How-to: VirtualBox Networking Bridged Mode (2021)

Continuing our VirtualBox series, here's how-to: VirtualBox Networking Bridged Mode updated for 2021. This is taken from The VirtualBox Networking Primer in paperback and Kindle Ebook formats on Amazon as well as ebooks on Kobo and Apple Books.

Let's take a look at VirtualBox Networking Modes moving on to Bridged Mode.

Bridged Mode

Bridged mode connects the virtual network adapter of a virtual machine to a physical network through a physical network adapter of the VirtualBox Host machine. The Host adapter is the bridge. In this mode, a Guest will receive direct access to the network to which the Host system is connected as a full citizen.

In Bridged mode, the virtual machine’s virtual network adapter uses the Host network interface for direct network connection, without additional routing. The Bridged mode connects through the Host to whatever is your default network device assigning IP addresses for the physical network. VirtualBox connects to one of your installed network cards and exchanges network packets directly; it bridges the virtual and physical networks. In normal use it will try to get standard 192.168.x.x IP address from your router, so that your virtual machine can look like a perfectly respectable physical device alongside all the other ironmongery on your network.

VirtualBox itself uses a special net filter driver for a Bridged network connection, in order to filter data from the physical network adapter of the Host back to the bridged Guests. It acts as a sorting office, filtering packets addressed to the bridged IP addresses of the virtual machines.

This is a common mode to run servers on virtual machines that must be fully accessible from a physical local area network (LAN). When using the Bridged network mode in VirtualBox, a virtual machine can access the Host machine, hosts of the physical network, and external networks, including the Internet.

The virtual machine can itself be accessed from the Host, from other hosts and from virtual machines connected to the physical network.

If you have more than one active network device, you can choose which one you want to bridge with VirtualBox.

For example, the Host has an address of 192.168.1.107 assigned from the router. A bridged virtual machine requests and is assigned an address of 192.168.1.108 from the router. The two machines now share the same network and all standard rules apply. The router itself doesn’t know or care that the virtual machine is not a physical machine, it is just another device with its own IP address on your LAN.

Figure 19: Bridged Network

Figure 19: Bridged Network

This assumes that:

  • there is a DHCP server in your physical network
  • that the virtual network adapter of the virtual machine will obtain the IP address automatically in the Bridged mode
  • obtaining an IP address automatically is set in the network interface settings in a Guest operating system.

The default gateway for a virtual network adapter operating in the Bridged mode is the same as for your Host machine.

You may have multiple configured gateways in your physical network, in which case you can connect the Host machine to necessary networks via one gateway and connect Guest machines to other networks via the second gateway. You can also edit a routing table on your virtual machine and add routes for using both gateways to connect to the appropriate networks.

Bridged mode does have its downside. Bridged mode cannot work if your physical device (switch, router, or ISP) does not permit you to lease more than one IP address. Host computers with direct Internet access may not be able to use Bridged networking.

Moving on from that, running several virtual machines can quickly use up the IP addresses in the range available. It is possible to assign static IP addresses, but those will be tied to one physical network and require manual intervention to configure. On a home network, that will be down to you; in an organisation that will be your network administrator.

Also, if your Host has multiple physical network adapters, typically wireless and wired, you have to reconfigure the bridge when your Host changes active network connection.

Finally, Bridged mode exposes machines to the physical (and likely external) network with possible security implications. Ensure your Guest machines have adequate security in place – firewalls and anti-virus software.

Bridged networking is a powerful mode for enabling network connections using SSH, FTP, TCP/IP either to virtual machines that run as servers or virtual machines running as clients requiring those services from other other devices on your network or externally.

With all these capabilities you can begin to appreciate why Bridged mode is a go-to preference for experienced VirtualBox users with a lot of use cases.

Practice: Bridged Networking

Going to the Settings for your virtual machine, enable a network adapter and set the Attached to option to Bridged. You may have more than one active network device available to your Host. In order to bridge the access for Guests, you need to select an active and connected network device. In the server settings dialog, you may see classic interface names or the newer naming conventions used in Predictable Network Interface Names depending on the Host operating system.

Bridged Mode on Ethernet

For example, my laptop running Linux has a wired Ethernet port, previously called eth0. In the new world it is now called enp1s0. It also has a wireless card, previously called wlan0, now called wlp2s0.

The Name option allows you to choose which interface to bridge with VirtualBox.

Figure 20: Bridged Network adapter on Ethernet

Figure 20: Bridged Network adapter on Ethernet

Let’s start with a wired connection, selecting the interface name enp1s0 from those available in the Name drop-list. That’s all we need to do before booting the virtual machine.

With the Guest running, let’s see the IP address assigned and ping an external address to check the connection:

$ ip add

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
    link/ether 08:00:27:7c:00:d5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.130/24 brd 192.168.1.255 scope global dynamic eth0
       valid_lft 86354sec preferred_lft 86354sec
    inet6 fe80::a00:27ff:fe7c:d5/64 scope link 
       valid_lft forever preferred_lft forever

$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=52 time=28.8 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=52 time=26.5 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=52 time=28.5 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=52 time=28.4 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=52 time=29.1 ms
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4008ms
rtt min/avg/max/mdev = 26.564/28.301/29.108/0.926 ms

The Host is connected as 192.168.1.107, assigned by the physical router using the 192.168.1.x subnet.

Our bridged virtual machine pops up and requests its own IP address which the router allocates as 192.168.1.130, neither knowing nor caring that VirtualBox is handling the pass-through of traffic via the Host. The virtual machines become just another device on the local network. Counting the Host and the virtual machine in Bridged mode, there are two machines visible on our physical network.

The virtual machine can ping external addresses and do whatever it likes as a full citizen of our local network behind our router.

Comments