VNC-based interaction with virtual machines

With Virtual Network Computing (VNC) it is possible to control a virtual machine on a TwinCAT/BSD host via a network connection. For this, bhyve provides an integrated VNC server to interact with VM instances.

Virtual machine graphical output and user input to the virtual machine can be transmitted via the integrated VNC server by configuring the virtual machine with a frame buffer device fbuf. The following options can be passed to the frame buffer device fbuf to configure the VNC server:

fbuf,[rfb=ip-and-port][,w=width][,h=height][,vga=vgaconf][,wait][,password=password]

The following call starts the virtual machine samplevm with a frame buffer device at PCI slot 2. The configuration options specify that the VNC server listens for connections on TCP port 5900 of the TwinCAT/BSD host. In addition, the image resolution of the frame buffer is set to 1024x768 pixels. Further configuration options of the fbuf device can be found in the bhyve man pages

doas bhyve \
-c sockets=1,cores=1,threads=1 \
-m 2G \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_BHF_UEFI.fd,fwcfg=qemu \
-s 0,hostbridge \
-s 2,fbuf,rfb=0.0.0.0:5900,w=1024,h=768 \
-s 31,lpc \
-A -H -P \
samplevm

Depending on the VNC client, mouse pointer positions may not be passed accurately. The bhyve call can then be extended to include a xhci,tablet device configuration.

doas bhyve \
-c sockets=1,cores=1,threads=1 \
-m 2G \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_BHF_UEFI.fd,fwcfg=qemu \
-s 0,hostbridge \
-s 2,fbuf,rfb=0.0.0.0:5900,w=1024,h=768 \
-s 3,xhci,tablet \
-s 31,lpc \
-A -H -P \
samplevm

The integrated VNC server does not support transport layer security. Incoming TCP connections on port 5900 are blocked by default by the TwinCAT/BSD packet filter pf(8). Incoming connections can be allowed by configuring the packet filter (see: Firewall).