none
Hyper-v Switch NAT for secondary host machine vNet interface? RRS feed

  • Question

  • I'm trying to do something pretty strange.

    I would like to have an vNet adapter on the host machine (Management OS) which is behind NAT, which is also on the host machine (don't ask why). 

    This is how I set it up:
    Created an Internal vSwitch:

    New-VMSwitch -SwitchName "Nat Switch" -SwitchType Internal

    Got the Interface Index and setup a static ip for the gateway:

    New-NetIPAddress -IPAddress 192.168.5.1 -PrefixLength 24 -InterfaceIndex 40

    Created the NetNat for the interface:

    New-NetNat –Name NATNetwork –InternalIPInterfaceAddressPrefix 192.168.5.0/24

    Added another network adapter to the host and hooked it up:

    Add-VMNetworkAdapter –ManagementOS -Name "NAT Adapter" –SwitchName “Nat Switch”

    New-NetIPAddress -IPAddress 192.168.5.20 -PrefixLength 24 -DefaultGateway 192.168.5.1 -InterfaceIndex 54

    This seems like it should work, but does not:

    ping -S 192.168.5.20 8.8.8.8

    Pinging 8.8.8.8 from 192.168.5.20 with 32 bytes of data:

    Request timed out.

    Request timed out.

    Request timed out.

    Request timed out.

    Infact, if I do a wireshark trace i see the ping go out on the network, and a reply is sent, but it's not forwarded back to the Nat Switch. 

    The stranger thing is that if I setup a virtual machine and ping through the Nat Switch it works just fine.

    I did a wireshark trace on the Nat Switch and I can see ping requests and replies coming from and going to the virtual machine, but only requests and no replies for the host vNet adapter. I'd post a picture of the trace but I'm not verified yet.

    It's obvious that there is some setup difference between the two adapters that's making this not work but I'm not really sure what it is.

    Any help would be appreciated.

    Wednesday, November 20, 2019 12:20 AM

All replies

  • I think you'd be better off setting up a small router distro as a VM and using that instead of this.\

    Something like IPfire running in a VM would be more robust as well as configurable.

    Wednesday, November 20, 2019 12:54 AM
  • Thanks for the suggestion, but I don't think that will work for me. This needs to be distributable, and I'd rather not have people install a virtual machine as part of their setup. Ideally this whole thing will be something I can put in a script once all is said and done. 


    Wednesday, November 20, 2019 1:09 AM