Versions Compared

Version Old Version 14 New Version 15
Changes made by

Howard Gilbert

Howard Gilbert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

So you get a DSL connection from the phone company or a cable connection from you TV provider, and you connect it these days to a Wireless Router box. Home routers add two network functions: DHCP and NAT. DHCP assigns addresses (from the 192.168.1.* subnet) to machines that are not configured to use a specific private address. NAT allows the router to forward client requests from any computer on the private network to the internet, but when it forwards the request it readdresses it changes the IP address on each packet of data so that the outside world thinks the request came from the router itself. This is important because the phone or cable company only assigned one IP address to your home, and the router owns that address, and all the computers in your home have to share that one address. If one of your computers has a server (say a Java Web application on port 8080) then the NAT router can be configured to map all incoming request to its port 8080 to go to that machine.

Now we can describe the VirtualBox LAN connection options and define their limitations.

NAT - One VM appears to be connected to its own network with a NAT router simulated on the host real machine. The VM can access the Yale network and internet, but the host computer cannot talk to it except through mapped ports. Unfortunately, if you expose a port to the Host computer you also expose it to the whole Yale network because it becomes a real port on the host computer.

NAT Network - Several VMs are connected to a private network with a NAT has to own and manage that address.

NAT works automatically when the home computer is a client and the server is out on the internet. To allow Internet machines to connect back to a computer in your home network, then you have to configure the "Port Mapping" feature of the router to direct all Internet requests for a particular port (example: 8080) to a particular home computer.

Your host computer may be a laptop connected to the Yale network, but the VMs that it runs under VirtualBox are typically unknown to Yale and you probably want them to be unavailable to other machines. So VirtualBox creates various virtual network solutions emulating different elements of the typical home network solution.

When you create a VM and give it a virtual LAN adapter, you can configure the connectivity of that adapter to use specific named options:

  • NAT - One VM appears to be connected to its own network with a NAT router simulated on the host real machine.

...

  • The VM can access the Yale network and internet, but the host computer cannot talk to it except through mapped ports. Unfortunately, if you expose a port to the Host computer you also expose it to the whole Yale network because it becomes a real port on the host computer.
  • NAT Network - Several VMs are connected to a private network with a NAT router simulated on the host real machine. Like the previous configuration, except in this case the VMs can talk to each other as if they were real computers on a real network.
  • Bridge - All the VMs appear to be directly connected to the real network to which the host computer is connected. At Yale, that means that every VM has to be assigned its own IP address from Data Network Operations. Since that address is real, no other developer can use the same set of addresses for his Sandbox machines. This also exposes the VMs to the outside world (at least the Yale network).
  • Host-Only Adapter - First, this creates a virtual LAN adapter on the host computer (you get a dialog box on Windows asking you to install a new device). Then logically it connects this simulated LAN adapter to a Private Network to which all the VMs are connected. Typically you assign a static address like 192.168.137.1 to the host computer and then other static addresses like 192.168.137.10 to each VM. VirtualBox does not provide any DHCP or NAT router function, so if this is all you do then the VMs cannot talk to the Yale network or Internet.

It has always been possible to use a regular computer to perform the DHCP and NAT router function. Windows calls this Internet Connection Sharing (ICS) and it was useful back in the day when a Windows box logged on to a network provider and then shared this connection to the other home computers. Today when every phone or cable company includes a NAT Wireless router with their basic Internet service package, ICS is not widely used. If it were only possible to create one LAN adapter on each VM, then the Host-Only Adapter combined with ICS or its Mac equivalent on the host computer would be the best network solution.

However, VirtualBox can attach up to 4 simulated LAN adapters to each VM. In this case, it is simplest to create two LAN adapters for two different purposes. One is a simple NAT adapter that gives The VMs have to be able to communicate with each other just like real machines, so they can test various clustering options. The VMs have to access servers in the Yale Network (SVN for example to update or commit source changes). You probably want to be able to communicate from the host computer to the VMs, to open a browser and test the application. However, you do not want computers other than the host to access the VMs and it is convenient if the VMs are always configured the same on all hosts.

No one configuration option on one LAN adapter handles all these requirements, but you can configure two LAN adapters with different options that provide everything you need and nothing you do not want.

One adapter uses a simple "NAT" connection to give the VM client only (no mapped ports) access to the Yale network (SVN) and to the SVN server for example) and to the Internet (to the Centos software update sites for example).  the Internet (the Centos software update sites). If you do not configure any Mapped Ports, then this LAN can only be used for client outbound connections from the VM.

The other adapter is a Host-Only Adapter that creates a simulated Private Network that connects the VMs to each other and to the Host computer. Neither network connection allows computers other than the Host to connect to see the VMs, logon to them, or use services like CAS. Because the Host-Only network is private, it can have the same IP addresses and configuration on every desktop for every developer.In the Host-Only Private Network, the host computer must be configured to have IP address 192.168.137.1. You specify this when you create or modify the network in the . The host and VMs use 192.168.*.* addresses to talk to each other just like real computers connected to a regular network. The host can open a browser to talk to CAS, and two VMs can simulate data exchange for cluster fail over. The VMs cannot use this to access any other machine, and no other machine sees this network and any of its addresses.

NAT is an automatic service that is part of VirtualBox. However, a Host-Only network has to be set up before any VM can use it. In the VirtualBox management console (that lists the installed virtual machines). Click File - Preferences - Network. Select the Host-only Networks tab. If no network is listed, click the Add (plus) button to create itone. It will be called VirtualBox Host-Only Ethernet Adapter and when you create it you have to let the your real laptop operating system add a new device to the system (so you need Administrator privilege on your machine). If you double click the now listed adapter, you can set its IPv4 Address to 192.168.127137.1 and the Network mask to 255.255.255.0.

The Sandbox VM should be comes configured with two LAN adapters. Select it You can configure them when you import the VM from the original distribution file image, or you can reconfigure them in the VirtualBox management console before you start the VM. Select the Sandbox VM and click Settings - Network. Adapter 1 should be "Attached to" Host-only Adapter and Adapter 2 should be attached to NAT.

...