|
1 | 1 | --- |
2 | | -title: Network |
3 | | -weight: 30 |
4 | | ---- |
5 | | - |
6 | | -See the following flowchart to choose the best network for you: |
7 | | -```mermaid |
8 | | -flowchart |
9 | | - connect_to_vm_via{"Connect to the VM via"} -- "localhost" --> default["Default"] |
10 | | - connect_to_vm_via -- "IP" --> connect_from{"Connect to the VM IP from"} |
11 | | - connect_from -- "Host" --> vm{"VM type"} |
12 | | - vm -- "vz" --> vzNAT["vzNAT"] |
13 | | - vm -- "qemu" --> shared["socket_vmnet (shared)"] |
14 | | - connect_from -- "Other VMs" --> userV2["user-v2"] |
15 | | - connect_from -- "Other hosts" --> bridged["socket_vmnet (bridged)"] |
16 | | -``` |
17 | | - |
18 | | -## Default user-mode network (192.168.5.0/24) |
19 | | - |
20 | | -By default Lima only enables the user-mode networking aka "slirp". |
21 | | - |
22 | | -### Guest IP (192.168.5.15) |
23 | | - |
24 | | -The guest IP address is set to `192.168.5.15`. |
25 | | - |
26 | | -This IP address is not accessible from the host by design. |
27 | | - |
28 | | -Use VMNet (see below) to allow accessing the guest IP from the host and other guests. |
29 | | - |
30 | | -### Host IP (192.168.5.2) |
31 | | - |
32 | | -The loopback addresses of the host is `192.168.5.2` and is accessible from the guest as `host.lima.internal`. |
33 | | - |
34 | | -### DNS (192.168.5.3) |
35 | | - |
36 | | -If `hostResolver.enabled` in `lima.yaml` is true, then the hostagent is going to run a DNS server over tcp and udp - each on a separate randomly selected free port. This server does a local lookup using the native host resolver, so it will deal correctly with VPN configurations and split-DNS setups, as well as mDNS, local `/etc/hosts` etc. For this the hostagent has to be compiled with `CGO_ENABLED=1` as default Go resolver is [broken](https://github.com/golang/go/issues/12524). |
37 | | - |
38 | | -These tcp and udp ports are then forwarded via iptables rules to `192.168.5.3:53`, overriding the DNS provided by QEMU via slirp. |
39 | | - |
40 | | -Currently following request types are supported: |
41 | | - |
42 | | -- A |
43 | | -- AAAA |
44 | | -- CNAME |
45 | | -- TXT |
46 | | -- NS |
47 | | -- MX |
48 | | -- SRV |
49 | | - |
50 | | -For all other queries hostagent will redirect the query to the nameservers specified in `/etc/resolv.conf` (or, if that fails - to `8.8.8.8` and `1.1.1.1`). |
51 | | - |
52 | | -DNS over tcp is rarely used. It is usually only used either when user explicitly requires it, or when request+response can't fit into a single UDP packet (most likely in case of DNSSEC), or in the case of certain management operations such as domain transfers. Neither DNSSEC nor management operations are currently supported by a hostagent, but on the off chance that the response may contain an unusually long list of records - hostagent will also listen for the tcp traffic. |
53 | | - |
54 | | -During initial cloud-init bootstrap, `iptables` may not yet be installed. In that case the repo server is determined using the slirp DNS. After `iptables` has been installed, the forwarding rule is applied, switching over to the hostagent DNS. |
55 | | - |
56 | | -If `hostResolver.enabled` is false, then DNS servers can be configured manually in `lima.yaml` via the `dns` setting. If that list is empty, then Lima will either use the slirp DNS (on Linux), or the nameservers from the first host interface in service order that has an assigned IPv4 address (on macOS). |
57 | | - |
58 | | -## Lima user-v2 network |
59 | | - |
60 | | -| ⚡ Requirement | Lima >= 0.16.0 | |
61 | | -|-------------------|----------------| |
62 | | - |
63 | | -user-v2 network provides a user-mode networking similar to the [default user-mode network](#user-mode-network--1921685024-) and also provides support for `vm -> vm` communication. |
64 | | - |
65 | | -To enable this network mode, define a network with `mode: user-v2` in networks.yaml |
| 2 | +title: VMNet networks |
| 3 | +weight: 33 |
66 | 4 |
|
67 | | -By default, the below network configuration is already applied (Since v0.18). |
68 | | - |
69 | | -```yaml |
70 | | -... |
71 | | -networks: |
72 | | - user-v2: |
73 | | - mode: user-v2 |
74 | | - gateway: 192.168.104.1 |
75 | | - netmask: 255.255.255.0 |
76 | | -... |
77 | | -``` |
78 | | - |
79 | | -Instances can then reference these networks from their `lima.yaml` file: |
80 | | - |
81 | | -{{< tabpane text=true >}} |
82 | | -{{% tab header="CLI" %}} |
83 | | -```bash |
84 | | -limactl start --network=lima:user-v2 |
85 | | -``` |
86 | | -{{% /tab %}} |
87 | | -{{% tab header="YAML" %}} |
88 | | -```yaml |
89 | | -networks: |
90 | | - - lima: user-v2 |
91 | | -``` |
92 | | -{{% /tab %}} |
93 | | -{{< /tabpane >}} |
94 | | -
|
95 | | -An instance's IP address is resolvable from another instance as `lima-<NAME>.internal.` (e.g., `lima-default.internal.`). |
96 | | - |
97 | | -_Note_ |
98 | | - |
99 | | -- Enabling this network will disable the [default user-mode network](#user-mode-network--1921685024-) |
| 5 | +--- |
100 | 6 |
|
101 | 7 | ## VMNet networks |
102 | 8 |
|
@@ -271,4 +177,4 @@ configured in `socket_vmnet` and not in lima. |
271 | 177 | ```yaml |
272 | 178 | networks: |
273 | 179 | - socket: "/var/run/socket_vmnet" |
274 | | -``` |
| 180 | +``` |
0 commit comments