| 1 | <?xml version='1.0' encoding='UTF-8'?>
|
|---|
| 2 | <!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
|
|---|
| 3 | <topic xml:lang="en-us" id="network_bridged">
|
|---|
| 4 | <title>Bridged Networking</title>
|
|---|
| 5 |
|
|---|
| 6 | <body>
|
|---|
| 7 | <p>With bridged networking, <ph conkeyref="vbox-conkeyref-phrases/product-name"/> uses a device driver on your
|
|---|
| 8 | <i>host</i> system that filters data from your physical network adapter. This driver is therefore called a
|
|---|
| 9 | <i>net filter</i> driver. This enables <ph conkeyref="vbox-conkeyref-phrases/product-name"/> to intercept data
|
|---|
| 10 | from the physical network and inject data into it, effectively creating a new network interface in software. When
|
|---|
| 11 | a guest is using such a new software interface, it looks to the host system as though the guest were physically
|
|---|
| 12 | connected to the interface using a network cable. The host can send data to the guest through that interface and
|
|---|
| 13 | receive data from it. This means that you can set up routing or bridging between the guest and the rest of your
|
|---|
| 14 | network. </p>
|
|---|
| 15 | <note>
|
|---|
| 16 | <p>Even though TAP interfaces are no longer necessary on Linux for bridged networking, you <i>can</i> still use
|
|---|
| 17 | TAP interfaces for certain advanced setups, since you can connect a VM to any host interface. </p>
|
|---|
| 18 | </note>
|
|---|
| 19 | <p>To enable bridged networking, open the <b outputclass="bold">Settings</b> dialog of a virtual machine, go to the
|
|---|
| 20 | <b outputclass="bold">Network</b> page and select <b outputclass="bold">Bridged Network</b> in the drop-down
|
|---|
| 21 | list for the <b outputclass="bold">Attached To</b> field. Select a host interface from the list at the bottom of
|
|---|
| 22 | the page, which contains the physical network interfaces of your systems. On a typical MacBook, for example, this
|
|---|
| 23 | will allow you to select between en1: AirPort, which is the wireless interface, and en0: Ethernet, which
|
|---|
| 24 | represents the interface with a network cable. </p>
|
|---|
| 25 | <note>
|
|---|
| 26 | <p>Bridging to a wireless interface is done differently from bridging to a wired interface, because most wireless
|
|---|
| 27 | adapters do not support promiscuous mode. All traffic has to use the MAC address of the host's wireless adapter,
|
|---|
| 28 | and therefore <ph conkeyref="vbox-conkeyref-phrases/product-name"/> needs to replace the source MAC address in
|
|---|
| 29 | the Ethernet header of an outgoing packet to make sure the reply will be sent to the host interface. When <ph
|
|---|
| 30 | conkeyref="vbox-conkeyref-phrases/product-name"/> sees an incoming packet with a destination IP address that
|
|---|
| 31 | belongs to one of the virtual machine adapters it replaces the destination MAC address in the Ethernet header
|
|---|
| 32 | with the VM adapter's MAC address and passes it on. <ph conkeyref="vbox-conkeyref-phrases/product-name"/>
|
|---|
| 33 | examines ARP and DHCP packets in order to learn the IP addresses of virtual machines. </p>
|
|---|
| 34 | </note>
|
|---|
| 35 | <p>Depending on your host operating system, the following limitations apply: </p>
|
|---|
| 36 | <ul>
|
|---|
| 37 | <li>
|
|---|
| 38 | <p><b outputclass="bold">macOS hosts.</b> Functionality is
|
|---|
| 39 | limited when using AirPort, the Mac's wireless networking
|
|---|
| 40 | system, for bridged networking. Currently, <ph conkeyref="vbox-conkeyref-phrases/product-name"/>
|
|---|
| 41 | supports only IPv4 and IPv6 over AirPort. For other protocols,
|
|---|
| 42 | such as IPX, you must choose a wired interface.
|
|---|
| 43 | </p>
|
|---|
| 44 | </li>
|
|---|
| 45 | <li>
|
|---|
| 46 | <p><b outputclass="bold">Linux hosts.</b> Functionality is
|
|---|
| 47 | limited when using wireless interfaces for bridged networking.
|
|---|
| 48 | Currently, <ph conkeyref="vbox-conkeyref-phrases/product-name"/> supports only IPv4 and IPv6 over
|
|---|
| 49 | wireless. For other protocols, such as IPX, you must choose a
|
|---|
| 50 | wired interface.
|
|---|
| 51 | </p>
|
|---|
| 52 | <p>
|
|---|
| 53 | Also, setting the MTU to less than 1500 bytes on wired
|
|---|
| 54 | interfaces provided by the sky2 driver on the Marvell Yukon II
|
|---|
| 55 | EC Ultra Ethernet NIC is known to cause packet losses under
|
|---|
| 56 | certain conditions.
|
|---|
| 57 | </p>
|
|---|
| 58 | <p> Some adapters strip VLAN tags in hardware. This does not allow you to use VLAN trunking
|
|---|
| 59 | between VM and the external network with Linux kernels before 2.6.27, or with host
|
|---|
| 60 | operating systems other than Linux. </p>
|
|---|
| 61 | </li>
|
|---|
| 62 | <li>
|
|---|
| 63 | <p><b outputclass="bold">Oracle Solaris hosts.</b> There
|
|---|
| 64 | is no support for using wireless interfaces. Filtering guest
|
|---|
| 65 | traffic using IPFilter is also not completely supported due to
|
|---|
| 66 | technical restrictions of the Oracle Solaris networking
|
|---|
| 67 | subsystem. These issues may be addressed in later releases of
|
|---|
| 68 | Oracle Solaris 11.
|
|---|
| 69 | </p>
|
|---|
| 70 | <p>On Oracle Solaris 11 hosts build 159 and above, it is possible to use Oracle Solaris Crossbow Virtual Network
|
|---|
| 71 | Interfaces (VNICs) directly with <ph conkeyref="vbox-conkeyref-phrases/product-name"/> without any additional
|
|---|
| 72 | configuration other than each VNIC must be exclusive for every guest network interface. </p>
|
|---|
| 73 | <p>When using VLAN interfaces with <ph conkeyref="vbox-conkeyref-phrases/product-name"/>, they must be named
|
|---|
| 74 | according to the PPA-hack naming scheme, such as e1000g513001. Otherwise, the guest may receive packets in an
|
|---|
| 75 | unexpected format. </p>
|
|---|
| 76 | </li>
|
|---|
| 77 | </ul>
|
|---|
| 78 | </body>
|
|---|
| 79 |
|
|---|
| 80 | </topic>
|
|---|
