LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-15-2006, 09:50 AM   #1
rookiepaul
Member
 
Registered: Jul 2005
Posts: 73

Rep: Reputation: 15
Routing in a Virtual Environment (Red Hat 9)


I'm after some help with regards to creating a router with red hat 9.

What I ultimately want is 3 Virtual Machines (VMWare), all running red hat 9. 1 of the virtual machines set up as a router, and the other 2 as clients.

What I have so far is my physical home network on 192.168.0.x and I want my virtual network on 10.0.0.x. The virtual router machine has 2 virtual network cards, one that connects to my home network (192.168.0.x) and one that connects to my virtual network vmnet2 (10.0.0.x) My virtual clients are on vmnet2 also and can ping each other and my virtual router through the virtual NIC eth1 on the virtual router.

What I want is to allow the virtual router to allow communication between the physical network 192.168.0.x and the virtual network 10.0.0.x. All I need is for the virtual clients to be able to access the internet coming in on my home router (192.168.0.2), but it has to be routed through my virtual router. The whole point of this is experimenting with IPTables without jepardising my real network. I understand that I need to use the "route" command but I'm not sure how I would use it with my situation. Could anyone help me? Many thanks.

RookiePaul.
 
Old 03-15-2006, 10:12 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
well by the look of it you can just totally ignore the vmware side of things... it's just two seperate networks you want to join together.

one factor here is what you actually do have on your real internet connection. if you can add a route on to that router to say that in order to reach 10.0.0.0/24 go to 192.168.0.1 or whatever (i.e. your VM router) then you would just enable ip forwarding on the router and point all other vm's at that as their gateway. that will certainly get you as far as being able to ping between the two LAN's. You then have the internet side, in that if your internet router is just sitting on 192.168.0.0/24 and doesn't know anythign else about the routing environment, then you would configure iptables on the vm router to enable ip masquarading as well. this means that any connection to the internet on 10.0.0.0/24 would appear to actaully come from 192.168.0.1 which would be local to the router.

so then the basic routing is enabled just by a "echo 1 > /proc/sys/net/ipv4/ip_forwarding" or similar if i have the path wrong there. and the ip masquarading would be erm... "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" where eth0 is on 192.168.0.0/24.


and of course, tcpdump and ethereal are your friends for seeing what packaets are going where in both networks.
 
Old 03-15-2006, 10:48 AM   #3
rookiepaul
Member
 
Registered: Jul 2005
Posts: 73

Original Poster
Rep: Reputation: 15
I'm running IPCop as my real router, what command would I need to use to add the route to the virtual network on IPCop? IPCop is 192.168.0.2, virtual router is 192.168.0.50 + 10.0.0.1.
 
Old 03-15-2006, 12:24 PM   #4
rookiepaul
Member
 
Registered: Jul 2005
Posts: 73

Original Poster
Rep: Reputation: 15
S'ok I've got it working! The only thing that isn't working now is the Internet on the virtual machine clients. I can ping website ip addresses but not names so I think it's something to do with DNS. I've allowed all types of traffic on my virtual router, but I think I need to do DNS forwarding of some sort? Anyone help?
 
Old 03-15-2006, 03:12 PM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
well if that *is* the case, then you should be able to use your own standard DNS servers within your machines. they will just use normal routing to reach them. if you can't do a dig of a server directly, e.g. "dig google @1.2.3.4" then you have slightly bigger problems.
 
Old 03-15-2006, 03:19 PM   #6
morgolis
LQ Newbie
 
Registered: Mar 2005
Posts: 11

Rep: Reputation: 0
check the /etc/resolv.conf on your "virtual machines". If indeed you're able to ping public IP addresses on the net, then your IP routing is correct. Check out where those machines are asking to get DNS resolution from.
 
Old 03-15-2006, 03:37 PM   #7
rookiepaul
Member
 
Registered: Jul 2005
Posts: 73

Original Poster
Rep: Reputation: 15
What should it be set to? My virtual router or my real router?
 
Old 03-15-2006, 04:06 PM   #8
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
Quote:
Originally Posted by rookiepaul
What should it be set to? My virtual router or my real router?
Find a system on your LAN that does resolve hostnames and use whatever it has. This is likely the real router (most SOHO routers do DNS forwarding automagically.)
 
Old 03-15-2006, 05:04 PM   #9
rookiepaul
Member
 
Registered: Jul 2005
Posts: 73

Original Poster
Rep: Reputation: 15
I have it set to my ipcop which handles DNS for the rest of the network but its still not working Any clues?
 
Old 03-15-2006, 06:49 PM   #10
fr_laz
Member
 
Registered: Jan 2005
Location: Cork Ireland
Distribution: Debian
Posts: 384

Rep: Reputation: 32
well, to debug you can always try to telnet to the DNS daemon of your ipcop machine.
if ipcop has the 172.16.0.1 address, do a "telnet 172.16.0.1 53"
here are the answer you can have:
telnet: Unable to connect to remote host: Connection refused
=> there's no dns server on this machine
telnet: Unable to connect to remote host: No route to host
=> you're packets are lost in the way
Connected to 172.16.0.1.
Escape character is '^]'.
=> that should work
 
Old 03-16-2006, 03:29 AM   #11
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
and as before, use tcpdump to see what's going down...
 
Old 03-17-2006, 03:14 AM   #12
morgolis
LQ Newbie
 
Registered: Mar 2005
Posts: 11

Rep: Reputation: 0
Rookie,

Tell me if you're able to ping real public IP addresses please. If you're able to ping real, publicly routable IP addresses like 68.142.197.69 (yahoo.com) and get replies.

If you can, then your problem is totally your DNS resolver. That means set it to your ISP's DNS servers OR start your own DNS resolver on your network.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
install Red Hat 9 on Microsoft Virtual PC manue Red Hat 8 04-06-2010 10:57 AM
how can i set virtual memory in linux Red Hat 8.0 feda82 Linux - Newbie 2 02-09-2006 02:47 AM
GRUB, Virtual Desktop, KDE in Red Hat 9 perrymans Linux - Newbie 4 04-17-2003 08:06 PM
routing with Red Hat 8.0 ?? jaitropfaim Linux - Networking 4 02-16-2003 08:51 AM
How to change desktop environment in Red Hat 7.1 SiliconBadger Linux - General 2 10-31-2002 02:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration