3
1
Currently I've got but the basic setup where I have created a single virtual Hyper-V external switch on my Wi-Fi adapter, to which my so-far single Linux guest is connected with its virtual NIC.
This is a laptop which I would routinely take to my campus which allows students to wirelessly access the Internet and campus networks, using Wi-Fi with WPA2+RADIUS authentication. The student is authenticated with their username and password.
My immediate problem on campus is that when I boot the guest and it attempts to configure its virtual NIC with DHCP against the same gateway that the host is connected to, the latter loses all uplink connectivity until I restart Windows. I suspect this has to do with the fact that the RADIUS authentication system on campus doesn't like that there are two distinct IP endpoints on my end, associated with one 802.11 authentication token or something. It may even be configured to explicitly detect and prevent this, I don't know.
Another problem is that even if the gateway were able to accommodate the setup above, is typically hands addresses to both through DHCP, and I have observed the guest changing its IP address all too frequently, which presents problems as I "loose it out of sight" when needing to connect to it from the host (on SSH, for example).
Thinking of this, I decided that my Internet connectivity shouldn't be dependent on how an uplink gateway is configured, and as far as I know, NAT is the perfect solution for this. A virtual NAT system, right on the host, should do it, right?
Anyway, what I need is:
- Have my guest and host be on the same layer 2 or LAN network. The guest is a Linux which I need to be able to reach via SSH, and I also plan to mount a host folder on the guest through SMB.
- I want both the guest and the host to have persistent addresses on the aforementioned network, so I always know where to reach one from the other. No DHCP.
- I obviously need to be uplinked from both host and the guest, somehow. I think that this requirement, together with the other two, would strongly suggest a NAT where the guests either form a layer 2 network or LAN with the host, or where the host functions as a router/gateway for the guests.
I have an Ethernet and a Wi-Fi adapter on the host, and even though I am frequently on Wi-Fi, I want uplinking through Ethernet to work as well.
I read about WinNAT believing it is what I am after, but issuing the following commands in my administrative PowerShell console on the host, I am not sure where I stand:
New-NetIPAddress -IPAddress 192.168.0.1 -PrefixLength 24 -InterfaceIndex 24
New-NetNat -Name HelloNAT -InternalIPInterfaceAddressPrefix 192.168.0.0/24
The internal virtual switch is set up from earlier, Get-NetAdapter tells me the interface index of the switch is 24, which is what used above. The Debian Linux VM is set up with the following in /etc/network/interfaces:
iface eth0 inet static
address 192.168.0.3
netmask 255.255.255.0
gateway 192.168.0.1
I can't even ping or traceroute the gateway address from the VM, not to mention any WAN-address like 8.8.8.8 (One of Googles public DNS servers).
amn
Posted 2016-11-25T20:54:40.430
Reputation: 1 622
Is there any reason native NAT doesn't work? As a possible alternative, perhaps WinGate, though I've never used that in a Hyper-V context.
– Bob – 2016-11-28T09:55:53.360I don't know why it seemingly does not work, but I had tried it prior to formulating the question. I have now also documented how I tried to set it up, without success. WinGate and any third-party solutions in general are out of question for me. – amn – 2016-11-29T19:16:42.187
In general, neither 802.11 nor 802.1X (and its equivalent WPA-Enterprise) have anything to do with L3 protocols – it's purely the L2 device that is authenticated (and there is no "authentication token" as such). The particular network might be configured to actively prevent multiple hosts sharing a connection in another way though (e.g. at the gateway), but that's not a 'built-in' feature. – user1686 – 2016-11-29T19:24:53.437
Also, while I'm still figuring out how to do this in Hyper-V – for NAT to work properly, the host must act as a router, not a bridge – i.e. the Wi-Fi uplink connection must not be part of the VM "switch", and the host must have IP forwarding enabled. – user1686 – 2016-11-29T19:28:32.760
I'm not familiar with Hyper-V but if you were to use VMware Workstation, you could create a host only virtual network, which would in turn create a network adapter on the host OS, and then just use Internet Connection Sharing in windows to perform NAT between your WLAN interface and the VMware interface. To access SSH on the linux VM from the WLAN interface, ICS does support port maps. It does look like Hyper-V has similar functionality as VMware in regards to creating network interfaces on the host https://redmondmag.com/articles/2014/07/24/private-vs-internal-virtual-switches.aspx
– Muh Fugen – 2016-12-02T11:02:12.737I appreciate the VMware Workstation suggestion, but I am principally trying to get this to work with Hyper-V. I like the fact that it unobtrusively runs as a service and that all VMs just basically are services as well (logically), I don't need to care for them running even between reboots and hybernation breaks. I also like the fact that it is the same vendor as the OS, for better or worse. Regarding your link on creating network interfaces with Hyper-V, that's basically the entire foundation for networking in Hyper-V, and it's a virtual switch, no more. Have I missed something? – amn – 2016-12-05T09:09:42.717