NAT

by

2015-07-16

00:18:21

Leave a comment on NAT

Networking

, ,

虚拟机设置NAT模式,尽管虚拟机发出的流量数据是虚拟机的,但是会被NAT隐藏在内部,让外部无法发觉,但会通过NAT网络地址转换,通过宿主机的网络来访问外网,也就是只要宿主机能够访问外网,NAT虚拟机也能访问

在虚拟机访问外网的时候,数据包包头的src ip被NAT转换成宿主机IP来访问外网,同时会记录这一映射关系,等外网的数据包返回,查找这个映射关系,再将dst ip修改成原本的ip地址,达到通信的目的

在NAT虚拟机里来ping

lihui@2015-vm1:~$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0c:29:87:c5:fe
          inet addr:192.168.226.135  Bcast:192.168.226.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe87:c5fe/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:173 errors:0 dropped:0 overruns:0 frame:0
          TX packets:143 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:17350 (17.3 KB)  TX bytes:19649 (19.6 KB)

lihui@2015-vm1:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=128 time=159 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=128 time=172 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=128 time=162 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=128 time=154 ms
64 bytes from 8.8.8.8: icmp_seq=7 ttl=128 time=165 ms
64 bytes from 8.8.8.8: icmp_seq=12 ttl=128 time=157 ms
64 bytes from 8.8.8.8: icmp_seq=13 ttl=128 time=169 ms
64 bytes from 8.8.8.8: icmp_seq=15 ttl=128 time=165 ms
^C
--- 8.8.8.8 ping statistics ---
15 packets transmitted, 8 received, 46% packet loss, time 14051ms
rtt min/avg/max/mdev = 154.575/163.438/172.281/5.538 ms

 

宿主机来进行抓包

# lihui at MacBook.local in ~ on git:master x [0:09:49]
$ sudo tshark -i en0 icmp
Password:
Capturing on 'Wi-Fi'
  1   0.000000 192.168.0.104 -> 8.8.8.8      ICMP 98 Echo (ping) request  id=0x0be6, seq=1/256, ttl=63
  2   0.159241      8.8.8.8 -> 192.168.0.104 ICMP 98 Echo (ping) reply    id=0x0be6, seq=1/256, ttl=44 (request in 1)
  3   1.002455 192.168.0.104 -> 8.8.8.8      ICMP 98 Echo (ping) request  id=0x0be6, seq=2/512, ttl=63
  4   1.174106      8.8.8.8 -> 192.168.0.104 ICMP 98 Echo (ping) reply    id=0x0be6, seq=2/512, ttl=44 (request in 3)
  5   2.004629 192.168.0.104 -> 8.8.8.8      ICMP 98 Echo (ping) request  id=0x0be6, seq=3/768, ttl=63
  6   2.166783      8.8.8.8 -> 192.168.0.104 ICMP 98 Echo (ping) reply    id=0x0be6, seq=3/768, ttl=44 (request in 5)
  7   3.007027 192.168.0.104 -> 8.8.8.8      ICMP 98 Echo (ping) request  id=0x0be6, seq=4/1024, ttl=63
  8   4.008028 192.168.0.104 -> 8.8.8.8      ICMP 98 Echo (ping) request  id=0x0be6, seq=5/1280, ttl=63
  9   5.008204 192.168.0.104 -> 8.8.8.8      ICMP 98 Echo (ping) request  id=0x0be6, seq=6/1536, ttl=63
 10   5.162200      8.8.8.8 -> 192.168.0.104 ICMP 98 Echo (ping) reply    id=0x0be6, seq=6/1536, ttl=44 (request in 9)
^C10 packets captured

# lihui at MacBook.local in ~ on git:master x [0:10:55]
$ ifconfig en0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	ether a4:5e:60:d6:4f:df
	inet6 fe80::a65e:60ff:fed6:4fdf%en0 prefixlen 64 scopeid 0x4
	inet 192.168.0.104 netmask 0xffffff00 broadcast 192.168.0.255
	nd6 options=1<PERFORMNUD>
	media: autoselect
	status: active

 

可以看到宿主机上抓到的icmp包,ping的src ip都是宿主机的IP地址,而不是虚拟机里的IP地址或者其他

发表回复