SAbboushi
asked on
How can I see the NAT translation of http packets from/to my laptop's private ip with internet
Just curious: I understand that my router does NAT between my private home network and the internet. How can I see/follow what happens when I enter a website's url into my browser?
I've got Fiddler installed - will this show me, or do I need wireshark?
I'm trying to see things like how my Internet router tags http packets so that it know how to route return packets to my laptop's nic vs. the virtual nic in a virtual machine running on my laptop which is also using the laptop's nic to get internet access.
I've got Fiddler installed - will this show me, or do I need wireshark?
I'm trying to see things like how my Internet router tags http packets so that it know how to route return packets to my laptop's nic vs. the virtual nic in a virtual machine running on my laptop which is also using the laptop's nic to get internet access.
Wireshark may be able to capture the information. Filter for NAT traffic to view activities
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
It is not even better but required to use packet capture and the like on the router. After applying NAT you can not see the original IP addresses anymore when looking at the packets.
ASKER
>> Wireshark may be able to capture the information. Filter for NAT traffic to view activities
Can anyone confirm this?
>> It is better to see on the router. Do you have console access to your router?
Yes (Arris/Motorola NVG589)
Qlemo: sorry - I did not understand what you mean
Can anyone confirm this?
>> It is better to see on the router. Do you have console access to your router?
Yes (Arris/Motorola NVG589)
Qlemo: sorry - I did not understand what you mean
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Thanks. I've found the router NAT table. It shows sessions for each ip address on my private network.
I'm running a guest OS in VirtualBox on the laptop configured to use my laptop's wireless nic.
My suspicion is that the NAT table of my router connected to the internet would have separate sessions for when my laptop (i.e. the host) OS is browsing the internet vs. when the VirtualBox guest OS is browsing the internet, right? How would I differentiate between those sessions in the NAT table?
NAT-Table.png
I'm running a guest OS in VirtualBox on the laptop configured to use my laptop's wireless nic.
My suspicion is that the NAT table of my router connected to the internet would have separate sessions for when my laptop (i.e. the host) OS is browsing the internet vs. when the VirtualBox guest OS is browsing the internet, right? How would I differentiate between those sessions in the NAT table?
NAT-Table.png
Both machines should have different IP addresses, so that is how you can differ between those.
ASKER
Sorry - I seem to be missing something.
As I understand it, the NAT table for my router (connected to the internet) shows ip addresses on my private network. A virtual machines on my computer is not on that private network: for a VM to communicate with the internet, VirtualBox needs to pass traffic through my computer's NIC card. That NIC card is assigned only ONE ip address by my router. So that router's NAT table only shows sessions associated with my computer, whether the packets are originating from my (host) computer's browser or the VM's browser.
In summary, my computer and the VM share one NIC with the same ip address.
So I'm still trying to figure out:
How, in the NAT table, would I differentiate between internet browsing sessions on my computer vs. on a VM since they are both using the same NIC / ip address? Will any of the columns in the table I posted earlier help me answer this question?
As I understand it, the NAT table for my router (connected to the internet) shows ip addresses on my private network. A virtual machines on my computer is not on that private network: for a VM to communicate with the internet, VirtualBox needs to pass traffic through my computer's NIC card. That NIC card is assigned only ONE ip address by my router. So that router's NAT table only shows sessions associated with my computer, whether the packets are originating from my (host) computer's browser or the VM's browser.
In summary, my computer and the VM share one NIC with the same ip address.
So I'm still trying to figure out:
How, in the NAT table, would I differentiate between internet browsing sessions on my computer vs. on a VM since they are both using the same NIC / ip address? Will any of the columns in the table I posted earlier help me answer this question?
Your VM should have an own IP address. Yes, it is using the physical NIC of the host, but virtual it is a different NIC.