Connectivity for the (occasional) road warrior

Avatar von Martin Brotzeller

When you have a virtual machine that connects both to the host directly and to the network via bridging, you can run into troubles with DNS resolution if you use DHCP on both network interfaces. Since the solution is somewhat cryptically hidden in the DHCP client manual, here’s a walkthrough.

Modern web development usually takes place on virtual machines that resemble the target environment better than the operating system of the programmer’s choice. A nice bonus is that you can have different setups for different projects running at once. There are a couple of virtualization technologies available, we usually run VMware, VirtualBox or KVM. All have in common that they simulate hardware for an operating system that runs in a sandbox. Sandboxing only works for the parts that do not directly touch the real world though. When it comes to internet connectivity, the host system needs to provide physical access to its own network device. There are three modes of network connectivity that are supported by all virtualization solutions alike: Bridged network access, NAT and Host-only. In the first case, the guest can use the network device of the host freely and get assigned its own IP address. NAT means the host provides a virtual network device to the guest and routes via network address translation, which means the guest can not be reached from outside, but can establish connections itself. In the host-only case, the guest can communicate with the host and possibly with other virtual machines running on the locally, but not with everyone else.

As a web programmer in a team, i want my team to be able to access the web server running on my virtual machine. That means, i need a bridged networking device. Since I need a valid IP address, i request it from the company DHCP server (which in our case even assigns the address to the name i choose in our intranet DNS).

As someone who frequently travels by train and wants to be able to work through the journey (without having to have mobile internet), i want to be able to connect to my virtual machine without internet connectivity. That means if I do not want to hardwire IP addresses, i need to use the host-only network getting addresses automatically via DHCP from the host.
Since i do not want to reconfigure my setup every time I change workplaces from office to travel or the other way round, i would like to have a configuration that allows me to always use host-only, but let everyone else connect to my public IP address.

Sounds easy. The devil is in the details, though. Nowadays, DHCP not only gets you an address, but additionally provides DNS resolution (and possibly an NTP connection). Running two network devices in DHCP client mode in the standard setup therefore yields two sources of DNS servers. For a couple of reasons, there is no unambiguous solution for that, so you end up with a resolv.conf file that alternates between the usual DNS servers in the company and a default configuration from the host-only network that yields no resolution at all. So you want to stop getting DNS from your host, but still get an address for the host-only network. Since the documentation is a bit terse there, here is the simple version:

The standard client config (for Ubuntu Linux) has the following:

# Request several well known/usefull dhcp options.
request subnet-mask, broadcast-address, routers,
    interface-mtu, host-name, domain-name, domain-search,
    domain-name-servers, nis-domain, nis-servers,
    nds-context, nds-servers, nds-tree-name,
    netbios-name-servers, netbios-dd-server,
    netbios-node-type, netbios-scope, ntp-servers;

That means the DHCP client tries to get all those from the server. The short solution now would be to remove all things DNS from there and have a static resolv.conf. There is a more sophisiticated way though:

request subnet-mask, broadcast-address, routers;
interface "eth0" {
    request subnet-mask, broadcast-address, time-offset, routers,
        domain-name, domain-name-servers, domain-search, host-name,
        netbios-name-servers, netbios-scope, interface-mtu,
        rfc3442-classless-static-routes, ntp-servers;

Provided that eth0 is your bridged device, the DHCP client is advised to only get adresses for all devices and only for eth0 to get name resolution and everything else.

Avatar von Martin Brotzeller


Eine Antwort zu „Connectivity for the (occasional) road warrior“

  1. Lesenswert: Connectivity for the (occasional) road warrior

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Für das Handling unseres Newsletters nutzen wir den Dienst HubSpot. Mehr Informationen, insbesondere auch zu Deinem Widerrufsrecht, kannst Du jederzeit unserer Datenschutzerklärung entnehmen.