Rather complicated setting

[inki]

Hi there,

I need help with a rather complicated setting.

My Host is Windows 7 Professional, Guest is Debian Lenny. Host gets an IP via DHCP from the 192.168.212 network on the only physical network card, the Guest should get a fixed IP from the 192.168.3 network. Requests to the net from the Guest should come from the 192.168.3 IP. The reason for this is that the Guests (there's many workstations in the company with this setup) should be treated differently on the firewall.

Additionally, there should be another connection between Guest and Host from the 192.168.4 network which is only for dedicated communication between Guest and Host. Communication in this subnet should take only place between Guest and Host. No request should ever leave the physical network card. The reason for this is that every Guest should be able to reach its Host via 192.168.4.1 which would ease several administrative tasks

Any ideas / suggestions?

Thanks,

[vbox4me2]

Use Bridge networking, pass on the MAC from the bridged VM to whoever manages the 168.3 subnet, that will keep them seperated.

[inki]

Use Bridge networking, pass on the MAC from the bridged VM to whoever manages the 168.3 subnet, that will keep them seperated.

I don't think that's good enough. Requests from the Guest should originate from 168.3. Do you have any concerning the dedicated connection?

[vbox4me2]

A VM is just like another pc with its own lan card/connection/mac address(via Bridge) where both will get a dhcp address, either by fixing the dhcp range subnet mask or by mac identification. The other part you want can be done with host-only networking (so add another lan adapter to the vm) .

[BillG]

Are 192.168.212. and 192.168.3. physically separate networks on VLANs? If they are physically separate I would put two NICs in the host machine and dedicate one to the host and one to the guest. Connect the host NIC to the 192.168.212 network and the other NIC to the 192.168.3 (You dedicate a NIC to the guest by clearing all of the boxes except VirtualBox Bridged Networking Driver when you view the NIC properties from the host).

The Host Only link is no problem as it built into VirtualBox. Traffic between host and guest on this network goes nowhere else. You simply connect one NIC of the vm to host only.

The host has two NICs, one linked to the 192.168.212 network and one to the 192.168.3 network (which cannot be accessed from the host OS).
The guest has two NICs, one bridged to the 192.168.3 network and one host only. What addresses you use for host only is up to you. Since the traffic never goes anywhere else you might as well use the built-in ones.

[inki]

No, the networks are not physically separated. Just one NIC in the host. That's the complicated part.

[BillG]

If there is only one NIC in the host, there is no way that you can do that at the host or vm level. If your networks are VLANs, this will be handled by your physical switch. It is really no different from two physical machines on the LAN. The host and guest each has its own MAC address and they look just like two separate machines to the networking software.

The traffic all comes in through the same physical NIC but is then separated out by the filter driver (VirtualBox Bridged Networking Driver) at a very low level. The IP stack in the host never sees the traffic addressed to the guest and vice versa.

[vbox4me2]

Like I already said, it is possible by modifying the dhcp call mask so the VM calls out for dhcp on a different subnet.