VMware NAT Principle Depth Analysis summary to solve all VMware network configuration problems

Overview of the problem: installing Centos6.6 in a VMware virtual machine using the Vmnet8 NIC for Nat mode, DHCP is working, but if you use a static IP, you will not be able to access the Internet.

First of all, the principle of Nat: that is, the intranet user through the network address translation, by the export equipment (generally referred to as routers) using Network address translation, the source address is converted to export IP address, agent intranet users to access the external network resources; The export device maintains a corresponding table, and when the returned result is accessed, According to the corresponding table to the corresponding intranet users, this process is also referred to as the source address translation, if it is an extranet user, need to access a server or host in the intranet, you can start port mapping in the export device, the destination address into an intranet server or host address, proxy access, also known as Destination address translation. Centos6.6 This virtual machine should specify ip:172.16.100.128, Gateway: 172.16.100.1,dns:172.16.100.1, Mask: 255.255.255.0 configuration file as follows:

Device=eth0 Type=ethernetonboot=yesnm_controlled=yesbo Otproto=staticipaddr=172.16.100.128netmask=255.255.255.0gateway=172.16.100.1dns1=172.16.100.1userctl=nopeerdns =no

Restart the NIC

[35 [email protected] network-scripts]# /etc/init.d/network restartshutting down  interface eth0:                               [   ok  ]shutting down loopback interface:                            [  OK  ]Bringing up loopback interface:                              [  OK  ]Bringing up interface eth0:   Determining if ip address 172.16.100.128 is already in use  For device eth0...                                                              [  OK  ]

     then the entire network died there, even the gateway is not ping, the route is not out of the gateway route, but host can ping the virtual machine, SSH can connect normally. If you remove DNS1 to show the routing table, and the routing table is correct

[7 [email protected] ~]# routekernel ip routing tabledestination      Gateway         Genmask          Flags Metric Ref    Use  iface172.16.100.0    *                255.255.255.0   U     0       0        0 eth0link-local       *                255.255.0.0     u     1002   0         0 eth0default          172.16.100.1    0.0.0.0         ug    0       0        0 eth0# but still is still ping not through gateway, this if in real environment can certainly ping pass, Packet access is dropped directly to the gateway, but to the gateway is submerged, why? [8 [email protected] ~]# ping 172.16.100.1ping 172.16.100.1  (172.16.100.1)  56 (+)  bytes of data.^c--- 172.16.100.1 ping statistics ---8  packets transmitted, 0 received, 100% packet loss, time 7148ms# The last sentence is obviously caught in a black hole, the package only out, not into.

Now we modify the Vmnet8 Nat gateway for 172.16.100.1,VMNET8 and host connection addresses for 172.16.100.2 to try:

To modify the VMware Virtual network card editor:

650) this.width=650; "class=" wp-image-100 size-full "title=" Modify the VMware Virtual network adapter Editor "src=" http://www.trnux.com/wp-content/ Uploads/2015/05/2015-05-27_154416.png "alt=" 2015-05-27_154416 "width=" 364 "height="/>

To modify Windows Vmnet8 information:

650) this.width=650; "class=" Alignnone wp-image-101 size-full "src=" http://www.trnux.com/wp-content/uploads/2015/05 /2015-05-27_154455.png "alt=" 2015-05-27_154455 "width=" 398 "height=" 319 "/>

To modify a virtual machine Centos6.6 network configuration file:

Device=eth0 Type=ethernetonboot=yesbootproto=staticipa ddr=172.16.100.128netmask=255.255.255.0gateway=172.16.100.1dns1=172.16.100.1

Restart the Network service and test

[6 [email protected] ~]# /etc/init.d/network restart                            Shutting down interface eth0:                                [  OK  ]Shutting down loopback interface:                            [  OK  ]Bringing up loopback  interface:                             [  ok  ]bringing  up interface eth0:  determining if ip address 172.16.100.128 is already in  use for device eth0...                                                              [  ok  ][7 [email  protected] ~]# ping www.baidu.com                              PING www.a.shifen.com  (119.75.218.70)  56 ( bytes of data.64 bytes)  from 119.75.218.70: icmp_seq=1 ttl=128 time=8.79 ms64 bytes from  119.75.218.70: icmp_seq=2 ttl=128 time=48.1 ms64 bytes from 119.75.218.70: icmp_seq=3 ttl =128 TIME=7.44 MS^C--- www.a.shifen.com ping statistics ---3 packets  transmitted, 3 received, 0% packet loss, time 2302msrtt min/avg/max/ Mdev = 7.443/21.463/48.157/18.883 ms

Done!

The above operations are due to experience, thanks to the Sun Wenjun of the Great God's guidance. In order to understand the principle, I tried various situations and finally came to the following:

650) this.width=650; "class=" Alignnone size-full wp-image-111 "src=" http://www.trnux.com/wp-content/uploads/2015/05 /2015-05-27_201839.png "alt=" 2015-05-27_201839 "width=" 374 "height=" 449 "/>

Virtual machine management software VMware's virtual network editor in the network segment is a subnet segment, the NAT-configured gateway is the gateway to the Vmnat, This is set to 172.16.100.1; While the host is Win7, the network adapter VMNET8 address is 172.16.100.2, and the virtual machine is a network segment, so usually the Nat gateway is filled with VMNET8 IP address, while the virtual machine Gateway point to Vmnet8, you can ping vmn Et8 IP, while the host can also ping the virtual machine, which is somewhat similar to the host mode, without NAT. However, because there is no route, you cannot access the extranet. The correct approach is that the virtual machine through the Vmnat gateway to do NAT translation access to the external network, and then the host through the Vmnet8 IP access to the virtual machine (the same subnet), the host is not accessible through Vmnat, which is the nature of NAT, unless the destination address translation (port mapping). In this case, then the state of VMNET8 will not affect the virtual machine access to the external network, we can vmnet8 this virtual network card down, indeed, the virtual machine can still access the network address, because the host cannot cross the NAT, so the virtual machine can not access. (as a result of the haste, the operation is temporarily ignored here, these are already operated, the next time to fill). But there is still a problem, that is, the virtual machine can not ping the address of the VMNET8, theoretically with the network segment should be directly ping, and the host is not able to ping Vmnat gateway, ditto is also the same network segment, to be researched.

This article is from the "top of Operations" blog, please be sure to keep this source http://trnux.blog.51cto.com/6998102/1657310

VMware NAT Principle Depth Analysis summary to solve all VMware network configuration problems