(oops - just resending as had rubbish subject from our anti-spam software...)
>-----Original Message----- >From: Jim Cheetham [mailto:[email protected]] >Posted At: Tuesday, October 19, 2010 1:49 PM > > >On Tue, Oct 19, 2010 at 11:58 AM, Bryce Stenberg ><[email protected]> wrote: >> I'm trying to set up a very basic install of Ubuntu Server >10.04 to act >> as a basic router for a virtual network setup. > >Well, if you give the VirtualBox guest machine a "NAT" interface >instead of a "Host-Only" one, it will all work automatically. > This virutalbox guest machine has two interfaces to act as a router - one is NAT interface, other is Host-Only. >You won't be able to connect inwards to the VM guest in either case. >If you want to do that, you either give the guest a proper external IP >address by using Bridging mode on the network, or use host-only and >mess about with iptables to do inbound NAT, not recommended. > The reason I'm trying to create this guest 'router' is following suggestions from VirtualBox list, when it became apparent I couldn't configure the NAT interface addresses as I required in VirtualBox. Suggested workaround was to add in a VM as a router. A bit of background for why I need this - our imaged backups (windows) can be restored directly into VirtualBox. I'm trying to simulate our real network and machines to run some tests and trials without having to change all the existing firewall rules on the Windows ISA 2004 server that is loaded up as a guest also (== I don't want to go changing ip addresses). So that is why the internal network is showing up as 203.97.9.104/29 as that is our real internet address range and needs hiding from the real world - this I want it routed out through the host NAT interface (on the other side of our ISA server will be another host-only network simulating our internal network address range) Internet | Virtual box NAT - (gateway 10.0.2.2) | IP (10.0.2.15) 'router' server pseudo public IP (203.97.9.105 - host-only network) | pseudo public IP (203.97.9.108 - host-only network) ISA server private IP (gateway for 10.1.1 servers - host-only network2) | servers 10.1.1.x - host-only network2 (for current router testing I've dropped out the ISA server and just added an ubuntu machine with ip 203.97.9.106 as part of the host-only network, as in: Internet | Virtual box NAT - (gateway 10.0.2.2) | IP (10.0.2.15) 'router' server pseudo public IP (203.97.9.105 - host-only network) | pseudo public IP (203.97.9.108 - host-only network) Ubuntu client ) >> I just want all traffic passed from host-only network side of this >> virtual server to go out through its external interface (which is a >> NAT'd and handled by VirtualBox). > >That's contradictory. Either the interface is a VirtualBox NAT one, or >it is a VirtualBox host-only one (or Bridged ...). > >> >From this ubuntu server I can ping external networks on the >internet and >> machines on the internal host-only network. >> But from a server on the host-only network I can't get a >response from >> pings to external networks. > >Correct, because you connected it to "host *only*". It can *only* talk >to the host. Change that :-) > >> So, can someone please tell me what the missing piece is? As in what >> settings of software do I need to setup to get the traffic to go both >> ways. > >By "both ways", do you mean that you want a third machine on the >network to make inbound connections to the virtual server? (i.e. if >the virtual server were running apache or something). If so, Bridging >is the simplest network setup. > So the 'router server' can ping internet and ping 'ubuntu client', therefore I should be able to make routing work and have 'ubuntu client' ping internet via router server. (I can't use any bridging as that will expose real network ranges to the real networks and break things) I hope little schematic above has made this clearer - sorry for poor explanation earlier. But I'm still not sure if I issued the right commands to get this routing to work. ufw status shows: Status: active To Action From ---- --------- -------- Anywhere/udp ALLOW Anywhere/udp Anywhere/tcp ALLOW Anywhere/tcp And /proc/sys/net/ipv4/ip_forward shows value of 1. I must be missing something? Regards, Bryce. DISCLAIMER: If you have received this email in error, please notify us immediately by reply email, facsimile or collect telephone call to +64 3 9641200 and destroy the original. Please refer to full DISCLAIMER at http://www.hrnz.co.nz/eDisclaimer.htm _______________________________________________ Linux-users mailing list [email protected] http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
