Routing Problem with IP Forwarding on Ubuntu 14.04 and VirtualBox
Clash Royale CLAN TAG#URR8PPP
I have a routing problem with IP forwarding on my ubuntu server.
On my ubuntu server (an old laptop) I have VirtualBox installed with a number of virtual machines. Each VM has it's virtual NIC bridged to the physical wlan0 adaptor on the server, and if set to use DHCP they will happily get an IP address from my home wireless router. So bridging seems to be working fine.
The wireless router operates on the subnet 172.17.17.0/24.
Some VMs have static IPs set up on different subnets which are awkward to change due to the applications running on them. I have two VM subnets:
172.17.40.0/24
192.168.195.0/24
I thought I could get them all happily talking by giving my host laptop an IP address on each subnet, pointing the VMs to the appropriate IP as their gateway and then enable IP forwarding on the host. So the host has the following IPs assigned to wlan0:
172.17.17.100
172.19.40.1
192.168.195.1
With this set up, VMs on the subnet 172.19.40.0 can ping those on the 192.168.195.0 subnet and vice versa. The host happily IP forwards between those two subnets. The VMs on those subnets can also ping the server on 172.17.17.100.
However, none of the VMs on either subnet 172.19.40.0 or 192.168.195.0 can ping the wireless router on 172.17.17.254.
I guess the config on the host is lacking something, but i can't see what the difference is between VMs in each subnet pinging each other, and VMs on either subnet pinging the router on a third subnet - other than that it's a physical device - i'm still just asking the host to IP forward from one subnet to another. What's the difference that i'm missing?!
Appreciate any help offered.
Ken
Edit - diagram below for clarity. It shows attempted pings between virtual machines, the host and the router. 
debian virtualbox ip network-interface
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
asked Mar 10 '16 at 14:27
Ken Knowles
33
add a comment |
I have a routing problem with IP forwarding on my ubuntu server.
On my ubuntu server (an old laptop) I have VirtualBox installed with a number of virtual machines. Each VM has it's virtual NIC bridged to the physical wlan0 adaptor on the server, and if set to use DHCP they will happily get an IP address from my home wireless router. So bridging seems to be working fine.
The wireless router operates on the subnet 172.17.17.0/24.
Some VMs have static IPs set up on different subnets which are awkward to change due to the applications running on them. I have two VM subnets:
172.17.40.0/24
192.168.195.0/24
I thought I could get them all happily talking by giving my host laptop an IP address on each subnet, pointing the VMs to the appropriate IP as their gateway and then enable IP forwarding on the host. So the host has the following IPs assigned to wlan0:
172.17.17.100
172.19.40.1
192.168.195.1
With this set up, VMs on the subnet 172.19.40.0 can ping those on the 192.168.195.0 subnet and vice versa. The host happily IP forwards between those two subnets. The VMs on those subnets can also ping the server on 172.17.17.100.
However, none of the VMs on either subnet 172.19.40.0 or 192.168.195.0 can ping the wireless router on 172.17.17.254.
I guess the config on the host is lacking something, but i can't see what the difference is between VMs in each subnet pinging each other, and VMs on either subnet pinging the router on a third subnet - other than that it's a physical device - i'm still just asking the host to IP forward from one subnet to another. What's the difference that i'm missing?!
Appreciate any help offered.
Ken
Edit - diagram below for clarity. It shows attempted pings between virtual machines, the host and the router.
debian virtualbox ip network-interface
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
asked Mar 10 '16 at 14:27
Ken Knowles
33
The post can get a bit difficult to follow, I advise posting a drawing of your networks/setup, even if a photo of one done by hand.
– Rui F Ribeiro
Mar 10 '16 at 14:46
yeah, i guess so - diagram added.
– Ken Knowles
Mar 11 '16 at 9:23
Thanks. Host is bridging VM traffic, right? Have you definednet.ipv4.conf.all.rp_filter=0?
– Rui F Ribeiro
Mar 11 '16 at 9:32
Yeah VMs are all bridged to the host wlan0 interface. Thanks for the suggestion. I had not defined that system variable but I have now. Unfortunately i hasn't enabled me to ping the router from a VM.
– Ken Knowles
Mar 11 '16 at 11:09
add a comment |
I have a routing problem with IP forwarding on my ubuntu server.
On my ubuntu server (an old laptop) I have VirtualBox installed with a number of virtual machines. Each VM has it's virtual NIC bridged to the physical wlan0 adaptor on the server, and if set to use DHCP they will happily get an IP address from my home wireless router. So bridging seems to be working fine.
The wireless router operates on the subnet 172.17.17.0/24.
Some VMs have static IPs set up on different subnets which are awkward to change due to the applications running on them. I have two VM subnets:
172.17.40.0/24
192.168.195.0/24
I thought I could get them all happily talking by giving my host laptop an IP address on each subnet, pointing the VMs to the appropriate IP as their gateway and then enable IP forwarding on the host. So the host has the following IPs assigned to wlan0:
172.17.17.100
172.19.40.1
192.168.195.1
With this set up, VMs on the subnet 172.19.40.0 can ping those on the 192.168.195.0 subnet and vice versa. The host happily IP forwards between those two subnets. The VMs on those subnets can also ping the server on 172.17.17.100.
However, none of the VMs on either subnet 172.19.40.0 or 192.168.195.0 can ping the wireless router on 172.17.17.254.
I guess the config on the host is lacking something, but i can't see what the difference is between VMs in each subnet pinging each other, and VMs on either subnet pinging the router on a third subnet - other than that it's a physical device - i'm still just asking the host to IP forward from one subnet to another. What's the difference that i'm missing?!
Appreciate any help offered.
Ken
Edit - diagram below for clarity. It shows attempted pings between virtual machines, the host and the router.
debian virtualbox ip network-interface
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
asked Mar 10 '16 at 14:27
Ken Knowles
33
I have a routing problem with IP forwarding on my ubuntu server.
On my ubuntu server (an old laptop) I have VirtualBox installed with a number of virtual machines. Each VM has it's virtual NIC bridged to the physical wlan0 adaptor on the server, and if set to use DHCP they will happily get an IP address from my home wireless router. So bridging seems to be working fine.
The wireless router operates on the subnet 172.17.17.0/24.
Some VMs have static IPs set up on different subnets which are awkward to change due to the applications running on them. I have two VM subnets:
172.17.40.0/24
192.168.195.0/24
I thought I could get them all happily talking by giving my host laptop an IP address on each subnet, pointing the VMs to the appropriate IP as their gateway and then enable IP forwarding on the host. So the host has the following IPs assigned to wlan0:
172.17.17.100
172.19.40.1
192.168.195.1
With this set up, VMs on the subnet 172.19.40.0 can ping those on the 192.168.195.0 subnet and vice versa. The host happily IP forwards between those two subnets. The VMs on those subnets can also ping the server on 172.17.17.100.
However, none of the VMs on either subnet 172.19.40.0 or 192.168.195.0 can ping the wireless router on 172.17.17.254.
I guess the config on the host is lacking something, but i can't see what the difference is between VMs in each subnet pinging each other, and VMs on either subnet pinging the router on a third subnet - other than that it's a physical device - i'm still just asking the host to IP forward from one subnet to another. What's the difference that i'm missing?!
Appreciate any help offered.
Ken
Edit - diagram below for clarity. It shows attempted pings between virtual machines, the host and the router.
debian virtualbox ip network-interface
debian virtualbox ip network-interface
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
asked Mar 10 '16 at 14:27
Ken Knowles
33
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
asked Mar 10 '16 at 14:27
Ken Knowles
33
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
edited Dec 20 '18 at 7:25
Rui F Ribeiro
39k1479130
39k1479130
asked Mar 10 '16 at 14:27
Ken Knowles
33
asked Mar 10 '16 at 14:27
Ken Knowles
33
asked Mar 10 '16 at 14:27
Ken Knowles
33
33
The post can get a bit difficult to follow, I advise posting a drawing of your networks/setup, even if a photo of one done by hand.
– Rui F Ribeiro
Mar 10 '16 at 14:46
yeah, i guess so - diagram added.
– Ken Knowles
Mar 11 '16 at 9:23
Thanks. Host is bridging VM traffic, right? Have you definednet.ipv4.conf.all.rp_filter=0?
– Rui F Ribeiro
Mar 11 '16 at 9:32
Yeah VMs are all bridged to the host wlan0 interface. Thanks for the suggestion. I had not defined that system variable but I have now. Unfortunately i hasn't enabled me to ping the router from a VM.
– Ken Knowles
Mar 11 '16 at 11:09
add a comment |
The post can get a bit difficult to follow, I advise posting a drawing of your networks/setup, even if a photo of one done by hand.
– Rui F Ribeiro
Mar 10 '16 at 14:46
yeah, i guess so - diagram added.
– Ken Knowles
Mar 11 '16 at 9:23
Thanks. Host is bridging VM traffic, right? Have you definednet.ipv4.conf.all.rp_filter=0?
– Rui F Ribeiro
Mar 11 '16 at 9:32
Yeah VMs are all bridged to the host wlan0 interface. Thanks for the suggestion. I had not defined that system variable but I have now. Unfortunately i hasn't enabled me to ping the router from a VM.
– Ken Knowles
Mar 11 '16 at 11:09
The post can get a bit difficult to follow, I advise posting a drawing of your networks/setup, even if a photo of one done by hand.
– Rui F Ribeiro
Mar 10 '16 at 14:46
The post can get a bit difficult to follow, I advise posting a drawing of your networks/setup, even if a photo of one done by hand.
– Rui F Ribeiro
Mar 10 '16 at 14:46
yeah, i guess so - diagram added.
– Ken Knowles
Mar 11 '16 at 9:23
yeah, i guess so - diagram added.
– Ken Knowles
Mar 11 '16 at 9:23
Thanks. Host is bridging VM traffic, right? Have you defined
net.ipv4.conf.all.rp_filter=0 ?– Rui F Ribeiro
Mar 11 '16 at 9:32
Thanks. Host is bridging VM traffic, right? Have you defined
net.ipv4.conf.all.rp_filter=0 ?– Rui F Ribeiro
Mar 11 '16 at 9:32
Yeah VMs are all bridged to the host wlan0 interface. Thanks for the suggestion. I had not defined that system variable but I have now. Unfortunately i hasn't enabled me to ping the router from a VM.
– Ken Knowles
Mar 11 '16 at 11:09
Yeah VMs are all bridged to the host wlan0 interface. Thanks for the suggestion. I had not defined that system variable but I have now. Unfortunately i hasn't enabled me to ping the router from a VM.
– Ken Knowles
Mar 11 '16 at 11:09
add a comment |
1 Answer
1
active
oldest
votes
You need to have rp_filter for a bridging host to accept outputting packets that are not own of their own range of IP local IP addresses.
net.ipv4.conf.all.rp_filter=0
As for routing, the problem is that the router does not know the 172.19.40.x network, and while the packet reaches the router, the answer goes by the default gateway (i.e. an unknown network, instead of coming back).
You need to define in the router the route (e.g.)
172.19.40.0 255.255.255.0 gw 172.17.17.100
Doing that, the answer will return to your host.
On second thought, this might not be the right answer, and as it it bridging, you will have to give the router a secondary IP of the 172.19.40.0 network.
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f268928%2frouting-problem-with-ip-forwarding-on-ubuntu-14-04-and-virtualbox%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You need to have rp_filter for a bridging host to accept outputting packets that are not own of their own range of IP local IP addresses.
net.ipv4.conf.all.rp_filter=0
As for routing, the problem is that the router does not know the 172.19.40.x network, and while the packet reaches the router, the answer goes by the default gateway (i.e. an unknown network, instead of coming back).
You need to define in the router the route (e.g.)
172.19.40.0 255.255.255.0 gw 172.17.17.100
Doing that, the answer will return to your host.
On second thought, this might not be the right answer, and as it it bridging, you will have to give the router a secondary IP of the 172.19.40.0 network.
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
add a comment |
You need to have rp_filter for a bridging host to accept outputting packets that are not own of their own range of IP local IP addresses.
net.ipv4.conf.all.rp_filter=0
As for routing, the problem is that the router does not know the 172.19.40.x network, and while the packet reaches the router, the answer goes by the default gateway (i.e. an unknown network, instead of coming back).
You need to define in the router the route (e.g.)
172.19.40.0 255.255.255.0 gw 172.17.17.100
Doing that, the answer will return to your host.
On second thought, this might not be the right answer, and as it it bridging, you will have to give the router a secondary IP of the 172.19.40.0 network.
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
add a comment |
You need to have rp_filter for a bridging host to accept outputting packets that are not own of their own range of IP local IP addresses.
net.ipv4.conf.all.rp_filter=0
As for routing, the problem is that the router does not know the 172.19.40.x network, and while the packet reaches the router, the answer goes by the default gateway (i.e. an unknown network, instead of coming back).
You need to define in the router the route (e.g.)
172.19.40.0 255.255.255.0 gw 172.17.17.100
Doing that, the answer will return to your host.
On second thought, this might not be the right answer, and as it it bridging, you will have to give the router a secondary IP of the 172.19.40.0 network.
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
You need to have rp_filter for a bridging host to accept outputting packets that are not own of their own range of IP local IP addresses.
net.ipv4.conf.all.rp_filter=0
As for routing, the problem is that the router does not know the 172.19.40.x network, and while the packet reaches the router, the answer goes by the default gateway (i.e. an unknown network, instead of coming back).
You need to define in the router the route (e.g.)
172.19.40.0 255.255.255.0 gw 172.17.17.100
Doing that, the answer will return to your host.
On second thought, this might not be the right answer, and as it it bridging, you will have to give the router a secondary IP of the 172.19.40.0 network.
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
answered Mar 11 '16 at 11:40
Rui F Ribeiro
39k1479130
39k1479130
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
add a comment |
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
When pinging the router from a VM, the error is 'no route to host' rather than response timeout, which make me think even wth rp_filter disabled the request isn't reaching the router. I agree adding another IP to the router would be the ideal solution, unfortunately my cheap ISP supplied router doesn't support multiple IP addresses so I was trying to get around it. I could just add a proper router VM with multiple vNICs to solve the issue but I was just curious why using the host to forward isn't working.
– Ken Knowles
Mar 11 '16 at 13:55
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
If you are doing bridging you have to have a router that forwards packets between networks, or routing or NAT in multiple points.
– Rui F Ribeiro
Mar 11 '16 at 13:57
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
(the alternative is doing routing+NAT in the Host)
– Rui F Ribeiro
Mar 11 '16 at 14:09
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f268928%2frouting-problem-with-ip-forwarding-on-ubuntu-14-04-and-virtualbox%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
The post can get a bit difficult to follow, I advise posting a drawing of your networks/setup, even if a photo of one done by hand.
– Rui F Ribeiro
Mar 10 '16 at 14:46
yeah, i guess so - diagram added.
– Ken Knowles
Mar 11 '16 at 9:23
Thanks. Host is bridging VM traffic, right? Have you defined
net.ipv4.conf.all.rp_filter=0?– Rui F Ribeiro
Mar 11 '16 at 9:32
Yeah VMs are all bridged to the host wlan0 interface. Thanks for the suggestion. I had not defined that system variable but I have now. Unfortunately i hasn't enabled me to ping the router from a VM.
– Ken Knowles
Mar 11 '16 at 11:09