File: nat-limitations.dita

package info (click to toggle)
virtualbox 7.1.12-dfsg-2
  • links: PTS, VCS
  • area: contrib
  • in suites: sid
  • size: 565,672 kB
  • sloc: ansic: 2,330,854; cpp: 2,193,228; asm: 230,777; python: 223,895; xml: 86,771; sh: 25,541; makefile: 8,158; perl: 5,697; java: 5,337; cs: 4,872; pascal: 1,782; javascript: 1,692; objc: 1,131; lex: 931; php: 906; sed: 899; yacc: 707
file content (51 lines) | stat: -rw-r--r-- 2,605 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
<topic xml:lang="en-us" id="nat-limitations">
  <title>NAT Limitations</title>
  
  <body>
    <p>There are some limitations of NAT mode which users should be aware of, as follows: </p>
    <ul>
      <li>
        <p><b outputclass="bold">ICMP protocol limitations.</b>
            Some frequently used network debugging tools, such as
            <userinput>ping</userinput> or <userinput>traceroute</userinput>,
            rely on the ICMP protocol for sending and receiving
            messages. <ph conkeyref="vbox-conkeyref-phrases/product-name"/> ICMP support has some limitations,
            meaning <userinput>ping</userinput> should work but some other
            tools may not work reliably.
          </p>
      </li>
      <li>
        <p><b outputclass="bold">Receiving of UDP broadcasts.</b> The guest does not reliably
          receive UDP broadcasts. In order to save resources, it only listens for a certain amount
          of time after the guest has sent UDP data on a particular port. As a consequence, NetBios
          name resolution based on broadcasts does not always work, but WINS always works. As a
          workaround, you can use the numeric IP of the required server in the
              <filepath>\\<varname>server</varname>\<varname>share</varname></filepath> notation. </p>
      </li>
      <li>
        <p><b outputclass="bold">Some protocols are not
            supported.</b> Protocols other than TCP and UDP are
            not supported. GRE is not supported. This means some VPN
            products, such as PPTP from Microsoft, cannot be used. There
            are other VPN products which use only TCP and UDP.
          </p>
      </li>
      <li>
        <p><b outputclass="bold">Forwarding host ports below
            1024.</b> On UNIX-based hosts, such as Linux, Oracle
            Solaris, and macOS, it is not possible to bind to ports
            below 1024 from applications that are not run by
            <codeph>root</codeph>. As a result, if you try to
            configure such a port forwarding, the VM will refuse to
            start.
          </p>
      </li>
    </ul>
    <p>These limitations normally do not affect standard network use. But the presence of NAT has also subtle effects
      that may interfere with protocols that are normally working. One example is NFS, where the server is often
      configured to refuse connections from non-privileged ports, which are those ports above 1024. </p>
  </body>
  
</topic>