Friday, 5 February 2016

What is Promiscuous mode in VMware virtual networking?

Promiscuous mode:

This is one of the security policy that you can set in the properties of a virtual switch (Standard/Distributed) or in the properties of portgroup.

           

As we all know, switch is a point to point device as it maintains the MAC table to record information of connected nodes. Because of this we get high performance compared to old devices like HUB which uses broadcast method to deliver the traffic to destination.

Lets take a scenario here as a requirement to understand this policy. Lets say we have 3 VMs of which 2 are connected to a PROD portgroup and one is connected to QA portgroup as shown in below diagram.



Now the requirement is that VM3 should be able to capture all the packets that are being delivered to any of the VM in PROD protgroup as you have installed Wireshark tool in VM3 due to some requirement for packet capturing.

But as we all know switch will deliver traffic only to the valid destination as it performs point to point delivery. Hence to fulfill this requirement, we enable the Promiscuous Mode in the properties of portgroup QA so that only VM3 can capture the traffic being delivered to VMs connected to PROD protgroup as it gets the visibility of traffic now. Rest all VMs connected to any other portgroups other than QA will behave as regular switch communication with no traffic visibility that is not destined to them.

Be careful while you enable the policy. As  Promiscuous Mode can be enabled either on whole switch or just a Portgroup as we discussed in this example. As per the requirement, you can configure this policy.

NOTE:  By default, this policy is set to Reject on virtual switches (standard or distributed) in vsphere 6.0. All portgroups will also be set to Reject by default as they inherit the settings from switch level.

Do refer VMware KB article for more information on Promiscuous Mode.

I hope this will be helpful to you all. Please feel free to comment or share.

1 comment:

Popular Posts This Week