Setup VMWARE Host as router for Solaris, Linux, FreeBSD, and Windows XP Guest OS

by on February 20, 2006 · 8 comments· LAST UPDATED April 19, 2007

in , ,

VMware Workstation allows the creation and execution of multiple x86 virtual computers simultaneously. Setting up VMWARE workstation host computer can be tricky. Official VMWARE workstation document recommend of creating vmnet1 and vmnet2. However, you can use eth0 and vmnet1 to route all traffic from guest operating systems via Linux host. This is quite useful:

* If you don't want setup firewall for each operating system inside VMWARE
* Ease of IP accounting etc

Setup

VMWARE Workstation Running on P4 system with 4 GB RAM
OS: Red Hat Enterprise Linux 4.0

  • eth0: 192.168.1.1
  • vmnet1: 192.168.2.1 (hostonly networking)

Step # 1: Stop vmware and service

Shutdown all VM’s and stop vmware service: # /etc/init.d/vmware stop

Force Linux to act as a router:
echo 1 > /proc/sys/net/ipv4/ip_forward

Open /etc/sysctl.conf file and
# vi /etc/sysctl.conf
Make sure IP packet forwarding is set:
net.ipv4.ip_forward = 1

Save and close the file. Above line ensures that Linux as a router after rebooting system.

Step # 2: Configure hostonly networking

You need to configure interfaces on Linux Vmware host:

  • eth0 (Bridge) : Static IP 192.168.1.1
  • vmnet1 (hostonly) : Static IP 192.168.2.1

Type following command to configure vmware:
# /usr/bin/vmware-config.pl
At networking screen, add hostonly networking for vmnet1 Keep eth0 (bridge) as it is. Assign IP 192.168.2.1 to vmnet1.

Step # 3: Configure Linux Host to route traffic

Just add following IPtables rules to your iptables script so that you can route traffic between eth0 (Linux host) and vmnet1 (Guest OS):
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface vmnet1 -j ACCEPT
iptables -A INPUT -i vmnet1 -s 192.168.2.0/24 -d 192.168.1.1 -j ACCEPT

Step # 4 Configure Guest OS

  1. Start Vmware application.
  2. Select Virtual machine
  3. Click on VM
  4. Select Settings
  5. Select Ethernet1
  6. Select Network Connection: “Host-only: A private network shared with the host”
  7. Click ok to save

Power on virtual system and point router IP address to 192.168.2.1, here is sample FreeBSD rc.conf file:defaultrouter="192.168.2.1"
hostname="freebsd6.test.com"
ifconfig_lnc0="inet 192.168.2.5 netmask 255.255.255.0"
Please note that you need to add appropriate iptables rules to allow incoming traffic to Guest os. Just add your rules to Linux host.
See also:

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 8 comments… read them below or add one }

1 inam November 24, 2006 at 12:36 am

can root disable the su command on a system

Reply

2 nixCraft November 24, 2006 at 9:31 am

There are many ways to disable su. Simple and easy solution is remove su command or put it to /root directory.

Other solution would be remove executable permission for rest of the world.

Reply

3 Peter Burkholder December 8, 2006 at 5:22 am

I got this to work once I remembered:

echo 1 > /proc/sys/net/ipv4/ip_foward

P.

Reply

4 nixCraft December 8, 2006 at 10:42 am

Peter,

You need to add 1 to /proc/sys/net/ipv4/ip_forward (file name is not correct)

Appreciate your post!

Reply

5 Rashmi Ranjan April 12, 2008 at 7:28 am

The above discussion is helpful if we are trying to set up windos as guest and Linux as host. But my requirement is Windos XP is host and linux is guest. Please let me know how do I establish a connection between the machines.

A quick reply would be really very helpful.

Reply

6 S!FE October 1, 2010 at 4:43 pm

can you put example for virtualbox because i tried but didn’t success .

Reply

7 Ludovic Kuty May 5, 2011 at 10:55 am

Great tutorial.

Note that the following commands are not strictly necessary:
iptables –append FORWARD –in-interface vmnet1 -j ACCEPT
iptables -A INPUT -i vmnet1 -s 192.168.2.0/24 -d 192.168.1.1 -j ACCEPT

There are just used if the box is secured and the default policy of the forward and input chains is not accept.

Reply

8 Mike April 18, 2012 at 9:34 pm

Hey all, I know this is an old post but still relevant ;-) Thanks for sharing nice tricks nixcraft !

My home physical network is 192.168.1.0/24 as it is for many of us.
I have a machine on the network which IP address is fixed (through DHCP) 192.168.1.100. This machine runs Linux and hosts couple of VMs.
I’ve created a hostonly network vmnet20 (192.168.200.0/24) for them.

Now I want to access them from my home network without changing their IP. On my home router I’ve added a route as follow :
0.0.0.0/0 192.168.200.0/24 192.168.1.100 UG 0 0 br0

From another machine (192.168.1.1) I can do a traceroute and I confirm the router does it’s job, but I never reach the guest VM, neither when I ping or ssh.

I added the iptables roules metionned in the article.

Any idea what I forgot, or did wrong ?

Reply

Leave a Comment

Previous post:

Next post: