[Question] forwarding traffic within internal adapters

Discussions about using Linux guests in VirtualBox.

[Question] forwarding traffic within internal adapters

Postby Craig26 » 30. Jun 2022, 17:16

Hello everyone,
I would like make some chain: hostVBvm-->VM0(with 2 adapters: NAT, INTERNAL)-->VM1(with 2 INTERNAL adapters, one look on VM0(internal adapter of), second look on VMguest0(internal adapter of))-->VMguest0
So, it's look something like Qubes, but without XEN, so have idea realize high-level of security benefits but without excessive complexity(and bags) as well as in Qubes.
It's works okay if chain looks like: hostVBvm-->VM(with 2 adapters: NAT, INTERNAL)-->VMguest1
But, when I tried to use one more layer - I can't forward traffic, and my VMguest0 hadn't connection to internet.
I tried iptables, bridge, ip route, and finally all of his actions were unsuccessful.
P.S. On each layer (VM0, VM1) traffic encapsulate in some protocol(vpn, ssh etc)

Maybe someone encountered with this problem and could give me advise, or someone can explain me why it's not working. Spent already 2 days on google without any result.
Craig26
 
Posts: 2
Joined: 30. Jun 2022, 17:05

Re: [Question] forwarding traffic within internal adapters

Postby scottgus1 » 30. Jun 2022, 20:03

Virtualbox's Internal networks are essentially basic Ethernet cables with an unmanaged Ethernet switch between. There is no special configuration. See Virtualbox Networks: In Pictures: Internal Network. Each Internal network layer between VMs needs its own unique name.

Confirm that you can ping over the Internal network between the VMs. Once each VM can ping the other VM on the Internal network, then all the setup in Virtualbox is complete. Then whatever else is necessary to set up is done in the VM's OS.

FWIW to pass network from one Internal network to another through a computer, the computer must have some form of router software on it. See your OS's help channels for how to route network traffic from one network adapter to another. Apply the solution to the VMs in the middle.
scottgus1
Site Moderator
 
Posts: 16086
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: [Question] forwarding traffic within internal adapters

Postby fth0 » 30. Jun 2022, 20:20

FWIW, when chaining or nesting VMs, you probably have to enable promiscuous mode in the network settings of your first VM.
fth0
Volunteer
 
Posts: 3654
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: [Question] forwarding traffic within internal adapters

Postby Craig26 » 1. Jul 2022, 19:39

I would like to get more concrete answers, (not just "learning more") thanks
Craig26
 
Posts: 2
Joined: 30. Jun 2022, 17:05

Re: [Question] forwarding traffic within internal adapters

Postby fth0 » 1. Jul 2022, 20:33

I thought that my statement was concrete already (you can ignore the word "probably" in it to make it even more concrete). ;)

Seriously, your post sounded like you already know what you're doing, and since even networking professionals (me included ;)) tend to miss the promiscuous mode that is key in such setups, I mentioned it. What information do you need?

BTW, do you know Whonix?
fth0
Volunteer
 
Posts: 3654
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: [Question] forwarding traffic within internal adapters

Postby scottgus1 » 1. Jul 2022, 20:35

Concrete answers will require concrete data. As fth0 asks, what further information do you seek?

Have you confirmed that you can ping between each pair of VMs over the network?
scottgus1
Site Moderator
 
Posts: 16086
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux


Return to Linux Guests

Who is online

Users browsing this forum: scottgus1 and 12 guests