Need to do Bridged Adapter only in Vagrant, no NAT
So I'm having an issues with a Vagrant setup of 'hashicorp/precise64' on my MAC book.
First, my config:
VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.box = "hashicorp/precise64" config.vm.network "public_network", type: "dhcp", :bridge => 'en4: Thunderbolt Ethernet' config.vm.hostname = "mddirector" end
This is the oupput of the 'vagrant up'
==> default: Attempting graceful shutdown of VM...
==> default: Checking if box 'hashicorp/precise64' is up to date...
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: nat
default: Adapter 2: bridged
==> default: Forwarding ports...
default: 22 => 2222 (adapter 1)
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 127.0.0.1:2222
default: SSH username: vagrant
default: SSH auth method: private key
default: Warning: Connection timeout. Retrying...
==> default: Machine booted and ready!
GuestAdditions 4.3.10 running --- OK.
==> default: Checking for guest additions in VM...
==> default: Setting hostname...
==> default: Configuring and enabling network interfaces...
==> default: Mounting shared folders...
default: /vagrant => /Users/garthm/Projects/vagrant
==> default: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> default: to force provisioning. Provisioners marked to run always will still run.
'ifconfig' shows the following:
vagrant@mddirector:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:88:0c:a6
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe88:ca6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:725 errors:0 dropped:0 overruns:0 frame:0
TX packets:544 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:90824 (90.8 KB) TX bytes:63375 (63.3 KB)
eth1 Link encap:Ethernet HWaddr 08:00:27:2f:bb:6a
inet addr:10.0.24.118 Bcast:10.0.31.255 Mask:255.255.248.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3490 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:345981 (345.9 KB) TX bytes:1102 (1.1 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
My problem is that, that I can ping the VM from my host machine (IP: 10.0.24.112), other people can ping my my VM too (10.0.24.XXX), my VM can ping my devbox (IP: 10.10.116.254), I can ping other developers virtual machine setups from my devbox (not Vagrant, IP: 10.10.116.254), but I can't ping my VM from my devbox and other developer's can't ping my VM from their devbox.
The Virtual machine setups they have is with a Bridged NIC only, but the vagrant for some reason has both a NAT and Bridged, even though, I've specified bridged in the config. As you can see, there are two IP addresses for the Vagrant VM, which doesn't seem right. You can also, when it boots up, it does a port forward on Adaptor 1, which is the NAT adaptor, which means it sounds like it's using the NAT adaptor by default for everything.
How do I get rid of the NAT adaptor and use bridged only?
If I edit the VirtualBox settings and disable the NAT adaptor, so there is only the bridged Adaptor and boot up the box via VirtualBox (ie: not using vagrant up), then it only has eth0 with a IP address that is pingable from my devbox, which is what I'm looking for. If I try and vagrant up the box after editing the VirtualBox settings and disabling the NAT adaptor, I get the following error:
There was an error while executing `VBoxManage`, a CLI used by Vagrant for controlling VirtualBox. The command and stderr is shown below. Command: ["modifyvm", "7f1c12f7-74cd-4c6b-aa5a-16d6209cf2b3", "--natpf1", "ssh,tcp,127.0.0.1,2222,,22"] Stderr: VBoxManage: error: A NAT rule of this name already exists VBoxManage: error: Details: code NS_ERROR_INVALID_ARG (0x80070057), component NATEngine, interface INATEngine, callee nsISupports VBoxManage: error: Context: "AddRedirect(Bstr(strName).raw(), proto, Bstr(strHostIp).raw(), RTStrToUInt16(strHostPort), Bstr(strGuestIp).raw(), RTStrToUInt16(strGuestPort))" at line 1655 of file VBoxManageModifyVM.cpp
If I immediately do a vagrant up again, it has re-enabled the NAT adaptor again, and we're back to having the same problem again.
SynackSA
RtmY4 Answers
eth0 as NAT is a fundamental requirement of Vagrant in its current state. But you can override the default router configuration for eth1.
From the Vagrant docs:
Default Router
Depending on your setup, you may wish to manually override the default router configuration. This is required if you need access the Vagrant box from other networks over the public network. To do so, you can use a shell provisioner script:
config.vm.network "public_network", ip: "192.168.0.17" # default router config.vm.provision "shell", run: "always", inline: "route add default gw 192.168.0.1" # default router ipv6 config.vm.provision "shell", run: "always", inline: "route -A inet6 add default gw fc00::1 eth1" # delete default gw on eth0 config.vm.provision "shell", run: "always", inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"0.0.0.0\") print \"route del default gw \" $2; }'`"Note the above is fairly complex and may be guest OS specific, but we document the rough idea of how to do it because it is a common question.
ostrokach(Sorry, quite naive about vagrant/virtualbox so forgive the lack of proper networking terminology)
Your choice of bridge: en4) Thunderbolt is most likely the issue.
Here's what I assume you want/need, rather than what you asked for:
SSH login capability for vagrant to control your vm, from your dev box (the host). That's what the NAT with port forwarding does. It doesn't mess anything else up, so asking for it to be gone isn't all that useful. And that shows up on Adapter 1 in VirtualBox.
Connectivity from your LAN, rather than just your host. Let's say something in the 192.168.1.xxx range. That's what's important, on Adapter 2.
You just care about your normal network card/NIC and have no particular reason to run Ethernet over your Thunderbolt port.
i.e. pretty much what you would get from a VirtualBox vm with Bridged and no Vagrant to be seen.
Here's an SSH ifconfig from one of those VirtualBox only machines I have on my LAN. It runs a web server I can connect to and my Mac can SSH into it and connect to a database on it. I'll call it the reference.
[root@fdm ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:9A:85:1A
inet addr:192.168.1.143 Bcast:192.168.1.255 Mask:255.255.255.0
In VirtualBox, the Network panel, for that reference vm, shows Adapter1 as Bridged. All other adapters are disabled.
OK, so I am now going to try for that same LAN connectivity result from Vagrant, but I accept that I will have a NAT at adapter 1, that's the vagrant-VB ssh communication mechanism.
Try #1 - which fails.
Starting point is a vagrant init.
Then in Vagrantfile, I changed only 2 things:
config.vm.box = "opscode-ubuntu-14.04"
config.vm.network "public_network"
if I vagrant up this, I get a dialog asking which interface to use:
==> default: Available bridged network interfaces:
1) en1: Wi-Fi (AirPort)
2) en0: Ethernet
3) en3: Thunderbolt 1
4) p2p0
5) bbptp0
6) bridge0
Now, looking at it, I first chose 2) because I thought I wanted Ethernet and well, 1) seemed 'too Apple'.
This works, but with an unsuitable IP 10.0.xx.xx entry, which my ISP blocks pings on, see below. I guess they really mean public when it says public network.
vagrant ssh
vagrant@vagrant:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:0c:41:3e
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe0c:413e/64 Scope:Link
eth1 Link encap:Ethernet HWaddr 08:00:27:ca:f4:64
inet6 addr: fe80::a00:27ff:feca:f464/64 Scope:Link
Try #2 - correct version
vagrant halt, then delete the directory, create it again and vagrant init. (I found that messing too much with the network could confuse the vagrant and/or virtualbox which a full removal and restart would fix)
config.vm.box = "opscode-ubuntu-14.04"
config.vm.network "public_network"
But, this time, pick 1) en1: Wi-Fi (AirPort).
vagrant ssh
That eth1 with 192.168.1.123 looks much nicer, doesn't it?
vagrant@vagrant:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:0c:41:3e
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
eth1 Link encap:Ethernet HWaddr 08:00:27:53:6e:1d
inet addr:192.168.1.123 Bcast:192.168.1.255 Mask:255.255.255.0
And, indeed, I can ping 192.168.1.123 from my reference vm, or from another physical machine on my LAN.
[root@fdm ~]# ping 192.168.1.123
PING 192.168.1.123 (192.168.1.123) 56(84) bytes of data.
64 bytes from 192.168.1.123: icmp_seq=1 ttl=64 time=1039 ms
64 bytes from 192.168.1.123: icmp_seq=2 ttl=64 time=40.4 ms
FWIW, VirtualBox shows a NAT on Adapter 1 and a Bridged on Adapter 2.
Final setup -
Added automatic selection of the interface as well as a static IP (which you don't need). Problem solved, for me at least.
config.vm.network "public_network", bridge: 'en1: Wi-Fi (AirPort)', ip: "192.168.1.201"
EDIT 201902: on my latest build, vagrant/virtualbox were complaining about Wifi (Airport) not being found:
==> default: Specific bridge 'en1: Wi-Fi (AirPort)' not found. You may be asked to specify
==> default: which network to bridge to.
==> default: Available bridged network interfaces:
1) en0: Ethernet
2) en2: Thunderbolt 1
3) bridge0
changed it to
config.vm.network "public_network", bridge: "bridge0"
Will update later if something comes up, but thought I'd update the bit about the adapter name.
JL PeyretThe short answer seems to be don't.
You can override adapter 1 but expect problems at least with vagrant ssh
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "hashicorp/precise64"
config.vm.network "public_network", :adapter=>1 , type: "dhcp", :bridge => 'en4: Thunderbolt Ethernet'
config.vm.hostname = "mddirector"
# In case you get the host wrong...
config.vm.boot_timeout = 30
config.vm.provider "virtualbox" do |vb, override|
vb.gui = true
end
config.ssh.host = '192.168.148.24'
end
Produces:
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: bridged
==> default: Forwarding ports...
default: 22 => 2222 (adapter 1)
default: VirtualBox adapter #1 not configured as "NAT". Skipping port
default: forwards on this adapter.
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
Unfortunately it seems to then lock up configuring the network adapter but maybe you will have more luck than me.
If you do you can always force halt and reload with a corrected ssh.host. Alternatively I have heard of vagrant dns but never tried it.
KCDI found this discussion on StackOverflow.
For me, it was enough to open the related Vagrantfile and uncomment the following line:
config.vm.network "public_network"
and then run vagrant reload
Tyler
CommunityUser contributions licensed under CC BY-SA 3.0