LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-20-2014, 10:11 AM   #1
Cristiano Urban
Member
 
Registered: Jul 2013
Location: Gonars (UD), Italy
Distribution: Slackware 14.2 x86_64
Posts: 76

Rep: Reputation: 10
Set up a VM to act as a switch


Hi folks,
I want to setup a VM as a three ports switch in order to connect together three VMs using VirtualBox.
The scenario is similiar to the topic described into this guide.

The host OS is Fedora 20.

To do this I've used a debian machine (net-install) on which I've installed sudo, bridge-utils, ebtables and tcpdump packages.

The network configuration in VirtualBox for this VM consists of three network adapters configured
as below:
Code:
Adapter 1: 
Connected to: internal network
Name: Rou_Interface
Type: Intel Pro/1000 MT 
Promiscuous mode: No

----------------------------

Adapter 2: 
Connected to: internal network
Name: Sniffer_Interface
Type: Intel Pro/1000 MT 
Promiscuous mode: No

----------------------------

Adapter 3: 
Connected to: internal network
Name: Ter_Interface
Type: Intel Pro/1000 MT 
Promiscuous mode: No
The network interfaces of the "switch VM" are configured as below (/etc/network/interfaces):
Code:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 192.168.1.1
    netmask 255.255.255.0

auto eth1
iface eth1 inet static
    address 192.168.1.2
    netmask 255.255.255.0

auto eth2
iface eth2 inet static
    address 192.168.1.3
    netmask 255.255.255.0

auto br0
iface br0 inet static
    bridge_ports eth0 eth1 eth2
    address 192.168.1.4
    network 192.168.1.0
    netmask 255.255.255.0
    gateway 192.168.1.254
The other three VMs (old Ubuntu 11.04 i386) have their /etc/network/interfaces configured as below:
Code:
Rou
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 192.168.1.1
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255

----------------------------

Sniffer
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 192.168.1.2
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255

----------------------------

Ter
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 192.168.1.3
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255
Each of the three VMs has one network adapter:
Code:
Rou Adapter: 
Connected to: internal network
Name: Rou_Interface
Type: Intel Pro/1000 MT 
Promiscuous mode: No

----------------------------

Sniffer adapter: 
Connected to: internal network
Name: Sniffer_Interface
Type: Intel Pro/1000 MT 
Promiscuous mode: No

----------------------------

Ter adapter: 
Connected to: internal network
Name: Ter_Interface
Type: Intel Pro/1000 MT 
Promiscuous mode: No
My problem is that I can only ping the bridge from Sniffer VM. I can't ping the bridge from the other two machines and obviously I can't ping from one VM to another. So the switch doesn't work.
Could you give me a hand please? Thank you!
 
Old 05-20-2014, 12:08 PM   #2
GaWdLy
Member
 
Registered: Feb 2013
Location: San Jose, CA
Distribution: RHEL/CentOS/Fedora
Posts: 457

Rep: Reputation: Disabled
Is IP forwarding enabled on the "switch" (router) computer?

sysctl -a |grep net.ipv4.ip_forward

Also, did you run through any specific tutorials on how to set up Linux as a router?

http://askubuntu.com/questions/37671...er-as-a-router
http://computernetworkingnotes.com/n...as-router.html

Etc...
 
Old 05-20-2014, 03:39 PM   #3
Cristiano Urban
Member
 
Registered: Jul 2013
Location: Gonars (UD), Italy
Distribution: Slackware 14.2 x86_64
Posts: 76

Original Poster
Rep: Reputation: 10
Thank you for the answer!


Quote:
Originally Posted by GaWdLy
Is IP forwarding enabled on the "switch" (router) computer?
No, it's disabled, but if I enable it doing
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
and then I restart the network, nothing seems to change.


Quote:
Originally Posted by GaWdLy
Also, did you run through any specific tutorials on how to set up Linux as a router?
Not properly. I've searched a lot of tutorials regarding bridge-utils. I'm interested to make an ARP poisoning simulation.
The final objective is to have two intranets (each one simulated with one VM) which are connected to the switch through two routers/firewalls (ZeroShell VMs). Therefore the switch is connected to the two routers and to the sniffer (for now I only need to implement the switch, so I've used three simple Ubuntu 11.04 VMs called Rou, Ter and Sniffer).

Last edited by Cristiano Urban; 05-20-2014 at 04:02 PM. Reason: for clarity: one intranet is represented by one VM
 
Old 05-20-2014, 09:57 PM   #4
GaWdLy
Member
 
Registered: Feb 2013
Location: San Jose, CA
Distribution: RHEL/CentOS/Fedora
Posts: 457

Rep: Reputation: Disabled
OK, I've re-read everything.

I'm not sure why Sniffer works, and the other two don't, but I suspect that it's a virtualbox bridge setting. I say that after wasting many hours on similar issues in the past.

All of your IFs look set up correctly from your description. Can you run 'ip route show' on each vm to show us the routing tables?
 
Old 05-21-2014, 02:09 AM   #5
Cristiano Urban
Member
 
Registered: Jul 2013
Location: Gonars (UD), Italy
Distribution: Slackware 14.2 x86_64
Posts: 76

Original Poster
Rep: Reputation: 10
Giving ip route show as root I obtain:
Code:
Rou
root@rou:/home/rou_user# ip route show
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.1
169.254.0.0/16 dev eth0  scope link  metric 1000


Sniffer
root@sniffer:/home/sniffer_user# ip route show
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.2
169.254.0.0/16 dev eth0  scope link  metric 1000


Ter
root@ter:/home/ter_user# ip route show
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.3
169.254.0.0/16 dev eth0  scope link  metric 1000


Switch
root@switch:/home/switchuser# ip route show
default via 192.168.1.254 dev br0
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.4
I've rechecked all the network adapters for all the four virtual machines. All of them (the adapters) are configured as "internal network".
 
Old 05-21-2014, 05:44 AM   #6
Cristiano Urban
Member
 
Registered: Jul 2013
Location: Gonars (UD), Italy
Distribution: Slackware 14.2 x86_64
Posts: 76

Original Poster
Rep: Reputation: 10
Hi,
I think I've solved the problem.
For the three adapters of the Switch VM I've changed the Promiscuous mode to Allow all. This because a physical switch has no mac addresses. The software switch, instead, has one mac address associated for every port (adapter) of the switch. So the only way to avoid the packets are discarded is to enable the promiscuous mode. Is it correct?

Now I can ping all the machines.
 
Old 05-21-2014, 06:07 AM   #7
ericson007
Member
 
Registered: Sep 2004
Location: Japan
Distribution: CentOS 7.1
Posts: 735

Rep: Reputation: 154Reputation: 154
The way I understood is that if you want a bridge to work, the adapters connecting to it have to be run in promiscuous mode otherwise they are not able to sniff out the traffic that passes through the bridge. I think that would likely be more applicable in this specific case.

You may be correct as well, but that would make more sense to me on a physical network if connected to a hub. A switch should not require promisc mode because they would know the path of the mac being addressed, so it means they rather learn and store nic mac addresses in a table in order to use STP. The switch will obtain IP and MAC information from connected clients by using ARP. Some switches like certain models of cisco have a MAC but that is used for all functions rather than a per port as such. But even then I would not really think of that MAC being addressable as such. Maybe if you get into L3 things can change a little but in L2 of the network layer, forget about a MAC for a switch, it will only make things confusing.

Also if you want a device to act as a sniffer, it has to be set to promiscuous as well in order to pick up the packets traversing the network otherwise it will just drop them if it is not addressed to that nic's specific MAC.

Last edited by ericson007; 05-21-2014 at 06:14 AM.
 
Old 05-21-2014, 08:58 AM   #8
GaWdLy
Member
 
Registered: Feb 2013
Location: San Jose, CA
Distribution: RHEL/CentOS/Fedora
Posts: 457

Rep: Reputation: Disabled
Software bridges often require promiscuous mode.

Did you first try with just the bridge IFs in promisc mode? I'm wondering if all IFs actually need to be set up like that.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Can a bridge be configured to act as hub not a switch? tbriden Linux - Networking 4 08-15-2014 02:34 PM
Making computer act like a switch (sharing internet connection) jginger SUSE / openSUSE 2 01-27-2007 10:40 AM
Have Linux act as a network switch gjpc Linux - Networking 3 01-30-2005 04:38 PM
Set Syslogd to run with -r switch at boot? sirpimpsalot Linux - Newbie 3 09-24-2004 12:10 AM
set up DSL thru SWITCH - winXp connected to SWITCH too husz Linux - Newbie 5 04-22-2004 12:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration