VirtualBox 6.1.28, 6.1.32 no route to vboxnet with 192.168.99 network

Discussions related to using VirtualBox on Mac OS X hosts.
Post Reply
chrisinmtown
Posts: 12
Joined: 11. Sep 2021, 02:11

VirtualBox 6.1.28, 6.1.32 no route to vboxnet with 192.168.99 network

Post by chrisinmtown »

I'm using MacOS Big Sur 11.6.5. I use docker and docker-machine that depend on VirtualBox. I'm using basic features out of the box, just lets me build some docker images. Then today I upgraded Virtualbox from 6.1.26 to 6.1.32. The result was failure, the docker-machine CLI could no longer connect to the running machine in the usual way. Error message was something like:

Code: Select all

% docker-machine env    
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.104:2376": dial tcp 192.168.99.104:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.
After frantic searching I think I found that the network route table was not right. The running container was using 192.168.99.104. I checked the routing table and could not see *any* entries for network 192.168.99, just nothing. I believe, but am not 100% certain, that traffic for that network was simply being dumped on the default route and going to my ISP. But that's a SWAG.

Finally I uninstalled, re-installed VirtualBox 6.1.26 and then docker-machine could again connect, and I saw the following entries in the route table:

Code: Select all

% netstat -rn | grep 192.168.99                                                           
192.168.99         link#18            UC         vboxnet      !
192.168.99.9       8:0:27:60:bf:23    UHLWI      vboxnet    188
192.168.99.104     8:0:27:8c:c1:50    UHLWIi     vboxnet   1187
These entries were completely missing under VirtualBox 6.1.32.

Please comment on how to cope with new VirtualBox versions!
Last edited by chrisinmtown on 18. Apr 2022, 19:55, edited 2 times in total.
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: VirtualBox 6.1.32 no route to vboxnet with 192.168.99 network

Post by fth0 »

Search the VirtualBox User Manual for /etc/vbox/networks.conf.
chrisinmtown
Posts: 12
Joined: 11. Sep 2021, 02:11

Re: VirtualBox 6.1.32 no route to vboxnet with 192.168.99 network

Post by chrisinmtown »

Thanks @fth0 for the reply! My Macbook has no directory /etc/vbox, no file /etc/vbox/networks.conf, and search cannot find any files named networks.conf at all. Please tell me where to look for this.

Are you saying, to continue the old behavior, I need to create this file for version 6.1.32? That would be fairly challenging, right?
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: VirtualBox 6.1.32 no route to vboxnet with 192.168.99 network

Post by fth0 »

VirtualBox User Manual wrote:If other ranges are desired, they can be enabled by creating /etc/vbox/networks.conf and specifying allowed ranges there.
In a macOS Terminal, you could try something like (no guarantee ;)):

Code: Select all

sudo mkdir /etc/vbox; echo '* 192.168.99.0/24' | sudo tee /etc/vbox/networks.conf
chrisinmtown wrote:Are you saying, to continue the old behavior, I need to create this file for version 6.1.32? That would be fairly challenging, right?
Yes, and yes. You didn't read the change log, right? ;)
chrisinmtown
Posts: 12
Joined: 11. Sep 2021, 02:11

Re: VirtualBox 6.1.32 no route to vboxnet with 192.168.99 network

Post by chrisinmtown »

I confess I did not read the change.log. I see you quoted a direction "if other ranges are desired..". Well, I am using just one single docker machine, which was created automatically by brew, and some piece of magic in there chooses the range 192.168.99, I certainly didn't choose that range and I don't need any other ranges. So maybe, possibly, the docker-machine package installed by brew isn't doing the right things yet for the latest & greatest Virtualbox behavior?
chrisinmtown
Posts: 12
Joined: 11. Sep 2021, 02:11

Re: VirtualBox 6.1.32 no route to vboxnet with 192.168.99 network

Post by chrisinmtown »

Thanks for the nudge, I checked the changelog at https://www.virtualbox.org/wiki/Changelog where I see this line from version 6.1.28:
Network: More administrative control over host-only network ranges to prevent trouble due to misconfiguration, see user manual. Check updated documentation or your VMs may stop working!
Now I'll go try to find the right section of the user manual..
chrisinmtown
Posts: 12
Joined: 11. Sep 2021, 02:11

Re: VirtualBox 6.1.32 no route to vboxnet with 192.168.99 network

Post by chrisinmtown »

Sorry to repeat things, but I think I'm just duplicating all the good efforts posted here:

viewtopic.php?f=7&t=104198

viewtopic.php?f=7&t=104218#p507770
Last edited by chrisinmtown on 18. Apr 2022, 20:06, edited 3 times in total.
chrisinmtown
Posts: 12
Joined: 11. Sep 2021, 02:11

Re: VirtualBox 6.1.28, 6.1.32 no route to vboxnet with 192.168.99 network

Post by chrisinmtown »

One last post. I guess VirtualBox version 6.1.28 is a huge bump in the road for docker-machine and brew. I see at least two ways to fix:
  • Someone updates docker-machine to start using network range 192.168.56 and stop using range 192.168.99
  • Someone updates docker-machine to create file /etc/vbox/networks.conf on install with range 192.168.99
But the docker-machine feature installed by brew is in maintenance mode - see https://github.com/docker/machine

And since the docker-machine feature appears to be frozen and therefore will not soon be implementing anything like the ideas above, then all the install guides for macos, virtualbox, docker and docker-machine need an update, right?
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: VirtualBox 6.1.28, 6.1.32 no route to vboxnet with 192.168.99 network

Post by scottgus1 »

The change to require the networks.conf plugs a security hole in Virtualbox. If the Docker folks wish to be compatible with newer Virtualbox, they'd have to add this file to their setup. How they'll handle this isn't something we on the Virtualbox forums can say.

Perhaps they have a bugtracker site where someone can let them know of this change?
fth0
Volunteer
Posts: 5668
Joined: 14. Feb 2019, 03:06
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Linux, Windows 10, ...
Location: Germany

Re: VirtualBox 6.1.28, 6.1.32 no route to vboxnet with 192.168.99 network

Post by fth0 »

chrisinmtown wrote:And since the docker-machine feature appears to be frozen and therefore will not soon be implementing anything like the ideas above, then all the install guides for macos, virtualbox, docker and docker-machine need an update, right?
No, because there's probably a good reason for the freeze: Docker switched from using VirtualBox to using the macOS HyperKit framework some years ago (~2018, I think). In the fast paced world of modern software development, that's an eternity. ;)
Post Reply