The various steps to bridge a virtual machine on your LAN will be explained below with graphics.

We will use the following representation of a network interface called ethx:

and I will take the case of UML for the virtual machine.

The initial state after starting our host is the following, where:

  • the local lo interface is not represented for simplicity
  • host has one network interface eth0, which is not connected to the LAN

When we plug eth0 in the LAN, we represent it as follows:

To proceed, we must ensure:

  • host kernel has been built with support for UML networking; Debian kernels have that feature
  • host has one preconfigured tap0 interface; this can be done for example with the command:

    tunctl -u [user running UML] -t tap0
    # if not already done:
    chown root:uml-net /dev/net/tun
    chmod 660 /dev/net/tun

    Nota: tunctl is to be found in the package uml_utilities

  • the UML is started without a eth1=tuntap,tap0 argument, and we configure inside the UML some eth1 interface

After that, we get that picture:

The dangling virtual eth1 interface is of no use, so if we start the UML instead with a eth1=tuntap,tap0 argument, we get the following:

There is now a virtual ethernet network between tap0 and eth1. If tap0 and eth1 are assigned IP addresses, we could communicate between host and UML. Routing between eth0 and tap0 could be added to give full connectivity between the UML and the outside. We will instead use the same prefix between host and UML than on our LAN, so UML will appear as a genuine new host on the LAN. To do that, we will create a bridge interface br0, then execute

brctl addif br0 eth0
brctl addif br0 tap0

The effect of these commands is to insert eth0 and tap0 interfaces host endpoints inside the virtual LAN already connected to br0, which leads to the following final picture:

You need only to assign an IP to eth1 in the above setup to allow full connectivity of the UML with the outside. Assigning an IP to tap0 is a no-op when tap0 is bridged and the IP address assigned to eth0 at startup is now gone. You will assign an IP to br0 only if you want network admin access to the host.