2
1
I set up a virtual box lab, with the following configuration:
In order to make the lab working I create with a script the following interfaces, enabling port forwarding for the server machine in order to have internet access.
This commands are triggered from HOST machine
tunctl -t tap0 -u myuser
ip link set up dev tap0
brctl addbr br0
brctl addif br0 tap0
ip link set up dev br0
ip addr add 10.1.1.1/24 dev br0
ip route add 10.1.1.0/24 dev br0
tunctl -t tap1 -u myuser
tunctl -t tap2 -u myuser
tunctl -t tap3 -u myuser
ip link set up dev tap1
ip link set up dev tap2
ip link set up dev tap3
brctl addbr br1
brctl addif br1 tap1
brctl addif br1 tap2
brctl addif br1 tap3
ip link set up dev br1
ip addr add 10.1.2.1/24 dev br1
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -A FORWARD -i eth0 -o br0 -j ACCEPT
iptables -A FORWARD -i br0 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Using virtualbox gui I set the following interfaces to serve and clients:
server -> tap0 , tap1 [Bridged network]
client1 -> tap2 [Bridged network]
client2 -> tap3 [Bridged network]
Then edit /etc/network/interfaces and resolv.conf
SERVER
*# cat /etc/network/interfaces*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.1.1.2
netmask 255.255.255.0
up route add default gw 10.1.1.1 dev eth0
auto eth1
iface eth1 inet static
address 10.1.2.2
netmask 255.255.255.0
*# cat /etc/resolv.conf*
domain
search
nameserver 192.168.2.194
CLIENT 1
*# cat /etc/network/interfaces*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.1.2.3
netmask 255.255.255.0
up route add default gw 10.1.2.2 dev eth0
*# cat /etc/resolv.conf*
domain
search
nameserver 10.1.2.2
CLIENT 2
*# cat /etc/network/interfaces*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.1.2.4
netmask 255.255.255.0
up route add default gw 10.1.2.2 dev eth0
*# cat /etc/resolv.conf*
domain
search
nameserver 10.1.2.2
With the following configuration:
I can access the internet with server machine,
I can access via ssh to any machine in the network
I can't access internet with client1 and client2 machine...
Can you help me setting up some routing rule to get rid of this problem?
i forgot to mention the fact that host, server, client1 and client2 are all debian – Michele C. – 2015-11-17T12:40:31.007
From any of the clients, can you
ping -c1 8.8.8.8
? – MariusMatutiae – 2015-11-17T12:48:36.800And, on which machine are you running the first set of instructions, the one that begins with
tunctl
? On the host? – MariusMatutiae – 2015-11-17T12:52:36.767no, i can't ping google DNS, from client machines i can only reach 10.1.2.x addresses – Michele C. – 2015-11-17T12:54:15.337
yes of course, i omitted to say cause i thought it was obvious.... – Michele C. – 2015-11-17T12:55:12.087