Jump to content
Not connected, Your IP: 3.149.25.109
retiredpilot

REWARD -Eddie blocks my KVM internet connection for guests

Recommended Posts

I hope you guys will be merciful to me here.  I am running a Ubuntu 24.04 host and it runs slick as can be for me.  My KVM guest (24.04) is also running slick and with great screen resolution on a 4K monitor.  I decided to move this VM's use case to "behind" an AirVpn connection.  I am building a test machine with a crap load of horsepower.  Plan on running numerous test VM's.  KVM, libv.... etc were easy to configure and setup.  Until I decided to go behind Eddie I would have said this is a perfect setup for my use case.  Migrating from years of VirtualBox - so the KVM speeds and display resolution are leaving me smiling.  This box has 64 GB of ddr5 6000 and fast NVMEs.  Like a kid in a candy store, LOL!


Is there a control line I could add in my Eddie pref's?  If I have to I can get inside NFT's but candidly that is an accident waiting to happen.  I do have great backups so please help me if you know anything that could assist me.  Prefer -- KISS - suggestions!!

 

Share this post


Link to post

Couldn't be more frustrated.  Both Host and Guest are running faster than anything I have ever seen.  The second I bring up Eddie the KVM VM's lose all connectivity.  I have been screwing around with this for hours.  Just seems like I could add an IP or a path in one of several options in the Eddie client.  A little hesitant to change anything on my Host because much of the time I am not on Eddie.  Make sense?  I have tried IPs and a few other things but I don't know what the cr** I am doing.  I changed everything back so I am good.  At no time have I lost the Host connectivity with Eddie.  The below paste is with Eddie up:

Maybe this will help someone with more experience than yours truly:

joe-host@joe-host:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 58:47:ca:74:d6:68 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.93/24 brd 192.168.0.255 scope global dynamic noprefixroute enp2s0
       valid_lft 4413sec preferred_lft 4413sec
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 4c:49:6c:7f:8e:10 brd ff:ff:ff:ff:ff:ff
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:e1:7d:16 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
21: Eddie: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1320 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.143.69.51/32 scope global Eddie
       valid_lft forever preferred_lft forever
joe-host@joe-host:~$

 

Share this post


Link to post

I hope what I am going to do is acceptable here, because I am in a jam and need some help on this.  I have been with AirVpn for around a decade under several user names.  I switched over to KVM because it is so much better than Virtualbox on a linux host.  I am an older user and am fairly good at linux but I can't figure this out.  I have resources.

I would like to offer a REWARD for the first person that can post a solution here and help me out.  There are several lines inside the Eddie client that have places to add items  ---- e.g. IP.s, paths, etc.....   If someone can take the time to show me how to correctly add what I need into Eddie to get KVM guests online I will cheerfully buy you a year's subscription here.   I can buy a gift code and then send it to you via messages here in the forum or you can provide an email privately and we can get it done!  As a reminder the solution must work using Eddie and Ubuntu 24.04 as the host.

If I can't get this resolved here I may have to look elsewhere, but I love this company and I TRUST them.

ps - I am disappointed in myself not being able to solve this on my own.

Moderators:  If this request violates any rules here please remove the post and for that I apologize.  I am simply in a jam and need help.

Share this post


Link to post

Try this:
1. Set up one VM whose only job is to connect to AirVPN. From now on, I will call this VM airproxy. Install Eddie onto airproxy and exclude from Eddie the subnet of the network interface that airproxy uses to connect to the host.
2. Enable ip forwarding and IP masquerading on airproxy
3. Assuming that all your VMs are on an internal network on which your host machine has a connected interface (that is, your host machine is forwarding packets from the VMs as though they were ethernet-connected to the host machine), you can do the following:
3.1. Masquerade all traffic coming from the host and entering airproxy using iptables -t nat -o airproxy -j MASQUERADE  on the host (Replace airproxy with the real interface name of airproxy)
3.2 Make a new routing table on the host machine. I will call this airtable from now on. Edit /etc/iproute2/rt_tables to include airtable.
3.3. Set the IP address of airproxy as the default gateway of airtable
3.4. For every VM you want to route through AirVPN, input an ip rule on the host machine to lookup airtable for traffic orginating from that VM
Example: You have a VM with IP address 192.168.75.2. The command to enter on the host is "ip rule add from 192.168.75.2 lookup airtable"
3.5. For each VM you added in step 3.3, enter ip route add from $IP_ADDRESS_OF_VM dev $VM_INTERFACE table airtable, where you substitute  IP_ADDRESS_OF_VM with whatever the real IP address of the VM is, and you substitute $VM_INTERFACE for the real interface name of the VM.
 

Share this post


Link to post

reversevpn,

First off thank you for trying to help me.  I am going to give this a go.  Candidly, this approach is entering the "deep end" of the pool for me, but I love a challenge.  I have made multiple tested backups of my 24.04 system disk so there is no danger if/when I make mistakes.  Additionally I have built the KVM 24.04 VM you call airproxy (cute name and helpful by the way), and can/will create snapshots along the way making potential errors easy to revert.  The KVM airproxy VM is performing flawlessly as long as I don't bring Eddie up on the host .

I can see that I already will need a few questions answered but let me move along with what I do know.  MASQUERADE is new to me so I will do some reading for awhile just because I want to understand it and not simply cut and paste your solution.

exclude from Eddie the subnet of the network interface that airproxy uses



Can you give me an example as you did with other components of your solutuion?

Life is getting in my way today, but I may be able to squeeze this in.  No promises but this is "front burner" for me.

Share this post


Link to post

I am not leaving reversevpn hanging here.  His solution while likely easy for many of you is water "too deep" for an old man here.  I sent him a PM on this.

Thank you Sir for trying to help me.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...