Friday, September 19, 2014

VMware Networking 101: vSwitches or PortGroup Security Settings – Part 4

Promiscuous mode: If you intend to use network sniffing applications or to monitor intrusion detection, this option is generally is used. This can defined at either switch level or Port group level, once the VLAN ID is set to 4095 on port group where VM is residing, VM can see all the traffic. 

To understand it better, as below picture VM01 can read all the frames which is receiving by vSwitch, on the contrary VM02 virtual network adapter will receive only intended frames.
MAC Address Changes: VM (with virtual network adapter) on esxi server has one virtual MAC address defined. This is stored in VM configuration file (VMX file).

This setting is accept by default. Once this setting is set to reject, and MAC address is altered inside VM network card properties (This is just a example and rare case when altering MAC address inside VM manually, in this case .vmx file or vm settings should be updated to sync the changes). Incoming IP traffic to VM get affected and dropped.
This setting affects in the Microsoft network Load balancing (NLB) environment, where VM MAC address get changed.

Forged Transmits: It is as similar as MAC Address changes, but outgoing traffic is affected and get dropped if set to reject. Again NLB (Microsoft Network Load Balancing) or other similar technology can break if this option is set to reject.

VMware Networking 101: VMware Network Load Balancing policies – Part 1
VMware Networking 101: VLAN handling in vSwitches – Part 2
VMware Networking 101: Network Failure Detection – Part 3
VMware Networking 101: vSwitches or PortGroup Security Settings – Part 4

This is a personal weblog. The opinions expressed here represent my own. If you find any correction need to be done or anything inappropriate, Feel free to comment on the post.


Sadhana Rathore said...

Truly a very good article on future technology. Thanks for discussing this, I love to learn more about this topic.
VMware Training in Chennai
VMware course in Chennai
Cloud Computing Courses in Chennai
Azure Training in Chennai
Microsoft Azure Training in Chennai
AWS Training in Chennai
DevOps Training in Chennai
Cloud Computing Training in Velachery
Cloud computing Training in Chennai

Mark ben said...

Thank you for your valuable content , Easy to understand and follow. As said, the migration to cloud is very essential for the protection of the database.

Cloud Migration services
Aws Cloud Migration services
Azure Cloud Migration services
Vmware Cloud Migration services
Database Migration services

MidiTech said...

I am definitely enjoying your website. You definitely have some great insight and great stories.
VPS Hosting India