Windows
26 June 2011 3 Comments

Using One Network Card Exclusively for a VMWare Virtual Machine on Windows

Let’s say you have a Windows computer with one network card. You are running VMWare on this computer, and you want to have network access from your Virtual Machine(s). There are many ways to accomplish this with VMWare, i.e. NAT, but for true separation you need another hardware network card.

This article explains how to create a setup where Windows uses one network card, and VMWare uses the other.

1: Install and Configure Second Network Card

  1. Install the second network card and power on the Windows. Windows will automatically install the drivers and start using the second network adapter alongside the existing one – it will request an IP for both network adapters.
  2. Configure Windows to not use the second network adapter [VMWare KB]:
To disassociate the network adapter from all protocols except the VMware Bridge protocol:
  1. In the Windows host, open the network adapter settings within Control Panel.
    • Windows XP – Click Start > Control Panel and open Network Connections.
    • Windows Vista or Windows 7 – Click Windows > Control Panel and open View network Status and Tasks > Change Adapter settings.
  3. Right-click the network adapter and click Properties.
  4. Deselect

Tags: adapter for vm, isolated mac, , nic, nic for vm, virtual machine, virtual machine settings, virtual network settings, vmware, windows 2003, windows xp
Networking
18 June 2011 0 Comments

Viewing and Manipulating the ARP Cache on Windows and Linux

Other posts in the ARP series: The ARP protocol explained and An introduction to ARP cache poisoning.

Both Windows and Linux have a tool called arp. I tested this with Windows 7 and Linux kernel 2.6.31, but this information should be true for just about every OS version since the dawn of TCP/IP.

Command Overview

Be aware that there is one ARP cache (table) per interface, as opposed to the routing table, which is global for the system.

Windows: arp.exe

Open an (you need administrator rights). Now you can type arp to execute the Windows ARP cache manager.

Display the current ARP entries for each interface with arp -a:

[sourcecode language="text" classname="nonum"]
C:>arp -a

Interface: 232.19.232.231 — 0xb
Internet Address      Physical Address      Type
232.19.232.2          22-22-2c-27-ac-22     dynamic
232.19.232.22         22-21-f3-23-3e-23     dynamic
232.19.232.32         22-29-33-c1-c2-24     dynamic
232.19.232.91         22-2d-29-a9-33-17     dynamic
232.19.232.231        22-22-29-c2-22-b7     dynamic
232.19.232.242       …

Tags: , arp.exe, clear cache, internet address, , , , physical address,
Networking
17 June 2011 3 Comments

The ARP Protocol Explained

Introduction

The Address Resolution Protocol, or ARP, is used for resolution of network-layer addresses (IP) to link-layer addresses (MAC). This post describes the basics of the ARP protocol, viewing and manipulating your arp cache is discussed in the next post.

Other posts on the ARP protocol are available here:

  • Viewing and manipulating the ARP cache on Windows and Linux.
  • An introduction to ARP cache poisoning.

ARP Basics

When a system wants to send data to another computer, it prepares an IP packet with the appropriate destination IP. This packet is passed down to the link-layer (usually Ethernet). This layer needs to encapsulate the IP packet in an Ethernet frame before it can be sent.

An Ethernet frame must be addressed to a destination hardware address (MAC address). But which MAC address corresponds with the destination IP address? This is looked up in the ARP cache. The ARP cache contains mappings of the form (IP - MAC).

Source and Destination Hosts on the Same Local Network

The sending host will first look up the destination IP address in its routing table. If the destination IP is on the same physical network (subnet) then there are no routers between the host…

Tags: , , arp entry, , , , , , , ,
General
10 June 2011 1 Comment

A Summary of IP Addressing Types

This is a summary of IP addressing types. We look at unicast, broadcast, multicast and anycast addressing of IP packets, and also describe the destination MAC addresses for each case. Some of the text and all of the images are courtesy of Wikipedia, I just added my comments.

There are four forms of IP addressing, each with its own unique properties:

Unicast

Available in: IPv4 and IPv6.

 

The most common addressing scheme of an IP address is unicast addressing – available in both IPv4 and IPv6. It normally refers to a single sender or a single receiver, and can be used for both sending and receiving. Usually, a unicast address is associated with a single device or host, but it is not a one-to-one correspondence. Some individual PCs have several distinct unicast addresses, each for its own distinct purpose. Sending the same data to multiple unicast addresses requires the sender to send all the data many times over, once for each recipient.

  • Most browsing traffic from your Internet router to your computer will be unicast TCP or UDP traffic; if you do a search at google.com the search results are sent only to your computer.
  • Any application that uses TCP must use unicast IP addressing,

Tags: anycast, , destination IP, , gateway, ip addressing, , , unicast