Technical question about the Bridged network adapter

[waldorfm]

Hi,

From what I understand, reading the documentation, VirtualBox uses a special device driver to create a virtual network adapter. However, it seem to me the adapter does not intercept traffic, but introduces a virtual network interface, which has its own MAC address on the physical network layer of an existing host network connection.

Is this correct? How does this work with the wifi connection of the host system? I understand that the host system establishes the physical connection and provides the wifi login credentials. But what happens if the wifi access point uses MAC address filtering?

Kind regards.

[mpack]

I think you are confusing bridged networking with host only networking. It's the latter which uses a virtual NIC on the host. The former just inserts a filter driver into the real host NIC protocol stack.

[waldorfm]

If I'm not mistaken, then the host-only adapter introduces a private network. Network access from the virtual machine to the host system is only through the host-only adapter, which provides a network proxy to operate on behalf of the network interface of the host system (192.168.56.1)

About the bridged adapter, well, the manual states "This allows VirtualBox to intercept data from the physical network and inject data into it,effectively creating a new network interface in software."

My understanding about the bridged adapter is that it broadcasts a separate TCP/IP and virtual MAC address by injecting a virtual MAC address on an existing network layer. How else, when accessing the virtual machine from outside the host, will the VirtualBox device driver know which traffic is for the host or the guest system?

[noteirak]

You are mixing Layer 3/4 and layer 2 and 1 here.

Host-only install a new NIC using a driver that effectively redirect the traffic to the Virtualbox process. For Windows, it is just like a regular interface, nothing changes!
But instead of having a layer 1 as a hardware nic, you have a layer 1 as a program, nothing very fancy here.

Bridging on the other hand, does not create a new NIC. It simply adds a network filter into the TCP/IP stack of the NICs on your system. A network filter is like a piece of stack where the traffic goes and where actions can be taken (remove from the stack, modify, replace, etc). So yes, Virtualbox knows by the MAC and the IP which traffic is for the guest, and intercept that traffic. You can see from my attached screenshot where it is.
This behaviour is EXACTLY the same as virtual NIC found in *NIX system where you can create a eth0.1, eth0.2 interfaces (belonging to a single eth0 physical interface) with several addresses, etc.
This is also how VLANs works in most of the L3 switches.

About the network proxy - it is simply another network, it exists in its own right. You could reach it from your LAN if you would enable routing in your host. You could also reach your guest via the host-only interface!

How does this work with the wifi connection of the host system?

the same way - it injects & filter the traffic, which is then encrypted and put on the correct wifi signaling by the lower network stacks of the host

But what happens if the wifi access point uses MAC address filtering?

One word : doom. Same rules apply as if it was a sperate machine.

[waldorfm]

Reading your responses and the documentation about host-only and bridged adapter again it's actually there, but I somehow got it mixed up and confused. Thanks for the help!