.不禁概叹VMware的强大,以下的English就不翻译了
主要注意两点:
1、当虚拟机用NAT方式与宿主进行连接时,IP地址设置时的网关是×.*.*.2,而不是*.*.*.1,这一点同样适用于Host only连接方式。因为以前一直是用桥接方式,所以不存在这个网关问题,上次配置虚拟机网络时,因为是直连外网,再没有私有地址给我桥接,所以要用NAT,我把网关设置成172.16.86.1,结果是虚拟机可以ping通172.16.86.1,也可以ping通宿主系统的外网IP,但就是ping不通www.baidu.com等。究其原因,就是网关设置错误。如果虚拟系统的IP地址获取方式是DHCP,我想不会有这么多麻烦,但服务器嘛,当然需要固定IP啦。
2、我还真的不知道VMware自带NAT的转发功能,我原来是打算把宿主系统和虚拟系统用Host only连接,然后用iptables把访问特定端口的服务转发到虚拟系统上。但因为数据一直出不去,Google了一些资料,发现VMware有NAT转发功能,才决定用NAT方式连接。
NAT的设置和转发设置均在这里/etc/vmware/vmnet8/nat/nat.conf
这个文件是只读的,为了编辑,可以chmod +w /etc/vmware/vmnet8/nat/nat.conf
也可以在编辑完成后用:wq!来强行写入。
不过,网上有文章说VMware的NAT转发不是很稳定。
Unfortunately, VMware Server on Linux currently lacks a user friendly equivalent of the Windows Manage Virtual Networks tool, instead requiring the manual editing of the /etc/vmware/vmnet8/nat/nat.conf file (keeping in mind that the vmnet8 name will need to be changed if the settings are to be configured for a custom created virtual network).
The nat.conf file contains a number of different sections, each allowing a different aspect of the NAT device to be configured:
[host]
ip – The IP address of the NAT device on the virtual network. By default this will be <xxx>.2 where the <xxx> is the subnet address assigned to the virtual network (for example, 172.16.86.2).
netmask – The subnet mask to be used for the NAT device.
configport – The port to be used for accessing information about the NAT device. By default this directive is commented out with a # character for security purposes and is supposedly only for use by VMware Inc’s technical support staff.
device – The VMnet virtual network switch to which the NAT device is attached.
activeFTP – A value of 1 indicates that active FTP sessions (i.e connections initiated by remote FTP servers) are supported. A setting of 0 limits connections to passive sessions.
[udp]
timeout – The amount of time, in seconds, to keep UDP mapping for the NAT device. This is essentially the amount of time for which the NAT device remembers which virtual machine initiated a specific UDP based connection with an external system. If the external system responds after the timeout period has elapsed, the NAT will no longer know to which virtual machine the data should be forwarded, and the UDP packet will be discarded.
[incomingtcp]
The [incomingtcp] section of the nat.conf file is used to configure TCP port forwarding. This essentially involves mapping an incoming TCP port on the host to the IP address and TCP port of a virtual machine. For example, to map data coming into TCP port 8080 on the host to port 80 on a virtual machine with an IP address of 172.16.86.128, the following directive would need to be entered into the [incomingtcp] section of the configuration file:
8080 = 172.16.86.128:80
As many TCP port forwarding directives as necessary may added to this section of the NAT configuration file.
[incomingudp]
The [incomingudp] section of the nat.conf file is used to configure UDP port forwarding. Similar to the [incomingtcp]] section, this essentially involves mapping an incoming UDP port on the host to the IP address and UDP port of a virtual machine. For example, to map data coming into UDP port 8081 on the host to port 8082 on a virtual machine with an IP address of 172.16.86.128, the following directive would need to be entered into the [incomingudp] section of the configuration file:
8081 = 172.16.86.128:8082
As many port UDP forwarding directives as necessary may added to this section of the NAT configuration file.
主要参考文章:http://www.virtuatopia.com/index.php/VMware_Server_NAT_Configuration#Configuring_NAT_on_Linux_Hosts