• Infrastructure
    • terraform
    • packer
  • Networking
    • consul
  • Security
    • vault
    • boundary
  • Applications
    • nomad
    • waypoint
    • vagrant
  • HashiCorp Cloud Platform

    A fully managed platform to automate infrastructure on any cloud with HashiCorp products.

    • consul
    • terraform
    • vault
    • packerbeta
    Visit cloud.hashicorp.com
  • Intro
  • Docs
  • Community
GitHub—Stars on GitHub
Download
    • v2.2.19 (latest)
    • v2.2.18
    • v2.2.17
    • v2.2.16
    • v2.2.15
    • v2.2.14
    • v2.2.13
    • v2.2.12
    • v2.2.11
    • v2.2.10
  • Overview
    • Overview
    • Backwards Compatibility
    • Upgrading
    • Upgrading from 1.0.x
    • From Source
    • Uninstallation
    • Overview
    • box
    • cloud
    • connect
    • destroy
    • global-status
    • halt
    • init
    • login
    • package
    • plugin
    • port
    • powershell
    • provision
    • rdp
    • reload
    • resume
    • share
    • snapshot
    • ssh
    • ssh-config
    • status
    • suspend
    • up
    • upload
    • validate
    • version
    • More Commands
    • Aliases
    • Machine Readable Output
    • rsync
    • rsync-auto
    • winrm
    • winrm_config
    • Overview
    • HTTP Sharing
    • SSH Sharing
    • Connect
    • Security
    • Custom Provider
    • Overview
    • Configuration Version
    • Minimum Vagrant Version
    • Tips & Tricks
    • config.vm
    • config.ssh
    • config.winrm
    • config.winssh
    • config.vagrant
    • Overview
    • Box Versioning
    • Creating a Base Box
    • Box File Format
    • Box Info Format
    • Overview
    • Basic Usage
    • File
    • Shell
    • Ansible Intro
    • Ansible
    • Ansible Local
    • Common Ansible Options
    • CFEngine
    • Chef Common Configuration
    • Chef Solo
    • Chef Zero
    • Chef Client
    • Chef Apply
    • Docker
    • Podman
    • Puppet Apply
    • Puppet Agent
    • Salt
    • Overview
    • Basic Usage
    • Forwarded Ports
    • Private Network
    • Public Network
    • Overview
    • Basic Usage
    • NFS
    • RSync
    • SMB
    • VirtualBox
    • Overview
    • Configuration
    • Usage
    • Overview
    • Configuration
    • Usage
      • Overview
      • Usage
      • Common Issues
      • Overview
      • Usage
      • Common Issues
      • Overview
      • Usage
      • Common Issues
  • Multi-Machine
    • Overview
    • Installation
    • Basic Usage
    • Configuration
    • Default Provider
      • Overview
      • Usage
      • Creating a Base Box
      • Configuration
      • Networking
      • Common Issues
      • Overview
      • Installation
      • VMware Utility
      • Usage
      • Boxes
      • Configuration
      • Known Issues
      • FAQ
      • Overview
      • Basic Usage
      • Commands
      • Boxes
      • Configuration
      • Networking
      • Overview
      • Usage
      • Creating a Base Box
      • Configuration
      • Limitations
    • Custom Provider
    • Overview
    • Usage
    • Plugin Development Basics
    • Action Hooks
    • Commands
    • Configuration
    • Guests
    • Guest Capabilities
    • Hosts
    • Host Capabilities
    • Providers
    • Provisioners
    • Packaging & Distribution
    • Overview
    • FTP / SFTP
    • Heroku
    • Local Exec
    • Overview
    • Configuration
    • Usage
  • Experimental
    • Overview
    • Debugging
    • Environmental Variables
    • WSL
    • macOS Catalina

  • Vagrant Cloud
Type '/' to Search

»Public Networks

Network identifier: public_network

Vagrant public networks are less private than private networks, and the exact meaning actually varies from provider to provider, hence the ambiguous definition. The idea is that while private networks should never allow the general public access to your machine, public networks can.

Confused? We kind of are, too. It is likely that public networks will be replaced by :bridged in a future release, since that is in general what should be done with public networks, and providers that do not support bridging generally do not have any other features that map to public networks either.

Warning! Vagrant boxes are insecure by default and by design, featuring public passwords, insecure keypairs for SSH access, and potentially allow root access over SSH. With these known credentials, your box is easily accessible by anyone on your network. Before configuring Vagrant to use a public network, consider all potential security implications and review the default box configuration to identify potential security risks.

»DHCP

The easiest way to use a public network is to allow the IP to be assigned via DHCP. In this case, defining a public network is trivially easy:

Vagrant.configure("2") do |config|
  config.vm.network "public_network"
end
Vagrant.configure("2") do |config|  config.vm.network "public_network"end

When DHCP is used, the IP can be determined by using vagrant ssh to SSH into the machine and using the appropriate command line tool to find the IP, such as ifconfig.

»Using the DHCP Assigned Default Route

Some cases require the DHCP assigned default route to be untouched. In these cases one may specify the use_dhcp_assigned_default_route option. As an example:

Vagrant.configure("2") do |config|
  config.vm.network "public_network",
    use_dhcp_assigned_default_route: true
end
Vagrant.configure("2") do |config|  config.vm.network "public_network",    use_dhcp_assigned_default_route: trueend

»Static IP

Depending on your setup, you may wish to manually set the IP of your bridged interface. To do so, add a :ip clause to the network definition.

config.vm.network "public_network", ip: "192.168.0.17"
config.vm.network "public_network", ip: "192.168.0.17"

»Default Network Interface

If more than one network interface is available on the host machine, Vagrant will ask you to choose which interface the virtual machine should bridge to. A default interface can be specified by adding a :bridge clause to the network definition.

config.vm.network "public_network", bridge: "en1: Wi-Fi (AirPort)"
config.vm.network "public_network", bridge: "en1: Wi-Fi (AirPort)"

The string identifying the desired interface must exactly match the name of an available interface. If it cannot be found, Vagrant will ask you to pick from a list of available network interfaces.

With some providers, it is possible to specify a list of adapters to bridge against:

config.vm.network "public_network", bridge: [
  "en1: Wi-Fi (AirPort)",
  "en6: Broadcom NetXtreme Gigabit Ethernet Controller",
]
config.vm.network "public_network", bridge: [  "en1: Wi-Fi (AirPort)",  "en6: Broadcom NetXtreme Gigabit Ethernet Controller",]

In this example, the first network adapter that exists and can successfully be bridge will be used.

»Disable Auto-Configuration

If you want to manually configure the network interface yourself, you can disable auto-configuration by specifying auto_config:

Vagrant.configure("2") do |config|
  config.vm.network "public_network", auto_config: false
end
Vagrant.configure("2") do |config|  config.vm.network "public_network", auto_config: falseend

Then the shell provisioner can be used to configure the ip of the interface:

Vagrant.configure("2") do |config|
  config.vm.network "public_network", auto_config: false

  # manual ip
  config.vm.provision "shell",
    run: "always",
    inline: "ifconfig eth1 192.168.0.17 netmask 255.255.255.0 up"

  # manual ipv6
  config.vm.provision "shell",
    run: "always",
    inline: "ifconfig eth1 inet6 add fc00::17/7"
end
Vagrant.configure("2") do |config|  config.vm.network "public_network", auto_config: false
  # manual ip  config.vm.provision "shell",    run: "always",    inline: "ifconfig eth1 192.168.0.17 netmask 255.255.255.0 up"
  # manual ipv6  config.vm.provision "shell",    run: "always",    inline: "ifconfig eth1 inet6 add fc00::17/7"end

»Default Router

Depending on your setup, you may wish to manually override the default router configuration. This is required if you need to access the Vagrant box from other networks over the public network. To do so, you can use a shell provisioner script:

Vagrant.configure("2") do |config|
  config.vm.network "public_network", ip: "192.168.0.17"

  # default router
  config.vm.provision "shell",
    run: "always",
    inline: "route add default gw 192.168.0.1"

  # default router ipv6
  config.vm.provision "shell",
    run: "always",
    inline: "route -A inet6 add default gw fc00::1 eth1"

  # delete default gw on eth0
  config.vm.provision "shell",
    run: "always",
    inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"0.0.0.0\") print \"route del default gw \" $2; }'`"
end
Vagrant.configure("2") do |config|  config.vm.network "public_network", ip: "192.168.0.17"
  # default router  config.vm.provision "shell",    run: "always",    inline: "route add default gw 192.168.0.1"
  # default router ipv6  config.vm.provision "shell",    run: "always",    inline: "route -A inet6 add default gw fc00::1 eth1"
  # delete default gw on eth0  config.vm.provision "shell",    run: "always",    inline: "eval `route -n | awk '{ if ($8 ==\"eth0\" && $2 != \"0.0.0.0\") print \"route del default gw \" $2; }'`"end

Or, an alternative, simpler version, assuming you get DHCP from your public network:

Vagrant.configure("2") do |config|
  config.vm.network "public_network"

  # default router
  config.vm.provision "shell",
    run: "always",
    inline: "ip route del default via 10.0.2.2 || true"
end
Vagrant.configure("2") do |config|  config.vm.network "public_network"
  # default router  config.vm.provision "shell",    run: "always",    inline: "ip route del default via 10.0.2.2 || true"end

Note the above are fairly complex and will be guest OS specific, but we document the rough idea of how to do it because it is a common question.

github logoEdit this page
IntroDocsBookVMwarePrivacySecurityPress KitConsent Manager