Solved NFS/SAMBA share from host only to VMs

I am setting up a bhyve system for use at work, running FreeBSD 13.1. I do not have any management permissions for the network, so IP addressing, VLANs and such are completely out of my control. I want to share files between the host system and the VMs, but not anywhere else on the network.

All the documentation I am finding on NFS shows that I can export to specific hosts or networks, but does not indicate being able to tie the server to a specific network device or devices.

I setup the VMs using vm-bhyve following the instructions from Klara Systems. Currently, I have the switch and a tap device for each VM. The VMs themselves work fine and can access normal network resources. The IP addresses are handed out by our organization's DHCP server, and while they likely will not change, this is not guaranteed. Additional information that may be relevant is that the computer only has one physical Ethernet port, and I do not have an option for adding additional ports.

How can I configure NFS (preferred) or SAMBA to share on the vm switch or the tap interfaces only, without regard to what the IP address may be? Or is there an alternative way to configure the VM networking to accomplish this?
 
Your virtual switch needs an address in the same network as your VMs. You can configure smb via smb.conf using the "interface" to configure it to listen on a specific internet address. I would use the packet filter pf to block NFS/SMB traffic on the host side - just to be sure. Furthermore, I suggest creating a vnet jail with samba installed and connect it to the same virtual switch as the VMs are.

My usual setup is: I have a physical interface exclusively used by the host and one or more internal bridges with the tap interfaces of mv VMs and the epair interfaces of my vnet jails attached - thus they are not accessible from the network except for the passed through ports I enable via pf.conf/rdr and the VMs/jails allowed outgoing transfer explicitly enabled via pf.conf/nat. So basically the hosts act as a firewall/gateway between physical network and VMs/jails.
 
I want to share files between the host system and the VMs, but not anywhere else on the network.

You can also take a look at "p9fs", bhyve supports it. With P9FS, unlike Samba or NFS, you don't need a server: bhyve will act as a P9FS backend.
 
You can also take a look at "p9fs", bhyve supports it. With P9FS, unlike Samba or NFS, you don't need a server: bhyve will act as a P9FS backend.
This looks promising. Do you have any pointers for that? I've found https://github.com/wca/p9fs, but that hasn't been updated since 2015, and the documentation is pretty sparse. Is there anything else providing the p9fs?
 
Thanks! I was using all the wrong keywords to search. According to this thread, it looks pretty straightforward to use in Linux VM's at least. Unfortunately looks like it won't work with Windows VM's, but my primary need right now is for the Linux VM. I can work around the Windows issue with my normal network storage. I'll be able to test this out later.
 
Add an additional network adapter to the VMs and don't tap it into your physical adapter (this looks like the "add public" portion of your config). Put it on a different network since you said NFS would restrict based on that.
 
I was able to test the P9FS with the Linux VM, and it works like a charm. The other suggestions look promising to enable Windows shares as I need them, but that will come later as it is much lower priority. Thank you!
 
Back
Top