Solved

Virtualbox: How to set connect between host and guest when guest is on a different subnet?

Posted on 2007-11-29
11
20,631 Views
Last Modified: 2013-12-16
I've got a host machine receiving IP address from DHCP (192.168.2.x). I have created a guest machine that will have a 172.20.0.x address. I've been able to let them talk together if I use DHCP on the guest as well but then they will be on the same subnet. How do I accomplish network connection between the 192.168.2 and the 172.20.0 networks?

My goal is to have several guest machines in the 172.20.0.x address space that will all talk to each other. So any extra tips on that will be appreciated.
0
Comment
Question by:johnnybaluba
  • 4
  • 2
  • 2
  • +2
11 Comments
 
LVL 14

Accepted Solution

by:
arrkerr1024 earned 250 total points
ID: 20374137
In short - you need a router.  Something has to route between your 172.20.0.x subnet and your 192.168.2.x subnet.  You could do the routing on your host OS, or you could do it on your local router - depending on what equipment you have.

You could also just give your host machine a secondary IP that is on the 172.20.0.x subnet - that way it will be on both.  But your 172.20.0.x machines won't be able to get on the internet unless something is routing (and NATing) them outwards.
0
 
LVL 40

Assisted Solution

by:omarfarid
omarfarid earned 250 total points
ID: 20375850
Hi,

As I understood, you will be having guest virtual m/cs on the 172.20.0.x, and the host m/c on 192.168.2.x.

the guest m/cs will talk to each other since all are on the same subnet.

So, if you let the host m/c to be in the 172.20.0.x subnet as well, and configure it as router and set it as the default gateway for the guest m/cs then they can access other networks reachable by the host m/c.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 20376231
If both machines are connected to a switch and the switch is vlan-capable, you can put them in different VLANs.

I never use a router for the purpose of segregating local area subnets.
0
 
LVL 14

Expert Comment

by:arrkerr1024
ID: 20377438
vlans wouldn't help, that'd just make the problem worse.  vlans are for segregating networks, not allowing them to communicate :-P.  Thats what routers (aka gateways) are for.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 20377895
Well that's emphatically not true.  I use VLANs extensively where needed and have no problem communicating between subnets.

It's all about the right equipment and configuration for the job.  This is a LAN not a WAN that needs segmenting.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:johnnybaluba
ID: 20378179
I forgot to mention that I don't need 172.20.0.0 to be on the internet, so that makes things easier. It is preferable to get access to other hosts on the 192.168.2.x-lan but not vital.

The guests are using the tap0 network device to communicate with the host. tap0 again is linked to eth0 on the host. tap0 will get the 192.168.2.x address via dhcp. How can I add another (static) address to tap0? Will it handle several ip addresses on the same network device?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 20378369
If you VLAN the two segments, then they will be seen as two network segments.  

If you're using ISC's DHCP, you would create a separate subnet for the other address space.

Depending upon the type of device that 'tap0' is, you may be able to use one primary IP address and multiple secondaries (from the same netblock on the same interface).
0
 

Author Comment

by:johnnybaluba
ID: 20381655
How do I VLAN the two segments?

All the guests are running on the same machine so I don't understand how I can make two VLAN's.

This is what I do to set up the bridge between the host and the guest:
On the host:
tunctl -t tap0 -u johnny
ifconfig tap0 0.0.0.0 up
brctl addbr br0
brctl addif br0 eth0 tap0
dhclient br0
ifconfig br0 up
ifconfig eth0 0.0.0.0

On the VirtualBox guest:
Network: Adapter 0 -> tap0

Static address: 172.20.0.101 => No connection to host
DHCP address: 192.168.2.x => Connection to host

Can I add an extra address to br0 (which now holds the ip address)? If  so, how?

Output from ifconfig on host (lo removed):
br0       Link encap:Ethernet  HWaddr 00:15:C5:BF:C5:F7
          inet addr:192.168.2.212  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::215:c5ff:febf:c5f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2012909 errors:0 dropped:0 overruns:0 frame:0
          TX packets:345525 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:454508469 (433.4 MiB)  TX bytes:99254194 (94.6 MiB)

eth0      Link encap:Ethernet  HWaddr 00:15:C5:BF:C5:F7
          inet6 addr: fe80::215:c5ff:febf:c5f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3415300 errors:0 dropped:0 overruns:0 frame:0
          TX packets:539163 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:964883000 (920.1 MiB)  TX bytes:133660383 (127.4 MiB)
          Interrupt:18

tap0      Link encap:Ethernet  HWaddr 00:FF:85:E6:FB:E2
          inet6 addr: fe80::2ff:85ff:fee6:fbe2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:0 overruns:0 frame:0
          TX packets:121311 errors:0 dropped:1573334 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:21227 (20.7 KiB)  TX bytes:19177755 (18.2 MiB)


0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 20382030
I've not played with tunnels on linux.  Can you assign an IP address to the tap0 interface?

If so, you can use DHCP to assign the appropriate address.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20953293
Forced accept.

Computer101
Community Support Moderator
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now