很多朋友都曾问到关于 Guest和 Host互联,其实这并不是一件困难的事情,只要能够理解 VMware的网
络模型即可,今天结合着我的虚拟机,来详细介绍一下 VMware的 3种网络结构
在说到 VMware的网络模型之前,先说一下 VMware的几个虚拟设备:
■ VMnet0:这是 VMware用于虚拟桥接网络下的虚拟交换机;
■ VMnet1:这是 VMware用于虚拟 Host-Only网络下的虚拟交换机;
■ VMnet8:这是 VMware用于虚拟 NAT网络下的虚拟交换机;
■ VMware Network Adapter VMnet1:这是 Host用于与 Host-Only虚拟网络进行通信的虚拟网卡;
■ VMware Network Adapter VMnet8:这是 Host用于与 NAT虚拟网络进行通信的虚拟网卡;
■关于桥接网络:
拓扑图:
Host的物理网卡和 Guest的网卡在 VMnet0交换机上通过虚拟网桥进行桥接,这也就是说,我的物理网卡和我的
Guest的虚拟网卡(注:这个虚拟网卡不等于 VMware Network Adapter VMnet1或者 VMware Network
Adapter VMnet8)处于同等地位,此时的 Guest就好像我的 Host所在的一个网段上的另外一台机器。打个比方来说:
我的 Host的物理网卡配置如下:
IP地址为手工指定方式,网关为 192.168.0.1,那么我的 Guest就应该和我的 Host处于同一个网段,它的配置可为:
同样,IP地址也为手工指定方式,网关也为 192.168.0.1,这样的话,IP地址为 192.168.0.2的 Host和IP地址为
192.168.0.158的 Guest就可以互通了:
当然,Guest所配置的 IP地址一定要在 192.168.0网段没有被占用,而且我的网络管理员允许我来使用这个 IP地址。如果在 192.168.0网段,存在 DHCP服务器,那么 Host和 Guest都可以把 IP地址获取方式设置为 DHCP方式。
VMware中对于 Bridged网络的定义(引用自 VMware GSX Server User’s Manual):
Bridged networking connects a virtual machine to a network using the host computer's Ethernet adapter.
Bridged networking is set up automatically if you select Use
bridged networking in the New Virtual Machine Wizard or if you select
the Typical setup path. This selection is available on a Linux host
only if you enable the bridged networking option when you install GSX
Server.
If your host computer is on an Ethernet network, bridged
networking is often the easiest way to give your virtual machine access
to that network. On a Windows host, you can use bridged networking to
connect to either a wired or a wireless network. On a Linux host, you
can use bridged networking to connect to a wired network.
If you use bridged networking, your virtual machine needs to
have its own identity on the network. Forexample, on a TCP/IP network,
the virtual machine needs its own IP address. Your network
administrator can tell you whether IP addresses are available for your
virtual machine and what networking settings you should use in the
guest operating system. Generally, your guest operating system may
acquire an IP address and other network details automatically from a
DHCP server, or you may need to set the IP address and other details
manually in the guest operating system.
If you use bridged networking, the virtual machine is a full
participant in the network. It has access to other machines on the
network and can be contacted by other machines on the network as if it
were a physical computer on the network.
Be aware that if the host computer is set up to boot multiple
operating systems and you run one or more of them in virtual machines,
you need to configure each operating system with a unique network
address.
People who boot multiple operating systems often assign
all systems the same address, since they assume only one operating
system will run at a time. If you use one or more of the operating
systems in a virtual machine, this assumption is no longer true.
If you make some other selection in the New Virtual Machine Wizard
and later decide you want to use bridged networking, you can make that
change in the virtual machine settings editor (VM > Settings). For
details, see Changing the Networking Configuration.
■关于 NAT网络
拓扑图:
在
NAT网络中,会使用到 VMnet8虚拟交换机, Host上的 VMware Network Adapter VMnet8虚拟网卡被连接到
VMnet8交换机上,来与 Guest进行通信,但是 VMware Network Adapter VMnet8虚拟网卡仅仅是用于和
VMnet8网段通信用的,它并不为 VMnet8网段提供路由功能,处于虚拟 NAT网络下的 Guest是使用虚拟的 NAT服务器来连接到
Internet的。VMware功能非常强大,在 NAT网络下,我们甚至可使用 Port Forwarding功能,来把 Host的某一个
TCP或者 UDP端口映射到 Guest上!
如图:我的 VMware Network Adapter VMnet8虚拟网卡的 IP地址配置如下:
IP地址是手工指定的,但却不是由我来指定的,而是 VMware在安装的时候自动随机指定的一个 IP地址(注意,不要修改
VMware Network Adapter VMnet8虚拟网卡所在的网络 ID,这样的话会造成 Host和 Guest无法通信)那么,我的
NAT网络的虚拟机的 IP地址也为 192.168.85.0这个网段,其 IP地址配置为:
可
以看到,它的 IP地址分是由 DHCP服务器分配的的, DHCP服务器的地址为 192.168.85.254,那为什么会有
DHCP服务器存在呢?这是因为 VMware安装之后,会有一台虚拟的 DHCP服务器为虚拟机来分配 IP地址,这个 DHCP服务器,你可以
ping通它,但是无法进行访问,因为实际上它就是一个系统服务而已,在开始—— >运行中输入 services.msc,就会看到这个服务:
此时可以看到,Guest的网卡和 Host上的 VMware Network Adapter VMnet8虚拟网卡拥有相同的网络 ID,这样的话,在 Guest中,ping通 Host就没有问题了:
有
一点需要说明的是,在 NAT方式的网络中, Guest的 Gateway都指向了 192.168.X.2,在本例中,X=85,也就是那个虚拟的
NAT服务器的地址,这个服务器是一台虚拟的 NAT服务器,可以 ping通它,但是却无法访问到这台虚拟机,因为这同样也是一个系统服务:
这时候,我的 Guest和 Host就可以实现互访了,并且如果我的 Host此时已经连接到了 Internet,那么我的
Guest也就可以连上 Internet了。那么 Host上的 VMware Network Adapter
VMnet8虚拟网卡在这里扮演了一个什么角色呢?它仅仅是为 Host和 NAT虚拟网络提供了一个通信接口,所以,即便在 Host中
Disable掉这块虚拟网卡, Guest仍然是可以上网的,只是 Host无法再访问 VMnet8网段,也即是无法访问 Guest而已。
VMware中对于 NAT网络的定义(引用自 VMware GSX Server User’s Manual):
NAT gives a virtual machine access to network resources using the host computer's IP address.
A network address translation connection is set up automatically
if you follow the Custom path in the New Virtual Machine Wizard and
select Use network address translation.
If you want to connect to the Internet or other TCP/IP network
using the host computer's dial-up networking or broadband connection
and you are not able to give your virtual machine an IP address on the
external network, NAT is often the easiest way to give your virtual
machine access to that network.
NAT also allows you to connect to a TCP/IP network using a Token Ring adapter on the host computer.
If you use NAT, your virtual machine does not have its own IP
address on the external network. Instead, a separate private network is
set up on the host computer. Your virtual machine gets an address on
that network from the VMware virtual DHCP server. The VMware NAT device
passes network data between one
or more virtual machines and the
external network. It identifies incoming data packets intended for each
virtual machine and sends them to the correct destination.
If you select NAT, the virtual machine can use many standard
TCP/IP protocols to connect to other machines on the external network.
For example, you can use HTTP to browse Web sites, FTP to transfer
files and Telnet to log on to other computers. In the default
configuration, computers on the external network
cannot initiate
connections to the virtual machine. That means, for example, that the
default configuration does not let you use the virtual machine as a Web
server to send Web pages to computers on the external network.
If you make some other selection in the New Virtual Machine Wizard
and later decide you want to use NAT, you can make that change in the
virtual machine settings editor (VM > Settings). For details, see
Changing the Networking Configuration.
For a more thorough discussion of NAT, see Understanding NAT.
■ 关于 Host-Only网络:
拓扑图:
在
Host-Only网络中,Host-Only网络被用来设计成一个与外界隔绝的(isolated)网络,其实 Host-Only网络和
NAT网络非常相似,唯一不同的地方就是在 Host-Only网络中,没有用到 NAT服务,没有服务器为
VMnet1网络做路由,它当然就没有办法访问 Internet啦,可是如果此时我的 Host要和 Guest通信怎么办呢?当然就要用到
VMware Network Adapter VMnet1这块虚拟网卡了。
如下图,这是我的 Host上的 VMware Network Adapter VMnet1虚拟网卡的配置,同样, VMware也为我自动随机分配好了它的 IP:
那么如果我把 Guest的网络设置成了 Host-Only的话,把它的 IP获取方式设置为 DHCP,它会到虚拟的
DHCP服务器上拿到 IP,这个 DHCP服务器仍然是一个虚拟的 DHCP服务器(仅仅是一个系统服务而已),而且在下图中,可以看到,这个
DHCP服务器的 IP地址仍然是 192.168.X.254,这里 X=163,因为要和我的 VMnet1的网络 ID相同。所以,
Guest所获得的 IP和我的 Host的 VMware Network Adapter VMnet1虚拟网卡的 IP使用同一个网络 ID:
可
以看到,在 Host-Only网络下, Guest的 Default Gateway被设置为
NULL,这是由于没有默认路由器为它到外部网络提供路由的缘故,也即是上边说到的 Host-Only网络没有 NAT服务器!如果使用 route
add命令加上某个地址做为它的路由器,它仍然不能访问 Internet(实际上也没有地址可加)。这样,我的 Guest虽然没有办法访问
Internet,但是仍然可以和我的 Host进行通信,这正是因为我的 Host上的 VMware Network Adapter
VMnet1虚拟网卡起到了作用,它负责和 VMnet1网络相连,为我访问 Host-Only网络下的 Guest提供了通信接口。下图显示了在
Host-Only网络中的 Guest 与我的 Host的通信情况:
至于为何要把 Host-Only网络设置为没有 Default Gateway的方式,这是 VMware的设计使然,它就是让我们建立一个与外界隔离(isolated)的网络时而使用的。
VMware中对于 Host-Only网络的定义(引用自 VMware GSX Server User’s Manual):
Host-only networking creates a network that is completely contained within the host computer.
A host-only network is set up automatically if you select Use
Host-Only Networking in the New Virtual Machine Wizard. On Linux hosts,
this selection is available only if you enabled the host-only
networking option when you installed GSX Server.
Host-only networking provides a network connection between the
virtual machine and the host computer, using a virtual Ethernet adapter
that is visible to the host operating system. This approach can be
useful if you need to set up an isolated virtual network.
If you use host-only networking, your virtual machine and the host
virtual adapter are connected to a private TCP/IP network. Addresses on
this network are provided by the VMware DHCP server.
If you make some other selection in the New Virtual Machine Wizard
and later decide you want to use host-only networking, you can make
that change in the virtual machine settings editor (VM > Settings).
For details, see Changing the Networking Configuration.
Routing and Connection Sharing If you install the proper routing
or proxy software on your host computer, you can establish a connection
between the host virtual Ethernet adapter and a physical network
adapter on the host computer. This allows you, for example, to connect
the virtual machine to a Token Ring or other non-Ethernet network.
On a Windows 2000 or Windows Server 2003 host computer, you can
use host-only networking in combination with the Internet connection
sharing feature in Windows to allow a virtual machine to use the host's
dial-up networking adapter or other connection to the Internet. See
your Windows documentation for details on configuring Internet
connection sharing.
事实上,如果我足够 BT,也可以在 Host上来为 VMware Network Adapter
VMnet1虚拟网卡来做路由。比如,我可以用 Windows 2000的 RRAS来做,这样的话,处于 Host-Only网络下的
Guest就又可以上网了,它们只需要使用 route add命令把自己的 Default Gateway指向 Host上的 VMware
Network Adapter VMnet1虚拟网卡即可,不过这样做不推荐,也没有必要.
(有兴趣的朋友可以自己实际做一下看看)。
至此,VMware的 3种网络,就应该可以理解了。可以看到,如果想要 Guest上网,在 3种网络模型中,最为简单的方式就是
NAT,因为它不需要任何的网卡设置, IP地址也可以从虚拟的 DHCP服务器来获得,要做的仅仅就是把它的网络设置为 NAT方式即可。至于
Bridged模式,则需要额外的 IP地址,这有可能会实现不了,因为并不是每个 ISP都那么大方.。如果是 Host-Only,则又需要设置
RRAS,没有几个人会愿意为了让虚拟机上网而换 OS的,所以就用 NAT最好了。在这里要强调的一点是,如果设置了
Host-Only网络,非要为 VMnet1做路由,一定要用 RRAS,而不要用 Windows XP或者 2000的 ICS,因为
它会
自动把内网的接口地址改为 192.168.0.1。你在安装虚拟机的时候,VMware不会正好给你的 VMware Network
Adapter VMnet1虚拟网卡分配为 192.168.0.1的地址吧?这样的话会造成 VMware Network Adapter
VMnet1虚拟网卡和 VMnet1网段的网络 ID不一致,自然,你的 Guest就没有办法和 Host通信了!
实际上经常还会遇到这样的情况:比如 VMware为我分配的网络 ID在将来会被我用到,或者嫌 VMware为你分配的网络不好(比如它给你分了个 192.168.148.0的网络 ID),那么可以到这里来修改:
单击 VMware的“Host”菜单,选择“Virtual Network Settings ...”
选择 “Host Virtual Network Mapping”中,VMnet1所在的虚拟网络,单击后边的按钮,选择 “Subnet”菜单,即可以调整你的网络 ID。
我在这里调整的是 VMnet1,那么 VMnet8当然也可以用这样的方式来调整。 .
记住,在调整之后你的 VMware Network Adapter VMnet1和 VMware Network Adapter VMnet8也需要调整到相应的网络 ID,不然 Host和 Guest如何通信呢?
初学者在使用 VMware的时候,总是喜欢直接修改 VMware Network Adapter VMnet1和 VMware
Network Adapter VMnet8这两块虚拟网卡的 IP地址,以为把它们设置为与
Host在一个网段就可以实现通信和上网,实际上在看过这篇文章之后,应该明白,修改这两块虚拟网卡,对于实现网络通信,是多么的没有帮助!