VirtualBox虚拟机网络设置-双机互通

本文主要转载自三篇logo:https://www.zhihu.com/question/277077127/answer/914825971
https://blog.csdn.net/indexman/article/details/79558386
https://www.nakivo.com/blog/virtualbox-network-setting-guide/

网络模式简介:

VirtualBox是一款SUN出品的非常优秀的虚拟机程序,版本也非常齐全,你可以在官网上找到适合各种操作系统平台的版本。
这里我先给大家大致讲解下VBox的网络配置及应用。
VirtualBox的提供了四种网络接入模式,它们分别是:
1、NAT 网络地址转换模式(NAT,Network Address Translation)
2、Bridged Adapter 桥接网卡
3、Internal 内部网络
4、Host-only Adapter 仅主机(Host-Only)模式
5、NAT Network NAT网络
下面我们分别对这五种网络模式进行分析解释:

第一种 NAT 【网络地址转换(NAT)】

解释:
NAT模式是最简单的实现虚拟机上网的方式,你可以这样理解:Vhost访问网络的所有数据都是由主机提供的,vhost并不真实存在于网络中,主机与网络中的任何机器都不能查看和访问到Vhost的存在。

  • 虚拟机与主机关系:
    只能单向访问,虚拟机可以通过网络访问到主机,主机无法通过网络访问到虚拟机。
  • 虚拟机与网络中其他主机的关系:
    只能单向访问,虚拟机可以访问到网络中其他主机,其他主机不能通过网络访问到虚拟机。
  • 虚拟机与虚拟机之间的关系:
    相互不能访问,虚拟机与虚拟机各自完全独立,相互间无法通过网络访问彼此。

第二种 Bridged Adapter 【桥接网卡】

解释:
网桥模式是通过主机网卡,架设了一条桥,直接连入到网络中了。因此,它使得虚拟机能被分配到一个网络中独立的IP,所有网络功能完全和在网络中的真实机器一样。
虚拟机与主机关系:
可以相互访问,因为虚拟机在真实网络段中有独立IP,主机与虚拟机处于同一网络段中,彼此可以通过各自IP相互访问。

  • 虚拟机于网络中其他主机关系:
    可以相互访问,同样因为虚拟机在真实网络段中有独立IP,虚拟机与所有网络其他主机处于同一网络段中,彼此可以通过各自IP相互访问。
  • 虚拟机于虚拟机关系:
    可以相互访问,原因同上。
    IP:一般是DHCP分配的,与主机的“本地连接”的IP 是同一网段的。虚拟机就能与主机互相通信。

笔记本插网线时:(若网络中有DHCP服务器)主机与虚拟机会通过DHCP分别得到一个IP,这两个IP在同一网段。 主机与虚拟机可以ping通,虚拟机可以上互联网。

笔记本未插网线时:主机与虚拟机不能通信。主机的“本地连接”有红叉,就不能手工指定IP。虚拟机也不能通过DHCP得到IP地址,手工指定IP后,也无法与主机通信,因为主机无IP。
这时主机的VirtualBox Host-Only Network 网卡是有ip的,192.168.56.1。虚拟机就算手工指定了IP 192.168.56.*,也ping不通主机。

第三种 Internal 【内部网络】

解释:
内网模式,顾名思义就是内部网络模式,虚拟机与外网完全断开,只实现虚拟机于虚拟机之间的内部网络模式。

  • 虚拟机与主机关系:
    不能相互访问,彼此不属于同一个网络,无法相互访问。
  • 虚拟机与网络中其他主机关系:
    不能相互访问,理由同上。
  • 虚拟机与虚拟机关系:
    可以相互访问,前提是在设置网络时,两台虚拟机设置同一网络名称。如上配置图中,名称为intnet。
    IP: VirtualBox的DHCP服务器会为它分配IP ,一般得到的是192.168.56.101,因为是从101起分的,也可手工指定192.168.56.*。

这种方案不受主机本地连接(网卡)是否有红叉的影响。

第四种 Host-only Adapter 【仅主机(Host-Only)网络】

解释:
仅主机模式,这是一种比较复杂的模式,需要有比较扎实的网络基础知识才能玩转。可以说前面几种模式所实现的功能,在这种模式下,通过虚拟机及网卡的设置都可以被实现。
我们可以理解为Vbox在主机中模拟出一张专供虚拟机使用的网卡,所有虚拟机都是连接到该网卡上的,我们可以通过设置这张网卡来实现上网及其他很多功能,比如(网卡共享、网卡桥接等)。

  • 虚拟机与主机关系
    只能单向访问,物理主机可以通过网络访问到虚拟机,虚拟机无法通过网络访问到物理主机。
    (在最下面一篇的英文blog中,虚拟机和物理主机是可以互通的,但是测试中关闭物理主机和虚拟机防火墙,虚拟机ping物理主机的虚拟网卡还是显示ip不可达。测试通过的麻烦留言告知,谢谢了)
  • 虚拟机与网络主机关系
    默认不能相互访问。
  • 虚拟机与虚拟机关系
    默认可以相互访问,都是同处于一个网络。

第五种 NAT Network 【NAT 网络】

解释:
NAT 网络模式,该模式需要在全局设定里添加网络并设置(按照添加网络的默认设置就可以),同时能够设置端口转发,使主机网络能够通过端口转发访问虚拟机网络。该模式和NAT模式是不同的。
NAT(network address translation 网络地址转换),就是将虚机所在网段的私有 IP(例如 10.15.0.2)转换为宿主机的所在网段的 IP( 例如 192.168.31.15 )然后通过宿主机来访问互联网,当然宿主机所在网段也是私有的,它会继续向上层(比如 家庭/公司路由器)请求 NAT,一层一层转换,直到数据传送到公网可见的网络设备。 在 NAT 模式下,楼主应该可见所有的虚机的 IP 都是相同的,因为他们的网络接口(命令:ip addr show)不是相通的,没有一个公共的网关,只是简单做了虚机到宿主的 NAT,而 NAT Network 则是有公共网关(可以理解为路由器)的,所以这种模式下,所有虚机在同一个网段下,既可以互相通信又可以访问互联网。

  • 虚拟机与主机
    虚拟机能够 ping通主机,主机能够通过NAT Network的端口转发ping通虚拟机。
    在这里插入图片描述
  • 虚拟机与虚拟机关系
    虚拟机之间默认处于同一网段,互相之间能够通讯。

NAT Network方案优缺点:
笔记本插网线时: 虚拟机可以访问主机,虚拟机可以访问互联网,在做了端口映射后(最后有说明),主机可以访问虚拟机上的服务(如数据库)。
笔记本未插网线时: 主机的“本地连接”有红叉的,虚拟机可以访问主机,虚拟机不可以访问互联网,在做了端口映射后,主机可以访问虚拟机上的服务(如数据库)。

本段内容为自己实践验证后修改,主要来源转载自:https://www.zhihu.com/question/277077127/answer/914825971

通过对以上几种网络模式的了解,我们就可以灵活运用,模拟组建出我们所想要的任何一种网络环境了。
比如我想模拟出来一个一台主机,监控一个局域网上网情况的网络环境。
首先我开启了两台虚拟机vhost1与vhost2,当然如果硬件允许,我同样可以再增加vhost3、vhost4…
所有的vhost我都设置成internat内网模式,网络名称为intnal,网关为192.168.56.100,意思就是通过 192.168.56.100网卡上网。其中有一台vhost1我设置为双网卡,一张为内网模式(192.168.56.100),一张为网桥模式(192.168.1.101)。两张网卡设置双网卡共享上网
虚拟机之间为局域网,其中有一台虚拟机vhost1通过与外网相连,所有局域网中的虚拟机又通过vhost1来实现上外网。这样vhost1就可以监控整个虚拟机局域网上网情况了。


解决方案:

转载自:https://blog.csdn.net/indexman/article/details/79558386
关于虚拟机中几种网络连接方式请参考其他教程。

平常,我们安装好虚机,用桥接方式也就够了。毕竟它能上内网和外网。

但是有个问题,如果你的网络环境发生变化,虚机的Ip也会随之改变(桥接的Ip和主机ip必须是同一网段)。
为了解决此问题,喜欢折腾的我选择了NAT网络+Host-Only的组合。

NAT网络,负责上外网通信;
Host-Only网络,负责主机和虚机通信。

1.关闭虚拟机系统

2.管理-全局设定,添加NAT网络

在这里插入图片描述

3.打开虚拟机设置-网络
网卡1选择:
连接方式:NAT网络

界面名称:选择2中设定的NAT网络,我这里是默认的:NatNetwork

在这里插入图片描述

网卡2选择:
连接方式:仅主机(Host-Only)网络

界面名称:VirtualBox Host-Only Network, 这地方对应的就是网络连接中的网络。一定要启用它否则选不到的。

在这里插入图片描述在这里插入图片描述

关于此网络的详细信息,请看全局工具:

在这里插入图片描述
在这里插入图片描述

不要启用,我们后面会再linux里配置静态IP。

在这里插入图片描述

4.启动虚拟机系统,创建ifcfg-eth1

[root@rhel-server ~]# cd /etc/sysconfig/network-scripts/
[root@rhel-server ~]# touch ifcfg-eth1
[root@rhel-server network-scripts]# vim ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
NETMASK=255.255.255.0
IPADDR=192.168.56.101

执行ifconfig -a,会出现2块网卡,eth0和eth1:

eth0      Link encap:Ethernet  HWaddr 08:00:27:59:84:A1
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe59:84a1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:55 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3762 (3.6 KiB)  TX bytes:5272 (5.1 KiB)

eth1      Link encap:Ethernet  HWaddr 08:00:27:7B:A4:51
          inet addr:192.168.56.101  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe7b:a451/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:481 errors:0 dropped:0 overruns:0 frame:0
          TX packets:481 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:46070 (44.9 KiB)  TX bytes:53168 (51.9 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

eth0对应的NAT网络;
eth1对应Host-Only网络。

5.验证网络联通性:

5.1 虚机访问百度:

[root@rhel-server network-scripts]# ping www.baidu.com
PING www.a.shifen.com (119.75.213.61) 56(84) bytes of data.
64 bytes from 119.75.213.61: icmp_seq=1 ttl=50 time=36.0 ms
64 bytes from 119.75.213.61: icmp_seq=2 ttl=50 time=41.8 ms
64 bytes from 119.75.213.61: icmp_seq=3 ttl=50 time=39.4 ms

5.2 虚机访问主机:

[root@rhel-server network-scripts]# ping 172.30.100.73
PING 172.30.100.73 (172.30.100.73) 56(84) bytes of data.
64 bytes from 172.30.100.73: icmp_seq=1 ttl=63 time=1.03 ms
64 bytes from 172.30.100.73: icmp_seq=2 ttl=63 time=1.12 ms
64 bytes from 172.30.100.73: icmp_seq=3 ttl=63 time=1.12 ms

5.3 主机访问虚机:

C:\Users\ACER>ping 192.168.56.101

正在 Ping 192.168.56.101 具有 32 字节的数据:
来自 192.168.56.101 的回复: 字节=32 时间<1ms TTL=64

来自 192.168.56.101 的回复: 字节=32 时间<1ms TTL=64

————————————————
版权声明:本文为CSDN博主「罗汉爷」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/indexman/article/details/79558386

=============================================================================

个人感觉下面的这篇英文blog更全面细致:https://www.nakivo.com/blog/virtualbox-network-setting-guide/

In this modern business world, networking is a crucial component of interactive computer operations. It is difficult to imagine how to exchange data between computers without networks in a world where everything is changing at ever-growing speed. One of the central focal ideas behind hardware virtualization is the possibility to use virtual machines in nearly all cases where physical computers can also be used. Thus, virtual machines must be able to connect to physical and virtual networks with their virtual network adapters. Virtual machines running on VirtualBox can be connected to different networks. VirtualBox provides multiple network modes for virtual machines. Today’s blog post covers VirtualBox network settings to help you configure VirtualBox in the best way possible to suit your needs.

Below, the following VirtualBox network modes will be discussed and compared:

  • Not Attached
  • NAT
  • NAT Network
  • Bridged Adapter
  • Internal Network
  • Host-Only Adapter
  • Generic Driver

Virtual Network Adapters

Each VirtualBox VM can use up to eight virtual network adapters, each of which in turn is referred to as a network interface controller (NIC). Four virtual network adapters can be configured in the VirtualBox GUI (graphical user interface). All virtual network adapters (up to 8) can be configured with the VBoxManage modifyvm command. VBoxManage is a command line management tool of VirtualBox that can be used for configuring all VirtualBox settings including VirtualBox network settings. VirtualBox network adapter settings can be accessed in the virtual machine settings (select your VM, hit Settings and go to the Network section in the VM settings window).

VirtualBox Network Settings for Adapter 1

There you should see four adapter tabs. One virtual network adapter is enabled by default after virtual machine creation. You can tick the “Enable Network Adapter” checkbox to enable the adapter and untick the checkbox to disable (this checkbox defines whether a virtual network adapter device is connected to a VM or not).

Hit Advanced to expand advanced VirtualBox network adapter settings.

Data Protection with NAKIVO Backup & Replication

NAKIVO Backup & Replication delivers high-end data protection for SMBs and enterprises with multiple backup, replication and recovery features, including VMware Backup, Hyper-V Backup, Office 365 Backup and more.

Types of Virtual Network Adapters in VirtualBox

A virtual network adapter is a software-emulated physical device. There are six virtual adapter types that can be virtualized by VirtualBox.

  • AMD PCnet-PCI II (Am79C970A). This network adapter is based on AMD chip and can be used in many situations. As for Windows guests, this network adapter can be used for older Windows versions (such as Windows 2000) because newer Windows versions such as Windows 7, 8 and 10 do not contain a built-in driver for this adapter. Originally, the Am79C970A PCI device contained a single chip 10-Mbit controller and the DMA engine was integrated. This network adapter also supports AMD’s Magic Packet technology for remote wake-up.
  • AMD PCnet-FAST III (Am79C973). This virtualized network adapter is supported by almost all guest operating systems that can run on VirtualBox. GRUB (the boot loader) can use this adapter for network boot. Similarly to the previous network adapter, this one is based AMD chip.
  • Intel PRO/1000 MT Desktop (82540EM). This adapter works perfectly with Windows Vista and newer Windows versions. The most of Linux distributions support this adapter as well.
  • Intel PRO/1000 T Server (82543GC). Windows XP recognizes this adapter without installing additional drivers.
  • Intel PRO/1000 MT Server (82545EM). This adapter model is useful to import OVF templates from other platforms and can facilitate import process.
  • Paravirtualized Network Adapter (virtio-net) is a special case. Instead of virtualizing networking hardware that is supported by most operating systems, a guest operating system must provide a special software interface for virtualized environments. This approach allows you to avoid the complexity of networking hardware emulating and, as a result, can improve network performance.

The industry standard virtIO networking drivers are supported by VirtualBox. VirtIO networking drivers are a part of the KVM project and are open-source. These drivers are available for Linux with kernel 2.6.25 or later, and Windows including older versions such as Windows 2000, XP and Vista.

Jumbo frames support

VirtualBox provides limited support for jumbo frames (Ethernet frames that can carry packets which size is more than 1,500 bytes). If you need to use jumbo frames, select an Intel virtualized network adapter, and configure that adapter to work in bridged mode. AMD-based virtual networks adapters don’t support jumbo frames. If you try to enable jumbo frames for AMD-based virtual network adapters, jumbo frames will be dropped silently for input and output traffic. Jumbo frames are disabled by default.

VirtualBox Network Modes

VirtualBox provides a long list of network modes, which is one of the most interesting features of VirtualBox network settings. Each virtual network adapter can be separately configured to operate in a different network mode. For example, you can set the NAT mode for the adapter 1 and the Host-only mode for the adapter 2. You can select the network mode in the Attached to drop-down menu.

VirtualBox network settings – selecting a network mode for the virtual network adapter

Let’s consider each VirtualBox network mode in detail.

Not attached

A virtual network adapter is installed in a VM, but the network connection is missing, much like when you unplug the Ethernet network cable when using a physical network adapter. This mode can be useful for testing. For example, you can enable this network mode for a short time to emulate unplugging the cable. When you disable the Not Attached mode by switching to another network mode, the network connection becomes available again. You can also check whether a DHCP client obtains the IP address correctly, whether the appropriate application can resume downloading after link interruption or packet loss, and so on.

Instead of using the Not Attached network mode, you can use any other network mode without ticking the Cable Connected checkbox. You can tick/untick the checkbox when a VM is in the running state (see the screenshot above). Don’t forget to hit OK to apply changes in the VM network configuration.

NAT

This network mode is enabled for a virtual network adapter by default. A guest operating system on a VM can access hosts in a physical local area network (LAN) by using a virtual NAT (Network Address Translation) device. External networks, including the internet, are accessible from a guest OS. A guest machine is not accessible from a host machine, or from other machines in the network when the NAT mode is used for VirtualBox networking. This default network mode is sufficient for users who wish to use a VM just for internet access, for example.

The IP address of the VM network adapter is obtained via DHCP and the IP addresses of the network used in this network mode cannot be changed in the GUI. VirtualBox has a built-in DHCP server and NAT engine. A virtual NAT device uses the physical network adapter of the VirtualBox host as an external network interface. The default address of the virtual DHCP server used in the NAT mode is 10.0.2.2 (this is also the IP address of the default gateway for a VM). The network mask is 255.255.255.0.

If you configure the network adapters of two or more VMs to use the NAT mode, each VM will obtain the 10.0.2.15 IP address in its own isolated network behind a private virtual NAT device. The default gateway for each VM is 10.0.2.2. In VirtualBox IP addresses are not changed when the NAT mode is used, as you can see below:

VirtualBox network modes – how the NAT mode works

In order to enable the NAT mode for a VM with VBoxManage, execute the following command:

VBoxManage modifyvm VM_name --nic1 nat

Where:

  • VM_name is the name of your virtual machine;
  • nic1 is the number of the virtual network adapter;
  • nat is the name of the VirtualBox network mode that you need to set.

Port forwarding can be configured right from the VirtualBox VM network settings window by clicking the Port forwarding button (seen in the screenshot above). Detailed information about configuring port forwarding in VirtualBox network settings, which you can find below after the Network Modes section.

NAT Network

This mode is similar to the NAT mode that you use for configuring a router. If you use the NAT Network mode for multiple virtual machines, they can communicate with each other via the network. The VMs can access other hosts in the physical network and can access external networks including the internet. Any machine from external networks as well as those from a physical network to which the host machine is connected cannot access the VMs configured to use the NAT Network mode (similarly to when you configure a router for internet access from your home network). You cannot access the guest machine from the host machine when using the NAT Network mode (unless you are configuring port forwarding in global VirtualBox network settings). A built-in VirtualBox NAT router uses a physical network interface controller of the VirtualBox host as an external network interface (as is the case for the NAT mode).

VirtualBox network settings – the NAT Network mode

The network address and name can be changed in the global VirtualBox preferences (File > Preferences). In the left pane of the Preferences window, select Network to access global VirtualBox network settings, then double click your existing NAT network to edit the settings (you can also add a new network or delete an existing network by clicking the + or x icons).

Global VirtualBox network settings – editing the settings of the NAT Network

In the small pop-up window that will appear, it is also possible to enable/disable DHCP, IPv6 and configure port forwarding.

VirtualBox network settings – configuring the NAT Network

The default address of the NatNetwork is 10.0.2.0/24.

The default gateway IP is 10.0.2.1 (the x.x.x.1 template is used to assign the default gateway IP). For example, if you create a new virtual network for the NAT Network mode in VirtualBox and set the 192.168.22.0/24 network address, the IP address of the gateway in this network will be 192.168.22.1. You cannot change the IP address of the gateway for the network used in the NAT Network mode and change the range of IP addresses issued by the DHCP server. Similarly, the IP address of the DHCP server is 10.0.2.3 by default (the x.x.x.3 template is used).

The IP configuration of the Windows 7 VM running on VirtualBox with a virtual network adapter configured in the NAT Network mode is displayed on the screenshot.

A Windows 7 VM is configured to work in the NAT Network mode

If you don’t want to edit VirtualBox network settings in the GUI, you can add a new NAT network with VBoxManage by using the command:

VBoxManage natnetwork add --netname natnet1 --network "192.168.22.0/24" --enable

Where:

  • natnet1 is the name of the NAT network;
  • 192.168.22.0/24 is the address of that NAT network.

If you want to configure a VM network adapter in order to use the NAT Network mode with VBoxManage, run the following command:

VBoxManage modifyvm VM_name --nic1 natnetwork

Where:

  • nic1 is the first virtual network adapter (network interface controller);
  • natnetwork is the name of the VirtualBox network mode.

You may need to shut down the VM before applying these settings.

In order to avoid repeating the same command with VBoxManage when selecting a network mode for the virtual network adapter of a VM in each section of the article, consider the names of all possible VirtualBox network modes: none, null, nat, natnetwork, bridged, intnet, hostonly, generic.

Port forwarding is one more option that can be accessed and configured from this window. Port forwarding can be used to configure access from the host machine and other hosts of the same physical network to the services running on the guest OS inside the VM (see details below). As you can see, the location of the port forwarding settings for the NAT mode and NAT Network modes are different in the VirtualBox GUI. Port forwarding settings for the NAT mode are available in VM > Settings > Network while port forwarding settings for the NAT Network mode can be configured in File > Preferences > Network. This is because port forwarding rules for the NAT mode are individual for each VM while port forwarding rules for the NAT Network mode are common for multiple VMs whose adapters are connected to the appropriate NAT network. See details about configuring port forwarding below in the Port Forwarding section.

Bridged Adapter

This mode is used for connecting the virtual network adapter of a VM to a physical network to which a physical network adapter of the VirtualBox host machine is connected. A VM virtual network adapter uses the host network interface for a network connection. Put simply, network packets are sent and received directly from/to the virtual network adapter without additional routing. A special net filter driver is used by VirtualBox for a bridged network mode in order to filter data from the physical network adapter of the host.

This network mode can be used to run servers on VMs that must be fully accessible from a physical local area network. When using the bridged network mode in VirtualBox, you can access a host machine, hosts of the physical network and external networks, including internet from a VM. The VM can be accessed from the host machine and from other hosts (and VMs) connected to the physical network.

If you have multiple physical network adapters on the host machine, you should select the correct adapter in VirtualBox network settings. On the screenshot below you can see two physical network adapters – Ethernet adapter and Wi-Fi adapter . If you use the bridged mode for a wireless network adapter, you cannot use low-level features of that Wi-Fi adapter in a guest operating system. For example, you cannot select Wi-Fi networks to connect to, enable the monitoring mode, etc. Instead, you need to connect to the Wi-Fi network on the host machine. If you have to use all features of the Wi-Fi adapter in the guest OS of the VM, use a USB Wi-Fi adapter and the USB Pass-through feature as explained in the blog post about installing Kali Linux on VirtualBox.

VirtualBox network settings – selecting an adapter for the Bridged network mode

In VirtualBox, the IP address of a VM virtual network adapter can belong to the same network as the IP address of the physical network adapter of the host machine when the bridged mode is used. If there is a DHCP server in your physical network, the virtual network adapter of the VM will obtain the IP address automatically in the bridged mode (if obtaining an IP address automatically is set in the network interface settings in a guest OS). Thus, the default gateway for a virtual network adapter operating in the bridged mode is the same as for your host machine. Let’s look at a simple example with IP addresses.

The address of the physical network: 10.10.10.0/24

The IP address of the default gateway in the physical network: 10.10.10.1

The IP address of the DHCP server in the physical network: 10.10.10.1

IP configuration of the host machine: The IP address – 10.10.10.72; netmask – 255.255.255.0; default gateway – 10.10.10.1.

IP configuration of the guest machine: The IP address – 10.10.10.91; netmask – 255.255.255.0; default gateway – 10.10.10.1.

VirtualBox network settings – bridged networking

Sometimes, you may find that you have multiple gateways in your physical network. You can use a host machine for connecting to necessary networks via one gateway and use a guest machine for connecting to other networks via the second gateway. You can also edit a routing table on your VM and add routes for using both gateways to connect to the appropriate networks. As you can see, the bridged network mode is a powerful option in VirtualBox network settings with a lot of use cases.

Promiscuous mode. This mode allows a network adapter to pass all received traffic, no matter to which adapter the traffic is addressed. In normal mode, a network adapter receives only frames that include the MAC address of this particular network adapter as the destination address in the header. The frames that are addressed to a MAC address which differs from the MAC address of the selected adapter (when traffic is not broadcast) are dropped when in normal mode. The promiscuous mode makes it possible for a physical network adapter to have multiple MAC addresses, allowing all incoming traffic to pass the physical network adapter of the host machine and reach the virtual network adapter of the VM which has its own MAC address that is represented on the host adapter, even if that traffic is not addressed to the virtual network adapter of that particular VM.

Most wireless network adapters don’t support the promiscuous mode. Bridging to Wi-Fi adapters is done in following way – VirtualBox replaces the appropriate MAC addresses in the headers of Ethernet frames that must be delivered to the virtual network adapter of the VM (the MAC address of the host Wi-Fi adapter must be used for that traffic). The promiscuous mode is useful for network testing and security audits. You can enable the promiscuous mode in VirtualBox network settings and monitor network traffic with a sniffer.

There are three options of using the promiscuous mode.

  • Deny. Any traffic that is not intended to the virtual network adapter of the VM is hidden from the VM. This option is set by default.
  • Allow VMs. All traffic is hidden from the VM network adapter except the traffic transmitted to and from other VMs.
  • Allow All. There are no restrictions in this mode. A VM network adapter can see all incoming and outgoing traffic.

The Promiscuous mode can be used not only for the Bridged network mode, but also for NAT Network, Internal Network and Host-Only Adapter modes.

Internal Network

Virtual machines whose adapters are configured to work in the VirtualBox Internal Network mode are connected to an isolated virtual network. VMs connected to this network can communicate with each other, but they cannot communicate with a VirtualBox host machine, or with any other hosts in a physical network or in external networks. VMs connected to the internal network cannot be accessed from a host or any other devices. The VirtualBox internal network can be used for modelling real networks.

For example, you can create three VMs, each of which has a virtual network adapter (Adapter 1) connected to the internal network. The IP addresses of these network adapters are defined from the subnet used for the VirtualBox internal network (you should define the subnet manually). One of these VMs (VM1) also has a second virtual network adapter that is configured to operate in the NAT mode. The VM1 is configured as a router (one of the best solutions for creating a router is to install Linux and configure IPTABLES, but for the first time you can use simpler routing solutions in a case of VirtualBox network testing).

A VM2 and VM3 whose network adapters are connected only to the VirtualBox internal network can have access to external networks if the IP address of the internal network adapter of the VM1 are set as a gateway in the network settings of VM2 and VM3.

Network configuration used in this example:

VM1. IP address – 192.168.23.1 (internal network mode); 10.0.2.15 (NAT mode), gateway 10.0.2.2 (the IP address of the built-in VirtualBox NAT device).

VM2. IP address – 192.168.23.2 (internal network), gateway – 192.168.23.1

VM3. IP address – 192.168.23.3 (internal network), gateway – 192.168.23.1

VirtualBox internal network subnet: 192.168.23.0/24

See the diagram below for more clarity.

VirtualBox network settings – using the Internal network mode in a combination with the NAT mode

Note: You can also deploy such virtual infrastructure for testing firewall rules in IPTABLES before implementing them in your real network infrastructure, but it is preferable to use the bridged mode and not the NAT mode for the second virtual network adapter of the VM1 when connecting to/from external networks.

Host-only Adapter

This network mode is used for communicating between a host and guests. A VM can communicate with other VMs connected to the host-only network, and with the host machine. The VirtualBox host machine can access all VMs connected to the host-only network.

VirtualBox network settings – VMs use the host-only network

The VirtualBox Host-Only virtual network adapter is created in a host operating system for use in the host-only network. You can edit settings of this VirtualBox network by going to File > Host Network Manager.

VirtualBox network settings - configuring the Host-Only network

In our case, the default network address of the host-only network is 192.168.56.0/24 and the IP address of the virtual network adapter on the host machine is 192.168.56.1. You can edit these IP addresses manually in the Adapter tab. A DHCP server can be enabled or disabled by ticking the appropriate checkbox. In the DHCP Server tab, you can set the IP address of the DHCP server, netmask and the range of IP addresses to be issued for DHCP clients.

VirtualBox network settings – configuring a DHCP server for a Host-Only network

The virtual network adapters of the VMs don’t have a gateway in their IP configuration because the Host-Only mode doesn’t allow you to connect to any devices outside the host-only network. It is also possible to create more than one VirtualBox host-only network adapter in order to use different host-only networks—just press the Create button. If the host-only network is no longer needed, simply select the adapter and hit Remove.

Generic Driver

This network mode allows you to share the generic network interface. A user can select the appropriate driver to be distributed in an extension pack or be included with VirtualBox.

Two sub-modes are available for VirtualBox Generic Driver mode – UDP Tunnel and VDE (Virtual Distributed Ethernet) Networking.

UDP Tunnel. Virtual machines that run on different hosts can communicate transparently by using an existing network infrastructure.

VDE Networking. Virtual machines can connect to a virtual distributed switch on Linux or FreeBSD hosts. You need to compile VirtualBox from sources to use VDE networking since standard VirtualBox packages don’t include this feature.

Comparison of VirtualBox Network Modes

For more convenience, let’s summarize all information about network modes supported by VirtualBox in this table:

VirtualBox network settings – Comparison oVirtualBox Network Modes

Port Forwarding

Port forwarding is a process of intercepting traffic addressed to the appropriate IP address and port in addition to redirecting that traffic to a different IP address and/or port. Special applications can be used on computers and other router devices to configure port forwarding. One of the most popular use cases for port forwarding is by providing access to particular network services that are hidden behind the NAT from external networks. After configuring port forwarding rules, clients can access the appropriate services from outside by connecting to the router’s (host’s) external IP address and specified port.

The packets are first intercepted by an application on the router, then the application reads the destination IP address and port number of the appropriate headers (IP packet headers, headers of TCP or UDP segments). If a combination of the destination IP address and/or port number in headers matches a condition set in a port forwarding rule, the routing application rewrites the header information (IP address and/or port number) and sends a packet/segment to another network interface according to the port forwarding rule.

By default, connecting to VirtualBox VMs whose network adapters are set to operate in the NAT or NAT Network mode is impossible from a VirtualBox host and other hosts in LAN, but VirtualBox provides a built-in port forwarding feature to enable such access.

Example 1 – SSH access

Let’s now consider configuring port forwarding for connecting to VirtualBox VMs using the example of connecting to an SSH server running on an Ubuntu Linux VM that is connected to the network by the NAT mode. You can read how to install Ubuntu on VirtualBox in this blog post.

The input data:

Host IP: 10.10.10.72 (a physical NIC).

Ubuntu VM IP: 10.0.2.15 (NAT mode)

User name: user1

1. Install the SSH server on the Ubuntu VM.

apt-get install openssh-server

2. Edit the SSH server configuration file.

vim /etc/ssh/sshd_config

3. Uncomment the string for enabling authentication with passwords.

PasswordAuthentication yes

4. Restart the SSH daemon (service).

/etc/init.d/ssh restart

5. Verify that the SSH server is working and try to connect to the SSH server from localhost (Ubuntu VM).

ssh user1@127.0.0.1

6. If everything is OK, you can start configuring port forwarding in VirtualBox.

As you recall, you should open VM settings and select the Network section. Select your virtual network adapter that is configured to work in the NAT mode, expand Advanced settings and hit the Port Forwarding button. Click the + icon to add a new port forwarding rule in VirtualBox network settings of the VM.

VirtualBox network settings – configuring port forwarding for the NAT mode

An SSH server listens the 22-nd TCP port by default. Let’s create a rule that allows you to forward all connections to the VirtualBox host machine on port 8022 to the Ubuntu VM on port 22 that is listened by SSH server. First, you can create a rule that allows for connections only from the VirtualBox host.

NameProtocolHost IPHost PortGuest IPGuest Port
Ubuntu-SSHTCP127.0.0.1802210.0.2.1522

The view of the port forwarding rules window in the VirtualBox GUI is shown on the screenshot below.

VirtualBox network settings – the SSH port forwarding rule is created

Open an SSH client (for example, PuTTY if you use Windows) on your VirtualBox host and connect to 127.0.0.1 on port 8022.

Other hosts in your physical network will be able to access the Ubuntu VM via SSH by connecting to the VirtualBox host machine on port 8022 if you create a similar port forwarding rule where the real IP address of your physical network adapter of the VirtualBox host will be defined instead of the localhost IP address (127.0.0.1). In this example, the IP address of the physical NIC on the VirtualBox host is 10.10.10.72.

NameProtocolHost IPHost PortGuest IPGuest Port
Ubuntu-SSHTCP10.10.10.72802210.0.2.1522

Open an SSH client on your VirtualBox host or on another host attached to your LAN and connect to your VirtualBox host IP on port 8022.

Example 2 – HTTP access

If you want to deploy a web server on your VM and provide access to your web sites from outside, you can add another port forwarding rule. Let’s consider how to configure that port forwarding rule for accessing a web site deployed on an Ubuntu VM from a VirtualBox host machine and other machines connected to the physical local area network (LAN). Apache is used as a web server in this example.

First, install Apache on the Ubuntu VM running on VirtualBox.

apt-get install apache2

The ufw firewall is disabled in Ubuntu by default. If a firewall is enabled on your Ubuntu VM, make sure that access to the TCP 80 port is enabled.

After installing Apache, open a web browser on your Ubuntu VM and access the default Apache page by entering http://127.0.0.1 in the address bar. If everything is OK, you will see the Apache2 Ubuntu default page in your web browser.

This means that now you can configure a port forwarding rule in VirtualBox network settings for accessing your web site hosted on the Ubuntu VM. Open the Port Forwarding settings window by going to VM settings > Network > [select your adapter] > Port Forwarding (similarly as explained above). You can add a new rule by doing the following:

NameProtocolHost IPHost PortGuest IPGuest Port
Ubuntu-HTTP80TCP10.10.10.72808010.0.2.1580

Open a web browser on your host machine or on any other machine connected to your physical network and enter the IP address of your VirtualBox host machine and port defined in the port forwarding rule created above:

http://10.10.10.72:8080

In the current example, 10.10.10.72 is the IP address of the VirtualBox host machine and 8080 is a TCP port listened on the VirtualBox host machine. A positive result of configuring port forwarding is shown on the screenshot below.

VirtualBox network settings – the HTTP port forwarding rule has been created successfully

You can also create similar rules for accessing a VM via RDP, FTP and other protocols.

Configuring port forwarding for VMs whose virtual network adapters work in the NAT Network mode functions similarly (see the section above where the NAT Network mode is explained for locating port forwarding settings for the NAT Network mode).

Conclusion

VirtualBox is a powerful virtualization solution that is flexible and provides a wide range of network settings. Each VM can use up to eight virtual network adapters, and each network adapter can be emulated as the appropriate model of real Intel and AMD network interface controllers (NICs). VirtualBox network adapter settings allow you to change the MAC address of each virtual NIC, plug or unplug the virtual network cable, and select the network mode. Setting the network mode for a virtual network adapter is one of the most interesting and important parts of VirtualBox network settings. There are six network modes, each of which can be utilized for different use cases. Port forwarding can be configured for external access to VMs whose network adapters operate in NAT or NAT Network modes.

Today’s blog post has covered VirtualBox network settings, but if you want to learn more about VirtualBox, you are welcome to check out our blog posts about VirtualBox usage, installing VirtualBox Extension Pack, and updating VirtualBox. You can also read blog posts about comparing VirtualBox with VMware and Hyper-V, where network settings of these virtualization platforms are discussed as well.

posted @ 2020-04-29 17:16  SXWZ  阅读(1232)  评论(0编辑  收藏  举报