What would the the ideal choice of interface type for my guests VMs, if the guest VMs need to talk to each other, talk to the host, reach the internet, but use static-IPs too. The matter is complicated by virtue of the fact that the host i.e. my laptop needs to connect to different interfaces s.a. different WLAN (home ones -- which have 3 different SSIDS, then also to a rather restrictive corporate one in office) and sometimes wired ethernets. Since all of those networks that my laptop connects to are in different subnets, using bridged-network type with static-IPs within guest-VMs is not possible. What are my options ?
One approach I'd been toying with is to configure the network type "Internal" for all guest VMs, and then have a "router VM", for the guests having the "router VM" as the default gateway. Could that work ? What might be a super lightweight router VM ?
Network interface type when using static-IPs in guests but host using different networks
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows, Linux
Re: Network interface type when using static-IPs in guests but host using different networks
Please see Virtualbox Networks: In Pictures.
Based on this:
One could make a router-OS-controlled internal network, see Sandbox in the tutorial. The router VM would be between the VMs and the host, so port forwarding would be required. Additionally, the WAN side of the router VM has to be connected though Virtualbox NAT to overcome the restrictive corporate environments that can block Bridged, which adds another layer of port forwarding.
If comms from the host into the guests don't need to be full open, and only certain ports are needed, you could use a NAT Network, see the tutorial. The VMs could have static IPs and full comms between each other, and internet to all VM's. The host and LAN PCs can access the VMs via port forwarding.
Based on this:
and no mention of PCs on the LANs talking to the VMs, I'd say Host-Only can give static-IP full comms between guests and host. An additional NAT card in each VM would give an independent internet channel to each VM OS.falcon74 wrote:the guest VMs need to talk to each other, talk to the host, reach the internet, but use static-IPs too
One could make a router-OS-controlled internal network, see Sandbox in the tutorial. The router VM would be between the VMs and the host, so port forwarding would be required. Additionally, the WAN side of the router VM has to be connected though Virtualbox NAT to overcome the restrictive corporate environments that can block Bridged, which adds another layer of port forwarding.
If comms from the host into the guests don't need to be full open, and only certain ports are needed, you could use a NAT Network, see the tutorial. The VMs could have static IPs and full comms between each other, and internet to all VM's. The host and LAN PCs can access the VMs via port forwarding.
-
BillG
- Volunteer
- Posts: 5106
- Joined: 19. Sep 2009, 04:44
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows 10,7 and earlier
- Location: Sydney, Australia
Re: Network interface type when using static-IPs in guests but host using different networks
What you are looking at is really similar to a typical home network, except all of the PCs are virtual. For that reason, I would set it up just as you would set up a home network - as a private (virtual) LAN behind a NAT router. You do not really need to use static IPs, but you can do it that way if you like.
If I was doing it, I would set all the vms in an internal virtual network and configure one of them as a NAT router using an appliance like pfSense. The outward-facing interface of the router is the only thing which needs to know about the outside world. Inside, nothing changes when the external connection changes. Your vms are a portable LAN.
If I was doing it, I would set all the vms in an internal virtual network and configure one of them as a NAT router using an appliance like pfSense. The outward-facing interface of the router is the only thing which needs to know about the outside world. Inside, nothing changes when the external connection changes. Your vms are a portable LAN.
Bill
Re: Network interface type when using static-IPs in guests but host using different networks
Thanks you for the response and explanation @scottgus1 and @BillG. Few important things I ignored to mention (my bad), and which make 'NAT' type of interface difficult to use in my particular case, because of what is running on those VMs (and my understanding of how it works, what it expects from the interfaces):
- Primary/first interface has to have unique IP, as it uses the IP as a sort of identity in the cluster, so the common guest IP in case of NAT would be a problem
- Doesn't play well with multi-interface / multi-homed setup, else I could've made the first interface of all VMs as "internal" and second one as NAT
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows, Linux
Re: Network interface type when using static-IPs in guests but host using different networks
That does change the paradigm a little, but it's still doable. Either the router OS or NAT Network could let you have single-network-card VMs with static IP's and internet. But the router OS setup will require you to set up two layers of port forwarding for the host to communicate with the VMs (if that's important, you had mentioned you wanted the VMs to talk to the host, but will the host want to talk to the VMs?).
The reason for the two layers is because of the restrictive corporate environment you'll have to plug into at times. Fancy network switches can prevent Bridged VMs from connecting, so the only other option is to connect the VMs through NAT. Bridged goes around the host network stack and makes the VM appear to be a completely separate PC to the LAN; switch filtering can see this and block the VM traffic if the filter is set to do so. NAT goes through the host network stack, and the NAT packets look to the LAN as if they are coming from the host, so switch filtering shouldn't interfere.
So your VMs have to be connected to the host through NAT. NAT Network does this and provides a static-IP-multi-VM environment for the VMs, and only one layer of port forwarding. The router OS's WAN port must also connect through NAT to get around possible switch filtering, and also has its own port forwarding requirements, thus requiring two port forwards.
If host-to-VM comms is required, NAT Network should be less trouble to set up and take less host resources than the router OS VM setup. But either should work.
The reason for the two layers is because of the restrictive corporate environment you'll have to plug into at times. Fancy network switches can prevent Bridged VMs from connecting, so the only other option is to connect the VMs through NAT. Bridged goes around the host network stack and makes the VM appear to be a completely separate PC to the LAN; switch filtering can see this and block the VM traffic if the filter is set to do so. NAT goes through the host network stack, and the NAT packets look to the LAN as if they are coming from the host, so switch filtering shouldn't interfere.
So your VMs have to be connected to the host through NAT. NAT Network does this and provides a static-IP-multi-VM environment for the VMs, and only one layer of port forwarding. The router OS's WAN port must also connect through NAT to get around possible switch filtering, and also has its own port forwarding requirements, thus requiring two port forwards.
If host-to-VM comms is required, NAT Network should be less trouble to set up and take less host resources than the router OS VM setup. But either should work.