Simulated NAT Traversal on Virtual Box

virtualboxvirtualization

I have installed virtual box ( with Two virtual Adapters(NAT-type)) – Host (Ubuntu -10.10) – Guest-Opensuse-11.4. My Objective is to simulate all four types of NAT as defined here. Simulating the various kinds of NATs can be done using Linux iptables. In these examples, eth0 is the private network and eth1 is the public network.

Full-cone:

iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip goes here>
iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination <private ip goes here>

Restricted cone:

iptables -t nat POSTROUTING -o eth1 -p tcp -j SNAT --to-source <public ip goes here> 
iptables -t nat POSTROUTING -o eth1  -p udp -j SNAT --to-source <public ip goes here> 
iptables -t nat PREROUTING -i eth1 -p tcp -j DNAT --to-destination <private ip goes here> 
iptables -t nat PREROUTING -i eth1 -p udp -j DNAT --to-destination <private ip goes here> 
iptables -A INPUT -i eth1 -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT 
iptables -A INPUT -i eth1 -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT 
iptables -A INPUT -i eth1 -p tcp -m state --state NEW -j DROP 
iptables -A INPUT -i eth1 -p udp -m state --state NEW -j DROP

Port-restricted cone:

 iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source <public ip goes here>

Symmentric:

echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE --random
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

I setup an OpenSuse guest with Two Virtual adapters, eth0 and eth1.

  • eth1 with address 10.0.3.15 / eth1:1 as 10.0.3.16
  • eth0 with address 10.0.2.15

Then ran the stund client/server…

Server:

eKimchi@linux-6j9k:~/sw/stun/stund> ./server -v -h 10.0.3.15 -a 10.0.3.16

Client:

eKimchi@linux-6j9k:~/sw/stun/stund> ./client -v 10.0.3.15 -i 10.0.2.15

…on all Four Cases It is giving same results :

test I = 1 test II = 1 test III = 1 test I(2) = 1 is nat = 0 mapped IP same = 1 hairpin = 1 preserver port = 1 Primary: Open Return value is 0x000001

Q-1: Please let me know If any has ever done, It should behave like NAT as per description but nowhere it working as a NAT.

Q-2: How NAT Implemented in Home routers (Usually Port Restricted), but those also pre-configured iptables rules and tuned Linux

Best Answer

If you want to "control" the different types of NAT with the guests running under any kind of hypervisor, then you need to run the guests under the "bridged" networking mode.

Related Topic