Port forwarding 

Home 

When a session is running within VirtualBox and it is doing a server task like web or database serving, clients like browsers, etc. must be able to reach the session from the outside. To facilitate this, host interfacing or port forwarding can be used.

Possible usage includes (just a few examples):
  • web serving (port 80)
  • database serving
  • FTP serving (port 21)
  • SSH connection (port 22)

Host interfacing

For reaching a session from the outside, host interfacing is the standard procedure for most virtialization products. Host interfacing acts like a bridge between the session and the outside world. The session it self must be configured with a static IP address (must be different from the host address) and on this address, the session can be reached from the outside by client applications.

Example. Host where VirtualBox is running has IP address 192.168.0.201 configured. A session of Ubuntu Server is running, with an active Apache web server on port 80. Host interfacing is configured, session has 192.168.0.202 as a static IP address. A browser points to the IP address of the session, thus: 192.168.0.202. This request reaches the session on port 80 and the Apache web server responds as usual.

Drawbacks

  • not working with Network Manager on Ubuntu (a common situation on laptops with wireless connections), Network Manager must be disabled
  • complex, tedious task, for experienced users only; requires several non-trivial tasks to do; this is the most common complaint from switchers from VMware where host interfacing is actually dead simple; see section 6.8 of the VirtualBox manual for details
  • not flexible: per session, one configured interface is needed 
  • client session must have a static IP address; configuration procedure is different on different OS's, even different between several Linux distro's
  • not able to retrieve session IP address from the outside; except by a brute force port scan on an entire network segment
  • limited portability due to the session's static IP address; when the session is moved to another server, it is not certain if that session works right away because the configured static IP address may be in another network segment, possible without a proper gateway or net mask configuration, thus not working
  • exposes implementation of the network service, i.e. implemented as a separate, virtual machine

Port forwarding

When a session in configured with port forwarding, it is possible to reach the session from the outside by pointing to the host at a particular port. This port is then forwarded by VirtualBox to the session. The session then can respond. Essentially, the server where VirtualBox is running publishes a network service, but hides the implementation, i.e. the virtual machine.

Example. Host where VirtualBox is running has IP address 192.168.201 configured. A session of Ubuntu Server is running, with an active Apache web server on port 80. Port forwarding is configured from host port 8080 to guest port 80. A browser points to the IP address of the host, with the configured host port, thus: 192.168.0.201:8080. This request is forwarded by VirtualBox to the session on port 80 and the Apache web server responds. The browser does not know or has no means to detect that there's actually another (virtual) machine doing the work.

Benefits

  • works with Network Manager on Ubuntu
  • easy to configure, just three commands per session to apply
  • very flexible: configuration can take place on the fly
  • client session does not have to be configured with a static IP-address
  • no need to retrieve the session's IP address
  • flexible portability; when the session is moved to another server, it is very easy to re-configure because port forwarding configuration is no part of the session (vdi file)
  • hides implementation; from the client's view, the server just publishes a network service

Drawback(s)

  • when a session is moved to another server, which naturally has another host IP address, all clients (browsers, etc.) must also point to the new address, requiring reconfiguration on each client; however, this can be circumvented by using another port forwarding schema on top of the existing one on the router serving the network segment of the VirtualBox host

How fits VBoxTool in this?

Port forwarding has huge benefits above host interfacing: far more flexible, no conflicts with other software, scalable, easy to configure, good portability of sessions, etc.

Although port forwarding configuration only requires just three commands, VBoxTool makes it even easier by automating this process. VBoxTool is capable for configuring port forwarding for all sessions, all at once in one command: 'vbox autostart'; configuration takes place in /etc/vbox/machines.conf. As many port pairs as wanted can be applied.

Example in /etc/vbox/machines.conf: "Ubuntu Server,3392,2022-22|80-80". In this example, the Ubuntu Server can be reached with SSH on the host IP address on port 2022. A web server is active within the session on port 80 and can be reached by pointing to the host IP address, on the normal web port, 80.

Note. Of course, a host port to be forwarded must be unique over all sessions over the host VirtualBox installation. Say several sessions have to be reached by SSH (internal port 22). Each session must have another host port, say session 1: 2022 and session 2: 3022, all pointing to the same internal session port for SSH, 22. By using VBoxTool, this is very easy to configure.