Differences Between Host-Routed and Virtual Network Modes

The virtual network mode demonstrates a number of differences as compared to the host-routed mode:

• Each veth or vme virtual adapter has a MAC address assigned to it while a host-routed adapter does not have any. Thanks to this fact:
  • Any virtual machine and Container can see all broadcast and multicast packets received from or sent to the selected network adapter on the server.
  • Using veth or vme virtual adapters in virtual machines and Containers allows you to host DHCP or Samba servers in these virtual machines and Containers.
• There is no more need to assign all network settings (IP addresses, subnet mask, gateway, and so on) to virtual machines and Containers from the server. All network parameters can be set from inside virtual machines and Containers.
• veth and vme adapters can be bridged among themselves and with other devices. If several veth and vme adapters are united into a bridge, this bridge can be used to handle network traffic for the virtual machines and Containers whose veth and vme adapters are included in the bridge.
• Due to the fact that veth and vme adapters act as full members on the network (rather than 'hidden' beyond virtual networks adapters on the server), they are more prone to security vulnerabilities: traffic sniffing, IP address collisions, and so on. Therefore, veth and vme adapters are recommended for use in trusted network environments only.