Setting up simple virtual box networking

I've seen many people that run Windows under VirtualBox to run those legacy applications that just haven't made it across to Linux.

Too often I see people messing about with Ethernet bridging because they feel the need to have some incoming ports on the machine active to the outside world.
Fair enough, however it's a complex way to accomplish that. You're much better using the simple NAT interface, particularly if it's only a few incoming ports.

NAT under VirtualBox does indeed allow incoming ports. Knowing how to set these up is the key!

By definition, a NAT internal IP uses an IP address in the private address space defined by RFC1918. Namely one from these networks:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Most people are familiar with 192.168.0.0/24 or 192.168.1.0/24 which many ADSL routers provide. Many know that you can setup port forwarding in their router to allow external IPs access to a particular port/service on their internal machine. Virtual Box is no different.

Like a network router that can be configured so that accessing a particular port on the router it can be sent directly to the machine(s) behind it. How is this accomplished under VirtualBox? You just configure a port on the host machine to be forwarded to the IP and port on the virtual machine.

VirtualBox ships with a nifty little GUI. It's simple but effective. Unfortunately much of the power to configuring your virtual machines is not found in this tool.
VirtualBox also packs some handy cli tools for managing your virtual machines.

One such tool is the VBoxManage utility. Infact this is the tool we'll be using to enable some port forwards.

Let's enable the Remote Desktop Protocol in our Virtual Machine. This Virtual Machine is called MyVM for ease of use:

VBoxManage setextradata "MyVM" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/vmrdp/Protocol" TCP
VBoxManage setextradata "MyVM" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/vmrdp/GuestPort" 3389
VBoxManage setextradata "MyVM" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/vmrdp/HostPort" 3389

As you can see we passed several arguments to VBoxManage. You'll find by just running VBoxManage without any arguments that it will list all it's available options (there is quite a few!).

In this example the arguments are:

1. setextradata: Inform VBoxManage that we wish to do additional configuration of our Virtual Machine.
2. "MyVM": The name of our virtual machine.
3. "VBoxInternal....": The key we wish to change. In this example, it's a new port forwarding rule on our specific ethernet card. (You'll find more information in the UserManual for Virtual Box for a list of available ones)
4. Final value: The actual value we wish to set for the key.

So what did the 3 lines accomplish?

1. We informed VBoxManage that we wanted to configure a TCP rule (named vmrdp) for our first ethernet card (pcnet)
2. We set the TCP port we want to send the forwarded packets to within the virtual machine. (GuestPort 3389)
3. We then defined the port we wanted to listen to on the VirtualBox Host (HostPort 3389)

Now basically from anywhere on you can hit your Virtual Box Host on TCP/3389 (eg: Your Linux desktop), and it will forward the packets through to your virtual machine. Neat 'eh? If you are on your Linux box and running VirtualBox in say headless mode.. you can get a remote desktop session by just connecting to localhost:3389.

Some things to also remember:

• If you need TCP and UDP rules... you need to define them seperately.
• You need to set a 'working' port forward with the triple configuration above (it takes 3 commands to get a working port forward.
• No two rules can have the same name. This also counts for a service that runs on both UDP/TCP on the same port. In that instance name it something like myserviceudp and myservicetcp to distinguish them.
• Port forwarding is set across reboots. You don't need to do this multiple times.
• VBoxManage basically edits the xml configuration file for your Virtual Machine. If you don't want the port forwards any more... just edit the xml file directly is the fastest and easiest way (likewise once you get the hang of it and the format, there is nothing stoppign you editing the xml definition file directly).

Other things you should know about NAT networking include:

• By default the NAT network is 10.0.2.0/24.
• The actual network can be changed using VBoxManage modifyvm "MyVM" -natnet1 "10.10.1.0/24" (Change the last value to your desired network/netmask.)
• The IP assigned by the VBox DHCP server will be .15, with a gateway of .2.

That's a brief introduction to some of the features you can accomplish with VBoxManage. Explore a little and you'll be amazed how much you can customise.

Have fun!