VMware Communities
vmfh
Enthusiast
Enthusiast

no need to use vnet to pass traffic between guest VMs

It seems that, in order to pass traffic between guest VMs, it is not necessary to connect them to a vnet, be it default or custom.

I use VMware Fusion 7.1.3 as host and two virtual firewalls Cisco ASAv. When I configure their interfaces in the same subnet I can pass traffic between them (plain ICMP, haven't tried other types). Until now, I thought I would have to connect the firewall interfaces to a vnet in the vmx file (s. #582773) — but it doesn't seem to be case. It is as if the host would handle the traffic like VirtualBox's private networks, but without even configuring it. I couldn't find documentation to this regard though.

Tags (3)
Reply
0 Kudos
10 Replies
vmfh
Enthusiast
Enthusiast

Can anyone help?

Reply
0 Kudos
continuum
Immortal
Immortal

> I thought I would have to connect the firewall interfaces to a vnet in the vmx file.
You are right - you indeed have to configure a vnet in the vmx-file - unless you are satisfied with the default settings.
It would be a good idea if you inspect both vmx-files with your favorite texteditor to get a better understanding of the topic.


________________________________________________
Do you need support with a VMFS recovery problem ? - send a message via skype "sanbarrow"
I do not support Workstation 16 at this time ...

Reply
0 Kudos
vmfh
Enthusiast
Enthusiast

Both devices have 3 interfaces each. As long as they are configured on the same subnet — random interface, random IP on each device, traffic passes between them. Here're the parsed vmx and networking files. I don't have a VMnet0 on the host. There must be something I'm missing or something that the hypervisor is doing automatically.

$ grep "ethernet" ASAv.vmwarevm/ASAv941.vmx

ethernet0.present = "TRUE"

ethernet0.addressType = "generated"

ethernet0.connectionType = "custom"

ethernet0.virtualDev = "e1000"

ethernet0.startConnected = "FALSE"

ethernet1.present = "TRUE"

ethernet1.addressType = "generated"

ethernet1.connectionType = "custom"

ethernet1.virtualDev = "e1000"

ethernet1.startConnected = "FALSE"

ethernet2.present = "TRUE"

ethernet2.addressType = "generated"

ethernet2.connectionType = "custom"

ethernet2.virtualDev = "e1000"

ethernet2.startConnected = "FALSE"

ethernet0.pciSlotNumber = "32"

ethernet1.pciSlotNumber = "33"

ethernet2.pciSlotNumber = "34"

ethernet0.generatedAddressOffset = "0"

ethernet1.generatedAddressOffset = "10"

ethernet2.generatedAddressOffset = "20"

ethernet0.vnet = "VMnet0"

ethernet3.present = "TRUE"

ethernet3.virtualDev = "e1000"

ethernet3.startConnected = "FALSE"

ethernet3.wakeOnPcktRcv = "FALSE"

ethernet3.addressType = "generated"

ethernet3.pciSlotNumber = "36"

ethernet3.generatedAddressOffset = "30"

ethernet4.present = "FALSE"

ethernet5.present = "FALSE"

ethernet6.present = "FALSE"

ethernet7.present = "FALSE"

$

$ grep "ethernet" ASAv\ 2.vmwarevm/ASAv941.vmx

ethernet0.present = "TRUE"

ethernet0.addressType = "generated"

ethernet0.connectionType = "custom"

ethernet0.virtualDev = "e1000"

ethernet0.startConnected = "FALSE"

ethernet1.present = "TRUE"

ethernet1.addressType = "generated"

ethernet1.connectionType = "custom"

ethernet1.virtualDev = "e1000"

ethernet1.startConnected = "FALSE"

ethernet2.present = "TRUE"

ethernet2.addressType = "generated"

ethernet2.connectionType = "custom"

ethernet2.virtualDev = "e1000"

ethernet2.startConnected = "FALSE"

ethernet0.pciSlotNumber = "32"

ethernet1.pciSlotNumber = "33"

ethernet2.pciSlotNumber = "34"

ethernet0.generatedAddressOffset = "0"

ethernet1.generatedAddressOffset = "10"

ethernet2.generatedAddressOffset = "20"

ethernet0.vnet = "VMnet0"

ethernet3.present = "TRUE"

ethernet3.virtualDev = "e1000"

ethernet3.startConnected = "FALSE"

ethernet3.wakeOnPcktRcv = "FALSE"

ethernet3.addressType = "generated"

ethernet3.pciSlotNumber = "36"

ethernet3.generatedAddressOffset = "30"

ethernet4.present = "FALSE"

ethernet5.present = "FALSE"

ethernet6.present = "FALSE"

ethernet7.present = "FALSE"

$

$ sed -En "s/.*(VNET_[0-9]*).*/\1/p" /Library/Preferences/VMware\ Fusion/networking | uniq | sort

VNET_1

VNET_10

VNET_8

VNET_9

VNET_91

VNET_92

VNET_93

Reply
0 Kudos
vmfh
Enthusiast
Enthusiast

Can anyone help? I don't think this behaviour is expected nor documented.

Reply
0 Kudos
wila
Immortal
Immortal

Hi,

What you mean with this?

I don't have a VMnet0 on the host.

That's the bridged interface. My bet is that you actually have that interface.

Also not understanding your issue as you have NICs connected to vmnet0, so yes they can communicate with each other.

You don't mention which NICs can communicate against your expectations.

There's a bunch of custom network interfaces, but the actual assignments are missing.

It is as if you created the .vmx file by hand?

re. documentation, the workstation documentation has more details as the Fusion one on this area, but the concepts are the same.

See: Understanding Common Networking Configurations

--

Wil

| Author of Vimalin. The virtual machine Backup app for VMware Fusion, VMware Workstation and Player |
| More info at vimalin.com | Twitter @wilva
Reply
0 Kudos
vmfh
Enthusiast
Enthusiast

wila

continuum

Finally I could test again.

$ grep --color "ethernet.*present\|vnet" ASAv.vmwarevm/ASAv941.vmx ASAv\ 2.vmwarevm/ASAv941.vmx

ASAv.vmwarevm/ASAv941.vmx:ethernet0.present = "TRUE"

ASAv.vmwarevm/ASAv941.vmx:ethernet1.present = "TRUE"

ASAv.vmwarevm/ASAv941.vmx:ethernet2.present = "TRUE"

ASAv.vmwarevm/ASAv941.vmx:ethernet0.vnet = "VMnet0"

ASAv.vmwarevm/ASAv941.vmx:ethernet3.present = "TRUE"

ASAv.vmwarevm/ASAv941.vmx:ethernet4.present = "FALSE"

ASAv.vmwarevm/ASAv941.vmx:ethernet5.present = "FALSE"

ASAv.vmwarevm/ASAv941.vmx:ethernet6.present = "FALSE"

ASAv.vmwarevm/ASAv941.vmx:ethernet7.present = "FALSE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet0.present = "TRUE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet1.present = "TRUE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet2.present = "TRUE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet0.vnet = "VMnet0"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet3.present = "TRUE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet4.present = "FALSE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet5.present = "FALSE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet6.present = "FALSE"

ASAv 2.vmwarevm/ASAv941.vmx:ethernet7.present = "FALSE"

Although 8 interfaces are configurable and 4 are actually present (3 ethernet, 1 management), only 1 is connected to vnet0 — which doesn't show in the host ifconfig output —, but I can send traffic between any ethernet interface, if configured properly (eth0,1,2 corresponds to ge0/0,0/1,0/2 respectively).

For example, if I configure ge0/0 which should be eth0 with ip 200.0.0.1/24 on one device and ge0/0 which should be eth0 with ip 200.0.0.254/24 on the other device, traffic passes between them (icmp).

But, if I configure ge0/1 which should be eth1 with ip 200.0.0.1/24 on one device and ge0/2 which should be eth2 with ip 200.0.0.254/24 on the other device, traffic passes between them (icmp) too.

Last I wouldn't expect, since eth1 on first device and eth2 on the second one are not connected to vnet0.

Reply
0 Kudos
vmfh
Enthusiast
Enthusiast

Can anyone please try to reproduce this? I don't even have a vnet0 in Workstation's or Fusion's host (see output above) where I could make a trace on.

Reply
0 Kudos
Mikero
Community Manager
Community Manager

I'm still not sure what you're asking.

Is something not working for you?

-
Michael Roy - Product Marketing Engineer: VCF
Reply
0 Kudos
vmfh
Enthusiast
Enthusiast

Mikero​, vnet0 doesn't show in the host (like vnet1, vnet8, custom vnets appear in ifconfig), and interfaces in the guest that are not connected to vnet0 are unexpectedly able to pass traffic, as per the description above.

Reply
0 Kudos
vmfh
Enthusiast
Enthusiast

I add two screen shots of the VMs to help visualize the problem and attach a diff of both vmx files.

Although only both GE0/0 are connected to vnet0 in the vmx files and the other interfaces are not — ethernet 0 through 3 are connected on boot to vnet0.

Screen Shot 2019-04-30 at 21.19 PM.pngScreen Shot 2019-04-30 at 21.19 PM 1.png

Reply
0 Kudos