network principles and diagrams for VMware Workstation virtual Networks VMnet0, VMnet1, VMnet8
draw on:http://hi.baidu.com/whitelocus/blog/item/d091ded88ac669e038012f5a.html
1. Description of the symbol in the text:<a/b>: Can be understood as A, also can be understood as B.
2. Terminology
Modem: Realize the conversion between analog signal and digital signal, which can be neglected as a network cable.
Routers: Specialized devices that provide routing, DHCP, NAT, < features/services > connect different networks (including connections between LAN and WAN, providing Internet connectivity).
Gateway: A gateway is essentially a network IP address that leads to other networks. For example, network A and network B, network A's IP address range is "192.168.1.1~192." 168.1.254 ", the subnet mask is 255.255.255.0, the IP address range of network B is" 192.168.2.1~192.168.2.254 "and the subnet mask is 255.255.255.0. In the absence of a router, TCP/IP traffic is not possible between two networks, even if the two networks are connected to the same switch (or hub), and the TCP/IP protocol determines that the hosts in the two networks are in different networks based on the subnet mask (255.255.255.0). To achieve communication between the two networks, you must pass through the gateway. If the host in Network a discovers that the destination host of the packet is not in the local network, the packet is forwarded to its own gateway, then the gateway is forwarded to Network B's gateway, and Network B's gateway is forwarded to a host of network B. Only by setting the IP address of Gateway, TCP/IP protocol can realize the communication between different networks. So the IP address is the IP address of which machine. The IP address of the gateway is the IP address of the device with the routing capability, and the device with the routing capability has a router, a server with a routing protocol enabled (essentially the equivalent of a router), a proxy server (also equivalent to a router).
Default gateway: If you know what a gateway is, the default gateway is understandable. As if a room could have multiple doors, a single host can have more than one gateway. The default gateway means that if a host cannot find an available gateway, it sends the packet to the default specified gateway, which handles the packet. Now the gateway used by the host, generally refers to the default gateway. The default gateway generally fills in 255.255.255.0. Configuring a default gateway allows you to create a default path in the IP routing table. It is important to note that the default gateway must be the IP address in the network segment where the computer resides, not the IP address in the other network segment.
A Gateway example illustrates:
Let's say your name is tiny (very small), you live in a big yard, your neighbors have a lot of small partners, your parents are your gateway. When you want to play with a small friend in the yard, as long as you shout his name in the yard, he will respond to you when he hears it and run out to play with you. But your parents do not allow you to walk out of the door, you want to have any contact with the outside world, must be by the parents (gateway) by telephone to help you contact. If you want to talk to your classmate Xiaoming, Xiaoming lives in another courtyard far away, his family also has parents (Xiaoming's gateway). But you do not know Xiaoming's telephone number, but your head teacher has a copy of all the students in your class list and telephone table, your teacher is your DNS server. So you at home and parents have the following dialogue: Little: Mom (or dad), I would like to find a class teacher to check the phone number of Xiao Ming, OK? Parent: OK, you wait. (then your parents to your class teacher hung a phone call, asked clearly Xiaoming's telephone) asked, his home number is 211.99.99.99. Little: That's great. Mom (or dad), I want to find xiaoming, you can help me to contact Xiao Ming Bar. Parent: No problem. (then the parents sent a request to the telephone to call the phone calls, the last pass of course is transferred to Xiao Ming's parents there, and then his parents to the call to Xiaoming). That's how you got in touch with Xiaoming.
< switch/multi-interface Network bridge: switch and Network bridge function similar, basically can think is the same. If you really want to say where the difference is: two points, first, the number of interfaces is different, the number of switches than the Network Bridge interface, the second is the function of the implementation of different ways, the function refers to switches and bridges using bridging technology, the implementation of different means that the switch through a special < IC/chip > to achieve bridging function, But the network bridge does not have the specialized processing core, therefore the switch is quicker and more intelligent than the net bridge.
Interface (interface): Routers, the type of direct interpolation on the switch is called the interface.
--------------the evil dividing line-------------------------above biased hardware, the following biased software---------------------------
Port: We all know that the identity WWW service is 80, which identifies the FTP service as 21, and these numbers are called ports. For example, Www.baidu.com's IP is 119.75.216.30, then access www.baidu.com is essentially access to the 119.75.216.30 80 port 119.75.216.30:80.
Routing server: A server that provides routing < functionality/service >. If you join the routing server role on Windows 2003 server, you can provide routing < functionality/services, which is equivalent to a router-provided routing < function/service >.
DHCP server: (Dynamic Host Configuration Protocol) provides dhcp< function/service > server, is a LAN protocol, uses the UDP protocol work, mainly has two uses: 1. Automatically assign an IP address to an internal network or network service provider; 2. To the user or the internal network administrator as a means of central management of all computers. If you join the DHCP server role on Windows 2003 server, you can provide the dhcp< feature/service, which is equivalent to the dhcp< function/service provided by a router >.
The predecessor of DHCP is BOOTP. BOOTP was originally used for a network without disk host connection: The network host uses the boot ROM instead of the disk to start and connect to the network, BOOTP can automatically set the TCP/IP environment for those hosts. But BOOTP has a disadvantage: prior to the setting must obtain the client's hardware address, and the corresponding IP is static. In other words, BOOTP is very lack of "dynamic", if in a limited IP resource environment, BOOTP one by one corresponding can cause very serious waste of resources. DHCP can be said to be the enhanced version of BOOTP, it is divided into two parts: one is the server side, and the other is the client. All IP network settings data are centrally managed by the DHCP server and are responsible for handling the DHCP requirements of the client, while the client uses the IP environment data that is assigned from the server. Compared to the BOOTP,DHCP through the concept of "lease", the client's TCP/IP settings are effectively and dynamically assigned, and, as a compatibility consideration, DHCP fully takes care of BOOTP client requirements. DHCP is distributed as follows: first, at least one DHCP server must work on the network, it listens to DHCP requests from the network, and consults TCP/IP settings with clients.
DHCP has three kinds of IP allocation methods: 1. Manual Allocation (manual allocation): Obtained IP is also called static address, network administrator for some specific network computer or network device binding fixed IP address, and address will not expire; 2. Automatic Allocation (Auto Assign): Once the DHCP client has successfully leased the IP address from the DHCP server for the first time, always use this address; 3. Dynamic allocation: When a DHCP client leases an IP address from the DHCP server for the first time, the address is not permanently used, and the client has to release this IP address for use by other workstations as long as the lease expires. Of course, clients can have more priority to update (renew) leases than other hosts, or lease other IP addresses. Dynamic allocation is obviously more flexible than manual allocation, especially if your actual IP address is not sufficient.
NAT Server: (Network address translation) provides nat< function/service > server: The IP address used in the internal network is converted to the IP address used in the external network, The routing of the IP address into a routable IP address, the external network to conceal the internal network. Nat not only solves the problem of insufficient LP address, but also can effectively avoid the attack from outside the network, hide and protect the computer inside the network. If you join the NAT server role on Windows 2003 server, you can provide the nat< function/service, which is equivalent to the nat< function/service provided by a router >.
① This client gateway is set to NAT host, so when you want to connect to the Internet, the packet will be sent to the NAT host, this time the packet header source IP for 192.168.1.100;
② through this NAT host, she will be the client's external online packet source IP (192.168.1.100) disguised as ppp0 (assuming that the connection) this interface has a public IP, because it is public IP, so this packet can be connected to the Internet Out. At the same time, the NAT host will remember which (192.168.1.100) client side of this online packet was sent;
③ sent back by the Internet packet, of course, by the NAT host to receive, this time, Nat main opportunity to query the original recorded routing information, and the target IP from ppp0 above the public IP back to the original 192.168.1.100;
④ Finally, the NAT host transmits the packet to the Client that originally sent the packet.
3. Understanding of hardware equipment and software (virtual) equipment
routers and servers with dual network adapters and installing Routing and Firewall < service/function > to build a multihomed network. Where is the routing < server role/service/feature > not just a "virtual router" installed on Windows 2003 server? Makes Windows 2003 server work in this network like a real router. In fact, if you install a software firewall on this Windows 2003 server, this software approach is not exactly the same as a hardware firewall that actually exists on the web.
So, from a functional perspective,< physical/practical/hardware > Equipment and < virtual/software > devices are the same, you can see < virtual/software > equipment as a real hardware device. However, from the design and performance, the two are qualitative differences, the former is designed by the electronic integrated circuits and micro-program to achieve the function, and the latter is programmed by the software to CPU processing to complete, the former performance far more than the latter.
When these concepts are clear, the virtual machines as well as the virtual devices can be seen at a glance. We can make the software virtual out of the hardware equipment openly in our network structure, as they are real.
4. VMware Workstation Virtual Network
4.1. Virtual network Components
Virtual < NIC/network adapter: Installing a Virtual PC automatically installs a virtual < NIC/network adapter, which adds multiple virtual network adapters.
Virtual switches: 10 virtual switches are installed automatically when the VM is installed.
Virtual Bridge: Virtual Network Bridge is only applied when the virtual NIC is connected to the VMnet0 (default bridged) virtual switch.
Virtual DHCP server: When a virtual NIC is connected to a VMNET1 or VMnet8 virtual switch, the virtual DHCP server is automatically installed and connected to this virtual switch.
Virtual NAT server: The virtual NAT server is automatically installed and connected to this virtual switch only when the virtual NIC is connected to the VMNET8 (NAT) Virtual Switch.
Host virtual < NIC/network adapter: The equivalent of a real network card, is connected to the host and Virtual Switch network card.
4.2. VMnet0 (default bridged)
4.2.1. Virtual network components to use
Virtual < NIC/network adapter >
Virtual switches
Virtual Network Bridge
4.2.2 Bridge Network
In bridging mode, VMware's virtual operating system is like a stand-alone host on a LAN that can access any machine in the network. However, you need more than one IP address, and you need to manually configure the virtual system IP address, subnet mask, but also with the host machine in the same network segment, so that the virtual system can communicate with the host machine. If you want to use VMware to create a new virtual server in your local area network, you should choose the bridging mode to provide Internet service for LAN users.
4.2.3. Virtual network structure diagram
Virtual machines can be emulated to the local area network where the host is located.
4.2.4. Virtual network structure of general family networking
4.3. VMnet1 (host-only)
4.3.1. Virtual network components to use
Virtual < NIC/network adapter >
Virtual switches
Virtual DHCP server
Host virtual < NIC/network adapter >
4.3.2. Host-only Network
In some special network debugging environment, requires that the real environment and virtual environment isolation, then you can use Host-only mode. In host-only mode, all virtual systems can communicate with each other, but virtual systems and real networks are isolated. You can take advantage of the Internet connection share that is included with Windows XP (which is actually a simple route NAT) to allow the virtual machine to be accessed through the host's real network card. The TCP/IP configuration information for the virtual system (such as IP address, gateway address, DNS server, etc.) is dynamically allocated by the DHCP server of the VMNET1 (host-only) virtual network. If you want to use VMware to create a virtual system that is isolated from other machines in the network, perform some special network debugging work, you can choose Host-only mode.
In Host-only networks, host-only networks are designed to be isolated from the outside world, in fact host-only networks and NAT networks are very similar, the only difference is in the Host-only network, there is no use of NAT service, No server is routing the VMNET1 Virtual switch, and it certainly has no way to access the Internet, but if my host wants to communicate with VPC. What to do. That's right. Of course, we need to use the VMware network Adapter VMnet1 this virtual network card.
As you can see, under the Host-only network, the default gateway for VPC is set to NULL because the virtual NAT server is not used, but even if you use the route add command with an address to do its route, It still does not have access to the Internet (and does not actually have an address to add). In this way, although my VPC has no way to access the Internet, I can still communicate with my host.
In fact, if we are bt enough, we can also use the VMware network Adapter VMNET1 Virtual NIC in host to route, for example, we can do it with Windows 2000 RRAS, so The guest (VPC) under the Host-only network will be able to surf the internet again, they only need to use the route add command to change their default gateway to VMware Network Adapter VMNET1 network card, but this is not recommended, It's not necessary. If you just want the virtual machine to access the Internet, NAT is the simplest, basically do not need to do any operation, can automatically connect. This is also the default setting parameter.
As a developer, we usually need hosts, virtual machines, and development boards with separate addresses to access each other. Then we can use the following two kinds of network configuration methods:
Bridge and Host-only.
1. Bridging is the simplest way, generally you have a gateway, your Windows host and your VMware in a variety of unix/linux systems, all through this gateway to communicate.
2. The host mode, in the absence of a network, allows the Windows host operating system to communicate with the client operating system (VPC) on the VMware virtual machine. We can see from VMware's virtual network edit, Vnet0 is used to implement bridging mode, VNET1 is used to implement host mode. The host and client are communicating directly through the VNET1. In the host mode, the Windows host operating system does not need to configure what, we open cmd.exe, input ipconfig, we know what the VMnet1 IP address, because this IP is the VMware virtual machine on the client operating system (VPC) gateway IP address. My VMware virtual machine is usually redhat, because Redhat is the most common in the Linux series, the company uses SuSE, Slaceware,unix uses Solaris,freebsd. Then we configure the network on the customer operating system, the main note is that the gateway IP is the Windows host operating system you use the ipconfig command to see the VMnet1 IP address. For example: I in the Windows XP host with ipconfig see VMNET1 IP address is 192.168.159.1, then I redhat in the gateway IP configured to 192.168.159.1, the Redhat IP configured to 192.168.159.2. We ping 192.168.159.2 from the Windows XP host Cmd.exe, if Redhat start sshd server, we can telnet 192.168.159.2 22, if the connection succeeds then everything installs OK, We have no problem connecting the Redhat system from the Windows XP host. Conversely, how do we connect from the Redhat system Windows XP host, from the Redhat system point of view, VMnet1 IP address is the address of the Windows XP host, in the Redhat system ping 192.168.159.1, and then Telnet 192.168.159.1 139, if the connection is successful, all installation OK, indicating that we from the Redhat system to connect to the Windows XP host no problem.
A good way to learn Unix/linux is to build VMware on the Windows system, and then install a variety of unix/linux systems in WMware to connect unix/with shell tools such as CRT, WINSCP, etc. The Linux system operates so that it is not convenient to do anything else without a Windows system, and can install various unix/linux systems on a single PC machine.
4.3.3. Virtual network structure diagram
4.3.4. Virtual network structure of general family networking
4.4. VMnet8 (NAT, network address translation)
4.4.1. Virtual network components to use
Virtual network < NIC/network adapter > (Virtual NIC VMnet8)
Virtual Switch (VMNET8)
Virtual DHCP server
Host virtual < NIC/network adapter >
Virtual NAT Device
4.4.2. Nat Network
In the NAT network, the VMNET8 Virtual switch is used, and the VMware network Adapter VMNET8 Virtual NIC on host is connected to the VMNET8 switch to communicate with VPC, but VMware network Adapter VMnet8 Virtual network card is only used to communicate with VMNET8 Virtual Switch network segment, it does not provide routing function for VMNET8 network segment, the VPC under Virtual NAT network is connected by using virtual NAT server.
At this time, your VPC and host will be able to achieve mutual visits, and if your host is already connected to the Internet, then your VPC can connect to the Internet. So what is the role of the VMware network Adapter VMnet8 virtual network card? It is only for host and NAT virtual network under the VPC communication to provide an interface, so even if the disable out of this virtual card, the guest is still able to surf the internet, but the host can not access the VMNET8 network segment just.
In this way, the host needs to openvmdhcpAndVmnatService.
Using NAT mode, the virtual system uses the NAT (network address translation) function to access the public network through the network where the host machine resides. In other words, using NAT mode enables access to the Internet in a virtual system. Because the NAT service protocol hides the internal network from the external network, the virtual system can access the other real host on the local network of the host by the NAT server, and the reverse is not The host computer and other hosts on the network hosting the host (not to mention other extranet) cannot access the operating system on the virtual machine through the NAT server. (You can, however, modify the associated routing table to allow other hosts in the virtual machine and extranet to exchange visits through the VMNET1/8 virtual network card, except host hosts.) such as 4.3.4. The red font in the figure. For a host network, a VMNET1/8 network card is considered a gateway to a virtual network, and vice versa. The biggest advantage of using NAT mode is that virtual system access to the Internet is very simple, you do not need to do any other configuration, only the host machine to access the Internet can be. If you want to use VMware to install a new virtual system, in the virtual system without any manual configuration can directly access the Internet, it is recommended that you use NAT mode.
4.4.3. Virtual network structure diagram
4.4.4. Virtual network structure of general family networking
--------------------------------------------------------------------------------------------------------------- ---------------------------
For example: The host for XP system, Vmare Linux system, NAT connection mode, set as follows:
1. Virtual machine settings:
Edit-> Virtual Network Editor ...-> dhcp tab. Select VMnet8, point properties, set its DHCP address pool, this vmare is: 192.168.244.128~192.168.244.254.
To change the NAT tab, its gateway IP address is: 192.168.244.2.
2. Set up virtual network card
In the host network connection, set the host virtual network card VMNET8 IP address is 192.168.244.1, the subnet mask is: 255.255.255.0, the default gateway is: 192.168.244.0.
3. Set the Linux IP address on the Vmare as: 192.168.244.128. The address value should be within the DHCP address pool range.
4. Set the Host network card IP: 192.168.1.15, the subnet mask is: 255.255.255.0, the default gateway is: 192.168.1.1.
Test:
Host ping virtual machine: Ping 192.168.244.128
Virtual Machine Ping Host: Ping 192.168.1.15