how to debug port forwarding not working?

Discussions related to using VirtualBox on Linux hosts.
Post Reply
stephanecharette
Volunteer
Posts: 300
Joined: 10. Nov 2007, 22:03
Primary OS: Ubuntu other
VBox Version: PUEL
Guest OSses: Ubuntu-64bit, Windows
Location: Kelowna, British Columbia, Canada
Contact:

how to debug port forwarding not working?

Post by stephanecharette »

Looking for suggestions to debug port forwarding not working. Here are the commands I ran as per the manual:

VBoxManage setextradata "Ubuntu Dev VM" "VBoxInternal/Devices/e1000/0/LUN#0/Config/guestssh/Protocol" TCP
VBoxManage setextradata "Ubuntu Dev VM" "VBoxInternal/Devices/e1000/0/LUN#0/Config/guestssh/GuestPort" 22
VBoxManage setextradata "Ubuntu Dev VM" "VBoxInternal/Devices/e1000/0/LUN#0/Config/guestssh/HostPort" 2222

(Guest is configured with a single e1000 NIC.)

I can see the 3 entries in ~/.VirtualBox/Machines/Ubuntu Dev VM/Ubuntu Dev VM.xml

And when I start the guest, my host is now listening on port 2222:

$ netstat -nl | grep 2222
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN

But when I try to ssh to port 2222, it sits there for a long time before it eventually tells me "Connection closed by remote host". Within the guest, I can "ssh localhost" and it works fine, so I know sshd is listening on port 22.

How to debug? Are there log files I can enable/check anywhere to see what is happening? (I really wish port forwarding was in the GUI versus making us run these arcane XML-node commands!)

(Guest is Ubuntu 9.04-64bit, host is also Ubuntu 9.04-64bit, virtualbox is 3.0.4, and guest additions are installed.)
vbox4me2
Volunteer
Posts: 5218
Joined: 21. Nov 2008, 20:27
Location: Rotterdam
Contact:

Re: how to debug port forwarding not working?

Post by vbox4me2 »

Firewall? use agreeIPscanner, it can query (port)services as well.
Sasquatch
Volunteer
Posts: 17798
Joined: 17. Mar 2008, 13:41
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux
Location: /dev/random

Re: how to debug port forwarding not working?

Post by Sasquatch »

I don't think a firewall is the problem, Ubuntu doesn't use one by default, or it's not that strict and netstat shows it's listening on the port (with a firewall, you wouldn't see that). Only thing that I can think of, is that the NIC is not in NAT mode. You should know by now what to give others to be able to help you, so what's the Guest network settings. I'm sure you set it to NAT properly, but we can never be too sure.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
stephanecharette
Volunteer
Posts: 300
Joined: 10. Nov 2007, 22:03
Primary OS: Ubuntu other
VBox Version: PUEL
Guest OSses: Ubuntu-64bit, Windows
Location: Kelowna, British Columbia, Canada
Contact:

Re: how to debug port forwarding not working?

Post by stephanecharette »

Ha! Figured it out with the use of Wireshark. Or rather, I see the problem though I don't yet know why nor how to solve it.

HOST: Wireshark shows the standard SYN, SYN+ACK, ACK handshake when I try to ssh to port 2222, so I know the host listening on that port is accepting the inbound ssh connection.

GUEST: Wireshark shows an incoming SYN packet to the wrong IP!? My guest is using 10.0.2.99 (static IP) but the incoming SYN packet is destined to 10.0.2.15 port 22. Do I _have_ to use 10.0.2.15, or is there a way to change that? I assume there is a setting in the XML file to tell VirtualBox what IP address a guest is using?

I see the following node in the VM's xml definition, but it doesn't look like it has the effect I would have assumed:

<GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/IP" value="10.0.2.99" timestamp="1251366812717867000" flags=""/>

Anyone know how to get VirtualBox to do the port forwarding to the right IP address?
vbox4me2
Volunteer
Posts: 5218
Joined: 21. Nov 2008, 20:27
Location: Rotterdam
Contact:

Re: how to debug port forwarding not working?

Post by vbox4me2 »

stephanecharette wrote:Do I _have_ to use 10.0.2.15, or is there a way to change that?
Yes you have to, its default NAT behaviour, I think you can change it, never looked into how, rtfm :D
stephanecharette
Volunteer
Posts: 300
Joined: 10. Nov 2007, 22:03
Primary OS: Ubuntu other
VBox Version: PUEL
Guest OSses: Ubuntu-64bit, Windows
Location: Kelowna, British Columbia, Canada
Contact:

Re: how to debug port forwarding not working?

Post by stephanecharette »

Section 9.12 discusses some fine-tuning parameters for guests using NAT. But while it seems I can select a different network, it doesn't look like I can specify any arbitrary address within the network. I've changed the guest to hard-code 10.0.2.15 as my IP address. Port forwarding now seems to work.
Sasquatch
Volunteer
Posts: 17798
Joined: 17. Mar 2008, 13:41
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux
Location: /dev/random

Re: how to debug port forwarding not working?

Post by Sasquatch »

With NAT, you must use DHCP. If you change the range through additional Guest properties, then those changes are reflected in the DHCP server too, thus giving your Guest a different IP, the one you set through those properties.
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
didiervdp
Posts: 6
Joined: 11. Nov 2009, 22:29
Primary OS: openSUSE
VBox Version: PUEL
Guest OSses: SLES 11, Win XP

Re: how to debug port forwarding not working?

Post by didiervdp »

Hi!

I have encountered the same problem but I have modify the nat network before even start the Guest... :(

If I well understand, it's not possible to configure a guest with a fixed IP on a different NAT network and play with Port Forwarding ??
Shouldn't be consider has a bug or at least a missing feature ? :)

Host: openSuSE 11.1
Guest: SLES 11

Didier
Sasquatch
Volunteer
Posts: 17798
Joined: 17. Mar 2008, 13:41
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Windows XP, Windows 7, Linux
Location: /dev/random

Re: how to debug port forwarding not working?

Post by Sasquatch »

didiervdp wrote:Hi!

I have encountered the same problem but I have modify the nat network before even start the Guest... :(

If I well understand, it's not possible to configure a guest with a fixed IP on a different NAT network and play with Port Forwarding ??
Shouldn't be consider has a bug or at least a missing feature ? :)

Host: openSuSE 11.1
Guest: SLES 11

Didier
Could you explain that some more?
Read the Forum Posting Guide before opening a topic.
VirtualBox FAQ: Check this before asking questions.
Online User Manual: A must read if you want to know what we're talking about.
Howto: Install Linux Guest Additions
Howto: Use Shared Folders on Linux Guest
See the Tutorials and FAQ section at the top of the Forum for more guides.
Try searching the forums first with Google and add the site filter for this forum.
E.g. install guest additions site:forums.virtualbox.org

Retired from this Forum since OSSO introduction.
vbox4me2
Volunteer
Posts: 5218
Joined: 21. Nov 2008, 20:27
Location: Rotterdam
Contact:

Re: how to debug port forwarding not working?

Post by vbox4me2 »

didiervdp wrote:If I well understand, it's not possible to configure a guest with a fixed IP on a different NAT network and play with Port Forwarding ??
For the sake of argument no its not possible, each NAT VM is tied to one set of IP values, all the same for each VM.
Port forwarding from the Host is based on 'named' VM's at one end and this fixed NAT IP on the other.
MarkCranness
Volunteer
Posts: 875
Joined: 10. Oct 2009, 06:27
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Windows Server 2008 R2; Ubuntu 11.04; Windows 2000 Server; Windows XP

Re: how to debug port forwarding not working?

Post by MarkCranness »

Reading the code leads me to suggest you try this (as well also as setting Protocol/GuestPort/HostPort as usual):

Code: Select all

VBoxManage setextradata "<VMName>" 
       "VBoxInternal/Devices/e1000/0/LUN#0/Config/guestssh/GuestIP" "10.0.2.99"
(Sorry, you don't give an example of what guest IP you want, or your interface type e1000 or pcnet, so I've used the OP's example.)
didiervdp
Posts: 6
Joined: 11. Nov 2009, 22:29
Primary OS: openSUSE
VBox Version: PUEL
Guest OSses: SLES 11, Win XP

Re: how to debug port forwarding not working?

Post by didiervdp »

vbox4me2 wrote: For the sake of argument no its not possible, each NAT VM is tied to one set of IP values, all the same for each VM.
Port forwarding from the Host is based on 'named' VM's at one end and this fixed NAT IP on the other.
I have notice that. I have started 2 VM with the same IP and there was no conflict. So it's not possible to have 2 VM with NAT with a fixed IP that see each other (ie: 2 LDAP servers with replication).

For that environment, I should use bridged network, shouldn't I ?
MarkCranness
Volunteer
Posts: 875
Joined: 10. Oct 2009, 06:27
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Windows Server 2008 R2; Ubuntu 11.04; Windows 2000 Server; Windows XP

Re: how to debug port forwarding not working?

Post by MarkCranness »

didiervdp wrote:So it's not possible to have 2 VM with NAT with a fixed IP that see each other (ie: 2 LDAP servers with replication).
That is possible with Internal networking (section 6.6 of the user manual) or Host-only networking (section 6.7 of the user manual), but in those modes the VMs cannot see other PCs on your lan and cannot see the internet (and visa versa).
didiervdp wrote:For that environment, I should use bridged network, shouldn't I ?
That would probably be best. Each VM will have it's own IP (assigned by DHCP on your LAN, or set static). They will be able to see each other and also connect to the internet.
Post Reply