Multiple Network Connections Over Multiple Network Cards on Qubes OS?

Is it possible to have groups of VMs to connect to Internet through multiple internet connections, let’s say, for example, group1 VMs will connect via ethernet, and group2 via WiFi-1 and so on? A kind of physical isolation on the same machine.

Definitely possible. It’s one of the things that makes Qubes OS so versatile.

Qubes OS in a nutshell.

3 Likes

I’d also create separate disposable sys-net/usb based on minimals for each network interface, each containing only packages and firmware for a dedicated device (meaning, no iwlwifi in a sys-net for ethernet connection and so on…)

Thanks, but it is virtual isolation on a physical machine…
Any hints on how to achieve it please?
Actually I was looking for a solution to combine bandwidth on my linux/windows OS (figured out both physical&virtual load balancing), and that’s where this idea came for QOS, since combining network bandwidth defeats the purpose of QOS.

Thanks.
I was thinking on these lines, but was skeptical about its possibility. Supposing that creating sys-net1/sys-usb1/sys-whonix-1 (say sysnuw1 group) for additional interfaces is possible, where to start with, when trying to create a NetworkManager Applet for the sysnuw1 group? Am I in the right direction here?
I hope this is possible.

Qubes’ possibilities are virtually endless. You’re on the right place, don’t give up.

Here

Remember, when creating/organizing you basically always start from templates untouched (minimal, preferably, as I said)->cloning templates to Template1->installing software in Template1 for intended use (in the way from above link, for example)->creatingAppVMs1/dvm-templates1->creating-dispVMs1/sysVMs1
not the other way

There’s no applet for the group. Only for the sys-net1, but essentially you probably wanted to ask that, so basically I believe you are

I mentioned sys-usb in case of USB network devices. If you don’t have them, you don need sys-usb. What you need is sys-firewall, so basically, sysnuw1 group would be
sys-net1->sys-firewall1->sys-whatever-you’d-like-here-(whonix1,vpn1…)
and you’d chain your AppVM or dispVm to at least to a sys-firewall1 for clear net, or to a sys-whatever1 for non-clear or vpn net.

2 Likes

Excellent info, thanks a lot!!
I actually missed out mentioning firewall in the group, and yes, the applet was for sys-net* of the group. Now I understand that the network connections of each interface can be locked to the ssid via the NM Applet. Have one last question: the applet shows the title “[sys-net] Network Connections” as for now. So will there be two applets or only one with two sections if I created a sys-net1?

I guess I will figure it out. lol.
Thanks again.

You are welcome.

As many as created/running sys-nets are.

There’s no reason not to. Arm yourself with patience, repeat no mistake I did not to start with minimals from the very beginning and beside it’ll be immensely rewarding, you’ll spare tremendous amount of time to do other nice things with your life, beside this nice one too - Qubes OS.
If you’re serious with Qubes, you’ll conclude earlier or sooner minimals are the point.

1 Like