First off, the base question: how to reliably achieve IP/DNS resolution on a mixed network (Linux, Windows, Mac OS), on a common private physical network using IPV4/6, to hosted VM'S that may or may not have VPN's active and DHCP - without an internal DNS.
My Setup:
I run a Windows 10 Host machine with a static IPV4 address, which powers multiple Windows 10, and Linux VM's. Some of the VM's access VPN's, which run IPV4/6 VPN networks. Presently I use a Mac OS computer to RDP to the host system, and I use the Virtual Box GUI to access the systems from there.
I have tried using RDP (Microsoft), to access the VMs independently from my Mac OS system, however this only works through the Local IPV4 address when the VPN is not active - or the IPV6 address with the limitations noted below.
I have also tried using the IPV6 address; and while this works some of the time, I have have mixed to unpredictable results with this on reboots/IP refreshes. The IPV6 Address changes periodically, and I have to log into the router to determine the new address and update RDP entries accordingly.
What I am trying to achieve:
Mac OS system Source system, and RDP to multiple Physical/Virtual machines on the network, while maintaining connectivity through VPN connections on the VMs - Without having to manually type in/keep up with IPV6 addresses.
My hardware is all consumer grade, with a Netgear router (R6400).
While currently I use a single NIC in the VM host, I do have multiple NIC's if that will correct the connectivity issues.
MS-Windows implements RFC-4941 and RFC-7721, for security considerations, that lead to IPv6 address changes (this should not be a problem if you had DNS updates, but this is not your situation).
To avoid IPv6 changes, just use the following 4 lines on your Windows hosts:
netsh interface ipv6 set privacy state=disabled store=active
netsh interface ipv6 set privacy state=disabled store=persistent
netsh interface ipv6 set global randomizeidentifiers=disabled store=active
netsh interface ipv6 set global randomizeidentifiers=disabled store=persistent
You should now get predictable results.
Related
I have a virtual machine instance running on Google Cloud Compute Engine — a preemptible free-tier CPU running Ubuntu 17.04. The end goal is to connect it to a MongoDB running on my local machine, a 2015 Macbook Pro (OS 10.12.6). But first, I've been trying to ensure the VM can reach my Mac via ping.
Running ping <VM's external IP> from my Mac works.
pinging my Mac from another Mac on the same wifi network works.
Running ping <Mac's IP> from the VM via the browser terminal does not work.
I've disabled my Mac's firewall. I've also configured my VM's firewall rules to allow all inbound and outbound traffic, to no avail:
ingress firewall rules, egress firewall rules
How might I get this instance to ping my Mac successfully?
Does your Mac's IP address begin with 10., 192.168., or between 172.16. and 172.32.? These are private addresses only reachable within your Mac's local network, which is (part of) why GCE cannot reach your VM.
This is part of a very common configuration. An ISP only allocates one (or a small number) of IP addresses to your home or business. A router on the network performs NAT to share that IP addess between computers on the local network, which instead use private IP addresses for themselves. As the router doesn't know what to do with the inbound MongoDB traffic, it blocks it.
There are two common ways around this that are usually found in your router settings:
"port forwarding" where you tell the traffic to forward all traffic on port 1234 to your Mac. This can get MongoDB working, but not ping.
If you have whole extra IP addresses, "DMZ" where your router directly forwards an entire extra IP to your instance. If you have only one IP address this is not an option as that IP is needed to be shared for other devices on the Wifi.
You likely also have a firewall on the router. If you use a DMZ or port-forwarding you must make sure that firewall allows traffic through too.
That said, I'm not sure that this is a sensible thing to do. Opening up your local network to the internet can create major security issues, plus it is likely unreliable more expensive (free tier only provides 1GB egress/month, your db traffic could exceed this).
Actually running MongoDB on instances within GCE is almost certainly a better option in every regard for you.
So I know to access my host computer's localhost from virtualbox, I can hit up the IP 10.0.2.2. However, I need to access a different IP on my host. I've set up another local site running on host at 192.168.7.9. How do I hit this IP from inside virtualbox? Thank you.
Your virtual machine is probably in NAT networking mode.
You need to change networking to Bridged and choose the same Network adapter
like i did on the image below...(on my laptop wifi NIC is Intel Centrino, yours is probably different!)
Then your virtual machine will be directly connected to the same network as your laptop and it'll have a similar IP address as your host... 192.168.7.x
and then you can connect to any IP address you want!
This would be the simplest way to do it.
I've got a VirtualBox machine set up and it runs fine. But I want to limit it's network access to only computers on my LAN (192.168.2.x). I do not want it to have any type of incoming or outgoing access to the internet at all.
Just remove the Default Gateway in it's IP settings. Or modify the operating systems hosts file.
If your really serious about blocking it though you should block it via a firewall.
I have a Host with VirtualBox installed and Guest installed (both with Windows XP SP3).
I do have connection between them. And also the guest have an internet connection.
I can connect via Remote Desktop Connection from Host to Guest, but I also want to be able to connect to Guest from any other PC. If can, how to achieve this?
Guest is using 2 network adapters, one NAT for sharing the internet connection and then one Host-only to be able for both machines to see each other on the local network.
Assuming you have an Internet router providing access to your ISP...
Change the VM networking from NAT to Bridged.
Check that the guest still has Internet connectivity after rebooting or ipconfig /renew.
Configure the router to give the guest a fixed IP address. (Typically, the guest can still use DHCP but the router is configured to give the guest the same IP address every time.)
Determine which ports and protocols needed to connect with the guest. E.G, TCP on port 3389 (RPD) for Remote Desktop.
Configure the router's "port-forwarding" feature to route external connections to the IP address of your guest. You can designate a different port for the external connections but that might not get through firewalls between the remote computer and its ISP.
Determine the external IP address of your Internet router.
Connect from the remote computer to the IP address and designated port.
I am trying to find a way that I can effectively change the IP and netmask of the computer that my programs are running on. I have to be able to maintain communications with a "box" that the user has access to and can change the IP of that box (but not that of the Linux host). Luckily the box broadcasts its IP over a multicast address. I am able to read that address and communicate to whatever IP the box is broadcasting. However, my problem is that when the box changes IPs outside of the subnet of the Linux host, I lose connectivity (as I would expect to happen).
As a result, I need a quick and dirty way to to change the IP and netmask of the Linux host when it detects that the IP being broadcast is outside it's subnet. I am aware that I can modify/edit the /etc/networking/interfaces file, but I was hoping to have something "live" where I wouldn't need to restart the networking interface or Linux host. Additionally, I would like to maintain all sockets that I have currently open during the change. My main issue is that I have a slew of connections run by other applications that cannot be corrupted as a result of the IP changeover. Also, if possible, I'd like to avoid having to redo having to run the multicast route add command for Linux after the host IP changeover.
Is there anything that I can do to satisfy these requirements? Thanks.
You don't want to change the IP address of the interface, you want to add an additional IP address and subnet to the interface. Search your Linux system documentation for IP Alias functionality.
Here's the HOWTO.