NAT erroneously altering source address of UDP packets

[spongman]

i don't know why this is happening, i have never seen a single other NAT device do this, but...

I have a VM with a 'NAT' nic and that NIC has UDP port 12345 forwarded from host to guest. some IP addresses:

host LAN: 10.0.3.3/24
host default gateway: 10.0.3.1

guest LAN: 10.0.2.15/24
guest default gateway: 10.0.2.2

when the host receives a UDP packet from some other host (10.0.3.4, say) at port 12345, it port-forwards it to the guest, but for some reason i can't figure, it changes the source address. this is crazy, i have never seen a NAT device change the source address of incoming packets. obviously this breaks stuff all over the place.

here's wireshark on the host:

Code: Select all

58004	4.367054	10.0.3.4	10.0.3.3	UDP	60	45947 → 12345 Len=5

here's tcpdump on the guest:

Code: Select all

22:26:06.386828 IP 10.0.2.15.4840> 10.0.2.2.12345 UDP, length 37

it looks like it's changing the source port, too.

I would expect the tcpdump line to look like this:

Code: Select all

22:26:06.386828 IP 10.0.3.4.45947> 10.0.2.2.12345 UDP, length 37

why is it doing this? an more importantly how do i stop it doing this?


(( Version 6.1.12 r139181 (Qt5.6.2) ))

[scottgus1]

Private IP range 10.#.#.# can be set to cover both 10.0.2.# and 10.0.3.#.

In order to remove the possibility that the host LAN IP range is cross-affecting the default Virtualbox NAT IP address range, I would recommend setting a new NAT adapter's IP address range to another private IP range, like 192.168.2.# or 172.16.#.#, see https://www.virtualbox.org/manual/ch09. ... ess-config, command:

VBoxManage modifyvm "VM name" --natnet1 "192.168/16"

[fth0]

i have never seen a NAT device change the source address of incoming packets.

Well, this is a typical behavior of proxies, and I think that the VirtualBox port forwarding is implemented this way on purpose: It is a stronger kind of VM separation. Additionally, port forwarding from localhost works automatically.