Mon 30 Apr 2007
Host Networking with VirtualBox on Ubuntu 7.04 Feisty
Posted by Markus Bertheau under computer[46] Comments
This post describes how to set up host networking for VirtualBox on Ubuntu 7.04 Feisty. The procedure probably works for older versions of Ubuntu.
The outcome of the procedure is that you’ll have a second network card for your virtual machine, which you can configure from inside the virtual machine as if it was a real network card connected to the same ethernet as your real network card.
I assume that you either
- get your IP address with DHCP
- or have a static IP address
If you’re on DSL or cable modem with PPPoE you probably don’t want host networking, but NAT, which works out of the box.
We’re going to
- create a virtual network interface
- set up an ethernet bridge
- add your physical network interface and the virtual interfaces to the bridge
Preparations
At first let’s install the needed software:
$ sudo apt-get install bridge-utils uml-utilities
The virtual network interface is configured with the package uml-utilities. uml stands for User Mode Linux, so understandably the package is preconfigured for use with User Mode Linux. In order to work correctly with VirtualBox, in /etc/network/if-pre-up.d/uml-utilities replace
chown root:uml-net /dev/net/tun
with
chown root:vboxusers /dev/net/tun
As we’re going to change the network configuration, we’re going to shut down the network. So don’t close this browser window :)
$ sudo /etc/init.d/networking stop
Creating a Virtual Network Interface
Now on to configuring the virtual network interface. Ubuntu and Debian store network configuration in the file /etc/network/interfaces. Assuming your network card is eth0, you’ll find a stanza beginning with the following in the file:
auto eth0 iface eth0 inet .....
Actually at install Ubuntu writes several such stanzas into the file so that they automatically work. Create a backup copy of /etc/network/interfaces (Now.) Then comment out all interfaces you don’t use so that NetworkManager doesn’t change the network configuration when we don’t want to. Leave in the lo interface, it’s required for local IP communication.
auto lo iface lo inet loopback auto eth0 iface eth0 inet ..... #auto eth1 #iface eth1 inet dhcp #auto ath0 #iface ath0 inet dhcp #auto wlan0 #iface wlan0 inet dhcp
The next step is to create a virtual network interface. This is the network interface that will be used by the virtual machine. We don’t configure it – the virtual machine will do it. Add the following stanza under the lo interface:
auto tap0 iface tap0 inet manual tunctl_user markus uml_proxy_arp markus.mynetwork.loc uml_proxy_ether eth0
Replace markus.mynetwork.loc with the host name or IP address you get from DHCP for your host machine (not the virtual machine). Also replace eth0 with your real network interface, if that is not eth0, and markus with your user name on the system. The user name set here will be the only user with permission to work with the virtual network interface.
Static IP address
If you have a static IP address, replace markus.mynetwork.loc instead with your static IP address.
Creating the bridge
Now we’ll set up the bridge. Add the following stanza after the tap0 stanza:
auto br0 iface br0 inet dhcp bridge_ports eth0 tap0 bridge_maxwait 0
Static IP address
If you have a static IP address, you have to carry over the network settings from eth0 to br0. Assuming your eth0 stanza looks something like this:
auto eth0 iface eth0 inet static address 192.168.1.2 netmask 255.255.255.0 gateway 192.168.1.254
change the br0 stanza to look like this:
auto br0 iface br0 inet static address 192.168.1.2 netmask 255.255.255.0 gateway 192.168.1.254 bridge_ports eth0 tap0 bridge_maxwait 0
In any case, change the stanza for eth0 to the following:
auto eth0 iface eth0 inet manual
That’s it. Enable networking again:
$ sudo /etc/init.d/networking start
You can use ifconfig -a to see if all devices were correctly configured. You can now use host networking in VirtualBox. Enter tap0 in the interface name field. The fields setup application and terminate application can be left empty.
More than one virtual network interface
You can run more than one OS at the same time and have all them use host networking. Add a tap interface for all of them. Here’s an example for three virtual network interfaces:
auto tap0 iface tap0 inet manual tunctl_user markus uml_proxy_arp markus.mynetwork.loc uml_proxy_ether eth0 auto tap1 iface tap1 inet manual tunctl_user markus uml_proxy_arp markus.mynetwork.loc uml_proxy_ether eth0 auto tap2 iface tap2 inet manual tunctl_user markus uml_proxy_arp markus.mynetwork.loc uml_proxy_ether eth0 auto br0 iface br0 inet dhcp bridge_ports eth0 tap0 tap1 tap2 bridge_maxwait 0
Have fun, and let me know if that post was helpful to you :)
May 24th, 2007 at 17:27
The hint
[code]
auto tap0
iface tap0 inet manual
tunctl_user markus
uml_proxy_arp markus.mynetwork.loc
uml_proxy_ether eth0
[/code]
was really helpful. My guest wasn’t able to connect to anywhere. With your help I was able to set up host networking for WinXP under Ubuntu 7.04. Thank you very much.
July 12th, 2007 at 2:45
Hey it worked!!
I was slightly thrown by the uml_proxy_arp line but a little trial and error showed that I could just put my host machine name in there.
Good job! Thanks!
July 23rd, 2007 at 6:30
Nice work! I followed your guide and am to the point where I can access my local network from within the VM. I can’t access the VM from my local network, though :( Any ideas?
July 23rd, 2007 at 7:44
Try the DHCP-assigned IP-address of the guest.
July 26th, 2007 at 15:54
One question. Why is networking working “out-of-the-box” when installing Ubuntu Server on VMWare and not on VirtualBox? Isn`t there an easier way to give the VM a static IP-adress by for instance changing the “Networking-VirtualBox Host Interface 1″ to the correct address/gateway etc?
I struggle to get it to work:( Thanks for the great article though – and perhaps a follow- up to answer my question?
September 15th, 2007 at 18:24
Dude you rock!
- Girish [msft] ;)
September 22nd, 2007 at 21:28
Works fine…but
can see internet, can see local network
cannot see guest from host
cannot ping guest
in testing HFS server, cannot browse to hfs web page on guest (can browse web server pages on lan from guest and host)
so its all a bit one way? Am set up with static IP addresses for both host and guest (Host Ubuntu 7.04, Guest Windows XP) other solutions have allowed ping, but no web server browsing. Guest shows up as an attached device on my netgear router, and the HFS server is set up as a service with correct ports open.
Any suggestions welcome :)
September 23rd, 2007 at 8:21
Follow up. Some of the problems are my own, related to the stripped down version of XP in use. Efforts with full XP delivered ping and access to guest from the lan, and to the web server on the guest. So thumbs up :)
November 5th, 2007 at 23:14
Does this work if you are using WICD to manager your network connections? I got tired of the Network Manager freaking out with all the diferent Wireless connections I use.
November 12th, 2007 at 10:01
work fine under ubuntu7.10 + xp
November 17th, 2007 at 1:48
Should this enable me to assign a static IP address to the guest VM in the same range as the other ‘real’ ones on my network (192.168.0.1-100)?
November 17th, 2007 at 17:52
To answer my own question, yes – I simply treat the setup of the guest VM’s IP address as if it were a ‘real’ machine. Thanks a million for the above instructions, which enabled me to get networking sorted out on an XP guest within a Gutsy host. I’d tried various other guides before but they had not worked. I think this is something which VirtualBox really needs to do better, as VMWare Server just works ‘out of the box’ for this.
November 20th, 2007 at 19:45
How do you handle wireless cards?
Can you be connected via cable and disconnect it for using your Wi-Fi access (via Network Manager dynamic connection) in a transparent manner for your guest OS?
Do you have to configure something in the guest OS to keep the connection on?
November 20th, 2007 at 20:06
fni: Good question. I don’t know :)
November 28th, 2007 at 17:04
For w/lan cards it should work in the same way as for wired cards, but you have to use the interface name of your w/lan card.
I can probably test it this evening, will come back with my findings.
December 6th, 2007 at 21:40
Nice. I’ve been looking for a nice guide to get host networking up and running for a while now. The only question was what to put in the host interface-name box in the settings. Some trial and error revealed to me it was tap0. Maybe i just didnt read the guide close enough to get it the first time.
December 7th, 2007 at 10:05
Thanks, after several network/vbox restarts it finally worked for me. I wish somebody just create a script to do this automatically. The web is full of confusing/conflicting instructions.
January 4th, 2008 at 8:52
Thanks much! This was a lot easier than the complex, and roughly documented, tap setups for debian. After troubleshooting this for quite a few hours, I found that it was already working flawlessly for my Windows VMs, just not for my ubuntu LAMP. Now I can get to work on that problem.
As mentioned above, it would be more clear if you explained what to put in the “uml_proxy_arp” line. Personally, I had no idea what you were referring to with your own data but found that my hostname was all I needed.
Also, you might mention that although we set the tapX iface to manual, it will still grab IPs via DHCP.
January 14th, 2008 at 14:28
Jay,
thanks a lot for your remarks. I have edited the post a little bit, which hopefully should have made the instructions clearer:
- corrected and detailed the explanation for uml_proxy_arp (it said domain name)
- explained that tap0 is configured by the virtual machine
This means that tap0 will get its IP address via DHCP only if the operating system in the virtual machine is set up to do so.
Thanks
January 20th, 2008 at 14:07
Markus…
BIG Thanks. This is definitely the way to go! I got the XP guest under the Gutsy host all sorted out thanks to your excellent how-to! I guess my next question is how to get the guest on a static as well?
Much Props on the instructions!
January 20th, 2008 at 14:10
Marshallclan,
Just configure a static IP address in the guest. tap0 is basically an unconfigured network card, that the guest can use in any way it wants to.
Markus
January 24th, 2008 at 0:20
Thanks, Markus. After messing around these configurations for several days, I have some suggestion.
1.When you use network bridge with TAP/TUN interfaces, those uml_proxy_* lines are not needed. You can delete all those uml_proxy_* lines.
2.As an alternative to modifying /etc/network/if-pre-up.d/uml-utilities, you may add the user to uml-net group (in addition to vboxusers group).
January 24th, 2008 at 0:25
karyonix:
Thanks for your comment.
1. Why?
2. Yes, that is certainly not a bad idea.
Markus
January 25th, 2008 at 1:46
Read this.
http://user-mode-linux.sourceforge.net/old/networking.html#TUN/TAP with a preconfigured tap device
One way to let the virtual machine attached to a TUN/TAP interface on host machine communicate with LAN is using ARP proxy and enabling ip_forward in the host machine. Another way is using network bridge in the host machine. You don’t have to do both at the same time. If you use network bridge, you don’t need ARP_proxy and don’t have to tell the host machine which interface to transmit data to virtual machine.
Let’s look at the example of how to set ARP proxy from UML website.
host# tunctl -u uid
host# ifconfig tap0 192.168.0.254 up
host# bash -c ‘echo 1 > /proc/sys/net/ipv4/ip_forward’
host# route add -host 192.168.0.253 dev tap0
host# bash -c ‘echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp’
host# arp -Ds 192.168.0.253 eth0 pub
You need one IP for host side of tap0 (192.168.0.254 in this example) and another IP for the virtual machine (192.168.0.253 in this example). The route command tells the host machine that message for 192.168.0.253 (the virtual machine) should be sent via tap0 (not eth0). And the arp command causes the host machine to respose to other computer on LAN asking for 192.168.0.253 (the virtual machine’s IP) by telling them that “192.168.0.253 is here at eth0’s MAC address”, so other computers will send data for 192.168.0.253 (virtual machine) to the host computer instead. With ip_forward enabled on the host machine those data will be forwarded to 192.168.0.253 (virtual machine) via tap0. The host computer acts as ARP proxy.
Consider these two lines under ‘iface tap0′.
>> uml_proxy_arp markus.mynetwork.loc
>> uml_proxy_ether eth0
What does these lines do to the computer ?
The answer is in ‘/etc/network/if-up.d’. This is what it does.
$ sysctl -w net/ipv4/conf/”tap0″/proxy_arp=1
$ route add -host “markus.mynetwork.loc” dev “tap0″
$ arp -Ds “markus.mynetwork.loc” “eth0″ pub’
Compare with the example from UML website. The route commands are different.
The route command tell the computer that “markus.mynetwork.loc is that way, go through tap0 to reach it”. But markus.mynetwork.loc is the host computer itself, so this command does not do anything good.
The arp command tell the computer that “if someone ask for markus.mynetwork.loc, tell them that it is here at eth0’s MAC address”. But that is the normal behavior anyway, so this command is not needed.
The two uml_proxy_* lines, probably set incorrectly, have no good effect for your network. You can just delete them.
If someone decides to use ARP proxy instead of network bridge, I think what to put after the word uml_proxy_arp should be virtual machine’s IP address.
January 25th, 2008 at 1:51
Sorry, I type a URL incorrectly in previous post.
http://user-mode-linux.sourceforge.net/old/networking.html#TUN/TAP%20with%20a%20preconfigured%20tap%20device
February 16th, 2008 at 22:09
Is the point of this to be able to access the guest OS from the LAN? Because I can access the LAN from the guest OS using the default installation using NAT.
February 17th, 2008 at 1:50
JeSTeR: Yes, that’s one way of saying it. With host networking the guest is a regular member of the same ethernetwork that the host is.
February 23rd, 2008 at 1:37
I’ve tried the VBox user manual and several different methods for HIF I’ve found online (including yours) and I still get the same effect as NAT. I cannot connect or ping from network to guest.
VBox: PUEL 1.5.6 w/ guest additions
Host: ubuntu 7.10 gutsy
Guest: WinXP Pro SP2
Could this be a firewall issue?
February 23rd, 2008 at 2:28
Aaack! Should have check guest firewall before post #28.
I _could_ connect by IP w/rdesktop from the host and network to the guest. But I could not ping.
After I turned off the firewall on the WinXP guest, I could ping and rdp by WINS name.
If reconfigured the firewall on guest to allow all ICMP traffic and allowed Exceptions for “File and Print Sharing” and “UPnP Framework”.
Now with firewall up, have full access to guest by WINS name.
February 26th, 2008 at 16:39
Good day,
I would like to provide a detailed post of settings on my machine and would appreciate it if anybody can give me some insight into why my tap0 interface isn’t transmitting any data.
I’ve managed to get NAT networking going and my Guest OS is happily communicating. The trouble seems to be with the ‘Host networking’ setup.
VirtualBox configuration (1.5.6-28241_Ubuntu_gutsy) on Kubuntu (ubuntu 7.10)
Guest OS
Windows XP, sp2
Network settings: Set to DHCP, firewalled
(NAT from guest to host works fine)
# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
#auto eth1
#iface eth1 inet dhcp
#auto eth2
#iface eth2 inet dhcp
#auto ath0
#iface ath0 inet dhcp
#auto wlan0
#iface wlan0 inet dhcp
auto tap0
iface tap0 inet manual
tunctl_user frix
#Ed:15 is the adress issued to eth0 via dhcp
uml_proxy_arp 192.168.10.15
uml_proxy_ether eth0
auto br0
iface br0 inet dhcp
bridge_ports eth0 tap0
bridge_maxwait 0
# ifconfig
br0
Link encap:Ethernet
HWaddr 00:16:E6:16:03:9C
inet addr:192.168.10.15
Bcast:192.168.10.255
Mask:255.255.255.0
inet6 addr: fe80::216:e6ff:fe16:39c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:163 errors:0 dropped:0 overruns:0
frame:0 TX packets:27 errors:0 dropped:0
overruns:0 carrier:0 collisions:0 txqueuelen:0
RX bytes:13829 (13.5 KB) TX bytes:3118 (3.0 KB)
eth0
Link encap:Ethernet
HWaddr 00:16:E6:16:03:9C
inet6 addr: fe80::216:e6ff:fe16:39c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:743408 errors:0 dropped:0 overruns:0
frame:0 TX packets:364349 errors:0 dropped:0
overruns:0 carrier:0 collisions:0 txqueuelen:1000
RX bytes:942876440 (899.1 MB) TX bytes:93147181
(88.8 MB) Interrupt:21 Base address:0xc800
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:16724 errors:0 dropped:0 overruns:0
frame:0 TX packets:16724 errors:0 dropped:0
overruns:0 carrier:0 collisions:0 txqueuelen:0
RX bytes:79485844 (75.8 MB) TX bytes:79485844
(75.8 MB)
tap0
Link encap:Ethernet HWaddr 00:FF:5E:00:68:74
inet6 addr: fe80::2ff:5eff:fe00:6874/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:294 errors:0 dropped:0 overruns:0
frame:0 TX packets:4 errors:0 dropped:1127
overruns:0 carrier:0 collisions:0 txqueuelen:500
RX bytes:42941 (41.9 KB) TX bytes:240 (240.0 b)
# netstat -rn
Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt
Iface
192.168.10.15 0.0.0.0 255.255.255.255
UH 0 0 0 tap0
192.168.10.0 0.0.0.0 255.255.255.0
U 0 0 0 br0
0.0.0.0 192.168.10.1 0.0.0.0
UG 0 0 0 br0
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# ls -sal /dev/net/tun
0 crw-rw—- 1 root vboxusers 10, 200
2008-01-10 19:18 /dev/net/tun
# cat /etc/group
…
vboxusers:x:113:frix
…
VirtualBox setup:
Network:
Adapter 0
Enable Network Adapter: Checked
Adapter Type: PCnet-FAST III (Am79C973)
Attached to: Host Interface
Network Name:
MAC Address: 00FF5E006874
(Ed: Tried to set it to the same value as tap0
and have it auto generated, neither making
any difference)
Cable Connected: Checked
Host Interface Settings:
Interface Name: tap0
Setup Application:
Terminate Application:
Testing with an IP adres on tap0:
# ifconfig tap0 192.168.10.100 up
# ifconfig tap0
tap0
Link encap:Ethernet
HWaddr 00:FF:40:52:E4:03
inet addr:192.168.10.100
Bcast:192.168.10.255
Mask:255.255.255.0
inet6 addr: fe80::2ff:40ff:fe52:e403/64
Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1 RX packets:0 errors:0 dropped:0 overruns:0
frame:0 TX packets:0 errors:0 dropped:192
overruns:0 carrier:0 collisions:0 txqueuelen:500
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
# netstat -rn
Kernel IP routing table Destination Gateway
Genmask Flags MSS Window irtt Iface
192.168.10.0 0.0.0.0 255.255.255.0
U 0 0 0 tap0
192.168.10.0 0.0.0.0 255.255.255.0
U 0 0 0 br0
0.0.0.0 192.168.10.1 0.0.0.0
UG 0 0 0 br0
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# ping -I br0 192.168.10.1
PING 192.168.10.1 (192.168.10.1) from 192.168.10.15 br0: 56(84) bytes of data.
64 bytes from 192.168.10.1: icmp_seq=1 ttl=255 time=2.49 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=255 time=0.595 ms
# ping -I tap0 192.168.10.1
PING 192.168.10.1 (192.168.10.1) from 192.168.10.100 tap0: 56(84) bytes of data.
From 192.168.10.100 icmp_seq=1 Destination Host Unreachable
The tap0 interface itself at the moment can’t see the rest of my local LAN – I guess getting this to work will solve a lot of the problems already.
Note: I’ve also tested the tap0 interface with
/proc/sys/net/ipv4/ip_forward == 1 and …==0,
making no difference to the connectivity.
Any help would be appreciated.
Regards,
-frix
March 18th, 2008 at 20:20
Hi,
Worked first time even though I am using the AMD64 bit version. Great stuff.
Thanks for posting it.
--
Simon.
March 29th, 2008 at 12:25
You rock for posting this. I have viewed at least twenty posts on this subject and fuxored my network settings at least four times — yours is the first solution that worked. Kudos, sir!
April 10th, 2008 at 12:46
Thank you. I like the way you’ve broken the instructions up into sections. It helped me more clearly see the logic of how it’s configured.
April 13th, 2008 at 14:35
I have followed the instructions. Upon restarting my network I get an error message stating the br0 bridge was not found. Any suggestions?
Thanks
April 29th, 2008 at 23:18
Many thanks for setting that out so clearly and concisely. By the time you’ve read through a 50-thread discussion of blind-leading-blind, with a tricky issue like this, your head is spinning. So its a great relief to get a well-defined method that just works. Well done.
May 22nd, 2008 at 2:40
Just fyi for any others having issues with host networking. . .
I was unable to get any connectivity between the host and my windows xp guest using the default network card. Changing to one of the other virtual network cards in vbox guest settings fixed this.
Cheers
Dave Smylie
May 23rd, 2008 at 22:02
I have done all this staff on host Ubuntu.
My ubuntu guests work perfectly in network, so thx a lot.
But!!!
In the same time, my windows XP guests dont see anything in network except themselves((( Even internal network dont work. What should be done?
May 23rd, 2008 at 22:26
when i look at status of Network Connection – there are none of packets received and some amount of packets sent.
June 3rd, 2008 at 20:26
Oh, i solved this problem!
The solution was to set intel host interface and setup drivers :)
Thx again!
June 15th, 2008 at 14:44
Thanks so much for this guide. It was, by far, the best and most clear instructions of any that I had run across and worked perfectly on the first shot.
October 27th, 2008 at 22:52
This description beats all others I have found because it is so logically structured and best of it all: it works.
It made clear, that the bridge has the exact settings as the eth0 interface it bridges to and also how to configure the guest Network settings (as a normal physical machine).
My configuration: Host: Ubuntu 8.04.1, Guest: XP SP2
Host can ping guest and vice versa. Host can see shared files from guest and guest can work with samba share from host!
Thanks a lot.
November 9th, 2008 at 19:39
Great work, many thanks, does it works with Ibex without modifications too?
November 9th, 2008 at 19:43
No idea.
November 10th, 2008 at 8:58
I have followed each step as in the guide and then started my VM running windowsxp. After that i intalled driver for intel pro100 MT network adapter.It then started to configure the ip but failed with limited connectivity .I then tried to configure it manually to 192.168.0.1 but still no connectivity…Please help me with this problem ASAP as i need to run some “cant do without” application in windows to connect to the internet.
November 10th, 2008 at 22:26
update: actually it is intel pro1000 MT network adapter
February 24th, 2009 at 16:00
thank’s