VM Virtual Network

When using vmware workstation to create a virtual machine, you can choose which virtual network card to use and which connection method to use as needed. There are three default types: vmnet0 (bridge network), vmnet1 (host network only), and vmnet8 (NAT network). Of course, you can add seven virtual NICs, including vmnet2, vmnet7, and vmnet9, as needed.

Meaning of Virtual Machine network connection attribute:

1. Use bridged networking: Use (connection) vmnet0 virtual switch. At this time, the virtual machine is equivalent to an independent computer on the network, just like the host,Has an independent IP Address(1 ).

2. Use Network Address Translation (using NAT Network): Use (connection) vmnet8 vswitch. In this case, the virtual machine can access other workstations on the network (including Internet networks) in one way through the host ),Other workstations cannot access virtual machines(2 ).

3. Use host-only networking: Use (CONNECT) vmnet1 vswitch. In this case, the virtual machine can only be connected to the virtual machine and host,Cannot be accessed from other workstation on the network(3 ).

4. Do not a network connection: the VM does not have a nic, which is equivalent to a single machine.

1. virtual machines A1 and A2 are virtual machines in host a, and virtual machines B1 are virtual machines in host B. In the figure, A1, A2, and B1 adopt the "Bridge Mode ", both A1, A2, B1 and A, B, and C can communicate with each other (the same network segment must be set ). At this time, A1, A2, B1 are in the same position as A, B, and C. You should set and use them as a real computer.

 

Figure 1 bridging Network

Ii. virtual machines A1 and A2 are virtual machines in host a, and virtual machines B1 are virtual machines in host B. The "nat Router" is a vro that only enables the NAT Function. It is used to connect the computer connected to the vmnet8 vswitch to the vmnet0 vswitch through the NAT Function. A1, A2, and B1 are set to Nat.A1 and A2 can access hosts B and C in one way, while B and C cannot access A1 and A2. B1 can access hosts a and c in one way, while A and C cannot access B1; a1, A2, and A, B1 and B can communicate with each other.

 

Figure 2 Nat Network

3. virtual machines A1 and A2 are virtual machines in host a, and virtual machines B1 are virtual machines in host B. If A1, A2, and B1 are set to the host mode, A1 and A2 can only communicate with A. A1 and A2 cannot access host B and C, or be accessed by these hosts; b1 can only communicate with host B, and B1 cannot communicate with host a and host C.

 

Figure 3 host network

When using virtual machines for networking, you can change the "virtual machine switch" that is connected to the virtual machine at any time ". After changing the connection mode of the virtual machine, you should also modify the IP address in the virtual machine to adapt to the change in the connection mode. For example, assume that vmnet1 of the host uses the CIDR block address 192.168.10.0, vmnet8 uses the CIDR block address 192.168.80.0, And the gateway address is 192.168.80.254 (equivalent to the Intranet address of the NAT router). the IP address of the host Nic is 192.168.1.1. Assume that virtual machine A1 is set to bridge mode, and virtual machine A1 IP address is set to 192.168.1.5. If Virtual Machine A1 wants to use host mode, modify the NIC attribute of the virtual machine to (host-only ), then, change the IP address to 192.168.10.6 in the Virtual Machine (you can also set another address, as long as the network segment and the network segment used by the host are in the same subnet, the same below). If the Virtual Machine A1 wants to use the NAT method, modify the NIC attribute of the virtual machine to (NAT), then change the IP address to 192.168.80.6 in the virtual machine, and set the gateway address to 192.168.80.254.

Here is a brief introduction to bridging and Nat.

1. Bridging:

Bridging works at the Layer 2 data link layer of the OSI network reference model. It is a technology that divides the network into two different physical segments based on MAC addresses.

We all know that Ethernet is a technology that shares network transmission media. In this technology, when a computer sends data, computers on the same physical network need to receive the data, after receiving, analyze the target MAC address. If the target MAC address is the same as your MAC address, it is encapsulated and provided to the network layer. If the target MAC address is not your MAC address, then the packet is discarded.

The working mechanism of bridging is to separate the physical network segments (also known as conflicting domains) and determine the computer data packet sent to connect the two physical network segments based on the MAC address.

In the network structure, there are two hubs connected to multiple computers, respectively, we set a hub and B hub as a burst domain and B conflict domain. In such a network environment, if computer A sends data packets to computer C, hub A will send the data packets to all the computers in the network (including hub B, regardless of whether these packets need to be sent to another region B.

Then we connect hub A and hub B to the two ports of the bridge respectively. What will happen when computer A sends data packets to computer C? At this time, hub A will also send data packets throughout the network. When it reaches the bridge, the bridge will analyze the destination MAC address of the data packet, and then compare the MAC address table learned by itself, if the MAC address is not in this table, the bridge sends data packets on two network segments and records the MAC address of computer A in its own table.

After many such records, the bridge records all MAC addresses and divides them into two segments. When computer A sends data packets to B again, because the two computers are in the same physical location, when the data packets reach the bridge, the bridge compares the target MAC address with its own table, and judges that computer A and computer B are in the same field, so that they are not forwarded to area B, if not in the same physical segment, the bridge will allow data packets to pass through the bridge.

The above example shows that the bridge is actually a device that controls traffic in conflicting domains. Currently, bridges are rarely used. In addition to isolating conflicting domains, bridges can also connect different types of networks (between the ring and Ethernet) and network extensions (IEEE 5.4.3 connection rules.

2. NAT:

Nat stands for "Network Address Translation", which means "Network Address Translation". It is an IETF (Internet Engineering Task Force, Internet Engineering Task Group) standard, allows an entire organization to appear on the Internet with a public IP address (Internet Protocol. As the name suggests, it is a technology that translates an internal private network address (IP address) into a valid network IP address.

To put it simply, Nat uses an internal address in the internal network of the LAN. When the internal node needs to communicate with the external network, it is at the gateway (which can be understood as the egress, for example, replace the internal address with a public address in the same way as the courtyard door, so that the external public network (Internet) can be used normally. Nat allows multiple computers to share Internet connections, this function solves the shortage of public IP addresses. In this way, you can apply for only one valid IP address to connect the computer in the LAN to the Internet. In this case, Nat shields the internal network, and all Intranet computers are invisible to the public network, while Intranet computer users generally do not realize the existence of Nat. 2. The internal address mentioned here refers to the private IP address assigned to the node in the internal network. This address can only be used in the internal network and cannot be routed (a network technology, different paths can be forwarded ). Although the internal address can be randomly selected, the following address is usually used: 10.0.0.0 ~ 10.20.255.255, 172.16.0.0 ~ 172.16.255.255, 192.168.0.0 ~ 192.168.255.255. Nat translates the reserved IP addresses that cannot be used on the Internet into valid IP addresses that can be used on the Internet. A global address is a valid IP address. It is an IP address allocated by the NIC (Network Information Center) or ISP (Network Service Provider). It represents one or more internal addresses, is a globally unified addressable address.