I am trying to set up a virtual server in a remote server. I have the server set up but I am having problems with the network setup. Host and guest are both slackware 14.1

I did an identical setup on a local computer for testing, but have not found an answer.
My host IP is 192.168.1.6 and the gateway is 192.168.1.99
My guest IP is 192.168.0.57

On the host I added a route to 192.168.0.57
On the guest I removed the gateway address from rc.inet1.conf
In rc.local I put:
route add 192.168.1.6 dev eth0
route add default gw 192.168.1.6

In my firewall script I inabled ip forwarding and disabled rp_filter. This is Alien Bobs firewall script.

The host and guest can talk to each other, but the guest does not reach the internet.

I am at my wits end and am hoping for any advice on where to go from here.

Is this service on the host started?

cheers

The functions of rc.ip_forward are implemented in the firewall script.
I disabled the firewall script and started rc.ip_forward, but this didnt change the result.
I set the gateway to 192.168.1.6 and also tried 192.168.1.99 which is the hosts gateway.
I am using the hosts dns services for name resolution.

In all cases when I run wget google.com the response is

--2016-05-16 06:27:38-- http://google.com/
Resolving google.com (google.com)... 216.58.193.206, 2607:f8b0:4007:80b::200e
Connecting to google.com (google.com)|216.58.193.206|:80... failed: No route to host.
Connecting to google.com (google.com)|2607:f8b0:4007:80b::200e|:80... failed: Network is unreachable.

When you were configuring iptables with the firewall generator did you select the Gateway option, which turns masquerading on? Is the virtual NIC on the guest connected to a bridge on the host?

I did, but I am not sure about the interface settings
# Local Interface Information
LOCAL_IFACE="eth+"
LOCAL_IP="192.168.1.6"
LOCAL_NET="192.168.1.0/24"
LOCAL_BCAST="192.168.1.255"

The virtual NIC is a bridged adapter.

Guest it is a virtualbox or another way?

yes, Virtualbox

VirtualBox has multiple modes of network card, what mode you selected?
You can connect virtualmachine network interface (nic) conjunction with host NIC in bridge mode (as plug it to ethernet switch), so both system will be used same network, and each have bidirectional access with external world.

If you use default settings (NAT), virtualmachine assign IP address from DHCP server on virtualbox network stack, and it use NAT on host NIC (from external world, systems can`t direct connect to virtualmachine).

I have the virtual machine set up in bridged mode. The two machines talk to each other ok, but when I set up the host as a gateway they no longer communicate with each other.

When I change the local interface in the gateway firewall I have this error

Illegal source: IN=eth0 OUT= MAC=94:de:80:b2:d0:9a:08:00:27:b0:de:9d:08:00 SRC=192.168.0.57 DST=192.168.1.6 LEN=88 TOS=0x10 PREC=0x00 TTL=64 ID=42075 DF PROTO=TCP SPT=62499 DPT=41788 WINDOW=312 RES=0x00 ACK PSH URGP=0

new local iface
LOCAL_IFACE="eth+"
LOCAL_IP="192.168.0.57"
LOCAL_NET="192.168.0.0/24"
LOCAL_BCAST="192.168.0.255"

Is there other information I can give.

Why you make gateway from host machine?
If you use bridge mode, guest can direct access to physical network without host (in parallel with host), and can reach default gateway of you local network for access to internet.
But this is if you use DHCP on guest, if you set up custom IP and custom subnetwork for guest, you need add alias to default gateway from this subnetwork, for example:

-HOST system have IP 192.168.1.6 (network 192.168.1.0/24)
-GUEST system have IP 192.168.0.57 (network 192.168.0.0/24)
-GATEWAY system have IP 192.168.1.99 (network 192.168.1.0/24)

So if you need access from HOST to GUEST you need route to network 192.168.0.0/24 on gateway.
Add to gateway alias IP to network interface, for example 192.168.0.99, and on guest add default gateway 192.168.0.99.

Alias add command: ip a add 192.168.0.99 dev eth??

On host machine you not needed forwarding, only on gateway.

How you network should work:
[SOURCE] -- [GATEWAY] -- [DESTINATION]
[192.168.1.6] -> [192.168.1.99 -> 192.168.0.99] -> [192.168.0.57]
[192.168.0.57] -> [192.168.0.99 -> 192.168.1.99] -> [192.168.1.6]
[192.168.1.6] -> [192.168.1.99 -> external-ip-assigned-by-isp] -> [internet]
[internet] - > [external-ip-assigned-by-isp -> 192.168.1.99] -> [192.168.1.6]
[192.168.0.57] -> [192.168.0.99 -> external-ip-assigned-by-isp] -> [internet]
[internet] -> [external-ip-assigned-by-isp -> 192.168.0.99] -> [192.168.0.57]

But if you can use DHCPclient on guest system, you not need manage routes (because use only network 192.168.1.0/24, and all hosts from this network can communicate each other without gateway).

I don't know, hints from the ISP tech guy who wouldn't help.

The real setup has a static ip assigned, DHCP is not an option

I don't have access to the ISP's gateway

On a better note, I did get this working this morning. My day job gets in the way so hopefully this evening I can post how I did this.

Thanks StreamThreader, you have been a great help.

If you host system connect direct to internet (without home gateway), on guest nic you need use NAT mode, because ISP serve only one IP for one MAC address.
And if you use NAT, virtualbox setup DHCP server on host NIC for virtualmachine, so use on guest dhclient.
Read about NAT mode in this section.

These are the settings I used to run a virtual guest on a host using a different network IP than the host IP. These are setting on a test setup.

My host IP is 192.168.1.6
Host Gateway is 192.168.1.99
Guest IP is 192.168.0.57
There are tutorials on building a headless guest on a remote host I won't cover.

Generate a firewall for the host with Alien bobs firewall generator.
Make sure you select Gateway/Firewall
I set my internet interface as 192.168.1.6 on eth0
My local interface as
LOCAL_IFACE="eth+"
LOCAL_IP="192.168.0.57"
LOCAL_NET="192.168.0.0/24"
LOCAL_BCAST="192.168.0.255"

Under kernel parameter configuration enable ip_forward and disable rp_filter.
Further down the firewall script where it says Populate User Chains comment out these three lines.

$IPT -A bad_packets -p ALL -i $INET_IFACE -s $LOCAL_NET -j LOG \
--log-prefix "Illegal source: "

$IPT -A bad_packets -p ALL -i $INET_IFACE -s $LOCAL_NET -j DROP

In my rc.local script add a line like this
route add 192.168.0.57 eth0

Generate another firewall for the guest, without the Gateway/Firewall
I set my internet interface as 192.168.0.57 on eth0

Under kernel parameter configuration disable rp_filter.

In rc.inet1.conf remove the gateway setting.

In the rc.local script add these lines

route add 192.168.1.6 dev eth0
ip route add 192.168.1.99 via 192.168.1.6 dev eth0
route add default gw 192.168.1.6

At this point you should be able to restart everything and have it work.
I sure hope this helps someone else out there.

1 members found this post helpful.