How to configure different types of network in Oracle Virtualbox (Linux)

There are multiple types of network which can be configured in Oracle VirtualBox, so before going ahead you must be clear on your requirement. Here let me give you a brief overview of the type of network which you can create for you set of Linux box using Oracle Virtual Box and then you can choose the best option suiting your requirement.

Please follow below videos to get the graphical representation of the steps which are explained in this article


Bridged vs Internal vs NAT vs NAT Network vs Host Only Network - Oracle VirtualBox - Part 1

Bridged vs Internal vs NAT vs NAT Network vs Host Only Network - Oracle VirtualBox - Part 2

Network Address Translation (NAT)

NAT provides a one-to-one translation of IP addresses, A virtual machine with NAT enabled acts much like a real computer that connects to the Internet through a router. The "router", in this case, is the VirtualBox networking engine, which maps traffic from and to the virtual machine transparently. In VirtualBox this router is placed between each virtual machine and the host. This separation maximises security since by default virtual machines cannot talk to each other.

Below table demonstrates the type of network which will be created using this option

Questions
Response
Can vm connect to host?
YES
Can host connect to vm?
NO
Can vm connect to external network
YES
Can vm connect another vms in the same network?
NO
Can other computers on the host network connect vm?
NO

Go to the "Settings" of your vm using the steps below

Next select "Network" from the left TAB menu and select "NAT" from the drop down menu for your Network Adaptor as shown below.

Click Ok and save the new config

Flush the existing IP lease from your vm
[root@server2 ~]# dhclient -v -r
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b3:d0:49
Sending on   LPF/enp0s3/08:00:27:b3:d0:49
Sending on   Socket/fallback
DHCPRELEASE on enp0s3 to 192.168.1.1 port 67 (xid=0x5518167d)
Look for a fresh IP from the DHCP server
[root@server2 ~]# dhclient -v
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b3:d0:49
Sending on   LPF/enp0s3/08:00:27:b3:d0:49
Sending on   Socket/fallback
DHCPDISCOVER on virbr0-nic to 255.255.255.255 port 67 interval 4 (xid=0x340ffc01)
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 6 (xid=0x6bf6f2b9)
DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 7 (xid=0x20e6ae5)
DHCPREQUEST on enp0s3 to 255.255.255.255 port 67 (xid=0x20e6ae5)
DHCPOFFER from 10.0.2.2
DHCPACK from 10.0.2.2 (xid=0x20e6ae5)
bound to 10.0.2.15 -- renewal in 34887 seconds.
As we see below with the NAT the external network is reachable via the virtual machine
[root@server2 ~]# ping google.com
PING google.com (172.217.26.206) 56(84) bytes of data.
64 bytes from maa03s23-in-f206.1e100.net (172.217.26.206): icmp_seq=1 ttl=55 time=13.2 ms
64 bytes from maa03s23-in-f206.1e100.net (172.217.26.206): icmp_seq=2 ttl=55 time=8.75 ms
64 bytes from maa03s23-in-f206.1e100.net (172.217.26.206): icmp_seq=3 ttl=55 time=8.99 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 8.759/10.319/13.208/2.045 ms

NAT Network

This is one additional option you can find in the Oracle VirtualBox which brings in an enhancement to the NAT option already available wherein you can configure a local DHCP server using the Virtual Box which will just assign an internal IP, using which you can connect to the external network as well as the host machine.

Below table demonstrates the type of network which will be created using this option

Questions
Response
Can vm connect to host?
YES
Can host connect to vm?
NO
Can vm connect to external network
YES
Can vm connect another vms in the same network?
YES
Can other computers on the host network connect vm?
NO

Before starting to use NAT Network make sure the pre-requisite config is in place. Go to "File" and select "Preferences" as shown below

Under "Network" TAB select "NAT Networks" and add a new network using the "plus" sign as shown below, for me I have created a network "MyLab" with below values

Provide the Network Name and the subnet details which you want to assign to your vms configured with NAT Network, Click OK to save and exit your configuration.

Next choose this network for your virtual machine

Next flush the existing IP lease from your vm
[root@server1 ~]# dhclient -v -r
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b7:6e:24
Sending on   LPF/enp0s3/08:00:27:b7:6e:24
Sending on   Socket/fallback
DHCPRELEASE on enp0s3 to 10.0.2.2 port 67 (xid=0x7fc4255d)
Look for a fresh IP from the DHCP server
[root@server2 ~]# dhclient -v
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b3:d0:49
Sending on   LPF/enp0s3/08:00:27:b3:d0:49
Sending on   Socket/fallback
DHCPDISCOVER on virbr0-nic to 255.255.255.255 port 67 interval 8 (xid=0x6c597d6e)
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 7 (xid=0xb11913f)
DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 6 (xid=0x3d049811)
DHCPREQUEST on enp0s3 to 255.255.255.255 port 67 (xid=0x3d049811)
DHCPOFFER from 192.168.100.3
DHCPACK from 192.168.100.3 (xid=0x3d049811)
bound to 192.168.100.4 -- renewal in 503 seconds.
I have a similar server configured with NAT network having IP "192.168.100.5" which is reachable to the existing vm
[root@server2 ~]# ping 192.168.100.5
PING 192.168.100.5 (192.168.100.5) 56(84) bytes of data.
64 bytes from 192.168.100.5: icmp_seq=1 ttl=64 time=0.439 ms
64 bytes from 192.168.100.5: icmp_seq=2 ttl=64 time=0.569 ms
^C
--- 192.168.100.5 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.439/0.504/0.569/0.065 ms

Lets check the external network connectivity
[root@server2 ~]# ping google.com
PING google.com (172.217.26.174) 56(84) bytes of data.
64 bytes from maa03s22-in-f174.1e100.net (172.217.26.174): icmp_seq=1 ttl=55 time=12.8 ms
64 bytes from maa03s22-in-f174.1e100.net (172.217.26.174): icmp_seq=2 ttl=55 time=10.4 ms
64 bytes from maa03s22-in-f174.1e100.net (172.217.26.174): icmp_seq=3 ttl=55 time=10.6 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 10.441/11.307/12.852/1.095 ms
Although the host will not be able to connect the virtual machine
C:Program FilesOracleVirtualBox>ping 192.168.100.4

Pinging 192.168.100.4 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 192.168.100.4:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C

Bridged network

With bridged networking, VirtualBox uses a device driver on your host system that filters data from your physical network adapter. This driver is therefore called a "net filter" driver. This allows VirtualBox to intercept data from the physical network and inject data into it, effectively creating a new network interface in software. When a guest is using such a new software interface, it looks to the host system as though the guest were physically connected to the interface using a network cable: the host can send data to the guest through that interface and receive data from it. This means that you can set up routing or bridging between the guest and the rest of your network.

Below table demonstrates the type of network which will be created using this option

Questions
Response
Can vm connect to host?
YES
Can host connect to vm?
YES
Can vm connect to external network
YES
Can vm connect another vms in the same network?
YES
Can other computers on the host network connect vm?
YES

I have written one more article which was based on older version of Oracle Virtual Box but still can be read for more details on technical terms and usage
How to configure bridged network in Oracle Virtual Box (Linux)

This is the most used option as with this

  1. you will get direct access to the virtual machine from your host machine
  2. The VM can access external network via host network since the connection is bridged
  3. You can create multiple vms, each with bridged Network and they all can talk to each other over TCP protocol.
Navigate to the Network Setting of your VM using the below steps

Select "Bridged Adaptor" from the drop down menu under "Network" for your Network Adaptor. Also make sure you have selected the correct interface (which you want to be mapped the virtual NIC interface) under "Name"

Click OK and save the config

Next flush and renew the IP address with the new changes
[root@server1 ~]# dhclient -r
[root@server1 ~]# dhclient -v
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b7:6e:24
Sending on   LPF/enp0s3/08:00:27:b7:6e:24
Sending on   Socket/fallback
DHCPDISCOVER on virbr0-nic to 255.255.255.255 port 67 interval 4 (xid=0x35aa61a4)
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 8 (xid=0x7672f0bf)
DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 5 (xid=0x7ad0ec69)
DHCPREQUEST on enp0s3 to 255.255.255.255 port 67 (xid=0x7ad0ec69)
DHCPOFFER from 192.168.1.1
DHCPACK from 192.168.1.1 (xid=0x7ad0ec69)
bound to 192.168.1.5 -- renewal in 39757 seconds.
Check if you can access Internet
[root@server1 ~]# ping google.com
PING google.com (172.217.26.174) 56(84) bytes of data.
64 bytes from maa03s22-in-f14.1e100.net (172.217.26.174): icmp_seq=1 ttl=56 time=8.10 ms
64 bytes from maa03s22-in-f14.1e100.net (172.217.26.174): icmp_seq=2 ttl=56 time=7.99 ms
64 bytes from maa03s22-in-f14.1e100.net (172.217.26.174): icmp_seq=3 ttl=56 time=8.13 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 7.998/8.081/8.137/0.059 ms
I have a simliar vm with Bridged network configured with IP 192.168.1.6 and the same is also reachable as we can see below
[root@server1 ~]# ping 192.168.1.6
PING 192.168.1.6 (192.168.1.6) 56(84) bytes of data.
64 bytes from 192.168.1.6: icmp_seq=1 ttl=64 time=0.643 ms
64 bytes from 192.168.1.6: icmp_seq=2 ttl=64 time=0.337 ms
^C
--- 192.168.1.6 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.337/0.490/0.643/0.153 ms
My client VM is also accessible from my host windows machine
C:UsersDeepak>ping 192.168.1.6

Pinging 192.168.1.6 with 32 bytes of data:
Reply from 192.168.1.6: bytes=32 time<1ms TTL=64
Reply from 192.168.1.6: bytes=32 time<1ms TTL=64
Reply from 192.168.1.6: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.1.6:
    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C
^C

IMPORTANT NOTE: But this may fail if your host machine is hiding behind a VPN, in such case your internal network will work as it is but you will not be allowed to connect to external network i.e. Internet. For such situations you need a combo of NAT + Bridged Network. Create an additional interface in your vm and configure it with NAT, that should do the magic for you so with NAT you will connect external network while with Bridged Network you can access your vm using ssh client like Putty for ease of use.

Internal Network

Even though technically, everything that can be done using internal networking can also be done using bridged networking, there are security advantages with internal networking. In bridged networking mode, all traffic goes through a physical interface of the host system. It is therefore possible to attach a packet sniffer (such as Wireshark) to the host interface and log all traffic that goes over it. If, for any reason, you prefer two or more VMs on the same machine to communicate privately, hiding their data from both the host system and the user, bridged networking therefore is not an option.

Below table demonstrates the type of network which will be created using this option

Questions
Response
Can vm connect to host?
NO
Can host connect to vm?
NO
Can vm connect to external network
NO
Can vm connect another vms in the same network?
YES
Can other computers on the host network connect vm?
NO

I have another article for creating an Internal Network on VMware Workstation, so if you have VMware you can use the below article
Creating an internal network using VMware Workstation

For Oracle VirtualBox you would need a CLI to create an Internal Network
C:Program FilesOracleVirtualBox>VBoxManage dhcpserver add --netname mylab --ip 10.10.10.1 --netmask 255.255.255.0 --lowerip 10.10.10.2 --upperip 10.10.10.64 --enable

Navigate to the Network Setting of your VM using the below steps

Select "Internal Network" from the drop down menu under "Network" for your Network Adaptor.  Next add your Internal Network name as created in above step on the Windows CLI, for me I have replaced default "intnet" with "mylab" and click "OK"

Release and renew the DHCP IP
[root@server1 ~]# dhclient -r
[root@server1 ~]# dhclient -v
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b7:6e:24
Sending on   LPF/enp0s3/08:00:27:b7:6e:24
Sending on   Socket/fallback
DHCPDISCOVER on virbr0-nic to 255.255.255.255 port 67 interval 3 (xid=0x65b71ff9)
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 5 (xid=0x374508db)
DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 3 (xid=0x775839ae)
DHCPREQUEST on enp0s3 to 255.255.255.255 port 67 (xid=0x775839ae)
DHCPOFFER from 10.10.10.1
DHCPACK from 10.10.10.1 (xid=0x775839ae)
bound to 10.10.10.4 -- renewal in 488 seconds.
I have another vm with Internal Network with IP (10.10.10.2) and the same is reachable with this config
[root@server1 ~]# ping 10.10.10.2
PING 10.10.10.2 (10.10.10.2) 56(84) bytes of data.
64 bytes from 10.10.10.2: icmp_seq=1 ttl=64 time=0.317 ms
64 bytes from 10.10.10.2: icmp_seq=2 ttl=64 time=0.588 ms
64 bytes from 10.10.10.2: icmp_seq=3 ttl=64 time=4.56 ms
^C
--- 10.10.10.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.317/1.824/4.567/1.942 ms
Although the external network is unreachable
[root@server1 ~]# ping google.com
ping: google.com: Name or service not known
Lets see if this is reachable from our host windows system
C:Usersdeeprasa>ping 10.10.10.4

Pinging 10.10.10.4 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.10.10.4:
    Packets: Sent = 3, Received = 0, Lost = 3 (100% loss),
Control-C
^C
No the vm is not reachable which is quite expected.

Host Only Networking

It can be thought of as a hybrid between the bridged and internal networking modes: as with bridged networking, the virtual machines can talk to each other and the host as if they were connected through a physical Ethernet switch. Similarly, as with internal networking however, a physical networking interface need not be present, and the virtual machines cannot talk to the world outside the host since they are not connected to a physical networking interface.

So with Host Only Networking your multiple vms can connect to each other and the same would be reachable via your host machine but the vms would not be able to access the outside external network.

Below table demonstrates the type of network which will be created using this option

Questions
Response
Can vm connect to host?
NO
Can host connect to vm?
YES
Can vm connect to external network
NO
Can vm connect another vms in the same network?
YES
Can other computers on the host network connect vm?
YES

To be able to use Host Only Network option, make sure you have create a subnet with DHCP server.  Navigate to "Preferences" under "File"

Under "Network" navigate to "Host Only Networks" and create a new Adapter (if not existing already). For me I am using the default Network Adapter with below subnet details

Next assign the Host Only Network config for your vm using the Network Settings as shown below

[root@server1 ~]# dhclient -r
[root@server1 ~]# dhclient -v
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/virbr0-nic/52:54:00:79:27:fb
Sending on   LPF/virbr0-nic/52:54:00:79:27:fb
Listening on LPF/virbr0/52:54:00:79:27:fb
Sending on   LPF/virbr0/52:54:00:79:27:fb
Listening on LPF/enp0s3/08:00:27:b7:6e:24
Sending on   LPF/enp0s3/08:00:27:b7:6e:24
Sending on   Socket/fallback
DHCPDISCOVER on virbr0-nic to 255.255.255.255 port 67 interval 3 (xid=0x3e491404)
DHCPDISCOVER on virbr0 to 255.255.255.255 port 67 interval 7 (xid=0x5c74553e)
DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 7 (xid=0x2e350e0d)
DHCPDISCOVER on virbr0-nic to 255.255.255.255 port 67 interval 5 (xid=0x3e491404)
DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 14 (xid=0x2e350e0d)
DHCPREQUEST on enp0s3 to 255.255.255.255 port 67 (xid=0x2e350e0d)
DHCPOFFER from 192.168.56.100
DHCPACK from 192.168.56.100 (xid=0x2e350e0d)
bound to 192.168.56.101 -- renewal in 520 seconds.
I have a similar vm with Host Only Network configured with IP (192.168.56.102) and the same looks properly reachable
[root@server1 ~]# ping 192.168.56.102
PING 192.168.56.102 (192.168.56.102) 56(84) bytes of data.
64 bytes from 192.168.56.102: icmp_seq=1 ttl=64 time=2.16 ms
64 bytes from 192.168.56.102: icmp_seq=2 ttl=64 time=0.777 ms
^C
--- 192.168.56.102 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.777/1.469/2.161/0.692 ms
Although the one difference between this config and Bridged is that external network is not reachable
[root@server1 ~]# ping google.com
ping: google.com: Name or service not known
Also this vm can be accessed using our host windows system
C:UsersDeepak>ping 192.168.56.101

Pinging 192.168.56.101 with 32 bytes of data:
Reply from 192.168.56.101: bytes=32 time=1ms TTL=64
Reply from 192.168.56.101: bytes=32 time=1ms TTL=64

Ping statistics for 192.168.56.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms
Control-C
^C