Network failure in VirtualBox Guest VM

I can't access the internet from a VirtualBox virtual machine on Windows 7 and Debian Linux. I need to fix the problem in order to get these VMs working again.

I have a Debian laptop host that has been running VMware VMs in the past and now runs VirtualBox VMs without any difficulty. Most of my VMs have network setup bridged through the laptop's wi-fi card, and my home router provides DHCP addresses for the laptop and its VMs.

Lately, I've also been using Docker and Docker Compose without any issues. I have a docker0 bridge, but my laptop's network manager also shows the br-xxxxxxxxxxxx bridge and others that I'm not familiar with, but I've noticed that every time I create or just start a Docker container, I get more more and more.

Anyway, I've been able to use bridged networking in a VirtualBox guest to connect from the host laptop to the guest via SSH, HTTP, etc., and vice versa, and to be able to connect to the internet from both the laptop and the guest, at least Able to ping Google's 8.8.8.8.

I'm not sure if this is the reason, but it's definitely different: over the weekend, I made a docker-compose.yaml file cobbled together from other sources and added the following to something I've never used before in the previous In any docker-compose.yaml:

networks:
   default:
      driver: bridge

Of all my Docker Compose files, this is the only one with networks.

When I docker-compose upfirst asked this question , I could have sworn I saw another bubble in the notification area of ​​Network Manager, but I'm not sure.

Usually, I do remember that I got extra bridges, and after a few days or weeks I would " edit connections" to manually remove those extra bridges as they got old.

Anyway, I'm not too concerned about the extra air bubbles and I have no issues with my container. I exposed the ports and was able to browse to them via http://localhost:nnnn as usual , and I didn't think much about it.

Today was the first time in about a week or two that I booted up my VirtualBox virtual machine - a Windows 7 guest. Once there, I realized I couldn't connect to the internet. I fired up a command prompt and realized I couldn't even , and ping 8.8.8.8no ipconfigIP address was reported.

I tried one of my Debian VMs. Same thing - can't ping 8.8.8.8, and no IP addresses are reported /sbin/ifconfig eth0.

The host laptop is so happy with the private IP address that I go to http://superuser.com to post this question.

What are the next steps I should take to resolve this issue?

Edit: I'm not sure what I did, but I managed to get my VM to get an IP address and connect to the internet.

First, it took me a while to type the above, so I don't know if I'll have to wait a while. It seems silly, and I've never done this before.

I remember restarting the Docker daemon on the host ( sudo /etc/init.d/docker restart) before , but after doing so, I didn't see any noticeable change.

Before this, I had restarted my laptop. I remember when it came back I started the VM but the internet connection still didn't work in the VM.

ifdownI barely did / ifupand ipconfig /releaseand before rebooting and ipconfig /renewthen started removing those bridges mentioned in the network manager, but this time I removed all bridges - even the current bridge and the docker0 bridge. At the time, it didn't seem to make any difference.

I also powered off and powered on the virtual machines in no particular order.

That's it

Update (3/15/2018): Now it's even worse; my VM is having a hard time getting an IP address and now it's impossible to ping 8.8.8.8 from inside the VM at all. This is happening with both VirtualBox VMs and VMware VMs.

Docker containers are able to enter the Internet without any difficulty.

When I run one of my Debian VMs, this is the bridge on the host laptop:

# brctl show
bridge name bridge id       STP enabled interfaces
br-993886a09e53     8000.02424635b59c   no      
br-9d3771956e43     8000.0242c5e9afa6   no      
br-ce4e98cb7458     8000.0242561fb6fc   no      
br-ef846b86506c     8000.0242982b55d7   no      
br-fd2186a1e375     8000.02426f4ae98a   no      
docker0     8000.024258c6aaa0   no

The VM's network settings show that its adapter 1 is attached to the bridge adapter name wlan0. Promiscuous mode is set to deny and check cable connections .

Here is the device I have:

# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
    link/ether 24:b6:fd:xx:xx:xx brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
    link/ether c0:18:85:xx:xx:xx brd ff:ff:ff:ff:ff:ff
4: vmnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 00:50:56:xx:xx:xx brd ff:ff:ff:ff:ff:ff
5: vmnet8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 00:50:56:xx:xx:xx brd ff:ff:ff:ff:ff:ff
6: br-ef846b86506c: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:98:xx:xx:xx brd ff:ff:ff:ff:ff:ff
7: br-fd2186a1e375: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:6f:xx:xx:xx brd ff:ff:ff:ff:ff:ff
8: br-993886a09e53: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:46:xx:xx:xx brd ff:ff:ff:ff:ff:ff
9: br-9d3771956e43: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:c5:xx:xx:xx brd ff:ff:ff:ff:ff:ff
10: br-ce4e98cb7458: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:56:xx:xx:xx brd ff:ff:ff:ff:ff:ff
11: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:58:xx:xx:xx brd ff:ff:ff:ff:ff:ff
12: vboxnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 0a:00:27:xx:xx:xx brd ff:ff:ff:ff:ff:ff
13: vboxnet1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 0a:00:27:xx:xx:xx brd ff:ff:ff:ff:ff:ff

Here are my firewall rules. The list was much shorter until I tried to install ufwand gufw, then run gufw, enable it, then disable it.

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ufw-before-logging-input  all  --  anywhere             anywhere            
ufw-before-input  all  --  anywhere             anywhere            
ufw-after-input  all  --  anywhere             anywhere            
ufw-after-logging-input  all  --  anywhere             anywhere            
ufw-reject-input  all  --  anywhere             anywhere            
ufw-track-input  all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
DOCKER-ISOLATION  all  --  anywhere             anywhere            
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
DOCKER     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ufw-before-logging-forward  all  --  anywhere             anywhere            
ufw-before-forward  all  --  anywhere             anywhere            
ufw-after-forward  all  --  anywhere             anywhere            
ufw-after-logging-forward  all  --  anywhere             anywhere            
ufw-reject-forward  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ufw-before-logging-output  all  --  anywhere             anywhere            
ufw-before-output  all  --  anywhere             anywhere            
ufw-after-output  all  --  anywhere             anywhere            
ufw-after-logging-output  all  --  anywhere             anywhere            
ufw-reject-output  all  --  anywhere             anywhere            
ufw-track-output  all  --  anywhere             anywhere            

Chain DOCKER (6 references)
target     prot opt source               destination         

Chain DOCKER-ISOLATION (1 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            
RETURN     all  --  anywhere             anywhere            

Chain ufw-after-forward (1 references)
target     prot opt source               destination         

Chain ufw-after-input (1 references)
target     prot opt source               destination         

Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination         

Chain ufw-after-logging-input (1 references)
target     prot opt source               destination         

Chain ufw-after-logging-output (1 references)
target     prot opt source               destination         

Chain ufw-after-output (1 references)
target     prot opt source               destination         

Chain ufw-before-forward (1 references)
target     prot opt source               destination         

Chain ufw-before-input (1 references)
target     prot opt source               destination         

Chain ufw-before-logging-forward (1 references)
target     prot opt source               destination         

Chain ufw-before-logging-input (1 references)
target     prot opt source               destination         

Chain ufw-before-logging-output (1 references)
target     prot opt source               destination         

Chain ufw-before-output (1 references)
target     prot opt source               destination         

Chain ufw-reject-forward (1 references)
target     prot opt source               destination         

Chain ufw-reject-input (1 references)
target     prot opt source               destination         

Chain ufw-reject-output (1 references)
target     prot opt source               destination         

Chain ufw-track-input (1 references)
target     prot opt source               destination         

Chain ufw-track-output (1 references)
target     prot opt source               destination         

I try to create one /etc/sysctl.d/bridge.confwith the following :

# Reference: https://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf

net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0

Then ran sysctl -p.

I tried running Wireshark along with tcpdump on the host laptop and watched what happened when I ran it dhclient eth0in the VM :

# tcpdump -ni wlan0 port 67
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:03:45.275713 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.275788 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.418183 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.418277 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:49.220658 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:49.220749 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:51.953865 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:51.953936 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.275713 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.275788 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.418183 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:45.418277 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:49.220658 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:49.220749 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:51.953865 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:03:51.953936 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:04:04.084840 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:04:04.084909 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:04:16.898585 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:04:16.898688 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:04:26.201038 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300
19:04:26.201150 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:0c:29:xx:xx:xx, length 300

If I'm doing everything right, traffic is leaving the bridge but not re-entering, is this an ingress issue?

I also noticed today that another laptop on the same home network can't SSH into it; I'm not sure if that's related.

I can SSH into the laptop from myself:

$ ssh user@localhost
$ ssh [email protected]

However, if I try to connect via WinSCP from another laptop, it seems to time out. Wireshark shows absolutely no activity from other laptops.

The laptop used to be able to connect about six weeks ago.

I checked the router's configuration and nothing seems to be out of the ordinary.

Again, I'm trying to connect via SSH from an Android phone using the ConnectBot app. It used to work fine too, now I see the following in the ConnectBot output:

Connecting to 192.168.1.8:22 via ssh

Connection Lost
recvfrom failed: ECONNRESET (Connection reset by peer)
recvfrom failed: ECONNRESET (Connection reset by peer)