How to use virtual Ethernet adapters in promiscuous mode on VMware
Last updated on May 28, 2013 by Dan Nanni
When an Ethernet adapter is turned into promiscuous mode, all packets on the connected network are received by the interface. In Linux, you can easily enable promiscuous mode by using ifconfig command. In VMs created by VMware Workstation or Player, however, you may encounter a situation where promiscuous mode does not work on virtual Ethernet interfaces.
In this post, I will describe how to enable promiscuous mode on virtual Ethernet adapters created by VMware.
The reason for promiscuous mode not working is that VMware Workstation or Player does not allow the virtual Ethernet adapter of a guest VM to go into promiscuous mode unless VMware software has read-write access permission on /dev/vmnet* on host machine.
By default, the permission settings on /dev/vmnet* are as following, where only the root has read-write access to /dev/vmnet*
$ ls -al /dev/vmnet*
crw------- 1 root root 119, 0 May 22 09:06 /dev/vmnet0 crw------- 1 root root 119, 1 May 22 09:06 /dev/vmnet1 crw------- 1 root root 119, 8 May 22 09:06 /dev/vmnet8
Therefore, if you are running VMware software as a non-root regular user under this setting, virtual Ethernet adapters of guest VMs cannot enter promiscuous mode. You need to give yourself (i.e., your Linux user ID) permission to access /dev/vmnet* in order to be able to use promiscuous mode in guest VMs.
Change Permission on /dev/vmnet* Temporarily
Method One
To give a specific Linux user access permission to use promiscuous mode, do the following on host machine.
First, create a new Linux group which has permission to use promiscuous mode, and add yourself to the group.
$ sudo groupadd promiscuous $ sudo usermod -a -G promiscuous <your_user_id>
Update the group ownership and access permission of /dev/vmnet*
$ sudo chgrp promiscuous /dev/vmnet* $ sudo chmod g+rw /dev/vmnet*
Method Two
To allow all users (instead of a specific user) to set the virtual adapter to promiscuous mode, run the following command on host machine.
$ sudo chmod a+rw /dev/vmnet*
After changing access permission, you need to restart VMware Workstation or Player to make the change effective.
Make Permission Change on /dev/vmnet* Permanent
Note that the permission change made on /dev/vmnet* by two methods described above will be lost when you reboot a host machine. /dev/vmnet* will revert to root-only permissions after rebooting. If you would like to make permission change on /dev/vmnet* permanent, you need to do the necessary permission change within the VMware startup script located at /etc/init.d/vmware. More specifically, you need to append the permission change logic in vmwareStartVmnet() function as follows.
For method one (assuming that you already created a Linux group called "promiscuous" as described earlier):
vmwareStartVmnet() {
vmwareLoadModule $vnet
"$BINDIR"/vmware-networks --start >> $VNETLIB_LOG 2>&1
chgrp promiscuous /dev/vmnet*
chmod g+rw /dev/vmnet*
}
For method two:
vmwareStartVmnet() {
vmwareLoadModule $vnet
"$BINDIR"/vmware-networks --start >> $VNETLIB_LOG 2>&1
chmod a+rw /dev/vmnet*
}
Support Xmodulo
This website is made possible by minimal ads and your gracious donation via PayPal or credit card
Please note that this article is published by Xmodulo.com under a Creative Commons Attribution-ShareAlike 3.0 Unported License. If you would like to use the whole or any part of this article, you need to cite this web page at Xmodulo.com as the original source.
Xmodulo © 2021 ‒ About ‒ Write for Us ‒ Feed ‒ Powered by DigitalOcean