Dropbox.com works in VM host but not guest, all other sites work in guest.
Host: MacOS 11
VM: VMWare Fusion 12
Guest: Arch Linux, VM NAT networking
No iptables rules in VM. ca-certificates (20210603-1) and ca-certificates-mozilla (3.76-1) updated today in guest.
Normal browsing to various sites works in both host and guest. dropbox.com works in host but not in guest
In guest:
$ curl -vvvvv https://dropbox.com ; echo $?
* Trying 162.125.248.18:443...
* Connected to dropbox.com (162.125.248.18) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: Connection reset by peer in connection to dropbox.com:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to dropbox.com:443
35
In host:
$ curl -v https://dropbox.com
* Trying 2620:100:6040:18::a27d:f812...
* TCP_NODELAY set
* Connected to dropbox.com (2620:100:6040:18::a27d:f812) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
...omitting further details of successful curl...
Wireshark in guest shows that I send a TLSv1 Client Hello and then dropbox.com replies with TCP ACK and then a TCP RST,ACK. This also happens if I capture firefox and chromium trying to open dropbox.com in the guest.
From the above curl
s I notice that in the host machine IPv6 is used but IPv4 is used in guest VM.
In an Arch Linux native box I get the same curl output as in the guest above until the reset, except that the IPv6 address is used (as in the host example above) and that there is a single additional line between the CApath: none
and the Client Hello line, namely, } [5 bytes data]
. The rest of the curl output in the native box is successful.