Hi All,
I have a number of issues with VB 7.0.6 related to the deprecated host-only adapter.
My host is a macBookPro, macOS Monterey 12.6.3
Guest is Linux Mint 19 Tara
First issue, after removing the host-only adapter, my VM would not boot any more, black screen forever.
I think this is due to the fact that the VM make use of the host-only network, so somehow the boot hang somewhere.
Trying to fix the above problem I reverted to VBox 6.1.36, and tried to remove references to the host-only network IP addresses.
Now, the REAL issue: if host-only addresses are no longer there, how can I ssh between host and guest? What IP can I use?
Especially when the host is not connected to any network, therefore neither bridged neither NAT IPs are available?
I tried to use the NAT addresses, 10.0.4.2 for host and 10.0.4.15 for guest. It's OK for ssh guest->host, but the host is not aware of the 10.0.4.0 network, so ssh host->guest does not work.
Host and Guest looks like they are is separate universes. Also NFS export from host to guest does not work.
Is there a fix for this? But mostly, was removing the host-only network REALLY necessary?
Thanks for your attention,
Ezio (Italy)
Mac 7.04 Host Adapter
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: M1/M2 Mac 7.04 Host Adapter
NAT behaves like a router between the host and the VM Virtualbox Networks: In Pictures: NAT , so you can open a port in the NAT Port Forwarding settings:OstorEzio wrote:10.0.4.2 for host and 10.0.4.15 for guest. It's OK for ssh guest->host, but the host is not aware of the 10.0.4.0 network, so ssh host->guest does not work.
NAT port forward setting:
Host port: 2022
guest port: 22
no other settings needed
Then on the host OS use loopback:port# to get to the VM:
SSH: 127.0.0.1:2022
Talk to Apple. They forced no kexts for Ventura. Virtualbox devs are working on the problem. However, Monterey should not have this problem. Edit: see fth0's post below.OstorEzio wrote:But mostly, was removing the host-only network REALLY necessary?
Additionally, there was a change somewhere along 6.1 that only allowed the 192.168.56.1 range unless you have admin privileges and can modify a text file: https://www.virtualbox.org/manual/ch06. ... k_hostonly
-
- Volunteer
- Posts: 5677
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: Mac 7.04 Host Adapter
That doesn't sound right to me.scottgus1 wrote:They forced no kexts for Ventura. [...] However, Monterey should not have this problem.
VirtualBox 7.0 doesn't use macOS kernel extensions any more, even when running on older macOS versions, and can be used from macOS Catalina on. To use the Host-only Adapter on a macOS host, one has to use VirtualBox 6.1 (or older).
Re: Mac 7.04 Host Adapter
That's OK, but a router has a LAN IP address that any connected device can login to.NAT behaves like a router between the host and the VM
In VBox case, does the host have this kind of IP? Yes, IMO from the guest side (10.0.4.2) but not on the host side. Looks like the VBox host is not connected to the router; The host cannot ping itself, like this:
Code: Select all
ezio@tabuij ~ € ping 10.0.4.2
PING 10.0.4.2 (10.0.4.2): 56 data bytes
ping: sendto: No route to host
Code: Select all
ezio@tabuij ~ € ping 10.0.4.15
PING 10.0.4.15 (10.0.4.15): 56 data bytes
ping: sendto: No route to host
Been there, done thatNAT port forward setting:
Host port: 2022
guest port: 22
no other settings needed
No, I cannot ssh from host to guest using local port 2022.
This is my port forwarding rule:
Code: Select all
Host IP = 10.0.4.2
Host Port = 2022
Guest IP = 10.0.4.15
Guest Port = 22
Anyway, bottom line is: how can I configure the host so that it fully belongs to the NAT LAN network, with a proper IP address?
Thank you again,
Ezio
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: Mac 7.04 Host Adapter
A house router does not let you access the service on the LAN side from the WAN side using the LAN side's IP address. Neither does NAT.
Pretend you want to set up RDP into your PC at home, so you can control it from out on the internet. Your router hands out 192.168.1.# IP's to its LAN, and the PC is at 192,168.1.10. RDP uses port 3389. You want a little security by obscurity, so you choose port 5124 to use for RDP when on the internet.
So you'd make a port forward rule in the house router to forward traffic on the WAN side port 5124 to 192.168.1.10, port 3389.
Now here's the kicker: when you point your RDP client at the house from out on the internet, do you tell the client to go to 192.168.1.10? You can try, but you'll never get in. Because the router does not expose 192.168.1.anything on the internet. It exposes its own public IP address to the internet, and you would use that IP address instead on your RDP client when out on the web. That's why Dynamic DNS is a thing, because you have to know the public IP to access services behind a router. And NAT behaves like a router.
Now apply this to the question at hand:
********************************
You can be there do that all you want, but it won't work unless you follow instructions.
Pretend you want to set up RDP into your PC at home, so you can control it from out on the internet. Your router hands out 192.168.1.# IP's to its LAN, and the PC is at 192,168.1.10. RDP uses port 3389. You want a little security by obscurity, so you choose port 5124 to use for RDP when on the internet.
So you'd make a port forward rule in the house router to forward traffic on the WAN side port 5124 to 192.168.1.10, port 3389.
Now here's the kicker: when you point your RDP client at the house from out on the internet, do you tell the client to go to 192.168.1.10? You can try, but you'll never get in. Because the router does not expose 192.168.1.anything on the internet. It exposes its own public IP address to the internet, and you would use that IP address instead on your RDP client when out on the web. That's why Dynamic DNS is a thing, because you have to know the public IP to access services behind a router. And NAT behaves like a router.
Now apply this to the question at hand:
No, it has a WAN IP address that any connected device can login to. The LAN IP range (10.0.4.#) is private and you cannot use those addresses from the WAN side (the host side). You don't get access to the VM from the host by going to 10.0.4.anything. VM to host, yes, 10.0.4.2 works. Host to VM, no, you have to :OstorEzio wrote: a router has a LAN IP address that any connected device can login to.
"Loopback" is often "localhost" or "127.0.0.1". Thusscottgus1 wrote:on the host OS use loopback:port# to get to the VM
Also:scottgus1 wrote:SSH: 127.0.0.1:2022
Because:Virtualbox Networks: In Pictures: NAT wrote:The host can connect to the NAT-connected card via: localhost:portnumber.
Did you read the tutorial?Virtualbox Networks: In Pictures: NAT wrote:The "WAN" side of NAT is always connected to the host
********************************
Did you read what I wrote?OstorEzio wrote:This is my port forwarding rule:
Code: Select all
Host IP = 10.0.4.2 Host Port = 2022 Guest IP = 10.0.4.15 Guest Port = 22
Failing to set up your port forward rule according to instructions is blocking the loopback access because "Host IP" limits the incoming traffic to the specified IP address, and 127.0.0.1 != 10.0.4.2scottgus1 wrote:NAT port forward setting:
Host port: 2022
guest port: 22
no other settings needed
You can be there do that all you want, but it won't work unless you follow instructions.
Re: Mac 7.04 Host Adapter
Thank you for the long reply, very interesting.
Try to comment point-by-point.
And for doing this, I don't need port forwarding, on any router.
What is weird, is that I need to use the port-forward plus loopback AKA localhost AKA 127.0.0.1 for connecting two nodes on the same network.
This is because the NAT router has 127.0.0.1 as the WAN interface and no LAN interface for the host.
BUT! Using this loopback/port forward workaround is a fix for ssh but probably not for NFS: the host allows NFS to export file systems to NFS clients based on a "white list" of IP address. If the client is my guest (10.0.4.15), the host does not recognize this network, so NFS access is forbidden:
I understand that the access from host to guest goes through the localhost network, like this (genepi is the guest, tabuij is the host):
So I will have to tamper a little bit with the /etc/exports file on the Mac and see if 127.0.0.1 AKA localhost AKA loopback is acceptable.
Try to comment point-by-point.
Don't need to access the LAN side from the WAN side. Both guest and host are on the LAN side (10.0.4.0) and I need both of them to connect to each other.A house router does not let you access the service on the LAN side from the WAN side using the LAN side's IP address. Neither does NAT.
And for doing this, I don't need port forwarding, on any router.
I cannot and do not wan to access the LAN from the WAN. But it looks like I have to.No, it has a WAN IP address that any connected device can login to. The LAN IP range (10.0.4.#) is private and you cannot use those addresses from the WAN side (the host side). You don't get access to the VM from the host by going to 10.0.4.anything. VM to host, yes, 10.0.4.2 works. Host to VM, no, you have to :
What is weird, is that I need to use the port-forward plus loopback AKA localhost AKA 127.0.0.1 for connecting two nodes on the same network.
This is because the NAT router has 127.0.0.1 as the WAN interface and no LAN interface for the host.
Yes, I did. And the crux of the matter is this:Did you read the tutorial?
This is not really straightforward, it's a little bit of a hack, you have to configure your forwarding rules correctly. I did it wrong, I interpreted the instructions and configured localhost as the host IP.NAT behaves like a house router with only one LAN port. Each NAT "router" only connects to one network card in one guest. NAT allows the guest's network card to talk to the host, the host's LAN, and the internet. The host, LAN, and internet can only talk to that guest's network card through forwarded ports. Other NAT-connected guest network cards can also talk to this particular network card only though forwarded ports.
The host can connect to the NAT-connected card via: localhost:portnumber.
Yes, you're right. Specifying a host IP address on the host is restrictive. Now it works.Failing to set up your port forward rule according to instructions is blocking the loopback access because "Host IP" limits the incoming traffic to the specified IP address, and 127.0.0.1 != 10.0.4.2
BUT! Using this loopback/port forward workaround is a fix for ssh but probably not for NFS: the host allows NFS to export file systems to NFS clients based on a "white list" of IP address. If the client is my guest (10.0.4.15), the host does not recognize this network, so NFS access is forbidden:
Code: Select all
root@genepi:~# mount -t nfs 10.0.4.2://Volumes/home/machome /machome
mount.nfs: access denied by server while mounting 10.0.4.2://Volumes/home/machome
Code: Select all
ezio@genepi:~$ ssh 10.0.4.2
Last login: Fri Feb 17 15:43:02 2023
ezio@tabuij ~ % w
16:30 up 4 days, 7:56, 9 users, load averages: 1,37 1,60 1,82
USER TTY FROM LOGIN@ IDLE WHAT
ezio console - Mon08 4days -
ezio s007 127.0.0.1 16:30 - w
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: Mac 7.04 Host Adapter
No they're not. The Virtualbox NAT "router" is between the host and the guest. The "WAN" side of the Virtualbox NAT "router" is connected to the host, and the "LAN" side of the Virtualbox NAT "router" is connected to the guest. Therefore:OstorEzio wrote:Both guest and host are on the LAN side (10.0.4.0)
is going to fail because you do on NAT, if you want to get access to the guest from the host.OstorEzio wrote:I don't need port forwarding, on any router.
Because they're not on the same network. Host is on WAN side of NAT "router", guest is on the LAN side.OstorEzio wrote:What is weird, is that I need to use the port-forward plus loopback AKA localhost AKA 127.0.0.1 for connecting two nodes on the same network.
Huzzah! We have achieved clarity.OstorEzio wrote:This is because the NAT router has 127.0.0.1 as the WAN interface and no LAN interface for the host.
*********************************
Then you can't use NAT. Host-Only and Bridged make direct-to-VM Ethernet connections with no "router" between them.OstorEzio wrote:the host allows NFS to export file systems to NFS clients based on a "white list" of IP address. If the client is my guest (10.0.4.15), the host does not recognize this network, so NFS access is forbidden:
Bridged requires an existing house router LAN to work, and the VM gets or should get an IP address in the house router LAN's IP range.
Host-Only is independent of the existing house router LAN or any other networking. It's between the host and guest only, full access, nothing in the way. (Note that Host-Only is having some growing pains in 7.0 because of Apple's no-kexts-anymore policy. You may need to stay on 6.1 if you're not running Ventura. If you are running Ventura, then it's Bridged or Bust, and probably only on Wired Ethernet, not Wi-Fi.