VMware Communities
hithere
Contributor
Contributor
‎07-03-2007 09:23 PM

VMware Player v2 - How do I build a network isolated from the host machine?

Hi guys, I apologize if this has already been asked. I did search for information on this question, both here and Google.

This is the closest I came, but I'm confused by what is written:

http://seclists.org/basics/2006/Mar/0221.html

Basically what I'd like to do is have two Virtual Machines that can communicate with each other but NOT with the host, under ANY circumstances. To be more specific I don't want the host to even be known to either virtual machine. No ping, no address, no (hardware), nothing. Just packet filtering or a firewall isn't going to do it. And I can't disable TCP/IP for the NIC on the host machine, like what (I think) is suggested in that e-mail.

Apparently there is a way to do this, I have read about doing it using other VMware products, like Server. I believe VMware Player can do this also, but I would guess I have to edit something manually? Add a loopback adapter? Then I bridge to it, with say VMnet7, and then both VM's use VMnet7 as eth0?

I was thinking the two VMs would both use a host-only VMnet adapter but then the problem is the host. How can I disable the host communications without disabling the adapter entirely?

I don't mind hacking this out, but I need more information before I start, as much as you guys can provide. I will absorb it like a dry sponge and swell.

Thanks!

Whoops, I forgot to add that I am using VMwarePlayer v2 on Microsoft Windows Vista as host.

Message was edited by: hithere

hithere

0 Kudos
5 Replies
KevinG
Immortal
Immortal
‎07-04-2007 07:01 AM

Post the .vmx file from the virtual machine and I will tell you would lines to edit

0 Kudos
hithere
Contributor
Contributor
‎07-04-2007 03:40 PM

Kevin, I have not finalized the vmx files. The networking will go like this, assuming I can rid of the host presence:

Ethernet0.present = "TRUE"

Ethernet0.addressType = "generated"

Ethernet0.connectionType = "custom"

Ethernet0.vnet = "VMnet1"

Ethernet0.generatedAddress = "00:0c:29:0a:0b:0c"

Ethernet0.generatedAddressOffset = "0"

VMnet1 right now is standard host-only. Also, does it make much of a difference when networking two guests together to add:

ethernet0.virtualDev = "vmxnet"

...in the vmx of each guest? I can install the vmware tools on each guest, but nothing on the host.

0 Kudos
saxa
Expert
Expert
‎07-04-2007 05:06 PM

Hello,

on both guests change

Ethernet0.vnet = "VMnet1"

to

Ethernet0.vnet = "VMnet2"

ready. Your VMs can only communicate with each other.

>>Also, does it make much of a difference when networking two guests together to add: ethernet0.virtualDev = "vmxnet"

No, it doesn't make anything on WinXP guests.

>>I can install the vmware tools on each guest, but nothing on the host.

Don't install VMware tools on the host! They are only for the guests.

0 Kudos
KevinG
Immortal
Immortal
‎07-04-2007 05:16 PM

Ethernet0.vnet = "VMnet1" change to Ethernet0.vnet = "VMnet2"

Do not[/b] add this line

ethernet0.virtualDev = "vmxnet"

The VMware Tools are for the guest OS only.

0 Kudos
hithere
Contributor
Contributor
‎07-08-2007 06:42 PM

Hi, one guest is Ubuntu and the other guest is vanilla Linux running on Windows Vista host. I did try what you guys suggested and it works fine. Thank you.

I wasn't aware of how the VMware virtual adapters work. It seems that all the virtual adapters can be used for networking although only three are registered with the operating system.

VMnet0 - bridged (to share the host's actual network card)

VMnet1 - host-only adapter (to communicate with host and guests only)

VMnet8 - NAT (use host's ip to access internet)

So if you use an adapter that is not registered with the host (VMnet2-6), there is no network communication between the guest and the host, however the guests can still communicate with each other on that adapter.

I had to set IP addresses manually. I used the 172 private address range.

In vanilla linux I typed this at the command prompt:

ifconfig eth1 172.30.30.30 broadcast 172.30.255.255 netmask 255.255.0.0

In Ubuntu I left-clicked the monitor icon in the upper right hand corner.

I selected Manual Configuration, Wired Configuration, Properties:

Configuration: Static IP Address

IP Address: 172.30.30.31

Netmask: 255.255.0.0

Gateway: 172.30.30.31

After installing VMware tools on Ubuntu, vmxnet was automatically enabled as the type of network adapter.

An unrelated note:

I had a problem after installing Ubuntu (Feisty). I suspect Ubuntu's DHCP client was causing vmware-vmx.exe to spike in CPU periodically. When I first installed I had the network adapter bridged to a physical network card (so I could download updates). But the network the adapter was on had no DHCP server. The problem went away after I set an IP address manually.

0 Kudos