 I'm going to demonstrate several networking options in VirtualBox, specifically Network Address Translation or NAT, which is the default option, Bridge Mode and an internal network. And I've got Ubuntu Linux servers already installed and I'm going to use them. They're essentially equivalent except they've been configured with the different networking options. We'll go through NAT first. First if we go to the settings in VirtualBox we can see that under the network settings the default is that an adapter is attached to NAT or Network Address Translation. And this allows the guest computer to have internet access from a client's perspective. It can access the real external internet but generally real devices on the internet cannot access this internal guest device. So this is normal for setting up a virtual machine for browsing for a client usage. The default settings are normally sufficient. We will see later that we can enable poor forwarding so that external hosts can access specific services on the guest. So let's just see that operating. If we start that node, node that has already saved it in a start position so when we boot it up we'll just log into this Linux node and we'll bring it across. And I'll just log in and get the right username and the password and I'll just look at my IP address using IFConfid. And note in the second line there of the output the internet address, the IP address is 10.0.2.15. So this is the IP address that's been allocated to my guest and how NAT actually works is that VirtuaBox runs a DHCP server allocating IP addresses to the guests. Just to see the difference, so my host computer, my actual computer I can either open the command prompt in Windows and run IP Confid and see my real IP address, the public internet address of my physical computer is 138.77176.56. Whereas the guest Linux machine when we use NAT gets an internal address. And it's set up such that the real computer cannot or external computers on the internet can access this internal guest. Just to see that we can have internet access from my Linux computer the guest I can access websites or I can pin real computers for example if I pin Google and we get a response. So I have internet connectivity but external computers will not be able to pin between devices in VirtuaBox and also to allow external devices to log in. And if I try to pin, if I bring up my command prompt and pin my Windows computer in the background here I've got a picture that shows the connectivity noting that the guest I listed is Carly Linux but it's just a Linux guest in this case. My host computer is Windows 10 and I'm using NAT. So from the real internet's perspective what happens is my host computer is allocated an IP address. In my picture it's 1.2.3.4 in my real computer was the 13877176.56 address. So that's the real address allocated to my computer. What VirtuaBox does is it acts as a router and a DHCP server and also does network address translation. So when you start your guest VirtuaBox router acts as a DHCP server and allocates an IP address within some range defined by VirtuaBox in this case 10.0.2.15 for my guest. Whenever that guest tries to communicate out to the internet for example when I pin Google it uses the source address of 10.0.2.15 but when it gets to the VirtuaBox router it implements NAT which changes the address translates it to the public 1.2.3.4 in this example. And when the response comes back NAT does its job and forwards it back to the guest. Without port forwarding setup no one on the internet can access my internal guest. We can enable port forwarding so specific services on the guest can be accessed from outside. The next mode of networking I'm going to show is bridge mode so I have my second machine here I'll start that up actually before I start up let's look at the settings the network settings in VirtuaBox the adapter is set to be a bridged adapter and we actually choose the real adapter on the host computer in this case my gigabit ethernet adapter if you're using Wi-Fi then you may choose your Wi-Fi adapter and what VirtuaBox will do will bridge that adapter with the network interface in the guest machine and again the default settings are normally sufficient so I'll start my guest and I'll have a look and see what happens with regards to the IP addresses remembering my host is with this 1387176.56 address which is an IP address allocated by my real network DHCP server inside the university so if I log in to this Linux machine if we run IF config we can see I have an interface this EMP0S3 interface and the second line shows the IP address this 1387176.66 address noting my host.56 my guest.66 what's happened here is that with bridging mode VirtuaBox essentially brings the guest network adapter onto the real network so and as a result the real DHCP server in my LAN has allocated an IP address to this guest within the same network address as the host address this 1387176 network address just to check a game with this mode we essentially have full connectivity as the host does so I can ping I have access to outside internet websites and other devices on the network we'll be able to ping and contact my guest device so for example I'm on my windows host and I'm going to ping the address of the Linux guest 77.176 and the guest is .66 and it's talking it's getting a reply so we have connectivity from the host to the guest because it's as if the guest is on the same network as the host what's happening here with bridging if I bring up a picture of this we have a Ubuntu Linux guest we have our windows 10 host the DHCP server for my real network has allocated my windows 10 host the IP address in this demo or in this example picture 1.2.3.4 and what bridging does is it essentially joins that so that when the Ubuntu Linux guest sends out a DHCP request it is forwarded on to the real LAN and the real DHCP server sends back a response and allocates an IP address say 1.2.3.5 or the .66 address in my example so it's as if we now have two computers on the real LAN my windows 10 host and my Ubuntu Linux guest and with that if we have multiple guests in virtual box they'll be able to communicate with each other because they'll be all within the LAN and say the next one would be 1.2.3.6 it would be able to talk to the other guests as well as the host and other devices inside that LAN other real devices so this is much easier to allow networking amongst devices both inside virtual box and inside the same LAN in theory hosts out on the internet when we're using bridged mode can also contact the guest however in practice it will depend upon your real net if you're in your home network your home router may block that you'd need to set up that router to allow external internet hosts to access the internet so let's look at the third mode which is similar to bridging where we can set up a network and have the different virtual box machines communicate with each other but a little bit more secure and that we don't use the host IP range we have an internal network so I've got another node here and what I'll do is also set that use the NAT node and set that to talk to the Ubuntu Linux internal host so let's look at the settings for this third Linux guest we go to the network settings and I've set up the adapter to use an internal network so not that not bridge but an internal network and here you should choose a name of the internal network and I've just called a demo there the other settings are the default settings the idea is that all guests that you want to be able to communicate with each other you can put them on the same internal network and I'll do that in a moment for the other NAT device so let's start this one and see what happens so it's not going to use NAT or bridging it's going to just connect to an internal network which should allow it to communicate with other virtual box machines on that same internal network bring it across and it will boot up so it doesn't necessarily have internet connectivity and we're booting up we'll wait for it and we start to give this something being slightly slow here start job is running for raise network interfaces and it says it's going to wait up to five minutes five seconds it's trying to set up automatically set up the network interface and because we're using internal networking it's not going to be able to so it basically is trying to get a DHCP address from a server that's not going to work because we're using internal networking so this is going to run for five minutes and then give up so I'll just pause now and then we'll explain a way to overcome this problem for the next time while that node is waiting that five minutes let's look at our other node we'll look at the settings this is the NAT Linux node adapter one we're going to use NAT I'll leave that I'll use a second adapter so it'll set the network interface I'll enable that and attach it to an internal network and make sure the name matches the one we gave for the other node the idea is that virtual box will set it up so that this network interface is connected to a virtual switch which is then connected to the network interface for our internal node they'll be on the same LAN so we can start that node noting that our other one is still waiting that five minutes so we'll boot this one and set it up as we wait for that this one has NAT enabled as well on the second interface node there it has two interfaces we'll see more detail shortly but the NAT one allows the DHCP server to allocate an address in this case the virtual box DHCP server so log in and we'll just look we still have our internal address allocated by virtual box 10.0.2.15 but if we use ifconfig to see all interfaces with a minus a option we see that there's another interface EMP0S8 which has no IP address this is the second adapter which is going to be on the internal network demo name it doesn't have an IP address we would need to give it an IP address and there are different ways to do that one way we can use the command line program ifconfig another is using the command line program IP and another is to configure it in a file so when your computer boots it automatically gets that let's use ifconfig that's a quick way I want to configure that interface P0SA I want to give it an address and I'll just give it a 192 address 168.1.1 net mask so I need to manually set a static address and broadcast if we like but no you'll come and that interface is currently down so I'll specify it to be path that is set configure this interface to IP address 192 168.1.1 and turn this interface up or turn it on and to do that we'll need to be sudo or proceed the command with sudo and it's asking me for my password note it gave an error there about sudo that is because I've actually changed the host name to net demo without changing the corresponding file for the sudo looks at so it's confused about net demo because before it was just called demo it's not an error it's a warning I have confid this second interface EMP0S8 has an IP address 192 168.1.1 it should be attached to our demo network our internal network and we're going to use it to talk to the other links node once that's up and running let's see did it get through the five minutes yes it's gone through the five minutes so let's log into that one and see a how we can configure it so it won't have to wait for five minutes the next time and then get it to talk to our second Linux node so I'll log in I have confid let's see what we currently have we have a single interface it has no IPv4 address because what happened it when the system booted it tried to get an address using DHCP because we set up internal networking that wasn't possible it actually gets an IPv6 local scope a links link scope address link local address which is just allocated when you don't get a DHCP response that's of no use to us we run an IPv4 address so we saw on the first node that we could set it using if confid I'll show you another way which will also solve this problem of this five minute wait for the startup and we need to edit the file it's called it's in the network it's in the folder or directory etc slash network it is called interfaces so I'm going to use the text editor vi to open the file called interfaces within the directory slash etc slash network and to edit this I need to be administrator so I need to proceed the command with sudo and ask for my password and this is the interfaces file and this is looked at when your system boots I'll just quickly explain what's here but not all the syntax the first these two lines are showing to enable automatically enable the loop back interface this is for localhost this is for the the first network adapter which uses is on the NAT settings in virtual box it's saying get your internet address using DHCP so ask the DHCP server and that one works and oh sorry that one doesn't work on this Linux node it works on the NAT one so that's where our problem was it's saying ask the DHCP server but we have set up an internal network where it won't be able to connect to a DHCP server so that's the problem here and what I'm going to do is I'm going to comment that out I have to insert and insert a hash there to come out those two lines and I've already as you see written the replacement lines I'll explain them what I want to replace this setting with instead of saying get the IP address from a DHCP server I want to statically assign the IP address using this static option and I specify in the next four lines the values I want to give it the IP address the net mask the network address and broadcast address in that case when the system boots it will read this file it will see we don't need to ask a DHCP server we statically assign the IP address and it won't wait for these five minutes to boot up and of course I don't need to use IF config like I did in the other Linux node I will automatically have this address so let's try that I'll write that and quit and I'll reboot and let's hope it boots faster than the five minutes shuts down and then starts up again remembering the Linux node on the left has the IP address on the internal network of 192.168.1.1 and let's log in see we didn't have to wait our five minutes there so we've avoided that problem by statically assigning address and run IF config we have the address 192.168.1.11 in this case and they both should be configured to be on the same virtual network or the same internal network which is our demo net so let's see if they can talk to each other so here we'll ping 192.168.1.1 and sure enough we get a response so we can communicate between the two virtual box guests and of course it should work okay so with internal networking we can use that to set up so the guests can communicate with each other but they don't necessarily have internet access now our left hand node the NAT demo does have internet access because it has two adapters it has the NAT adapter and the internal network adapter so we can still ping say Google so we do have internet access as a client from the NAT demo Linux node but from the internal only demo if we try to ping Google we get no response because this one only has a single adapter and all it knows about is the internal network and we can see a little bit more detail if we look at the routing cable using a route on both nodes on our internal only node on the right hand side internal demo it has a route or it knows about the network 192.168.1.0 it knows about its local LAN only and it can therefore only communicate with other machines on that same local LAN the NAT demo node also knows about 192.168.1.0 so we can talk to the internal only node but it also has a route or a default gateway to 10.0.2.2 which is the virtual box NAT router which then forwards out to the real internet so with the NAT demo we can communicate with the internet with the internal only demo we can't at this stage but we could configure the routing table inside the internal only node so that it is aware or it can go via say the gateway in the NAT demo or we could enable the second adapter and how allow it to have a NAT so we've gone through three options of using NAT only on a Linux node to allow essentially client only access to the internet bridge networking where we have the guest having essentially client access to the internet plus communication with other nodes inside the virtual box and inside the the real network so we can potentially have other nodes accessing servers on the guest and then we saw internal networking where we can have the virtual box guests communicate with each other they can have internet access if we also enable the NAT on the adapter we may need to do slightly more settings if we want to allow them to communicate with each other and with nodes outside the virtual box which one to use if you just want a single node and you want to run it as a client then probably NAT is sufficient if you want a more complex virtual box network or a virtual network of nodes then you may use bridge mode it's probably the easiest to set up if you want to be a little bit more controlled or secure where you don't want the internal nodes to have the same network address or same IP address as on your real network you may use internal node but it does require some additional routes to be set up with NAT mode hosts cannot access the guest unless we enable port forwarding so let's to finish off look at port forwarding so to demonstrate this i'm going to use a secure shell server so i'll install that so i'm on my NAT demo node here i'm going to install the open ssh secure shell server and what i want to be able to do is from my host machine log in to the secure shell server it looks like i may have installed it before i'll shut down that and enable port forwarding actually before that we'll try and test so i'm going to open up a secure shell client inside my host machine my windows 10 machine and we can do that using for example putty open up putty and our IP address the problem being if we try to connect to 10.0.2.15 which was the IP address of our guest then from our previous settings it doesn't work we'll try and i'm bringing across is trying to connect from my windows 10 host to 10.0.2.15 but in NAT mode by default it cannot do that so that's not going to respond it will eventually time out i'll give that up we need to establish port forwarding to allow that to allow that to work i'll power off my machine and then go to the settings and in network settings and our adapter under advance we have the port forwarding option and we'll add a rule here we can give it a name secure shell the host secure shell use tcp what we need to set up and be careful where there's the ports so what i want to say anything that goes to my goes to my local host in a particular port i want to redirect it to the the guest so the guest port is 22 because i know secure shell servers run on port 22 the host port i'm going to choose a different one generally can choose anything as long as it's not used by other services on your host computer i'm going to choose let's say 5022 and we'll show how that works so that for example if i'm running a secure shell server on my host computer there won't be any confusion so redirect anything that goes to port 5022 to the guest port 22 so we have port forwarding set up should be before i forget and port forwarding we should also completely set the host IP this is important 127 that is the local host address saying if someone runs a secure shell client and connects to the actual local host that is the the windows 10 host and a port 5022 then redirect to the virtual box guest this particular guest and redirect it to port 22 so include the host IP address there and we'll start our machine and while that's starting we'll start putting and here we specify the local host address basically from my windows client i'm going to connect to the local host the windows computer but to a particular port 5022 and it's actually virtual box that's listening on that port and virtual box knows because we enable port forwarding anything that comes in on port 5022 send it to the guest the nat demo guest and to port 22 let's make sure our node is up and running that is and let's open that and i'll just bring this across it's come up on my other screen it comes up with a warning saying i'm not aware of that do i really trust it yes we really trust it and now party's coming in as the login so it's actually logged us in now or sorry it's connected us now we log in and i'm on nat demo so this allows nodes in this case my windows 10 host to connect to a server on my rubuntu linux guest and in theory anyone out on the internet can connect to my rubuntu linux guest in practice your say home router or in my case my university land router would most likely block people out on the internet accessing the internal network but from my windows 10 host i can log in and and as if i'm sitting at the computer so port forwarding allows special specific cases where we can access the guest from outside so now you can choose from the different options for setting up a network depending on whether you want to run a single simple node you may use nat possibly with port forwarding if you want to run multiple nodes you may use bridged or internal networking and you may still use port forwarding if needed