How BT Parental Controls Broke Ubuntu on VirtualBox

Puppetise All The Things

It’s been a year or two since I last wrote any Puppet but this week I’ve been paying down some technical debt and getting some hand-managed boxes into a state where they can be put into configuration management (and get all the niceness that comes with that).

So I spin up Vagrant with Puppet as the provisioner to test my configs, and… nothing.

It just sits there doing nothing. For ages.

So I run vagrant ssh and take a look and it turns out it’s stuck downloading a package:

So time for a bit more digging…

HTTPS issues?

So what’s happening here? Port 80 connects fine but port 443 doesn’t? MTU-related fragmentation messing up HTTPS maybe? Something up with the Virtual Box network adapter?

This took up a few hours of head scratching and trying things, but to no avail.

After a little more digging, something weird pops up:

Did Facebook buy Twitter?! Something weird’s going on here. What is this IP? So I throw it into a browser on my host machine.

Then it hits me — I’m working from home, not the office, and we have BT (British Telecom) parental controls configured. Eureka💡

Not so seamless after all

So something at BT’s end is intercepting the traffic and dropping us onto this BT IP every time for content filtering purposes. My host OS (OSX) is totally fine with all this and address resolution is happening seamlessly but something in the Virtual Box network adapter or the Ubuntu network stack really isn’t happy with this interception.

Now time to wait the mandatory 2 hour period for BT to disable filtering for our account…

I hope this article saves someone a few hours of head-scratching and suffering. If you’ve experienced anything like this before, please do weigh in on the comments!