diff options
Diffstat (limited to 'doc/manual/en_US/user_Networking.xml')
| -rw-r--r-- | doc/manual/en_US/user_Networking.xml | 111 |
1 files changed, 90 insertions, 21 deletions
diff --git a/doc/manual/en_US/user_Networking.xml b/doc/manual/en_US/user_Networking.xml index 36d32b49..afdbb07b 100644 --- a/doc/manual/en_US/user_Networking.xml +++ b/doc/manual/en_US/user_Networking.xml @@ -145,6 +145,17 @@ </glossentry> <glossentry> + <glossterm>NAT Network</glossterm> + + <glossdef> + <para>The NAT network is a new NAT flavour introduced in + VirtualBox 4.3. See + <xref linkend="network_nat_service" xrefstyle="template: %n" /> + for details.</para> + </glossdef> + </glossentry> + + <glossentry> <glossterm>Bridged networking</glossterm> <glossdef> @@ -283,9 +294,14 @@ the service can run in a different operating system than the host system.</para> - <para>You can set up a guest service which you wish to proxy using the - command line tool <computeroutput>VBoxManage</computeroutput>; for - details, please refer to <xref linkend="vboxmanage-modifyvm" />.</para> + <para>To configure Port Forwarding you can use the graphical Port + Forwarding editor which can be found in the Network Settings dialog + for Network Adaptors configured to use NAT. Here you can map host + ports to guest ports to allow network traffic to be routed to a + specific port in the guest.</para> + + <para>Alternatively command line tool <computeroutput>VBoxManage</computeroutput> could be used; + for details, please refer to <xref linkend="vboxmanage-modifyvm" />.</para> <para>You will need to know which ports on the guest the service uses and to decide which ports to use on the host (often but not always you @@ -319,9 +335,8 @@ forwards all TCP traffic arriving on the localhost interface (127.0.0.1) via port 2222 to port 22 in the guest.</para> - <para>It is not possible to configure incoming NAT connections while the - VM is running. However, you can change the settings for a VM which is - currently saved (or powered off at a snapshot).</para> + <para>It is possible to configure incoming NAT connections while the + VM is running, see <xref linkend="vboxmanage-controlvm"/>.</para> </sect2> <sect2 id="nat-tftp"> @@ -401,8 +416,61 @@ </sect2> </sect1> - <sect1> - <title id="network_bridged">Bridged networking</title> + <sect1 id="network_nat_service"> + <title>Network Address Translation Service (experimental)</title> + + <para>The Network Address Translation (NAT) service works in a similar way + to a home router, grouping the systems using it into a network and + preventing systems outside of this network from directly accessing systems + inside it, but letting systems inside communicate with each other and with + systems outside using TCP and UDP over IPv4 and IPv6.</para> + + <para>A NAT service is attached to an internal network. Virtual machines + which are to make use of it should be attached to that internal network. + The name of internal network is chosen when the NAT service is created and + the internal network will be created if it does not already exist. An + example command to create a NAT network is: + </para> + <para><screen>VBoxManage natnetwork add -t nat-int-network -n "192.168.15.0/24" -e</screen></para> + <para> + Here, "nat-int-network" is the name of the internal network to be used and + "192.168.15.0/24" is the network address and mask of the NAT service + interface. By default in this static configuration the gateway will be + assigned the address 192.168.15.1 (the address following the interface + address), though this is subject to change. To attach a DHCP server to the + internal network, we modify the example as follows:</para> + <para><screen>VBoxManage natnetwork add -t nat-int-network -n "192.168.15.0/24" -e -h on</screen></para> + <para> or to add a DHCP server to the network after creation:</para> + <para><screen>VBoxManage natnetwork modify -t nat-int-network -h on</screen></para> + <para>To disable it again, use:</para> + <para><screen>VBoxManage natnetwork modify -t nat-int-network -h off</screen></para> + <para>DHCP server provides list of registered nameservers, but doesn't map + servers from 127/8 network.</para> + <para>To start the NAT service, use the following command:</para> + <para><screen>VBoxManage natnetwork start -t nat-int-network</screen></para> + <para>If the network has a DHCP server attached then it will start together + with the NAT network service.</para> + <para><screen>VBoxManage natnetwork stop -t nat-int-network</screen> stops + the NAT network service, together with DHCP server if any.</para> + <para>To delete the NAT network service use:</para> + <para><screen>VBoxManage natnetwork remove -t nat-int-network</screen></para> + <para>This command does not remove the DHCP server if one is enabled on the + internal network.</para> + <para>Port-forwarding is supported (using the "-p" switch for IPv4 and "-P" + for IPv6):</para> + <para><screen>VBoxManage natnetwork modify -t nat-int-network -p "ssh:tcp:[]:10022:[192.168.15.15]:22"</screen></para> + <para>This adds a port-forwarding rule from the host's TCP 10022 port to + the port 22 on the guest with IP address 192.168.15.15. To delete the rule, + use:</para> + <para><screen>VBoxManage natnetwork modify -t nat-int-network -p delete ssh</screen></para> + <para>It's possible to bind NAT service to specified interface:</para> + <screen>VBoxManage setextradata global "NAT/win-nat-test-0/SourceIp4" 192.168.1.185</screen> + <para>To see the list of registered NAT networks, use:</para> + <para><screen>VBoxManage list natnetworks</screen></para> + </sect1> + + <sect1 id="network_bridged"> + <title>Bridged networking</title> <para>With bridged networking, VirtualBox uses a device driver on your <emphasis>host</emphasis> system that filters data from your physical @@ -499,8 +567,10 @@ and above), it is possible to use Solaris' Crossbow Virtual Network Interfaces (VNICs) directly with VirtualBox without any additional configuration other than each VNIC must be exclusive for every guest - network interface. With VirtualBox 2.0.4 and above, VNICs can be - used but with the following caveats:</para> + network interface.</para> + + <para>Starting with VirtualBox 2.0.4 and up to VirtualBox 4.0, VNICs + can be used but with the following caveats:</para> <itemizedlist> <listitem> @@ -590,7 +660,7 @@ version 2.2 of VirtualBox. It can be thought of as a hybrid between the bridged and internal networking modes: as with bridged networking, the virtual machines can talk to each other and the host as if they were - connected through a physical ethernet switch. Similarly, as with internal + connected through a physical Ethernet switch. Similarly, as with internal networking however, a physical networking interface need not be present, and the virtual machines cannot talk to the world outside the host since they are not connected to a physical networking interface.</para> @@ -714,11 +784,10 @@ Internal network case.</para> <para><note> - On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible to bind to ports below 1024 from applications that are not run by - - <computeroutput>root</computeroutput> - - . As a result, if you try to configure such a source UDP port, the VM will refuse to start. + On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible + to bind to ports below 1024 from applications that are not run by + <computeroutput>root</computeroutput>. As a result, if you try to + configure such a source UDP port, the VM will refuse to start. </note></para> </sect1> @@ -826,15 +895,15 @@ VBoxManage modifyvm "VM name" --nicbandwidthgroup2 Limit</screen></para> "attached" to the host's network in a number of ways. Depending on which types of adapters and attachments are used the network performance will be different. Performance-wise the <emphasis>virtio</emphasis> network - adapter is preferrable over <emphasis>Intel PRO/1000</emphasis> emulated + adapter is preferable over <emphasis>Intel PRO/1000</emphasis> emulated adapters, which are preferred over <emphasis>PCNet</emphasis> family of adapters. Both <emphasis>virtio</emphasis> and <emphasis>Intel PRO/1000 </emphasis> adapters enjoy the benefit of segmentation and checksum offloading. Segmentation offloading is essential for high performance as - it allows for less context switches, drammatically increasing the sizes - of packets that cross VM/host bondary.</para> + it allows for less context switches, dramatically increasing the sizes + of packets that cross VM/host boundary.</para> <note><para>Neither <emphasis>virtio</emphasis> nor <emphasis>Intel PRO/1000 - </emphasis> drivers for Windows XP do not support segmentation + </emphasis> drivers for Windows XP support segmentation offloading. Therefore Windows XP guests never reach the same transmission rates as other guest types. Refer to MS Knowledge base article 842264 for additional information.</para> @@ -848,7 +917,7 @@ VBoxManage modifyvm "VM name" --nicbandwidthgroup2 Limit</screen></para> network address translation. The generic driver attachment is special and cannot be considered as an alternative to other attachment types.</para> <para>The number of CPUs assigned to VM does not improve network - performance and in some cases may hurt it due to increased concurency in + performance and in some cases may hurt it due to increased concurrency in the guest.</para> <para>Here is the short summary of things to check in order to improve network performance:</para> |