Simple
Here's a very simple iptables
ruleset that masquerades everything. This one works for many simpler setups. It won't work if the box is working as a full-blown router — it has a potentially nasty habit of NATting all traffic that leaves your computer.
iptables -A POSTROUTING -o eth+ -t nat -j MASQUERADE
iptables -A POSTROUTING -o wlan+ -t nat -j MASQUERADE
Full
If the simple solution fails to work, or if your configuration is more complex, this ruleset might help:
NATIF='vboxnet+'
MARK=1
iptables -A PREROUTING -t mangle -i $NATIF -j MARK --set-mark $MARK
iptables -A POSTROUTING -o eth+ -t nat -m mark --mark $MARK -j MASQUERADE
iptables -A POSTROUTING -o wlan+ -t nat -m mark --mark $MARK -j MASQUERADE
It marks packets coming in through any vboxnet*
interface, then, later, masquerades (SNAT) any packets going out of eth*
or wlan*
with the mark set.
Also…
In addition to the iptables
rules, you'll need to turn your host computer into a router by enabling packet forwarding. Put:
net.ipv4.ip_forward=1
in /etc/sysctl.conf
, then say
sudo sysctl -p /etc/sysctl.conf.
Alternatively:
echo 1 | sudo tee /proc/sys/net/ipv4_ip_forward
The guest must also have a default route that gateways packets through the host's external interfaces (and for this, chances are host-only mode just won't work). Check its routing table (this depends on the guest OS).
Also, install wireshark
or tshark
and use them to examine packets. There's no better way to solve generic networking issues like this one.
Personally, I'd suggest changing the guest to use bridged mode networking and making available to it both of the host's interfaces. Then it can connect on its own, using the DHCP service on your router to get a local address on its own. No NAT needed.
Well - this IS a routing-question.
The answer is simple: The first entry that will give the best routing-entry is "the winner". So look at netstat -rn
to see which interface is first.
Update: The network-inferface-routing-settings normally get set up during system startup. So the startup order of network devices will be the order in that table. With PCI-devices these normally are being processed by lowest slot-number first. External devices (e.g. USB) normally come later on.
But the exact order depends on the network-startup-script of your Linux flavour (this is something where they very much differ).
BTW: If you want to make use of your two links, you should go for bonding. There you can set up the order of usage for your links.
Best Answer
It is hard to give full details, especially not knowing what distribution you are using and how detailed you want the results to be - so I will just list some very basic examples.
If you are looking to get individual stats for each interface, we can break each item down separately (the following assumes root access on a distro like CentOS):
For bandwidth usage - I really like iftop. When you have
iftop
installed you could run the following command:The -B option is for Bytes. Once inside
iftop
I like to press "T" to get a cummulative total.For error rate you can easily see this in the output of
ifconfig
in your console. To get a more streamline approach you could run a very crude command like this (assuming something like Centos):This will give you the error count for each interface.
For collisions you can still use
ifconfig
. To get just the collision count, another basic command would be as follows:For dropped packets, still using
ifconfig
, you can run another simple command:If you are having a lot of bad packets (errors, collisions, or dropped), you could put the previous 3 commands into a bash script and use the
watch
command to monitor them:FILE /tmp/netErrors:
COMMAND:
For QoS, it really depends on how you are setting it. For Linux,
traffic control
is common for setting QoS. To see the current QoS withtraffic control
you can run the following command:tc - traffic control command qdisc - queuing disciplines ls - list
To get a good break down of
traffic control
you should check out the following link on traffic control.