jail/virtualbox - bridge doesn't work

[kaffeebecher]

I've a Freenas 9.3 with a Jail, based on virtualbox-Template. In this virtualbox i've installed a windows7 based on a bridged network.
It seems, there's somewhere a missconfiguration/bug at the network-stack - i can't access the windows7 virtualmachine from outside.
I hope, someone can point me in the right direction - if you need some debugging-information, just let me know which one and how i can get it.
As i know, some people have created completely same setup - and for them it's working fine. I don't believe, that i've done something wrong - i believe, there is a bug somewhere.
But i'm no programmer so let me know what it could be.

Here is my setup:

Main-System
- HP Microserver Gen8
- 4x 500GB SATA
- Freenas 9.3 (latest patches) on sandisk USB-Stick 16GB
- 16GB ECC-Ram
- IP: 10.0.0.121/24

Jail vbox
- Template: virtualbox
- VIMAGE-Option is activated
- IP: 10.0.0.120/24
- (phpVirtualbox running and accessable on http://10.0.0.120)

Virtual machine
- OS: windows 7 64bit
- IP: 10.0.0.133/24
- VNC: 10.0.0.120 Port 9000
- Network: Bridged Mode - Intel PRO/1000MT Desktop Driver chosen, epair0b is correctly shown and configured
- Virtualbox Guest additions are installed
- Firewall
- Network-Adapter is correctly recognized and setup

Client for tests
- Physical Laptop
- IP: 10.0.0.7/24

What i can do
- successfully ping/access 10.0.0.121 (FreeNAS) via Client (10.0.0.7)
- successfully ping/access 10.0.0.120 (vbox jail, phpvirtualbox) via Client (10.0.0.7)
- connect via VNC to 10.0.0.120 Port 9000 and get Remote-Access to Virtual Machine via Client (10.0.0.7)

What i'm not able to do
- ping/access 10.0.0.133 (virtual machine) via Client (10.0.0.7)
- ping/access 10.0.0.7 (client) via Virtual machine (10.0.0.133)

 

[Robert Trevellyan]

In the jail's Sysctls do you have allow.raw_sockets=true?

 

[kaffeebecher]

hi Robert - thx for your fast response. I haven't editted the sysctl-configfile but i'll make a test with your Parameter.
What i've not mentioned before: Network doesn't work in Windows Virtual Machine at all - i even don't get an ip via dhcp - i had to set a static ip because of that (i've set 10.0.0.133 manually).
I also can't make a tcpdump (wireshark) or something else because i don't get any file into this virtual machine (it is completely "jailed").

 

[Robert Trevellyan]

I haven't editted the sysctl-configfile but i'll make a test with your Parameter.

I didn't edit a config file, the parameter is set in the Jail's advanced settings. I think it's probably the default but I thought it was worth mentioning just in case.

When you set a static IP in the VM, did you also set the correct gateway and subnet mask?

Have you tried switching the VM to NAT mode, just to see if it gets can get an IP address via DHCP?

 

[kaffeebecher]

i've checked my advanced settings and there i also have this line:
allow.raw_sockets=true

I've checked following commands in command-line of my jail:
sysctl security.jail.allow_raw_sockets
=> security.jail.allow_raw_sockets: 1

sysctl allow.raw_sockets
=> sysctl: unknown oid ‘allow.raw_sockets’

so when security.jail.allow_raw_sockets:1 is same setting, then it's definitifely enabled.

My manually set gateway and subnet-mask is correct.

I've tested with NAT-Mode too: then i get an ip-address from virtualbox and i can access internet with my virtual machine. So it doesn't look that bad with this mode.

But i wish to have bridged-mode working so i can use this virtual machine directly in my LAN without port-mapping every port. Hope there is another hint, which i can check?

 

[Robert Trevellyan]

I'm a bit stumped but I'll do my best.

Please post a screenshot of FreeNAS | Network | Network Summary.

Have you tried temporarily disabling the Windows Firewall?

When you switch the VM's network to Bridged Adapter, does the Cable connected checkbox stay checked? Have you tried generating a new MAC address for this adapter?

 

[kaffeebecher]

- screeny attached
- yes, i've tested with disabled firewall - same problem (strange: when i change from bridged to NAT or back, then firewall is enabled. When i try to disable firewall, virtualbox freezes and i have to restart jail ... then i can disable firewall. I had this bug one time before - but maybe this is another problem)
- cable connected checkbox stays checked, yes. And yes: i do have generated another MAC address at a test before - just for testing - without a change :-(

 

[Robert Trevellyan]

And 10.0.0.138 is your router, obviously? I'm running out of ideas, sorry.

Bridged adapter 'just works' for me. My VMs are all Ubuntu Server 14.04, but I doubt that's significant. I run them with the Paravirtualized Network but I don't think you can use that with Windows.

Have you tried copying the Windows VM to a different VirtualBox host?

My guess is the problem is not with your FreeNAS setup, just because I don't see what you could be doing wrong within FreeNAS.

I had some intermittent LAN connectivity issues a while back until I changed my router to access point mode (aka bridge mode), even though I don't understand why that would affect traffic within my LAN. Do you have double NAT, and if so, can you eliminate it?

 

[Robert Trevellyan]

By the way, what is the NIC chipset in that box? I'm no expert, but from reading this forum I know that RealTek would be a bad answer.

 

[kaffeebecher]

It should be a NC332i Broadcom BCM5720 - i don't know the command to get the exact naming from freebsd but because this is a HP Microserver Gen8 i've found with google this device. Do you have another suggestion for testing?

 

[Robert Trevellyan]

Your Google-foo > mine :)

I haven't noticed anyone saying anything bad about Broadcom, but the favorite brand among long-timers is Intel.

 

[eskinbike]

Bringing this back up as this is the exact issue that I am having with bridge mode networking in the VB jail. (VMs can get network connectivity using NAT, but not bridge mode adapter)
I have tried Win8.1 and Ubuntu Server 14.4 VMs with VB tools installed.


System Specs:
FreeNAS 9.3-STABLE-201506292332
Supermicro MBD-X10SRL-F (Onboard Intel i210 NIC using one ethernet port with a static IP)
Xeon E5-2620v3

 

[majerus]

I couldnt get the bridge mode to work at all without crazy errors. Finally uncheck Vimage and configured the adapter from the jail edit screen. Hope this helps