Differences between the three network modes of Vmware

I. vmnet0 bridging Network (bridged networking)

 

A bridge network is a local physical network card and a virtual network card that are bridging through the vmnet0 virtual switch. The physical network card and the virtual network card are in the same position on the topology (the virtual network card is neither adeptervmnet1 nor adeptervmnet8 ).

The physical and virtual NICs are equivalent to the same network segment, and the virtual switch is equivalent to the switch in a real network. Therefore, the IP addresses of the two NICs must be set to the same network segment.

We can see that the IP addresses of physical and virtual NICs are in the same network segment, and the subnet mask, gateway, DNS, and other parameters are the same. The two NICs are relatively independent in the topology.

In the bridge mode, the Virtual Operating System of VMware is like an independent host in the LAN, which can access any machine in the network. However, you need more than one IP address, and you need to manually configure the IP address and subnet mask for the virtual system, and also need to be in the same network segment with the host machine, so that the virtual system can communicate with the host machine. If you want to use VMware to create a virtual server in the LAN to provide network services for LAN users, you should select the bridge mode.

**************************************** ****************************************

Bridge: This method is the simplest. You can directly bridge the virtual network card to a physical network card. It is similar to binding two different addresses to the next network card of the virtual machine. In fact, you can set the network card to the hybrid mode, this allows you to listen on multiple IP addresses.

In this mode, the network card (for example, eth0 in Linux) inside the virtual machine is directly connected to the network where the physical network card is located. It can be imagined that the virtual machine and the host machine are in the same status, the network relationship is equal, and no one is behind it.

This method is easy to use, provided that you can get more than one address. it is not suitable for anyone who wants to conduct various network experiments, because you cannot control the network of the virtual machine and it goes out directly.

**************************************** ****************************************

Promiscuous Mode refers to the ability of a machine to receive all data streams passing through it, regardless of whether the target address is him or not. It is relative to the common mode (also known as "non-mixed mode. This is used by network administrators to diagnose network problems, but is also used by unauthenticated people who want to listen to network communication (which may include passwords and other sensitive information. A non-Route Selection node can only be in the same conflict domain (for Ethernet and wireless LAN) in hybrid mode) internal monitoring communicates with other nodes or rings (for the card ring or FDDI), which is why network switching is used to combat malicious hybrid modes.

In hybrid mode, all packets passing through the network card are received, including packets not sent to the local machine. By default, only packets (including broadcast packets) sent to the local machine are transmitted to the upper-Layer Program. All other packets are discarded. To put it simply, the hybrid mode means that the network card can accept all the data streams that pass through it, no matter what format or address. In fact, after the computer receives the data packet, the network layer determines whether it is submitted to the upper layer (transport layer), discarded, or submitted to the lower layer (data link layer, MAC Sub-layer) for forwarding.

Packet capture tools, such as ethereal and sniffer, are usually used.

For a broadcast hub, if pC1, PC2, and PC3 are connected to the same hub, when pC1 sends a packet to PC3, the hub broadcasts the packet, so PC2 can actually see this package, but usually it will discard the package sent to PC3, but if it is in mixed mode, PC2's NIC driver will not discard this package, instead, the package is sent to the upper-layer driver and application.

**************************************** ****************************************

**************************************** ****************************************

2. Network Address Translation)

 

The Nat mode enables the virtual system to use the NAT (Network Address Translation) function to access the public network through the network of the host machine. That is to say, you can use the NAT mode to access the Internet in a virtual system. In Nat mode, the TCP/IP configuration information of the virtual system is provided by the DHCP server of the vmnet8 (NAT) Virtual Network and cannot be modified manually, therefore, the virtual system cannot communicate with other real hosts in the local area network. The biggest advantage of using the NAT mode is that it is very easy for the virtual system to access the Internet. You do not need to configure any other configurations, but only need the host machine to access the Internet. If you want to use VMware to install a new virtual system, you can directly access the Internet without manual configuration in the virtual system. We recommend that you use the NAT mode.

The IP address of the VMware networkadeptervmnet8 virtual ENI is generated by the system when VMware is installed. Do not modify this value. Otherwise, the host and virtual machine cannot communicate.

The CIDR block is the same as that of the NAT network adapter. The CIDR block is 192.168.111.x, And the IP address of the NAT server is the same as that of the NAT server. After VMware is installed, a virtual DHCP server is generated to assign an IP address to the NAT server.

When the host communicates with the virtual machine, it will call the VMware networkadeptervmnet8 virtual network card, because they are in a network segment, so the communication is not a problem.

In fact, the role of the VMware networkadeptervmnet8 virtual Nic is to provide an interface for communication between the host and the virtual machine. Even if the host's physical Nic is disabled, the virtual machine can still connect to the Internet, however, there is no mutual access between the host and the virtual machine.

**************************************** ****************************************

Nat mode: In this mode, a virtual Nic vmnet8 (by default) appears inside the host. If you have experience as a NAT server, the vmnet8 here is equivalent to the NIC connected to the Intranet, the Virtual Machine itself is equivalent to a machine running on the Intranet, and the network adapter (eth0) in the virtual machine is independent of vmnet8.

In this way, the DHCP service provided by VMware is loaded to the vmnet8 interface by default, so that the virtual machine can use the DHCP service. more importantly, VMWare comes with the NAT service, which provides address translation from vmnet8 to the Internet. Therefore, a real Nat server is running, it is only for virtual machines. obviously, this method is suitable if you only have one Internet address.

**************************************** ****************************************

**************************************** ****************************************

Iii. vmnet1 virtual Nic host-only mode

 

In some special network debugging environments, you must isolate the real environment from the virtual environment. In this case, you can adopt the host-only mode. In host-only mode, all virtual systems can communicate with each other, but the virtual system and the real network are isolated. You can use Internet Connection Sharing (in fact, a simple route Nat) in Windows XP to allow virtual machines to access the Internet through the real Nic of the host. The TCP/IP configuration information (such as the IP address, gateway address, and DNS server) of the virtual system is dynamically allocated by the DHCP server of vmnet1 (host-only) virtual network. If you want to use VMware to create a virtual system isolated from other machines in the network and perform some special network debugging, you can select the host-only mode. The host and virtual machine are connected through twisted pair wires.

In host-only mode, the virtual network is a fully closed network, and the only access to the virtual network is the host. In fact, the host-only network is similar to the NAT network. The difference is that the host-only network does not have a NAT service, so the virtual network cannot connect to the Internet. The communication between the host and the virtual machine is achieved through the vmwarenetworkadepter vmnet1 virtual network card.

Like Nat, the IP address of the VMware networkadeptervmnet1 virtual Nic is also specified by the VMware system. the IP address of the virtual DHCP server and the virtual NIC are located in the same network segment, but it is not in the same CIDR block as the IP address of the physical ENI.

The purpose of host-only is to establish an internal network isolated from the outside to improve the security of the Intranet. This feature may be of little significance to common users, but it is often used by large service providers. If you want to provide the routing function for the vmnet1 CIDR block, you need to use RRAS instead of XP or 2000 ICS, because ICS will change the Intranet IP address to 192.168.0.1, but the virtual machine does not allocate this address to the vmnet1 virtual Nic, so the host and virtual machine cannot communicate.

Source: Advanced Networking: fundamental differences between the three network modes of Vmware

VMware network configuration details 1: Introduction to three network Modes

Understanding three network connection modes under vmwarevm