diff --git a/usr.sbin/bhyve/bhyve.8 b/usr.sbin/bhyve/bhyve.8 --- a/usr.sbin/bhyve/bhyve.8 +++ b/usr.sbin/bhyve/bhyve.8 @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd August 21, 2024 +.Dd September 16, 2025 .Dt BHYVE 8 .Os .Sh NAME @@ -518,6 +518,8 @@ .Op Cm \&,mtu= Ar N .Xc .It +.Cm ngd Ar N +.It .Xo .Cm netgraph,path= Ar ADDRESS Cm \&,peerhook= Ar HOOK .Op Cm \&,socket= Ar NAME @@ -542,6 +544,19 @@ .Xr ethers 5 format. .Pp +A +.Cm ngd +device can be used to connect a guest to a +.Xr netgraph 4 +through a +.Xr ng_device 4 +node. +This can be used to run bhyve in a +.Xr VNET 9 +jail, and give it access to the host's netgraph, that cannot be reached +directly, by exposing the ng_device through +.Xr devfs 8 . +.Pp With .Cm virtio-net devices, the @@ -572,7 +587,9 @@ .Xr netgraph 4 addressing rules. .Pp -The slirp backend can be used to provide a NATed network to the guest. +The +.Cm slirp +backend can be used to provide a NATed network to the guest. This backend has poor performance but does not require any network configuration on the host system. It depends on the diff --git a/usr.sbin/bhyve/net_backends.c b/usr.sbin/bhyve/net_backends.c --- a/usr.sbin/bhyve/net_backends.c +++ b/usr.sbin/bhyve/net_backends.c @@ -119,7 +119,8 @@ goto error; } - if (ioctl(be->fd, VMIO_SIOCSIFFLAGS, up)) { + if (strncmp("ngd", be->prefix, 3) && + ioctl(be->fd, VMIO_SIOCSIFFLAGS, up)) { EPRINTLN("tap device link up failed"); goto error; } @@ -273,8 +274,24 @@ .set_cap = tap_set_cap, }; +/* A clone of the tap backend, with a different prefix. */ +static struct net_backend ngd_backend = { + .prefix = "ngd", + .priv_size = sizeof(struct tap_priv), + .init = tap_init, + .cleanup = tap_cleanup, + .send = tap_send, + .peek_recvlen = tap_peek_recvlen, + .recv = tap_recv, + .recv_enable = tap_recv_enable, + .recv_disable = tap_recv_disable, + .get_cap = tap_get_cap, + .set_cap = tap_set_cap, +}; + DATA_SET(net_backend_set, tap_backend); DATA_SET(net_backend_set, vmnet_backend); +DATA_SET(net_backend_set, ngd_backend); int netbe_legacy_config(nvlist_t *nvl, const char *opts)