>-----Original Message-----
>From: Jim Cheetham [mailto:[email protected]]
>Posted At: Tuesday, October 19, 2010 1:49 PM
>
>
>On Tue, Oct 19, 2010 at 11:58 AM, Bryce Stenberg
><[email protected]> wrote:
>> I'm trying to set up a very basic install of Ubuntu Server
>10.04 to act
>> as a basic router for a virtual network setup.
>
>Well, if you give the VirtualBox guest machine a "NAT" interface
>instead of a "Host-Only" one, it will all work automatically.
>
This virutalbox guest machine has two interfaces to act as a router - one is
NAT interface, other is Host-Only.
>You won't be able to connect inwards to the VM guest in either case.
>If you want to do that, you either give the guest a proper external IP
>address by using Bridging mode on the network, or use host-only and
>mess about with iptables to do inbound NAT, not recommended.
>
The reason I'm trying to create this guest 'router' is following suggestions
from VirtualBox list, when it became apparent I couldn't configure the NAT
interface addresses as I required in VirtualBox. Suggested workaround was to
add in a VM as a router. A bit of background for why I need this - our imaged
backups (windows) can be restored directly into VirtualBox. I'm trying to
simulate our real network and machines to run some tests and trials without
having to change all the existing firewall rules on the Windows ISA 2004 server
that is loaded up as a guest also (== I don't want to go changing ip
addresses). So that is why the internal network is showing up as
203.97.9.104/29 as that is our real internet address range and needs hiding
from the real world - this I want it routed out through the host NAT interface
(on the other side of our ISA server will be another host-only network
simulating our internal network address range)
Internet
|
Virtual box NAT - (gateway 10.0.2.2)
|
IP (10.0.2.15)
'router' server
pseudo public IP (203.97.9.105 - host-only network)
|
pseudo public IP (203.97.9.108 - host-only network)
ISA server
private IP (gateway for 10.1.1 servers - host-only network2)
|
servers 10.1.1.x - host-only network2
(for current router testing I've dropped out the ISA server and just added an
ubuntu machine with ip 203.97.9.106 as part of the host-only network, as in:
Internet
|
Virtual box NAT - (gateway 10.0.2.2)
|
IP (10.0.2.15)
'router' server
pseudo public IP (203.97.9.105 - host-only network)
|
pseudo public IP (203.97.9.108 - host-only network)
Ubuntu client )
>> I just want all traffic passed from host-only network side of this
>> virtual server to go out through its external interface (which is a
>> NAT'd and handled by VirtualBox).
>
>That's contradictory. Either the interface is a VirtualBox NAT one, or
>it is a VirtualBox host-only one (or Bridged ...).
>
>> >From this ubuntu server I can ping external networks on the
>internet and
>> machines on the internal host-only network.
>> But from a server on the host-only network I can't get a
>response from
>> pings to external networks.
>
>Correct, because you connected it to "host *only*". It can *only* talk
>to the host. Change that :-)
>
>> So, can someone please tell me what the missing piece is? As in what
>> settings of software do I need to setup to get the traffic to go both
>> ways.
>
>By "both ways", do you mean that you want a third machine on the
>network to make inbound connections to the virtual server? (i.e. if
>the virtual server were running apache or something). If so, Bridging
>is the simplest network setup.
>
So the 'router server' can ping internet and ping 'ubuntu client', therefore I
should be able to make routing work and have 'ubuntu client' ping internet via
router server.
(I can't use any bridging as that will expose real network ranges to the real
networks and break things)
I hope little schematic above has made this clearer - sorry for poor
explanation earlier.
But I'm still not sure if I issued the right commands to get this routing to
work.
ufw status shows:
Status: active
To Action From
---- --------- --------
Anywhere/udp ALLOW Anywhere/udp
Anywhere/tcp ALLOW Anywhere/tcp
And /proc/sys/net/ipv4/ip_forward shows value of 1.
I must be missing something?
Regards, Bryce.
DISCLAIMER: If you have received this email in error, please notify us
immediately by reply email, facsimile or collect telephone call to +64 3
9641200 and destroy the original. Please refer to full DISCLAIMER at
http://www.hrnz.co.nz/eDisclaimer.htm
_______________________________________________
Linux-users mailing list
[email protected]
http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
