NAT Port forwarding rules not working on second network adapter

[ssaloisb]

We have a custom script that creates VMs using Virtualbox that has worked for years. The script setups each VM with two network adapters:

• Network Adapter 1:

Type: Bridge Adapter

• Network Adapter 2:

Type: NAT Port forward rule: TCP Host IP: unset Host Port: some port (ex: 12132) Guest IP: unset Guest Port: 22

The script creates the VM and uses the NAT port forward to SSH on the VM and then configure the external IP and other stuff. On Virtualbox 7.0.22, this works fine. On Virtualbox 7.1.4, we cannot SSH using the local port forward. SSH just times out.

Using netstat -a, I see the redirection rule which seems fine:

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State

(...)

tcp 0 0 0.0.0.0:12130 0.0.0.0:* LISTEN

After some investigation, I realized that the NAT port forwarding seems to only work when NAT is on the first network adapter. If I do the exact same setup and reverse my two network adapters, then I am able to SSH on my VM using the port forward. So for some reasons, the NAT port forwarding don't work when set on the second network adapter. I imagine the same would be true if NAT was on the third or fourth adapter.

Host: Windows 11/Ubuntu 24.10 Guest: Oracle Linux 8.6

[ssaloisb]

VBox.log

[ssaloisb]

Network Adapter 1 Config

[ssaloisb]

Network Adapter 2 Config

[ssaloisb]

Network Adapter 2 Port Forward Config

[ssaloisb]

Note that I have just tried with the latest 7.1.6 and the issue is still present. I imagine that the issue is only on 7.1 because of the "NAT: New engine with IPv6 support" mentioned in the 7.1.0 changelogs.

[fumiyas3]

I'm facing the same issue with the Network Adapter 1 on VirtualBox 7.1.6.

I can reproduce the issue as below.

Vagrantfile:

Vagrant.configure("2") do |config|
  config.vm.box = "almalinux/8"
  config.vm.provider "virtualbox" do |vb|
    vb.name = "almalinux8-vbox-bug22276"
    vb.customize(['modifyvm', :id,
      # Default is no problem.
      #'--nat-net1', 'default',
      # Bug #22276
      '--nat-net1', '10.250.250.0/24',
      # Additional tweeks to fix console hanging
      '--graphicscontroller', 'vmsvga',
      '--vram', '8',
    ])
  end
end

Vagrant log:

$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Checking if box 'almalinux/8' version '8.10.20240821' is up to date...
==> default: Setting the name of the VM: almalinux8-vbox-bug22276
==> default: Clearing any previously set forwarded ports...
==> default: Fixed port collision for 22 => 2222. Now on port 2201.
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
    default: Adapter 1: nat
==> default: Forwarding ports...
    default: 22 (guest) => 2201 (host) (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
    default: SSH address: 127.0.0.1:2201
    default: SSH username: vagrant
    default: SSH auth method: private key

... wait for timeout (300 seconds) ...

Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.

If you look above, you should be able to see the error(s) that
Vagrant had when attempting to connect to the machine. These errors
are usually good hints as to what may be wrong.

If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.

If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout") value.
$ vboxmanage showvminfo almalinux8-vbox-bug22276 |grep '^NIC'
NIC 1:                       MAC: XXXXXXXXXXXX, Attachment: NAT, Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny, Bandwidth group: none
NIC 1 Settings:  MTU: 0, Socket (send: 64, receive: 64), TCP Window (send:64, receive: 64)
NIC 1 Rule(0):   name = ssh, protocol = tcp, host ip = 127.0.0.1, host port = 2201, guest ip = , guest port = 22
NIC 2:                       disabled
NIC 3:                       disabled
NIC 4:                       disabled
NIC 5:                       disabled
NIC 6:                       disabled
NIC 7:                       disabled
NIC 8:                       disabled

[fumiyas3]

I can reproduce the issue as below.

No problem with VirtualBox 7.0.X and older.

[fumiyas3]

Duplicate of ticket #22205?