Bug #7695

No network with VirtualBox, Bridged Mode, and MAC Spoofing

Added by sajolida 2014-07-31 13:57:00 . Updated 2018-01-19 16:22:23 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Spoof MAC
Target version:
Start date:
2014-07-31
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Several people reported that issue already, see 4876dc836b06b6133da4469563622162 and 96b23004bf726b06aaa033b0c605e499.

I can provide email addresses of users for debugging if needed.

1. Install VirtualBox from Debian’s repository (version 4.3.14-dfsg-1 for two users).
2. Boot any Tails with Mac Address Spoofing as an available option.
3. Keep the Mac Address Spoofing option enabled and log in at the greeter.

This happens with Bridged Mode but not with NAT Mode.

With NAT Mode:

I found that it works in NAT mode, but fails in Bridged Mode.

In NAT mode, which works, the following is logged:

localhost dhclient: Listening on LPF/eth0/XX:XX:XX:XX:XX:XX
localhost dhclient: Sending on LPF/eth0/XX:XX:XX:XX:XX:XX
localhost dhclient: Sending on Socket/fallback localhost dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4@
localhost dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
localhost dhclient: DHCPOFFER from X.X.X.X

In Bridged Mode, when it fails, the following is logged:

localhost dhclient: Listening on LPF/eth0/XX:XX:XX:XX:XX:XX
localhost dhclient: Sending on LPF/eth0/XX:XX:XX:XX:XX:XX
localhost dhclient: Sending on Socket/fallback
localhost dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
localhost kernel: [ 450.104114] Dropped outbound packet: XXX
...
localhost dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
localhost NetworkManager[4677]: <info> (eth0): IP6 addrconf timed out or failed.
localhost NetworkManager[4677]: <info> Activation (eth0) Stage 4 of 5 (IPv6 Configure Timeout) scheduled...
localhost NetworkManager[4677]: <info> Activation (eth0) Stage 4 of 5 (IPv6 Configure Timeout) started...
localhost NetworkManager[4677]: <info> Activation (eth0) Stage 4 of 5 (IPv6 Configure Timeout) complete.
localhost dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 18
localhost dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
localhost NetworkManager[4677]: <warn> (eth0): DHCPv4 request timed out.
localhost NetworkManager[4677]: <info> (eth0): canceled DHCP transaction, DHCP client pid 5603


Subtasks


Related issues

Related to Tails - Feature #7995: Detect bridged network adapters when running from VM Confirmed 2014-10-02
Related to Tails - Feature #7143: Rework /doc/advanced_topics/virtualization/ Resolved 2014-04-30
Has duplicate Tails - Bug #7081: No networking in VirtualBox Duplicate 2014-04-13

History

#1 Updated by sajolida 2014-07-31 14:09:20

  • Subject changed from No network when running inside VirtualBox with MAC address spoofing to No network with VirtualBox, Bridged Mode, and MAC Spoofing
  • Description updated

#2 Updated by intrigeri 2014-07-31 14:29:13

I doubt we can do anything on our side. I wouldn’t find it crazy that the VirtualBox bridge has some kind of MAC filtering, and that might be a feature. Given that there’s a workaround (that is actually: using the default network config, IIRC), I think it’s worth documenting in known issues, and that’s all.

#3 Updated by BitingBird 2014-07-31 14:38:08

Documenting it in known issues seems right to me. If everyone agrees, we can remove anonym from assignee :)

#4 Updated by sajolida 2014-08-01 15:07:18

> I doubt we can do anything on our side. I wouldn’t find it crazy that
> the VirtualBox bridge has some kind of MAC filtering, and that might
> be a feature. Given that there’s a workaround (that is actually:
> using the default network config, IIRC), I think it’s worth
> documenting in known issues, and that’s all.

Shall we wait for anonym to confirm that there is nothing we can do? He
faced this issue already I think and might be interested in having a look.

Then I’m ok to document this and be done with it. It matches our
promises with regard to MAC spoofing: « On some network interfaces, MAC
address spoofing is impossible due to limitations in the hardware or in
Linux. Tails temporarily disables such network interfaces. You might
disable MAC address spoofing to be able to use them. »

#5 Updated by kytv 2014-08-02 19:03:48

BitingBird wrote:
> Documenting it in known issues seems right to me. If everyone agrees, we can remove anonym from assignee :)

+1 on adding it to “known issues”.

#6 Updated by emmapeel 2014-08-10 17:56:24

  • has duplicate Bug #7081: No networking in VirtualBox added

#7 Updated by soulplane11 2014-10-01 20:51:02

I had this problem as well. If Tails can detect that it is in a virtual machine can’t it also detect this condition and notify the user? “Tails has detected you are running it in VirtualBox with a bridged network adapter. Tails cannot use that configuration to connect to the internet when MAC spoofing is also enabled. You can either click here to disable MAC spoofing or set your VM’s network adapter to NAT and reboot.”

#8 Updated by sajolida 2014-10-02 10:24:09

  • related to Feature #7995: Detect bridged network adapters when running from VM added

#9 Updated by sajolida 2014-10-02 10:24:34

That make sense. I created Feature #7995 to track that proposal.

#10 Updated by anonym 2014-10-02 13:50:14

I can’t reproduce it (with Debian’s wheezy-backports package, 4.3.14-dfsg-1~bpo70+1), but I did experience a transient issue with VirtualBox very similar to this when developing the MAC spoofing feature although I had it both with NAT:ed and bridges networking. There’s commit ee1aa9821d28a31c0173745be16f16675a45f763 in Tails Greeter’s Git repo which implements something like what is requested by soulpane11. It was reverted, however, since I’ve never was able to reproduce the issue after rebooting (or whatever) and haven’t seen it for a year now.

#11 Updated by sajolida 2014-10-06 16:56:53

  • Assignee changed from anonym to sajolida

Hmm, very nice to see that this has already been thought off and
implemented. So now I should try to reproduce this more reliably and
present you my results.

#12 Updated by intrigeri 2014-10-26 16:27:12

sajolida asked me to give my opinion on this ticket, so here I am. However:

  • I’ve already given my opinion in comment 2; I still think it’s good enough, and anything more involved would be a waste of our time
  • last change on this ticket is by sajolida, who reassigns to himself and says he’ll test it

So, I should do something, please clarify :)

#13 Updated by sajolida 2014-12-24 10:08:45

  • related to Feature #7143: Rework /doc/advanced_topics/virtualization/ added

#14 Updated by sajolida 2015-02-05 21:46:52

  • Assignee deleted (sajolida)

#15 Updated by Anonymous 2018-01-19 16:22:23

  • Status changed from Confirmed to Rejected

Nothing happened on that ticket since 3 years. comment 2 says: “I still think it’s good enough, and anything more involved would be a waste of our time”.
-> Rejecting.