引用:
|
作者tvirus
Can see all network traffic traversing the virtual switch.
原來有這個好用的功能啊... :Q
|
VMware的knowledge base是這麼寫的....
引用:
|
By default, a guest operating system's virtual network adapter only receives frames that are meant for it. Placing the guest's network adapter in promiscuous mode causes it to receive all frames passed on the virtual switch that are allowed under the VLAN policy for the associated portgroup. This can be useful for intrusion detection monitoring or if a sniffer needs to analyze all traffic on the network segment.
|
一般認知中,實體switch只會把traffic往須要的port forward,除非開了mirror port,另一端的NIC就算開了promiscous mode也看不到別人的unicast traffic,但照VMware的knowledge base所言,似乎只要Guest的NIC進入promiscous mode,那vSwitch就會把所有traffic forward過去(類似mirror port),這似乎不太合理(除非能關掉,或是default的行為模式應該相反
),因為Host的管理者未必會知道Guest上跑的AP在幹啥,如果按照目前看到的行為模式,那vSwitch應該改叫vHub才比較符合一般的認知吧
....