Nicola Bena

Home About Publications Theses News

Postdoc

Department of Computer Science

Università degli Studi di Milano

IMUNES on Apple Silicon Reloaded

March 25, 2025

In the laboratory of Computer Networks we use IMUNES. Contrary to other teaching tools, networking equipment in IMUNES is implemented in real, though virtualized, technologies. For instance, hosts are Docker containers, and switches are Open vSwitch bridges.

Since it is not very easy to install, in 2019 we started providing a fully-configured Ubuntu VM. Naturally, the VM is meant for AMD64 architectures, since all students laptops are (were) based on this architecture.

With the release of the Apple Mac powered by an ARM CPU, we needed to figure out how to give students a fully-working VM on ARM as well. This very complex process culminated in this blog post that, apparently, did not age well…

So, 3 years later, it’s time to update that post with new instructions. You will see that we just changed the installation process of the VM and pointed to a specific version of IMUNES, so in the end the process remained pretty much the same.

Those who really feel adventurous can also try a NixOS-based installation provided by my colleague Filippo Berto here.

Let’s start!

NOTE: except for the MacOS-specific process of using UTM, these instructions are valid also for native/virtualized installations.

Ubuntu VM

We use UTM for virtualization. Follow this link and install it. This guide has been tested with UTM version 4.6.4.

We are going to install a good old Ubuntu. This time, we start from the Ubuntu server image and then install the desktop. We use this image and follow the steps below.

  1. Open UTM and select create a new virtual machine
  2. Choose Virtualize
  3. Choose Linux
  4. Click Browse of the option Boot ISO Image. I have not tested the usage of Apple Virtualization, but it might work. Click then next.
  5. Configure RAM, CPU, and disk size according to your hardware. 4 to 6 GBs of RAM should be enough, as well as 40 GB of disk.
  6. Optionally, select a directory from your PC to mount as a shared directory within the guest.
  7. Finalize the settings and click Save.
  8. Start the VM and follow the instructions provided by the installation process (pay attention to the keyboard layout!). When asked about additional software to install, choose docker.
  9. Once completed, restart the VM removing the ISO (in UTM: CD/DVD empty).

We now install Ubuntu desktop. Login and type the following commands that update the packages, install desktop, and remove unnecessary software installed as part of the desktop. Be patience because it will take a while.

# update packages
sudo apt update && sudo apt upgrade -y

# install desktop
sudo apt install ubuntu-desktop -y

# remove unnecessary software (feel free to keep it)
sudo apt autoremove libreoffice* rhythmbox -y
sudo snap remove thunderbird

Now, reboot using sudo systemctl reboot.

Now, we install some guest tools enabling clipboard sharing and directory sharing.

sudo apt install spice-vdagent qemu-guest-agent spice-webdavd davfs2 -y

IMUNES Installation

The following steps apply for any IMUNES installation on a Linux PC. The installation basically is a two-steps process. First, we install all the required dependencies. Second, we download the IMUNES source code and package it into an executable.

Dependencies

First, we configure Docker which we should have already installed while installing Ubuntu server (if not, just install it using official website). The following steps are taken from the official post-install instructions here, the purpose is to execute Docker commands without sudo:

sudo groupadd docker
sudo usermod -aG docker $USER

Normally it is sufficient to logout and login, but according to my experience you need to reboot, so do that. Next, verify that it works by running the following command without sudo:

docker run -it --rm hello-world

If it does not work, ask ChatGPT (or me)!

We then install Open vSwitch and the other run-time requirements of IMUNES.

# Open vSwitch and additional dependencies
# make and git are required to package IMUNES.
sudo apt install util-linux openvswitch-switch xterm wireshark imagemagick tcllib tk git make

Imunes

We download IMUNES and package it. NOTE: IMUNES changed quite a lot, so we are not going to use the latest version but rather checkout to a version that we know it works as we are used to it.

# Execute this command in a directory of your choice, e.g., your home directory
git clone https://github.com/imunes/imunes.git

# cd into that directory
cd imunes
# checkout to a stable version.
git reset --hard 9bff93c9825c9877
# and install IMUNES.
sudo make install

# Post-installation for IMUNES.
sudo imunes -p

Post-Installation

The following steps apply to any architecture. We are going to clone the repo containing the images IMUNES uses and build them locally, matching the PC’s architecture.

This step works also for anyone having problems with Quagga. By default, IMUNES uses debian 9, but the Quagga package in such image does support systemd only, while the image itself works with sys v. This means that commands such as service quagga start do not work [source]. To solve this issue, I forked the repository of the official IMUNES images, and making ubuntu 16.04 the default (and only) image used by IMUNES. The reason is that the Quagga package in ubuntu 16.04 supports sys v.

# clone the repo into the directory you prefer
# OLD: git clone https://github.com/imunes/vroot-linux.git
git clone https://github.com/nbena/vroot-linux.git

cd vroot-linux

# build the images
# OLD: edit the makefile excluding debian-8 from the list of tags
make build_all

These are the only required steps. The target build_all builds all the required images and tags them accordingly. At this point, you can start IMUNES and make sure everything works as expected.

NOTE: we may encounter some issues due to the fact that we are not using the latest version of IMUNES with a custom image. Still, after 3 years, we did not encounter any issues with ubuntu 16.04.

One very final step is to enable packet forwarding. There are many ways to accomplish this goal, here’s one.

  1. Open the file /etc/sysctl.conf using your favorite text editor (as sudo)
  2. Make sure that the following lines are uncommented (add if not already in the file): 
    net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
  3. Reload the configuration (so that it is applied immediately) using the command sudo sysctl -p

Editing the configuration file ensures that packet forwarding will always be enabled.