How to configure a NIC on FreeBSD host so it's dedicated to VirtualBox VM

I have a dual-homed FreeBSD 9.0 machine that itself only uses one NIC. Until today, I have left the second NIC unconfigured.

Now I have installed Virtualbox on the FreeBSD host, and want to assign a particular Window guest two NICs, including dedicated access to this second, previously unused NIC. Within VirtualBox, I know this is a matter of selecting "Bridged Adapter" and pointing VirtualBox to the second NIC. What is unclear is how do I configure the second NIC on the FreeBSD host, so that the NIC is up and available for Virtualbox guests, without having TCP/IP properties or being connectable by/to the host.

With Hyper-V or VMware on Windows, this is simple a matter of enabling the NIC on the host machine, and then accessing the NIC's properties on the host machine, and then unchecking all the connection items (e.g, Client for Microsoft Networks, QoS Packet Scheduler, File and Print Sharing TCP/IPv4, TCP/IPv6, etc).

I am still new to FreeBSD and am not sure how to achieve the equivalent result editing by the /etc/rc.conf (or whatever other file).

Any help is appreciated. Thanks in advance.
 
Interesting question. I would guess as long as it isn't assigned an IP address, an interface would be up but unused. It wouldn't hurt to just set it that way:
/etc/rc.conf
Code:
ifconfig_re1="up"

As an alternate question: is a second NIC even needed? Well, yes, if it's connected to a different physical network. But can you bridge more than one VM onto a single physical card? Haven't tested, but I'd think so.
 
wblock said:
Interesting question. I would guess as long as it isn't assigned an IP address, an interface would be up but unused. It wouldn't hurt to just set it that way:
/etc/rc.conf
Code:
ifconfig_re1="up"

As an alternate question: is a second NIC even needed? Well, yes, if it's connected to a different physical network. But can you bridge more than one VM onto a single physical card? Haven't tested, but I'd think so.

Thank you for your response. Following your advice I added:

/etc/rc.conf
Code:
ifconfig_re1="up"

This worked partially, in that the NIC is up without IPv4 TCP/IP properties assigned, but another concern has arisen. When I run ifconfig it appears that FreeBSD is still assigning IPv6 local-link addresses.

Specifically, the following output is returned:

Code:
bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether [secret]
        inet 192.168.Y.X netmask 0xffffff00 broadcast 192.168.Y.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active

rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3808<VLAN_MTU,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
        ether [secret]
        inet6 fe80::220:18ff:fed9:f864%rl0 prefixlen 64 scopeid 0x7 
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

vboxnet0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether [secret]
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

I do not use IPv6 on the Host and would prefer the Realtek NIC not be assigned ANY address on the Host, as it is physically connected directly to my cable modem.

So I researched a bit (on this excellent site!) and, following this thread,
I added:

/etc/rc.conf
Code:
auto_linklocal="NO"

and

/boot/loader.conf
Code:
sysctl net.inet6.ip6.auto_linklocal=0

Despite those additions, as the above-quoted ifconfig report shows, the Ipv6 link-local address continues to be assigned.

So... any ideas on how to remove that assignment?

Thanks again for your help so far.
 
Add
Code:
WITHOUT_IPV6=yes
to /etc/src.conf, recompile the world and the kernel, and you'll never see an IPv6 address again. :)
 
LSDave said:
Thank you for your response. Following your advice I added:

/etc/rc.conf
Code:
ifconfig_re1="up"

It was an example, I was just guessing the interface name for a second card. For your system, it would be
Code:
ifconfig_rl0="up"

So it didn't really change anything, it just shows that the interface defaults to up anyway.

I do not use IPv6 on the Host and would prefer the Realtek NIC not be assigned ANY address on the Host, as it is physically connected directly to my cable modem.

Haven't messed with IPv6 at all, but ifconfig(8) mentions the ifdisabled option to disable all IPv6 on a specific interface.

phoenix's suggestion doesn't even build IPv6, but you can also just build a kernel without it by commenting out the INET6 option.
Code:
#options        INET6

Or use "nooptions".
Code:
nooptions       INET6
 
You can run pf firewall and use it to redirect IP traffic bound for your VMs. Since you have two nics, you might want to use one NIC as a private subnet like 192.168.1.0 (VM IP's) and then you have your other NIC answering requests from the Internet (Routeable addresses).

So what you might have (and the NICs in this example are just that, an example) in your /etc/pf.conf is,

Code:
ext_if="em0" #outside 
int_if="em1" #inside
.
.
rdr on $ext_if inet proto tcp from any to x.x.x.x -> 192.168.1.3

or rdr pass on $ext_if inet proto tcp from any to x.x.x.x -> 192.168.1.3

x.x.x.x = the IP address you want traffic bound to your VM from the internet. The actual VM you will assign it the non routeable IP address of 192.168.1.3.

If you don't want to use a firewall then don't assign the IP address you want to give to the VM on any NIC on the FreeBSD Host. Just give it the IP to the VM.

We use both methods depending on what the requirements are.

Hope that helps you.
 
Back
Top