Using Shared Networking (NAT) with a Windows Server 2003 virtual machine

Using Shared Networking (NAT) with a Windows Server 2003 virtual machine

Rate This
  • Comments 5

Virtual PC has a convenient feature called 'Shared Networking'.  What this is is a small virtual NAT (network address translation) router - which is quite similar to the cheap hardware broadband routers that a lot of people use (myself included).  The advantage of Shared Networking is that your virtual machine can access the external network with needing to be directly connected to it*.  This is handy if you don't want to have to worry about whether your virtual machine has all the latest security patches, or if you regularly move your physical machine between different network configurations (e.g. moving a laptop from you work network to your home network).

Normally using Shared Networking is very simple.  You just enable it and set the guest operating system to use DHCP - and everything works.  This is not the case with a Windows Server 2003 guest though.  The problem is that Shared Networking configures the guest operating system to use the same DNS servers as are used by the physical computer.  However - all DNS packets are actually returned from '192.168.131.254' - which is the virtual gateway used by Shared Networking.

Windows Server 2003 looks at the DNS packet, sees that it is coming from a source other than the DNS server it requested the information from, and rejects it.  A simple fix for this is to manually assign the DNS server inside the virtual machine to 192.168.131.254 - then everything will work just fine.

Cheers,
Ben

* The downsides of Shared Networking are that external computers cannot connect directly to the virtual machine (so it is not useful for server applications) and that Shared Networking only works for IP based networking.

Leave a Comment
  • Please add 3 and 6 and type the answer here:
  • Post
  • Great post! NAT is one of those simple yet ever-so-usefull technologies. I recall my first experiences with NAT when I built my own home-grown version of the DSL gateway before they were available on the public market.

    Another HUGE advantage of NAT is that it creates a virtually unlimited number of IP addresses. In the case where you'd like to create a large number of virtual machines, you're not limited by the amount of "real" IP space allocated to your network.
  • Now if only VPC let you edit the NAT subnet and addresses. Yes, I really had an issue with this! VMWare does let you :-)
  • Hey Ben,

    I really appreciate your blog!  I can't tell you how many times it has helped me out.  Has there been any update/fix/change to this since 2005?  I'm on Win7 Enterprise X64, running 2K3R2 standard as guest, and would really like to be able to see the guest from outside (like IIS websites, for instance).

    Thanks!,

    Paul [at] Paul J Richardson.com

  • Paul J Richardson -

    I would recommend using Internet Connection Sharing and enabling port forwarding there.  Some details are here: blogs.msdn.com/.../477195.aspx

    Cheers,

    Ben

  • Thanks Ben!

    I can get into the VM for port 80 requests now, using the host name I've setup on the 'web' port rule in the advanced sharing properties of the VM host.  This may come in handy if (a good probability) I have to completely script the migrations of the 200+ HostHeader sites on this VM, to a 2008 Web server also running as a VM, in the near future.  For now, other scripts are in the que for dev.  My boss doesn't really like 'human involvement' in those things, so that cutover is faster, and has been thoroughly simulated in advance.  At least this way, there's no need for a huge test lab like last time (complete with AD, DNS, etc.) -- I'll just use a hosts file combined with other VMs.

    thanks,

    Paul

Page 1 of 1 (5 items)