How does network bridging work in a VM?

For example, I have VMware Workstation which is on a host, host, and a VM running under VMware, zeddicus. Basically I understand in a normal network you plug a computer into the network (or wifi), get assigned an IP address by DHCP (assuming no static IPs) and you're on your way. How does this work on a VM with DHCP, though? When you are running a VM all traffic is routed through host, say 10.0.0.10... but with a bridged connection, zeddicus would have another DHCP address (10.0.0.11) if you run ipconfig/ifconfig. How does this work when looking at it through the outside network? All traffic, (this is where I must be missing something) is routed through 10.0.0.10 to zeddicus who is 10.0.0.11, or does the network interface somehow register as having two different addresses on the network? This also applies to MAC addresses, I guess, since an interface is only supposed to have one address yet VMs have their own.

Basically I don't understand how a VM running on a host can have a different IP address on the network than the host on a physical network because it seems like all traffic would be routed through the host.

cutrightjm

Posted 2013-07-20T23:08:44.950

Reputation: 3 966

Answers

It is natural to use the term "routed" when talking about packets moving through a device, however in networking, routed means a specific thing - it means where a packet moves from one layer 3 network to another. Bridging is where packets move at layer 2, and are effectively the same before and after bridging.

With a bridge (unless controls are put in to stop some traffic) any packet arriving on one side of the bridge will be emitted out of the other side. This puts devices on either side on the same network.

This means that broadcast traffic such as DHCP will happily traverse the bridge both the outgoing request (which will originate from the VM virtual MAC) to the reply, which will be sent to the virtual MAC. Because the VM host interface acts as a bridge, it will pass all packets on the network through to all the devices on the bridge. It behaves exactly the same way as two physical interfaces being bridged.

Paul

Posted 2013-07-20T23:08:44.950

Reputation: 52 173

You'll notice VMWare installs virtual network interfaces - go to ncpa.cpl to look at them.

You'll also notice if you look at the properties of your physical NIC, you'll see an active protocol called "Vmware Bridge Protocol"

I imagine through the Vmware Bridge Protocol incoming traffic destined for the VM is intercepted and forwarded to the VM before it hits the host. Similar to how it does for USB traffic through the use of special drivers.

I bet this bridge protocol puts the physical NIC in promiscuous mode which enables it to "hear" all traffic that hits the NIC. It probably looks at all traffic before the TCP/IP protocol of that interface gets it, or maybe the "Vmware Bridge Protocol" has a different 'protocol number' in the IP header.

LawrenceC

Posted 2013-07-20T23:08:44.950

Reputation: 63 487