• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

asymmetric visibility on a LAN

B

bwanaaa

Senior member
I was running a a windows 7 vm on my mac and it can easily browse the internet. (I am testing browser compatibility of a web page I made and need to see it on various browsers)
But when I tried to go to a NAS on my LAN, I couldnt see anything. I checkled the network settings of the windows machine and vmware fusion had it set to NAT. In other words, the windows VM had a 10.xxx.xxx.xxx address and my LAN has 192.168.xxx.xxx addresses. The windows VM was double natted. I understand how this could hide the windows vm from other machines on my LAN but why cant the wondows VM see the samba shares on my LAN?

On a broader note, is there any other way to be connected to a LAN and remain invisible but still be able to see everyone?
 
bwanaaa said:
I was running a a windows 7 vm on my mac and it can easily browse the internet. (I am testing browser compatibility of a web page I made and need to see it on various browsers)
But when I tried to go to a NAS on my LAN, I couldnt see anything. I checkled the network settings of the windows machine and vmware fusion had it set to NAT. In other words, the windows VM had a 10.xxx.xxx.xxx address and my LAN has 192.168.xxx.xxx addresses. The windows VM was double natted. I understand how this could hide the windows vm from other machines on my LAN but why cant the wondows VM see the samba shares on my LAN?
Click to expand...

Can you ping it?

If you can't, the issue is obviously not just SMB shares. If you can, figure out what services are working. You might want to download nmap and run nmap from your VM to the SMB server and see what comes back for open ports.


On a broader note, is there any other way to be connected to a LAN and remain invisible but still be able to see everyone?
Click to expand...

Depends on what you mean "invisible"? If you just don't want someone to browse your file shares or reach your ports, then turn on your software firewall. But that's not "invisible", it's just unreachable. Obviously, your data is still going over the wire.
 
I'm guessing since you're going through OS X make sure your firewall in OS X is setup correctly.

Have you tried setting up the network connector as a bridged connection? I find that this helps when I access our NAS through a VM
 
tnx for your replies. it's just network bizarreness. yes , first i switched the connection to bridged so the vm is on the same subnet as the LAN. STILL COULD NOT SEE THE NAS IN WINDOWS EXPLORER. but it was pingable. so i just put the ip of the nas in the search box of windows 7. it popped right up.

reminds me of when i had to do the same thing with xp. apparently on any given subnet there is such a thing a 'master browser' that serves as a network coordinator of sorts. How this guy gets chosen is obscure to me. But if he is not turned on, computers on a LAN have difficulty seeing each other.

As to being invisible, i guess the only way is to have a software/or hardware firewall with icmp replies set to off.
 
bwanaaa said:
tnx for your replies. it's just network bizarreness. yes , first i switched the connection to bridged so the vm is on the same subnet as the LAN. STILL COULD NOT SEE THE NAS IN WINDOWS EXPLORER. but it was pingable. so i just put the ip of the nas in the search box of windows 7. it popped right up.

reminds me of when i had to do the same thing with xp. apparently on any given subnet there is such a thing a 'master browser' that serves as a network coordinator of sorts. How this guy gets chosen is obscure to me. But if he is not turned on, computers on a LAN have difficulty seeing each other.

As to being invisible, i guess the only way is to have a software/or hardware firewall with icmp replies set to off.
Click to expand...

NetBIOS was junk in 1989, same as it is junk today. The "master browser" you mention is an artifact of ancient broadcast based technology. There is no need nor a requirement that it exist. Of course companies keep releasing updated versions or solutions that seem to cause more problems down the line. Apple Bonjour being yet another example that should be banished from the network.
 
imagoon said:
NetBIOS was junk in 1989, same as it is junk today. The "master browser" you mention is an artifact of ancient broadcast based technology. There is no need nor a requirement that it exist. Of course companies keep releasing updated versions or solutions that seem to cause more problems down the line. Apple Bonjour being yet another example that should be banished from the network.
Click to expand...

I'm not well versed in this subject. I'm guessing both NetBIOS and Apple's Bonjour are used for service discovery? Why would that be a bad thing? Isn't that a necessary part of networking?
 
synology 1512+
I've got to update the software to the latest dsm one of these days. But I get good throughput on my LAN- 60-70 mB/s
 
alfa147x said:
I'm not well versed in this subject. I'm guessing both NetBIOS and Apple's Bonjour are used for service discovery? Why would that be a bad thing? Isn't that a necessary part of networking?
Click to expand...

The concept isn't bad, it is just the poor implementations compounded by the fact they are automatically on. NETBIOS [and NETBUI] and the master browser requires some device to be elected as the master browser. On most home networks this may or may not end up on a device that can handle that load. The load is small but some smaller devices like a NAS may not allocate enough or have enough RAM to keep the entire network available. Rather than letting another device be elected that can handle it, they will just do it badly. Simple dynamic DNS can completely replace this tech and can be configured to work on a single device that hopefully can handle it and be trusted at the same time. One device can cause a master browser election war / pollute the table entirely.

Bonjour is just "yet another implementation (TM)" that Apple decided to use that is very chatty and may generally work fine in small network, in a larger network I want to light it on fire because every apple iphone users phone seems to think it has some need to scream its presence to the entire LAN/WAN. It starts to add up in a 3000+ device network. Additionally Apple has been rather known around here adding Bonjour to all kinds of applications (or being used by other companies apps) and doing dumb things like setting default gateways of 0.0.0.0 and the like.

I am not against these types of protocols completely, it just seems that no "real player" has picked up one and standardized it. Mostly because the "real players" tend to just use DNS Service records and the like. Until then we get Apples poor implementations and people still using Microsoft circa 1989 tech.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top