Using port-forwarding, I can access the host's http server, but I cannot access the vm's http server.
I have been using Virtualbox and port-forwarding to vms for many years. I am familiar with the issues at hand.
Just the same, port-forwarding is suddenly no longer working for me and I am stumped.
I have four systems that I have tested this on. Three Windows 10-11 and one Ubuntu 22.04. They all share the same problem.
to reproduce the issue i do the following...
install Virtualbox 7.0.14 (tried 7.0.12 too)
create a vm with ubuntu.com file: ubuntu-22.04.4-live-server-amd64.iso
when prompted to reboot i instead do an acpi shutdown, then select the vm's networking and add a second interface as bridged to my host interface that is hardwire connected to the router
I have two ips i am using
host: 10.0.0.17
vm: 10.0.0.18
router configuration...
port-forward port 8017 to host's ip(10.0.0.17) and port 8018 to vm's ip(10.0.0.18)
Server Name External Port Start External Port End Protocol Internal Port Start Internal Port End Server IP Address WAN Interface Remove
Web Server (HTTP) 8017 8017 TCP 8017 8017 10.0.0.17 ppp1.1
Web Server (HTTP) 8018 8018 TCP 8018 8018 10.0.0.18 ppp1.1
host configuration...
on the host i am using wsl1 rather than wsl2. wsl1 shares the host's interfaces with Windows
host> ipconfig /all
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Lenovo USB2.0 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-B6-5A-76-8B
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::32c:781c:d20d:e795%36(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.17(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 604000438
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2A-BE-89-31-4C-79-6E-88-12-A1
DNS Servers . . . . . . . . . . . : 1.1.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
host cmd(admin)> netsh advfirewall firewall add rule name="ALLOW TCP PORT 80" dir=in action=allow protocol=TCP localport=80
# in actuallity, i disabled the firewall
host wsl1> echo '<HTML><BODY>Hello, World!</BODY></HTML>' > index.html
host wsl1> python3 -m http.server --bind 10.0.0.17 8017
vm configuration...
vm> sudo ip address add 10.0.0.18/24 dev enp0s8
vm> sudo ip link set up dev enp0s8
vm> sudo ufw status
inactive
vm> echo '<HTML><BODY>Hello, World!</BODY></HTML>' > index.html
vm> python3 -m http.server --bind 10.0.0.18 8018
host http test...
fetch http://<my WAN IP>:8017/index.html via remote site: https://www.dotcom-tools.com/web-servers-test
Location
Date
Time
Duration
Status
Montreal
03/01/2024
10:32:49 AM
53 ms
OK
vm http test...
fetch http://<my WAN IP>:8018/index.html via remote site: https://www.dotcom-tools.com/web-servers-test
Location
Date
Time
Duration
Status
Montreal
03/01/2024
10:34:39 AM
21.01 s
TCP
FAIL!!!
Similar results from using https://mxtoolbox.com/SuperTool.aspx
vm> sudo tcpdump -i enp0s8 port 8018
15:58:35:507519 IP 18.209.86.113.51835 > iso.8018: Flags [SEW], seq 1251914873, win 64240, options [mss 1452,nop,wscale 8,nop,nop,sack[OK], length 0
...
I am stumped! Any suggestions would be appreciated!
kendal
port-forwarding - I can access the host's http server, but I cannot access the vm's http server
port-forwarding - I can access the host's http server, but I cannot access the vm's http server
Last edited by MrBurns on 2. Mar 2024, 19:16, edited 1 time in total.
-
- Volunteer
- Posts: 5678
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: port-forwarding - I can access the host's http server, but I cannot access the vm's http server
If you have two or more active network interfaces in the VM, I'd suggest to check the routing table of the guest OS, especially the metrics (e.g. ip route or route -n), because it could happen that the TCP SYN/ACK goes over another network interface. Alternatively, use tcpdump to capture on all network interfaces simultaneously.
Re: port-forwarding - I can access the host's http server, but I cannot access the vm's http server
Thanks for your comment! It started me looking into my routing, and that was key. I had requests coming in one interface and out another.fth0 wrote: ↑2. Mar 2024, 01:25 If you have two or more active network interfaces in the VM, I'd suggest to check the routing table of the guest OS, especially the metrics (e.g. ip route or route -n), because it could happen that the TCP SYN/ACK goes over another network interface. Alternatively, use tcpdump to capture on all network interfaces simultaneously.
For anyone interested, this command was key...
sudo tcpdump -i any port 443
I could see more than one interface responding to a remote query when it should only be the one interface responding.
Fiddling with netplan configuration and metrics solved matters.
-
- Volunteer
- Posts: 5678
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: port-forwarding - I can access the host's http server, but I cannot access the vm's http server
You're welcome, and thanks for reporting back!