6 Virtual networking When using VLAN interfaces with VirtualBox, they must be named according to the PPA- hack naming scheme (e.g. “e1000g513001”), as otherwise the guest may receive packets in an unexpected format. 6.5 Internal networking Internal Networking is similar to bridged networking in that the VM can directly communicate with the outside world. However, the “outside world” is limited to other VMs on the same host which connect to the same internal network. Even though technically, everything that can be done using internal networking can also be done using bridged networking, there are security advantages with internal networking. In bridged networking mode, all traffic goes through a physical interface of the host system. It is therefore possible to attach a packet sniffer (such as Wireshark) to the host interface and log all traffic that goes over it. If, for any reason, you prefer two or more VMs on the same machine to communicate privately, hiding their data from both the host system and the user, bridged networking therefore is not an option. Internal networks are created automatically as needed, i.e. there is no central configuration. Every internal network is identified simply by its name. Once there is more than one active virtual network card with the same internal network ID, the VirtualBox support driver will automatically “wire” the cards and act as a network switch. The VirtualBox support driver implements a complete Ethernet switch and supports both broadcast/multicast frames and promiscuous mode. In order to attach a VM’s network card to an internal network, set its networking mode to “internal networking”. There are two ways to accomplish this: • You can use a VM’s “Settings” dialog in the VirtualBox graphical user interface. In the “Networking” category of the settings dialog, select “Internal Networking” from the drop- down list of networking modes. Now select the name of an existing internal network from the drop-down below or enter a new name into the entry field. • You can use VBoxManage modifyvm "VM name" --nicx intnet Optionally, you can specify a network name with the command VBoxManage modifyvm "VM name" --intnetx "network name" If you do not specify a network name, the network card will be attached to the network intnet by default. Unless you configure the (virtual) network cards in the guest operating systems that are partic- ipating in the internal network to use static IP addresses, you may want to use the DHCP server that is built into VirtualBox to manage IP addresses for the internal network. Please see chapter 8.33, VBoxManage dhcpserver, page 132 for details. As a security measure, the Linux implementation of internal networking only allows VMs running under the same user ID to establish an internal network. 6.6 Host-only networking Host-only networking is another networking mode that was added with version 2.2 of VirtualBox. It can be thought of as a hybrid between the bridged and internal networking modes: as with bridged networking, the virtual machines can talk to each other and the host as if they were connected through a physical ethernet switch. Similarly, as with internal networking however, a physical networking interface need not be present, and the virtual machines cannot talk to the world outside the host since they are not connected to a physical networking interface. 88