VirtualBox

Opened 7 years ago

Closed 7 years ago

#16478 closed defect (fixed)

--natbindip1 not binding TCP traffic to interface => Fixed in 5.1.28

Reported by: wrunning Owned by:
Component: network/NAT Version: VirtualBox 5.1.2
Keywords: bind NAT Cc:
Guest type: Windows Host type: Windows

Description

Hello! I am experiencing what seems to be the issue laid out previously here https://forums.virtualbox.org/viewtopic.php?f=7&t=34878. To describe the situation myself: Host OS has several external connections, a WAN and several OpenVPN connections and I want a certain VM to route its traffic through one of the vpn connections, vpn1. vpn1 has a route to 0.0.0.0/0, but with a higher metric than WAN. I set up a NAT adapter for the guest VM, then used vboxmanage modifyvm vm1 --natbindip1 vpn1_IP. What happens is that UDP traffic gets properly bind-ed to vpn1 and gets sent out through it, while TCP traffic goes out via WAN connection.I checked this both with wireshark, netstat and by setting up an outside listening endpoint for both UDP and TCP. I have written myself a program that actually binds to the vpn1 connection and use it for both TCP and UDP traffic and everything works fine, so it isn't a routing issue. Please let me know if there is any more information needed from my side in order to pinpoint the issue. Thanks!

Change History (5)

comment:1 by Valery Ushakov, 7 years ago

Please, can you make an outbound tcp connection from the VM and check what does netstat shows for that connection on the host.

Does your test program use SO_BINDTODEVICE? Or just bind(2)?

comment:2 by wrunning, 7 years ago

Sure, netstat says "TCP 10.10.10.199:45968 78.46.94.13:80 ESTABLISHED", 10.10.10.199 being the IP address of the WAN connection, not the specified one.

My test program, which is actually a DLL injected in processes to force them to be bound to certain interfaces, just uses bind.There are a bit more weird things it does, but those are just for the proper hooking for newly created sockets, not related to the interface binding. For the few programs that I use it for, I have not found a need to set any other specific socket options and I can't find a reference for SO_BINDTODEVICE for Windows sockets.

I did have a short look through the vbox sources, but found it to be getting rather complicated rather fast and without any familiarity on my side with the actual inner workings, decided it might be better to open an issue for someone with better knowledge on the subject.If you can pinpoint me in the proper direction within the sources, maybe I can try to have another look myself too at some point.

Thanks!

comment:3 by zarzarel2, 7 years ago

I can confirm that natbindip does not work as intended. I have two static IP addresses on one interface on a Windows host (let's say 10.10.4.10 and 10.10.5.10) which are on the same subnet. 10.10.4.10 is the default IP address for the system. If I use --natbindip1 "10.10.5.10" I can see the modification in the configuration file, but when I watch the traffic on the network gateway I can see only DNS requests being routed from 10.10.5.10, all the normal TCP traffic still comes from 10.10.4.10. I can also confirm that all the connections which are in the "ESTABLISHED" state on the host are bound only to 10.10.4.10, with nothing being bound on 10.10.5.10.

This is with VirtualBox 5.1.20.

comment:4 by Valery Ushakov, 7 years ago

Summary: --natbindip1 not binding TCP traffic to interface--natbindip1 not binding TCP traffic to interface => Fixed in SVN

This should be fixed in the next 5.1.* release and next 5.2 beta.

comment:5 by Michael Thayer, 7 years ago

Resolution: fixed
Status: newclosed
Summary: --natbindip1 not binding TCP traffic to interface => Fixed in SVN--natbindip1 not binding TCP traffic to interface => Fixed in 5.1.28
Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use