Virtualbox and bridged networking
I don't fully understand the term bridged networking in conjunction with Virtualbox.
As far as I understand that by configuring bridged networking I can put the VMs in the hosts network, while NAT would mean that the way to reach the machines is done via port multiplexing.
My understanding of network bridges was always that they are basically an older version of what we know as network switches today.
Can someone shed some light on this? Which two networks are being bridged? And why does a "bridge adapter" have an IP address? At which network layer is a Virtualbox bridge operating?
Solution 1:
I'll make this answer very simple: The term "bridged networking" that VirtualBox uses has nothing to do whatsoever to the concept of network bridging or the network hardware we call "bridge". Frankly, it is a misnomer. Just forget that it is called "bridged networking"; it is simpler.
In the so-called "bridged networking" mode, VirtualBox emulates a virtual network adapter for your virtual machine and connects it directly to your computer's physical network adapter with a virtual wire. This way, the virtual machine can communicate with anything that is connected to your actual machine's adapter, as well as your actual machine.
So, to summarize:
Which two networks are being bridged?
None. Like I said bad name choice.
And why does a "bridge adapter" have an IP address?
There is no bridge adapter. Only there is a virtual NIC for your virtual machine which gets an IP address.
At which network layer is a Virtualbox bridge operating?
Bearing in mind that "bridge" is a misnomer here, it operates outside OSI model at operating system driver level. It is a network service driver.
Solution 2:
For a NAT network:
- A different network is created and the host is connected to it with a virtual network adapter.
- The VM's connected by NAT are not accessible from the outside (real) network until it is manually bridged.
For a Bridged network:
- A virtual adapter is created on the host machine which tunnels the traffic of the VM through it.
- No new network is created and the VM seems to be connected to the outside (real) network directly with its own IP address.
- The VM is accessible from real computers on the external network.
In the picture above the first 2 VM's are connected by NAT and the last VM is bridged to the external network.
Edit:
The external network is not connected directly to the VM. A net filter driver allows VirtualBox to intercept as well as inject data to the network, effectively creating a new network interface in software. This new network is internally BRIDGED to a virtual network card on the VM. (Source)
The bridge is the part of VirtalBox which enables data transmission from the client side of the net filter driver to the VM.
"A network bridge is a network device that connects more than one network segment. In the OSI model, bridging acts in the first two layers, below the network layer." -Wikipedia article on Bridging.
This means the bridging is done at a low enough level of the networking model, so that the host will not react to these messages on the higher levels, since they are stamped with a different MAC address than that of the host.
Also note that this is exactly the same technique as used by hackers for Spoofing attacks using IP address spoofing.
The OSI Model has 7 layers and the last 2 layers are the Data Link Layer and the Physical Layer.