Tutorial - Guest Static IP with NAT networking mode

This is for discussing general topics about how to use VirtualBox.

Tutorial - Guest Static IP with NAT networking mode

Postby carvalhais1981 » 16. Apr 2012, 05:32

First things first:
This topic will describe how to get your guest working with static IP addresses on a NAT enabled virtual interface. While the instructions outlined here will probably work for any guest / host combination, chances are good that other VirtualBox networking modes already provide you with the desired functionality out-of-the-box. Think about it for a while before going on.


Usage scenarios:
Having static IP's behind a NAT is not always just a matter of personal preference, and even though VirtualBox offers a plethora of networking modes out-of-the-box, on occasional situations they don't fit perfectly to suit one needs. Having said that, these are some of the possible scenarios for this:
  • roaming host systems, on which it is sometimes very difficult to establish a consistent network setup;
  • guest features that will only work with static IP addresses;
  • inability to get DHCP working on the guest for some obscure reason;

Bits of information:
The VirtualBox manual gives all the hints needed to accomplish this task but doesn't state explicitly how to do it, so I won't give detailed information for every possible system. Instead I'll put together all the pieces of information, so that you can do this on your own.

First, you need to understand how the network IP numbering works for NAT enabled interfaces. Just disconsider the manual is talking about DHCP for the moment:
The virtual machine receives its network address and configuration on the private network from a DHCP server integrated into VirtualBox. The IP address thus assigned to the virtual machine is usually on a completely different network than the host. As more than one card of a virtual machine can be set up to use NAT, the first card is connected to the private network 10.0.2.0, the second card to the network 10.0.3.0 and so on.


Also, once you have understood how the network numbering works, you need to know how to reach the default gateway and name server for each network. Again, let's humbly ask to the all mighty manual:
In NAT mode, the guest network interface is assigned to the IPv4 range 10.0.x.0/24 by default where x corresponds to the instance of the NAT interface +2. So x is 2 when there is only one NAT instance active. In that case the guest is assigned to the address 10.0.2.15, the gateway is set to 10.0.2.2 and the name server can be found at 10.0.2.3.


Okay, so now we know how VirtualBox numbers the NAT networks and assigns IP addresses to the virtual servers in its built-in NAT engine. The little gap that the manual is missing, is stating that you don't actually need to use the dynamically assigned IP address to reach the virtual gateway or name resolver. If your VM's static IP is in the same network range as the NAT engine's network, the virtual servers will gladly accept the request and service it.

You just have to configure the gateway and DNS server IP according to the above rules, and your guest will have full network connectivity even with static IPs behind a NAT. There are however a few settings that I had set up on my environment, since they made sense to me, and probably will for many who use this particular setup:

Enabling DNS proxy in NAT mode
The NAT engine by default offers the same DNS servers to the guest that are configured on the host. In some scenarios, it can be desirable to hide the DNS server IPs from the guest. In this case, you can tell the NAT engine to act as DNS proxy using the following command (note that the <1-N> part of the command should be substituted by the number corresponding to your interface):
Code: Select all   Expand viewCollapse view
VBoxManage modifyvm "VM name" --natdnsproxy<1-N> on


Disabling domain passing to the guest
Since your VM may have multiple IP's coexisting on the same interface, and generally you want them to resolve to the same domain name you had to set up because of the static IP address, it makes sense to prevent the DHCP server from passing on the domain name to that particular interface in cases asks for an (subsequent) IP lease (note that the <1-N> part of the command should be substituted by the number corresponding to your interface):
Code: Select all   Expand viewCollapse view
VBoxManage modifyvm "VM name" --natdnspassdomain<1-N> off


Setting up port forwarding
Of course you can use the VBoxManage utility to set up port forwarding on your VM as well. Take a look on the --natpf<1-N> option for further information on how to accomplish this.

Well, I hope that if this post didn't completely solve your issues, at least it had put you on the right track to get things done. Best regards,

Andre Carvalhais.
carvalhais1981
 
Posts: 2
Joined: 23. May 2011, 04:35
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Windows XP, Linux, FreeBSD and OpenBSD

Re: Tutorial - Guest Static IP with NAT networking mode

Postby Vasily » 16. Apr 2012, 06:01

Thank Andre for writing this tutorial, but I don't thing DNS proxing and passing domain is related to the topic. DNS proxy mode was intended to restore old behavior of reporting default DNS server IP (usually 10.0.2.3) for users who may relay on this, when we let NAT's dhcp server to inform guest about all DNS servers registered on the host side.
Vasily
 

Re: Tutorial - Guest Static IP with NAT networking mode

Postby carvalhais1981 » 16. Apr 2012, 21:56

Vasily,

First of all, thanks for your reply. It was not my intention to induce people into thinking that the natdnsproxy and the natdnspassdomain options are related to the use of a static IP behind a NAT enabled interface. I just wanted to emphasize those options, because of some of the scenarios I had given, they made sense to me. Sorry if I was not clear on this. Just for the sake of completeness, I'll state why I'm using them.

natdnsproxy: my VBox host is a laptop I carry around with me, and since I travel a lot, I use it to connect to many different networks, with very heterogeneous setups (hotel networks, public networks, and even on quarantined networks segments, when the local sysadmin is a careful one); on some of this networks, DNS queries passing the border are silently dropped, so I had chosen to proxy them so that I could have a consistent single setup within the guest, having the host to proxy them to the correct name server (usually configured with DHCP).

natdnspassdomain: many of my guests are UNIX-like OSes, which have a a resolv.conf file on which I usually set up a domain search path (that is different than that of the host); one of the niceties of UNIX is having multiple IP's on the same interface, and if this further IP's were brought up with DHCP, the server reply would contain the host's domain search path, which would clash with the one configured within the resolv.conf file; this way I can still rely on DHCP to bring additional IP's up, and still have name resolution working, no matter if I'm using static or dynamic IP's.

I hope this brings some more meaning to what I have previously said. Best regards,

Andre.
carvalhais1981
 
Posts: 2
Joined: 23. May 2011, 04:35
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Windows XP, Linux, FreeBSD and OpenBSD


Return to Using VirtualBox

Who is online

Users browsing this forum: No registered users and 17 guests