Update 20th November 2009
I've since upgraded to Virtual Box 3.0 and noticed that Vbox kindly allows you to create 'host only' networks that are presented to the OS as network interfaces.
Although I've not tested it yet, this should negate any need for the python work and the tun/tap driver.
The other day I had the need to allow two VirtualBox VMs to not only communicate to each other, but to communicate to the Mac OS X host also. You know what it's like, you set up your Virtual Machines, and make up a complicated network topology (some VMs are firewalls, some as routers), but you want the VMs to have a direct connection to the Host OS so you can connect to them without having to worry about routing your host traffic over your over complex and unwieldy beast of a virtual network. Think of it as a out of band management network for your VMs.
This functionality can be achieved by connecting the VMs to the Ethernet or Airport Host Interfaces of the Mac. However, this would leak all my lovely secret VM traffic out of that interface for my neighbours to sniff, and I'd loose connectivity from the host the VMs when I gave the interface a new IP address (say move the computer to a new site) or switch it to DHCP. You know what it's like.. Your laptop doesn't stay in the same place all the time!
The solution was a tap interface! Yes Sir! A tap interface is kind like a real network interface, only it doesn't go anywhere - there is no associated hardware. It's a software only interface so it's always 'up' and always has a link light on, so to speak.
The nice thing is it sits at layer 2 and any user space programs can write to it and can send frames to the host OS which will appear to have come from the network connected to the tap interface. The programs I'll be using are in fact Virtual Machines - you can see where I am going with this!
In addition lets say program 1 writes an ethernet frame to our tap interface, program 2, that's reading from this interface, will be able to see it. Program 2 could then send a reply frame if it wishes! As such, a tap interface makes a great network bridge.
OK lets get this working.
First of all use some Python code kindly provided by Rayene Ben Rayana (my heart felt thanks go to you Raynen!). Run this as root from the Terminal. This will bring up the interface and allow us to configure it. DON'T CLOSE THE WINDOW as the interface will remove itself
(Yes, yes, yes, it's messy... and I am sure there is a more elegant way than to have a terminal window floating about. Tell me how in the comments and I'll update the article, I promise! Or even better! Make a nice little idiot proof .App called 'Create TAP Interface' and ill put it here for download. Tee hee.)
Snakey:~ adambarton$ sudo -i
Snakey:~ root# python
Python 2.5.1 (r251:54863, Apr 15 2008, 22:57:26)
[GCC 4.0.1 (Apple Inc. build 5465)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> file_path = '/dev/tap1'
>>> dev_file = os.open(file_path, os.O_RDWR)
>>> interface = 'tap1'
The next step is more familiar. As root, configure the interface.
Snakey:~ root# ifconfig tap1 100.100.100.100 up
Snakey:~ root# ifconfig tap1
tap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
inet 100.100.100.100 netmask 0xff000000 broadcast 100.255.255.255
ether ea:a2:95:41:b0:8f
open (pid 4104)
Now the interface is up, we have to tell the VirtualBox VM to use it as a network interface
VBoxManage modifyvm TestHost1 -nic1 hostif -hostifdev1 'tap1: ethernet'
In this case, my VM is called 'TestHost1', I've told it to be prepared to connect it's Virtual Interface to a host interface (-nic1) and I've told it that the host interface device (hostifdev) in this case is our tap interface. Two notes here, first the screen shot of this command omits the -nic1 command. I'm two lazy to shoot a new screen shot. Sorry :P Second, you should know that this action can normally be done via the VirtualBox GUI providing that the network interface shows up in System Preferences, like the Ethernet or Airport interfaces do. However, our tap interface doesn't (go on, test it if you don't believe me... go System Preferences > Network for a look), so we're forced to use the command line to the tap interface rather then use VirtualBox's pretty GUI.
Now boot your VM up and give it an address that's on the same subnet as the tap1 interface. Ping the IP address of tap1. Did you get a reply? Yes? Horah!
Now build a second VM , run the VBoxManage command against it and give it another IP on your subnet. Ping that too! Did you get a reply? You did? Great! Punch the air!
You now have a working tap interface !
Credit:
A big thank you goes out to Mattias Nissler for creating the tap/tun interface driver, and to Rayene Ben Rayana for providing the Python code.
(oh, btw if you want to have some fun, have a play with the below.. you can make a nice little packet injector! Suddenly I can see why people love Python!)
>>> os.write(dev_file , 'I AM AN ETHERNET FRAME!' )