Virtualization Station: Port forward to a VM

QNAP NAS solution for server virtualization and clustering/HA/FT
Post Reply
dalyboy
New here
Posts: 2
Joined: Thu May 30, 2019 3:33 am

Virtualization Station: Port forward to a VM

Post by dalyboy » Thu May 30, 2019 4:04 am

Hi all,

I'm pretty sure I've done this before a few years back on an older version of QTS/Virtualization Station. Hopefully an easy one for somebody who has done this more recently, I may just not be looking in the right place for the settings or maybe it is no longer possible (I hope not!).

I have a Linux VM running on Virtualization Station as a DB/Web server for development purposes and I wish to access some services on it externally (to the VM) BOTH from my internal network and from external networks e.g. outside the office etc.. The VM can access the internet fine and it is possible to ping other locations on my internal network from behind the virtual switch but I can't ping to the VM or access it from my client machine. I think the VM/Switch is running in 'external-only' mode not 'bridged' as I can't see the MAC address of the VM on my router admin/control panel.

So where are the port forwarding settings located for the purposes of QTS/VirtualizationStation 3 please?

I was hoping/expecting to be able to find these settings to allow me then configure such a way that when I access the ip:port of my NAS, the NAS will in turn would translate/forward the request to the desired ip:port of the VM. I could set up a separate rule on my router to forward specific requests to the ip:port of my NAS as needed. I have done the same thing using a container on Container Station i.e. under a Container's Settings (Advanced Settings) > Network (Port Forwarding) and this works as I need.

I chose to set up my own VM for greater flexibility I just need to find how to configure in the same way Container Station allows.

Thanks,

dalyboy

QNAP TS-453 Pro
QTS 4.3.6.0923
Virtualization Station 3.1.1091

User avatar
rgarjr
Know my way around
Posts: 106
Joined: Tue Aug 14, 2018 5:47 am
Location: Southern California
Contact:

Re: Virtualization Station: Port forward to a VM

Post by rgarjr » Thu May 30, 2019 10:32 pm

You need to create another virtual switch in bridge mode, so that your router can assign an ip address to each VM. Of course you can also go in to the network settings in the VM and assign a static IP as well.
Last edited by rgarjr on Fri May 31, 2019 5:38 am, edited 1 time in total.

TS-1677x-1700 RAM= 64GB Kingston HyperX Fury 2666MHz || SSD= 4 x 860 EVO 500GB || PSU/FAN= Corsair SF600 | 3 x NF-A9 || Noctua NH-L12 cooler with NF-A12x25 | 6 x NF-A6 || NETWORK= Emulex Dual 10GbE SFP+
TVS-682-i7-6700K RAM= 64GB Kingston HyperX Fury 2666MHz || SSD: 2 x 860 EVO 1TB || FAN= 1 x NF-A8 | 4 x NF-A6 | Noctua NH-L12 cooler with NF-A12x25 || NETWORK= Emulex Dual 10GbE SFP+
TVS-682-i7-7700 RAM= 64GB Kingston HyperX Fury 2666MHz || SSD: 1 x 860 EVO 1TB || FAN= 1 x NF-A8 | 4 x NF-A6 | Noctua NH-L12 cooler with NF-A12x25 || NETWORK= QXG-10G1T
TS-453Be RAM= 16GB Crucial 1600MHz || HDD= 1 x Seagate 2TB || FAN= NF-A12x25 || NETWORK= QXG-10G1T
QSW-1208-8C 10GbE Switch

dalyboy
New here
Posts: 2
Joined: Thu May 30, 2019 3:33 am

Re: Virtualization Station: Port forward to a VM

Post by dalyboy » Fri May 31, 2019 2:11 am

Hi rgarjr,

Thanks for your response. Yes! I’ve created another Virtual Switch and linked it to both the Virtualization Station adapter and a physical adapter - I believe that is ‘bridge’ mode now, as the VM obtains an IP address on my local network from the router and I can ping/access it. I should be ok to configure my router and the VM in terms of assigning it a static IP address etc. from here. So I consider this problem to be solved :)

Out of interest is there any reason why the virtual switch set up by default for Container Station works ‘differently’? Or perhaps it is just ‘one of those things’ due to it being QNAP’s own software and them having a bit more lower level access available...

Thanks again,

dalyboy

QNAP TS-453 Pro
QTS 4.3.6.0923
Virtualization Station 3.1.1091

danMP
New here
Posts: 4
Joined: Sun Jul 16, 2017 7:36 am

Re: Virtualization Station: Port forward to a VM

Post by danMP » Fri Jun 07, 2019 8:40 pm

Hi dalyboy,
Out of interest is there any reason why the virtual switch set up by default for Container Station works ‘differently’? Or perhaps it is just ‘one of those things’ due to it being QNAP’s own software and them having a bit more lower level access available...
My best guess is that Docker (technology behind Container Station) is taking care of networking.
Run: iptables -L and iptables -t nat -L -n
You will get some insight on how "Container Station" is doing all the NATing, port forwarding you name it.

The "bridge mode" as you describe it doesn't provide (for me at least) the necessary isolation. Maybe you have a windows trial VM which you don't want to be networked scan for vulnerabilities. Or you don't necessary want to join the VM in a domain controller.
Port forwarding in "NAT mode" MUST be a option inside Virtualization Station (like Oracle Virtual Box and VMware workstation).I can't find it myself, and I think it doesn't exist.
The solution for me is to use iptables to do the port forwarding. I find it a dirty solution as all other "shell hacks" in qnap.

iptables -t nat -A PREROUTING -p tcp --dport 9999 -j DNAT --to-destination 192.168.202.105:80

Read this post to understand the above command: http://jensd.be/343/linux/forward-a-tcp ... h-iptables

Post Reply

Return to “Server Virtualization & Clustering”