This is just a writeup on what I am doing in my test lab setup. Mainly as a reminder to me.
My host laptop has an interface with a dynamically assigned private IP from my router. This laptop runs VMware Workstation, in which there are a couple of guests.
The easiest option would be to assign a NAT interface to each of these guests. That way they are all on a private network of their own, but with Internet access via VMware NAT.
A note on NAT. What is it? NAT is a way to hide private IP blocks from the outside world. Like in this instance, you don’t want to assign each of your guests public IPs as they are private machines and it’s a waste of public IPs. What you want is to assign these machines a private IP yet ensure they can connect to the outside world. So what you need is for one machine – the host in this case – to be on the Internet via a public IP or private IP (in which case the router that provides the private IP is hiding the host behind it) and all other machines to be hidden behind it.
The way NAT works is that it creates a private IP space on the host. The host is given an IP address from this private space, as are all the guests. The guests use this private IP of the host as their router, and the NAT service on the host receives packets, sends them out to the Internet but changes their source IP to be that of the external IP of the host and keeps note of this, and when it receives packets it reads them to identify which guest it is directed to and passes it on.
In VMware NAT, it is optional to give the host an IP from the private space as the NAT service creates a separate private IP – hidden from the host too, but residing on the host – and the guests use this IP as their router IP. This IP also provides DNS services for the guests. Here’s a screenshot from the network settings page of VMware Workstation.
I have defined a virtual network called VMnet1 and assigned it as a NAT network. In this case I chose to have the host too connected to this network – and so my host has a VMnet1 interface with IP address 192.168.126.1 – and my VMs will have DHCP addresses assigned from this pool.
From one of my VMs:
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : localdomain
Link-local IPv6 Address . . . . . : fe80::30e9:f268:6355:25d%12
IPv4 Address. . . . . . . . . . . : 192.168.126.187
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.126.2
Notice the default gateway is 192.168.126.2 and not 192.168.126.1. Just to confirm they are different interfaces, we can check the MAC address table:
Interface: 192.168.126.187 --- 0xc
Internet Address Physical Address Type
192.168.126.1 00-50-56-c0-00-01 dynamic
192.168.126.2 00-50-56-e2-41-3a dynamic
Different MACs. Both virtual adapters (based on the 00-50-56 prefix, which belongs to VMware) but different adapters.
The VMs see the DHCP server too as another virtual adapter on the network. In my case the DHCP addresses are offered from 192.168.126.254 – yet another virtual adapter on the host that’s not visible to the host.
With VMware Workstation, I don’t have to create a separate network for NAT. I could have assigned each interface of the VMs as NAT and that too would do the trick, but creating a separate network has its advantages. I can control the range of IP addresses assigned to the guests, and I can have the host too assigned an interface from this pool. I can also choose the gateway address to be something else – say to be the IP of the host.
(Originally this post was meant to have more details but I got busy with other stuff. Rather than let it go to waste I am publishing it anyways. Hence the abrupt ending).