Give VMWARE exclusive access to a NIC

K

kkeirnan

n00b
Joined
Apr 20, 2010
Messages
42
I'm toying around with pfsense in a VM. 3 NIC's are on the HOST machine (two pci for pfsense, 1 onboard that the host uses as normal to communicate with the LAN)

If using all bridged virtual nic's the LAN side should work just fine. It's the WAN side that is going to give me issues. Using bridged virtual NICs the HOST NIC would first get an ip address from the ISP before the Virtual NIC would have connectivity. Once the HOST NIC has connectivity the Virtual NIC would also then try to pull an IP address from the ISP which isnt going to work.

Is there a way to give the VM exclusive access to this NIC without allowing the host to access it? This way ONLY the VIRTUAL NIC will be using that physical NIC.

What if I used NAT instead of briding on the WAN side? The host NIC would would get the 173.x.x.x from the ISP. How should I configure the Virtual NIC to get connectivity?

I'm trying to consolidate. I have a pfsense box and a server sitting in my closet. The load on the server would be minimal considering the pfsense box is a pentium 3 with 256mb of ram. RAM usage never goes over 25% and CPU usage never goes over 10%. Plus it would cut down on uneeded electricity. If I get this working properly anyone want to buy a pfsense box for a reasonable price? :D

Before I get catch any flak, I understand the uneeded complexity, and the security issues involved.
 
we need to know what VMWare product are you using to run pfSense. we need to know if this is a type 1 or type 2 situation. the other details can be addressed after we know this. (i'm guessing workstation, player or server)
 
THANKS! for your interest in my problem here.

I am using Workstation 7. However I don't know what you mean by a type 1 or 2 situation?
 
Type 1 is bare metal, meaning it could "very loosley" be compared to running "in place of" an operating system. That isn't completely accurate, but it serves the purpose... VMware ESXi is a good example of a free type 1 hypervisor.

Type 2 is hosted, meaning it requires another OS to be in place, then you run virtualization software like VMware workstation.

You apparently are running type 2. You're not going to be able to give a virtual machine exclusive access exactly, but you certainly could 'not use it' in the host operating system. No ip address, etc.
 
Yes looks like situation 2 then.

If the NIC wasnt used in the host operating system, how would the Virtual NIC get connectivity?
 
You're going to have to stop thinking that way :).

It will have to be connected and have access to the network, but the host operating system doesn't have to use it. I've never tried actually disabling it in the host OS -- that would disable the driver actually within device manager. That might not work, but you certainly could put an APIPA address on the host (169.254.0.1 to 169.254.255.254) and still use the appropriate networks on the Guest VM.
 
Thanks for the clarification! This whole time i assumed that that host nic had to have connectivity in order for the virtual nic to have it as well. I don't know why I thought it that way, guess thats just what made sense.

So then its simple... just assign the HOST NIC a 169.254.x.x address. It will not have connectivity to the ISP. Bridge the virtual NIC to it and it should pull a 173.x.x.x address from verizon?
 
I am completely enlightened, when I read that post you can imagine me with my head tilted to the side, my mouth wide open, and a light bulb over my head!

Thank you so very much.
 
We've all been there as we learn about how stuff works, no reason to worry about it. You're welcome, any time. I am going to assume from your message that it worked out?
 
I've done this before; all you need is a USB NIC.

Give VMWare full control of the USB device, install drivers in the VM for the USB NIC, and you're ready to go.
 
another way to do basically the same thing would be just to unbind the NIC you want to use for oyour WAN connection from TCP/IP on the host OS.

In the NIC properties, just uncheck IPV4 and IPv6, and client and sharing for Microsoft networks if they are still checked.

Then the host never tries to use that NIC at all.
 
nessus said:
another way to do basically the same thing would be just to unbind the NIC you want to use for oyour WAN connection from TCP/IP on the host OS.

In the NIC properties, just uncheck IPV4 and IPv6, and client and sharing for Microsoft networks if they are still checked.

Then the host never tries to use that NIC at all.
Click to expand...

Good idea.
 
very creative way of allowing the host to see it, so that the guest can use it, but keeping the host from being able to run any services across it. good idea man.
 
You must log in or register to reply here.
Back
Top