VMware is somewhat inconsistent in what triggers their network security to block access. It's some bizarre internal algorithm. I've had VMware allow network access for months and then all of a sudden shut off network access with no apparent change to the configurations or usage of the VMs. I've even seen the VMware network suddenly block working network access because someone pinged the IP address of the VM hosting SIMH machines. :-(
There are ways to fine-tune the allowed network access via configuration files to keep the overall enhanced security level up without enabling promiscuous mode, but you'll have to RTFM the VMware documentation. -----Original Message----- From: Zane Healy [mailto:[email protected]] Sent: Saturday, June 8, 2019 4:48 PM To: Hittner, David T [US] (MS) <[email protected]> Cc: Mark Pizzolato <[email protected]>; simh <[email protected]> Subject: Re: EXT :Re: [Simh] VAX networking issue Thanks! Putting the vSwitch into promiscuous mode did the trick. What’s really strange is that it a VM on host1 would work, but not host2 or host3, until I made that change. Yet, none of them were set to promiscuous. Zane > On Jun 7, 2019, at 8:36 AM, Hittner, David T [US] (MS) > <[email protected]> wrote: > > VMware has put some serious security enhancements on network ports in the > last few releases to prevent spoofing and otherwise tighten network security > to best practices. > > You might try enabling promiscuous mode on the vSwitch that you have the VM > connected to and see if that solves the "two mac addresses coming from the > same network port" problem. > The vSwitch promiscuous mode is set to "reject" by default. > > David > > -----Original Message----- > From: Simh [mailto:[email protected]] On Behalf Of Zane > Healy > Sent: Thursday, June 6, 2019 4:21 PM > To: Mark Pizzolato <[email protected]> > Cc: simh <[email protected]> > Subject: EXT :Re: [Simh] VAX networking issue > > >> On Jun 6, 2019, at 2:11 PM, Mark Pizzolato <[email protected]> wrote: > >> The above output is suspicious since it doesn't say that the XQ >> device has been attached to any interface. >> >> What is the output of SHOW ETHER on this simulator? >> Are you running as ROOT (which is required for network functionality on >> Linux unless you are using VDE Ethernet)? >> Is the VM Hypervisor you're running under configured to pass arbitrary MAC >> addresses out of that VM? >> >> Apart from these considerations relating to basic packet capabilities, once >> you have any networking functionality, you may encounter a problem that has >> been reported on some Linux systems. You're not encountering this now, but >> if you do, you should add the following line to your configuration file: >> sim> SET CLOCK NOCATCHUP >> >> The problem that is not always observed will be fixed soon and the SET CLOCK >> NOCATCHUP will no longer be necessary. >> >> - Mark >> > > I just figured out that this is a VMware issue. I’m going to have to do some > checking. I have a 3 system VMware cluster. Two of the systems are HP SFF > PC’s, the third is an HP DL380 G7. I just migrated the VM over to one of the > SFF systems, and it works. The SIMH/VAX is now a member of the cluster. > > I was unaware of SHOW ETHER, that should help me see what’s going on. I’ll > shut the VM down and migrate it back to the DL380. > > Zane > > > > > _______________________________________________ > Simh mailing list > [email protected] > http://mailman.trailing-edge.com/mailman/listinfo/simh _______________________________________________ Simh mailing list [email protected] http://mailman.trailing-edge.com/mailman/listinfo/simh
