Windows 10 Guest unable to DHCP using Bridged Networking

Discussions related to using VirtualBox on Windows hosts.
Post Reply
IndigoFortyTwo
Posts: 7
Joined: 3. Oct 2019, 13:34

Windows 10 Guest unable to DHCP using Bridged Networking

Post by IndigoFortyTwo »

Hi,

I'm currently having a an issue trying to set up a new Windows 10 64-bit VM in Virtualbox 6.0.12 (also running Windows 10 64-bit). I need to use Bridged networking with this guest as the VM is to provide us with VPN access to customers, some of whom use PPTP VPNs.

If the bridge uses any wired adaptor (including the USB ethernet dongle I currently have connected to my laptop), then I can get an IP address using DHCP and, subsequently, connect to anything, anywhere, with no problems.

If, however, the bridge is set to use my laptop's wireless network connection then I cannot get an IP address using DHCP. I can set the guest up with a static IP and this connects without any problems, but, unfortunately, I need to use DHCP as the laptops this solution will be used on can operate from anywhere and, hence, pick up any IP range which is given out, for example on a home, hotel or other customer network. The wireless connection on the laptop itself can obtain an IP via DHCP so I know there aren't any resrictions on that front. I've tried a couple of laptops from different manufacturers (Dell and Lenovo) and I'm getting the same behaviour, i.e. static IP works fine, but DHCP doesn't. I've also tried an earlier version of VBox (5.2.26) and this behaved the same too.

Does anyone know of a way I might be able to get my guest VM to be able to get an IP via DHCP, or how I might me able to track the problem down (I've run out of knowledge)...?

Thanks
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by socratis »

First of all let me say that a little bit of searching hasn't hurt anyone, AFAIK...

Bridged over wireless don't always play nice. Bridged networking is outside the WLAN specification. Bridging to wireless is not really bridging. The guest shares the MAC of the host and the host does a sort of MAC-NAT translation based on IP addresses. Promiscuous mode doesn't exist in the official WLAN specifications. It may or may not work. Some combinations of Routers/Access Points, WLAN cards and drivers work, some don't. See: Bridging & Wifi - Supported hardware and add your experience. For example, it works fine in my home, but not in my office. Same laptop, same VM.

And here's a more technical explanation, pay special attention to the last paragraph:
vushakov in ticket [url=https://www.virtualbox.org/ticket/10019#comment:18]10019:18[/url] wrote: Many wifi routers now try to use unicast link-level destination for broadcast/multicast IP destination. The reasons are explained in http://tools.ietf.org/html/draft-vyncke ... ficient-01 - that is in context of IPv6, but the same logic applies to IPv4 (IPv6 is hit harder since it relies more on multicast). Behavior varies between wifi routers, so you may get bridged setup working with some and not working with others.

If the wifi router that is not working for you just uses unicast delivery for multicast, then 4.3.16 should help (a typical packet capture can be seen in #12207). In this case the host was receiving DHCP replies intended for the guest (broadcast IP, but unicast to host MAC), but was not rewriting MAC address correctly, so the guest was not receiving the packet. If you plug another computer into the wired port of the router to capture DHCP exchange as seen on the wired side, you would see the same DHCP replies sent to ethernet broadcast on the wired connection. So this is just an optimization for wifi that some routers do.

Unfortunately - and this is orthogonal to multicast/unicast issue above - some routers will send DHCP replies to broadcast IP, but to the unicast client MAC address (i.e. guest MAC in this case) fetched from the DHCP request. These packets will never be even seen by the host. I'm afraid the packet captures in comment:14 is an example of that. In the ethernet capture you can see DHCP replies unicast to guest and in the wireless capture you don't see any replies at all. I have one router like this (though it at least uses ethernet broadcast for its DHCP NAKs, so you can see something in the wireless capture :).

This latter kind of routers has problems with DHCP, but usually you can work around it by not using DHCP and using static IP instead. E.g. I cannot connect to that router of mine with DHCP, but if I use static IP in the guest then I get normal connectivity. Yes, this is suboptimal :(, but better than no connectivity if you must use bridged for some reason.
And from another post:
vushakov in ticket [url=https://www.virtualbox.org/ticket/10019#comment:25]10019:25[/url] wrote: Now, my memory is hazy, but the summary of what's going on here is roughly like this:

Guest sends DHCP request with its MAC in chaddr
We tweak the packet to make sure the DHCP broadcast flag is set
The packet is sent with hosts MAC as source (as all packets are with bridged-to-wifi)
The server should reply with a broadcast, but tries to optimize and use unicast instead
Correct optimization is to send unicast to the host's MAC (source MAC of the DHCP request as seen by the server).
Bad optimization is to send unicast to the MAC from chaddr (VM's MAC).

The latter obviously doesn't work as the packet never reaches the host and hence the guest.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
IndigoFortyTwo
Posts: 7
Joined: 3. Oct 2019, 13:34

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by IndigoFortyTwo »

Many thanks - appreciate the response.

I did do some searching before I posted was aware of that compatibility thread, but I'm sorry if it didn't look that way.

One thing I realise that I omitted to mention is that I already have a Windows 7 VM on the same host where the bridging over the wireless works just fine with DHCP. From what you say, have I just been lucky?

Thanks
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by scottgus1 »

Are you saying that the Windows 7 guest gets DHCP over Wifi Bridged at the same time that the Windows 10 guest fails to get DHCP? As in both guests are running concurrently and 7 connects but 10 does not?
IndigoFortyTwo
Posts: 7
Joined: 3. Oct 2019, 13:34

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by IndigoFortyTwo »

scottgus1 wrote:Are you saying that the Windows 7 guest gets DHCP over Wifi Bridged at the same time that the Windows 10 guest fails to get DHCP? As in both guests are running concurrently and 7 connects but 10 does not?
I've just done a test and neither machine is now able to get DHCP over the wireless bridge and it's regardless of whether the two guests are running concurrently or separately.

I'm really confused now (and it's the classic IT thing) - the Windows 7 guest was working fine as I've used it this way in the past, although I'd struggle to say exactly when as my laptop is usualy connected to a dock in the office which is where I'd usually run the VM. And now it isn't.

I guess the question is whether I've just been lucky in the past, or whether there's any way to try and trace what might be going on to see if there is a resolution..?
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by scottgus1 »

IndigoFortyTwo wrote:whether I've just been lucky in the past
More than likely.

Was the dock wired or were you still wifi in the office?

As Socratis mentioned above, Bridged over Wifi (I'd like to hear Simon and Garfunkel try to sing about that instead of the other Bridge :lol: ) may work in some places, not in others, if it works at all.

If it does work on your host PC when wifi-ing in some places and not others, then your host PC allows it, and the some places that don't allow it are too strict implementing the Wi-fi protocol. If it never works anywhere, then your host PC is likely the culprit, although you may have just not found a less-strict wireless access point yet.

Bridged always works over wired Ethernet. And since you'll be using these guests for client VPN access, you should really scrap the Wi-fi and go wired.
IndigoFortyTwo
Posts: 7
Joined: 3. Oct 2019, 13:34

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by IndigoFortyTwo »

scottgus1 wrote: Was the dock wired or were you still wifi in the office?
The dock is wired. Personally, I tend to prefer wired networking where I can get it. The difficulty is that sometimes I, or our Consultants, may be out and about and trying to access a customer network from a hotel where a wired port isn't available. NAT would be great, but it prevents us from connecting via PPTP. If anyone has any suggestions as it feels like I'm now between the proverbial rock and hard place, I'd be most grateful...
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by scottgus1 »

NAT is the usual go-to. If the VPN won't connect through NAT, then NAT's out, though.

An above suggestion is to use static IP for Bridged instead of DHCP. But that will require manual setup each place the laptop is used and may not be allowed or work in a hotel.

Once I heard of someone connecting the guest to Host-Only, then using the host PC's Internet Connection Sharing or its own Bridging capabilities to connect the host PC's Host-Only adapter to the wi-fi adapter. I have never tried it.

Final thought from outside the IT window: Are your traveling consultants going to want to start a Virtualbox guest and all the ensuing configuration to get to the clients' VPN? Maybe the consultants need their own company laptop with the VPN installed on the laptop's OS & no Virtualbox involved?
IndigoFortyTwo
Posts: 7
Joined: 3. Oct 2019, 13:34

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by IndigoFortyTwo »

scottgus1 wrote:Once I heard of someone connecting the guest to Host-Only, then using the host PC's Internet Connection Sharing or its own Bridging capabilities to connect the host PC's Host-Only adapter to the wi-fi adapter. I have never tried it.
That's an interesting one, thanks - I'll give it a try...
scottgus1 wrote:Final thought from outside the IT window: Are your traveling consultants going to want to start a Virtualbox guest and all the ensuing configuration to get to the clients' VPN? Maybe the consultants need their own company laptop with the VPN installed on the laptop's OS & no Virtualbox involved?
It's a very fair call, but we have run into problems with this in the past: our consultants often want to be able to connect to our own office VPN as well as to a customer and if, say, the customer uses the Cisco IPSEC VPN client then this typically forces all the network traffic to go down the tunnel and so they can't connect to the office at the same time. We came up with the idea of using a virtual machine to connect to customer machines as this allows the host to connect back to our office and we can use VBox's shared folder and bidirectional clipboard features to copy files and data between the two machines. When it works, it's great!
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Windows 10 Guest unable to DHCP using Bridged Networking

Post by scottgus1 »

Hmm, yes, I can see how two VPNs at the same time would be a problem. Yep, there's definitely room for a virtual machine in your setup.

Please let us know how the Host-Only Bridge works. I might try it this weekend too.
Post Reply