Networking in VirtualBox

VirtualBox.pngNetworking in VirtualBox is extremely powerful, but can also be a bit daunting, so here's a quick overview of the different ways you can setup networking in VirtualBox, with a few pointers as to which configurations should be used and when.

VirtualBox allows you to configure up to 8 virtual NICs (Network Interface Controllers) for each guest vm (although only 4 are exposed in the GUI) and for each of these NICs you can configure:

  1. Which virtualized NIC-type is exposed to the Guest. Examples include:
    • Intel PRO/1000 MT Server (82545EM), 
    • AMD PCNet FAST III (Am79C973, the default) or 
    • a Paravirtualized network adapter (virtio-net).
  2. How the NIC operates with respect to your Host's physical networking. The main modes are:

The choice of NIC-type comes down to whether the guest has drivers for that NIC.  VirtualBox, suggests a NIC based on the guest OS-type that you specify during creation of the vm, and you rarely need to modify this.

But the choice of networking mode depends on how you want to use your vm (client or server) and whether you want other machines on your network to see it. So let's look at each mode in a bit more detail...

Network Address Translation (NAT)

This is the default mode for new vm's and works great in most situations when the Guest is a "client" type of vm. (i.e. most network connections are outbound). Here's how it works:

NAT Networking

When the guest OS boots,  it typically uses DHCP to get an IP address. VirtualBox will field this DHCP request and tell the guest OS its assigned IP address and the gateway address for routing outbound connections. In this mode, every vm is assigned the same IP address (10.0.2.15) because each vm thinks they are on their own isolated network. And when they send their traffic via the gateway (10.0.2.2) VirtualBox rewrites the packets to make them appear as though they originated from the Host, rather than the Guest (running inside the Host).

This means that the Guest will work even as the Host moves from network to network (e.g. laptop moving between locations), and from wireless to wired connections too.

However, how does another computer initiate a connection into a Guest?  e.g. connecting to a web server running in the Guest. This is not (normally) possible using NAT mode as there is no route into the Guest OS. So for vm's running servers we need a different networking mode....

Bridged Networking

Bridged Networking is used when you want your vm to be a full network citizen, i.e. to be an equal to your host machine on the network.

In this mode, a virtual NIC is "bridged" to a physical NIC on your host, like this:

Bridging to wired LAN

The effect of this is that each VM has access to the physical network in the same way as your host. It can access any service on the network such as external DHCP services, name lookup services, and routing information just as the host does. Logically, the network looks like this:

Bridged Networking

The downside of this mode is that if you run many vm's you can quickly run out of IP addresses or your network administrator gets fed up with you asking for statically assigned IP addresses. Secondly, if your host has multiple physical NICs (e.g. Wireless and Wired) you must reconfigure the bridge when your host jumps networks. 

Hmm, so what if you want to run servers in vm's but don't want to involve your network administrator? Maybe one of the next 2 modes is for you...

Internal Networking

When you configure one or more vm's to sit on an Internal network, VirtualBox ensures that all traffic on that network stays within the host and is only visible to vm's on that virtual network. Configuration looks like this:

Configuring Internal Networks

The internal network ( in this example "intnet" ) is a totally isolated network and so is very "quiet". This is good for testing when you need a separate, clean network, and you can create sophisticated internal networks with vm's that provide their own services to the internal network. (e.g. Active Directory, DHCP, etc). Note that not even the Host is a member of the internal network, but this mode allows vm's to function even when the Host is not connected to a network (e.g. on a plane).

Internal Network

Note that in this mode, VirtualBox provides no "convenience" services such as DHCP, so your machines must be statically configured or one of the vm's needs to provide a DHCP/Name service.

Multiple internal networks are possible and you can configure vm's to have multiple NICs to sit across internal and other network modes and thereby provide routes if needed.

But all this sounds tricky. What if you want an Internal Network that the host participates on with VirtualBox providing IP addresses to the Guests? Ah, then for this, you might want to consider Host-only Networking...

Host-only Networking

Host-only Networking is like Internal Networking in that you indicate which network the Guest sits on, in this case, "vboxnet0":

Host-Only Networking

All vm's sitting on this "vboxnet0" network will see each other, and additionally, the host can see these vm's too. However, other external machines cannot see Guests on this network, hence the name "Host-only".

Logically, the network looks like this:

Host-only networking

This looks very similar to Internal Networking but the host is now on "vboxnet0" and can provide DHCP services. To configure how a Host-only network behaves, look in the VirtualBox Manager...Preferences...Network dialog:

Configure Host-only NetworksDHCP Server

Port-Forwarding with NAT Networking

Now you may think that we've provided enough modes here to handle every eventuality but here's just one more...

What if you cart around a mobile-demo or dev environment on, say, a laptop and you have one or more vm's that you need other machines to connect into? And you are continually hopping onto different (customer?) networks.

In this scenario:

  • NAT - won't work because external machines need to connect in.
  • Bridged - possibly an option, but does your customer want you eating IP addresses and can your software cope with changing networks?
  • Internal - we need the vm(s) to be visible on the network, so this is no good.
  • Host-only - same problem as above, we want external machines to connect in to the vm's.

Enter Port-forwarding to save the day!

  1. Configure your vm's to use NAT networking;
  2. Add Port Forwarding rules;
  3. External machines connect to "host":"port number" and connections are forwarded by VirtualBox to the guest:port number specified.

For example, if your vm runs a web server on port 80, you could set up rules like this: 

Port-forwarding Rules

...which reads: "any connections on port 8080 on the Host will be forwarded onto this vm's port 80".

Port Forwarding route

 This provides a mobile demo system which won't need re-configuring every time you open your laptop lid.

Summary

VirtualBox has a very powerful set of options allowing you to set up almost any configuration your heart desires. 
For more information, check out the VirtualBox User Manual on Virtual Networking.

-FB 

Comments:

very helpful explanation.
these page should become part of the virtualbox network help page.

Posted by guest on June 09, 2012 at 04:56 AM BST #

Great article! Thanks!

Posted by Jeff on June 09, 2012 at 09:12 PM BST #

Excellent stuff !

Thanks

Posted by guest on June 11, 2012 at 07:53 AM BST #

Excellent Summary.
Although, I must admit I have never managed to figure out how, in NAT mode, host can "forward" packets to guest, when (as you said) guest is not visible to host (and vice versa) over the network. Looks like I have a lot to learn when it comes to networking concepts...

Posted by Narendra on June 12, 2012 at 03:14 PM BST #

Very Good Thanks

Posted by guest on June 14, 2012 at 03:49 PM BST #

Excellent article, thank you! You might want to check the embedded images, though - two of them were broken for me.

Posted by Lenz on June 14, 2012 at 11:09 PM BST #

Lenz,

Thanks for the tip. I did see an image or 2 not initially drawing but on refreshing page they appeared.
Strange.
Cheers
-FB

Posted by Fat Bloke on June 15, 2012 at 09:36 AM BST #

Hi there,
This is a very helpful article - thanks a lot.
Cheers
GND

Posted by GiantNormalDwarf on June 15, 2012 at 10:54 AM BST #

A good concise overview - but what I'd like to see is a how-to for setting up IPv6 on the internal network, from go to whoa, with no "go and get item X from somewhere else."

Posted by grs1961 on June 18, 2012 at 03:26 AM BST #

very informative. Thanks

Posted by santosh on June 18, 2012 at 02:19 PM BST #

Also worth mentioning, if you're using port-forwarding with NAT to access network resources on your virtual machine; Check that your guest OS doesn't have a firewall that's blocking incoming connections, or if it does, that the necessary ports are open.

Posted by guest on July 04, 2012 at 07:18 AM BST #

So if i'm going to setup a 2 node RAC vm, can I use 1st adapter as NAT (for internet access), and then 2 separate adapters as Host Only so they can be seen by the host and eash other? If not, how would you setup the NICs in 2 node RAC?

Posted by guest on July 19, 2012 at 01:19 PM BST #

Excellent walk through.

Posted by guest on August 21, 2012 at 10:40 PM BST #

I ran into problem with the NAT Port Forwarding, but I did find a work around. Sometime it will say "None of the values can be zero" (exact wording slightly different). All you need to do it click on the Host and Guest IP fields and press space.

Posted by Nick on September 01, 2012 at 05:33 PM BST #

I am using internal network for making ring topology with three vms, i gave different internal network (intnet1, intnet2 and intnet3)to each connection and my node(VMs) are working as a switch.Two of the VMs have three switch port out of which in one is ingree port in which i am sending data packet,and it must have to egress from the third VM when i forward a packet in one internal network it is visible to another internal network, can any one tell me whats the problem? thanks in advance

Posted by vid on September 03, 2012 at 07:05 PM BST #

Post a Comment:
Comments are closed for this entry.
About

Fat Bloke

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today