McLoEa 25 Posted ... Say I had a Windows 10 installation and was running Virtual Box on that machine with Ubuntu installed as a VM. Now ,I want to run Kodi on the Ubuntu VM inside Virtual Box and I want Kodi to run behind a VPN. Would it be better to run,say,Eddie, on the Windows 10 installation and just let the VM and Kodi run behind that or would it be better to run the VPN inside the VM on Ubuntu? I get a feeling running the VPN inside the VM is going to lead to a significant performance loss for the network inside the VM but has anyone done or thought about this before or what other ideas and solutions do people have? Thanks. Quote Share this post Link to post
dagadog 5 Posted ... I don't run Kodi, however I have a similar setup here on my laptop. Win10 is the host OS (needed to update SatNav). I run Ubuntu 16.10 in a VirtualBox VM which I use for all general computing and web-browsing, email etc. To get the VM to use the Windows VPN was complicated (needed NAT interface, hiding behind the TAP/TUN windows interface, and resulted in both Windows and the VM performing sluggishly. I simplified things by using a bridged virtual interface, and Guest and Host set up VPNs separately, and didn't see any appreciable slow-down in either. An added benefit is that since OpenVPN is single threaded, running 2 VPNs can give you better throughput on a fast Internet connection. Quote Share this post Link to post
McLoEa 25 Posted ... Ipleak.net and oarc-dns running inside the VM both report the IP and DNS as being the same as the values shown on eddie running in Windows,al good. Please tell me more about the bridged virtual interface though,is that a part of Virtual Box or a separate entity in it's own right? Quote Share this post Link to post
serenacat 83 Posted ... I have a Linux Mint (Ubuntu) where I run internet facing activity such as web browsing, torrent, streaming in a VirtualBox on Windows 10 with AirVPN just running in W10. So single OpenVPN instance. Setup was straightforward, but sequence was W10, AirVPN running, VirtualBox running, Linux live iso, Linux install. So any config discovery software had the right things to find.I could expect that a more complex network config with separate VPN endpoints would be more flexible, so interesting how you go.I only have a max 12Mbps down / 1Mbs up rural area fixed wireless 4G link so not much load on my laptop. Configured 2 CPUs for the VM of "4" on my i5 6200U CPU. The VPN software (AirVPN.exe, openvpn.exe, stunnel.exe) is very efficient for CPU and RAM usage (Yay Clodo). Quote Share this post Link to post
McLoEa 25 Posted ... I am concerned with security mainly,if I want to stream or download to a VM running inside a host machine but I want to completely avoid any risk of breach into the host network or machine what do I need to do? Or is the set-up secure enough already? A speed boost wouldn't go amiss if it was possible to find though. Quote Share this post Link to post
McLoEa 25 Posted ... With the vpn running in the host I see it as encrypted traffic from the host to the internet and the wider world but unencrypted between the host and the guest so maybe I could set up a separate vpn between the host and guest? Quote Share this post Link to post
serenacat 83 Posted ... I can't give any good refs, but if I think you might be ready to educate to the level of commercial network security, some of us are "amateurs" or "not experts".My next step up in security would be to run a completely separate system for internet facing activities, with "risky" Kodi addons etc.More secured data would be on another system with minimal internet interaction. Coupling could be just Linux Xterm with ssh and opensource "secure" ftp, or a private OpenVPN would be nice. Or a more extreme "air gap" with memory stick transfer and different monitor/keyboards.Definitely Linux for the internet exposed host, many choices for minimal "attack surface", secure kernel, etc. Virtual Box claim to run W10 etc inside a Linux host for any M$ only apps, but unclear how you deal with licensing and actual install. VB use cases include reloading Windows snapshots to zap any infections or opaque changes.Maybe complex, but there is "industry best practice" to follow because a common challenge. Next stop VirtualBox forums etc ? Quote Share this post Link to post
McLoEa 25 Posted ... True, I am definitely no expert myself,as always it's learn as you do and as you become aware of what you want (or not) etc... I can run Eddie inside the Ubuntu VM and get a speed test result of 9Mbps down so that could just about cover a decent HD video stream with encryption from the app in the VM through the NAT and out into the wider world and back again. There is a thread somewhere n this forum about building a pfsense box which could be the answer to all our dreams. Having a router capable of running encrypted streams to different devices on your LAN ,unencrypted streams to other devices and separating those devices with VLANS,different encryption keys etc. I haven't had the time to investigate fully myself. Thanks dagadog and serenacat Quote Share this post Link to post
zhang888 1066 Posted ... It's not the machine OS you should be worried about, it's all those pirate apps and addons that you install.Just one recent example, out of many that are probably not yet uncovered: https://torrentfreak.com/popular-kodi-addon-exodus-turned-users-into-a-ddos-botnet-170203/ 1 go558a83nk reacted to this Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
go558a83nk 364 Posted ... It's not the machine OS you should be worried about, it's all those pirate apps and addons that you install.Just one recent example, out of many that are probably not yet uncovered: https://torrentfreak.com/popular-kodi-addon-exodus-turned-users-into-a-ddos-botnet-170203/ yeah, I had to laugh when I read that. I hope the free, horrible quality, tv is worth it to them. Quote Share this post Link to post
McLoEa 25 Posted ... I'm new to Kodi and this is exactly why it's run in a VM. Or rather not running ,9Mbps down doesn't appear to be enough for an unbuffered video stream. Quote Share this post Link to post
serenacat 83 Posted ... I cannot render 1080p or 720p video without jerkiness from within my Linux VM. On W10 host, the Xterm has to render into a dumb buffer "virtual driver" using the CPU, then rendered via the W10 driver to the display. Mint complains on boot up about no video hardware assist, and so higher cpu usage. Audio is okay from the VM, but I had to override the default install virtual driver to the "Intel HD Audio" choice. I play fullhd video etc through VLC on W10 for best performance. By putting audio and video media on an external 1TB USB3 which presents a NTFS file system to W10, I can mount the ntfs drive as a shared file system for concurrent access by the guest Linux. So a mixture of VM torrent diskio and W10 VLC player diskio concurrently seems to work fine. So convenient, but a little less secure. Kodi streaming at 1080p may have other problems anyway in W10, and SD 576p might be okay in the VM with a decent CPU. Quote Share this post Link to post
McLoEa 25 Posted ... I had issues with audio in the Ubuntu VM,overcame them by installing PulseAudio and can directly control volume out of Kodi with that now. Thanks for mentioning the resolution issues there,I'll have a look at that later on. Quote Share this post Link to post
McLoEa 25 Posted ... I thought I had this sorted by changing some settings in System-Video in Kodi but after a re-start the settings are the same but the glitchy video is back. Quote Share this post Link to post
serenacat 83 Posted ... On the Kodi website https://kodi.tv/there is the new 17.0 now released on Android, Windows, but not yet for the ubuntu ppa. They claim many improvements and bug fixes.After adding the ppa, Synaptic Package Manager finds version 15.2, last changelog at 15 April 16. I had downloaded the 17.0 RC3 for W10 from curiosity, got rather lost and frustrated navigating the interface, worried about security and stability of addons, just tried one addon from Al Jazeera which did not work, but told me to check a log I could not find. So presently in wait mode for the Linux version. Definitely best to run with untrusted addons in a Linux OS process in a virtual box, rather than in the host Windows, as you are trying. I can see some merit in setting up another Linux user account for running such risky software, with a check of group permissions. The Virtual Box snapshot recovery facility is also potentially useful insurance. Quote Share this post Link to post
dagadog 5 Posted ... Please tell me more about the bridged virtual interface though,is that a part of Virtual Box or a separate entity in it's own right? It's part of virtual box. When you set up the interface you have several choices for network adaptor. The bridged adaptor mode sets up a virtual NIC that resides on the same network segment as the host, with its own MAC address and IP address. Among other things, it allows you to connect directly to the VM without setting up port forwarding. Quote Share this post Link to post
McLoEa 25 Posted ... I'd think using the bridged virtual interface instead of the NAT would remove some of the security that NAT offers but I am no expert. I've tried both now and neither removes the video display issues. Can't really understand why that would be as the VM has 6GB RAM assigned to it and I've tried tweaking a lot of internal Kodi display settings for no gain. I'm thinking of spending $100 on an old dell Optiplex and setting it up to run a VPN ,Kodi,maybe install a tv tuner card in it and some storage and have it running Linux, not network connected to any other devices in the house and only connected to one tv by HDMI. Quote Share this post Link to post
serenacat 83 Posted ... I bought a new 32in 1980x1080 monitor with HDMI for a couple of hundred dollars, for display of hdtv (dvb-t and stream), 1080p movies, and general computer display use, to supplement the laptop screen. Much cheaper and more flexible than a "Smart TV", so offsets the cost of a dedicated used laptop with *adequate* cpu and gpu and internal busses, ram. Some older or cheaper home laptops may not do it.A frustration of my old Lenovo W7 E530 and new W10 E560 is that they are fairly powerful business class and run the setup described okay, but no infrared port for a remote control of the TV tuner or Kodi. Quote Share this post Link to post
McLoEa 25 Posted ... I think there is a HDMI adaptor for -CEC- which will allow Kodi to receive input from an infra-red remote control device,I've seen a link for it elsewhere ,if I see it again I'll post it here. I found a used Dell 3010 SFF PC on ebay for $60,HDMI port on the back i3 cpu,4G RAM and a 500GB HDD,bit of a bargain really but will have to wait for it to arrive to confirm it all works. So,create a VLAN on my home network,install Linux on the Dell and run Kodi of that and hopefully that will be enough ring-fencing to allay my super OCD-paranoia lol. Should all be set up by next weekend. Quote Share this post Link to post
serenacat 83 Posted ... I have been a bit surprised how slowly some cheaper i3 laptops run, sold for the "school kids", "just buy the cheapest" market.Decoding compressed x264, xvid video realtime needs some cpu, and not sure how much an inbuilt gpu such as my i5 6200U+520 helps with 1080p rendering. USB3 might be useful.So perhaps set it up dual boot and keep the installed Windwoes in case you want to rebay it ? Quote Share this post Link to post
McLoEa 25 Posted ... I'm not sure there's an OS on it. I'd think any stand alone CPU made after 2010,either intel or AMD would be able to render 1080p graphics pretty easily,that's what 'm hoping for anyway. I think the i3 in this system is rated at 55W TDP too so hopefully,low heat,low noise. Quote Share this post Link to post