linux networking – Difference between VMWare Bridged network and Docker ipvlan/macvlan?

In Virtual Networking, I have seen two techniques to connect the guest machine with the Host machines network.

In VMWare/VirtualBox – Bridged Networking is used to connect the guest machine with the host machines network.
Ex – if the host is on 172.16.0.1/12 subnet with IP 172.16.0.2 as host IP,
then using Bridge networking any guest running on the above host can be connected to the host network i.e 172.16.0.1/12 subnet and the guest will receive an IP on this subnet say 172.16.0.6 (just picked a random valid IP in this subnet).

In Docker, the same is achieved using IPVLAN or MACVLAN.
Ex: – if host is on 172.16.0.1/12 subnet with IP 172.16.0.2 as host IP,
then using MACVLAN or IPVLAN any container running on this host can be connected to host network i.e 172.16.0.1/12 subnet and the container will receive an IP on this subnet say 172.16.0.6 (again, just picked a random valid IP in this subnet).

Though the end result is same, the techniques used seem to be different. Am I right?
So just exploring to understand the difference between these two approches and how bridging differs from IPVLAN/MACVLAN?

networking – Does an off-the-shelf router have all LAN ports bridged?

I want to roll my own router, as the one provided by my ISP is terrible.

The router of course provides DHCP and routing on all 4 of the LAN ports.

Does this mean that it provides DHCP and routing on each port individually? Or does it mean that it bridges all four ports in software and then provides DHCP and routing to that bridge device?

To the user, it would look functionally identical. But when setting up the router, there is a difference. I’m assuming one is more “correct” than the other. What is the best practice?

How to configure bridged networks in a VirtualBox virtual machine?

I created a virtual machine through Oracle VirtualBox and Vagrant. Now I want to browse a website hosted on the virtual machine, but I cannot browse through the IP 10.0.2.15.

Virtual machine IP

I found the answer from this post and it says here that I need to make sure that the network card in my virtual machine is configured to use bridge mode. I tried to find a tutorial on how I should do it on my virtual machine, but to no avail. Is there a command I can use on how I can configure my virtual machine to use bridged mode?

Bridged networks in VirtualBox through nested ESXI virtualization fail

I am trying to make Bridged Networking work in Ubuntu on VirtualBox, on a Windows Server 2016 host that is running as a guest on an ESXI system (that is, nested virtualization: ESXI -> Windows Server with Virtualbox -> Ubuntu).

My installation of VMware ESXI:

  • ESXI 6.5.0 Update 1 (Build 5969303) running on an Intel Xeon
  • "Expose hardware-assisted virtualization to the guest OS" enabled for my guests
  • All VLANs come as 1 trunk on a physical network card (igbn controller)
  • Port groups are created by VLAN and passed to my guests; In this case, my guest is using 4 e1000 network cards with a different VLAN assigned per card
  • Pretty standard options (2 vCPU, 8 GB of RAM, 50 GB of hard disk, etc.)

My installation of Windows Server 2016 (as a guest in ESXI):

  • The following settings are used for Windows Server 2016 in ESXI:
ethernet4.pciSlotNumber 1216
featMask.vm.hv.capable  Min:1
ethernet3.pciSlotNumber 1184
tools.guest.desktop.autolock    FALSE
nvram   N.nvram
pciBridge0.present  TRUE
svga.present    TRUE
pciBridge4.present  TRUE
pciBridge4.virtualDev   pcieRootPort
pciBridge4.functions    8
pciBridge5.present  TRUE
pciBridge5.virtualDev   pcieRootPort
pciBridge5.functions    8
pciBridge6.present  TRUE
pciBridge6.virtualDev   pcieRootPort
pciBridge6.functions    8
pciBridge7.present  TRUE
pciBridge7.virtualDev   pcieRootPort
pciBridge7.functions    8
hpet0.present   TRUE
RemoteDisplay.maxConnections    -1
sched.cpu.latencySensitivity    normal
sata0:0.autodetect  TRUE
numa.autosize.vcpu.maxPerVirtualNode    2
numa.autosize.cookie    20001
sched.swap.derivedName  /vmfs/volumes/5b8555ab-94e03f86-bf5b-e0d55e5a526b/N/N-d4a539e0.vswp
pciBridge0.pciSlotNumber    17
pciBridge4.pciSlotNumber    21
pciBridge5.pciSlotNumber    22
pciBridge6.pciSlotNumber    23
pciBridge7.pciSlotNumber    24
scsi0.pciSlotNumber 160
usb.pciSlotNumber   32
ethernet0.pciSlotNumber 192
ethernet1.pciSlotNumber 224
ethernet2.pciSlotNumber 256
ehci.pciSlotNumber  33
vmci0.pciSlotNumber 34
sata0.pciSlotNumber 35
scsi0.sasWWID   50 05 05 64 2e 0d f7 a0
ethernet0.generatedAddressOffset    0
ethernet1.generatedAddressOffset    10
ethernet2.generatedAddressOffset    20
vm.genid    8985267772027956372
vm.genidX   7658496339281961829
monitor.phys_bits_used  43
vmotion.checkpointFBSize    4194304
vmotion.checkpointSVGAPrimarySize   4194304
softPowerOff    FALSE
usb:1.speed 2
usb:1.present   TRUE
usb:1.deviceType    hub
usb:1.port  1
usb:1.parent    -1
toolsInstallManager.lastInstallError    0
tools.remindInstall FALSE
toolsInstallManager.updateCounter   5
svga.guestBackedPrimaryAware    TRUE
ethernet3.generatedAddressOffset    30
usb:0.present   TRUE
usb:0.deviceType    hid
usb:0.port  0
usb:0.parent    -1
ethernet4.generatedAddressOffset    40
guestinfo.driver.vmci.version   9.8.16.0
guestinfo.driver.vmxnet3.version    1.8.16.0
vmware.tools.internalversion    10279
vmware.tools.requiredversion    10279
migrate.hostLogState    none
migrate.migrationId 0
migrate.hostLog ./N-d4a539e0.hlog
  • 4 Ethernet ports (past e1000 in ESXI), each identified as Intel 82574L. All these ports work perfectly well (get an IP address, you can communicate outside the Windows server).
  • There is no specific firewall software
  • Run VirtualBox 6.0.14 (updated) but I tried with previous versions also earlier this year
  • Fully updated to the latest Windows patches

My Ubuntu installation (as a guest in VirtualBox):

  • Ubuntu Server 18.04 LTS x64, but I've also tried it with other editions. I'm just trying to get an IP address through the Ubuntu installer for now, but I've also tried a full installation. The Ubuntu guest & # 39; ve & # 39; but the adapter does not obtain an IP address while there is a DHCP server running on the VLAN with which the guest is provided (the Windows 2016 host obtains an IP address on the same interface).

When debugging with Wireshark on the Windows 2016 machine, I can see that the Ubuntu guest is using the Ethernet adapter of & # 39; public internet & # 39; appropriate and send DHCP requests on this interface.
I am sure that it is the Ubuntu guest that sends the ARPs since the MAC address matches what I configured in the VirtualBox options (I also tested with default random MAC). When configuring a fixed IP address in Ubuntu, it transmits ARP requests to find the gateway in vain.

I tried:

  • Using each of the n = 6 different adapter options offered by VirtualBox, including Paravirtualization
  • Uninstall VirtualBox and reinstall it (paying special attention to the & # 39; Bridged Networking & # 39; option is enabled)
  • Add a new adapter to the Windows 2016 machine specifically for the use of VirtualBox
  • Disable all properties for the adapter mentioned above, except the NDIS6 network driver
  • Changing the network adapter to the Win 2016 machine from e1000 to vmxnet3
  • Add a & # 39; Ethernet host-only adapter & # 39; Ubuntu guest (as suggested here)
  • Run VirtualBox in Windows 2008 compatibility mode (as suggested here)
  • Enable promiscuous mode (& # 39; Allow all & # 39;) in VirtualBox
  • Verifying that I am running everything as administrator (I am)
  • Verification that Windows 2016 Firewall is disabled (it is)
  • Run everything in VMware Workstation (same problem)

Any clues as to why the problem is or what to try next?

Two bridged interfaces with multiple IPs, NAT required, iptables

I try to configure a strange configuration in a Debian-based box.

This is a type of industrial PC with two network interfaces eth0 and eth1. I'm using this as a & # 39; scanner device & # 39; to use in customer networks. Some of them use DHCP, others do not. Some can give me a fixed IP, others can not even know the DHCP address that my device would receive.

So I created the following configuration in / etc / network / interfaces:

auto what
iface what inet loopback

auto eth0
inace iface eth0 manual
auto eth1
manual inace iface eth1

# Bridge Interface
auto br0
iface br0 inet dhcp
bridge_ports eth0 eth1
bridge_hw aa: bb: cc: dd: ee: ff

# Preset interface IP for client requirements, if DHCP is not working
auto br0: 1
iface br0: 1 inet static
address 172.16.21.150
network mask 255.255.255.0
network 172.16.21.0
Issuance 172.16.21.255
# Gateway
post-up path add by default gw 172.16.21.254
pre-down route of default gw 172.16.21.254


# Set the default IP address of the backup interface
auto br0: 100
iface br0: 100 inet static
address 169.254.111.111
network mask 255.255.255.0
network 169.254.111.0
transmission 169.254.111.255

As you can see, there are three interfaces. br0 is used for DHCP, br0: 1 for static IP given by the client. In general, br0 and br0: 1 will not be used at the same time.
And br0: 100 is also static, but with a local link address. I use it to access the box without attached computer monitor, simply through IP and ssh.
Everything works perfectly, except when I connect my laptop through a direct connection to br0: 100 (remember, your virtual interface type is not a dedicated physical interface!).

By working through ssh in the box, I can access the customer's network and also connect to the Internet (in addition to the possible FW rules at the end of the client …)

But I can not access the Internet from my laptop, but only to the customer's network.
So my idea was that the configuration of local clients only allows access to the Internet from its network range. But my laptop has another range. The glorious idea was to configure NAT and I tried these simple NAT rules:

# IP Forwarding im Kernel aktivieren
echo 1> / proc / sys / net / ipv4 / ip_forward

# Masqerading auf br0 und br0.1 aktivieren
iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o br0: 1 -j MASQUERADE

# Forwarding Regeln einrichten
# Forwarding etablierter Verbindungen von extern (br0 & br0.1) nach intern (br0.100)
iptables -A FORWARD -i br0 -o br0: 100 -m status - RELATED, ESTABLISHED state -j ACCEPT
iptables -A FORWARD -i br0: 1 -o br0: 100 -m status - RELATED, ESTABLISHED state -j I ACCEPT

# Forwarding VererBindungen von intern (br0.100) nach extern (br0 & br0.1)
iptables -A FORWARD -i br0: 100 -o br0 -j ACCEPT
iptables -A FORWARD -i br0: 100 -or br0: 1 -j ACCEPT

This breaks all my configuration. The box itself can no longer connect to the network.

I have no idea what is wrong and how I can fix it. Any idea is appreciated.

regards
Olaf

linux – How to route bridged network interface packets to localhost?

I am configuring an Orange Pi to join two network interfaces. One of them is connected to a gateway, the other to the network interface of a thermal receipt printer. I would like to capture the packets sent from the network that are destined to the printer in port 9100 to be able to modify them before sending them to the printer.

My hardware configuration looks like this: et1 is connected to the gateway, eth2 is connected to a static receipt thermal printer with static ip 192.168.0.20.

In my Orange pi I run Linux 4.18.7, compiled from Yocto with the support package of the OpenEmbedded board.

I take the following steps to initialize a bridge:

brctl addbr kc_bridge
brctl addif kc_bridge eth1
brctl addif kc_bridge eth2
ifconfig kc_bridge up

At this point, I can ping the printer from any device on the same network and send it to print (for example, echo "hello world" | nc 192.168.0.20 9100)

Then, I enable routing to localhost, enable IP forwarding and modprobe br_netfilter to enable routing on bridges:

echo 1> / proc / sys / net / ipv4 / conf / all / route_localnet
echo 1> / proc / sys / net / ipv4 / ip_forward
modprobe br_netfilter

Next, I add the iptables rule that you must change the destination address to the localhost of any package destined for the printer on port 9100, and start listening to this port:

iptables -t nat -A PREROUTING -d 192.168.0.20/32 -i kc_bridge -p tcp --dport 9100 -j DNAT - to-destination 127.0.0.1:9100
nc -l 9100

I hope this shows any information that is routed to localhost, but when I send data to the printer from another device on the same network, it is not displayed here or printed.

When using tcpdump I can see that the packets are not routed to localhost and it seems that no connection is initiated:

tcpdump: deleted verbose output, use -v or -vv to decode the full protocol
listen in eth1, link type EN10MB (Ethernet), capture size 262144 bytes
09: 31: 14.821538 IP 192.168.0.50.43362> 192.168.0.20.9100: Flags [S], I know that. 2236984100, earn 64240, options [mss 1460,sackOK,TS val 3578716123 ecr 0,nop,wscale 7], length 0
09: 31: 15.839876 IP 192.168.0.50.43362> 192.168.0.20.9100: Flags [S], I know that. 2236984100, earn 64240, options [mss 1460,sackOK,TS val 3578717141 ecr 0,nop,wscale 7], length 0
09: 31: 17.856296 IP 192.168.0.50.43362> 192.168.0.20.9100: Flags [S], I know that. 2236984100, earn 64240, options [mss 1460,sackOK,TS val 3578719157 ecr 0,nop,wscale 7], length 0
09: 31: 22.020901 IP 192.168.0.50.43362> 192.168.0.20.9100: Flags [S], I know that. 2236984100, earn 64240, options [mss 1460,sackOK,TS val 3578723321 ecr 0,nop,wscale 7], length 0

What do I need to route packets from bridged network interfaces to localhost?

networks – Netsh / Blutooth / Bridged connections with Wifi / Bluetooth built into the motherboard

So during the last 4 months, more or less, me and my almost new machine (personal custom build) have been repeatedly hacked. It seems (SEEMS) that if some services and configurations of Windows persist the safe eliminations of THRU SSD are made with both Samsung Magician (970 Pro M.2 SSD) and within Asus Bios. It seems that there may have been some disorder with netsh possibly (not quite familiar); as well as it seems that there is some type of VM ROGUE (presumably Linux) running in the background. My efforts have been to break the lack of a better term & # 39; internal connection & # 39; to whatever this fake server? It is but I am not sure what has been done within NETSH and I am not sure how to solve it. Although on the surface it seems that, otherwise, the machine behaves as if someone else had been controlling group policy and / or used netsh to port me to some kind of dynamic DNS (possibly what the Linux server is doing? ). It seems that some of the things in Linux on Windows I've seen a bit here and there and I've never had the opportunity or the desire to play outside of my game; Well, so far, because it is interfering with my game and the functioning of my entire machine. I've even had content & # 39; pushed to my machine.

Maximus X Hero Wifi / AC 1801 Bios (returned to 0505 at one time did not help)
970 Pro Samsung M.2 SSD
Graphics EVGA 970 FTW
Corsair 3000 (2133) Memory
Corsair H115i Pro Cooler

You can not get rid of the miniport drivers in the Device Manager

I have hijacked several email accounts as if maybe this VM is registering my passwords and / or credentials. Please, please help; I will provide all the necessary records upon request.

I'm new here, so I'm not sure about the rules, but you can also contact me at stuntmanmclain@gmail.com