Author Topic: Does a vpn for the host work for the virtual OS as well?  (Read 1266 times)

0 Members and 1 Guest are viewing this topic.

Offline buster

  • Member
  • Master
  • *
  • Posts: 1199
Does a vpn for the host work for the virtual OS as well?
« on: May 03, 2019, 06:07:34 pm »
When acquiring, for research purposes, a modern cinema release, I do my searching on sometimes dodgy sites in the safe confines of Linux in virtual. Then I do the actual acquiring in Win10 with the vpn on.

For BBC or Australian/New Zealand shows, I don't bother, and do both stages in Linux virtual.

Seems to me a complex way to do it so did some research but could not find out if vpn carries thru to the vmware virtual machine.

So went to http://www.myipnumber.com/ in host and in virtual and got the same number. Started vpn in host and checked ip and in both cases got the same number (but different from the original) and which seems to be in Toronto.

So wise Linux gurus, is it safe to assume (when not using a fixed ip in the guest) that it is safe behind the host's active vpn when in virtual???
The Ironic Big Bust Theory: The likelihood of an advanced species imploding in apocalyptic stupidity. (Intergalactic Survey of Disappearing Civilizations: Chapter 4))

Offline Jason

  • Administrator
  • Master
  • *****
  • Posts: 3726
  • Humanist. Skeptic. Husband.
Re: Does a vpn for the host work for the virtual OS as well?
« Reply #1 on: May 04, 2019, 08:44:07 am »
You pretty much answered your own question. By default, all packets from the guest are sent through the host's actual network device. So, YES. If you want to know a bit more, read on.

When you setup your virtual machine software (e.g. Virtualbox, VMware Workstation Player), it sets up a special module that acts like a virtualized router which passes out an IP address to your guest that is invisible to the host and even other guests.

So, even your real router doesn't know about your VMs. As far as that router is concerned, any traffic from your host and guest appear to be from the same IP address.

As far as the outside world is concerned everything within your real network has the same IP address (that's your real router's internet facing IP).

The VPN changes your IP address by forwarding all your traffic to the internet through another network (and back again) with a different IP address so you can hide your real home IP address.

This is why if you want to network between VM guests, you need to use a different networking mode.

Hope that's helpful.

As a bonus, even if you weren't using a VPN, all computers on your home network appear to be using the same IP address to the outside world. So your argument, if you're sued, could be "how do you know it was me?. My wife has a computer too, my grand kids bring over their own computers...", etc.
« Last Edit: May 05, 2019, 07:02:15 am by Jason Wallwork »
"With all its sham, drudgery, and broken dreams, it is still a beautiful world." - Max Ehrmann, Desiderata

Offline buster

  • Member
  • Master
  • *
  • Posts: 1199
Re: Does a vpn for the host work for the virtual OS as well?
« Reply #2 on: May 04, 2019, 07:38:11 pm »
Thank you very much for the detailed exposition Jason. I suspected as much, but this makes me feel more comfortable. Obvious things aren't always true.  :) (Heavy things don't, as Aristotle professed, fall faster than light things.)
The Ironic Big Bust Theory: The likelihood of an advanced species imploding in apocalyptic stupidity. (Intergalactic Survey of Disappearing Civilizations: Chapter 4))

Offline Jason

  • Administrator
  • Master
  • *****
  • Posts: 3726
  • Humanist. Skeptic. Husband.
Re: Does a vpn for the host work for the virtual OS as well?
« Reply #3 on: May 05, 2019, 10:45:10 am »
Doesn't hurt to check. :) If you were wondering how the remote system knows how to direct data to the right computer since behind a router, they appear to have the same internet-facing IP, that's done through sockets. Every datagram sent out is assigned a socket number that the remote server uses to send data back to the right computer.

If you're running a server, that is, it waits for requests instead of sending them back, then the particular software has its own port number. That port number has to be setup in port forwarding in the router so it knows which computer is answering requests for that program. Otherwise, packets for it are rejected. For example, web server requests are typically handled by port 80 (443 for secure requests). So you need to forward port 80 in your router to the computer IP with the web server if it's behind the router. That's why it's preferred to have a static IP so it's redirected to the right computer.

That's probably more than you ever wanted to know about routing :)
"With all its sham, drudgery, and broken dreams, it is still a beautiful world." - Max Ehrmann, Desiderata