Why does a host respond to pings from all subnets but its hosted VMs can not
Clash Royale CLAN TAG#URR8PPP up vote
0
down vote
favorite
It is possible to connect to all VLAN subinterfaces of an Ubuntu host from any subnet (assuming open firewalls) but it is not possible to connect to the virtual network adaptors of Ubuntu VMs from any network other than the local subnet. I want to understand this behaviour.
System Configuration
I am running an ubuntu 16.04LTS host with 4 physical interfaces. 2 are LACP bonded then a third is bridged to provide redundancy. VLAN subinterfaces are applied to this bridge. These subinterfaces are addressed using DHCP reservations.
The host runs Ubuntu 16.04LTS VMs using VirtualBox. The VMs' network adapters are bridged directly to the VLAN subinterfaces of the host and are also addressed using DHCP reservations. They are configured as "cable connected", using the para-virtio adaptor type and set in "allow VMs" promiscuous mode. The same default route exists on both the host and the VMs, and both can connect to the internet. Neither the network, nor the host, nor the VMs have active firewalls during these tests.
Issue
A ping from a VM interface to a host on an alternate subnet reaches the remote host but that host never sends a response. A ping from a host in a subnet to a VM adaptor on an alternate subnet reaches the VM but the VM never sends a response on any adaptor, including the default route.
networking server virtualbox virtualization ping
asked Mar 4 at 13:53
eto.ttnflt
62
add a comment |Â
up vote
0
down vote
favorite
It is possible to connect to all VLAN subinterfaces of an Ubuntu host from any subnet (assuming open firewalls) but it is not possible to connect to the virtual network adaptors of Ubuntu VMs from any network other than the local subnet. I want to understand this behaviour.
System Configuration
I am running an ubuntu 16.04LTS host with 4 physical interfaces. 2 are LACP bonded then a third is bridged to provide redundancy. VLAN subinterfaces are applied to this bridge. These subinterfaces are addressed using DHCP reservations.
The host runs Ubuntu 16.04LTS VMs using VirtualBox. The VMs' network adapters are bridged directly to the VLAN subinterfaces of the host and are also addressed using DHCP reservations. They are configured as "cable connected", using the para-virtio adaptor type and set in "allow VMs" promiscuous mode. The same default route exists on both the host and the VMs, and both can connect to the internet. Neither the network, nor the host, nor the VMs have active firewalls during these tests.
Issue
A ping from a VM interface to a host on an alternate subnet reaches the remote host but that host never sends a response. A ping from a host in a subnet to a VM adaptor on an alternate subnet reaches the VM but the VM never sends a response on any adaptor, including the default route.
networking server virtualbox virtualization ping
asked Mar 4 at 13:53
eto.ttnflt
62
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
It is possible to connect to all VLAN subinterfaces of an Ubuntu host from any subnet (assuming open firewalls) but it is not possible to connect to the virtual network adaptors of Ubuntu VMs from any network other than the local subnet. I want to understand this behaviour.
System Configuration
I am running an ubuntu 16.04LTS host with 4 physical interfaces. 2 are LACP bonded then a third is bridged to provide redundancy. VLAN subinterfaces are applied to this bridge. These subinterfaces are addressed using DHCP reservations.
The host runs Ubuntu 16.04LTS VMs using VirtualBox. The VMs' network adapters are bridged directly to the VLAN subinterfaces of the host and are also addressed using DHCP reservations. They are configured as "cable connected", using the para-virtio adaptor type and set in "allow VMs" promiscuous mode. The same default route exists on both the host and the VMs, and both can connect to the internet. Neither the network, nor the host, nor the VMs have active firewalls during these tests.
Issue
A ping from a VM interface to a host on an alternate subnet reaches the remote host but that host never sends a response. A ping from a host in a subnet to a VM adaptor on an alternate subnet reaches the VM but the VM never sends a response on any adaptor, including the default route.
networking server virtualbox virtualization ping
asked Mar 4 at 13:53
eto.ttnflt
62
It is possible to connect to all VLAN subinterfaces of an Ubuntu host from any subnet (assuming open firewalls) but it is not possible to connect to the virtual network adaptors of Ubuntu VMs from any network other than the local subnet. I want to understand this behaviour.
System Configuration
I am running an ubuntu 16.04LTS host with 4 physical interfaces. 2 are LACP bonded then a third is bridged to provide redundancy. VLAN subinterfaces are applied to this bridge. These subinterfaces are addressed using DHCP reservations.
The host runs Ubuntu 16.04LTS VMs using VirtualBox. The VMs' network adapters are bridged directly to the VLAN subinterfaces of the host and are also addressed using DHCP reservations. They are configured as "cable connected", using the para-virtio adaptor type and set in "allow VMs" promiscuous mode. The same default route exists on both the host and the VMs, and both can connect to the internet. Neither the network, nor the host, nor the VMs have active firewalls during these tests.
Issue
A ping from a VM interface to a host on an alternate subnet reaches the remote host but that host never sends a response. A ping from a host in a subnet to a VM adaptor on an alternate subnet reaches the VM but the VM never sends a response on any adaptor, including the default route.
networking server virtualbox virtualization ping
networking server virtualbox virtualization ping
asked Mar 4 at 13:53
eto.ttnflt
62
asked Mar 4 at 13:53
eto.ttnflt
62
asked Mar 4 at 13:53
eto.ttnflt
62
asked Mar 4 at 13:53
eto.ttnflt
62
asked Mar 4 at 13:53
eto.ttnflt
62
62
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1011786%2fwhy-does-a-host-respond-to-pings-from-all-subnets-but-its-hosted-vms-can-not%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password