VMware Communities
emanz3939
Contributor
Contributor
‎04-10-2018 01:20 PM
Jump to solution

Lan Segments - Promiscuous mode problem

I have workstation 14 and i'm trying to get promiscuous mode working on VMs with networks configured to use lan segments. It is not an option to run these VMs in another networking mode due to the use-case.

The host: workstation 14.1.1 running on ubuntu 16.04

The guest vms are running on different lan segments. I have found no way to enable promiscuous mode within vmware that actually works. This article is the only thing i've found referencing promiscuous mode on linux: Using Virtual Network Adapters in Promiscuous Mode on Linux Hosts  and it's not helpful in this situation. I tried changing each vmnetx adapter on the host to be in promiscuous mode as a last ditch, but that didn't work either.

The monitor vm is definitely receiving broadcast traffic from the other lan segment and the nic in the guest VM is set to use promiscuous mode. However, it's not getting everything..

Is this even possible with lan segments?

0 Kudos
1 Solution

Accepted Solutions
dariusd
VMware Employee
VMware Employee
‎05-03-2018 01:02 AM
Jump to solution

On a Linux host, the ability to enable promiscuous mode for virtual NICs attached to a LAN Segment is controlled by the permissions on your host's /dev/vmnet0 device node.

Suspend or power off any VMs which you require to receive in promiscuous mode (or, at minimum, use the Workstation user-interface to "disconnect" the virtual NIC[s] for which you require promiscuous mode receives), then run the following command on your host:

   sudo chmod o+rw /dev/vmnet0

then power on the VM(s) again (or reconnect the virtual network adapter[s]).  It should then be possible to enable promiscuous mode in that VM.

Please let me know if that does not work for you.  Your original comment suggests you may have already tried something similar to the above, but it might be worth going through those specific steps and seeing if it works afterwards.  I've used this approach in the past, and I've briefly re-tested here and verified that it still works with Workstation 14.1.1 on a Debian 9.4 amd64 host – Without that permission, promiscuous mode cannot be enabled, but once the permission is added and the VM reconnected to the network, promiscuous mode is available, and the VM can see traffic between two other VMs on the same LAN Segment.

--

Darius

View solution in original post

0 Kudos
5 Replies
emanz3939
Contributor
Contributor
‎04-26-2018 07:59 AM
Jump to solution

vmware, is this kind of thing supported? or is this a bug?

0 Kudos
bonnie201110141
VMware Employee
VMware Employee
‎05-02-2018 10:42 PM
Jump to solution

Currently this is not supported.

0 Kudos
dariusd
VMware Employee
VMware Employee
‎05-03-2018 01:02 AM
Jump to solution

On a Linux host, the ability to enable promiscuous mode for virtual NICs attached to a LAN Segment is controlled by the permissions on your host's /dev/vmnet0 device node.

Suspend or power off any VMs which you require to receive in promiscuous mode (or, at minimum, use the Workstation user-interface to "disconnect" the virtual NIC[s] for which you require promiscuous mode receives), then run the following command on your host:

   sudo chmod o+rw /dev/vmnet0

then power on the VM(s) again (or reconnect the virtual network adapter[s]).  It should then be possible to enable promiscuous mode in that VM.

Please let me know if that does not work for you.  Your original comment suggests you may have already tried something similar to the above, but it might be worth going through those specific steps and seeing if it works afterwards.  I've used this approach in the past, and I've briefly re-tested here and verified that it still works with Workstation 14.1.1 on a Debian 9.4 amd64 host – Without that permission, promiscuous mode cannot be enabled, but once the permission is added and the VM reconnected to the network, promiscuous mode is available, and the VM can see traffic between two other VMs on the same LAN Segment.

--

Darius

0 Kudos
emanz3939
Contributor
Contributor
‎05-03-2018 06:14 AM
Jump to solution

dariusd​ - you are the man!

Your suggestion did the trick. I also went back to revisit the article and i was able to get that to work as well. I'm not sure what i did incorrectly before. My guess is i didn't fully reboot the vm or disconnect/reconnect the NIC after changing the permissions. I was wondering which /dev/vmnetx device the lan segments were using so you pointing that is helpful. Thanks!

0 Kudos
theftaut0
Contributor
Contributor
‎11-15-2020 12:19 PM
Jump to solution

This does not work for me.  I have Kali VM, using a NAT vmnet0.  My user isn't sudo on my machine, but I gave him rights to vmnet0/1/8.  I have also tried this with root.  No luck....getting frustrated as hell.

0 Kudos