VMware
1 2 Previous Next 18 Replies Last post: Aug 1, 2006 11:05 AM by motsugaw  

Internet Connection Sharing Appliance posted: Jun 5, 2006 12:32 AM

Click to view VMTN Admin's profile Expert VMware Employees
VMTN Admin
1,589 posts since
May 10, 2006
http://www.vmware.com/vmtn/appliances/directory/395

Netfilter based NAT box - easily share your internet connection, without changing your network configuration.

Re: Internet Connection Sharing Appliance

1. Jun 7, 2006 12:22 PM in response to: VMTN Admin
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
Tried to get this one to work with 2 laptops without success.

On 1 laptop, ran VM and bridged eth0 to WIRED network using NAT.
Eth1 was bridged to wireless adapter.

Created AD hoc network and was immediately given DHCP address by VM.

on 2nd laptop, joined ad hoc network and was given DHCP address from VM but could never surf the internet. :(

Carlo.

Re: Internet Connection Sharing Appliance

2. Jun 7, 2006 2:34 PM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
Did the VM get internet connection (e.g. was it able to ping www.google.com)?
One possibility is that the VM eth0 did not get connected to the internet.
Second possibility is that depending on the host OS and version of VMware product, it may not be possible to use bridged network to a wireless adapter.
Sorry to hear that it did not work.

Re: Internet Connection Sharing Appliance

3. Jun 7, 2006 5:58 PM in response to: motsugaw
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
Did the VM get internet connection (e.g. was it able
to ping www.google.com)?

Yes. I was able to ping outside resources and internet sites from the VM itself as well as ping the two Laptops over the wireless connections.

One possibility is that the VM eth0 did not get
connected to the internet.

I believe it did. I am not sure if the DNS resolution was working. I will try again tomorrow to test.

Second possibility is that depending on the host OS
and version of VMware product, it may not be possible
to use bridged network to a wireless adapter.

I was running the VM in Workstation 5.5 and 2 Win XP Pro Laptops.

Sorry to hear that it did not work.

Yeah. I think this VM would be GREAT! I am often in situations in conference rooms and hotel rooms were there is only one Wired Jack. Leveraging the Wireless nics would be Key! I will post back any progress I make!

CARLO.

Re: Internet Connection Sharing Appliance

4. Jun 8, 2006 7:34 AM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
In order for this to work, the VM needs to access the internet; the VM should be able to ping the laptops, and the laptops should be able to ping the VM. Could you check the last one?
One thing I was thinking is if Windows firewall could be blocking the traffic.
My testbed is 2 laptops connected via cross cable with wireless internet connectivity. I did not test in your setup, so it would be nice to make it work.

Re: Internet Connection Sharing Appliance

5. Jun 8, 2006 8:01 AM in response to: motsugaw
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
In order for this to work, the VM needs to access the
internet; the VM should be able to ping the laptops,
and the laptops should be able to ping the VM. Could
you check the last one?
Check! The VM can Ping Google. The VM can ping both laptops and also gives them both DHCP addresses and the Laptops can ping the VMs.

One thing I was thinking is if Windows firewall could
be blocking the traffic.

I disabled the Firewalls on Both laptops to avoid issues.

My testbed is 2 laptops connected via cross cable
with wireless internet connectivity. I did not test
in your setup, so it would be nice to make it work.

ifconfig on the vm shows :

Eth0 as 192.168.174.133 - Which is VmNET8 (NAT) and on the Wired
eth1 as 192.168.254.1 - Which is VMNET0 (Bridged) and on wireless

The Laptops can not ping 192.168.174.133 though. Is my VM networking set correctly?

Carlo.

Re: Internet Connection Sharing Appliance

6. Jun 8, 2006 8:18 AM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
ifconfig on the vm shows :

Eth0 as 192.168.174.133 - Which is VmNET8 (NAT) and
on the Wired
eth1 as 192.168.254.1 - Which is VMNET0 (Bridged) and
on wireless


Are you using the nat-192.img as the boot floppy for the VM instead of the default nat-172.img? If so, could you please try nat-172.img? Let me know the addresses on the VM and laptops.

The Laptops can not ping 192.168.174.133 though. Is
my VM networking set correctly?

If the VM can ping the laptops and vice-versa, I don't think there are problems in your VM net setup.

Re: Internet Connection Sharing Appliance

7. Jun 8, 2006 8:38 AM in response to: motsugaw
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
Are you using the nat-192.img as the boot floppy for
the VM instead of the default nat-172.img? If so,
could you please try nat-172.img? Let me know the
addresses on the VM and laptops.

I switched to the 172 Image. The HOST laptop gets an IP address of 172.31.254.100 on the Wireless Nic.
The second laptop gets an IP of 172.31.254.101 on its wireless nic.

2nd can ping the First AND VM. First can Ping VM and Second and Internet (Through the Wired connection of course.).
VM can ping 1st, 2nd and Internet.

How does the traffic from 172.31.254.101 over to the 192.168.174.133 NAT network to get to the internet?

A tracert from the 2nd laptop to google.com shows nothing. I would have expected it to show traffic moving to the 172.31.254.1 VM.

Carlo.

Re: Internet Connection Sharing Appliance

8. Jun 8, 2006 8:50 AM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
How does the traffic from 172.31.254.101 over to the
192.168.174.133 NAT network to get to the internet?

Assuming that the default gateway was configured correctly to point to 172.31.254.1 (the VM), all internet traffic should go through the VM, and the VM should perform NAT. BTW, 172.31.254.101 can ping 172.31.254.1 and the default gateway and dns on 172.31.254.101 is 172.31.254.1, right?

A tracert from the 2nd laptop to google.com shows
nothing. I would have expected it to show traffic
moving to the 172.31.254.1 VM.

Yes, correct.

Everything seems right... I will try to replicate your setup and check what is going wrong.

Re: Internet Connection Sharing Appliance

9. Jun 8, 2006 8:53 AM in response to: motsugaw
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
Assuming that the default gateway was configured
correctly to point to 172.31.254.1 (the VM), all
internet traffic should go through the VM, and the VM
should perform NAT. BTW, 172.31.254.101 can ping
172.31.254.1 and the default gateway and dns on
172.31.254.101 is 172.31.254.1, right?
Everything points to the VM. I'll keep testing and post any progress.

Everything seems right... I will try to replicate
your setup and check what is going wrong.

Great! Can't wait to get it working!

Re: Internet Connection Sharing Appliance

10. Jun 8, 2006 9:21 AM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
Everything seems right... I will try to replicate
your setup and check what is going wrong.

Great! Can't wait to get it working!


I am currently out of town, and I may not be able to test it until next week.
Thanks for reporting the problem.

Re: Internet Connection Sharing Appliance

11. Jun 8, 2006 9:23 AM in response to: motsugaw
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
Everything seems right... I will try to
replicate
your setup and check what is going wrong.

Great! Can't wait to get it working!

I am currently out of town, and I may not be able to
test it until next week.
Thanks for reporting the problem.

No worries! I believe the problem has to do with the laptop NOT sending the data out the default gateway. When a tracert is done, it never sends to the gateway even though the routes are correct. Not sure how to fix that but thanks again for a great Applicance (if only in theory now!) :)

CARLO.

Re: Internet Connection Sharing Appliance

12. Jun 8, 2006 9:53 PM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
Just to rule out the possibility of having multiple "default gateways", can you do a "route print" in a command line on the second laptop? Check if the last line (Default Gateway) points to the appliance VM.
Sometimes default gateway specified in other NICs can take precedence. If that happens, you may need to remove the default gateway entry of other NICs (for example the VMware NICs if you have VMware in the 2nd laptop as well).

Re: Internet Connection Sharing Appliance

13. Jun 9, 2006 8:38 AM in response to: motsugaw
Click to view ccostan's profile Enthusiast vExpert
ccostan
41 posts since
Nov 3, 2004
Just to rule out the possibility of having multiple
"default gateways", can you do a "route print" in a
command line on the second laptop? Check if the last
line (Default Gateway) points to the appliance VM.
Sometimes default gateway specified in other NICs can
take precedence. If that happens, you may need to
remove the default gateway entry of other NICs (for
example the VMware NICs if you have VMware in the 2nd
laptop as well).

Here is all the info! :)

VM Route Print :

Destination Gateway GenMask iface
172.31.254.0 * 255.255.255.0 eth1
192.168.174.0 * 255.255.255.0 eth0
default 192.168.174.2 0.0.0.0 eth0

Host Laptop Route Print :
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 09 ...... VMware Virtual Ethernet Adapter for VMnet9
0x4 ...00 15 c5 07 16 40 ...... Broadcom NetXtreme 57xx Gigabit Controller - P
ket Scheduler Miniport
0x5 ...00 16 ce 3a 88 97 ...... Dell Wireless 1390 WLAN Mini-Card - Packet Sch
uler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.200.30.250 10.200.30.148 10
0.0.0.0 0.0.0.0 172.31.254.1 172.31.254.100 30
10.200.30.0 255.255.255.0 10.200.30.148 10.200.30.148 10
10.200.30.148 255.255.255.255 127.0.0.1 127.0.0.1 10
10.255.255.255 255.255.255.255 10.200.30.148 10.200.30.148 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.31.254.0 255.255.255.0 172.31.254.100 172.31.254.100 30
172.31.254.100 255.255.255.255 127.0.0.1 127.0.0.1 30
172.31.255.255 255.255.255.255 172.31.254.100 172.31.254.100 30
192.168.78.0 255.255.255.0 192.168.78.1 192.168.78.1 20
192.168.78.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.78.255 255.255.255.255 192.168.78.1 192.168.78.1 20
192.168.174.0 255.255.255.0 192.168.174.1 192.168.174.1 20
192.168.174.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.174.255 255.255.255.255 192.168.174.1 192.168.174.1 20
224.0.0.0 240.0.0.0 10.200.30.148 10.200.30.148 10
224.0.0.0 240.0.0.0 172.31.254.100 172.31.254.100 30
224.0.0.0 240.0.0.0 192.168.78.1 192.168.78.1 20
224.0.0.0 240.0.0.0 192.168.174.1 192.168.174.1 20
255.255.255.255 255.255.255.255 10.200.30.148 10.200.30.148 1
255.255.255.255 255.255.255.255 172.31.254.100 172.31.254.100 1
255.255.255.255 255.255.255.255 192.168.78.1 192.168.78.1 1
255.255.255.255 255.255.255.255 192.168.174.1 192.168.174.1 1
Default Gateway: 10.200.30.250
===========================================================================
Persistent Routes:

Route Print from 2ND Laptop

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x3 ...00 13 02 5d 7a 32 ...... Intel(R) PRO/Wireless 3945ABG Network Connection
- Packet Scheduler Miniport
0x10005 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x10006 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x30002 ...00 14 22 fa 1c 10 ...... Broadcom NetXtreme 57xx Gigabit Controller -
Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.31.254.1 172.31.254.101 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.31.254.0 255.255.255.0 172.31.254.101 172.31.254.101 25
172.31.254.101 255.255.255.255 127.0.0.1 127.0.0.1 25
172.31.255.255 255.255.255.255 172.31.254.101 172.31.254.101 25
192.168.17.0 255.255.255.0 192.168.17.1 192.168.17.1 20
192.168.17.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.17.255 255.255.255.255 192.168.17.1 192.168.17.1 20
192.168.153.0 255.255.255.0 192.168.153.1 192.168.153.1 20
192.168.153.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.153.255 255.255.255.255 192.168.153.1 192.168.153.1 20
224.0.0.0 240.0.0.0 172.31.254.101 172.31.254.101 25
224.0.0.0 240.0.0.0 192.168.17.1 192.168.17.1 20
224.0.0.0 240.0.0.0 192.168.153.1 192.168.153.1 20
255.255.255.255 255.255.255.255 172.31.254.101 172.31.254.101 1
255.255.255.255 255.255.255.255 192.168.17.1 192.168.17.1 1
255.255.255.255 255.255.255.255 192.168.153.1 192.168.153.1 1
255.255.255.255 255.255.255.255 192.168.153.1 30002 1
Default Gateway: 172.31.254.1
===========================================================================
Persistent Routes:
None

Re: Internet Connection Sharing Appliance

14. Jun 23, 2006 2:01 PM in response to: ccostan
Click to view motsugaw's profile Novice
motsugaw
11 posts since
May 26, 2006
The IEEE 802.11 (wireless) protocol specifies that a wireless NIC cannot send packets with a different MAC address than its own. Because of that, bridged network is harder in wireless environments. Each virtual NIC on VMs has its own MAC address (that is different from the real wireless NIC’s MAC address). Packets generated on VMs cannot be transmitted by the physical WLAN NIC. I assume VMware’s trick is address translation/mapping in Layer 2: when VM packets need to be transmitted, VMware changes the VM MAC address with the real WLAN NIC MAC address. In the reverse path all Ethernet frames are delivered to the host, and based on destination IP address (again, guessing), they are forwarded to the VMs. So, your 2nd laptop (the one without the appliance VM) sees the 1st laptop and the VM with the SAME MAC address. The 2nd laptop sends a packet to the Internet through the VM (its default gateway). However the packet is not delivered to the VM because the packet would not have the VM’s IP address, and there is nothing in the packet for VMware to know that it needs to forward the packet to a VM. VMware itself might be dropping the packets, or packets might be delivered to the host (where they are dropped).
The conclusion is that this appliance does not work if the second NIC is bridged to a wireless NIC. A non-optimal work-around is to use a web-proxy if wireless NIC is the network without Internet connectivity. It works at least for web surfing (i.e. applications such as ftp and ssh would not work). I have a version of this appliance that includes a web-proxy. The updated version can be downloaded clicking on the link in this appliance's description.
1 2 Previous Next Go to original post

Actions

VMware Beta Programs

Want to be Considered for Future Beta Programs?

Learn More

VMware Developer

Download SDKs, APIs, videos,
training, and more in the Developer community.

Learn More

Developer
Sample Code

Increase your developer productivity with VMware API sample code.

Learn More

VMworld
Sessions & Labs

Online access to the latest VMworld Sessions & Labs and online services.

Learn more

Purchase PSO Credits Online

Purchase credits to redeem training and consulting services online.

Buy Now

Community Hardware Software

View reported configurations or report your own.

Learn More

Only VMware ... Delivers Nexus 1000V

Ensure consistent, policy-based network capabilities to virtual machines across your data center.

Learn More

Communities