You don't need to change the IP!
You use "Bridged Adapter" and assign the IP to the OpenWrt. The IP on the host will remain the same.
Again:
Host-only Adapter does not connect to anything outside the host!
1 Like
The host-only network doesn't need to be changed. The one that is important here is the addition of additional network adapters in the VM settings. Did you try that?
1 Like
- You should be in this menu
- After booting OpenWrt, assign your IP in
/etc/config/network
In my example, vlan5 is a VLAN interface defined in the Host OS. You should see your Ethernet NIC on the list of Names.
EDIT:
- Adapter 1 (eth0 in OpenWrt) will become LAN at 192.168.1.1 with a DHCP server running
- Adapter 2 (eth1 in OpenWrt) will be WAN with a DHCP/DHCPv6 client tunning
- All other Adapters (eth2 -ethx) will be available, but undefined.
1 Like
Or, if you are setting up a network that will only be used for one or more VMs on the same physical host (and does not need to enter/exit the machine directly), I believe that you can use the internal network option as shown in my screenshot (I haven't tested this, but I'm pretty sure it would work):
P.S. never mind the differences in the GUI appearance -- I'm using VirtualBox on a Mac.
2 Likes
This part i did there is no problem associated with this one.completely fine!
So after adding internal network in adapter 4, 
I am not getting any interfaces for internal Network.
I see the same thing in ifconfig, but as I booted the VM, I saw eth3 come up in the console output. Then, I went to to LuCI > Network > Interfaces > Add new interface > Interface and in menu was eth3 (ready to be used). I went ahead and created a new 'internal' interface and it accepted it and I completed the setup of that interface. Now ifconfig shows eth3. More on that in a second...
So you can add eth3 via LuCI, UCI commands via the CLI, or direct editing of the /etc/config/network file.
Now, back to the new interface I created... after I made the interface in OpenWrt, I went back to my VM manager and changed my Ubuntu VM to use the internal network and then booted up that VM. Bingo! it works exactly as expected -- I got an IP in the range I expected from this new interface (unique relative to the rest of my network architecture) and it accessed the internet through my OpenWrt VM. It is, as expected, inaccessible from the host computer side -- only guest OSs (VMs) can use this internal network. So as I posited earlier -- I think this is the way you really want to be using it.
2 Likes
I think your answer does not support Network setting section of this guide Adapter 1 Adapter 2 and Adapter 3 settings.
Since Adapter 1,2,3 are already assigned you can see in the image.
Now tell me how can i communicate between my two vms through openWRT vm(3rd vm)(with some firewall rule).
in guest operating system;
ifconfig -a
on host operating system;
VBoxManage showvminfo --details YOURVMNAME | grep NIC
sudo ifconfig -a
You can actually use VLANs on the internal adapter. Create VLANs in OpenWrt (parent adapter eth3) and do the same in each VM -- each VM will have a different VLAN configured. Then it will all pass through the routing / firewall system on OpenWrt.
Just tested -- it works!
So basically after reading all the suggestion, i want to provide a clear picture what actually i am doing.
Step1: There are three vms.
Left vm on bridge adapter mode:
Middle VM is in which i have installed openwrt. It has 4 adapter configuration(1.host only adapter2.Nat 3.Bridge adapter 4.Internal network)
So for this in eth3 we are not getting any ip address.
NOTE:don't confuse with ubuntu terminal since i have done ssh to provide the image.
Now for right vm i have set internal adapter configuration and set static ip for that(192.268.30.101).
Step2: I can ping from left vm to middle vm and vice versa.
Step3: I can't ping middle vm to right vm and vice versa.
Step4: In luci there was default rule i edited that. Under firewall ->traffic rule
Correct me at places where i am wrong.If any thing i am missing please tell me.
NOTE: I have gone through all the suggestions and reply in forum except VLAN(not getting any thing how to configure that).
from where? ( middle, vbox?, other? ), i missed the bit where you explained how the dhcp operates on that segment... ( p.s. otherwise tho', thankyou for posting the clear s-shots and clearer explanation... you've done a good job 
)
fwiw: middle(openwrt)->nic4(eth3)@internal ...
- no dhcp server gets run on internal networks... you should provide one from openwrt or any other host on that 'isolated' segment ( or for simple segments just static all hosts as you've done )
it is possible outside of the gui... if you absolutely have to... ( for vbox6 );
VBoxManage dhcpserver add --netname intnet --ip 10.11.12.1 --netmask 255.255.255.0 --lowerip=10.11.12.100 --upperip=10.11.12.106 --enable
- or as @psherman says, use host-only if you want to use vboxs' built in dhcp (gui)...
- or create a 'dummy' bridge on your host and bridge(vmnic4) to that, optionally assigning the host bridge an ip and spawning your own dnsmasq/dhcp process on that bridge ( may need to be done via slave tap0 ).
if your doing more stuff like this... and want to emulate vlans on switches... look up some ovs guides. it is very handy for L2-3 network functions. and keeps the host networking less cluttered.
???
WHAT???
No, I don't see.
Don't you think that's kinda rude?
- You never show the configs for the "Right VM", so I don't know.
- Also, you need to assign an IP to communicate...don't you agree???
- Maybe even assign a firewall zone - so you can make a rule
Why would it get an IP???
It's on an internal network, which I assume is shared with the "Right VM". Does the "Right VM" at 192.268.30.101 run DHCP?
If not, you won't get an IP. Also, you never show the "Right VM" network setting! (and BTW, eth3 on the "Middle VM" isn't assigned to a firewall zone 
)
Showing the Network config for all 3 VMs makes more sense to me.
(Or use "Internal Network") 
If OpenWrt has DHCP...why?
To recap:
- I see the OP used LAN to connect to his real network via DHCP client (hence "Left VM" and "Middle VM" can ping on 192.168.29.0/24. So this is setup properly!
- I have no clue what WAN is used for here
- We are not told what Virtual Interfaces the
MNGbridge is connected to ETHADAPTERis not assigned to a firewall zone, and is assumed to be onintnetwith "Right VM" - hence:- "Middle VM" will get no IP on
eth3; and - firewall rules cannot be created per-zone until that's fixed
- "Middle VM" will get no IP on
2 Likes
When the two Ubuntu VM guests are on the same virtual network, VirtualBox will let them communicate with each other freely. A third guest (OpenWrt) will not see this traffic.
It is exactly like a real network where the router firewall cannot see or control file sharing between two physical machines on the LAN. It's not what the router firewall is for.
2 Likes
I thought so, too!!
@Prakash_kesharwani - let me make this as simple as possible...
VirtualBox networks for OpenWrt VM:
Adapter 1: Host-only adapter (fixed IP address of 192.168.56.1/24, no DHCP server)
Adapter 2: Bridged Adapter (in my case connected to my Mac Pro's en0 ethernet port, gets address from my main network router)
Adapter 3: Bridged Adapter (optional, in my case connected to my Mac Pro's en1 ethernet port, address will come OpenWrt VM as a LAN so the physical port acts like the LAN side of a normal router)
Adapter 4: Internal Network (no network assigned, network will also come from a LAN defined on the OpenWrt VM, will act like the equivalent of a LAN port, but virtual).
Mappings in OpenWrt
VB Adapter 1 > eth0, mag, static, bridge, 192.168.56.2/24, no DHCP server
VB Adapter 2 > eth1, wan, DHCP client
VB Adapter 3 > eth2, lan, static, 172.16.15.1/24, DHCP server enabled
VB Adatper 4 > eth3, internal (lan), static, 10.20.30.1/24, DHCP server enabled
-- and the magical one --
VB Adapter 4 (with a VLAN defined only on the Guest OSs) > eth3.2, internal2, 10.21.31.1/24, DHCP server enabled
The management network is only reachable by the Mac OS (host OS), no other guest OSs can connect to it. The connectivity between the LAN networks (lan, internal, internal2) can be controlled by firewall rules (allow all, drop/reject all, or allow some) -- each network should be assigned its own firewall zone if there is a desire to filter inter-VLAN connections.
For the guest OS(s) (ubuntu in my case), I need to make sure that the VirtualBox network settings connect to the VB Internal Network. When I boot the VM, it's default network adapter (enp0s3) will be attached to the internal network which is in turn attached to the OpenWrt "internal" network, just like if it was a physical network. With DHCP client on the Ubuntu VM, It gets an address in the 10.20.30.0/24 network. If I add a new VLAN based network (VLAN ID 2, parent interface enp0s3) and configure it as a DHCP client as well, it will pull an IP in the 10.21.31.0/24 network (internal2). I can optionally disable the main (untagged/default) ethernet adapter and it will keep the VLAN based network (10.21.31.0/24) up and running while shutting down the other network (10.20.30.0/24).
I can create as many VLANs as I want -- if I want to have 10 VMs on 10 different networks (so I can control them via my OpenWrt VM), I can do that using the same general method as I just described. There are potentially more efficient ways of doing this (including the firewall that is in the Guest OS itself), but I have been able to create a situation where all of the VMs are networked through an OpenWrt VM, so OpenWrt controls the inter-VLAN connectivity.
Does this all make sense?
It is extremely important to understand difference between switched (L2) vs routed (L3) networks as well as the use of VLANs + firewalls to isolate networks. If you don't currently understand why 2 hosts on the sane network (can be VMs or physical) cannot be isolated with OpenWrt or any other router, you need to go back to basics and read up on how networks operate at L2 and L3 and where the router/firewall comes into play.
1 Like
Since their is ip for eth1 eth 2 but not for eth3. And eth3 came when i added internal adapter under network setting.If there is no ip defined how can communicate between middle vm to right vm??
is their any way to add ip address as i have added in ubuntu terminal(left vm) in /etc/network/interfaces in openwrt.
sorry if i am confusing you guys.
i think i have upload image what i was following for setup. See the image there are 3 adapter configuration shown.
if you see this guide you will get an idea what i am saying.BTW if i am confusing you I am sorry for that.
I don't know what you have interpreted from that line.My intention was after giving all details i just wanted that where i was wrong.Since i tried a lot with the help of you guys .Sorry if wording were not correct.
Since right vm has internal adapter and when i opened the vm and I set static ip in etc/network/interfaces(i.e 192.168.30.101).Now i wanted to same for openWRT vm(middle vm) but i can't do since its path is not same as right vm.
Now I am clear.
thanks
Ummm...yes, it's a router. Of course!
No, you photographed the Wiki and only Adapter 1.
I'm not confused.
Use the VM's console!
Also, not sure by the term "path".
1 Like
How are you defining fixed ip? where did it came from?
It is automatic when you setup the host only network it is in the original tutorial.
3 Likes