Host wrongfully answers ARP request for guest VM.

[gregorib]

Hi,

I wish all of you are well.

I just bought a new TP-link M5 deco mesh router (set of 3). Everything works fine (can navigate, connect to other devices, etc, but when I start a virtualbox VM, when any device asks (via ARP request) who is using a given IP (which was assigned to the VM by DHCP), first the VM and then the host machine reply to this request, thus generating a conflict. The router wrongfully register the host as the IP owner overriding the previous answer from the VM to the ARP request. This router uses ARP to verify which device is using what IP at any given moment, and registers the device in a list shown to the user via a phone APP. Thus, the VMs never show up on the list. The VMs show up on the APP only if the host is linked to the network using a wired network adapter.

I am running Kubuntu 20.04 LTS on dell precision workstation M7520, Wireless interface 8265 / 8275 Intel Corporation. Connected to ITN network by wifi. Using virtualbox 6.1.6 from official repo. VMs are Win7, win8, ubuntu 18.04LTS 20.04LTS both servers and desktops. I need the VMs to be reachable via bridge. NAT is not an option.

Tried Virtualbox 6.1.10, then virtio adapter too without any luck. The problem presents once the VM node starts, after doing their DHCP request.... a while later ARP broadcasts begin and then it is when the problem shows up.

This is the info captured with wireshark:

483 24.170960125 Tp-LinkT_8e:b6:3c Broadcast ARP 42 Who has 192.168.68.105? Tell 192.168.68.1
484 24.171231103 PcsCompu_78:24:28 Tp-LinkT_8e:b6:3c ARP 42 192.168.68.105 is at 08:00:27:78:24:28 ***** answer from VM with MAC 24:28*****
485 24.171241892 IntelCor_e5:6b:a9 Tp-LinkT_8e:b6:3c ARP 42 192.168.68.105 is at 00:28:f8:e5:6b:a9 ***** second unexpected answer from host with MAC 6B:A9*****

Duplicate IP address detected for 192.168.68.105 (00:28:f8:e5:6b:a9) - also in use by 08:00:27:78:24:28
[Expert Info (Warning/Sequence): Duplicate IP address configured (192.168.68.105)]

First, I contacted TP-link, and after they analized the wireshark capture they requested (fragment above), they concluded the wireless adapter is doing something it should not do. I reviewed myself the capture file, and indeed there was the duplicate answer for the ARP request. This does not happen If I use my wired connection. Only in wifi. It happens with all 10 VMs I use.

When I use my phone to ping the VM, ARP requests are seen on the trace, and problem appears. When my phone does the ARP process to find out the MAC of the device to ping, both guest VM and host PC answer they are at the IP to be ping. it should be only one answer.

I am inclined to think it is a problem with the bridge wifi adapter used by virtualbox, given the explanation given in chapter 6 from virtualbox documentation. (Virtualbox change MAC on packets)
It might seem that virtualbox is missing something with that ARP request, and therefore the host answers it. There is something going on when the VM is up and running, no matter if IP is assigned static or via DHCP, once it starts, the host thinks it has the same IP as the guest VM, and the problems begin. Once the guest VM is down, host wifi realizes it has original IP and asks who is the owner of the guest VM IP.

Did not know where to ask this question. Already tried ubuntu communities, but there was no solution. Please point me where to report this problem if this forum in not the right place.

Hope you can help me solve this.

Regards,

Gregorio B.

[fth0]

I am inclined to think it is a problem with the bridge wifi adapter used by virtualbox, given the explanation given in chapter 6 from virtualbox documentation. (Virtualbox change MAC on packets)

Yes, VirtualBox shares the host's MAC address when bridging to the host's Wifi adapter, and for this reason, it will also answer incoming ARP requests with the host's MAC address. So, either the TP-Link router can distinguish multiple IP addresses sharing a single MAC address, or you're out of luck with this network setup.

For an alternative setup, you could investigate using MacVLAN for your Linux host ...

[scottgus1]

VirtualBox shares the host's MAC address when bridging to the host's Wifi adapter,

And this is a workaround for the fact that Wi-fi cannot Bridge, with any Bridging system. The Wi-fi spec does not allow the manipulation needed to Bridge. So something needs to be cobbled together. Sometimes Bridged's workaround can squeeze through, if the Wi-fi spec is not strictly implemented by the access point/drivers/router. It doesn't work with your LAN equipment.

[gregorib]

Thanks for all your comments!!

For an alternative setup, you could investigate using MacVLAN for your Linux host ...

Did a quick search but there is not much documentation on this specific topic. Would you please describe a little bit more what you think would be the setup for this config? is it a dedicated macvlan for each VM with no ip address, then attach it to the VM on virtualbox?

[fth0]

Did a quick search but there is not much documentation on this specific topic.

A useful overview with many pictures IMHO is Introduction to Linux interfaces for virtual networking. Additionally, you could take a look at Macvlan and IPvlan basics.

The basic idea is to add one or multiple sub-interfaces to your host's WiFi interface, thereby creating additional MAC addresses for it, and hope that VirtualBox allows you to select such a sub-interface as the host adapter for bridging. The 'hope' means that I haven't tested it myself, so I'm interested in what ever you'll discover.

[gregorib]

The 'hope' means that I haven't tested it myself, so I'm interested in what ever you'll discover.

Thanks for your answer, during the weekend I will review the info you sent me, and next week will let you know all my findings,!

Thanks for your help!

[gregorib]

Hi,

I tried doing the setup using macvlan.

configured two macvlans ( one in bridge mode, one in vepa) and both are seen by virtualbox, so I was able to assign the macvlan to the VM adapters without any problem. did not use network namespaces because t does not allow virtualbox to "see" the adapters. Guess Virtualbox works on global namepsace. The issue with this is that DHCP packets are not answered by the DHCP server. For some reason if the host physical wifi adapter is used there are two DHCP packets (one from the host, one from the guest) and then there it is an answer from the DCHP server. It seems that when using the macvlan adapter, packets are not passed over to the physical adapter and then the network. Tried to use macvtap, but it only works on wired not wifi adapters, same as passthru mode.

Maybe I am missing something ( some king of routing maybe?)... or there is no workaround using a wifi host adapter....

any ideas now?

thanks you for any light on this....