Deep understanding of VMware Virtual Network

Source: Internet
Author: User
Tags get ip vmware server
Document directory
  • 1. How can computers on the same vswitch communicate?
  • 2. Pay attention to multiple NICs of the host
  • 3. If the computer on the same vswitch is in the same CIDR block
  • 4. computers using vmnet1 virtual NICs cannot access the Internet by default.
  • 1. One-way access relationship in Nat
  • 2. Default conditions in Nat
  • 3. virtual machines that allow Internet access to Nat
  • 1 By default, vmnet1 cannot access vmnet8 and vmnet0.
  • 2 by default, vmnet8 cannot access vmnet1.

VMware Workstation is a very good Virtual Machine Software. Many enthusiasts use vmware workstation to design multiple implementation environments for testing. The Virtual Network of VMware Workstation is very powerful, but it is a little complicated for beginners. Based on this, this article will introduce VMware's Virtual Network in depth, allowing readers to deeply understand the relationship between VMWare virtual networks, so as to design a variety of complex Wan, lan experimental environments, meet your lab needs. Because VMware Server and VMWare Workstation are combined, the content in this article also applies to VMware Server. At the same time, the virtual network of VMware Workstation is also the basis of VMware ESX Server, a VMware enterprise product. After familiarizing yourself with the virtual network of VMware Workstation, it is also helpful for you to learn and use VMware Server.

3.1 VMware Virtual Network Overview

VMware Workstation (or VMware Server) is installed on a physical computer called a "host". Assume that the host has a physical Nic and is connected to a switch of the network, the network topology is 3-1.

Figure 3-1 Host physical network

[Key Points] vmware workstation and VMware Server Support vmnet0 ~ Vmnet9 has 10 (virtual) network cards. For each virtual network card (vmnet0 ~ Vmnet9), you can only select one network attribute at a time: Use the host physical Nic, or use the virtual Nic.

There are two types of network in the VMware Virtual Network: "host network only" and "nat network ". For vmware workstation (or VMware Server) hosts, multiple virtual NICs can have the "only host network" feature, however, at the same time, only one virtual network card can have the "nat network" attribute.

When you install vmware workstation or VMware Server on the host, three virtual NICs are installed by default. The names of the three virtual NICs are vmnet0, vmnet1, and vmnet8, respectively, the Network attribute of vmnet0 is "physical nic", and the network attribute of vmnet1 and vmnet8 is "virtual nic ".By default,Vmnet1The virtual network card is defined as "host virtual network only", vmnet8The virtual ENI is defined as "NatNetwork. At the same time, the host physical Nic is defined as a "bridge network". The host physical Nic can also be called vmnet0..

By default, the virtual network topology of VMware Workstation is 3-2.

Figure 3-2 Virtual Machine Network Topology

In Figure 3-2, three vswitches, two virtual NICs, one physical Nic, and one virtual router constitute the entire structure of the default virtual network. When vmware workstation (or VMware Server) is installed, it will be from 192.168.x.0/24 (in a previous version, it also used the address segment of 172.16.0.0/12, but soon gave up) in, randomly select two CIDR blocks, and allocate the 1st addresses of each segment to the corresponding virtual network adapter (vmnet1 and vmnet8.

In Figure 3-2, vmnet1 uses 192.168.10.0/24 and vmnet8 uses 192.168.80.0/24. This is the address segment that I am used to. You can set it according to your hobbies and habits. If you want to modify these IP addresses, we will introduce them later.

In Figure 3-2, another virtual DHCP server is not marked. This virtual DHCP server is used to use vmnet1, vmnet8 (or other) virtual NICs (or to connect to vmnet1 and vmnet8 Virtual Switches) virtual machines are automatically assigned IP addresses, subnet masks, gateways, DNS, and other parameters.

3.2 virtual machines, virtual NICs, and Network Properties

In VMware Workstation, each virtual machine can support up to 10 virtual NICs, which can be connected to different virtual networks (as needed, in Example 3-2, vmnet1, vmnet8, or vmnet0 vswitch. You can select a virtual network in either of the following situations: when creating a virtual machine, or after creating a virtual machine, modify the virtual network attribute in "Virtual Machine Settings.

(1) When creating a virtual machine, on the "Network Type" page, in the "Network Connection" Networking Group, select a virtual network for the current virtual machine, as shown in Figure 3-3.

Figure 3-3 network properties

(2) After the virtual machine is created, modify "Virtual Machine Settings" or modify the virtual network properties, as shown in Figure 3-4.

Figure 3-4 modify Virtual Machine Settings

Whether you select Network properties when creating a virtual machine or on the "Virtual Machine Settings" Page, each virtual network card has three options: vmnet0 (bridging Network) and vmnet1 (host network only) and vmnet8 (NAT Network) Connection Properties, there is also a "Do not use network connection", that is, this virtual network card, do not connect to any network. The following describes the network properties used to connect to vmnet1, vmnet8, and vmnet0 vswitches.

[Note] (1) After vmware workstation 6.0, the "team" function is added, and the "team" virtual switch is also added. In addition to Virtual Switches such as vmnet0, vmnet1, and vmnet8, you can also use virtual switches in the team.

(2) vmware workstation (or VMware Server), in addition to vmnet0, vmnet1, and vmnet8 vswitches, you can also create (or add) vmnet2 ~ Vmnet7, vmnet9, and other vswitches. The attributes of these vswitches can be selected between "host network only", "bridge network", and "nat network.

3.3 relationship between vmnet1, vmnet8, and vmnet0 virtual NICs

In a virtual machine of VMware Workstation or VMware Server, the network relationships between virtual machines and between hosts can be referred to the network topology shown in Figure 3-5.

Figure 3-5 virtual machine and host network topology

In Figure 3-5, the VM A11, A12, and ,~ And Virtual Machine A03. It is a virtual machine created by VMware Workstation (or VMware Server. Virtual machines A11, A12, and A13 use vmnet1 (host network only) virtual NICs. In the network topology shown in Figure 3-5, they are connected to the vmnet1 virtual switch; virtual Machine a81 and a82 use vmnet8 virtual network card (NAT network, equivalent to connecting to vmnet8 Virtual Switch); Virtual Machine A01, A02, A03 use vmnet0 virtual network card (bridge network, is equivalent to connecting to the vmnet0 vswitch ).

Host B represents one or more computers in the same LAN as host. The "same LAN" indicates a computer in the same subnet (VLAN) or a computer in different subnets.

Internet computer Z represents other computers or servers on the Internet. It can be one or more computers.

Draw a 3-5 relationship to the network topology, as shown in 3-6.

Figure 3-6 simplified network topology

The following describes the network relationships between virtual machines and hosts.

3.3.1 Use vmnet1 virtual Nic for virtual machines

When the virtual machine is selected to use the vmnet1 virtual network card, it indicates that the virtual machine is connected to the vmnet1 virtual switch.

Vmnet1, which officially defines "only host network". Its default network behavior only correspondsHostOr other virtual machines that use the vmnet1 virtual NIC have network connections. Virtual machines that use vmnet1 virtual NICs cannot access computers other than physical hosts.

In Figure 3-5 (Figure 3-6), virtual machines A11, A12, and A13 use vmnet1 virtual Nic, indicating that they are connected to the vmnet1 virtual switch. In the network topology shown in Figure 3-5 (Figure 3-6), the virtual machine A11, A12, A13, and physical hostCan communicate with each other. Simplify the vmnet1-related computers in Figure 3-5 (Figure 3-6) to the topology shown in Figure 3-7.

Figure 3-7 vmnet1 Virtual Network Topology 3-

1. How can computers on the same vswitch communicate?

In-depth understanding: "communication is allowed", which means that when A11, A12, A13, and a are connected to vmnet1 vswitches, the four computersYesCommunicate with each other,But not necessarilyCapable of communication. Why? If the IP addresses of the same subnet are not set for A11, A12, A13, and a, the IP addresses of the same subnet cannot communicate with each other (access each other), or even though the IP addresses of the same network segment are set, however, A11, A12, A13, and a have firewalls to prohibit access from other computers. In this case, communication is not allowed.

Only when A11, A12, A13, and a are connected to the same vswitch and are in the first network segment (the IP address cannot conflict with each other), and there is no firewall (or there is a firewall, but other computers are allowed to access it) communication is possible.

Small experiment: create a virtual machine and vmnet1 virtual network card in VMware Workstation, set the IP address of the same network segment as vmnet1, or set "automatically get IP Address" in the virtual machine ", shut down the firewall between the host and the virtual machine, and try to use the "Network Neighbor" or ping command to check whether the virtual machine and the host can communicate with each other.

2. Pay attention to multiple NICs of the host

Note that host a has three NICs (one physical Nic and two virtual NICS) on host a, namely, vmnet1, vmnet8, and physical network (vmnet0 ), if A11, A12, and A13 are computers in the 192.168.10.0/24 network segment, but vmnet1 is not in the 192.168.10.0/24 network segment, however, when you set the IP address of the same network segment as A11, A12, and A13 in vmnet8 or vmnet0 (for example, 192.168.10.0/24), a and A11 (or A12, A13) it cannot communicate.

3. If the computer on the same vswitch is in the same CIDR block

In addition, it should be noted that although the vmnet1 virtual network segment is set to use 192.168.10.0/24 in "Virtual Network Settings, when A11, A12, and A13 are connected to the same vswitch, you only need to set the IP address of the same network segment (192.168.10.0/24, it can also be other network segments, but it is better not to conflict with vmnet8 or vmnet0 network segments). A11, A12, A13, and a can communicate with each other.

4. computers using vmnet1 virtual NICs cannot access the Internet by default.

The computer that uses the vmnet1 virtual Nic cannot access the Internet or the computer that uses the vmnet1 virtual Nic. In Figure 3-5 (Figure 3-6), the virtual machines A11, A12, and A13 have no network relationship with B and Z, and they cannot access each other.

3.3.2 VM using vmnet0 virtual Nic

If the virtual machine uses the "Bridge Mode", that is, vmnet0, the virtual machine is equivalent to a computer in the host network. If the Virtual Machine selects vmnet0 (or bridge network ), the "vmnet0 Virtual Switch" is used to connect to the network of the host. In this case, it is irrelevant to whether the "vmnet0 virtual nic" of the host sets the IP address.

In the network topology shown in Figure 3-5 (Figure 3-6), if the VM A01, A02, and A03 use the vmnet0 vswitch, regardless of the VM vmnet0 virtual Nic, whether the correct IP address, subnet mask, and gateway are set, as long as A01, A02, and A03 have the correct IP address, subnet mask, gateway, and other parameters, is to access other computers (such as B) on the network outside the host, and other computers (such as Z) on the Internet ). Vmnet0 Virtual Machine and Virtual Network Topology 3-8 are shown.

Figure 3-8 vmnet0 Virtual Network

B and Z can be physical computers or virtual machines that use vmnet0 virtual NICs. In Figure 3-8, vmnet0 virtual machines (A01, A02, and A03) can access each other with host a and host B.

3.3.3 use vmnet8 virtual Nic for virtual machines

If a VM uses vmnet8, the VM can access a network other than the physical host in one way (from the VM to the host, or the internet) through the host network, while a network other than the host cannot access a VM that uses vmnet8. However, the premise is that the host must be able to access the Internet (or other computers on the network). If the host cannot access the Internet, the virtual machine configured as the vmnet8 virtual Nic cannot access the Internet.

The Virtual Network and Virtual Machine in Figure 3-5 (Figure 3-6) and vmnet8 are simplified to 3-9.

Figure 3-9 vmnet8 Virtual Network

Host a's vmnet8 virtual Nic, connects to the vmnet8 virtual switch, the vmnet8 virtual switch connects to the "virtual router", and the "virtual router" connects to the "vmnet0 virtual NIC (that is, the host physical Nic )", the "vmnet0 virtual nic" is used to connect to the "vmnet0 Virtual Switch" and the "vmnet0 Virtual Switch" is used to connect to the host's physical network. This indicates that the computer connected to the "vmnet8 Virtual Switch" (virtual machine or host ), you must connect to the host physical network in the direction of "vro"> "vmnet0 virtual nic"> "vmnet0 Virtual Switch.

1. One-way access relationship in Nat

Virtual machines a81 and a82 are virtual machines connected to vmnet8 vswitches on host. Then, a81 and a82 can access a (two-way mutual access), and one-way access to virtual machines A01, A02, and A03 through the "virtual router ".Unidirectional accessOther computer B on the network to which a belongs, and canUnidirectional accessOther computer Z on the Internet. However (By default) Cannot access a81 or a82. Therefore, the access here is "one-way access ".

2. Default conditions in Nat

The "default situation" mentioned in the previous section refers to the host physical network adapter that enables the NAT and DHCP services on virtual machines and the IP address of the virtual machine is "automatically obtained IP address and DNS, when the network parameters (IP address, subnet mask, gateway, and DNS) are set correctly.

When the NAT and DHCP services are enabled, the virtual machine automatically obtains the appropriate IP address, subnet mask, gateway, and DNS.

If the virtual machines a81 and a82 are not set to "automatically obtain IP addresses and DNS addresses", but "manually" the IP addresses, subnet masks, Gateway addresses, and DNS addresses, similar to the DHCP server allocation, it can also access the internet. For example, in Figure 3-5 (Figure 3-6), the vmnet8 vswitch uses the CIDR Block 192.168.80.0/24 ~ The IP address of 192.168.80.253, The subnet mask is 255.255.255.0, And the gateway address is 192.168.80.2. Then, you can access a and other hosts on the network.

3. virtual machines that allow Internet access to Nat

If other computers on the physical network (such as B and Z) want to access a81 and a82, then, choose "vmnet0 vswitch"> "vmnet0 virtual nic"> "virtual router"> "vmnet8 Virtual Switch" to a81 and a82, but the "virtual router" is configured by default, prohibit "Internet" from accessing "intranet". Here, the network of vmnet0 virtual nic and vmnet0 virtual switch is "Internet", and the network of "vmnet8 Virtual Switch" is "Internet, intranet.

If this "vro" is configured, for example, when port ing is used, other computers on the Internet can also access the virtual machines a81 and a82.

3.3.4 network relationship between virtual machines using different virtual NICs

We have discussed the relationship between virtual machines that use the same virtual network card and the host. What is the relationship between virtual machines that use different virtual network cards on the same physical host?

Figure 3-10 Virtual Network Topology 3-

1 By default, vmnet1 cannot access vmnet8 and vmnet0.

As shown in figure 3-10, the virtual machines connected to vmnet1 (A11, A12, and A13), the virtual machines connected to vmnet8, and the virtual machines connected to vmnet0 (A01, A02, and A03 ), by default, mutual access is not allowed.

To access each other, You must enable the default routing or proxy server function on host a to access each other (or one-way. For example, a physical host can install Windows Server 2003 (or Windows 2000 Server or Windows Server 2008) and enable the "route and remote access" function on this computer, and make the computer a "Router". At this time, the virtual machines canMutual access.

If the host is installed with Windows 2000, XP, and other operating systems, you can enable the "Internet Connection Sharing function" to allow vmnet1 to access vmnet8 or vmnet0 in one way, and vice versa. For example, it is easy to allow vmnet8 to access vmnet1 in one way.

2 by default, vmnet8 cannot access vmnet1.

By default, vmnet8 cannot access vmnet1. You can use a virtual router to access vmnet0 in one way. If vmnet8 wants to access vmnet1, enable "vro" or "Internet Connection Sharing Service" on host a like vmnet1 accesses vmnet8 ".

3 by default, vmnet0 cannot access vmnet8 or vmnet1.

By default, vmnet0 cannot access vmnet1 and vmnet8. To access vmnet8, in addition to enabling "vro" or "Internet Connection Sharing", you can also configure the "vro" between "vmnet8" and "vmnet0 ", to access virtual machines in vmnet8.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.