VMWare Virtual Network
(CISS-150 – William Jojo)
Hereafter, the term host will refer to the computer and operating system that is hosting the VMWare
server software. The term guest will refer to any virtual machine running in the VMWare environment
on the host.
When we set up the guests we will have chosen Network Address Translation (NAT) for the network
The VMWare environment not only virtualizes the hardware such as hard drives, CDROM, CPU's and
memory, but also the network. The host system running VMWare for a guest operating system (OS) has
three additional adapters know to the host system: vmnet1 and vmnet8. The adapter vmnet0 is also
available, but no necessarily visible.
The vmnet0 adapter is used for the bridging mode. Bridging mode is used when the guest OS will have
an IP address on the same network as the host system. This allows the guest OS to participate in all
communications as if it were an independent physical server on the network.
The vmnet1 adapter is for host-only mode where
the guest OS will communicate with other guests
and the host. There is no method to access beyond
the host in this mode.
The adapter vmnet8 is used for Network Address
Translation (NAT). The NAT feature allows the
guest OS to be on a private network, but have
access to the Internet and other services by using
the host network adapter. All external requests are
done on behalf of the guest as if the host OS where
making the request itself through a method of
remapping ports and noting the originator. Results
of the request are then passed back to the guest OS
that originated the request.
Illustration 1: Ubuntu host network settings.
VMware Virtual Network (20100208) 1
The guests and the host all have their own view of networking within their world. We can map the
complete network by simply gathering the details for each guest and the host. We'll start with the host.
The host in Illustration 1 shows the
setting of a laptop running VMWare
server. The eth0 adapter (not shown)
is wired and eth1 is wireless. The
loopback adapter (lo0) is present as
are the host-only (vmnet1) and NAT
This specific example shows a
wireless adapter on the laptop (eth1)
connected to Verizon DSL via private
network (192.168.1.44) which is likely
Illustration 2: Windows XP guest OS network settings. NAT connected to Verizon for internet
access. The guest OS will still have
access to the internet, there's just additional translation happening from the guest to the host out to DSL
modem and finally to the internet.
Notice that the two vmnet networks have 24 bits (255.255.255.0) of subnet mask. This means that 24 of
the 32 IP bits represent the subnet and 8 bits represent the hosts in that network yielding 256 addresses
available in the network, but only 254 (1-254) are usable. In the fourth octet, the value 0 (all
workstation bits off) represents the network and a value of 255 (all workstations bits on) represents the
broadcast address for that network. The first three octets will be fixed in both networks yielding vmnet1
fixed at 172.16.1.x and vmnet8 fixed at 172.16.104.x.
It is important to note that these ranges are not identical for every installation of VMWare Server. It is
not unusual for one network to be
172.16.89.x and the other to be
192.168.49.x. During the installation of
the server software, these networks are
selected based on discovery and
knowledge of the machines current
The two virtual adapters (vmnet1 and
vmnet8) that connect the host to
VMWare are using the value 1 for the
fourth octet. This is conventional
wisdom at work where the lowest IP
addresses are often used in a variety of Illustration 3: Windows 2003 guest OS network settings.
VMware Virtual Network (20100208) 2
ways from identifying important servers, gateways to other networks and for help in multicasting.
The Windows XP guest OS network settings are
shown in Illustration 2. We can see in this
example that the guest OS is configured for
Dynamic Host Configuration Protocol (DHCP)
and the guest received a lease from
172.16.104.254 – the same subnetwork as the
guest and the same subnetwork of the host's
vmnet8 (NAT) adapter. The subnet mask is the
same as the host and the default gateway
indicates that the guest will send packets to
unknown networks at that address.
We can now build a flow of data from the
Illustration 4: Ubuntu 7.10 guest OS network settings.
WinXP guest (172.16.104.128) to the internet
through its (vitrualized) ethernet adapter into the
vmnet8 network by way of the NAT device (172.16.104.2) which is received on the other side of the
NAT by the host (172.16.104.1). It is possible for certain protocols originating external to the host to be
forwarded to a guest OS and, therefore, grant a user access to a virtual machine within VMWare. See
Advanced NAT Configuration for an example of how to set up access to existing guest SSH or Web
servers using the VMWare host system as the gateway. Illustration 3 and Illustration 4 show the
network settings for guests Windows 2003 server and Ubuntu Linux.
The Linux environment requires the routing table information containing the default gateway to be
displayed with a separate command (netstat -nr) whereas this data is contained in the Windows ipconfig
information. The default route is shown as 0.0.0.0 or the word default.
Illustration 5: VMWare network view.
VMware Virtual Network (20100208) 3
With all of this information, we can now develop a complete network diagram as depicted in
Dynamic Versus Static IP Addressing
There are many schools of thought on whether an IP should be static, meaning never changing unless
acted upon by another human, or dynamic using a protocol like DHCP. Using the DHCP protocol, if
there are situations where you may run out of IP addresses for a given subnetwork because of
unexpected growth, you have the flexibility to modify the DHCP configuration such that you can
change the subnet mask and effectively double the number of clients that can be on that subnetwork.
Users simply reboot their computers and the previous leases will not be honored and new leases
granted. Of course, you could also create another subnetwork altogether. The network and system
administrators must determine what makes the most sense in this situation.
Consider the amount of work
necessary to change systems that
are statically configured when
this situation presents itself. Still
there are situations where
statically configured hosts makes
sense. Long-lived servers such as
Oracle RDBMS and Web servers
should be configured statically. If
these are expected to be accessed
via the Internet one cannot wait
for DNS servers around the world
to age their cached entries and
finally update them with the new
data. This can take hours, days
and sometimes weeks to
complete. In practice, the use of
static IP addressing should be
Illustration 6: Static Assignment of IP address in Windows XP limited to long-lived servers and
DHCP used elsewhere when
possible and appropriate. The configuration and restrictions placed upon the use of DHCP may vary
depending on the internal politics and needs of your IT department.
Now, all that information aside, we will statically assign the IP addresses in the virtual machines once
the VMWare environment has assigned them through DHCP. This is done for several reasons, not the
least of which being certain IP's haven't changed over the course of time during the semester, but also
because the simple installation of Active Directory on a guest machine configured with DHCP will
force a hard coded IP for the virtualized Ethernet adapter. The IP chosen by Windows is often in a
different IP range than what was configured in the vmnet1 or vmnet8 networks.
VMware Virtual Network (20100208) 4
Simply gather the data of each guest as
shown above, record the information in
a safe place and then proceed to
configure each guest.
Configuration of Windows XP is show
in Illustration 6. Select Control Panel
from the Start Menu and switch to
classic view. Double-click Network
Connections, right click on Local Area
Connection and double-click Internet
Configuration of Windows 2003 is
show in Illustration 7. From the Start
menu, select Control Panel/Network
Connections/Local Area Connection.
Click Properties and double-click
Illustration 7: Static assignment of IP address in Windows
Configuration of Ubuntu 7.10 is shown
in Illustration 8. From the Gnome
menu, select System/Administration/Network. You'll be prompted for the superuser password. Double-
click the Wired Connection, select Static IP Address under Configuration. If the network for Ubuntu
does not start correctly, you may need to stop and start the network from a terminal as root using:
sudo /etc/init.d/networking stop
sudo /etc/init.d/networking start
Advanced NAT Configuration
To allow access to a guest on the vmnet8 network via
the host, one only need add a line to the configuration
file controlling the NAT setup on the host.
Since the guests on the NAT side of the network cannot
be directly accessed, we need to create a mapping that
says, “Any connection coming in to the host on this port
should be routed to this other host on this other port.”
Our example will show the use of port 9022 inbound to
Illustration 8: Static assignment of IP address the host as a means of accessing port 22 of the Ubuntu
in Ubuntu 7.10 guest. This will redirect a SSH connection into the
VMware Virtual Network (20100208) 5
In the directory /etc/vmware/vmnet8/nat there is a file nat.conf. The following line should be added as a
superuser (sudo) to this file under the [incomingtcp] stanza to allow access via ssh to the Ubuntu
9022 = yourVMwareGuestIP:22
STOP! Be sure to substitute your VMware guest IP for yourVMwareGuestIP, save the
configuration and shutdown all virtual guests and run the following from the host:
sudo /etc/init.d/vmware stop
sudo /etc/init.d/vmware start
Restart the Ubuntu guest try to connect to the guest from a remote system that is not the host nor
Illustration 9: SSH from academ into the Ubuntu guest via NAT.
We are attempting to prove that we can travel through the NAT from the exterior side of the host, so try
using ACADEM or another Windows PC as a means to get there. The pathway to the guest is shown in
Illustration 9. From the ACADEM host, use the command below, substituting the real username and the
DNS name or IP of the system hosting your guests. For example if your username is test1 and the
hostname is bt05401 you would use the following.
ssh p 9022 test@bt05401
It is important to note that we are attempting to access the Ubuntu guest from outside the host. This
means that the attempt to connect to the guest must originate from somewhere that isn't related to the
VMware host in any way. By connecting from ACADEM or from another PC in the lab we satisfy the
requirement of starting from the outside and working our way in.
VMware Virtual Network (20100208) 6
The guest network changes thus far are still a little incomplete. The main purpose here was to illustrate
what is happening behind the scenes in the virtual network and to statically set the IP addresses of the
guests to proceed with the next projects. Hopefully we've learned a bit more along the way.
For Windows use ipconfig /all to find network information quickly.
For Ubuntu use ifconfig a and netstat nr for interface and routing information.
VMWare Guest OS Installation Guide – Item: GSTOS-ENG-Q207-198 – Revision: 20070530
Virtual Machine Guide – VMWare Server 1.0 – Item: SVR-ENG-Q206-227 – Revision: 20060706
VMware Virtual Network (20100208) 7