Snow Leopard running Fusion has virtual ports invisible to wireshark

Win XP SP3 in fusion can surf the net through the mac's airport in either bridged or nat mode fine. the mac has a static ip. the windows is set to dhcp.

ifconfig on the mac shows

en1: inet 192.168.1.43 netmask 0xffffff00 broadcast 192.168.1.255

vmnet1: inet 172.16.193.1 netmask 0xffffff00 broadcast 172.16.193.255

vmnet8: inet 172.16.143.1 netmask 0xffffff00 broadcast 172.16.143.255

ipconfig on windows shows

Connection-specific DNS Suffix . : home

    IP Address. . . . . . . . . . . . : 192.168.1.42
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1

when the network adapter settings in fusion are changed to NAT and the ipconfig is released and renewed, then ipconfig shows

    Connection-specific DNS Suffix  . : localdomain

    IP Address. . . . . . . . . . . . : 172.16.143.132
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 172.16.143.2

This shows that the virtual machine is now going through the subnet of vmnet8
Wireshark however does not reveal vmnet8, just en0 and en1-and en1 is getting all the traffic. Why no vmnet8? Why is vmnet8 getting a routable address? shouldn't it be one of those non-routeable 192.xxx.xxx.xxx or 10.xxx.xxx.xxx numbers? And even if windows is bridged and using 192.168.1.42, little snitch on the mac keeps asking if vmnet-natd can talk to the net so i know it's active.

I can see packets going to the windows ip but it's mixed in with traffic going to the mac (as I'd expect since they are both using the same airport) but it's all going over en1.

( btw, i dont understand why the gateway in windows is not 172.16.143.1 but rather .2 – after all doesnt the windows box have to talk to vmnet8?)

The same situation exists when one uses parallels instead of fusion. Except in this case 2 vNICs show up in wireshark. However, they are silent and never used either.