Need to do Bridged Adapter only in Vagrant, no NAT


So I'm having an issues with a Vagrant setup of 'hashicorp/precise64' on my MAC book.

First, my config:

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| = "hashicorp/precise64" "public_network", type: "dhcp", :bridge => 'en4: Thunderbolt Ethernet'
  config.vm.hostname = "mddirector"

This is the oupput of the 'vagrant up'

==> default: Attempting graceful shutdown of VM...
==> default: Checking if box 'hashicorp/precise64' is up to date...
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
    default: Adapter 1: nat
    default: Adapter 2: bridged
==> default: Forwarding ports...
    default: 22 => 2222 (adapter 1)
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
    default: SSH address:
    default: SSH username: vagrant
    default: SSH auth method: private key
    default: Warning: Connection timeout. Retrying...
==> default: Machine booted and ready!
GuestAdditions 4.3.10 running --- OK.
==> default: Checking for guest additions in VM...
==> default: Setting hostname...
==> default: Configuring and enabling network interfaces...
==> default: Mounting shared folders...
    default: /vagrant => /Users/garthm/Projects/vagrant
==> default: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> default: to force provisioning. Provisioners marked to run always will still run.

'ifconfig' shows the following:

vagrant@mddirector:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 08:00:27:88:0c:a6
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::a00:27ff:fe88:ca6/64 Scope:Link
          RX packets:725 errors:0 dropped:0 overruns:0 frame:0
          TX packets:544 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:90824 (90.8 KB)  TX bytes:63375 (63.3 KB)

eth1      Link encap:Ethernet  HWaddr 08:00:27:2f:bb:6a
          inet addr:  Bcast:  Mask:
          RX packets:3490 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:345981 (345.9 KB)  TX bytes:1102 (1.1 KB)

lo        Link encap:Local Loopback
          inet addr:  Mask:
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

My problem is that, that I can ping the VM from my host machine (IP:, other people can ping my my VM too (10.0.24.XXX), my VM can ping my devbox (IP:, I can ping other developers virtual machine setups from my devbox (not Vagrant, IP:, but I can't ping my VM from my devbox and other developer's can't ping my VM from their devbox.

The Virtual machine setups they have is with a Bridged NIC only, but the vagrant for some reason has both a NAT and Bridged, even though, I've specified bridged in the config. As you can see, there are two IP addresses for the Vagrant VM, which doesn't seem right. You can also, when it boots up, it does a port forward on Adaptor 1, which is the NAT adaptor, which means it sounds like it's using the NAT adaptor by default for everything.

How do I get rid of the NAT adaptor and use bridged only?

If I edit the VirtualBox settings and disable the NAT adaptor, so there is only the bridged Adaptor and boot up the box via VirtualBox (ie: not using vagrant up), then it only has eth0 with a IP address that is pingable from my devbox, which is what I'm looking for. If I try and vagrant up the box after editing the VirtualBox settings and disabling the NAT adaptor, I get the following error:

There was an error while executing `VBoxManage`, a CLI used by Vagrant
for controlling VirtualBox. The command and stderr is shown below.

Command: ["modifyvm", "7f1c12f7-74cd-4c6b-aa5a-16d6209cf2b3", "--natpf1", "ssh,tcp,,2222,,22"]

Stderr: VBoxManage: error: A NAT rule of this name already exists
VBoxManage: error: Details: code NS_ERROR_INVALID_ARG (0x80070057), component NATEngine, interface INATEngine, callee nsISupports
VBoxManage: error: Context: "AddRedirect(Bstr(strName).raw(), proto, Bstr(strHostIp).raw(), RTStrToUInt16(strHostPort), Bstr(strGuestIp).raw(), RTStrToUInt16(strGuestPort))" at line 1655 of file VBoxManageModifyVM.cpp

If I immediately do a vagrant up again, it has re-enabled the NAT adaptor again, and we're back to having the same problem again.

Best Answer

eth0 as NAT is a fundamental requirement of Vagrant in its current state. But you can override the default router configuration for eth1.

From the Vagrant docs:

Default Router

Depending on your setup, you may wish to manually override the default router configuration. This is required if you need access the Vagrant box from other networks over the public network. To do so, you can use a shell provisioner script: "public_network", ip: ""

# default router
config.vm.provision "shell",
  run: "always",
  inline: "route add default gw"

# default router ipv6
config.vm.provision "shell",
  run: "always",
  inline: "route -A inet6 add default gw fc00::1 eth1"

# delete default gw on eth0
config.vm.provision "shell",
  run: "always",
  inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"\") print \"route del default gw \" $2; }'`"

Note the above is fairly complex and may be guest OS specific, but we document the rough idea of how to do it because it is a common question.