Windows-Host/Linux-Guest: Host can not reach guest via network

Discussions related to using VirtualBox on Windows hosts.
Post Reply
stsc
Posts: 3
Joined: 5. Nov 2021, 15:58

Windows-Host/Linux-Guest: Host can not reach guest via network

Post by stsc »

Hello,

I have a setup where
  • the guest system can ping the host system
  • but the host can not ping the guest
This setup has been working for a while, and I'm not aware of any changes I've made.
Somehow it seems Windows is blocking outgoing traffic on the host-only adapter (not only limited to "ping", but also to SMB).


I hope someone can help to troubleshoot the issue.
I'm providing the information that I htink is needed -- let me know if any additional information would be helpful


My configurations/versions of VirtualBox, host and guest are as follows:


VirtualBox 6.1.28

2 network adapters configured:
  • NAT, so the guest has internet access (that works)
  • host-Only adapter with static IP 192.168.100.1/255.255.255.0
Windows 10 Host:

Code: Select all

> route print
[...]
IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0   172.29.163.254    172.29.163.51     50
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    331
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    331
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    331
    172.17.138.48  255.255.255.240   Auf Verbindung     172.17.138.49   5256
    172.17.138.49  255.255.255.255   Auf Verbindung     172.17.138.49   5256
    172.17.138.63  255.255.255.255   Auf Verbindung     172.17.138.49   5256
     172.29.163.0    255.255.255.0   Auf Verbindung     172.29.163.51    306
    172.29.163.51  255.255.255.255   Auf Verbindung     172.29.163.51    306
   172.29.163.255  255.255.255.255   Auf Verbindung     172.29.163.51    306
    192.168.100.0    255.255.255.0   Auf Verbindung     192.168.100.1    281
    192.168.100.1  255.255.255.255   Auf Verbindung     192.168.100.1    281
  192.168.100.255  255.255.255.255   Auf Verbindung     192.168.100.1    281
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    331
        224.0.0.0        240.0.0.0   Auf Verbindung     192.168.100.1    281
        224.0.0.0        240.0.0.0   Auf Verbindung     172.29.163.51    306
        224.0.0.0        240.0.0.0   Auf Verbindung     172.17.138.49   5256
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    331
  255.255.255.255  255.255.255.255   Auf Verbindung     192.168.100.1    281
  255.255.255.255  255.255.255.255   Auf Verbindung     172.29.163.51    306
  255.255.255.255  255.255.255.255   Auf Verbindung     172.17.138.49   5256
[...]
Linux guest

The Linux guest system uses a static IP address (192.168.100.2) for the Host-Only adapter and receives a DHCP lease for NAT:

Code: Select all

# ip addr show

[...]
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:95:e1:27 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 73869sec preferred_lft 63069sec
    inet6 fe80::6ed8:f6d1:369b:5374/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 08:00:27:38:60:e2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.2/24 brd 192.168.100.255 scope global enp0s8
       valid_lft forever preferred_lft forever
    inet 192.168.100.2/32 scope global enp0s8
       valid_lft forever preferred_lft forever
[...]
I find the following output on the guest system strange:

Code: Select all

# traceroute 192.168.100.1
traceroute to 192.168.100.1 (192.168.100.1), 30 hops max, 60 byte packets
 1  _gateway (10.0.2.2)  0.210 ms  0.168 ms  0.158 ms
 2  _gateway (10.0.2.2)  1.482 ms  1.473 ms  1.465 ms

Code: Select all

# ip route 
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 1002 
10.0.2.0/24 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 1002 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
BillG
Volunteer
Posts: 5102
Joined: 19. Sep 2009, 04:44
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 10,7 and earlier
Location: Sydney, Australia

Re: Windows-Host/Linux-Guest: Host can not reach guest via network

Post by BillG »

If the host and guest both have an interface in the 192.168.100.0/24 subnet, traceroute and routing table information are meaningless. They will communicate directly on that network, and no routing takes place.

If you can ping in one direction but not the other, I would suspect a firewall setting. See if it works if you disable the Windows firewall.

SMB is disabled by default in Windows 10 (for very good reasons). Have you enabled it?
Bill
stsc
Posts: 3
Joined: 5. Nov 2021, 15:58

Re: Windows-Host/Linux-Guest: Host can not reach guest via network

Post by stsc »

Routing
If the host and guest both have an interface in the 192.168.100.0/24 subnet, traceroute and routing table information are meaningless. They will communicate directly on that network, and no routing takes place.
That's what I'd expect, but e.g. Windows via

Code: Select all

route print
, and I think also the older Linux

Code: Select all

route -n
command, would explicitly show sth. like that:

Code: Select all

Network destination        netmask     gateway    interface     metric
192.168.100.0     255.255.255.0   on-link     192.168.100.1    281
192.168.100.1     255.255.255.255   on-link     192.168.100.1    281
192.168.100.255  255.255.255.255   on-link     192.168.100.1    281
I had the problem that using VPN, the connection wouldn't work (I can rule that out for now).
I assume in that case the route is somehow changed and messed up.
So why I show the routing table here is to verify that imho there's nothing wrong with it.


SMB
SMB is disabled by default in Windows 10 (for very good reasons). Have you enabled it?
Hm, not sure because it's a while back.
What I can say: SMB definitely worked, and I did not make any changes regarding SMB.


Firewall -- and routing again
If you can ping in one direction but not the other, I would suspect a firewall setting. See if it works if you disable the Windows firewall.
That sounds reasonable, and I think it must be sth like that.
However, the connection worked so far while Windows Defender was active.
I've now deactivated Windows Defender (without restarting Windows), still doesn't work.

The error report from "ping" (Windows host to Linux guest) changed, though:

Code: Select all

$ ping 192.168.100.2

Ping wird 192.168.100.2 mit 32 Bytes Data:
Antwort von 212.18.6.37: Zielnetz nicht erreichbar.
Antwort von 212.18.6.37: Zielnetz nicht erreichbar.
Antwort von 212.18.6.37: Zielnetz nicht erreichbar.
translates to "network not reachable". The IP address 212.18.6.37 is weird -- the Windows routing tabel doesn't mention any address like that.
I've activated Windows Defender again, and still get the same response now ("network not reachable").

I dunno why it tries to reach 192.168.100.2 via my internet router:

Code: Select all

 tracert 192.168.100.2

Routenverfolgung zu 192.168.100.2 ueber maximal 30 Hops
  1     2 ms     1 ms     2 ms  fritz.box [192.168.2.1]
  2  ac2.nue2.m-online.net [212.18.6.37]  meldet: Zielnetz nicht erreichbar.
Ablaufverfolgung beendet.
Of course that's the default route, but...

Code: Select all

route print
[...]
Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.181     35
[...]
192.168.100.0    255.255.255.0   Auf Verbindung     192.168.100.1    281
    192.168.100.1  255.255.255.255   Auf Verbindung     192.168.100.1    281
  192.168.100.255  255.255.255.255   Auf Verbindung     192.168.100.1    281
[...]

network profiles setting

I know that there are those network profiles settings:

https://www.dummies.com/article/technol ... -10-140265

but I'm not sure whether it could have to do with my problem.
stsc
Posts: 3
Joined: 5. Nov 2021, 15:58

Re: Windows-Host/Linux-Guest: Host can not reach guest via network

Post by stsc »

I've tried now with DHCP for the host-only adapter, which for me is the not the preferred solution -- but it works.
It definitely worked also with static IPs some days ago.
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: Windows-Host/Linux-Guest: Host can not reach guest via network

Post by fth0 »

BillG wrote:If the host and guest both have an interface in the 192.168.100.0/24 subnet, traceroute and routing table information are meaningless.
I beg to differ: ;)

Current user's problem: In the IP routing table, a dedicated route to the 192.168.56.0/24 network is missing, and in consequence the default route is being used for the packets sent by the traceroute command. Adding the missing route would have solved the problem.

Other users' problem: If a user erroneously configures the host-only adapter with a static IP address and a gateway IP address, there would be an additional default route for the host-only network with the highest metric, and the Internet could not be reached any more.
Post Reply