Opened 12 years ago
Last modified 10 years ago
#11433 new enhancement
NAT port forwarding warning or overwrite
| Reported by: | Dude | Owned by: | |
|---|---|---|---|
| Component: | GUI | Version: | VirtualBox 4.2.6 |
| Keywords: | NAT port forwarding | Cc: | |
| Guest type: | all | Host type: | Mac OS X |
Description
What behavior should I expect if I run more than 1 virtual machines with the same port forwarding rule, e.g. TCP 2222 -> TCP 22?
Obviously port 2222 on the host system can only be forwarded to one particular virtual machine behind the NAT interface.
There is currently no error or warning when attempting such a setup. In practice, any subsequently started virtual machine that employs the same port forwarding rule is ignored:
09:01:55.697789 NAT: set redirect TCP host port 2222 => guest port 22 @ 10.0.3.15 09:01:55.697852 NAT: failed to redirect TCP 2222 => 22
I think the default behavior should be that the NAT router overwrites the previous rule. To update the ARP table regardless of existing devices is standard with router or server TCP/IP implementations. VirtualBox could perhaps print a warning, referring to which virtual machine currently uses the offending port forwarding rule, or deny startup.
Change History (4)
comment:1 by , 12 years ago
comment:2 by , 12 years ago
To my experience, router and server TCP/IP implementations do not check for possible conflicts when updating the ARP table, which is essential. Clients on the other hand typically show a warning and deny the setting if a TCP/IP address is already in use, for instance. Using the same LIFO logic, I would expect that starting a virtual machine with a conflicting port forwarding rule simply overwrites the existing rule, or should block the NAT rule, but informing the user about the problem.
comment:3 by , 10 years ago
The situation is quite normal and often intentional - e.g. interchangeably using different programs (or, in the case of Virtual box, different VMs) to provide the same service. VirtualBox is not different from any other program that may be configured to use a port that some other program is also configured to use. At configuration time it's impossible to predict whether the port will or will not be in use at run time. Managing this is user's responsibility.
The best the GUI can do is to warn that some other VM or NAT Network is already using the same port.
comment:4 by , 10 years ago
| Component: | network/NAT → GUI |
|---|
Could you please address me which standard you've mentioned? :) Regarding, enhancement of alerting user this is perhaps discussible, but it definitely shouldn't block user from startup, especially if NAT rules could be altered at runtime.