This article describes some of the options useful for configuring QEMU virtual machines. For the most up to date options for the current QEMU install run man qemu at a terminal. It is important to note that the command has changed from qemu to qemu-system-x86_64 to launch QEMU as a 64-bit virtual machine.
- 1 Display options
- 2 Machine
- 3 Processor
- 4 RAM
- 5 Hard drive
- 6 Optical drives
- 7 Boot order
- 8 Graphics card
- 9 PCI pass-through
- 10 Networking
- 11 QEMU's built-in SMB server
- 12 USB
- 13 Keyboard layout
- 14 Snapshot
There are a few available options to specify the kind of display to use in QEMU.
-display sdl- Display video output via SDL (usually in a separate graphics window).
-display curses- Displays video output via curses.
-display none- Do not display video output. This option is different than the
-nographicoption. See the man page for more information.
-display gtk- Display video output in a GTK window. This is probably the option most users are looking for.
-vnc 127.0.0.1:<X>- Start a VNC server on display X (accepts an argument (X) for the display number). Substitute X for the number of the display (0 will then listen on 5900, 1 on 5901, etc).
For example to have QEMU send the display to a GTK window add the following option to the list:
-machine type=q35,accel=kvm- Modern chipset (PCIe, AHCI, ...) and hardware virtualization acceleration
-object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0- Pass-through for host random number generator. Accelerates startup of e.g. Debian VMs because of missing entropy.
-cpu <CPU>- Specify a processor architecture to emulate. To see a list of supported architectures, run: qemu-system-x86_64 -cpu ?
-cpu host- (Recommended) Emulate the host processor.
-smp <NUMBER>- Specify the number of cores the guest is permitted to use. The number can be higher than the available cores on the host system. Use
-smp $(nproc)to use all currently available cores.
-m MEMORY- Specify the amount of memory (default: 128 MB). For instance: -m 256M (M stands for Megabyte, G for Gigabyte).
-hda IMAGE.img- Set a virtual hard drive and use the specified image file for it.
-drive- Advanced configuration of a virtual hard drive:
-device virtio-scsi-pci,id=scsi0 -drive file=/dev/your/block,if=none,format=raw,discard=unmap,aio=native,cache=none,id=someid -device scsi-hd,drive=someid,bus=scsi0.0Very fast Virtio SCSI emulation for block discards (TRIM), native command queuing (NCQ). You need at least one
virtio-scsi-controller and for each block device a
-drive file=IMAGE.img,if=virtio- Set a virtual VirtIO-BLK hard drive and use the specified image file for it.
-drive file=/dev/sdX#,cache=none,if=virtio- Set a virtual VirtIO-BLK hard drive and use the specified partition for it.
-drive id=disk,file=IMAGE.img,if=none -device ahci,id=ahci -device ide-drive,drive=disk,bus=ahci.0- Set emulation layer for an ICH-9 AHCI controller and use the specified image file for it. The AHCI emulation supports NCQ, so multiple read or write requests can be outstanding at the same time.
-cdrom IMAGE.iso- Set a virtual CDROM drive and use the specified image file for it.
-cdrom /dev/cdrom- Set a virtual CDROM drive and use the host drive for it.
-drive- Advanced configuration of a virtual CDROM drive:
-drive file=IMAGE.iso,media=cdrom- Set a virtual CDROM drive and use the specified image file for it. With this syntax you can set multiple drives.
-boot c- Boot the first virtual hard drive.
-boot d- Boot the first virtual CD-ROM drive.
-boot n- Boot from virtual network.
QEMU can emulate several graphics cards:
-vga cirrus- Simple graphics card. Every guest OS has a built-in driver.
-vga std- Support resolutions >= 1280x1024x16. Linux, Windows XP and newer guest have a built-in driver.
-vga vmware- VMware SVGA-II, more powerful graphics card. Install x11-drivers/xf86-video-vmware in Linux guests, VMware Tools in Windows XP and newer guests.
-vga qxl- More powerful graphics card for use with SPICE.
To get more performance use the same color depth for your host as you use in the guest.
Device Drivers ---> [*] IOMMU Hardware Support ---> [*] Support for Intel IOMMU using DMA Remapping Devices Bus options (PCI etc.) ---> <M> PCI Stub driver
Device Drivers ---> [*] IOMMU Hardware Support ---> [*] AMD IOMMU support Bus options (PCI etc.) ---> <M> PCI Stub driver
Find the host PCI device:
00:1b.0 Audio device : Intel Corporation 82801H (ICH8 Family) HD Audio Controller [8086:284b] (rev 02)
Note down the device (00:1b.0) and vendor (8086:284b) ID.
echo "8086 284b" > /sys/bus/pci/drivers/pci-stub/new_id
echo "0000:00:1b.0" > /sys/bus/pci/devices/0000:00:1b.0/driver/unbind
echo "0000:00:1b.0" > /sys/bus/pci/drivers/pci-stub/bind
And bind it to guest:
Default - without any
-netdev option - is Pass-through.
Pass-through method only works for TCP and UDP connections.
Thus, ping is not a suitable tool to test networking connectivity because it uses ICMP.Try using curl or other UDP or TCP/IP software for testing.
-netdev user- The QEMU process will create TCP and UDP connections for each connection in the VM. The virtual machine does not have an address reachable from the outside.
-device virtio-net,netdev=vmnic -netdev user,id=vmnic- (Recommended) Pass-through with VirtIO support.
-netdev user,id=vmnic,hostfwd=tcp:127.0.0.1:9001-:22- Let QEMU listen on port 9001. Connections to that port will be relayed to the VM on port 22.
ssh -p 9001 localhostwill thus log into the VM.
Virtual network cable (TAP)
-device virtio-net,netdev=vmnic -netdev tap,id=vmnic,ifname=vnet0,script=no,downscript=no- A new device (
vnet0) is created by QEMU on the host, the other end of the "cable" is at the VM.
With this setup, we create a TAP interface (see above) and connect it to a virtual switch (the bridge).
Create the bridge:
[NetDev] Name=vmbridge Kind=bridge
Configure the bridge's address:
[Match] Name=vmbridge [Network] Description=Your awesome VM bridge Address=10.0.42.1/24
#!/usr/bin/env bash # Bring the QEMU TAP device up and add it to the bridge ip link set "$1" master vmbridge ip link set "$1" up
Now we can run VM with the TAP networking option:
-device virtio-net-pci,netdev=n0,mac=13:37:yourchoice:42 -netdev tap,id=n0,ifname=vmtap,script=/your/path/to/qemu/stuff/addtobridge.sh,downscript=no
When the VM boots, the script will add the newly created device to the bridge. When you start another VM, both devices are in the bridge and the VMs can communicate with each other.
To successfully run VM you need permission for configure /dev/net/tun
A more advanced networking concept is outlined below, which enables guest access to an external network and also works with both wired and wireless adapters on the host. If desired, a DHCP server can also be setup on the host to allow for dynamic guest IP configurations. There are many different tutorials available online to further understand these concepts.
This example networking configuration needs some extra software installed:
emerge --ask net-firewall/iptables
Creating TUN/TAP device
This allows the guest to communicate with the bridge. QEMU's default group is
kvm, ensure that the correct group is given permissions to control the TAP. Enabling promiscuous mode (
promisc) for the adapter might be unnecessary.
ip tuntap add dev tap0 mode tap group kvm
ip link set dev tap0 up promisc on
ip addr add 0.0.0.0 dev tap0
Create network bridge
Creating a network bridge seems necessary, even if only 1 guest is configured. Create the bridge and add each TAP to it. Spanning tree protocol (
stp) is disabled because there is only 1 bridge.
ip link add br0 type bridge
ip link set br0 up
ip link set tap0 master br0
echo 0 > /sys/class/net/br0/bridge/stp_state
ip addr add 10.0.1.1/24 dev br0
Packet forwarding and NAT
Allows for proper packet routing (be sure to replace
eth1 with an appropriate network interface name):
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i br0 -o eth1 -j ACCEPT
The following should be added to the configuration:
-device virtio-net,netdev=network0 -netdev tap,id=network0,ifname=tap0,script=no,downscript=no
or, with QEMU 2.12.0 or newer:
After starting the guest, the IP should be configured to be on the vlan and the gateway should be the IP given to the bridge. The exact process will vary based on OS.
QEMU's built-in SMB server
This will only work if you are using Networking Pass-through
If the host system has a SMB server installed, QEMU can emulate a virtual SMB server for the guest system using the
-smb /usr/local/public- specify the folder to be shared, and it will be available to the guest as \\10.0.2.4\qemu.
Automatically generated smb.conf file located at /tmp/qemu-smb.pid-0/smb.conf
-usbdevice tablet- (Recommended) Use a USB tablet instead of the default PS/2 mouse. Recommend, because the tablet sends the mouse cursor's position to match the host mouse cursor.
-usbdevice host:VENDOR-ID:PRODUCT-ID- Pass-through of a host USB device to the virtual machine. Determine with lsusb the device's vendor and product ID, e.g.:
Bus 001 Device 006: ID: 08ec:2039 M-Systems Flash Disk Pioneers
08ecis the vendor ID,
2039is the product ID.
-k LAYOUT- Set the keyboard layout, e.g. de for german keyboards. Recommend for VNC connections.
-snapshot- Temporary snapshot: write all changes to temporary files instead of hard drive image.
-hda OVERLAY.img- Overlay snapshot: write all changes to an overlay image instead of hard drive image. The original image is kept unmodified. To create the overlay image:
qemu-img create -f qcow2 -b ORIGINAL.img OVERLAY.img