| 1 | <?xml version='1.0' encoding='UTF-8'?>
|
|---|
| 2 | <!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
|
|---|
| 3 | <topic xml:lang="en-us" id="nat-limitations">
|
|---|
| 4 | <title>NAT Limitations</title>
|
|---|
| 5 |
|
|---|
| 6 | <body>
|
|---|
| 7 | <p>
|
|---|
| 8 | There are some limitations of NAT mode which users should be
|
|---|
| 9 | aware of, as follows:
|
|---|
| 10 | </p>
|
|---|
| 11 | <ul>
|
|---|
| 12 | <li>
|
|---|
| 13 | <p><b outputclass="bold">ICMP protocol limitations.</b>
|
|---|
| 14 | Some frequently used network debugging tools, such as
|
|---|
| 15 | <userinput>ping</userinput> or <userinput>traceroute</userinput>,
|
|---|
| 16 | rely on the ICMP protocol for sending and receiving
|
|---|
| 17 | messages. Oracle VM VirtualBox ICMP support has some limitations,
|
|---|
| 18 | meaning <userinput>ping</userinput> should work but some other
|
|---|
| 19 | tools may not work reliably.
|
|---|
| 20 | </p>
|
|---|
| 21 | </li>
|
|---|
| 22 | <li>
|
|---|
| 23 | <p><b outputclass="bold">Receiving of UDP
|
|---|
| 24 | broadcasts.</b> The guest does not reliably receive
|
|---|
| 25 | UDP broadcasts. In order to save resources, it only listens
|
|---|
| 26 | for a certain amount of time after the guest has sent UDP
|
|---|
| 27 | data on a particular port. As a consequence, NetBios name
|
|---|
| 28 | resolution based on broadcasts does not always work, but
|
|---|
| 29 | WINS always works. As a workaround, you can use the numeric
|
|---|
| 30 | IP of the desired server in the
|
|---|
| 31 | <filepath>\\<varname>server</varname>\<varname>share</varname></filepath>
|
|---|
| 32 | notation.
|
|---|
| 33 | </p>
|
|---|
| 34 | </li>
|
|---|
| 35 | <li>
|
|---|
| 36 | <p><b outputclass="bold">Some protocols are not
|
|---|
| 37 | supported.</b> Protocols other than TCP and UDP are
|
|---|
| 38 | not supported. GRE is not supported. This means some VPN
|
|---|
| 39 | products, such as PPTP from Microsoft, cannot be used. There
|
|---|
| 40 | are other VPN products which use only TCP and UDP.
|
|---|
| 41 | </p>
|
|---|
| 42 | </li>
|
|---|
| 43 | <li>
|
|---|
| 44 | <p><b outputclass="bold">Forwarding host ports below
|
|---|
| 45 | 1024.</b> On UNIX-based hosts, such as Linux, Oracle
|
|---|
| 46 | Solaris, and macOS, it is not possible to bind to ports
|
|---|
| 47 | below 1024 from applications that are not run by
|
|---|
| 48 | <codeph>root</codeph>. As a result, if you try to
|
|---|
| 49 | configure such a port forwarding, the VM will refuse to
|
|---|
| 50 | start.
|
|---|
| 51 | </p>
|
|---|
| 52 | </li>
|
|---|
| 53 | </ul>
|
|---|
| 54 | <p>
|
|---|
| 55 | These limitations normally do not affect standard network use.
|
|---|
| 56 | But the presence of NAT has also subtle effects that may
|
|---|
| 57 | interfere with protocols that are normally working. One example
|
|---|
| 58 | is NFS, where the server is often configured to refuse
|
|---|
| 59 | connections from non-privileged ports, which are those ports not
|
|---|
| 60 | below 1024.
|
|---|
| 61 | </p>
|
|---|
| 62 | </body>
|
|---|
| 63 |
|
|---|
| 64 | </topic>
|
|---|
