Page 2 of 2
Re: VMs in "bridged" mode don't surf the internet
Posted: Thu Apr 23, 2020 5:37 pm
by Lantis
And what is the contents of
And
That ARP table tells most of the story though. The packets look like they're coming from the wrong mac. Is your bridged interface wifi or ethernet on the host?
Re: VMs in "bridged" mode don't surf the internet
Posted: Fri Apr 24, 2020 2:09 am
by lollapalooza
Here you are:
Code: Select all
root@PF:~# cat /etc/ethers
b0:b9:8a:5e:57:c4 192.168.0.10
78:d2:94:19:f3:08 192.168.0.11
b0:b9:8a:5e:51:93 192.168.0.12
c0:48:e6:2e:9b:ea 192.168.0.247
Code: Select all
root@PF:~# cat /tmp/dhcp.leases
1587751504 00:0c:29:3c:83:c5 192.168.0.133 paolo-linux-vm 01:00:0c:29:3c:83:c5
1587751228 98:22:ef:cf:3e:79 192.168.0.207 Y520-Paolo 01:98:22:ef:cf:3e:79
1587750376 18:74:2e:1c:c0:8d 192.168.0.125 amazon-ca6e4221f *
1587750056 90:8d:6c:52:53:81 192.168.0.237 iPadAir2Paolo 01:90:8d:6c:52:53:81
1587749827 84:8e:0c:33:da:8e 192.168.0.151 iPhone-di-Paolo 01:84:8e:0c:33:da:8e
1587716891 dc:4f:22:ee:97:6a 192.168.0.246 ESP_EE976A *
1587750361 34:2e:b6:8c:89:1a 192.168.0.163 HUAWEI_P20_Pro-a0a6ea84d6 01:34:2e:b6:8c:89:1a
1587750323 c0:48:e6:2e:9b:ea 192.168.0.247 ue55nu8000 01:c0:48:e6:2e:9b:ea
1587747305 b0:b9:8a:5e:57:c4 192.168.0.10 RBR40 *
1587746910 1c:4d:66:3c:a0:f6 192.168.0.169 amazon-ddd7c3f2d 01:1c:4d:66:3c:a0:f6
1587750342 b8:e9:37:b7:91:8e 192.168.0.150 SonosZP 01:b8:e9:37:b7:91:8e
1587750352 68:db:f5:7d:f1:8a 192.168.0.136 amazon-61680fc67 01:68:db:f5:7d:f1:8a
1587750559 78:d2:94:19:f3:08 192.168.0.11 RBS40V *
1587735820 f4:b8:5e:24:81:62 192.168.0.193 * *
The 1st two rows are the VM and the physical host.
In here the real MAC address is listed.
Physical host is using Wi-Fi adapter.
Re: VMs in "bridged" mode don't surf the internet
Posted: Fri Apr 24, 2020 6:26 am
by Lantis
The short answer is that your configuration is not compatible with that Gargoyle option.
Why it was originally working and now isn't? No idea.
From my understanding of how this all works, it should never have worked at all.
A DHCP request contains the MAC address and requested IP. However, that packet still has to come from somewhere, and that MAC address is going to be that of your wifi card.
This is a good article about how the DHCP request looks:
https://www.netmanias.com/en/post/techd ... ns-of-dhcp
The first diagram is good.
Due to the way the enforce DHCP rules are written, packets from your bridged VMs are going to be blocked.
The reason the MAC address doesn't work properly is because wifi bridges are not supported. OpenWrt has a good explanation:
https://oldwiki.archive.openwrt.org/doc ... ode_issues
Support from the VM driver is probably doing some hacky MAC address translation stuff. Like NAT.
If this was all ethernet based, you would have no trouble.
Re: VMs in "bridged" mode don't surf the internet
Posted: Fri Apr 24, 2020 10:33 am
by lollapalooza
Ok... that's going to be a mistery
One more question: what happens if I do not check the box "Enforce DHCP assignments", but I still put somw hosts in the list under there?
Will the IP addresses assigned as per the list?
Re: VMs in "bridged" mode don't surf the internet
Posted: Fri Apr 24, 2020 6:53 pm
by Lantis
Yes
The only reason that option is useful is if you have a rogue device.
Say you set a quota on someone, but they figured out they can force change their IP to get around it.
Using this option helps to prevent that.
If you have a regular network, it isn't that useful.
Re: VMs in "bridged" mode don't surf the internet
Posted: Sat Apr 25, 2020 4:06 am
by lollapalooza
That’s very good.
So... with the box
unchecked, IP reservation works as
best effort.
With the box
checked, the rule is strictly applied and devices not respecting it will not be allowed out
I think I can leave the box unchecked
Thanks a lot for your help and for all your time.
You’ve been very kind.