On Mon, Sep 06, 2010 at 10:17:17AM +0100, Daniel P. Berrange wrote: > Our goal is to improve qemu://session's networking such that this isn't > a reason to use qemu://system anymore. BTW, some ideas we have for attacking this problem are - Add support to network manager to create TAP devices on behalf of the logged in user. Thus libvirt would talk to NM over dbus and ask it to create a TAP device, which we then pass to QEMU in the normal manner. Thus neither libvirtd or QEMU need higher privileges. This also requires NM to understand bridging setup. - Integrate with VDE as the solution for the 'virtual network' functionality in libvirt. This improves on 'user' networking mode by allowing VMs to talk to each other, out of the box they still have slirp based access to the outside world. It is possible to make VDE use a TAP device for connectivity to the outside world, so either the admin can set one up, or again we can ask network manager todo it, which in this case doesn't require full bridging support - just NAT which NM can already do via its 'connection sharing' feature. - A setuid helper program that libvirtd can use for setting up TAP devices. This is just a crappier version of getting network manager todo it for us. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list