Opened 3 years ago
Last modified 3 years ago
#20547 new defect
Promiscuous Mode Does Not Work on macOS 11.5.2
| Reported by: | Myrddyn | Owned by: | |
|---|---|---|---|
| Component: | network | Version: | VirtualBox 6.1.26 |
| Keywords: | Promiscuous Mode | Cc: | |
| Guest type: | Linux | Host type: | Mac OS X |
Description
Regardless of the network adapter type and other settings, selecting Bridge Adapter and either Allow VMs or Allow All for the Promiscuous Mode does not provide the expected result. Linux VMs have no issues passing network traffic normally, but if a bridge is setup incoming packets do not reach the VM. I see the packets generated on the VirtualBox Guest VM and nested VMs on the VM interfaces, the Mac, and my router, but the return traffic does not make it to the VirtualBox Guest VMs. I found the following ticket that has gone ignored for many years with some information that may help isolate the issue.
https://www.virtualbox.org/ticket/10811
This also fails running VirtualBox as root.
I can say that I'm able to enable Promiscuous Mode in other software without issue, so the issue is not macOS or my setup.
Given that this issue is quite old, my guess is we have one of two issues since some change in an old macOS and every release since. It's broken or there are added steps to make it work.
If you're not going to support Promiscuous Mode, then please remove the options so people don't waste time troubleshooting something that is not going to work.
If more setup is required to make this work with VirtualBox, then please provide the documentation necessary.
Unfortunately from your description it's not clear at all what you are trying to do.
Are you bridging to a wired or a wireless interface on the host? What do you mean by "if a bridge is set up"? What are the "nested" VMs? What do you mean by "return" traffic?
Promiscuous mode setting controls what packets the VM gets to see if the VMs interface is switched to promiscuous mode. As a quick test, I set up a VM that is bridged to the host's thunderbolt ethernet and set the policy to "Allow All". I run tcpdump in the VM and I ping the host's ethernet from an external machine. Inside the VM I can see the ping packets that the host and the remote peer exchange.
If I change the policy to "Allow VMs" then the VM no longer sees the ping exchange between the host and the remote peer. However if I ping another VM bridged to the same interface from the external peer, the test VM does see that traffic with tcpdump.
So I'd say this is working as expected. If you understand the Promiscuous Mode control differently, please, can you summarize you expectations?
Admittedly, I did this quick test on trunk, but 6.1 doesn't really differ much in this area.