Early actions for “child” virtual machines: Network Configuration

These are some steps related to configuring the network.

Getting network access working

The good news is that this might actually be done already. Go ahead and give it a try. In Unix, ping has a -c parameter to limit the number of ECHO REQUEST packets that are sent.

In OpenBSD, the following is quicker for people who are either doing a “copy and paste”, or are fast typists.

sudo ping -i 0.1 -c 3
echo ${?}

Or, this may be used:

ping -c 3
echo ${?}
Troubleshooting networking

If that doesn't work, then make sure that the NIC has a valid IP address. (You could check resources like:

but basically what this probably boils down to is running a command like “ sudo dhclient em0 ”, or using dhcpcd (dhcpcd - a DHCP client, OpenBSD ports: page related to net/dhcpcd, ArchLinux Wiki: dhcpcd ) Try pinging the IP address of the other machine.

ping -c 3
echo ${?}

If that still isn't working, check that the other machine has the expected IP address.

Once the nearest IP address is able to be reached, then substantial progress is made. If communications work with local devices, but not remote devices, that indicates an issue with routing. Check that the machine's “default” gateway is set correctly. If it is, then that usually means that routing needs to be fixed on another machine/computer/device. If this computer is being set up as part of a following a guide/tutorial, keep reading the guide to see if it provides additional details about how to fix routing.

“Networking” configuration updates
Customize the IPv6 configuration

If this guide is still relying on statically assigned IPv6 addresses, then modify the startup script (after backing it up).

sudo cp -pi /etc/hostname.em0 /etc/hostname-preIP6custom.em0
cpytobak /etc/hostname*.em0
echo ${VISUAL}
sudoedit /etc/hostname.em0
  • Find the IPv6 address, and modify that address so that it is customized for this machine.
    • An easy way to do that is to use the virtual machine's VMNUM.
    • If you don't recall that, a quick way might be to check the system's MAC-48 address. (Otherwise, project documentation should also have that information, and the startup script certainly should have that info.)
  • While you're looking at the address, make sure that the subnet size (“prefix length”) is set to a reasonable value.
Handle IPv6 routing

Place this in the text file:

!route add -inet6 default 2001:db8:1::1
  • (The specified address should be the second NIC on firewall system's IPv6 address. The address shown came from sample IP addresses (used by this guide).)
  • If you already have a line that looks similar, but references “::/0” instead of “default”, that's acceptable; those terms end up meaning the same thing (when the destination is clearly IPv6).
Update the description

While you're editing the NIC configuration file, provide a decent description.

echo description \"Connected to physhost tun1\#\#, uses bridge0\"| sudo -n tee -a /etc/hostname.em0
echo ${VISUAL}
sudoedit /etc/hostname.em0
Enabling the new address

After all of these configuration changes have been made, the following step can be used to make those changes become effective:

Recommended process:
sudo ${SHELL} -c ". /etc/netstart em0"
ifconfig em0
netstat -nr | grep default

Make sure that pinging the neighbor works.

Alternative process
sudo reboot
ifconfig em0
netstat -nr | grep default

This may take longer. However, it may be simpler to initiate. It may also cause the system to stop responding to the old address, saving the need to perform another step.

Ditching an old address

Chances are, the network initializing simply added the desired IPv6 address, without removing any default ones that may have pre-existed.

Removing this address will prevent an IPv6 address conflict with any other new system that uses that default address.

  • If you're logged in using the IPv6 temporary address, then:
    • Perform these steps:
      • log out from the connection that is using the old address,
      • and log back in using the newly assigned address.
    • Alternatively, you may wish to just reboot.

Go ahead and remove the unnecessary address.

ifconfig em0
sudo ifconfig em0 inet6 delete 2001:db8:1::ffff

Once that is done, technically the address might still be used a bit, and not be completely available. Specifically, other systems might be storing that address in a neighbor cache (NDP for IPv6, ARP for IPv4). In practice, that hasn't seemed to be an issue because the cache entries end up expiring before work is done on a new system (when the address would start to be actually, intentionally, used.)

  • If the newly created virtual machine was logged into via SSH to the address which has now been removed, then now may be as good of a time as any to switch to the machine that ran the SSH client, and remove the saved key info. To do that for OpenSSH, edit ~/.ssh/known_hosts (on the machine with the OpenSSH client).