source ip is 10.0.2.2 for all incoming packets

Discussions related to using VirtualBox on Linux hosts.

source ip is 10.0.2.2 for all incoming packets

Postby dovydas » 28. Jul 2011, 23:52

Hi,

I have set apache webserver in debian host with debian guest with virtualbox port forwarding.

Code: Select all   Expand viewCollapse view
# iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:8888
$ VBoxManage modifyvm "webserver" --natpf1 "guestwww,tcp,,8888,10.0.2.15,80"


Whenever I access my webserver I can see in apache logs that all packets are coming from source IP 10.0.2.2.
So any log analyzing is pretty useless because apache thinks that all visitors are coming from the same source!

Code: Select all   Expand viewCollapse view
10.0.2.2 - - [29/Jul/2011:00:37:18 +0300] "GET / HTTP/1.1" 304 212 "-" "Mozilla/5.0 (X11; U; Linux x86_64; lt; rv:1.9.1.19) Gecko/20110701 Iceweasel/3.5.19 (like Firefox/3.5.19)"
10.0.2.2 - - [29/Jul/2011:00:37:35 +0300] "GET / HTTP/1.1" 200 486 "-" "Opera/9.80 (BlackBerry; Opera Mini/6.24209/25.692; U; en) Presto/2.5.25 Version/10.54"


As you can see in the apache log source IP is always 10.0.2.2. First log line if from browser in the host machine and the second log line is from my mobile blackberry.

How can I get original source IP address back?
Is there a better way to do port forwarding?
dovydas
 
Posts: 7
Joined: 28. Jul 2011, 23:09
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Debian Squeeze

Re: source ip is 10.0.2.2 for all incoming packets

Postby Sasquatch » 29. Jul 2011, 00:12

When you're doing port forwarding, you will almost always get the source from the router, unless the router keeps the source. VB doesn't keep it. To avoid this, use Bridged instead. See the User Manual - chapter 6 for more information about that. Bridged is not an option if you don't have a router for your internet connection (except for special cases, which this probably isn't).
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
Sasquatch
Volunteer
 
Posts: 17800
Joined: 17. Mar 2008, 13:41
Location: /dev/random
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux

Re: source ip is 10.0.2.2 for all incoming packets

Postby dovydas » 30. Jul 2011, 23:38

I have added a router between my ISP and a host PC and used a virtualbox bridged connection.

Router WAN interface 78.60.X.X
Router LAN interface 192.168.1.1
Host LAN interface 192.168.1.2
Guest interface (bridged with host interface) 192.168.1.3.

Everything works as expected. My apache server can see source IP of incoming packets now.

Thank you Sasquatch for explaining virtualbox limitations.
dovydas
 
Posts: 7
Joined: 28. Jul 2011, 23:09
Primary OS: Debian other
VBox Version: OSE Debian
Guest OSses: Debian Squeeze

Re: source ip is 10.0.2.2 for all incoming packets

Postby Perryg » 31. Jul 2011, 00:36

Slight correction if you please. It is not a limitation of VirtualBox but a limitation of NAT which is the way it is by design. Bridged works just fine.
Perryg
Site Moderator
 
Posts: 34373
Joined: 6. Sep 2008, 22:55
Primary OS: Linux other
VBox Version: OSE self-compiled
Guest OSses: *NIX

Re: source ip is 10.0.2.2 for all incoming packets

Postby Sasquatch » 13. Aug 2011, 13:06

It is a combination of the limitation of NAT, along with VB. Routers apparently add something to the network traffic to work around this and show the original source, instead of rewriting the entire flow to make it appear it's coming from one source. This is not done in VB, because it would make it harder to keep the table of which data needs to go where, since all the VMs configured for NAT have the same network config (gateway, IP, etc). On a normal network, this isn't the case because the clients have unique addresses.
Routers add some data, VB doesn't. Or VB rewrites the stream source IP and routers don't. At least something is different.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
Sasquatch
Volunteer
 
Posts: 17800
Joined: 17. Mar 2008, 13:41
Location: /dev/random
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux

Re: source ip is 10.0.2.2 for all incoming packets

Postby boris.samardzija » 27. Jun 2013, 20:30

This is possible without bridge mode! For some strange reason, the default NAT mode in VirtualBox rewrites original source.

What you want is to switch NAT to transparent mode with

Code: Select all   Expand viewCollapse view
VBoxManage modifyvm <your-vm name> --nataliasmode1 proxyonly


More info here

http://www.virtualbox.org/manual/ch09.h ... -adv-alias
http://www.virtualbox.org/manual/ch08.html#idp18407536
https://www.virtualbox.org/ticket/6524
https://www.virtualbox.org/ticket/7608
boris.samardzija
 
Posts: 2
Joined: 4. Aug 2012, 14:35


Return to VirtualBox on Linux Hosts

Who is online

Users browsing this forum: No registered users and 25 guests