Skip to main content

VirtualBox Host-Only Network Setup (Host <-> VM)

Created: April 24, 2026 Larry Qu 3 min read
Table of Contents

Introduction

VirtualBox Host-Only networking is the easiest way to create a private network between your host machine and one or more VMs. It is ideal for local lab environments, backend service testing, and safe experiments that should not be directly reachable from your LAN.

What Host-Only Means

Host-Only mode creates a virtual network where:

  1. Host can reach VM.
  2. VM can reach host.
  3. Other physical network devices usually cannot reach VM directly.
  4. VM has no internet unless you add another adapter.

This is different from:

  1. NAT mode (VM gets outbound internet, but inbound reachability is limited).
  2. Bridged mode (VM appears directly on LAN).

Basic Topology

Example addressing:

  1. Host-only adapter on host: 192.168.56.1/24
  2. VM1: 192.168.56.10/24
  3. VM2: 192.168.56.11/24

Step 1: Create/Verify Host-Only Adapter

In VirtualBox:

  1. Open Tools -> Network (or File -> Host Network Manager, depending on version).
  2. Create host-only network if none exists.
  3. Confirm adapter IP and subnet.

Typical default is 192.168.56.1/24.

Step 2: Attach VM NIC to Host-Only Network

For each VM:

  1. Open VM Settings -> Network.
  2. Enable Adapter 1.
  3. Set Attached to: Host-only Adapter.
  4. Select the host-only adapter you created.

Step 3: Configure VM IP

Inside Linux VM (temporary runtime config):

ip addr add 192.168.56.10/24 dev enp0s8
ip link set enp0s8 up

Or persistent config with your distro tool (Netplan, NetworkManager, ifcfg).

Step 4: Validate Connectivity

From host:

ping 192.168.56.10

From VM:

ping 192.168.56.1

If both work, host-only network is correct.

Add Internet While Keeping Host-Only (Dual Adapter Pattern)

Common lab setup:

  1. Adapter 1: NAT (internet access).
  2. Adapter 2: Host-Only (private host/VM traffic).

This gives internet plus stable private addressing.

Firewall Considerations

Do not disable firewalls globally. Instead, allow required traffic on host-only interface.

Linux VM example allowing ICMP and SSH from host-only subnet:

iptables -A INPUT -i enp0s8 -p icmp -j ACCEPT
iptables -A INPUT -i enp0s8 -p tcp --dport 22 -s 192.168.56.0/24 -j ACCEPT

Windows host may also need inbound ICMP/SSH exceptions depending on test type.

Common Troubleshooting

If host can ping VM but VM cannot ping host:

  1. Host firewall blocks inbound ICMP.
  2. Wrong host-only adapter selected on VM.
  3. VM route prefers wrong interface.
  4. Subnet mismatch.

If no ping either direction:

  1. Interface inside VM is down.
  2. IP address assigned to wrong NIC.
  3. Duplicate IP conflict.
  4. VirtualBox host-only driver issue.

Quick Diagnostic Commands

On VM:

ip addr
ip route
ss -tulpen

On host (Linux/macOS):

ip addr | grep 192.168.56
ping 192.168.56.10

Security and Lab Hygiene

Recommended lab practices:

  1. Keep host-only subnet private and non-overlapping.
  2. Use static IP reservations for predictable test scripts.
  3. Use snapshots before risky network changes.
  4. Document interface names per VM image.

Example Dev Environment Pattern

For local microservices testing:

  1. Host runs IDE and API client tools.
  2. VM runs database and message broker.
  3. Host communicates to VM over host-only IP.
  4. VM still gets package updates through NAT adapter.

This pattern mirrors production architecture while preserving local control.

Conclusion

VirtualBox Host-Only networking is a stable and safe way to connect host and VMs directly. Use host-only for private communication, and add NAT as second adapter when internet access is needed.

Most issues are interface selection, firewall filtering, or IP mismatches, all of which are easy to diagnose with a small checklist.

Resources

Comments

Share this article

Twitter Bluesky Mastodon LinkedIn Facebook Reddit

Scan to read on mobile