Ubuntu Gnome 15.04 + KVM + Whonix 11.0.0.3.0 : No networking in Gateway

Otto_Kratik · August 24, 2015, 6:43pm

Hi, hoping to find a little bit of help here.

As the topic says, I am using Ubuntu Gnome 15.04 and all networking works fine with in that host system. I can surf the net, and even connect to TOR through the tor browser installed independently on Ubuntu.

I followed the instructions here: https://www.whonix.org/wiki/KVM#Install_KVM

…Installed qemu-KVM, libvirt-bin, virt-manager all smoothly and without any issues. I rebooted and continued, and when I got to the command:

sudo addgroup “$(whoami)” libvirt

I was told there is no such group called ‘libvirt’ But when I tried it using “libvirtd” instead, I was told I was already a member of that group. So I took this as success and continued.

After unpacking and installing Whonix Gateway and Workstation images successfully and following the rest of the instructions in import them to KVM, I started up the Gateway and found that it no access to networking whatsoever. The ‘whonixcheck’ routine failed over and over again to reach any network destination, even though the host Ubuntu system could do so easily. I restarted a few times, but no change.

Is there anything additional I need to be doing differently? I have seen references sometimes to extra tools used in Ubuntu, to set up “bridged connections” between the host system and KVM, but this is a bit out of my depth and I don’t want to start fiddling with such things without definite confirmation that I should be doing so.

Is there another step that I should do, or try, or check, to help discover what the problem is and fix it?

Thanks.

HulaHoop · August 25, 2015, 12:12am

You may have forgot to enable the default network in libvirt that allows connections from the gateway to the internet. Please see the instructions for that on the wiki.

Otto_Kratik · August 25, 2015, 1:27pm

Thanks for your reply. As a complete novice to both Linux and KVM, the totality of what I did is here: https://www.whonix.org/wiki/KVM#Install_KVM

Nothing more or less, so if there’s an additional step that isn’t mentioned there, I certainly didn’t do it. It seemed like some of the “system-net autostart” type commands were about enabling network, and they reported success after I issued them, so I’m not sure what I missed. Is there something additional elsewhere on the wiki that pertains to your suggestion?

Thanks.

Otto_Kratik · August 25, 2015, 3:09pm

A further update with more info:

I installed Virtualbox and imported the Whonix .ova files there, and that version works flawlessly on the same machine. Both Gateway and subsequently Workstation get network/Tor connectivity instantly with no issues at all.

So it is a KVM/libvirt related issue. From terminal running:

virsh net-list --all

Name State Autostart Persistent

default active yes yes
whonix active yes yes

So I don’t see anything obviously wrong from that. Any further suggestions of where to look/check?

EDIT: Some more information. After successfully running the Virtualbox version of Whonix and then shutting it down, I tried the KVM version again. This time both Gateway and workstation connected to TOR perfectly, without any issues.

HOWEVER, once I shut both down, and restarted the host Ubuntu system again, and tried just the KVM/VirtualManager version of Whonix by itself again, it failed to connect to network/TOR once again. So, something about running Virtualbox temporarily enables networking to work for KVM as well, but without doing that first, the KVM Whonix will not connect. Does this provide any further clues as to what is going on?

**FURTHER EDIT: Retrying Whonixcheck a moment later, this time it worked and connected to TOR, without needing to run Virtualbox first. So, it is some sort of intermittent issue, and hard to figure out. Sometimes it works, other times it takes a few tries to get going.

who_me · August 25, 2015, 7:22pm

I have no idea why it’s failing to initially connect.

Since it does work sometimes, I think

will get it running without the reboots, VirtualBox, etc.

HulaHoop · August 30, 2015, 7:09pm

I don’t know what’s causing your problems but I recommend switching your host to a stable distro like Debian stable where KVM networking is known to work. Avoid installing Virtual box because it touches low level networking code and is known to be buggy.

Canonical is also acting hostile to the Libre software community and their users’ privacy. You should not trust them or support them.

Otto_Kratik · August 31, 2015, 8:20pm

The problem only seemed to happen that first initial time… since then both Gateway and Workstation have always connected to TOR without issue, sometimes instantly and sometimes after a minute or so. I think I just have to be patient, and the original non-connectivity occurrence was just a random anomaly.

Thanks for the assistance all.

EDIT: Canonical/Ubuntu’s questionable practices toward their users are also why I switched over to Linux Mint. So far no connectivity issues there either.

praedor · September 2, 2015, 2:46pm

OK, after fighting with kvm and libvirt (and failing with kernel panics) this does look interesting. I take it you use qemu-img to change the ova file to a qcow2? Do you untar the ova file first or will it convert as is?

Patrick · September 2, 2015, 9:31pm

No. Download qcow2.