Malcolm,
Just to be clear, is this your topology?
Public |--------| VBox NAT Network process |---------| Router VM |---------|
Hidden network
If so, I'm not aware of options to include static routes into the NAT
engine of VirtualBox, but I also don't see why you would need to.
it's the job of the router VM to also do NAT to hide that final network,
else you need the "public" routers to know about that hidden network but
that defeats the point of using NAT in the first place.
If this is your topology, I feel you're just using the wrong tool for
the job.
If your topology is different, let us know and we'll help further!
On 03/10/16 22:34, Malcolm Clarke wrote:
Dear Maxine
The problem is that a packet can eminate from a VM on the hidden
subnet and is correctly routed by the internal router to the NAT
router (the internal server contains the NAT as its default router),
and so the packet is sent to the public network. The NAT router will
correctly create an entry in the mapping table with the return IP
address. However when a packet returns from the public network, even
though the NAT router can substitute the correct destination IP
address for the hidden subnet, it does not have the routing
information to deliver the packet to the internal router for it to be
returned to the VM on the hidden network.
It would therefore require some simple mechanism to add static routes
(or private side default gateway) to the NAT router.
Using a bridge will not work as that would require configuring
"public" routers to deliver packets to the internal router. NAT is the
best solution.
Regards
Malcolm
On 03/10/2016 13:58, Maxime Dor wrote:
Hi Malcom,
That is on purpose - being behind a NAT network means you want to
hide any subnet connect to that network from the outside world.
Any outgoing connection will look like it came from the NAT Router
"public" IP.
If you want to allow specific connections to be allowed in, you need
to configure port forward - so far, I don't think I tell you anything
new.
But if you need the "outside" world to know about "inside" networks,
then NAT is not the right choice. You need to switch to a non-NAT
solution like Bridged mode (or Host-Only with routing enabled on the
host) and the "outside" world needs to know about those "inside"
network with two possibilities:
- Static routes on all routers that need to deal with those subnets
- Internal routing protocol like RIP, EIGRP or OSPF that will
auto-detect routes and populate routing tables of routers.
On 03/10/16 13:30, Malcolm Clarke wrote:
Dear Development Group
I am trying to demonstrate routing in a virtualised network created
using VirtualBox with a FreeBSD server acting as router between 2
virtual networks. One network is set as NAT Network to allow access
to outside world. However, although packets can be directed from the
router to the NAT router for outward delivery, the NAT router does
not know how to deliver the incoming packets for the "hidden" subnet.
I wonder if anyone has modified the NAT network to allow simple
static routes or default gateway to support this cnfiguration.
I do not know the interest for this functionality and whether the
work is justified for the use that would be made.
Regards
Malcolm
--
*Malcolm Clarke *BSc (Hons), PhD
Reader in Telemedicine and Data Communication Systems
T+44 (0) 1895 265053
*Brunel University London*
College of Engineering, Design and Physical Sciences
Department of Computer Science
HNZW011, Heinz Wolff Building, Kingston Lane, Uxbridge, Middlesex,
UB8 3PH
*www.brunel.ac.uk <http://www.brunel.ac.uk/>*
Connect with the university on*Linkedin, Twitter, Facebook*
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev
--
*Malcolm Clarke *BSc (Hons), PhD
Reader in Telemedicine and Data Communication Systems
T+44 (0) 1895 265053
*Brunel University London*
College of Engineering, Design and Physical Sciences
Department of Computer Science
HNZW011, Heinz Wolff Building, Kingston Lane, Uxbridge, Middlesex, UB8 3PH
*www.brunel.ac.uk <http://www.brunel.ac.uk/>*
Connect with the university on*Linkedin, Twitter, Facebook*
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev
