How-to: VirtualBox NAT Network Mode (2021)

Continuing our VirtualBox series, here's how-to: VirtualBox NAT Network Mode updated for 2021. This is taken from The VirtualBox Networking Primer in paperback and Kindle Ebook formats on Amazon as well as ebooks on Kobo and Apple Books.

Let's continue looking at the available network modes with NAT Networking.

NAT Network

This is a variant in which the NAT service is connected to an internal network. Using the NAT Network mode, multiple virtual machines can communicate with each other via the network. The virtual machines can access other hosts in the physical network and can access external networks including the Internet.

However, machines from external networks, or those from a physical network to which the Host machine is connected, cannot access the virtual machines sitting on the NAT Network.

Figure 13: NAT Network (extended)

Figure 13: NAT Network (extended)

You cannot access the Guest machine from the Host machine when using the NAT Network mode unless you configure Port Forwarding in the VirtualBox network settings, or extend the network by adding an adapter in a different mode.

VirtualBox has a built-in NAT router which uses the physical network interface controller of the VirtualBox Host as an external network interface, as it does for NAT mode.

Practice: NAT Network

VirtualBox includes a default NAT network with the basic install. As it is a top-level service available to all virtual machines, it is found in the VirtualBox Manager. For whatever reason, the Oracle interface team decided to put NAT network under File, Preferences. Go to Network in the sidebar menu to open the Network Preferences dialog.

This has the usual arrangement of icon-buttons: a green ‘+’ to add a new network, a red ‘x’ to delete a network and an orange cog wheel to open the properties dialog. Also from here, you can activate and deactivate NAT networks.

Figure 14: Settings for NAT Network

Figure 14: Settings for NAT Network

If we create a new NAT network, we get the properties dialog:

Figure 15: Properties for NAT Network

Figure 15: Properties for NAT Network

From here you can set the NAT Network name, DHCP service, IPv6 address support and the enable flags. The most important item in this dialog, though, is the Network CIDR. Short for Classless Inter-Domain Routing, this is an IP addressing scheme that improves the allocation of IP addresses. Originally designed to extend the life of IPv4 addressing globally, as well as slow the growth of routing tables, VirtualBox has included it as an efficient method of allocating addresses to virtual networks.

The default address range for the inbuilt NAT Network is 10.0.2.0/24, but this can be changed. While you can set any range, it shouldn't overlap IP address ranges on other networks or adapters. Convention has it to use 10.x.x.x ranges.

You can also use port forwarding within NAT Networks as for simple NAT adapters; the dialog for this is the same.

For the virtual machine adapter itself, there are two specific settings, Attached to: NAT Network and the name of the network to use, which is a simple drop-list selection from the available NAT networks on the Host.

Note that Port Forward settings are not available for the individual adapter; these apply at the Host level for the whole NAT Network.

Figure 16: Settings for NAT Network adapter

Figure 16: Settings for NAT Network adapter

As NAT Network is configured as a global preference in the VirtualBox Manager, the addition of a network adapter using NAT Network to any individual virtual machine is simple. Select NAT Network from the Attached to drop-list, then select the NAT network name if there is more than one available.

The network address and name can be changed in the global VirtualBox preferences by going to the VirtualBox Manager and selecting File, Preferences, Network. You can double-click your existing NAT network to edit the settings (or single-click the cog wheel icon on the right). You can add a new network by clicking the green ‘+’ icon or delete an existing network by clicking the red ‘x’ icon. Clicking the yellow cog wheel icon opens the settings for editing.

Figure 17: VirtualBox Manager Preferences - Network

Figure 17: VirtualBox Manager Preferences - Network

The default address of the included VirtualBox Nat Network is 10.0.2.0/24.

The default gateway IP address is 10.0.2.1.

The IP default address of the DHCP server is 10.0.2.3.

In the pop-up dialog that will appear, it is also possible to enable or disable DHCP, IPv6 and configure port forwarding.

Figure 18: NAT Network details

Figure 18: NAT Network details

For example, if you create a new virtual network for the NAT Network mode and set the 192.168.22.0/24 network address, the IP address of the gateway in this network will be 192.168.22.1.

You cannot change the IP address of the gateway for the network used in the NAT Network mode in order to change the range of IP addresses issued by the DHCP server.

You should shut down and restart the virtual machine before applying these settings.

NAT Network with Port Forwarding

The one thing not yet covered in this section is NAT Network with Port Forwarding. This is a useful extension to NAT Network when the basic set up and our other networking modes don’t adequately cover certain use cases.

When developing on the move and on customer sites, involving travel and hopping onto different networks, no choice of network mode looks ideal, particularly when you need your virtual machines accessible to the outside world.

Stand-alone NAT doesn’t work because external machines need to connect in to the Guest. Bridged mode relies on getting local IP addresses from a host (small-h) network, which most likely changes from site to site. Internal and Host Only provide no external access.

Port forwarding can be used to configure access from the Host machine, and other hosts of the same physical network, to the services running on the Guest.

We previously saw that the port forwarding settings for an individual Guest’s NAT mode are available in the virtual machine under Settings, Network. NAT creates an individual network for each virtual machine.

NAT Network is available to any and all virtual machines on the same Host, however. Therefore port forwarding settings are applied at the VirtualBox Host level, and are configured in from the VirtualBox Manager under File, Preferences, Network. Select the NAT Network to modify and in the Details pane, click on Port Forwarding. This brings up the same edit dialog we saw earlier for port forwarding rules.

Port forwarding rules for the NAT Network mode are common for multiple Guests whose adapters are connected to the appropriate NAT network.

Each NAT Network you define can have different port forwarding rules. See the earlier caveat on multiple sets of port forwarding rules.

It is advisable to define a common NAT Network for all your Guests that you want to communicate with each other under one Host, with one set of port forwarding rules to handle common access needs.

Comments