Avoid automatic copy of host's DNS servers to NAT Network DHCP server option 6?

Discussions related to using VirtualBox on Windows hosts.

Avoid automatic copy of host's DNS servers to NAT Network DHCP server option 6?

Postby CoconutPilot » 24. Jun 2021, 01:56

I am trying to prevent VB from automatically copying the host's DNS servers to the VB DHCP server when using NATNetwork. The reason is one of the host's DNS servers is bogus, and since the list of servers is sorted by IP it always comes first rendering VMs useless without manual config.

This is a snippet of my network config. There is a TAP adapter that is part of Akamai EAA which provides secure access to my company's internal websites. The annoying thing is it exports a DNS server 100.64.0.1 which isn't a real DNS server.

Code: Select all   Expand viewCollapse view
>ipconfig /all (irrelevant fields stripped from output)

Windows IP Configuration

   Host Name . . . . . . . . . . . . : bar
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Peer-Peer
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : foo . com

Unknown adapter EAATAP:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : EAATAP secure Windows Adapter V9
   IPv4 Address. . . . . . . . . . . : 100.64.0.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 100.64.0.1

Ethernet adapter LAN:

   Connection-specific DNS Suffix  . : foo.com
   Description . . . . . . . . . . . : Intel(R) Ethernet Connection (7) I219-LM
   IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : June 20, 2021 8:52:07 PM
   Lease Expires . . . . . . . . . . : June 24, 2021 8:52:08 AM
   Default Gateway . . . . . . . . . : 192.168.0.254
   DHCP Server . . . . . . . . . . . : 192.168.0.254
   DNS Servers . . . . . . . . . . . : 192.168.0.254
                                       1.1.1.1


This is my VirtualBox DHCP server config. With this config things are working well:

Code: Select all   Expand viewCollapse view
>"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" list dhcpservers
NetworkName:    MyNATNet
Dhcpd IP:       192.0.0.3
LowerIPAddress: 192.0.0.100
UpperIPAddress: 192.0.0.250
NetworkMask:    255.255.255.0
Enabled:        Yes
Global Configuration:
    minLeaseTime:     default
    defaultLeaseTime: default
    maxLeaseTime:     default
    Forced options:   None
    Suppressed opts.: None
        1/legacy: 255.255.255.0
        3/legacy: 192.0.0.1
        6/legacy: 192.168.0.254 1.1.1.1


Once I start a VM the DHCP server config adds the EAATAP DNS server (see "6/legacy" below):
Code: Select all   Expand viewCollapse view
>"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" list dhcpservers
NetworkName:    MyNATNet
Dhcpd IP:       192.0.0.3
LowerIPAddress: 192.0.0.100
UpperIPAddress: 192.0.0.250
NetworkMask:    255.255.255.0
Enabled:        Yes
Global Configuration:
    minLeaseTime:     default
    defaultLeaseTime: default
    maxLeaseTime:     default
    Forced options:   None
    Suppressed opts.: None
        1/legacy: 255.255.255.0
        3/legacy: 192.0.0.1
        6/legacy: 100.64.0.1 192.168.0.254 1.1.1.1


In VBoxSVC.log I see:
Code: Select all   Expand viewCollapse view
...
60:15:39.213620          Started NAT network 'MyNATNet'
60:15:39.213988          Saving settings file "E:\xxx.vbox" with version "1.17-windows"
60:15:43.136451          HostDnsMonitorProxy::GetNameServers:
60:15:43.136474            name server 1: 100.64.0.1
60:15:43.136486            name server 2: 192.168.0.254
60:15:43.136495            name server 3: 1.1.1.1


If I manually set the DNS servers (option 6) via:
Code: Select all   Expand viewCollapse view
VBoxManage.exe dhcpserver modify --network=MyNATNet --set-opt=6 "1.1.1.1 8.8.8.8"


that setting is lost the next time VBoxNetDHCP.exe is started. Any ideas?
CoconutPilot
 
Posts: 5
Joined: 26. Apr 2021, 19:11

Re: Avoid automatic copy of host's DNS servers to NAT Network DHCP server option 6?

Postby BillG » 24. Jun 2021, 04:27

I doubt that you will find a way to do that. I suspect it has a lot to do with Akamai and very little to do with VirtualBox.

You could test that by running the vms in an internal virtual network and setting up your own NAT router (using a vm appliance such as pfSense) instead of using Nat-network. My guess is that Akamai would still force its DNS option on to the router. As far as Akamai is concerned, the vms are inside your private network and need to be protected, just like your PCs.
Bill
BillG
Volunteer
 
Posts: 4796
Joined: 19. Sep 2009, 04:44
Location: Sydney, Australia
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 7,8,Server

Re: Avoid automatic copy of host's DNS servers to NAT Network DHCP server option 6?

Postby fth0 » 24. Jun 2021, 11:49

You can probably shift your problem to the host by 9.8.6. Using the Host's Resolver as a DNS Proxy in NAT Mode. Please report back what you discover.
fth0
Volunteer
 
Posts: 2168
Joined: 14. Feb 2019, 03:06
Location: Germany
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...

Re: Avoid automatic copy of host's DNS servers to NAT Network DHCP server option 6?

Postby CoconutPilot » 26. Jun 2021, 00:48

BillG wrote:I doubt that you will find a way to do that. I suspect it has a lot to do with Akamai and very little to do with VirtualBox.


I can reproduce it without Akamai installed. Create a VM and NATNetwork. In the DHCP server for the NATNetwork change the DNS servers (option 6). Start the VM, automatically the DNS servers are changed to what the host has.

This behavior makes sense, if you have a laptop and move it to another location the DNS servers of the previous location may no longer be valid. I was hoping there was a way to avoid this automatic updating.
CoconutPilot
 
Posts: 5
Joined: 26. Apr 2021, 19:11

Re: Avoid automatic copy of host's DNS servers to NAT Network DHCP server option 6?

Postby CoconutPilot » 26. Jun 2021, 00:51

fth0 wrote:You can probably shift your problem to the host by 9.8.6. Using the Host's Resolver as a DNS Proxy in NAT Mode. Please report back what you discover.


Thanks, this looked very promising but didn't work. It turns out it is only supported in "NAT" mode and I am using "NATNetwork" or NATservice mode.
CoconutPilot
 
Posts: 5
Joined: 26. Apr 2021, 19:11


Return to VirtualBox on Windows Hosts

Who is online

Users browsing this forum: Martin and 31 guests