NAT / Port Forwarding Question

[ejr2122]

Hi All,

I was doing some reading on port forwarding and started wondering how it related to running a VM to do basic tasks. Do the default settings that allow me to use a guest OS's internet browser to look at a webpage do some kind of port forwarding in order to make that possible?

Here is an example: If I set up a simple Windows guest on an OS X host and the emulated NIC is set to NAT by default, then how does VirtualBox route the internet traffic between the guest VM and the internet? On the Windows guest I can use IE to browse the web whilst also using Safari on the OS X host.

If port forwarding was being used in the situation I outlined above, then it seems I would only be able to browse the internet on IE on the guest VM because it is exclusively being forwarded requests to port 80. If I'm not wrong here, then what exactly is it that allows both the guest and host to service ports independently of each other?

[BillG]

No, NAT forwarding is no required for the guest to access the Internet. NAT uses address translation so that the guest can share the host's network connection and has access to all ports.

You only need port forwarding if you want to go the other way - access a vm from outside the NAT. To do that you have to connect to the host using its external address and use port forwarding to forward one port to a vm behind NAT. So to access a web server in your vm from the Internet, you would need to forward port 80 from the host to the private IP address of the web server on the LAN. If you now try to access a web server on the host machine from the Internet, the request will be satisfied by the web server in the vm.

[Brent Arias]

No, NAT forwarding is no required for the guest to access the Internet. NAT uses address translation so that the guest can share the host's network connection and has access to all ports.

You only need port forwarding if you want to go the other way - access a vm from outside the NAT. To do that you have to connect to the host using its external address and use port forwarding to forward one port to a vm behind NAT. So to access a web server in your vm from the Internet, you would need to forward port 80 from the host to the private IP address of the web server on the LAN. If you now try to access a web server on the host machine from the Internet, the request will be satisfied by the web server in the vm.

Good info, but I can't get this to work. The next question is, how do I "connect to the host using its external address"? I'm using VirtualBox manager to try to forward a port, but I don't know what to supply as the host IP. I've tried a variety of options, such as: 127.0.0.1, 0.0.0.0, and also just leaving the field blank. The port numbers I always supply, and they are easy to understand. But the Guest IP is also ambiguous. I generally just leave it blank. Do I need to supply a value? What value?

[BillG]

What is ambiguous about the IP of the vm? It must have an IP if it can access the network. Just have a look at it while you are in the guest. If you are running using NAT it will be 10.0.2.something.

127.0.0.1 is a loopback address. It simply means "this machine". If you are in the guest, http://127.0.0.1 will find the web server. That will not work from any other machine. You need to use the web server's IP address.