VMware Workstation for Linux Networking Support
Each virtual machine can have its own independent network
configuration. There are four choices for configuring networking:
No networking simply means a virtual machine is run in isolation;
it will not be able to communicate with the host operating system or any
other virtual machine running on the host. This option is useful
if you desire complete isolation for testing or security purposes. To
set up your virtual machine in this way, simply do not install a network
interface adapter when configuring the virtual machine.
Host-only networking means a virtual machine can communicate with
the host operating system and any other virtual machines set up to use
host-only networking, but the virtual machine cannot communicate with any
systems off the host machine without the use of a proxy server.
If you chose to install Samba when you installed VMware Workstation -- or if you
already had Samba configured appropriately on your host -- the guest
operating system can share files with the host using the facilities of
the host-only network.
Host-only networking is most useful when the host is itself isolated or
when you want to isolate your virtual machines from systems outside the
host computer. This configuration is analogous to the way corporations
often connect their internal networks to the Internet with a firewall and
proxy services. To set up a virtual machine in this way you need to install
a network interface adapter and mark it as "hostOnly". Once the
guest operating system is installed you may then need to do some additional
configuration work that is described below.
Bridged networking means a virtual machine runs on a virtual network
that is "bridged" to an existing physical network. This permits a
virtual machine to appear as a full-fledged host on an existing physical
network.
A bridged virtual machine may transparently use any of the services
available on the network that it is bridged to: printers, file servers,
gateways, etc. Likewise, when a virtual machine is bridged, any physical
host -- or other virtual machine configured as bridged -- can use
resources on that virtual machine. This is the most commonly used
networking configuration. To manually configure bridged networking you
need to install a network interface adapter and mark it as
"bridged". Once the guest operating system is installed, you may
then need to do some additional configuration work that is described below.
Custom networking refers to any network configuration other than described
above. For example, a collection of virtual machines, possibly on multiple
physical hosts, might be configured on a private virtual network. This
might be done for setting up a private file-sharing environment or for
testing a group of virtual machines in an isolated network environment.
Configuration of custom networking requires a good understanding of
networking concepts and potentially the implementation of some simple
user-level applications. Setting up custom networking is not described
in this document. If you want to set up your own custom network
environment and have trouble doing so, please file an incident.
Setting up host-only networking on the guest operating system
Selecting IP addresses for virtual machines on a host-only network
VMware recommends that if you have virtual machines you intend to use
frequently or for extended periods of time, you assign them static IP
addresses or configure the host-only DHCP server to always assign the same
IP address to the virtual machine. For virtual machines that you do not
expect to keep for long, use DHCP and let it allocate an IP address.
Note that for each host-only network, the available IP addresses are split
up using the following conventions. (VMware Workstation always uses a Class C address
for host-only networks.)
(where <net> is the network number assigned to your host-only
network.)
Avoiding IP packet leakage in a host-only network
Systems that support the TCP/IP protocols are usually capable of
forwarding IP packets they receive but which are not addressed to them.
By default, however, these systems come with IP packet forwarding
disabled. If you find packets leaking out of a host-only network, check
if forwarding has mistakenly been enabled on the host machine, and if it is
enabled, disable it. For Linux systems this is done by writing a
"0" to the special file /proc/sys/net/ipv4/ip_forward.
For example,
If the host has multiple network adapters, then it is likely intentionally
configured to do IP forwarding and you do not want to disable it. In this
case the only way to avoid packet-leakage is to enable a "packet
filtering" facility and specify that packets from the host-only
network should not be sent off-machine. An explanation of how to do this
is beyond the scope of this document; consult you system documentation.
Finally, be aware that virtual machines may leak packets as well. For
example, if you use Dial-Up Networking support on a virtual machine, then
if packet forwarding is enabled, host-only network traffic may leak out
through the dial-up connection.
Controlling routing information for a host-only network
Unfortunately, the version of routed that comes with many distributions of
Linux has no support for specifying that an interface should not be
advertised. Consult the routed(8) manual page for your system in case
you have a more contemporary version of the software.
For gated, configuration is involved. You need to explicitly exclude the
vmnet1 interface from any protocol activity. If you need to run virtual
machines on a host-only network on a multi-homed system where gated is used
and have problems doing so, please file an incident.
Using Samba for file sharing on a host-only network
For details, read this
tech note.
Other potential issues with host-only networking
An alternative solution is to explicitly state the set of network interfaces
that you want dhcpd to listen each time you start the program. For example
if your machine has one Ethernet interface eth0, then each time you start
dhcpd you would list it on the command line:
If the above solutions do not work for your dhcp server program, then it
likely is old. You can try upgrading to a more current version such the
Version 2 DHCP software available from the ISC (see http://www.isc.org).
In the meantime, this means that if you want to use names to communicate
with other virtual machines you will need to either edit the DHCP
configuration file for vmnet1 (/etc/vmware/vmnet1.conf) or use IP
addresses that are statically bound to a host name. Editing the DHCP server
configuration file requires information that is best obtained directly from
the DHCP server documentation; consult the UNIX manual pages dhcpd(8) and
dhcpd.conf(8)
Setting up bridged networking on the guest operating system
When a virtual machine is powered on, VMware Workstation automatically assigns it a MAC
address. The software guarantees that virtual machines will be assigned
unique MAC addresses within a given host system. However, the software does
not guarantee that a given virtual machine will be assigned the same MAC
address every time it is powered on. In addition, VMware Workstation does its best, but
cannot guarantee, to automatically assign unique MAC addresses for virtual
machines running across multiple host systems.
If you want to guarantee that the same MAC address is assigned to a given
virtual machine every time, or want to guarantee a unique MAC
address for each virtual machine within a networked environment, you can
assign it manually instead of allowing VMware Workstation to assign it automatically.
It is possible to manually assign the same, unique MAC address to any
virtual machine by adding the following line to its configuration file:
Note: As long as you choose XX:YY:ZZ so it is unique among
your hard-coded addresses (where XX is a valid hex number between
00h and 3Fh, and YY and ZZ are valid hex numbers between
00h and FFh), conflicts between the automatically assigned MAC addresses
and the manually assigned ones should never occur.
|