VMware's three networking models are bridge,nat,host-only. VMware believes that the use of these three networking modes can build any network topology, and indeed it is. If you are proficient in the network, it should be easy to understand the VMware Network configuration mode, but even so, VMware because it is just a virtual machine, no image of the topology display. This article simply gives a visual representation of the three types of networking patterns, and in addition, the VMware Help documentation also has a fairly detailed introduction to Vmnet's chapters.
one. Bridge mode as the name implies, bridge mode is bridged mode, the virtual machine inside the network card directly bridged in the host of a physical network card is located in the network segment. as follows:
650) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_13319512021LYK.gif "alt=" 0_ 13319512021lyk.gif "/>
This approach is often provided for lazy people, but in non-DHCP situations, it is easy to cause IP address collisions, so do not use bridge mode if you do not want to configure the virtual machine in a network segment. The networking topology for bridge mode is as follows:
650) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_1331951218qtgd.gif "alt=" 0_ 1331951218qtgd.gif "/>
two. Nat mode
65 0) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_13319512356OYo.gif "alt=" 0_13319512356oyo.gif " />
< Span style= "Color:rgb (51,51,51); Font-family:arial;font-size:14px;line-height:21px;background-color:rgb ( 255,255,255); " > > However, there is a detail of how the diamond in the middle is actually implemented, and how VMware is simulating a consistent NAT device under different host operating systems. To achieve consistency and simplicity, VMware uses a user-state connection to implement a NAT device in a way that {over}}, so the NAT device is actually a user-state process that performs address translation as shown in:
650) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_1331951251Fmqi.gif "alt=" 0_ 1331951251fmqi.gif "/>
the so-called address translation is not really the IP network in the sense of address translation, but a generation {over} {filter} rationale. The connection initiated in the virtual machine is completely intercepted in the NAT process of the host, and then the NAT process rescue the connection to the destination in place of the virtual machine, and then communicates with the destination, then forwards the data to the virtual machine. We can illustrate this by a simple experiment:
1. Only allow local TCP SYN packets to be sent out, prohibit any return packetsiptables-a output-p tcp--tcp-flags SYN syn-j ACCEPT
Iptables-a output-j DROP
Iptables-a input-j DROP
2. Establish a TCP connection to Baidu in the virtual machinetelnet 74.125.128.94
3. View the file descriptor of the user-state NAT process on the hostlsof-p 271-n
...
Vmnet-nat 271 root 7u IPv4 0xffffff8017b62160 0t0 TCP 192.168.1.101:49256->74.125.128.94:http (ESTABLISH ED)
...
4. ConclusionThe virtual machine can only send a SYN packet, but the host inside to 74.125.128.94 connection has been established, indicating that the NAT process is a user-state connection generation {}}. The same conclusion can be observed by the TCP grab packet, how to observe it? It's easy to see the serial number, the serial number and confirmation number of the packet crawled in the virtual machine and the "Same connection" (not actually a connection, but the serial number of the {{}}}) that the host crawled, and we know that the regular NAT only modifies the five element and does not modify the serial number.
& nbsp can be seen, because NAT is a generation {over} {filter}, Nat mode may cause the destination host TCP connection statistics inaccurate, such as the above experiment, the virtual machine obviously did not connect to a successful destination, However, the host's NAT process has established a TCP connection. With NAT mode, you need to know all the side effects that it brings. The network topology for the last NAT pattern is as follows:
< Span style= "Color:rgb (51,51,51); Font-family:arial;font-size:14px;line-height:21px;background-color:rgb ( 255,255,255); " > 650) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_1331951273WtT2.gif "alt=" 0_ 1331951273wtt2.gif "/>
< Span style= "Color:rgb (51,51,51); Font-family:arial;font-size:14px;line-height:21px;background-color:rgb ( 255,255,255); " > three. host-only mode
< Span style= "Color:rgb (51,51,51); Font-family:arial;font-size:14px;line-height:21px;background-color:rgb ( 255,255,255); " > 65 0) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_13319512961LzH.gif "alt=" 0_13319512961lzh.gif " />
But how does the Host-only mode virtual machine connect to the extranet? A virtual machine can treat a host as a router, so the rest of the problem is how to configure the router. The following steps are required:
1. In the virtual machine will default gateway to the host's virtual NIC Vmnet1, if you are not too troublesome can also configure host routing2. Open the host's routing featurelinux:sysctl-w net.ipv4.ip_forward=1
Mac os:sysctl-w net.inet.ip.forwarding=1
Windows: Open the IPEnableRouter registry key for Tcpip
3. Select one of the following methods3.1. Configure Snat. Linux uses iptables to configure egress NIC Snat;mac os using NATD and IPFW configuration, and Windows uses the network card's "share" internet to configure3.2. Configure pure routing, mainly to solve the problem of backhaul routing, but many of the external network server routing we can not configure, so this is only applicable to the experimental environmentthe networking topology for Host-only mode is as follows:
< Span style= "Color:rgb (51,51,51); Font-family:arial;font-size:14px;line-height:21px;background-color:rgb ( 255,255,255); " > < Span style= "Color:rgb (51,51,51); Font-family:arial;font-size:14px;line-height:21px;background-color:rgb ( 255,255,255); " > 650) this.width=650; "src=" Http://hi.csdn.net/attachment/201203/17/0_1331951314G7E2.gif "alt=" 0_ 1331951314g7e2.gif "/>
four. Meaning of VnnetxVMware has virtualized several network cards in the host, which are actually two-or three-layer network devices with multiple ports. This article does not address DHCP at this end, in fact, each network mode can have a DHCP server to insert these virtual device port, the virtual machine inside the network card assigned IP address.
By default, VMware provides a VMNET0/1/8 three virtual network card, vmnet0 not seen, it is actually a pure link layer bridge, the bridge device does not have any three layer function, One of the ports in the bridge is a physical NIC on the host. Vmnet1 dedicated to Host-only to use, vmnet8 specifically for NAT, both virtual network cards have three layers of functionality, can be configured IP address, is actually a host on the visible network card Ah, in addition, these two network cards are also bridge equipment, Only the Brdige does not bridge any physical network cards on the host.
This article is from the "Fancy" blog, make sure to keep this source http://lily2015.blog.51cto.com/10552396/1787934
VMware's networking model in layman's
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
