The difference between Bridge, Nat, host-only in VMware

Overview:

VMware offers three modes of operation, which are bridged (bridging mode), NAT (network address translation mode), and host-only (host mode). To properly apply them in network management and maintenance, you should first look at these three modes of work.

1.bridged (Bridging mode)

In this mode, the VMware virtual operating system is like a separate host in the LAN, which can access any machine in the network.

In bridging mode, you need to manually configure the virtual system with an IP address, subnet mask, and a host machine in the same network segment so that the virtual system can communicate with the host machine. At the same time, because this virtual system is a separate host system in the LAN, it is possible to manually configure its TCP/IP configuration information to enable access to the Internet through a LAN gateway or router.

The relationship between a virtual system using bridging mode and a host machine is like two computers connected to the same hub. To make them communicate with each other, you need to configure the IP address and subnet mask for the virtual system, or you will not be able to communicate.

If you want to use VMware to create a new virtual server within the LAN, to provide network services for LAN users, you should choose bridging mode.

2.host-only (host mode)

In some special network debugging environments, it is required to isolate the real environment from the virtual environment, then you can use the host-only mode. In host-only mode, all virtual systems can communicate with each other, but virtual systems and real networks are isolated.

Note: In host-only mode, the virtual system and the host machine system can communicate with each other, which is equivalent to the two machines connected by twisted pair wires.

In host-only mode, the TCP/IP configuration information (such as IP address, gateway address, DNS server, etc.) of the virtual system is dynamically allocated by the DHCP server of the VMNET1 (host-only) virtual network.

If you want to use VMware to create a virtual system that is isolated from other machines in the network, you can choose Host-only mode for some special network debugging work.

3.NAT (network address translation mode)

Using NAT mode, the virtual system uses the NAT (network address translation) function to access the public network through the network where the host machine resides. In other words, the use of NAT mode enables access to the Internet in virtual systems. The TCP/IP configuration information for a virtual system in NAT mode is provided by the DHCP server of the VMNET8 (NAT) virtual network and cannot be modified manually, so the virtual system cannot communicate with other real hosts on the local area network. The biggest advantage of using NAT mode is that virtual system access to the Internet is very simple, you do not need to do any other configuration, only the host machine can access the Internet.

If you want to use VMware to install a new virtual system, you can directly access the Internet without any manual configuration in the virtual system, it is recommended that you use NAT mode.

Hint: The above mentioned NAT mode VMnet8 virtual network, VMNET1 virtual network in host-only mode, and VMnet0 virtual network in bridged mode are all generated by the automatic configuration of VMware virtual machine and do not need to be set by the user. VMnet8 and VMNET1 provide DHCP services, and VMNET0 virtual networks are not available.

This problem has not been thoroughly clear, in the mind is not very many, VMware what bridge, Nat Ah, hostonly what, in addition there are colinux inside the network problem. In short, it is very complicated, it is necessary to understand.

1.VMware Network Connections in several ways

After installing the virtual machine, we installed two virtual network cards, VMnet1 and VMnet8, and others were not installed (you can also install the others manually). Where VMnet1 is the host network card for the host network connection. The VMNET8 is a NAT network card that is used for NAT connection. Their IP address is randomly generated, if you want to use a virtual machine to do experiments, it is best to VMnet1 to VMnet8 IP address to get rid of. The network segment used by the VMware Virtual network card is "fixed", using the following principle: VMnet1 corresponding network segment is 192.168.10.0,vmnet2 corresponding network segment is 192.168.20.0, other similar. Of course, usually just use the use of no change, you can surf the internet on the line.

The main ways of network connection are: Bridged (bridge), NAT, host network.

Use bridged networking (using bridged network)

Description: Using the VMnet0 Virtual Switch, the virtual machine is quite similar to a standalone computer on the network and hosts a separate IP address.

Using bridge, A,a1,a2,b can exchange visits.

Use network address translation (NAT)

Description: When using the Vmnet8 Virtual Switch, the virtual machine can be accessed through other workstations on the host one-way network, and other workstations cannot access the virtual machine.

With NAT, A1,A2 can access B, but B does not have access to A1,A2. But A,A1,A2 can exchange visits.

Use Host-only Networking (using Host network)

Description: Using the VMNET1 Virtual Switch, the virtual machine can only exchange visits with virtual machines and hosts. Which means you can't be on the internet

With host mode, A,A1,A2 can exchange visits, but A1,A2 cannot access B, nor can it be accessed by B.

Practical application: Now the most commonly used is broadband, using bridge, the host must be able to surf the internet, but the operating system on the virtual machine is not allowed to surf the internet. At this point your host is equivalent to a, and the virtual machine is equivalent to A1, unless you re-apply to the operator (such as telecom, Netcom) IP address, obviously this is not advisable. If you have a router, then you can use the bridge mode to surf the Internet, because at this time you apply for the IP address is written on the router, rather than on your machine, such as your host, virtual machines, including the other people on the router's machine, will be able to surf the internet, using the router automatically assigned IP address, The IP address is typically 192.168.0.XXX. It seems that operators are not happy with the way you use routers, saying what is damaging to their switch interfaces. Of course, as long as your host can access the Internet, using NAT, the virtual machine can always surf the internet (of course, not included in your random rewriting of IP, gateway, DNS and other information).

Instance Manual setting: Assume that the VMnet1 of the host uses a network segment address of 192.168.10.0,VMNET8 using the network segment address of 192.168.80.0, the gateway address is 192.168.80.254 (that is, the NAT router address, can set its own, On VMnet8), the host network card uses the address of 192.168.1.1.

One, the use of bridge mode, the virtual machine A1 IP address can be set to 192.168.1.5 (with the host network card address same network segment), and other such as gateway address, DNS, subnet mask is the same as the host.

Second, the use of NAT, the virtual machine A1 IP address can be set to 192.168.80.5 (and VMNET8 use the same network segment), the gateway is the NAT router address, that is 192.168.80.524

Third, the use of Host-only mode, the virtual machine A1 IP address can be set to 192.168.10.5 (with the same network segment VMNET1)

Note: General users do not need to manually set their own, choose to automatically get, or turn on the DHCP service.

2. The second set of statements

Many friends use VMware to test different systems, I combine my experience to talk about the network settings understanding, the wrong place please correct me.

Bridge

This is the simplest way to directly bridge the virtual network card to a physical network card, and the Linux next NIC binding two different address similar, in fact, the network card is set to promiscuous mode, so as to achieve the ability to listen to multiple IPs.

In this mode, the inside of the virtual Machine network card (for example, Linux under the eth0) directly connected to the network of physical network card, you can imagine that the virtual machine and host machine in a peer position, the network relationship is equal, no one who is behind the problem.

It's easy to use this approach, provided you get more than 1 addresses. For friends who want to do a variety of network experiments, because you can not control the network of virtual machines, it went directly out.

Nat Mode:

In this way, there is a virtual network card Vmnet8 (by default), if you have a NAT server experience, the VMNET8 is equivalent to connect to the intranet network card, and the virtual machine itself is the equivalent of running on-line machine, The network card within the virtual machine (eth0) is independent of the vmnet8.

You will find that in this way, VMware's own DHCP is loaded into the Vmnet8 interface by default, so that the virtual machine can use the DHCP service. More importantly, VMware comes with a NAT service that provides address translation from Vmnet8 to extranet, so this is a real NAT server running, but for virtual machines.

Obviously, if you have only one extranet address, this approach is appropriate.

Hostonly:

This should be the most flexible way to be interested in a variety of network experiments. Unlike NAT, the only difference is that, in this way, there is no address translation service, so, in the case of modulo, the virtual machine can only be accessed by the host, which is also the meaning of the hostonly name.

By default, a DHCP service is also loaded onto Vmnet1. The virtual machine connected to the VMNET1 can still be set to DHCP, which facilitates the configuration of the system.

Is this the way there is no way to connect to the external network, of course not, in fact, this way more flexible, you can use your own way, so as to achieve the most ideal configuration, for example:

A. Use your own DHCP service: first stop VMware's own DHCP service and make DHCP service more uniform.

B. Use your own NAT to easily join a firewall. Windows host can do a lot of NAT, simple as a Windows XP Internet share, complex as a NAT service in Windows Server.

C. Use your own firewall. Because you have complete control over the VMNET1, you can join (or experiment) the firewall between the VMNET1 and the extranet's network card.

As can be seen from the above, hostonly this mode is similar to the normal NAT server with the whole intranet, so you can easily carry out experiments related to it, such as fire-proof strong settings.

3. The third set of statements

VMware supports three types of networks: Nat,bridged,host-only.

Nat

In this way, the virtual machine's NIC is connected to the host's VMnet8. At this point the system's VMWare NAT service serves as the router, responsible for sending the virtual machine to the VMNET8 package for address translation to the actual network, and then sending the packets returned on the actual network to the virtual machine via VMnet8 after address translation. VMWare DHCP service is responsible for providing DHCP services to virtual machines.

Bridged

In this way, the virtual machine, like a real computer, is connected directly to the actual network and has no contact with the host.

Host-only

In this way, the network card of the virtual machine is connected to the host's VMnet1, but the system does not provide any routing services for the virtual machine, so the virtual machine can only communicate with the host and cannot connect to the actual network.

Replicate physical network connection state option explained:

Select if the virtual machine uses a bridged network connection and if your use of the virtual machine on a laptop or other mo Bile device. As a move from one wired or wireless network to another, the IP address is automatically renewed.
When a single-machine multi-card or notebook and mobile device use a virtual machine, when switching between wired and wireless networks, the replicate physical network connection state is checked, and the IP address of the VM network card is automatically updated and does not need to be reset.

The difference between Bridge, Nat, host-only in VMware