Changes to Virtual Networks in Virtual Server 2005 R2 SP1

In Virtual Server 2005 R2, a virtual network operated like a hub with a switched uplink port.  Traffic on all guests plugged into the network was visible on every port of the virtual network, but that traffic was not visible to anything on the other side of the uplink port because it was switched.  The pro was that it was easy to use Network Monitor to trace what was going on the network.  The con was every guest saw every packet and extra overhead existed.

In Virtual Server 2005 R2 SP1, the virtual network was converted to a switch for all ports. This reduced the traffic that each VM saw and reduced the network overhead, but made it harder to sniff traffic between guests.

There is a solution to the problem though on a per VM basis. To enable the VM to see all the traffic, you need to enable promiscuous mode for the port. There is a setting in the VMC file called allow_promiscuous_mode that by default the value is false. 

This tag exists under the <virtual machines> node and the syntax is

<allow_promiscuous_mode type="boolean">TRUE/FALSE</allow_promiscuous_mode>

Setting the value to TRUE will enable the old behavior from R2.

You will need to do this if you want to load NetMon or other packets sniffer software in the VM and see all the traffic on the virtual network.