VMware Communities
edgarallan
Contributor
Contributor
‎10-14-2020 11:16 AM

Why does VMware workstation add extra default routes to the ip routing table on Linux?

So I have pfsense running in a VM in vmware workstation pro on Linux.
I created an extra virtual network using the virtual network editor, named VMNET2, and gave it subnet 192.168.11.0/24.
I added an extra network adapter to the Pfsense vm and connected that directly to the VMNET2 network using CUSTOM : specific network.    

Before booting the pfSense VM, i check my ip routing tables with ip route command, and everything is as expected :

default via 192.168.5.1 dev wlan0 proto dhcp src 192.168.5.128 metric 303

default via 192.168.5.1 dev wlan0 proto dhcp metric 600

192.168.5.0/24 dev wlan0 proto dhcp scope link src 192.168.5.128 metric 303

192.168.5.0/24 dev wlan0 proto kernel scope link src 192.168.5.129 metric 600

192.168.11.0/24 dev vmnet2 proto dhcp scope link src 192.168.11.101 metric 208

192.168.44.0/24 dev vmnet1 proto dhcp scope link src 192.168.44.1 metric 207

192.168.234.0/24 dev vmnet8 proto dhcp scope link src 192.168.234.1 metric 209


Two default routes, for wlan0 and then the other routes for the different vmnets.


Now I boot up my pfSense VM and after a few minutes a new default route is suddenly added for the vmnet2 my VM is connected to :

default via 192.168.11.254 dev vmnet2 proto dhcp src 192.168.11.101 metric 208

default via 192.168.5.1 dev wlan0 proto dhcp src 192.168.5.128 metric 303

default via 192.168.5.1 dev wlan0 proto dhcp metric 600

192.168.5.0/24 dev wlan0 proto dhcp scope link src 192.168.5.128 metric 303

192.168.5.0/24 dev wlan0 proto kernel scope link src 192.168.5.129 metric 600

192.168.11.0/24 dev vmnet2 proto dhcp scope link src 192.168.11.101 metric 208

192.168.44.0/24 dev vmnet1 proto dhcp scope link src 192.168.44.1 metric 207

192.168.234.0/24 dev vmnet8 proto dhcp scope link src 192.168.234.1 metric 209

This causes all my traffic now to be routed trough the 192.168.11.0/24 subnet.
Now i can't access the internet anymore and all my pings result in host unreachable, until i delete that default route, or add my normal default route for wlan0 back to the top again.

Even after deleting that route it reappears after a couple of minutes.

This is very frustrating, and I would like to know if there is a way of stopping this from happening and why it even happens?

0 Kudos
1 Reply
dariusd
VMware Employee
VMware Employee
‎10-18-2020 03:11 AM

I don't think VMware Workstation itself will normally add such a route.

Is it possible that your pfSense VM is advertising itself as a router on the network attached to the host's vmnet2 interface?  Perhaps pfSense issuing its own DHCPv4 offers which include a default gateway or perhaps even by sending ICMPv4 Router Discovery Protocol​ advertisements​... which the host could pick up, causing it to add the appropriate route to the host's routing tables.

My first troubleshooting suggestion would be to try running wireshark or tcpdump in promiscuous mode on the host's vmnet2 interface to check if there are any relevant-looking router communications at the time that the route is added.  I have basically no experience with pfSense, but I would next check it for DHCPv4 settings (possibly even NAT service settings) and any ICMPv4 Router Discovery settings which might induce the host into setting this unwanted default route.

--

Darius

0 Kudos