VirtualBox: Windows host, linux guest - DNS/ping works, all other access is broken

3

I have gentoo linux running inside a VirtualBox Windows 10 host, which used to work until recently.

Basically no matter what protocol I try to use, I get that the network is unreachable, for any public networks, except for the fact that DNS lookups, and ping work. Windows firewall is completely disabled. How can I get 'internet access' and such working?

I have 5 Vlans on my network, so I've set which one should be used using:

VBoxManage modifyvm "Gentoo" --natbindip1 10.XXX.XXX.XXX which appears to have done the trick, otherwise nothing will work at all.

Also I've had to do VBoxManage modifyvm "Gentoo" --natdnshostresolver1 on otherwise DNS resolution doesn't work, even when I set the correct DNS servers.

If I change VBoxManage modifyvm "Gentoo" --natdnshostresolver1 off then DNS lookups don't work, however I can still ping out but wget (as an example) still gets Network is unreachable.

The error I get when trying to access any kind of network resource is:

Connecting to www.mirrorservice.org|212.219.56.184|:80... failed: Network is unreachable.

DNS / dhcp appears to be working correctly, as it sets itself:

tim@vbox ~ $ cat /etc/resolv.conf
# Generated by dhcpcd from enp0s3.dhcp
# /etc/resolv.conf.head can replace this line
nameserver 10.0.2.3
# /etc/resolv.conf.tail can replace this line
tim@vbox ~ $ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG    2      0        0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U     2      0        0 enp0s3

EDIT:

As an added oddity, if I instead bind to a different vlan, which DOES use a proxy server, and setup the proxy server in the VM - this then has full connectivity to the internet, as expected. It's almost as if when binding to some of the vlan's, not all traffic is passed over that vlan.

I can't use network bridging, as there is no default VLAN set, and I don't want to try and setup on another VLAN because of office politics ;)

c:\Program Files\Oracle\VirtualBox>VBoxManage showvminfo "Gentoo" --details
Name:            Gentoo
Groups:          /
Guest OS:        Gentoo (64-bit)
UUID:            991fc173-6689-4a7f-b1e3-2873acb119a9
Config file:     C:\Users\XXX\VirtualBox VMs\Gentoo\Gentoo.vbox
Snapshot folder: C:\Users\XXX\VirtualBox VMs\Gentoo\Snapshots
Log folder:      C:\Users\XXX\VirtualBox VMs\Gentoo\Logs
Hardware UUID:   991fc173-6689-4a7f-b1e3-2873acb119a9
Memory size:     4096MB
Page Fusion:     off
VRAM size:       16MB
CPU exec cap:    100%
HPET:            off
Chipset:         piix3
Firmware:        BIOS
Number of CPUs:  1
PAE:             off
Long Mode:       on
Triple Fault Reset: off
APIC:            on
X2APIC:          on
CPUID Portability Level: 0
CPUID overrides: None
Boot menu mode:  message and menu
Boot Device (1): Floppy
Boot Device (2): DVD
Boot Device (3): HardDisk
Boot Device (4): Not Assigned
ACPI:            on
IOAPIC:          on
BIOS APIC mode:  APIC
Time offset:     0ms
RTC:             UTC
Hardw. virt.ext: on
Nested Paging:   on
Large Pages:     on
VT-x VPID:       on
VT-x unr. exec.: on
Paravirt. Provider: Default
Effective Paravirt. Provider: KVM
State:           powered off (since 2018-01-02T11:34:10.174000000)
Monitor count:   1
3D Acceleration: off
2D Video Acceleration: off
Teleporter Enabled: off
Teleporter Port: 0
Teleporter Address:
Teleporter Password:
Tracing Enabled: off
Allow Tracing to Access VM: off
Tracing Configuration:
Autostart Enabled: off
Autostart Delay: 0
Default Frontend:
Storage Controller Name (0):            IDE
Storage Controller Type (0):            PIIX4
Storage Controller Instance Number (0): 0
Storage Controller Max Port Count (0):  2
Storage Controller Port Count (0):      2
Storage Controller Bootable (0):        on
Storage Controller Name (1):            SATA
Storage Controller Type (1):            IntelAhci
Storage Controller Instance Number (1): 0
Storage Controller Max Port Count (1):  30
Storage Controller Port Count (1):      1
Storage Controller Bootable (1):        on
IDE (1, 0): Empty
SATA (0, 0): C:\Users\XXX\VirtualBox VMs\Gentoo\Gentoo.vdi (UUID: c702659a-4ca0-4941-9fcd-32c78be9c0f5)
NIC 1:           MAC: 0800279E528E, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings:  MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0):   name = SSH, protocol = tcp, host ip = 127.0.0.1, host port = 2222, guest ip = 10.0.2.15, guest port = 22
NIC 2:           disabled
NIC 3:           disabled
NIC 4:           disabled
NIC 5:           disabled
NIC 6:           disabled
NIC 7:           disabled
NIC 8:           disabled
Pointing Device: USB Tablet
Keyboard Device: PS/2 Keyboard
UART 1:          disabled
UART 2:          disabled
UART 3:          disabled
UART 4:          disabled
LPT 1:           disabled
LPT 2:           disabled
Audio:           enabled (Driver: DSOUND, Controller: AC97, Codec: AD1980)
Audio playback:  enabled
Audio capture: enabled
Clipboard Mode:  Bidirectional
Drag and drop Mode: Bidirectional
VRDE:            disabled
USB:             enabled
EHCI:            disabled
XHCI:            disabled

USB Device Filters:

<none>

Bandwidth groups:  <none>

Shared folders:  <none>

Capturing:          not active
Capture audio:      not active
Capture screens:    0
Capture file:       C:\Users\XXX\VirtualBox VMs\Gentoo\Gentoo.webm
Capture dimensions: 1024x768
Capture rate:       512 kbps
Capture FPS:        25
Capture options:    ac_enabled=false

Guest:

Configured memory balloon size:      0 MB

djsmiley2k TMW

Posted 2018-01-02T11:37:53.093

Reputation: 5 937

Answers

1

Sounds like something is dropping the VLAN tag along the way. Could be your virtual switch. Could be the NIC in your host. Could be the switch the host is connected to. First check that your NIC is capable of passing VLAN tags and is configured to allow it. (Many Intel NICs will strip VLAN tags by default)

If the VLAN tag is set on the port that the host is connected to then that is the VLAN for all traffic on that port. You can't just magically join a different VLAN unless the switch is configured to pass arbitrary VLAN tags assigned by the endpoints. You will have to work your network administrator to get things working the way you expect. For now, the only things you can do are the things your network administrator has allowed. You have to work with the VLAN, Subnet, and gateway available to you on your switch port. Maybe not all VLANs have a route to the internet? Maybe these VLANs don't have a route to each other? Maybe there is a firewall or IPS device that has additional rules about where traffic can come from\go to? Maybe a proxy is required for outbound traffic? There are just too many possibilities.

Your best bet is to bridge the connection with the host and use the same pathways to get to where you want to go. Known good routes. Once you know you can get out you can tunnel or whatever you need to do.

HackSlash

Posted 2018-01-02T11:37:53.093

Reputation: 3 174

I am the network administrator ;) (well one of them) I really DO have 5 Vlans on my desktop. The different vlans access the internet via different routes (one goes via the proxy server, one doesn't). – djsmiley2k TMW – 2018-01-05T10:34:28.800

and you can put packets on all 5 VLANs from your desktop? Have you done this with other guest VMs? – HackSlash – 2018-01-05T17:38:19.527

From the desktop yes, from VM's only the two that matters but that's where it gets weird. DNS stops working on on vlan, when it works on the other. On the other, dns works but traffic won't go any further than the 'local' network. – djsmiley2k TMW – 2018-01-08T19:05:58.240

Awarding your the bounty for at least trying to help! – djsmiley2k TMW – 2018-01-11T13:51:36.173

Asked: 2018-01-02T11:37:53.093

Viewed: 955 times

Active: 2018-01-04T21:52:39.793