NAT vs. bridged network: A simple diagram
When you create a new virtual machine, you have one of many options when it comes to choosing your network connectivity. Two common options are to use either bridged networking or network address translation (NAT). So, what exactly does that look like? Take a look at the figure below.
In this diagram, the vertical line next to the firewall represents the production network and you can see that 192.168.1.1 is the IP address of the company’s firewall that connects them to the Internet. There is also a virtual host with three virtual machines running inside it. The big red circle represents the virtual adapter to which NAT-based virtual machines connect (172.16.1.1). You can see that there are two such virtual machines with IP addresses of 172.16.1.2 and 172.16.1.3. When you configure a virtual machine as using NAT, it doesn’t see the production network directly. In fact, all traffic coming from the virtual machine will share the VM host’s IP address. Behind the scenes, traffic from the virtual machines is routed on the virtual host and sent out via the host’s physical adapter and, eventually, to the Internet.
The third virtual machine (192.168.1.3) is configured in “bridged” mode which basically means that the virtual network adapter in that virtual machine is bridged to the production network and that virtual machine operates as if it exists directly on the production network. In fact, this virtual machine won’t even be able to see the two NAT-based virtual machines since they’re on different networks.