Hi guys, I've been having trouble with this for months, searched the forums via google and I can't seem to figure out why this is happening. I really desperately need your help!
I have a host machine (disabled firewall) with a VM (with NAT enabled for the VM). I have set the host port to 53/UDP to forward to VM port 5333/UDP. This does not work meaning I do not get any reponses.
However, if I set the host port 5333/UDP to VM port 5333/UDP, I can query the DNS server and get responses. This is driving me insane.
And while insane, I ran VirtualBox as root as well (since I thought maybe it was an under privileged issue) and the same goes, simply cannot get host port 53/UDP to forward to VM port 5333/UDP (no answers)
Here is where it gets really wild, I can run ubuntu dnsproxy on port 53 which queries 127.0.0.1 port 5333 and get responses when I use the host 5333/UDP to VM 5333/UDP - but this results in dns server only seeing requests originating from the host (10.0.2.2) and so this is a no go solution for me. I need the requesters IP addresses.
Can someone help me out here?
Host is running on Ubuntu 18.04.6 LTS. Virtualbox version: 6.1.30 r148432
Thanks so much!
DNS requests not being forwarded to NAT VM
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: DNS requests not being forwarded to NAT VM
Please look over the manual, https://www.virtualbox.org/manual/ch09.html#changenat. See if anything there will help. Also see https://www.virtualbox.org/manual/ch06. ... imitations.
The PDF of the manual is text-searchable: https://download.virtualbox.org/virtual ... Manual.pdf
The PDF of the manual is text-searchable: https://download.virtualbox.org/virtual ... Manual.pdf
-
- Volunteer
- Posts: 5677
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: DNS requests not being forwarded to NAT VM
In the networking stack of most OSes, only one process can listen on a port at any time, and usually a DNS server/forwarder/proxy process is listening on port 53/UDP. In consequence, a VirtualBoxVM process cannot additionally listen on it, so the port forwarding must fail.Rish wrote:I have set the host port to 53/UDP to forward to VM port 5333/UDP.
What are you really trying to achieve?
Re: DNS requests not being forwarded to NAT VM
Thanks scottgus1 for this manual, I was not aware of it! I just went through it and I don't think my issue is covered by it - the closest thing I found that might have been related was under the limitations section where it is recommended to run the VM as root if you need to bind to port slover than 1024. I have already done this.scottgus1 wrote:Please look over the manual, https://www.virtualbox.org/manual/ch09.html#changenat. See if anything there will help. Also see https://www.virtualbox.org/manual/ch06. ... imitations.
The PDF of the manual is text-searchable: https://download.virtualbox.org/virtual ... Manual.pdf
I will mess around with the other recommendations related to dnsproxy but I don't think that is it if this is being applies to specific VM as far as I can tell - my reasoning being that I can run dnsproxy on the host and forward to NATed port eg. 127.0.0.1 (host) with port (5333) which has been set to port forward to NAT VM port 5333.
I feel like this might be a host setting issue but I could be wrong.
Re: DNS requests not being forwarded to NAT VM
Hi fth0, thanks for responding, really appreciate it as well. Definitely agree with you here regarding only one process listen to the port. To be clear, when I try doing the port forwarding, the host is clear of any application binding to port 53 udp. In fact, the only reason I decided to run the dnsproxy software on the host was because the NAT forwarding doesn't seem to be working for this particular port. I'm also running these VMs as root to avoid the 1024 limitation. It's really a perplexing situation.fth0 wrote:In the networking stack of most OSes, only one process can listen on a port at any time, and usually a DNS server/forwarder/proxy process is listening on port 53/UDP. In consequence, a VirtualBoxVM process cannot additionally listen on it, so the port forwarding must fail.Rish wrote:I have set the host port to 53/UDP to forward to VM port 5333/UDP.
What are you really trying to achieve?
In essence, what I want to do is use the VM as a the DNS server to answer DNS requests. I can only achieve this currently using dnsproxy software on the host which seems to lose the original requester's IP which I need (currently I only see requests from 10.0.2.2 which is the host IP when I keep an eye on the my dns server debug output).
Re: DNS requests not being forwarded to NAT VM
Hi guys, okay so I had a look at the logs for this VM via the UI interface (unfortunately I cannot copy and paste from that server) but it shows that indeed for some reason, NAT was unable to bind 0.0.0.0:53 to 0.0.0.0:5333 (according to the actual log). It seems that for some reason on this host, because there is something listening on 127.0.0.53 port 53, this seems to be causing the 0.0.0.0:53 bind to fail (???).
I have seemed to resolve this by setting the Host IP of the port forward for port 53 to the static IP of the host server (thankfully it's a static IP - this would be a pain if you're doing this with a dynamic ip as I think this would have to change everytime you ip changes). Anyways, this seems to work correctly - now I am able to get the original requesting IP.
I hope this helps others out there and thank you to all of you that rendered assistance!
I have seemed to resolve this by setting the Host IP of the port forward for port 53 to the static IP of the host server (thankfully it's a static IP - this would be a pain if you're doing this with a dynamic ip as I think this would have to change everytime you ip changes). Anyways, this seems to work correctly - now I am able to get the original requesting IP.
I hope this helps others out there and thank you to all of you that rendered assistance!
-
- Volunteer
- Posts: 5677
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: DNS requests not being forwarded to NAT VM
Usually this is systemd-resolved.Rish wrote:something listening on 127.0.0.53 port 53