From: Bruce Horrocks on
On 01/06/2010 11:12, R wrote:
> I have an idea how NAT works in general, but I'm a bit baffled by
> how NAT networking works in VMWare Fusion.
>
> My setup: I have my VM running and ifconfig shows two virtual
> network interfaces vmnet1 and vmnet8. I understand that vmnet8 is
> corresponds to the NAT scenario. By typing ifconfig inside the
> virtual machine, I can see the machine has been assigned an
> address 192.168.80.30. And ifconfig on the host shows that vmnet8
> has the address 192.168.80.1.
>
> Now, I can send packets to the VM by contacting it directly from
> the host. So, it would appear there is a direct route to machines
> on the subnetwork 192.168.80. In fact, my VM appears in the
> output from 'netstat -r' with the correct MAC address. Like so:
>
> 192.168.80.130 0:c:29:98:f0:21 UHLWI 0 7 vmnet8 736
>
> Here's the first thing I don't understand. There's also a routing
> table entry (again from 'netstat -r') for the subnet 192.168.80:
>
> 192.168.80 link#8 UC 1 0 vmnet8
>
> But what is link#8? I can't see any explanation in the netstat
> man page of what these link numbers represent.

Link number is usually the physical port in a switch i.e. the port that
the cable is actually plugged into. I assume it is just using a
'virtual' switch here with a maximum of 8 ports. It doesn't matter -
what matters is that traffic destined for 192.168.80.x is sent to vmnet8
which is the interface to the virtual network that VMware has set up for
the virtual machine.

> Here's the second thing I don't understand. Programs running on
> the host can contact the VM through the virtual nic with assigned
> address 192.168.80.1.

Sort of. You can't connect to 192.168.80.1 directly e.g. by using that
IP in a telnet command run on the host. To connect to the VM you need to
use its assigned IP address which is 192.168.80.30. I assume that is
what you meant.

> But the default routing gateway for the VM
> has the address 192.168.80.2. Presumably that is the address of a
> virtual NAT routing device. But how is it connected? We can see
> one side of this NAT device, but what about the other side? Or to
> put it another way, where are the "virtual wires" on that other
> side and where do they go?

I don't know why VMware uses .2 as the default gateway.

As for the 'virtual wires' these go from the VMware virtual gateway (.2)
into the host computer which routes according to where the packets are
meant to go: stuff for the host is handled locally, stuff for the local
network or internet is passed onto the host's default gateway.

> I would like to know so I can answer questions such as these.
> Does ipfw filter packets sent to the VM? If I have port

Yes, because they must come into the host first.

> forwarding set up for the virtual NAT router, and I also have
> something listening on the same port on the host, which machine
> gets a packet sent to that port, the host or the VM?

Only one process can listen on an IP address/port pair at any one time.
VMware will be listening (so it can un-NAT traffic and send it on to the
VM) so your app will either throw it off or have its own connection refused.

>
> Any help appreciated,
>
> Thanks!


--
Bruce Horrocks
Surrey
England
(bruce at scorecrow dot com)
 | 
Pages: 1
Prev: Website software...
Next: Odd Mail problem