VMware Workstation for Windows NT and Windows 2000 Networking Support
Each virtual machine can have its own distinct network configuration.
There are four choices for configuring networking:
No networking simply means a virtual machine is run in isolation; it will
not be able to communicate with the host operating system or any other
virtual machine running on the host. This option is useful if you
want complete isolation for testing or security purposes. To setup your
virtual machine in this way, simply do not install a network interface
adapter when configuring the virtual machine.
Host-only networking means a virtual machine can communicate with the host
operating system and any other virtual machines set up to use host-only
networking, but the virtual machine cannot communicate with any systems
off the host machine without the use of a proxy server. This facility is
most useful when the host is itself isolated or when you want to isolate
your virtual machines from systems outside the host computer. This
configuration is analogous to how corporations connect their internal
networks to the Internet with a firewall and proxy services. To set up a
virtual machine in this way, you need to install a network interface
adapter and mark it as "host-only." Once the guest operating
system is installed you may then need to do some additional configuration
work that is described below.
Bridged networking means a virtual machine runs on a virtual network
that is "connected" to an existing physical network. This
permits a virtual machine to appear as a full-fledged host on an existing
physical network.
A bridged virtual machine may transparently use any of the services
available on the network that it is bridged to: printers, file servers,
gateways, etc. Likewise, when a virtual machine is bridged, any physical
host -- or other virtual machine configured with bridged networking -- can
use resources on that virtual machine. This is the most commonly used
networking configuration. To manually configure bridged networking you
need to install a network interface adapter and mark it as
"bridged." Once the guest operating system is installed, you may
then need to do some additional configuration work, which is described
below.
Custom networking refers to any network configuration other than
described above. For example, a collection of virtual machines, possibly
on multiple physical hosts, might be configured on a private virtual
network. This might be done to set up a private file sharing environment
or for testing a group of virtual machines in an isolated network
environment. Configuration of custom networking requires a thorough
understanding of networking concepts and potentially the implementation
of some simple user-level applications. Setting up custom networking is
not detailed in this document. If you want to set up your own custom network
environment and have trouble doing so, please file an incident.
VMware Workstation networking support is done on the host machine through a virtual
network device driver that implements four Windows NT/Windows 2000 devices:
VMnet0, VMnet1, VMnet2, and VMnet3. Each of these devices is logically
associated with a virtual Ethernet hub through which any number of virtual
machines and the host may communicate. By convention VMnet0 is used for
bridged networking, VMnet1 is used for host-only networking, and the other
two interfaces are available for custom network configurations. The driver
that implements these devices is a standard Windows NT/Windows 2000 device
driver that appears in the Devices control panel as the "VMnet"
device.
In addition to the above devices there is one service, the VMnet Bridge
service, and a second Windows NT/Windows 2000 device driver that interfaces
virtual network devices to the Windows NT/Windows 2000 network protocols.
The VMnet bridge service connects virtual network hubs to Windows NT/Windows
2000 network adapters so that virtual machines on the hubs appear as if they
were connected to the physical networks associated with the adapters. This
service is started when a user logs in to the system; an entry for each
bridged network hub will appear in the Services control panel as the
"VMnet Bridge" service.
The second Windows NT/Windows 2000 device driver provides the support for
host-only networking; it is an NDIS driver that implements virtual Windows
NT/Windows 2000 Ethernet adapter cards that connect virtual network hubs to
the Windows NT/Windows 2000 protocols. These adapters are managed using the
normal Windows NT/Windows 2000 mechanisms.
To add an adapter on a Windows NT host, bring up the Network control panel,
click the Adapter tab, then click Add. Protocol bindings, network addresses,
and related configuration are all done through the Network control panel.
The NDIS device driver can be seen in the Devices control panel as the
"Virtual Ethernet Adapter Driver" device. It is automatically
started at system boot if one or more virtual Ethernet adapters have been
configured.
To add an adapter on a Windows 2000 host, use the Add/Remove Hardware
wizard. For a detailed description of the process, see this tech note.
Network support on the guest operating system appears through the virtual
Ethernet adapter(s) that are configured for the virtual machine. Each
device appears to the operating system as an AMD PCNET PCI adapter. Most
operating systems will recognize this virtual hardware and automatically
configure use of the appropriate device driver. The main issue in
completing network configuration in the guest operating system is
assigning a network address for the virtual machine.
Setting up host-only networking on the guest operating system
Note: The software installer for VMware Workstation for Windows NT and Windows
2000 has a known problem where it does not properly set up the host-only
networking option when it is installed on Windows 2000 hosts. If you
want to configure virtual machines to use the host-only networking option
on Windows 2000 hosts, you must first install the VMware Workstation software on the
host machine, then install the basic host-only network adapter afterwards.
For details on how to manually install the basic host-only network adapter
on Windows 2000 (RC1 or later) hosts, see this technical note.
Selecting IP addresses for virtual machines on a host-only network
VMware recommends that if you have virtual machines you intend to
use frequently or for extended periods of time, you assign them static
IP addresses or configure the host-only DHCP server so it always assigns
the same IP address to the virtual machine. For virtual machines that you
do not expect to keep for long, use DHCP and let it allocate an IP address.
A useful convention is to split up the available IP addresses on a
host-only network. (VMware Workstation always uses a Class C address for host-only
networks.)
(where <net> is the network number assigned to your host-only
network.)
Avoiding IP packet leakage in a host-only network
Windows NT systems are capable of forwarding IP packets they receive but
that are not addressed to them. By default, however, these systems come
with IP packet forwarding disabled. If you find packets leaking out of a
host-only network, check if forwarding has been enabled on the host
machine, and if it is enabled, disable it. This is done by starting the
NCPA and bringing up the TCP/IP Properties dialog; the checkbox for
enabling/disabling IP forwarding is found on the tab labeled Routing.
Finally, be aware that virtual machines may leak packets as well. For
example, if you use Dial-Up Networking support in a virtual machine and
packet forwarding is enabled, host-only network traffic may leak out
through the dial-up connection.
Setting up bridged networking on the guest operating system
When a virtual machine is powered on, VMware Workstation automatically assigns it a MAC
address. The software guarantees that virtual machines will be assigned
unique MAC addresses within a given host system. However, the software does
not guarantee that a given virtual machine will be assigned the same MAC
address every time it is powered on. In addition, VMware Workstation does its best, but
cannot guarantee, to automatically assign unique MAC addresses for virtual
machines running across multiple host systems.
If you want to guarantee that the same MAC address is assigned to a given
virtual machine every time, or want to guarantee a unique MAC address for
each virtual machine within a networked environment, you can assign it
manually instead of allowing VMware Workstation to assign it automatically. It is
possible to manually assign the same, unique MAC address to any virtual
machine by adding the following line to its configuration file:
ethernet0.address = 00:50:56:XX:YY:ZZ
where XX is a valid hex number between 00h and 3Fh, and YY
and ZZ are valid hex numbers between 00h and FFh. Because VMware Workstation
virtual machines do not support arbitrary MAC addresses, the above format
must be used.
Note: So long as you choose XX:YY:ZZ unique among your
hard-coded addresses (where XX is a valid hex number between 00h
and 3Fh, and YY and ZZ are valid hex numbers between 00h
and FFh), conflicts between the automatically assigned MAC addresses and
the manually assigned ones should never occur.
|