supposed to run vnumparser.pl as conventional user as
 
in limited user mode, but you also have root access in order to run some
 
commands as superuser (maybe using sudo). You will be able to connect the
 
simulation to the host (this way virtual machines could reach Internet, if
 
the host acts as router/NAT) and execute automatically command sequences in the
 
virtual machines, as will be described following.</p>
 
 
<h3><a name="connecting_sim_host">3. 1. Connecting Simulations to Host</a></h3>
 
 
<p>The following is a variation of the tutorial_user_limited.xml file. Copy it
 
to a file named <b>tutorial_user1.xml</b> and save it (if you don&#39;t want to
 
do the copy-paste, you can find it in the examples directory after VNUML
 
installation, usually /usr/local/share/vnuml/examples).</p>
 
 
    <div align="center">
 
    <!-- Map deactivated: it has to be reviewed
 
   
 
    <map name="FPMap0">
 
    <area onmouseout="return nd();"
 
          onmouseover="return overlib(uml1, CAPTION, 'UML1 XML Description',
 
          HAUTO, VAUTO);"
 
          shape="circle" coords="59, 40, 37">
 
    <area onmouseout="return nd();"
 
          onmouseover="return overlib(uml2, CAPTION, 'UML2 XML Description',
 
          HAUTO, VAUTO);"
 
          shape="circle" coords="138, 42, 36">
 
    <area onmouseout="return nd();"
 
          onmouseover="return overlib(uml5, CAPTION, 'UML5 XML Description',
 
          HAUTO, VAUTO);"
 
          shape="circle" coords="412, 39, 35">
 
    <area onmouseout="return nd();"
 
          onmouseover="return overlib(uml3, CAPTION, 'UML3 XML Description',
 
          HAUTO, VAUTO);"
 
          shape="circle" coords="189, 149, 37">
 
    <area onmouseout="return nd();"
 
          onmouseover="return overlib(uml4, CAPTION, 'UML4 XML Description',
 
          HAUTO, VAUTO);"
 
          shape="circle" coords="320, 147, 36">
 
    <area onmouseout="return nd();"
 
          onmouseover="return overlib(thehost, CAPTION, 'HOST XML Description',
 
          HAUTO, VAUTO);"
 
          shape="circle" coords="246, 247, 36">
 
    </map>
 
    <img alt="Tutorial Scenario" src="tutorial.png" usemap="#FPMap0"
 
        width="480" height="320" border="0">
 
    -->
 
    <img alt="Tutorial User Scenario (1)" src="tutorial_user1.png" width="480" height="320" border="0">   
 
  </div>
 
 
 
<pre class="box">
 
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
 
&lt;!DOCTYPE vnuml SYSTEM "/usr/local/share/xml/vnuml/vnuml.dtd"&gt;
 
 
 
&lt;vnuml&gt;
 
  &lt;global&gt;
 
    &lt;version&gt;1.6&lt;/version&gt;
 
    &lt;simulation_name&gt;tutorial-u1&lt;/simulation_name&gt;
 
    &lt;automac/&gt;
 
    &lt;vm_mgmt type="none" /&gt;
 
    &lt;default_filesystem type="cow"&gt;/usr/local/share/vnuml/filesystems/root_fs_tutorial&lt;/default_filesystem&gt;
 
    &lt;default_kernel&gt;/usr/local/share/vnuml/kernels/linux&lt;/default_kernel&gt;
 
  &lt;/global&gt;
 
  &lt;net name="Net0" mode="uml_switch" /&gt;
 
  &lt;net name="Net1" mode="uml_switch" /&gt;
 
  &lt;net name="Net2" mode="uml_switch" /&gt;
 
  &lt;net name="Net3" mode="uml_switch" sock="/var/local/run/vnuml/Net3.ctl" /&gt;
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml2"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml3"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.3&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="3" net="Net3"&gt;
 
      &lt;ipv4&gt;10.0.3.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.2"&gt;10.0.2.0/24&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml4"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.1"&gt;default&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml5"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.2.1"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
&lt;/vnuml&gt;
 
</pre>
 
 
 
<p>The difference is the Net3 network in a
 
<a href="../reference/index.html#net">&lt;net&gt;</a> tag, linked
 
to the virtual machine uml3 in a <a href="../reference/index.html#if">&lt;if&gt;</a> tag.
 
This is the network that will be used
 
to get connectivity to the host.</p>
 
 
<p>In order to have access to the host machine when running vnumlparser.pl as a
 
non-privileged user, certain configurations must be performed by a privileged
 
user prior to building the simulation scenario.  In this example, the non-privileged
 
user that will run vnumlparser.pl is bauer.</p>
 
 
<p>As part of the VNUML install process, a non-privileged user <em>vnuml</em>
 
was created (check it now with 'id vnuml').  This user is a member of the <em>uml-net</em> group, which owns
 
the /dev/net/tun cloning device.  It will own the uml_switch process that will
 
be started for the Net3 network, so that this process won't need to be run by root.</p>
 
 
<ol>
 
<li>The user bauer must be a member of the <em>vnuml</em> group which owns the
 
directory /var/local/run/vnuml, where the UNIX sockets for the uml_switch processes
 
will be stored. (The command below looks intimidating, but really all it does is
 
add the user bauer to the vnuml group, while preserving its current group membership; maybe
 
you prefer simple edit the /etc/group file). <span style="color: red"><strong>Note:</strong></span>
 
as group membership is not updated in running shells, after adding
 
user bauer to vnuml group, user bauer has to start a new shell or xterm
 
session before executing the simulation.</li>
 
 
<pre class="box">
 
root@host# usermod -G vnuml,`groups bauer | sed 's/^.\+:[[:space:]]*//;s/[[:space:]]\\+/,/g'` bauer
 
</pre>
 
 
<li>Create a TUN/TAP device owned by the vnuml user. This
 
TUN/TAP device acts as the termination point for the host connection
 
in the Net3 virtual network.</li>
 
 
<pre class="box">
 
root@host# tunctl -u vnuml -t tap0   
 
Set 'tap0' persistent and owned by uid 1037
 
</pre>
 
 
<li>Set an address for the host in the Net3 network (for example,
 
10.0.3.2) and configure a static route in the host to
 
reach all the virtual machines using uml3 as gateway.</li>
 
 
<pre class="box">
 
root@host# ifconfig tap0 10.0.3.2 netmask 255.255.255.0 up
 
root@host# route -A inet add -net 10.0.0.0/16 gw 10.0.3.1
 
</pre>
 
<li>Start a uml_switch process, linked with the TUN/TAP device created
 
previously (tap0) and owned by the vnuml user.  The socket location
 
is arbitrary.  However, the /var/local/run/vnuml directory was created
 
at installation for this purpose.  The socket location will be used as
 
the <strong>sock</strong> attribute in the
 
<a href="../reference/index.html#net">&lt;net&gt;</a> tag for Net3.</li>
 
 
 
<pre class="box">
 
root@host# su -pc 'uml_switch -tap tap0 -unix /var/local/run/vnuml/Net3.ctl &lt; /dev/null &gt; /dev/null &amp;' vnuml
 
</pre>
 
<li>Give the vnuml group read/write privileges to the socket that is used.
 
Note that the UNIX socket for the uml_switch process isn't created
 
instantly, so if these commands are scripted, a minor wait (sleep)
 
is necessary before setting permissions on the file. (Of course, the 'ls'
 
commands are not really needed, but they are useful to check the chmod
 
commands has been sucessfull).</li>
 
 
 
<pre class="box">
 
root@host# sleep 1
 
root@host# ls -l /var/local/run/vnuml/Net3.ctl
 
srwxr-xr-x  1 vnuml vnuml 0 2005-07-29 11:48 /var/local/run/vnuml/Net3.ctl
 
root@host# chmod g+rw /var/local/run/vnuml/Net3.ctl
 
root@host# ls -l /var/local/run/vnuml/Net3.ctl
 
srwxrwxr-x  1 vnuml vnuml 0 2005-07-29 11:48 /var/local/run/vnuml/Net3.ctl
 
</pre>
 
 
 
<p>Now that the /var/local/run/vnuml/Net3.ctl exists and is readable
 
and writeable by bauer, you can start the simulation.</p>
 
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -t tutorial_user1.xml -v
 
</pre>
 
 
 
<p>You should see the xterms starting as usual. After they have finished
 
booting, you could check that now the host is part of the simulation. From
 
uml1 you can try:</p>
 
 
<pre class="box">
 
uml1:~ # traceroute -n 10.0.3.2
 
traceroute to 10.0.3.2 (10.0.3.2), 30 hops max, 38 byte packets
 
1  10.0.0.3  1.779 ms  2.572 ms  1.359 ms
 
2  10.0.3.2  1.785 ms  1.641 ms  1.744 ms
 
</pre>
 
<p>From uml5 you can try:</p>
 
 
 
<pre class="box">
 
uml5:~ # traceroute -n 10.0.3.2
 
traceroute to 10.0.3.2 (10.0.3.2), 30 hops max, 38 byte packets
 
1  10.0.2.1  1.407 ms  0.857 ms  1.243 ms
 
2  10.0.1.1  1.265 ms  1.019 ms  0.980 ms
 
3  10.0.3.2  1.545 ms  3.156 ms  2.033 ms
 
</pre>
 
 
 
            <p>From host try:</p>
 
 
 
<pre class="box">
 
bauer@host$ traceroute -n 10.0.0.1
 
traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 40 byte packets
 
1  10.0.3.1  0.000 ms  0.000 ms  0.000 ms
 
2  10.0.0.1  0.000 ms  0.000 ms  0.000 ms
 
bauer@host$ traceroute -n 10.0.2.2
 
traceroute to 10.0.2.2 (10.0.2.2), 30 hops max, 40 byte packets
 
1  10.0.3.1  0.000 ms  0.000 ms  0.000 ms
 
2  10.0.1.2  0.000 ms  0.000 ms  0.000 ms
 
3  10.0.2.2  0.000 ms  0.000 ms  0.000 ms
 
</pre>
 
 
 
<p>Virtual machines can reach the host this way. The scenario could be
 
improved by configuring routing and NATing properly in the
 
host, in order for virtual machines to reach any host on the Internet. Such a setup
 
would be a layer 3 interconnection: the host acts as router/NAT between virtual machines
 
and the external network. Details to configure NAT this way
 
can be found <a href="#nat">later in this document</a>. A stronger
 
interconnection (layer 2) can be implemented,
 
so virtual machines are connected to the external network directly, but root
 
privileges are needed. We describe <a href="#layer_2_interconnection">layer 2
 
interconnection later</a>.</p>
 
 
 
<p>To release the simulation:
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -d tutorial_user1.xml -v
 
</pre>
 
 
 
<p>When the simulation has been released, note that the uml_switch process for Net3
 
is still running, and its accompanying UNIX socket still exists in
 
/var/local/run/vnuml/Net3.ctl.  Also, the tap0 device is still configured,
 
and its gateway still exists.  As long as this setup
 
remains, new simulation scenarios may be built using the same configuration without
 
requiring it to be set up again.</p>
 
 
 
<p>When the user has finished running simulations that involve the network set up
 
for Net3, the uml_switch process can be killed, and the socket removed:
 
 
 
<pre class="box">
 
root@host# kill `lsof -t /var/local/run/vnuml/Net3.ctl`
 
/var/local/run/vnuml/Net3.ctl:  6280
 
root@host# rm /var/local/run/vnuml/Net3.ctl
 
</pre>
 
 
 
Now the tap0 device may be deconfigured:</p>
 
 
<pre class="box">
 
root@host# ifconfig tap0 down
 
root@host# tunctl -d tap0
 
Set 'tap0' nonpersistent
 
</pre>
 
 
 
<h3><a name="executing_commands">3. 2. Executing Commands</a></h3>
 
 
 
            <h4><a name="generate_ssh_key">3. 2. 1. Generating SSH key</a></h4>
 
 
 
            <p>VNUML parser uses SSH to access and manage the UMLs. To
 
            avoid being asked for a password whenever this happens
 
            (quite often) you must generate a public key that will be
 
            installed automatically in the UMLs by the VNUML parser (<a href=
 
            "../reference/index.html#ssh_key">&lt;ssh_key&gt;</a>
 
            tag).</p>
 
 
 
            <p>To create the public key just type:</p>
 
 
 
<pre class="box">
 
bauer@host$ ssh-keygen -t rsa1
 
</pre>
 
 
 
    <p>Select the default file to save the key (~/.ssh/identity). The passphrase
 
    is not relevant (although we recommend to use an empty passphrase,
 
    in order no user input required whenever the key is used).</p>
 
 
 
            <p>Anyway, the first time (and only once) that SSH is used,
 
            you will have to confirm the server key answering
 
            &#39;yes&#39; to the question you will be asked.</p>
 
           
 
            <h4><a name="management_network">3. 2. 2. Management Network</a></h4>
 
 
 
<p>The following is a variation of the tutorial_user_limited.xml file. Copy it
 
to a file named <b>tutorial_user2.xml</b> and save it (if you don't want to
 
do the copy-paste, you can find it in the examples directory after VNUML
 
installation, usually /usr/local/share/vnuml/examples).</p>
 
 
 
<div align="center">
 
<img alt="Tutorial User Scenario (2)" src="tutorial_user2.png" width="480" height="280" border="0">   
 
</div>
 
 
<pre class="box">
 
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
 
&lt;!DOCTYPE vnuml SYSTEM "/usr/local/share/xml/vnuml/vnuml.dtd"&gt;
 
 
 
&lt;vnuml&gt;
 
  &lt;global&gt;
 
    &lt;version&gt;1.6&lt;/version&gt;
 
    &lt;simulation_name&gt;tutorial-u2&lt;/simulation_name&gt;
 
    &lt;ssh_version&gt;1&lt;/ssh_version&gt;
 
    &lt;ssh_key&gt;~/.ssh/identity.pub&lt;/ssh_key&gt;
 
    &lt;automac/&gt;
 
    &lt;vm_mgmt type="net" network="10.250.0.0" mask="24"&gt;
 
      &lt;mgmt_net sock="/var/local/run/vnuml/Mgmt_net.ctl" hostip="10.250.0.1"/&gt;
 
    &lt;/vm_mgmt&gt;
 
    &lt;default_filesystem type="cow"&gt;/usr/local/share/vnuml/filesystems/root_fs_tutorial&lt;/default_filesystem&gt;
 
    &lt;default_kernel&gt;/usr/local/share/vnuml/kernels/linux&lt;/default_kernel&gt;
 
  &lt;/global&gt;
 
  &lt;net name="Net0" mode="uml_switch" /&gt;
 
  &lt;net name="Net1" mode="uml_switch" /&gt;
 
  &lt;net name="Net2" mode="uml_switch" /&gt;
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
    &lt;exec seq="start" type="verbatim"&gt;nohup /usr/bin/hello &amp;lt;/dev/null &amp;gt;/dev/null 2&amp;gt;&amp;amp;1 &amp;amp; &lt;/exec&gt;
 
    &lt;exec seq="stop" type="verbatim"&gt;killall hello&lt;/exec&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml2"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml3"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.3&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.2"&gt;10.0.2.0/24&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml4"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.1"&gt;default&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml5"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.2.1"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
&lt;/vnuml&gt;
 
</pre>
 
 
 
<p>VNUML uses SSH to send command sequences to the virtual machines. The
 
SSH protocol version and the SSH public key to be used are specified
 
in the <a href="../reference/index.html#ssh_version">&lt;ssh_version&gt;</a>
 
and <a href="../reference/index.html#ssh_key">&lt;ssh_key&gt;</a> tags, respectively.
 
Note that the SSH key file is the one generated in the
 
<a href="#generate_ssh_key">previous step</a>.</p>
 
 
<p>In order to send commands to the virtual machines, a special kind of network
 
is set up for management. There are two kind of management networks: private--establishes
 
a peer-to-peer connection between the host and each one of the
 
virtual machines (this requires that vnumlparser.pl be run as root); and net--a uml_switched
 
network is used. This is set up with the <strong>type</strong> attribute in
 
the <a href="../reference/index.html#vm_mgmt">&lt;vm_mgmt&gt;</a> tag.</p>
 
 
<p>When using <strong>type</strong>=&quot;net&quot; the <strong>network</strong>
 
and <strong>mask</strong> attributes specify a network address range that vnumlparser.pl
 
will use to assign addresses to the virtual machines. The <strong>hostip</strong>
 
attribute in the <a href="../reference/index.html#mgmt_net">&lt;mgmt_net&gt;</a> tag
 
will be skipped in that range, reserved for use by the host.</p>
 
 
<p>Let's see how the whole thing is working. As root, set up a tap device and start
 
the uml_switch process (similar to what was done in the <a href="#connecting_sim_host">previous example</a>):</p>
 
 
<pre class="box">
 
root@host# tunctl -u vnuml -t tap0   
 
Set 'tap0' persistent and owned by uid 1037
 
root@host# ifconfig tap0 10.250.0.1 netmask 255.255.255.0 up
 
root@host# su -pc 'uml_switch -tap tap0 -unix /var/local/run/vnuml/Mgmt_net.ctl &lt; /dev/null &gt; /dev/null &amp;' vnuml
 
root@host# sleep 1
 
root@host# chmod g+rw /var/local/run/vnuml/Mgmt_net.ctl
 
</pre>
 
 
 
<p>Next, build the simulation:</p>
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -t tutorial_user2.xml -v
 
</pre>
 
 
 
<p>After logging in to the xterms, you can check using ifconfig that an additional
 
interface is configured in each machine: the eth0 interface. All virtual
 
machines are connected to the host (and between them, as side effect), with
 
the following addresses:</p>
 
 
 
          <table border="1">
 
          <tr>
 
            <td>host</td>
 
            <td>10.250.0.1</td>
 
            <td>assigned with the ifconfig command, before building simulation</td>
 
          </tr>
 
          <tr>
 
            <td>uml1</td>
 
            <td>10.250.0.2</td>
 
            <td>assigned automatically by vnumlparser.pl</td>
 
          </tr>
 
          <tr>
 
            <td>uml2</td>
 
            <td>10.250.0.3</td>
 
            <td>assigned automatically by vnumlparser.pl</td>
 
          </tr>
 
          <tr>
 
            <td>uml3</td>
 
            <td>10.250.0.4</td>
 
            <td>assigned automatically by vnumlparser.pl</td>
 
          </tr>
 
          <tr>
 
            <td>uml4</td>
 
            <td>10.250.0.5</td>
 
            <td>assigned automatically by vnumlparser.pl</td>
 
          </tr>
 
          <tr>
 
            <td>uml5</td>
 
            <td>10.250.0.6</td>
 
            <td>assigned automatically by vnumlparser.pl</td>
 
          </tr>         
 
          </table>
 
 
<p>You can login in each virtual machine from host using SSH. For
 
example, to log in uml3:</p>
 
 
 
<pre class="box">
 
bauer@host$ ssh -1 root@10.250.0.4
 
Warning: No xauth data; using fake authentication data for X11 forwarding.
 
Warning: Remote host denied X11 forwarding.
 
Last login: Mon Jul  4 19:00:52 2005 from 10.250.0.1
 
uml3:~#
 
</pre>
 
 
<p>Note that, given that you can SSH to each virtual machine from host,
 
you don't need xterms (just remove the
 
<a href="../reference/index.html#boot">&lt;boot&gt;</a> tag in the VNUML file)
 
if you configure the management network properly. This
 
is very useful when you have a lot of virtual machines in your simulation
 
(ten or more) and don't want to be overwhelmed by the xterms.</p>
 
 
 
            <h4><a name="command_sequences">3. 2. 3. Command Sequences</a></h4>
 
 
 
            <p>Once the simulated scenario is up and running, you can
 
            get access to each virtual machine using ssh and
 
            execute the commands you desire. You could, for example,
 
            manually start a web or ftp server inside uml1 and uml5
 
            virtual machines. You could also start routing daemons in uml3,
 
            uml4 and the host in order to set-up dynamic routing for the scenario.
 
            You could even start automatically such services from the init scripts
 
            in the root filesystem being used, although that would probably require
 
            the use of a different filesystem for each UML.
 
            </p>
 
 
 
            <p>However, in order to be able to easily create and reproduce
 
            simulation scenarios, a simple and powerful way to specify the
 
            commands that each virtual machine has to execute to
 
            start the scenario is needed, as well as the commands to stop
 
            the simulation and return the virtual machine
 
            to a known state.</p>
 
 
 
            <p>That is basically what VNUML offers: a way to automate the execution
 
            of commands in the virtual machines and host using the execute commands
 
            mode (-x switch).
 
            By means of the <a href=
 
            "../reference/index.html#exec">&lt;exec&gt;</a> tag
 
            included inside each virtual machine definition, you can specify the
 
            commands that will be executed. Commands are grouped using a <em>command
 
            sequence identifier</em>, specified in the <strong>seq</strong> attribute
 
            of the <a href=
 
            "../reference/index.html#exec">&lt;exec&gt;</a> tag. In this tutorial
 
            we will to consider two command sequences: &quot;start&quot; and &quot;stop&quot;.</p>
 
 
 
            <p>To show this functionality in this tutorial we will use
 
            the /usr/bin/hello program included in the tutorial root filesystem.
 
            It is just a quite simple program whose only function is to output
 
            &#39;hello&#39; word to file /tmp/hello every 10
 
            seconds (it is only for testing purposes, we suppose you&#39;ll use VNUML
 
            for more useful tasks :).</p>
 
 
 
            <p>In order to test it, look at the lines at the end of
 
            uml1 description in tutorial_user2.xml:</p>       
 
 
 
<pre class="box">
 
&lt;exec seq=&quot;start&quot; type=&quot;verbatim&quot;&gt; nohup /usr/bin/hello &amp;lt;/dev/null &amp;gt;/dev/null 2&amp;gt;&amp;amp;1 &amp;amp; &lt;/exec&gt;
 
&lt;exec seq=&quot;stop&quot; type=&quot;verbatim&quot;&gt;killall hello&lt;/exec&gt;
 
</pre>
 
 
 
            <p>Basically, we have specified the following command to be executed
 
            in uml1 whenever the simulation is started (note that <strong>&lt;</strong>,
 
            <strong>&gt;</strong> and <strong>&amp;</strong> characters had to
 
            be escaped in XML files):</p>
 
 
 
<pre class="box">
 
nohup /usr/bin/hello &lt;/dev/null &gt;/dev/null 2&gt;&amp;1 &amp;
 
</pre>
 
 
            <p>(Why not simply use &#39;nohup /usr/bin/hello
 
            &amp;&#39;? There are ssh related problems that force to
 
            redirect standard input and output; look at <a href=
 
            "../user/index.html#ssh_hang">VNUML User Manual</a> for more details).</p>
 
 
 
            <p>And the following one to be executed in uml1 whenever the
 
            simulation is stopped:</p>
 
 
 
<pre class="box">
 
killall hello
 
</pre>
 
 
 
            <p>Start the simulation using:</p>
 
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -x start@tutorial_user2.xml -v
 
</pre>
 
 
 
            <p>Note that the process is much shorter than when building the simulation
 
            scenario (mode -t). Check the existence and growing of /tmp/hello file in
 
            uml1: the hello daemon is working.</p>
 
 
 
<pre class="box">
 
uml1:~ # tail -f /tmp/hello
 
Hello! Current date: Mon Jul 4 19:13:10 UTC 2005
 
Hello! Current date: Mon Jul 4 19:13:20 UTC 2005
 
Hello! Current date: Mon Jul 4 19:13:30 UTC 2005
 
Hello! Current date: Mon Jul 4 19:13:40 UTC 2005
 
Hello! Current date: Mon Jul 4 19:13:50 UTC 2005
 
Hello! Current date: Mon Jul 4 19:14:00 UTC 2005
 
Hello! Current date: Mon Jul 4 19:14:10 UTC 2005
 
</pre>
 
 
 
            <p>In a similar way you can stop the simulation (killing the hello
 
            daemon) with:</p>
 
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -x stop@tutorial_user2.xml -v
 
</pre>
 
 
 
            <p>Access again to uml1 and check that hello daemon is not
 
            working now (&#39;ps axw | grep hello&#39; for example)
 
            and that /tmp/hello file has stopped growing.</p>
 
                 
 
            <p>Once you have finished playing around with the simulation scenario,
 
            release it as usual:.</p>
 
 
 
<pre class="box">
 
bauer@host$ vnumlparser.pl -d tutorial_user2.xml -v
 
</pre>
 
           
 
<p>As with the <a href="#connecting_sim_host">previous example</a>, in order to reset to the original state,
 
the uml_switch process will need to be killed and its accompanying UNIX socket
 
removed.  Also the tap device will need will need to be deconfigured and removed.
 
 
 
<pre class="box">
 
root@host# kill `lsof -t /var/local/run/vnuml/Mgmt_net.ctl`
 
/var/local/run/vnuml/Mgmt_net.ctl:  13746
 
root@host# rm /var/local/run/vnuml/Mgmt_net.ctl
 
root@host# ifconfig tap0 down
 
root@host# tunctl -d tap0
 
Set 'tap0' nonpersistent
 
</pre>
 
           
 
            <br>
 
          </td>
 
        </tr>
 
       
 
        <!-- 4. F U L L  R O O T  P R I V I L E G I E S  -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name=
 
          "full_root_privileges">4. Full Root Privileges</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
 
 
        <h3><a name="host_configuration">4. 1. Host Configuration</a></h3>
 
       
 
        <p>The <a href="../reference/index.html#host">&lt;host&gt;</a> tag, that can
 
        be only be used if root runs vnumlparser.pl allows to automate host configuration.
 
        For example, the following example (<strong>tutorial_root1.xml</strong>) is functionally equivalent
 
        to tutorial_user1.xml (<a href="#connecting_sim_host">described here</a>), but vnumlparser.pl deals with the tap0 creation and
 
        uml_switch starting. Note also that <strong>sock</strong> attribute in
 
        <a href="../reference/index.html#host">&lt;host&gt;</a> Net3 is not used.</p>
 
       
 
<pre class="box">
 
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
 
&lt;!DOCTYPE vnuml SYSTEM "/usr/local/share/xml/vnuml/vnuml.dtd"&gt;
 
 
 
&lt;vnuml&gt;
 
  &lt;global&gt;
 
    &lt;version&gt;1.6&lt;/version&gt;
 
    &lt;simulation_name&gt;tutorial-r1&lt;/simulation_name&gt;
 
    &lt;automac/&gt;
 
    &lt;vm_mgmt type="none" /&gt;
 
    &lt;default_filesystem type="cow"&gt;/usr/local/share/vnuml/filesystems/root_fs_tutorial&lt;/default_filesystem&gt;
 
    &lt;default_kernel&gt;/usr/local/share/vnuml/kernels/linux&lt;/default_kernel&gt;
 
  &lt;/global&gt;
 
  &lt;net name="Net0" mode="uml_switch" /&gt;
 
  &lt;net name="Net1" mode="uml_switch" /&gt;
 
  &lt;net name="Net2" mode="uml_switch" /&gt;
 
  &lt;net name="Net3" mode="uml_switch" /&gt;
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml2"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml3"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.3&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="3" net="Net3"&gt;
 
      &lt;ipv4&gt;10.0.3.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.2"&gt;10.0.2.0/24&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml4"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.1"&gt;default&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml5"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.2.1"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;host&gt;
 
    &lt;hostif net="Net3"&gt;
 
      &lt;ipv4&gt;10.0.3.2&lt;/ipv4&gt;
 
    &lt;/hostif&gt;
 
    &lt;route type="inet" gw="10.0.3.1"&gt;10.0.0.0/16&lt;/route&gt;
 
  &lt;/host&gt;
 
&lt;/vnuml&gt;
 
</pre>
 
 
 
<p>To build, test and release the example use the usual commands:</p>
 
 
 
<pre class="box">
 
root@host# vnumlparser.pl -t tutorial_root1.xml -v
 
(...)
 
root@host# traceroute -n 10.0.0.1
 
traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 40 byte packets
 
1  10.0.3.1  0.000 ms  0.000 ms  0.000 ms
 
2  10.0.0.1  0.000 ms  0.000 ms  0.000 ms
 
root@host# traceroute -n 10.0.2.2
 
traceroute to 10.0.2.2 (10.0.2.2), 30 hops max, 40 byte packets
 
1  10.0.3.1  0.000 ms  0.000 ms  0.000 ms
 
2  10.0.1.2  0.000 ms  0.000 ms  0.000 ms
 
3  10.0.2.2  0.000 ms  0.000 ms  0.000 ms
 
root@host# vnumlparser.pl -d tutorial_root1.xml -v
 
(...)
 
</pre>
 
       
 
        <h3><a name="private_management">4. 2. Private Management</a></h3>
 
 
 
<p>You can use <strong>type</strong>=&quot;private&quot; in <a href="../reference/index.html#vm_mgmt">&lt;vm_mgmt&gt;</a>
 
to establish peer-to-peer connection between the host and each one of the
 
    virtual machines (/30 networks). The <a href="../reference/index.html#mgmt_net">&lt;mgmt_net&gt;</a>
 
    tag is not used in this case. The following example (<strong>tutorial_root2.xml</strong>) is functionally
 
    equivalent to tutorial_user2.xml (<a href="#executing_commands">described here</a>), but using private management.</p>
 
 
 
<div align="center">
 
<img alt="Tutorial Root Scenario (2)" src="tutorial_root2.png" width="480" height="286" border="0">   
 
</div>
 
 
 
<pre class="box">
 
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
 
&lt;!DOCTYPE vnuml SYSTEM "/usr/local/share/xml/vnuml/vnuml.dtd"&gt;
 
 
 
&lt;vnuml&gt;
 
  &lt;global&gt;
 
    &lt;version&gt;1.6&lt;/version&gt;
 
    &lt;simulation_name&gt;tutorial-r2&lt;/simulation_name&gt;
 
    &lt;ssh_version&gt;1&lt;/ssh_version&gt;
 
    &lt;ssh_key&gt;~/.ssh/identity.pub&lt;/ssh_key&gt;
 
    &lt;automac/&gt;
 
    &lt;vm_mgmt type="private" network="10.250.0.0" mask="24"&gt;
 
      &lt;host_mapping /&gt;
 
    &lt;/vm_mgmt&gt;
 
    &lt;default_filesystem type="cow"&gt;/usr/local/share/vnuml/filesystems/root_fs_tutorial&lt;/default_filesystem&gt;
 
    &lt;default_kernel&gt;/usr/local/share/vnuml/kernels/linux&lt;/default_kernel&gt;
 
  &lt;/global&gt;
 
  &lt;net name="Net0" mode="uml_switch" /&gt;
 
  &lt;net name="Net1" mode="uml_switch" /&gt;
 
  &lt;net name="Net2" mode="uml_switch" /&gt;
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
      &lt;xterm&gt;gnome-terminal,-t,-x&lt;/xterm&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
    &lt;exec seq="start" type="verbatim"&gt;nohup /usr/bin/hello &amp;lt;/dev/null &amp;gt;/dev/null 2&amp;gt;&amp;amp;1 &amp;amp; &lt;/exec&gt;
 
    &lt;exec seq="stop" type="verbatim"&gt;killall hello&lt;/exec&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml2"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
      &lt;xterm&gt;gnome-terminal,-t,-x&lt;/xterm&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml3"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
      &lt;xterm&gt;gnome-terminal,-t,-x&lt;/xterm&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.3&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.2"&gt;10.0.2.0/24&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml4"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
      &lt;xterm&gt;gnome-terminal,-t,-x&lt;/xterm&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.1"&gt;default&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml5"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
      &lt;xterm&gt;gnome-terminal,-t,-x&lt;/xterm&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.2.1"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
&lt;/vnuml&gt;
 
</pre>
 
 
 
<p>The address assignment is as follows:</p>
 
 
 
          <table border="1">
 
          <tr>
 
            <td><strong>uml connection</strong></td>
 
            <td><strong>host-side</strong></td>
 
            <td><strong>uml-side</strong></td>
 
          </tr>         
 
          <tr>
 
            <td>uml1</td>
 
            <td>10.250.0.1</td>
 
            <td>10.250.0.2</td>
 
          </tr>
 
          <tr>
 
            <td>uml2</td>
 
            <td>10.250.0.5</td>
 
            <td>10.250.0.6</td>
 
          </tr>
 
          <tr>
 
            <td>uml3</td>
 
            <td>10.250.0.9</td>
 
            <td>10.250.0.10</td>
 
          </tr>
 
          <tr>
 
            <td>uml4</td>
 
            <td>10.250.0.13</td>
 
            <td>10.250.0.14</td>
 
          </tr>
 
          <tr>
 
            <td>uml5</td>
 
            <td>10.250.0.17</td>
 
            <td>10.250.0.18</td>
 
          </tr>
 
          </table>
 
 
 
<p>Previously to build the simulation, you have to generate the SSH public key for the root user,
 
as described in the <a href="#generate_ssh_key">generate ssh key section</a> of this tutorial. Otherwise, vnumlparser.pl will
 
complaint about the ~/.ssh/idenity.pub file.</p>
 
 
 
<p>The example uses the <a href="../reference/index.html#host_mapping">&lt;host_mapping&gt;</a>
 
tag, only allowed to root. This tag enables virtual machine name mapping in /etc/hosts while
 
the simulation is running:</p>
 
 
 
<pre class="box">
 
root@host# vnumlparser.pl -t tutorial_root2.xml -v
 
...
 
root@host# cat /etc/hosts
 
...
 
# BEGIN: tutorial-r2
 
# topology built: lun jul  4 21:48:08 CEST 2005
 
10.250.0.2 uml1
 
10.250.0.6 uml2
 
10.250.0.10 uml3
 
10.250.0.14 uml4
 
10.250.0.18 uml5
 
# END: tutorial-r2
 
...
 
root@host# vnumlparser.pl -d tutorial_root2.xml -v
 
...
 
root@host# cat /etc/hosts
 
...
 
# BEGIN: tutorial-r2
 
# topology destroyed: lun jul  4 22:04:16 CEST 2005
 
# END: tutorial-r2
 
</pre>
 
 
 
<p>Therefore, you can use 'ssh -1 uml1' instead of 'ssh -1 10.250.0.2', for example:
 
more intuitive!</p>
 
       
 
        <h3><a name="layer_2_interconnection">4. 3. Layer 2 interconnection</a></h3>
 
 
 
<p>Previously, we stated that is possible to connect a virtual machine directly to the
 
host external network (layer 2 interconnection). To do so, a special kind of
 
virtual network, specified with attribute <strong>type</strong>=&quot;virtual_bridge&quot;
 
in <a href="../reference/index.html#net">&lt;net&gt;</a> tag. In addition, the name of
 
the physical interface in the host is specified with the <strong>external</strong>
 
attribute.</p>
 
 
<p>The following VNUML description (<strong>tutorial_root3.xml</strong>) is a
 
variation of tutorial_user1.xml (<a href="#connecting_sim_host">described here</a>), that directly
 
connects uml3 with the host external network, using IP 192.168.0.150 (of course, you
 
have to change this address to one with meaning in your host external network).</p>
 
 
 
<div align="center">
 
<img alt="Tutorial Root Scenario (3)" src="tutorial_root3.png" width="480" height="299" border="0">   
 
</div>
 
 
 
<pre class="box">
 
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
 
&lt;!DOCTYPE vnuml SYSTEM "/usr/local/share/xml/vnuml/vnuml.dtd"&gt;
 
 
 
&lt;vnuml&gt;
 
  &lt;global&gt;
 
    &lt;version&gt;1.6&lt;/version&gt;
 
    &lt;simulation_name&gt;tutorial-r3&lt;/simulation_name&gt;
 
    &lt;automac/&gt;
 
    &lt;vm_mgmt type="none" /&gt;
 
    &lt;default_filesystem type="cow"&gt;/usr/local/share/vnuml/filesystems/root_fs_tutorial&lt;/default_filesystem&gt;
 
    &lt;default_kernel&gt;/usr/local/share/vnuml/kernels/linux&lt;/default_kernel&gt;
 
  &lt;/global&gt;
 
  &lt;net name="Net0" mode="uml_switch" /&gt;
 
  &lt;net name="Net1" mode="uml_switch" /&gt;
 
  &lt;net name="Net2" mode="uml_switch" /&gt;
 
  &lt;net name="Net3" mode="virtual_bridge" external="eth0"/&gt;
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml2"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml3"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.3&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="3" net="Net3"&gt;
 
      &lt;ipv4&gt;192.168.0.150&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.2"&gt;10.0.2.0/24&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml4"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net1"&gt;
 
      &lt;ipv4&gt;10.0.1.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;if id="2" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.1.1"&gt;default&lt;/route&gt;
 
    &lt;forwarding type="ip" /&gt;
 
  &lt;/vm&gt;
 
  &lt;vm name="uml5"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net2"&gt;
 
      &lt;ipv4&gt;10.0.2.2&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.2.1"&gt;default&lt;/route&gt;
 
  &lt;/vm&gt;
 
  &lt;host&gt;
 
    &lt;hostif net="Net3"&gt;
 
      &lt;ipv4&gt;192.168.0.39&lt;/ipv4&gt;
 
    &lt;/hostif&gt;
 
    &lt;physicalif name="eth0" ip="192.168.0.39" mask="255.255.255.0" gw="192.168.0.1" /&gt;
 
    &lt;route type="inet" gw="192.168.0.1"&gt;default&lt;/route&gt;
 
  &lt;/host&gt; 
 
&lt;/vnuml&gt;
 
</pre>
 
 
 
<p>The <a href="../reference/index.html#host">&lt;host&gt;</a> section is not
 
mandatory, but very recommended due to the virtual bridging set up process
 
during &quot;-t&quot; deconfigures the physical interface in the host. The
 
<a href="../reference/index.html#ipv4">&lt;ipv4&gt;</a> and
 
<a href="../reference/index.html#route">&lt;route&gt;</a> tags ensures the
 
host remains properly configured by vnumlparser.pl after &quot;-t&quot; mode
 
(we are supposing that the host address in eth0 is 192.168.0.39 and the default
 
gateway in the external network 192.168.0.1).</p>
 
 
 
<p>During virtual bridge releasing during &quot;-d&quot;, the external connection is also
 
deconfigured. To restore configuration the
 
<a href="../reference/index.html#physicalif">&lt;physicalif&gt;</a> tag is
 
needed.</p>
 
 
<p>After building the simulation you can check that uml3 reach the gateway and
 
the host interface in the external network:</p>
 
 
 
<pre class="box">
 
uml3:~# ping -c 1 192.168.0.1
 
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
 
64 bytes from 192.168.0.1: icmp_seq=1 ttl=150 time=0.629 ms
 
 
 
--- 192.168.0.1 ping statistics ---
 
1 packets transmitted, 1 received, 0% packet loss, time 0ms
 
rtt min/avg/max/mdev = 0.629/0.629/0.629/0.000 ms
 
uml3:~# ping -c 1 192.168.0.39
 
PING 192.168.0.39 (192.168.0.39) 56(84) bytes of data.
 
64 bytes from 192.168.0.39: icmp_seq=1 ttl=64 time=31.1 ms
 
 
 
--- 192.168.0.39 ping statistics ---
 
1 packets transmitted, 1 received, 0% packet loss, time 0ms
 
rtt min/avg/max/mdev = 31.162/31.162/31.162/0.000 ms
 
</pre>
 
 
 
            <br>
 
          </td>
 
         
 
        </tr><!-- 6. N A T -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name="nat">5.
 
          Configuring NAT</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
       
 
        <p>This section describes a procedure to configure NAT in the host
 
        for the scenarios described in section 3 of this tutorial, althought
 
        it could be easily adapted to others VNUML scanerios using layer 3
 
        interconnection at host. The procedure has been provided thanks to
 
        Carlos Sanmartín.</p>
 
         
 
        <p>How to configure NAT? Well, we can use iptables(8), included in linux
 
        kernels from 2.4.x We can have included into kernel or load it with a
 
        module:</p>
 
 
 
<pre class="box">
 
root@host:~# modprobe ipt_MASQUERADE
 
</pre>
 
 
 
      <p>It will load ip_tables, ip_conntrack and iptable_nat.</p>
 
 
 
      <p>Let's follow next steps:</p>
 
     
 
      <ol>
 
     
 
      <li>We have to enable forwarding into kernel, for managing
 
      packets which target isn't is our host.
 
 
 
<pre class="box">
 
root@host:~# echo 1 > /proc/sys/net/ipv4/ip_forward
 
</pre>
 
 
 
      For same configuration at any startup, we can add to /etc/sysctl.conf:
 
 
 
<pre class="box">
 
net.ipv4.ip_forward=1
 
</pre>
 
      </li>
 
 
 
      <li>We have to enable NAT rule, for translating virtual machines
 
      addresses to host output interface IP address (we suppose eth0 is the
 
      output interface):
 
 
 
<pre class="box">
 
root@host:~# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 
</pre>
 
 
 
      </li>
 
 
 
      <li>Finally, we have to add a default route for managing outgoing
 
      packages, at uml3:
 
 
 
<pre class="box">
 
root@uml3:~# route add default gw 10.0.3.2
 
</pre>
 
 
 
      <li>
 
</ol>
 
 
 
      <p>It looks like this:</p>
 
   
 
<pre class="box">
 
uml3:~# route
 
Kernel IP routing table
 
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
 
10.0.0.0        *              255.255.255.0  U    0      0        0 eth1
 
10.0.1.0        *              255.255.255.0  U    0      0        0 eth2
 
10.0.2.0        10.0.1.2        255.255.255.0  UG    0      0        0 eth2
 
10.0.3.0        *              255.255.255.0  U    0      0        0 eth3
 
default        10.0.3.2        0.0.0.0        UG    0      0        0 eth3
 
</pre>
 
 
 
    <p>Now, we can try:</p>
 
 
 
<pre class="box">
 
uml1:~# ping -c 1 www.google.es
 
PING www.l.google.com (66.249.93.104) 56(84) bytes of data.
 
64 bytes from 66.249.93.104: icmp_seq=1 ttl=235 time=56.7 ms
 
 
 
--- www.l.google.com ping statistics ---
 
1 packets transmitted, 1 received, 0% packet loss, time 0ms
 
rtt min/avg/max/mdev = 56.781/56.781/56.781/0.000 ms
 
</pre>
 
 
 
<p>Enjoy it!</p>
 
 
 
<p>For further information, please visit: the
 
<a href="http://www.tldp.org/HOWTO/html_single/Masquerading-Simple-HOWTO">Masquerading Simple HOWTO</a>.</p>
 
 
 
            <br>
 
          </td>         
 
         
 
        </tr><!-- 6. A D D I T I O N A L  T I P S -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name="tips">6.
 
          Additional Tips</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
 
 
            <p>In addition to the basic tutorial you can try the following tips:
 
            </p>
 
            <ul>
 
 
 
            <li>Improve performance. A virtualized kernel runs slower than a conventional one. Anyway, UML
 
            provides a mechanism of improving efficiency using SKAS mode. Different from previous versions
 
            of vnumlparser.pl, version 1.3.0 and beyond works fine with SKAS: you just need to compile a
 
            host kernel with SKAS support enabled. <a href="http://user-mode-linux.sourceforge.net/skas.html">More information</a> in the UML Project Web site.</li>
 
           
 
            <li>Adding users and groups in the virtual machines. In the examples shown so far, there is only one
 
            user in the virtual machines: the root user. However, vnumlparser.pl can add users to the virtual
 
            machines using <a href="../reference/index.html#user">&lt;user&gt;</a> tag. Try
 
            replacing the following vm section for uml1 in the tutorial_limited_user.xml file
 
            (or use the <strong>tutorial_limited_user2.xml</strong> file that comes with the VNUML examples):
 
 
 
<pre class="box">
 
  ...
 
  &lt;vm name="uml1"&gt;
 
    &lt;boot&gt;
 
      &lt;con0&gt;xterm&lt;/con0&gt;
 
    &lt;/boot&gt;
 
    &lt;if id="1" net="Net0"&gt;
 
      &lt;ipv4&gt;10.0.0.1&lt;/ipv4&gt;
 
    &lt;/if&gt;
 
    &lt;route type="inet" gw="10.0.0.3"&gt;default&lt;/route&gt;
 
    &lt;user username="yoda" group="jedi"&gt;
 
      &lt;group&gt;jedi&lt;/group&gt;
 
      &lt;group&gt;lightside&lt;/group&gt;
 
    &lt;/user&gt;
 
    &lt;user username="anakin" group="sith"&gt;
 
      &lt;group&gt;sith&lt;/group&gt;
 
      &lt;group&gt;darktside&lt;/group&gt;
 
    &lt;/user&gt;
 
  &lt;/vm&gt;
 
  ...
 
</pre>
 
 
 
Once built the simulation, you can check how the yoda and anakin users are created in uml1:
 
 
 
<pre class="box">
 
uml1:~# id yoda
 
uid=1002(yoda) gid=1003(jedi) groups=1003(jedi),1004(lightside)
 
uml1:~# id anakin
 
uid=1001(anakin) gid=1001(sith) groups=1001(sith),1002(darkside)
 
</pre>
 
 
 
</li>
 
 
 
            <!--li>Inter-boot delay. It's possible (depending on the UML stability related with certain
 
            host Linux distributions and kernels) that some UMLs may not boot properly when you build
 
the topology (mode -t). This situation is detected when vnumlparser.pl dies on startup
 
(indicating that something went wrong with booting one of the UMLs before the init process was
 
started) or waits indefinitely in blocking mode (-B switch).<br>
 
            In some cases, adding a small delay between UML booting seems to fix the situation. You can introduce
 
            such a delay using &quot;-w&quot; switch. For example, a &quot;-w 10&quot; introduces 10 seconds interval
 
            between UML boots.</li-->
 
           
 
            <li>UML kernel and filesystem selection. In the examples shown so far, the
 
            kernel and UML filesystem for all the virtual machines is set up with the
 
            <a href="../reference/index.html#default_kernel">&lt;default_kernel&gt;</a>
 
            and <a href="../reference/index.html#default_filesystem">&lt;default_filesystem&gt;</a>
 
            tags. However, you can specify a different UML kernel using
 
            <a href="../reference/index.html#kernel">&lt;kernel&gt;</a> and
 
            <a href="../reference/index.html#filesystem">&lt;filesystem&gt;</a> tags
 
            in a per-vm basis.</li>
 
 
 
            </ul>         
 
           
 
            <br>
 
          </td>
 
        </tr><!-- 7. F U R T H E R  R E A D I N G -->
 
 
 
        <tr>
 
          <td class="title" colspan="2"><a name="further_reading">7.
 
          Further Reading</a></td>
 
        </tr>
 
 
 
        <tr>
 
          <td colspan="2">
 
            <br>
 
 
 
            <p>This tutorial does not show all features of VNUML
 
            tool. Concurrent simulation execution, filetree copying, hostfs filesystems,
 
            blocking modes,
 
            VLAN integration and other interesting capabilities are available
 
            in VNUML. To know about them in detail you should next read <a href=
 
            "../user/index.html">VNUML User Manual</a> and <a href=
 
            "../reference/index.html">VNUML Language Reference</a>. If
 
            you need to hack vnumparser.pl to adapt it to your needs,
 
            you should read the source code (we think it&#39;s very
 
            clear! :). A VNUML Developers Manual could be released in
 
            the future if needed.</p><br>
 
            <br>
 
          </td>
 
        </tr>
 

Latest revision as of 01:43, 22 May 2007

Redirect to: