Specifications
CHAPTER 7 Networking
271
The virtual machines in the private NAT network are not, themselves, accessible via
DNS. If you want the virtual machines running on the NAT network to access each
other by DNS names, you must set up a private DNS server connected to the NAT
network.
External Access from the NAT Network
In general, any protocol using TCP or UDP can be used automatically by a virtual
machine on the NAT network so long as the virtual machine initiates the network
connection. This is true for most client applications such as Web browsing, Telnet,
passive-mode FTP and downloading streaming video. Additional protocol support
has been built into the NAT device to allow FTP and ICMP echo (ping) to work
completely transparently through the NAT.
On the external network to which the host is connected, any virtual machine on the
NAT network appears to be the host itself, because its network traffic uses the host’s IP
address. It is able to send and receive data using TCP/IP to any machine that is
accessible from the host.
Before any such communication can occur, the NAT device must set up a mapping
between the virtual machine’s address on the private NAT network and the host’s
network address on the external network.
When a virtual machine initiates a network connection with another network
resource, this mapping is created automatically. The operation is perfectly transparent
to the user of the virtual machine on the NAT network. No additional work needs to
be done to let the virtual machine access the external network.
The same cannot be said for network connections that are initiated from the external
network to a virtual machine on the NAT network.
When a machine on the external network attempts to initiate a connection with a
virtual machine on the NAT network, it cannot reach the virtual machine because the
NAT device does not forward the request. Network connections that are initiated from
outside the NAT network are not transparent.
However, it is possible to configure port forwarding manually on the NAT device so
network traffic destined for a certain port can still be forwarded automatically to a
virtual machine on the NAT network. For details, see Advanced NAT Configuration on
page 272.
File sharing of the type used by Windows operating systems and Samba is possible
among computers on the NAT network — including virtual machines and the host
computer. If you are using WINS servers on your network, a virtual machine using NAT
networking can access shared files and folders on the host that are known by the