beckermj/vaguerent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
vaguerent/website/content/docs/networking/public_network.mdx
Jon "The Nice Guy" Spriggs cf1211078e
Update public_network.mdx
2021-05-24 14:36:32 +01:00

170 lines
5.3 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: Public Networks - Networking
description: |-
Vagrant public networks are less private than private networks, and the exact
meaning actually varies from provider to provider, hence the ambiguous
definition. The idea is that while private networks should never allow the
general public access to your machine, public networks can.
---
# Public Networks
**Network identifier: `public_network`**
Vagrant public networks are less private than private networks, and the exact
meaning actually varies from [provider to provider](/docs/providers/),
hence the ambiguous definition. The idea is that while
[private networks](/docs/networking/private_network) should never allow the
general public access to your machine, public networks can.
-> **Confused?** We kind of are, too. It is likely that public
networks will be replaced by `:bridged` in a future release, since
that is in general what should be done with public networks, and providers
that do not support bridging generally do not have any other features that map
to public networks either.
~> **Warning!** Vagrant boxes are insecure by default
and by design, featuring public passwords, insecure keypairs
for SSH access, and potentially allow root access over SSH. With
these known credentials, your box is easily accessible by anyone on
your network. Before configuring Vagrant to use a public network,
consider _all_ potential security implications
and review the [default box configuration](/docs/boxes/base) to identify potential security risks.
## DHCP
The easiest way to use a public network is to allow the IP to be assigned
via DHCP. In this case, defining a public network is trivially easy:
```ruby
Vagrant.configure("2") do |config|
config.vm.network "public_network"
end
```
When DHCP is used, the IP can be determined by using `vagrant ssh` to
SSH into the machine and using the appropriate command line tool to find
the IP, such as `ifconfig`.
### Using the DHCP Assigned Default Route
Some cases require the DHCP assigned default route to be untouched. In these cases one
may specify the `use_dhcp_assigned_default_route` option. As an example:
```ruby
Vagrant.configure("2") do |config|
config.vm.network "public_network",
use_dhcp_assigned_default_route: true
end
```
## Static IP
Depending on your setup, you may wish to manually set the IP of your
bridged interface. To do so, add a `:ip` clause to the network definition.
```ruby
config.vm.network "public_network", ip: "192.168.0.17"
```
## Default Network Interface
If more than one network interface is available on the host machine, Vagrant will
ask you to choose which interface the virtual machine should bridge to. A default
interface can be specified by adding a `:bridge` clause to the network definition.
```ruby
config.vm.network "public_network", bridge: "en1: Wi-Fi (AirPort)"
```
The string identifying the desired interface must exactly match the name of an
available interface. If it cannot be found, Vagrant will ask you to pick
from a list of available network interfaces.
With some providers, it is possible to specify a list of adapters to bridge
against:
```ruby
config.vm.network "public_network", bridge: [
"en1: Wi-Fi (AirPort)",
"en6: Broadcom NetXtreme Gigabit Ethernet Controller",
]
```
In this example, the first network adapter that exists and can successfully be
bridge will be used.
## Disable Auto-Configuration
If you want to manually configure the network interface yourself, you
can disable auto-configuration by specifying `auto_config`:
```ruby
Vagrant.configure("2") do |config|
config.vm.network "public_network", auto_config: false
end
```
Then the shell provisioner can be used to configure the ip of the interface:
```ruby
Vagrant.configure("2") do |config|
config.vm.network "public_network", auto_config: false
# manual ip
config.vm.provision "shell",
run: "always",
inline: "ifconfig eth1 192.168.0.17 netmask 255.255.255.0 up"
# manual ipv6
config.vm.provision "shell",
run: "always",
inline: "ifconfig eth1 inet6 add fc00::17/7"
end
```
## Default Router
Depending on your setup, you may wish to manually override the default
router configuration. This is required if you need to access the Vagrant box from
other networks over the public network. To do so, you can use a shell
provisioner script:
```ruby
Vagrant.configure("2") do |config|
config.vm.network "public_network", ip: "192.168.0.17"
# default router
config.vm.provision "shell",
run: "always",
inline: "route add default gw 192.168.0.1"
# default router ipv6
config.vm.provision "shell",
run: "always",
inline: "route -A inet6 add default gw fc00::1 eth1"
# delete default gw on eth0
config.vm.provision "shell",
run: "always",
inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"0.0.0.0\") print \"route del default gw \" $2; }'`"
end
```
Or, an alternative, simpler version, assuming you get DHCP from your public network:
```ruby
Vagrant.configure("2") do |config|
config.vm.network "public_network"
# default router
config.vm.provision "shell",
run: "always",
inline: "ip route del default via 10.0.2.2 || true"
end
```
Note the above are fairly complex and will be guest OS specific, but we
document the rough idea of how to do it because it is a common question.
Reference in New Issue View Git Blame Copy Permalink