Parallels Desktop Networking FAQ and Troubleshooting Guide

Discussion in 'Parallels Desktop for Mac' started by serv, May 19, 2006.

  1. serv

    serv Parallels Team

    Networking FAQ and Troubleshooting Guide

    Parallels Desktop Networking FAQ and Troubleshooting Guide

    NOTE: this FAQ was written for builds prior to 1966. As of 1966 Parallels Desktop has "Shared Networking" mode. This mode is preferred over Host-Only with Internet Sharing and is much simpler to set up.

    The Basics

    Parallels Desktop provides four basic network configurations:
    The small print provides some additional technical detail that you don’t have to understand.
    . Bridged to Built-in Ethernet Adapter
    This works as if your VM were a separate PC plugged into the network. This configuration is most compatible and transparent.​
    Bridging to Built-in Ethernet takes advantage of wired ethernet capability to “spoof†hardware address, i.e. to send frames with VM hardware address through Mac ethernet adapter.
    . Bridged to AirPort Adapter
    This mode works as if MacOSX were configured to have one more IP address and that address being handled by your VM. Note that wireless security (WEP/WPA) is handled by MacOSX, no additional configuration is needed in guest OS.​
    Due to limitations of 802.11 standard which is implemented by AirPort it’s not possible to spoof hardware address in this configuration. Ethernet frames sent from the VM have Mac AirPort hardware address on them.
    . Host-Only Network
    In this mode your VM is attached to a private network accessible by MacOSX but invisible to the outside world and can not access outside world either, but… read on.​
    Host-Only network is implemented by bridging to Parallels Host-Guest Adapter which is a virtual Ethernet adapter installed with Parallels Desktop.
    . Host-Only Network with Internet Sharing
    This mode provides your VM with outside network access while still not allowing external access to guest OS. On the positive side of this mode is the possibility to share Bluetooth Modem or VPN connections from your Mac to a VM.​
    Internet Sharing in MacOSX is merely a NAT service supported by DHCP server and DNS proxy configured with a click of a mouse.

    One last thing is Default bridging. This simply bridges either to Ethernet Adapter or to AirPort depending on which one is active and has higher priority set in MacOSX Network Preferences.


    Which configuration should I choose?

    . If you’re in an office or at home with local network available you should normally choose Bridged Network to Ethernet or to AirPort. However if you need nothing more than sharing documents between VM and the Mac you may choose Host-Only as well.

    . If you’re in a hotel room, in a restaurant or on a flight where charges are per IP address used, simply choose Host-Only w/ Internet Sharing.

    . If you have no network connection in your Mac or are concerned about security of your VM, use Host-Only Networking. This will limit network communication of a VM to Mac only.

    When in doubt try different configurations to see which one works or consult your Network Administrator.


    How to turn on Internet Sharing

    1. Open “System Preferences†and click “Sharing†in “Internet & Network†section
    2. Select “Ethernet Adaptor (en2)†from “To computers using†list. Note that System Preferences shows Parallels Host-Guest Adapter as “Ethernet Adaptor (en2)†in this case.
    3. Select the adapter you want sharing from in “Share your connection from†dropdown
    4. Click “Start†button and confirm staring the service


    How do I configure my guest OS?

    You should generally use DHCP, Windows and Linux do it by default. If you know what you’re doing you may assign IP address and network mask manually, but you better be sure you’re allowed to.


    Yikes! No network in my VM!

    The simple solution is to consult your Network Administrator. Quite seriously! The network is an infrastructure and it’s her mission to keep it healthy. Do you always set up new computers yourself? If not, please, seek for help, because a new virtual machine is just like new computer to the network. Well… I assume you’ve already tried those four configurations above, did you?


    How to pin down bridged network problems yourself

    Let’s say your VM is in bridged mode, your guest OS is configured via DHCP but you can’t open your favorite web page in a browser. Here’s a check list to follow:

    . Check your MacOSX network connection by opening, say, www.parallels.com in Safari.

    . Open Terminal application in MacOSX and issue “ifconfigâ€. Note IP addresses of Ethernet Adapter (which shows as en0) and/or AirPort (shows as en1).

    . Open a Terminal in the guest OS and issue “ipconfig /all†on Windows or “ifconfig†on Linux/BSD/Solaris. Check guest OS IP address: if no address shows up, or the address shows as 0.0.0.0 or as some address too different to what MacOSX indicates or if guest OS IP matches exactly MacOSX IP address, proceed to DHCP Problems section.

    . Assuming your VM has got valid IP address check if you can ping machines on the local network from the guest OS by issuing “ping <address>â€. If you can successfully ping the Mac, some other machine on the network but not the router see Router Problems section.

    . Try pinging your VM form the Mac and from some other machine on the local network. If the VM doesn’t respond try disabling firewall in the guest OS.

    . Now try pinging some external site. If you see no responses proceed to Router Problems section.

    If everything works OK till this point your problem may not be directly related to Parallels Desktop. It’s now time to meet your Network Administrator.


    DHCP Problems

    DHCP and Bridging to Ethernet Adapter
    A DHCP server may be configured to assign IP addresses only to clients which hardware addresses are listed on the server. Talk to your Network Administrator to make appropriate changes to the server configuration to resolve this issue.
    Also note that each time a new VM is created it’s assigned a new hardware address. You can change hardware address manually on the Advanced tab of VM Network Adapter Configuration should you need to do so.
    DHCP and Bridging to AirPort
    Some DHCP servers (including those embedded into Wireless routers) may refuse to assign an IP address to a VM bridged to AirPort or worse return the same address assigned to the Mac. One reason may be merely a server configuration issue, in which case you should visit your Network Administrator. The other possible reason is that the server distinguishes clients by their hardware address instead of the client identifier as required by DHCP standard.
    To work around this problem assign IP address to the VM statically or use Host-Only Networking with Internet Sharing.


    Router Problems

    An advanced router may be configured to restrict outbound access based on machine hardware and/or IP address. Since your VM is acting like a new machine it should be assigned explicit permissions by router administrator.
     

  2. Hrm. Didn't spoofing work in previous betas?

    I thought I was able to have the VM get it's own IP from my DHCP server after specifying that the VM MAC address should have its own fixed address.
     
  3. I thought so too! I have been having trouble at work (bridged to wireless) when it HAD been working at home (also wireless). But I nted last night after updating to the latest Beta that the VM is "stealing" the IP address of my Mac!! This is documented/explained above, but it didn't USED to do that! Is this a step back, or is this the way it's supposed to be?

    I'm having trouble now, in that I've opted to go the Host-Only with NAT via my wired port at work. The VM gets an "internal" address, but I can't "get out" to the 'net.
     
  4. mcg

    mcg

    Is there any way to combine the best of "Host-Only Networking with Internet Sharing" and "Default Bridging"? Specifially, what I would like to do is to have NAT forward packets to/from whichever Internet connection happens to be active at the time.

    For example, let's say I have ICS started to share my wireless connection with en2. Everything works great---until I plug in an ethernet cable. Then, even though wireless is still available, the Mac isn't using it anymore; and, therefore, neither can Parallels (it seems).

    I know that this requires some messing with ICS itself, but maybe it can be done by mucking with the internal configuration files for that service.
     
  5. It would require more than just messing with the configuration files. It requires relaunching natd with the correct interface specified. The easy way to do this would be to setup something to watch what interface the default route uses and then whenever that changes reconfigure and relaunch natd. A small script sitting in the background could handle this, but it would be nice if this could be configured from the Sharing preference pane, which would require involvment from Apple. It seems this would be a reasonable feature request to make to Apple as there are benefits outside just the use of Parallels Desktop.
     
  6. SSH port forwarding in host-only with Internet Sharing

    Here are some useful points about port forwarding when you are configured to use host-only networking, and sharing the connection to the VM Internet Sharing

    • IP Address
      The IP addresses of the host-only shared network will always be in the 192.168.2/24 range. This appears to be an unchangeable feature of OSX's Internet Sharing. If it conflicts with another network you are connected to, you will have some trouble.
    • SSHKeychain
      SSHKeychain is a very useful app that runs all apps with connections to an SSH agent, allowing you to unlock your private keys with your Keychain. It also knows about locking on sleep and so forth. It can handle port forwards in a GUI.
    • SSH version
      The version of SSH included with OSX Tiger is several versions old. It works fine, but does not support some of the advanced options in ssh port forwarding. In particular, if you forward a port so that your guest OS on the host-only network can make use of it, then you will find you are also forwarding that port for your external interfaces! This can be a significant security risk.
      More recent versions of SSH are easy to compile and install on OSX, so long as you have the Developer Tools installed.
    • Restricting forwarded interfaces using bind_address
      You can restrict port forwarding to your internal apps and your guest OS by using a recent SSH version. For example, to forward port 5432 only on the internal interface and the VM, you can use something like this from Terminal.app:

      Code:
      ssh -x -N -l username -L localhost:5432:<remote_fwd_host>:5432 -L 192.168.2.1:5432:<remote_fwd_host>:5432 <remote_host>
      where remote_fwd_host is a host on the remote network -- often the same as remote_host, but if not the same, then a host accessible to remote_host.

      These arguments can be specified as defaults by using your ~/.ssh/config file

      This syntax is compatible only with recent versions of ssh. I have created a hacked version of SSHKeychain that supports it as well, but I don't think it will be made widely available. I can send the diffs to anyone who is interested.
     
  7. I can't get online when running xp on parallels (release candidate)... anyone have any thoughts for a complete networking/computer ignoramus? I'm at my wits end -- the internet connection on xp won't work. I've enabled the wireless adapter and it should (it did work in the past), and now it doesn't.

    Please help...
     
  8. Got wireless bridging to work!

    Taking a hint from this FAQ, I entered something into the "Client ID" field of my Airport's TCP/IP via DHCP dialog and renewed my lease.

    NOW bridging via Airport A) WORKS and B) does NOT kill my OS X IP connection!

    Cool...
     
  9. Sure it did, for me 'bridget networking' with the airport adapter worked from the first version (beta1?) on without a problem. Suddenly, with beta 6 or the rc (i don't know) this stupid warning message appered and os x lost network connection as soon as parallels booted xp...
    yes, host only networking works, but I don't like that...

    parallels, please switch back to the old behaviour...
     
  10. Switching from Ethernet to Airport without reboot?

    Anyone had any luck switching between wired and wireless connections on their mac without having to reboot the Guest OS in order to get it to connect to the new network?

    (A bit of an irritation since at home I'm wireless and at work, there is no wireless. Always have to reboot XP when switching locations. ) ipconfig /renew just goes out to lunch and complains it can't get a dhcp address on both networks from XP.
     
  11. Switching from Ethernet to Airport without reboot?

    Consider plugging in an Airport Express base station where you currently only have Ethernet access, setup to create a wireless network. This way as far as your laptop is concerned, it is always using the wireless connection.
     
  12. Discouraging

    This.is.all.very.disheartening..In.the.earlier.betas.there.was.no.problem.at.all.with.DHCP.Now.in.RC.the.VM.steals.my.IP.address.from.OSX.and.none.of.the.workarounds.suggested.works.for.me.I.can.have.a.network.in.OSX.or.in.Windows.but.not.both.And.I'm.prepaid.
     
  13. As with raleedy, from time to time the vm steals the host os IP address and the host os has to get a new one. It does get one, and so both are online again quickly, but it is inconvenient, to say the least.
     
  14. Some insights...

    After bashing my head for the past few hours, I've decided to share a couple of pearls of wisdom from my situation. I was having terrible problems with a domain-joined VM of Windows Server 2003. The connection to the office domain controllers from here is over VPN. To wit, the signal path is:

    2003 Server VM -> MacBook Pro eth1 (Airport) -> Home router (VPN originate) -> Internet -> Corp firewall -> Microsoft RAS/VPN server (VPN termination) -> Corp fileservers/domain controllers

    Those reading should know that most of you won't want to pay attention to this post unless you've got very specific symptoms and are using your VMs with a VPN or behind a NAT or double-NAT.

    The first gotcha is well-documented here: in RC2 using an Airport card w/ bridged networking won't allow DHCP requests to come back from most routers. This is by design since the Airport drivers don't permit spoofing MAC addresses out of the box. I'll be interested to see what, if any, solution Parallels comes up with to this. Easy fix, just assign the interface an appropriate static IP inside the VM, and point the DNS to the IPs of our domain controllers / DNS servers. This is important -- your VM needs to know how to find the domain controllers to get authentication tokens and find servers in your domain.

    I thought, great, now I can join the VM to my domain (the VM was happily pinging machines and DNS names on the other end of the VPN). The join went fine, but upon rebooting I couldn't even get to the login screen of Windows 2003 -- it sat spinning on Starting Network Connections until I disconnected the virtual network cable. I could then log in and reconnect the cable, and successfully ping machines by IP or by DNS name on the internet and across the VPN, but attempting to connect to fileservers would time out after a long wait. Strange, thought I.

    After some headscratching I guessed it must be an MTU problem, most likely originating on the VM. I was close. After much poking and testing I finally found success by disabling EnablePMTUDiscovery on the MS VPN server, defining an MTU of 1380 on that server's ethernet interface, and defining a tiny RAS MTU of 950 (1000 and above seem to carry too much overhead or fragment out, I'm too tired to figure out which.) Don't forget to restart the interfaces and RAS service (or the whole machine outright) after changing the MTU values.

    Those of you thinking of trying this out -- be warned. Setting an MTU too high or too low can make your server disappear off the network, never to return until you go and make changes at its console. You have been warned. Maximum MTU value for 10 or 100 Mbit ethernet is 1500. If you have a router with PPPoE it's reduced to 1492. For each subsequent NAT and VPN tunnel, there's a reduction as well. It's a pain to find the right number -- too high and you can't talk to the machine. Too low and your bandwidth is wasted on packet headers. There really shouldn't be any circumstance where you'd need to set it below 900, even with my crazy getup I can eke packets across at 950.

    So, moral of the story is, if you are experiencing strange network behavior (DNS / pings work, some browsing works, but some sites/servers time out), reduce your MTUs on the serving side (and, perhaps, the client side). Chances are the default values of 1500 aren't going to work if you're behind a NAT or using a VPN.

    A good tool for doing so in Windows is DrTCP -- google will turn it up for you.

    Good night.
     
  15. lgh

    lgh

    Check With Isp

    This may be obvious to most people but after spending hours trying to follow the networking instructions, I finally asked my ISP (AOL) and they informed me that they do not allow sharing an internet conection via dial-up.

    Save yourself possible hassle and frustration. Check first with your ISP.
     
  16. The question is not whether or not they will allow it, but whether or not they would even know it!

    I bet you could use "Host Only-Networking" and have your Mac share the connection like I did. AOL will never know.

    See my post here....http://forum.parallels.com/thread2556.html
     
  17. Lost Connection

    I just got a new wireless router. With the old router parallels worked great to get on the network and the internet. I cannot now connect through the VM. I can get on through OSX and WinXP with Boot camp. The router sees the VM but on the VM side (WinXP) it does not detect a connection. Here's what my router has to say:
    WINXP
    Connection Type: Unknown
    IP Address: 192.168.0.69
    IP Address Allocation: DHCP
    IP Address Type: Private (NAT)
    Hardware Address: 00:1c:45:1e:33:a8
    I tried to set up a static ip, but could not get it to work. Help
    I went on terminal on the mac side and the ip address is 0.0.0.0 I've tried to renew my DHCP and this is where you start to lose me.
     
    Last edited: Jun 13, 2006
  18. Viewing the local Mac when in Bridged Ethernet mode

    Hi all,

    I have an intel mac on an wireless network, running Parallels RC2. The mac has a fixed, DHCP-assigned IP address of 192.168.0.106 (asigned by my wireless router). Parallels is set to use Bridged Ethernet to the wireless adapter. Windows XP, running on Parallels, is also correctly obtaining a permanent, DHCP-assigned IP address (192.168.0.108) from the wireless router.

    What I'm finding is that Parallels can see (ping, http etc) other machines on the network, and also sites on the internet, but can't ping or access the host mac. This is a pain, as I need to be able to access development versions of sites that live on the same machine.

    I'm sure I had this working under a previous version of Parallels. Is there any way to access the host machine when in this mode?

    Dave.
     
    Last edited: Jun 14, 2006
  19. No ping from outside...

    I installed Parallels 1848 on my MacBook Pro 17" (Osx rel. 10.4.6)

    I configured Bridged Network with static IP.

    The operating system installed on the VM is WinXP SP2.
    From the VM it's possible to:
    - ping the host Mac OS
    - ping the other computer on the local network
    - access Internet
    - Move files from/to a Windows 2003 file server.

    I have just one big, big problem: my VM is not "visible on the network".
    For example it's not possible to ping the VM from the host MacOS or from the other computer on the local network.
    My window firewall is not active.

    I also tried the Host-Only Network.
    Also in this case i'm able to ping from WinXP the host MacOS system but it's impossible to ping from MacOS the VM.

    Any suggestions?
     
  20. Hi all,

    could you please someone share some ideas with me to resolve the following problem at my workplace:
    - first of all, the network is configured such that I have to log in using 802.1X authentication to get access
    - secondly, this network is so paranoid, that bridged networking is not allowed. Connection is limited to one machine's one network card. Though I tried bridget networking, my MacOS host connected succesfully, then the virtual Winxp shut down the network switch port completely while trying to connect.
    - so the only thing left is NAT: I have set up my mac to share its network connection to the virtual machine's network, the VM has been set up to use host only networking. As it is now, everything is fine.
    - Problems arise when I connect my host to the local network using 802.1X authentication. My Mac shuts down its internet sharing asap.

    Any ideas why this happens or how can I use both host and guest on this network?

    Thanks,
    Peter
     

Share This Page