Host to Guest Port Redirection on the Fly

KVM - The Linux Kernel-Based Virtual Machine

News, Blogs and Resources on the Linux (KVM) Kernel-Based Virtual Machine

Wednesday, June 3, 2009 - 12:41 Haydn Solomon

Since kvm-86, there's a handy new monitor command which allows you to set up host to guest port redirection on the fly. Once caveat though is that these commands are only supported in user networking mode, otherwise known as slirp. This is the default mode of networking when running qemu-kvm so if you haven't setup any other type of networking, you're probably running in this mode. Previously, the only other way of setting up host to guest port redirection was using a command line option ( -redir ) which is much less flexible since it is a one time setup during startup. This procedure was described in an older post. We'll do a quick demonstration so you can test it out yourself.

Example Usage

Start your qemu-kvm process in default networking mode and connect to your monitor. As an example, let's say that you want to setup port forwarding for ssh from your host to your guest then you would issue the follwoing command in your monitor. In the following example, I use 222 on the host machine because ssh port is already used by the host. You can use any other free port on the host, I just used 222 for easy association with port 22.

(qemu) host_net_redir tcp:222::22

Note that if you don't specify the protocol, tcp will be used by default. This means that you can also use the following command.

(qemu) host_net_redir :222::22

Now you can connect to your localhost machine ( assuming you're connecting from the same machine) as follows

ssh -p 222 -l root localhost

This command provides much more flexibility than the older way of port mapping at kvm startup. There have been some additional patches submitted by Alexander Graf which should be included in the next release which will support listing and removing current port mapping entries.

Features

Comments

The annoying fact, however,

Sunday, October 30, 2011 - 05:31 Nancy Alcorn (not verified)

The annoying fact, however, is that this private network is not visible even from the Host machine. With default settings I cannot ssh or sftp from WindowsXP Host to Linux Guest. None of the network services such as Apache web server, or ssh daemon, or my own services that I might want to run on the Guest are visible to the outside world, including the Host itself. - Nancy Alcorn

Well heck. I thought this was

Monday, October 31, 2011 - 10:43 Joe Zanotti (not verified)

Well heck. I thought this was my answer but adding the iptables rule to redirect outbound port 25 traffic to port 2525 has no effect.

As far as startup, In the

Friday, December 9, 2011 - 12:17 java programmer (not verified)

As far as startup, In the past I just ran qemu from the cli and manually specified redirection with redir. I can't figure out how to do it with The virt machine manager which I am using to start my VM's now. I do not want the guests to see the host. Any help is appreciated.

Post new comment

Your name:

E-mail:

The content of this field is kept private and will not be shown publicly.

Homepage:

Subject:

Comment: *

Input format

Filtered HTML

Web page addresses and e-mail addresses turn into links automatically.
Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
Lines and paragraphs break automatically.

Full HTML

Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
Pairs of<blockquote> tags will be styled as a block that indicates a quotation.
Pairs of<blockquote> tags will be styled as a block that indicates a quotation.

More information about formatting options

Word verification: * Type the characters you see in this picture.

(verify using audio)

Type the characters you see in the picture above; if you can't read them, submit the form and a new image will be generated. Not case sensitive.