Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Discussions related to using VirtualBox on Windows hosts.
Post Reply
dc2
Posts: 4
Joined: 27. May 2018, 23:48

Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by dc2 »

Hi all,

I have set up a Cloud Hosted Router (CHR) by Mikrotik as a guest VM. My host is Win10. My intention is to have the guest (Router) "in front" of the host (network-wise).

At the moment I have the guest on a bridged adapter, host interface (192.168.156.2/24) has all protocols enabled (including tcp/ip) and I have statically setup the host to have the guest's ether2 (192.168.156.1/24) as gateway. The guest's ether1 is setup with DHCP on a different subnet (192.168.89.0/24) that has internet access to the outside world.

Compared to my original intention this is not correct, because the host and guest are "side by side" network-wise.

What do I need to change to get the host behind the guest? Do I need to use an additional Host-only Network?

Thank you in advance.
BillG
Volunteer
Posts: 5102
Joined: 19. Sep 2009, 04:44
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 10,7 and earlier
Location: Sydney, Australia

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by BillG »

What you really need it two physical NICs in the host machine. One is bridged to the public NIC on your virtual router. The virtual router needs a physical NIC to itself for the Internet connection. This should be the only connection to the physical network and the host should not be able to use it, so all the bindings are disabled except the VirtualBox NDIS6 bridged networking driver disabled.

Now bridge the private side of your virtual router to the other physical NIC. Now the host (and any vm you bridge to this NIC) will be in the same private network behind your virtual router.

This is the best way to set up a router to isolate the host and guests from the Internet.

Host only was not really designed to work like that. It was designed to provide a simple host-guest connection and by default it cannot be routed. I have never tried to force it to work in the way you propose. You certainly don't need two of them.
Bill
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by socratis »

BillG wrote:What you really need it two physical NICs in the host machine.
I've been thinking about that... Why do you actually need 2 NICs? I think that with 1 physical NIC and 1 HostOnly network, you can make it work. I'm not as experienced in networking as you are, but, it sometimes helps me if I "draw" the networks:
+----------------------------+
|                            |
|     +---------+       +---------+
+ - - |  Host   | ----> |  Guest  |
| 1   +---------+   2   +---------+
|
+-------------- (Router) ---------- Internet
  1. That's the physical NIC, that has all its bindings disabled *except* the VirtualBox Bridged one. That way, the guest can use the host's "connectivity" to get an actual (LAN) IP address.
  2. That's the HostOnly network. The host uses the guest as its router.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
dc2
Posts: 4
Joined: 27. May 2018, 23:48

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by dc2 »

@BillG : This is a laptop device, cannot add NICs... Any alternatives?

@socratis: What you describe was my first attempt, but notice that when setting up a HostOnly network there is no "Gateway" setting i.e. HostOnly networks are supposed to be closed to the outside world. Am I wrong / is there a workaround?
BillG
Volunteer
Posts: 5102
Joined: 19. Sep 2009, 04:44
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 10,7 and earlier
Location: Sydney, Australia

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by BillG »

You can add a USB network adapter to a laptop.

The host only approach might work. As I said, it was not designed to do that but that does not mean it would not work. I have just never done it. You would probably need to configure the IPs manually so that the host used the guest as its gateway.
Bill
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by socratis »

dc2 wrote:when setting up a HostOnly network there is no "Gateway" setting i.e. HostOnly networks are supposed to be closed to the outside world
As BillG says, HostOnly was *not* designed for that operation, only the reverse one. It was assumed that the VM's access would stop at the host. But I don't know what happens if the host tries to go through the guest.

First of all, I believe that it won't work straight like it's "drawn". You'd need to install a proxy/router in the VM. Search for "pfSense site:forums.virtualbox.org" and see what you can find...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
JEBjames
Posts: 58
Joined: 26. Jan 2017, 18:27
Primary OS: MS Windows other
VBox Version: OSE other
Guest OSses: Centos, Ubuntu, Debian, Various Windows
Contact:

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by JEBjames »

I setup pfsense/opnsense in virtualbox using two bridged network adapters (both linked to the same physical network adapter on the host). Not ideal, but it works for testing, but there were a few things to note.

I turned off dhcp on Opnsene's "lan" interface and gave it a fixed ip to avoid dualing dhcp servers.
The default config blocks reserved local network address space space (e.g. 192.168.*.* 10.*.*.*, etc.) on the opnsense "WAN" network. Unblock whichever one your lan is using.

I set my host's gateway/dns to point to the opnsource vpn...internet traffic is being filtered by the guest.

But then my windows host needed to reboot after an update. After reboot my host was trying to route all net traffic to my vm (which was turned off). Okay, no problem. I was done playing with opnsense so I changed my host default gateway/dns back to my regular router. At this point my host had internet access again. But bridged networking was 100% broken on all vms. None of them could get an IP address.

Rebooting the host fixed everything.
dc2
Posts: 4
Joined: 27. May 2018, 23:48

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by dc2 »

I'll go with USB NIC option first and let you know results...
dc2
Posts: 4
Joined: 27. May 2018, 23:48

Re: Use a Guest Router for all Host traffic - Win10 Host with Mikrotik CHR Guest

Post by dc2 »

USB NIC worked like a charm!

I can't do the same with the wireless adapter, though... Am I missing something fundamental/obvious? Should I post details of the wireless setup?
Post Reply