Mac 7.04 Host Adapter

OstorEzio · Post by **OstorEzio** » 16. Feb 2023, 17:29

Hi All,

I have a number of issues with VB 7.0.6 related to the deprecated host-only adapter.
My host is a macBookPro, macOS Monterey 12.6.3
Guest is Linux Mint 19 Tara

First issue, after removing the host-only adapter, my VM would not boot any more, black screen forever.
I think this is due to the fact that the VM make use of the host-only network, so somehow the boot hang somewhere.

Trying to fix the above problem I reverted to VBox 6.1.36, and tried to remove references to the host-only network IP addresses.

Now, the REAL issue: if host-only addresses are no longer there, how can I ssh between host and guest? What IP can I use?
Especially when the host is not connected to any network, therefore neither bridged neither NAT IPs are available?

I tried to use the NAT addresses, 10.0.4.2 for host and 10.0.4.15 for guest. It's OK for ssh guest->host, but the host is not aware of the 10.0.4.0 network, so ssh host->guest does not work.
Host and Guest looks like they are is separate universes. Also NFS export from host to guest does not work.

Is there a fix for this? But mostly, was removing the host-only network REALLY necessary?

Thanks for your attention,

Ezio (Italy)

Post by **scottgus1** » 16. Feb 2023, 19:56

OstorEzio wrote:10.0.4.2 for host and 10.0.4.15 for guest. It's OK for ssh guest->host, but the host is not aware of the 10.0.4.0 network, so ssh host->guest does not work.

NAT behaves like a router between the host and the VM Virtualbox Networks: In Pictures: NAT , so you can open a port in the NAT Port Forwarding settings:

NAT port forward setting:
Host port: 2022
guest port: 22
no other settings needed

Then on the host OS use loopback:port# to get to the VM:

SSH: 127.0.0.1:2022

OstorEzio wrote:But mostly, was removing the host-only network REALLY necessary?

Talk to Apple. They forced no kexts for Ventura. Virtualbox devs are working on the problem. However, Monterey should not have this problem. Edit: see fth0's post below.

Additionally, there was a change somewhere along 6.1 that only allowed the 192.168.56.1 range unless you have admin privileges and can modify a text file: https://www.virtualbox.org/manual/ch06. ... k_hostonly

Post by **fth0** » 16. Feb 2023, 20:49

scottgus1 wrote:They forced no kexts for Ventura. [...] However, Monterey should not have this problem.

That doesn't sound right to me.

VirtualBox 7.0 doesn't use macOS kernel extensions any more, even when running on older macOS versions, and can be used from macOS Catalina on. To use the Host-only Adapter on a macOS host, one has to use VirtualBox 6.1 (or older).

OstorEzio · Post by **OstorEzio** » 17. Feb 2023, 16:05

NAT behaves like a router between the host and the VM

That's OK, but a router has a LAN IP address that any connected device can login to.
In VBox case, does the host have this kind of IP? Yes, IMO from the guest side (10.0.4.2) but not on the host side. Looks like the VBox host is not connected to the router; The host cannot ping itself, like this:

Code: Select all

ezio@tabuij ~ € ping 10.0.4.2
PING 10.0.4.2 (10.0.4.2): 56 data bytes
ping: sendto: No route to host

And neither can ping the guest:

Code: Select all

ezio@tabuij ~ € ping 10.0.4.15
PING 10.0.4.15 (10.0.4.15): 56 data bytes
ping: sendto: No route to host

NAT port forward setting:
Host port: 2022
guest port: 22
no other settings needed

Been there, done that

No, I cannot ssh from host to guest using local port 2022.
This is my port forwarding rule:

Code: Select all

Host IP = 10.0.4.2
Host Port = 2022
Guest IP = 10.0.4.15
Guest Port = 22

I don't think it can work since the host is unaware of the 10.0.4.0 network, so I tried also to set the host IP as 127.0.0.1, same result.

Anyway, bottom line is: how can I configure the host so that it fully belongs to the NAT LAN network, with a proper IP address?

Thank you again,

Ezio

Post by **scottgus1** » 17. Feb 2023, 16:42

A house router does not let you access the service on the LAN side from the WAN side using the LAN side's IP address. Neither does NAT.

Pretend you want to set up RDP into your PC at home, so you can control it from out on the internet. Your router hands out 192.168.1.# IP's to its LAN, and the PC is at 192,168.1.10. RDP uses port 3389. You want a little security by obscurity, so you choose port 5124 to use for RDP when on the internet.

So you'd make a port forward rule in the house router to forward traffic on the WAN side port 5124 to 192.168.1.10, port 3389.

Now here's the kicker: when you point your RDP client at the house from out on the internet, do you tell the client to go to 192.168.1.10? You can try, but you'll never get in. Because the router does not expose 192.168.1.anything on the internet. It exposes its own public IP address to the internet, and you would use that IP address instead on your RDP client when out on the web. That's why Dynamic DNS is a thing, because you have to know the public IP to access services behind a router. And NAT behaves like a router.

Now apply this to the question at hand:

OstorEzio wrote: a router has a LAN IP address that any connected device can login to.

No, it has a WAN IP address that any connected device can login to. The LAN IP range (10.0.4.#) is private and you cannot use those addresses from the WAN side (the host side). You don't get access to the VM from the host by going to 10.0.4.anything. VM to host, yes, 10.0.4.2 works. Host to VM, no, you have to :

scottgus1 wrote:on the host OS use loopback:port# to get to the VM

"Loopback" is often "localhost" or "127.0.0.1". Thus

scottgus1 wrote:SSH: 127.0.0.1:2022

Also:

Virtualbox Networks: In Pictures: NAT wrote:The host can connect to the NAT-connected card via: localhost:portnumber.

Because:

Virtualbox Networks: In Pictures: NAT wrote:The "WAN" side of NAT is always connected to the host

Did you read the tutorial?

********************************

OstorEzio wrote:This is my port forwarding rule:
Code: Select all
Host IP = 10.0.4.2
Host Port = 2022
Guest IP = 10.0.4.15
Guest Port = 22

Did you read what I wrote?

scottgus1 wrote:NAT port forward setting:
Host port: 2022
guest port: 22
no other settings needed

Failing to set up your port forward rule according to instructions is blocking the loopback access because "Host IP" limits the incoming traffic to the specified IP address, and 127.0.0.1 != 10.0.4.2

You can be there do that all you want, but it won't work unless you follow instructions.

OstorEzio · Post by **OstorEzio** » 17. Feb 2023, 17:46

Thank you for the long reply, very interesting.

Try to comment point-by-point.

A house router does not let you access the service on the LAN side from the WAN side using the LAN side's IP address. Neither does NAT.

Don't need to access the LAN side from the WAN side. Both guest and host are on the LAN side (10.0.4.0) and I need both of them to connect to each other.
And for doing this, I don't need port forwarding, on any router.

No, it has a WAN IP address that any connected device can login to. The LAN IP range (10.0.4.#) is private and you cannot use those addresses from the WAN side (the host side). You don't get access to the VM from the host by going to 10.0.4.anything. VM to host, yes, 10.0.4.2 works. Host to VM, no, you have to :

I cannot and do not wan to access the LAN from the WAN. But it looks like I have to.
What is weird, is that I need to use the port-forward plus loopback AKA localhost AKA 127.0.0.1 for connecting two nodes on the same network.
This is because the NAT router has 127.0.0.1 as the WAN interface and no LAN interface for the host.

Did you read the tutorial?

Yes, I did. And the crux of the matter is this:

NAT behaves like a house router with only one LAN port. Each NAT "router" only connects to one network card in one guest. NAT allows the guest's network card to talk to the host, the host's LAN, and the internet. The host, LAN, and internet can only talk to that guest's network card through forwarded ports. Other NAT-connected guest network cards can also talk to this particular network card only though forwarded ports.

The host can connect to the NAT-connected card via: localhost:portnumber.

This is not really straightforward, it's a little bit of a hack, you have to configure your forwarding rules correctly. I did it wrong, I interpreted the instructions and configured localhost as the host IP.

Failing to set up your port forward rule according to instructions is blocking the loopback access because "Host IP" limits the incoming traffic to the specified IP address, and 127.0.0.1 != 10.0.4.2

Yes, you're right. Specifying a host IP address on the host is restrictive. Now it works.

BUT! Using this loopback/port forward workaround is a fix for ssh but probably not for NFS: the host allows NFS to export file systems to NFS clients based on a "white list" of IP address. If the client is my guest (10.0.4.15), the host does not recognize this network, so NFS access is forbidden:

Code: Select all

root@genepi:~# mount -t nfs 10.0.4.2://Volumes/home/machome /machome
mount.nfs: access denied by server while mounting 10.0.4.2://Volumes/home/machome

I understand that the access from host to guest goes through the localhost network, like this (genepi is the guest, tabuij is the host):

Code: Select all

ezio@genepi:~$ ssh 10.0.4.2
Last login: Fri Feb 17 15:43:02 2023

ezio@tabuij ~ % w
16:30  up 4 days,  7:56, 9 users, load averages: 1,37 1,60 1,82
USER     TTY      FROM              LOGIN@  IDLE WHAT
ezio     console  -                Mon08   4days -
ezio     s007     127.0.0.1        16:30       - w

So I will have to tamper a little bit with the /etc/exports file on the Mac and see if 127.0.0.1 AKA localhost AKA loopback is acceptable.

Post by **scottgus1** » 17. Feb 2023, 18:05

OstorEzio wrote:Both guest and host are on the LAN side (10.0.4.0)

No they're not. The Virtualbox NAT "router" is between the host and the guest. The "WAN" side of the Virtualbox NAT "router" is connected to the host, and the "LAN" side of the Virtualbox NAT "router" is connected to the guest. Therefore:

OstorEzio wrote:I don't need port forwarding, on any router.

is going to fail because you do on NAT, if you want to get access to the guest from the host.

OstorEzio wrote:What is weird, is that I need to use the port-forward plus loopback AKA localhost AKA 127.0.0.1 for connecting two nodes on the same network.

Because they're not on the same network. Host is on WAN side of NAT "router", guest is on the LAN side.

OstorEzio wrote:This is because the NAT router has 127.0.0.1 as the WAN interface and no LAN interface for the host.

Huzzah! We have achieved clarity.

*********************************

OstorEzio wrote:the host allows NFS to export file systems to NFS clients based on a "white list" of IP address. If the client is my guest (10.0.4.15), the host does not recognize this network, so NFS access is forbidden:

Then you can't use NAT. Host-Only and Bridged make direct-to-VM Ethernet connections with no "router" between them.

Bridged requires an existing house router LAN to work, and the VM gets or should get an IP address in the house router LAN's IP range.

Host-Only is independent of the existing house router LAN or any other networking. It's between the host and guest only, full access, nothing in the way. (Note that Host-Only is having some growing pains in 7.0 because of Apple's no-kexts-anymore policy. You may need to stay on 6.1 if you're not running Ventura. If you are running Ventura, then it's Bridged or Bust, and probably only on Wired Ethernet, not Wi-Fi.

virtualbox.org

Mac 7.04 Host Adapter

Mac 7.04 Host Adapter

Re: M1/M2 Mac 7.04 Host Adapter

Re: Mac 7.04 Host Adapter

Re: Mac 7.04 Host Adapter

Re: Mac 7.04 Host Adapter

Re: Mac 7.04 Host Adapter

Re: Mac 7.04 Host Adapter