Virtual PC Guy's Blog

-- Ben Armstrong, Virtualization Program Manager

Talking about core virtualization at Microsoft (Hyper-V, Virtual PC and Virtual Server).

Search
  • Advanced search options...
Recent Twitters
Tags
Common Tasks
Hyper-V Links
MVP Sites
SCVMM Links
Virtual PC / Virtual Server Links

How does networking work under Virtual PC / Virtual Server?

MSDN Blogs > Virtual PC Guy's Blog > How does networking work under Virtual PC / Virtual Server?

How does networking work under Virtual PC / Virtual Server?

1 Apr 2005 5:08 PM
  • Comments 12

I regularly get asked about how networking works under Virtual PC and Virtual Server - so today I will attempt to provide generic overview of how virtual networking works.

Each virtual machine is created with one emulated network adapter by default (and can have up to 4 emulated network adapters).  These network adapters are assigned psuedo-unique MAC addresses in the 00-03-FF-xx-xx-xx range (there is potential for conflict here - though we do try to avoid this).  We then use our 'Virtual Machine Network Services' driver to move packets to and from the emulated network card.

The 'Virtual Machine Network Services' driver is an intermediate NDIS filter that is installed on the physical network adapter.  It is responsible for three things:

  1. Placing the physical network adapter into 'promiscuous' mode.  Normally Ethernet adapters will only accept network packets that are destined for their own MAC address.  In promiscuous mode an Ethernet adapter will accept all network packets irregardless of the destination.  Normally there is a performance degradation associated with promiscuous mode, because the upper protocols have to deal with processing all the packets - however we avoid this by ensuring that only packets destined for the physical computer are sent to the higher level protocols.
  2. Examining incoming packets and redirecting packets that are destined for a virtual machine to that virtual machine.  N.B. An interesting thing to note is that because the 'Virtual Machine Network Services' driver is installed below the protocols on the physical adapter - which means that any packet sniffers on the physical computer will not see packets destined for the virtual machines as our driver will intercept them first.
  3. Taking outbound packets created by the virtual machines, with their MAC address and transmitting it onto the network.

All of this means that virtual machines have their own unique MAC address and appear and function like completely separate computers on the network.  Anything that you can do with a physical computer on a network - we expect to work with a virtual machine.  It is also worth pointing out that we are only tracking networking at the MAC level (OSI Layer 2) - so that anything higher than that (like TCP/IP, IPX, NetBIOS, etc...) should 'just work'.

Cheers,
Ben

Leave a Comment
  • Please add 6 and 2 and type the answer here:
  • Post
Comments
  • Chris O.
    4 Apr 2005 12:53 PM
    I have question about the setting "Shared Networking" under "Virtual PC"

    When i select "Shared Networking (NAT)" under "Virtual PC" and i have activated on the Host the "Windows Firewall", is my host PC protected against the virtual machine?

    I know it is impossible with "Shared Networking" to access network services (like an webserver) from the host on the virtual machine, but is it also impossible for the virtual machine to access network services (like an webserver) on the host?

    Chris
  • Huberblog :: Jason Huber
    4 Apr 2005 11:36 PM
    This is awesome information. I had read something online a while back about the subject using a link provided from your site. It is always nice to revisit a subject to see it from another angle.

    I regularly need to work with the mac address settings etc to ensure that I dont have a conflict on the network. This is made easier by knowing a little more of what is going on.

    -Jason Huber
  • Jonathan
    5 Apr 2005 7:00 AM
    Do you suppose one can use NLB (which also works at the MAC level)? I mean, have 2 or more guest OSs form an NLB cluster? While the production value of this is dubious, it can really help testing apps that depend on NLB.
  • christian
    5 Apr 2005 1:09 PM
    you can form a NLB Cluster within VPC/VS
    you cannot form a NLB Cluster with multiple VMs that spawn multiple host machines
  • charles
    15 Apr 2005 12:46 AM
    One of the things that I find lacking in the Virtual PC documentation is "examples" or "recommendations" on how to configure networking for different situations. Like I have Windows Server 2003 machine and an XP Proffessional Pro machine. I have the W2K3 server set up as a Domain Controller, DHCP, and Have Exchange on it. I can't connect the Windows XP Pro client to the domain, can't get Outlook to find the W2K3 server and check my user name, even though its set up. It would be helpful under networking to say something like "configure all servers and clients to local only to operate a test domain." Or whatever the correct answer would be.
  • Helge
    22 Apr 2005 4:13 PM
    Can you have two emulated network adapters connected to two physical network adapters on the host machine?
    I have a host machine with two NIC's running Virtual Server 2005 but I can only see one NIC when I try to create a new virtual network adatper.
    The Physical Computer Properties page reports only one physical network adapter. It's a HP DL320 with a dual port HP NC7760.
  • nayan
    6 Jul 2010 11:24 PM

    How does networking work under Virtual PC / Virtual Server on windows 7?

  • Maggie
    14 Jul 2010 5:48 AM

    Thanks you just helped me finish my project for computer lit.

  • 20 Jul 2010 11:57 AM

    Chris O. -

    Yes, the host operating system firewall does protect the host from the virtual machine.  With Shared Networking a virtual machine cannot connect to the host operating system at any time.

    Helge -

    This should work.

    nayan -

    This is pretty much unchanged for Windows 7.

    Cheers,

    Ben

  • Joe M.
    26 Sep 2010 4:33 PM

    I understand that what you write here about the driver covers incoming packets as well as packets outgoing from the guest.

    However can you say what is the behavior of the driver with regards to outgoing traffic from the host to a guest machine? Do these packets get filtered and passed to the guest or are they also sent out to the network? My testing so far seem to show the second which is inherently duplicate and causes flooding...

    Is there any way to ensure packets from the host to the guest will not be transmitted out the NIC? As I use a hub this floods my network unnecessarily.

  • Shreyas
    11 Jul 2011 9:50 PM

    Hi Ben,

    Nice Explanation. Thanks for the post !

    I have a question. I need to test a web application on my laptop. The laptop has a VM running on Linux and the main OS of the laptop is Windows 7. Is it possible to call a client from Windows host to Linux VM host ? If yes, how to achieve that ? I am stuck at the moment due to this.

  • Anon
    27 Jan 2012 7:48 AM

    Irregardless is not a word.  If it was, it would mean the opposite of what you intend here.

Page 1 of 1 (12 items)