Host wrongfully answers ARP request for guest VM.
Posted: 23. Jun 2020, 18:21
Hi,
I wish all of you are well.
I just bought a new TP-link M5 deco mesh router (set of 3). Everything works fine (can navigate, connect to other devices, etc, but when I start a virtualbox VM, when any device asks (via ARP request) who is using a given IP (which was assigned to the VM by DHCP), first the VM and then the host machine reply to this request, thus generating a conflict. The router wrongfully register the host as the IP owner overriding the previous answer from the VM to the ARP request. This router uses ARP to verify which device is using what IP at any given moment, and registers the device in a list shown to the user via a phone APP. Thus, the VMs never show up on the list. The VMs show up on the APP only if the host is linked to the network using a wired network adapter.
I am running Kubuntu 20.04 LTS on dell precision workstation M7520, Wireless interface 8265 / 8275 Intel Corporation. Connected to ITN network by wifi. Using virtualbox 6.1.6 from official repo. VMs are Win7, win8, ubuntu 18.04LTS 20.04LTS both servers and desktops. I need the VMs to be reachable via bridge. NAT is not an option.
Tried Virtualbox 6.1.10, then virtio adapter too without any luck. The problem presents once the VM node starts, after doing their DHCP request.... a while later ARP broadcasts begin and then it is when the problem shows up.
This is the info captured with wireshark:
483 24.170960125 Tp-LinkT_8e:b6:3c Broadcast ARP 42 Who has 192.168.68.105? Tell 192.168.68.1
484 24.171231103 PcsCompu_78:24:28 Tp-LinkT_8e:b6:3c ARP 42 192.168.68.105 is at 08:00:27:78:24:28 ***** answer from VM with MAC 24:28*****
485 24.171241892 IntelCor_e5:6b:a9 Tp-LinkT_8e:b6:3c ARP 42 192.168.68.105 is at 00:28:f8:e5:6b:a9 ***** second unexpected answer from host with MAC 6B:A9*****
Duplicate IP address detected for 192.168.68.105 (00:28:f8:e5:6b:a9) - also in use by 08:00:27:78:24:28
[Expert Info (Warning/Sequence): Duplicate IP address configured (192.168.68.105)]
First, I contacted TP-link, and after they analized the wireshark capture they requested (fragment above), they concluded the wireless adapter is doing something it should not do. I reviewed myself the capture file, and indeed there was the duplicate answer for the ARP request. This does not happen If I use my wired connection. Only in wifi. It happens with all 10 VMs I use.
When I use my phone to ping the VM, ARP requests are seen on the trace, and problem appears. When my phone does the ARP process to find out the MAC of the device to ping, both guest VM and host PC answer they are at the IP to be ping. it should be only one answer.
I am inclined to think it is a problem with the bridge wifi adapter used by virtualbox, given the explanation given in chapter 6 from virtualbox documentation. (Virtualbox change MAC on packets)
It might seem that virtualbox is missing something with that ARP request, and therefore the host answers it. There is something going on when the VM is up and running, no matter if IP is assigned static or via DHCP, once it starts, the host thinks it has the same IP as the guest VM, and the problems begin. Once the guest VM is down, host wifi realizes it has original IP and asks who is the owner of the guest VM IP.
Did not know where to ask this question. Already tried ubuntu communities, but there was no solution. Please point me where to report this problem if this forum in not the right place.
Hope you can help me solve this.
Regards,
Gregorio B.
I wish all of you are well.
I just bought a new TP-link M5 deco mesh router (set of 3). Everything works fine (can navigate, connect to other devices, etc, but when I start a virtualbox VM, when any device asks (via ARP request) who is using a given IP (which was assigned to the VM by DHCP), first the VM and then the host machine reply to this request, thus generating a conflict. The router wrongfully register the host as the IP owner overriding the previous answer from the VM to the ARP request. This router uses ARP to verify which device is using what IP at any given moment, and registers the device in a list shown to the user via a phone APP. Thus, the VMs never show up on the list. The VMs show up on the APP only if the host is linked to the network using a wired network adapter.
I am running Kubuntu 20.04 LTS on dell precision workstation M7520, Wireless interface 8265 / 8275 Intel Corporation. Connected to ITN network by wifi. Using virtualbox 6.1.6 from official repo. VMs are Win7, win8, ubuntu 18.04LTS 20.04LTS both servers and desktops. I need the VMs to be reachable via bridge. NAT is not an option.
Tried Virtualbox 6.1.10, then virtio adapter too without any luck. The problem presents once the VM node starts, after doing their DHCP request.... a while later ARP broadcasts begin and then it is when the problem shows up.
This is the info captured with wireshark:
483 24.170960125 Tp-LinkT_8e:b6:3c Broadcast ARP 42 Who has 192.168.68.105? Tell 192.168.68.1
484 24.171231103 PcsCompu_78:24:28 Tp-LinkT_8e:b6:3c ARP 42 192.168.68.105 is at 08:00:27:78:24:28 ***** answer from VM with MAC 24:28*****
485 24.171241892 IntelCor_e5:6b:a9 Tp-LinkT_8e:b6:3c ARP 42 192.168.68.105 is at 00:28:f8:e5:6b:a9 ***** second unexpected answer from host with MAC 6B:A9*****
Duplicate IP address detected for 192.168.68.105 (00:28:f8:e5:6b:a9) - also in use by 08:00:27:78:24:28
[Expert Info (Warning/Sequence): Duplicate IP address configured (192.168.68.105)]
First, I contacted TP-link, and after they analized the wireshark capture they requested (fragment above), they concluded the wireless adapter is doing something it should not do. I reviewed myself the capture file, and indeed there was the duplicate answer for the ARP request. This does not happen If I use my wired connection. Only in wifi. It happens with all 10 VMs I use.
When I use my phone to ping the VM, ARP requests are seen on the trace, and problem appears. When my phone does the ARP process to find out the MAC of the device to ping, both guest VM and host PC answer they are at the IP to be ping. it should be only one answer.
I am inclined to think it is a problem with the bridge wifi adapter used by virtualbox, given the explanation given in chapter 6 from virtualbox documentation. (Virtualbox change MAC on packets)
It might seem that virtualbox is missing something with that ARP request, and therefore the host answers it. There is something going on when the VM is up and running, no matter if IP is assigned static or via DHCP, once it starts, the host thinks it has the same IP as the guest VM, and the problems begin. Once the guest VM is down, host wifi realizes it has original IP and asks who is the owner of the guest VM IP.
Did not know where to ask this question. Already tried ubuntu communities, but there was no solution. Please point me where to report this problem if this forum in not the right place.
Hope you can help me solve this.
Regards,
Gregorio B.
