 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Forum / Virtual PC / May 2008Guest OS acting as NAT
Hi guys! I want to virtualize a linux box on virtual pc. Host os is Windows 2003 server and I managed to install GNU/Linux CentOS 5.1 on it. Host os is connected to a class B lan where 172.16.0.1 is the gateway and in the same LAN there are also DNSs. I configured Virtual PC to offer 2 network cards to the guest os: shared network (NAT) and Gigabit card connected. On linux i get eth0 and eth1. If I automatically acquire an IP address, on eth0 I get 192.168.131.65 from a DHCP server running on 192.168.131.255 but DHCP server does not specify any default gateway. On eth1 I can set any address i like (I used 172.16.1.12). As first attempt I set guest os to use as default gateway 172.16.0.1 and LAN DNSs as DNS. Guest os could surf the internet! (note: in all this eth0 is not used so maybe I don't really need ip 192.168.131.65) After this I set guest os to manage 4 class C LANs, and my guest os is supposed to act a gateway for the LANs (I'm not using VLANs so everything is going on the same network interface. I just declared 4 aliases on the same eth1 network interface in order to have a total of 5 IPs: 172.16.1.12/16, 192.168.10.1/24, 192.168.11.1/24, 192.168.12.1/24 and 192.168.13.1/24). Clients connected to these LANs can work great, they can reach the guest os and every host in the respective LAN but they can't reach internet or LAN 172.16.0.0/16. This is a BIG problem for me! I investigated why it's not working since the guest os is configured to act as NAT for class C LANs clients. I monitored the traffic going in and out from the guest os and I discovered this: - when clients from class C sent a request addressed to the outside internet the request arrives to the guest os - guest os forward it to class B DNSs - DNSs reply to guest os ip 172.16.1.12 - guest os does NOT forward back the answer coming from DNSs to the class C clients so they never get an answer and connections go in timeout At first it may sounds like a guest os bad configuration but it's not. Same os is installed stand alone (not virtualized) with very same configuration works great. I tryed to use 192.168.13.255 as default gateway instead of 172.16.0.1 but with no result... (and also guest os could not reach internet anymore). I really hope You can help me, I'm sure I'm missing something... Many thanks in advance to anyone for your time. A > Hi guys! > [quoted text clipped - 44 lines] > > A To use the vm as a router, one NIC should be linked to the Internet or to a network which has Internet access. That sounds like your 172.16.0 network since the guest can surf the Internet through that. No NIC should be set to Shared Networking (NAT). This is not suitable for your requirements. The second NIC in the vm should be connected to the network which has the NAT clients on it. Where are these machines? How did they access the Internet before? If one NIC has an Internet connection, the machines connected to the other NIC should be able to get to the Internet if this NIC is the default gateway for them and you have NAT configured on the vm. > The second NIC in the vm should be connected to the network which has > the NAT clients on it. Where are these machines? How did they access the [quoted text clipped - 3 lines] > other NIC should be able to get to the Internet if this NIC is the default > gateway for them and you have NAT configured on the vm. Hi Bill and many thanks for answering me! All pc are connected on the same fisical network, simply some pc use a class B ip and some other use a class C ip. Of course, there's a gateway serving class C LANs (to forward traffic to class B) and a border gateway serving class B (to forward traffic to internet). Class C LANs are WLAN and the gateway (that I should replace with the virtual machine) has one single network card with more IP aliases. The idea is to have a big wired LAN and four separated wireless LANs. Setting VPC to offer just one "normal" NIC seems not to solve the problem, the situation is same as before... simply now I just don't have the other network interface with ip 192.168.131.65 that I was not using. Vm can still surf the internet but client are out. Any other idea? Save me :) it's third day I'm trying to work it out :) Many thanks again! On May 23, 12:48 pm, "Bill Grant" <not.available@online> wrote: > The second NIC in the vm should be connected to the network which has > the NAT clients on it. Where are these machines? How did they access the [quoted text clipped - 3 lines] > other NIC should be able to get to the Internet if this NIC is the default > gateway for them and you have NAT configured on the vm. >Hi Bill and many thanks for answering me! >All pc are connected on the same fisical network, simply some pc use a >class B ip and some other use a class C ip. >Of course, there's a gateway serving class C LANs (to forward traffic t>o class B) and a border gateway serving class B (to forward traffic t>o internet). >Class C LANs are WLAN and the gateway (that I should replace with the >virtual machine) has one single network card with more IP aliases. [quoted text clipped - 6 lines] >Save me :) it's third day I'm trying to work it out :) >Many thanks again! I am a fan of virtual machines but I really can't see why you would want to use a virtual machine to do that. I can't even see why you would use a computer to do that rather than a wireless access point. The only reason I run routers in vms is to route between virtual networks or to route traffic from virtual networks on to a physical network. If all machines are on wired or wireless network, why use a virtual machine at all? If you must use a computer as a router why not use the host OS? What is the host doing that prevents it being a router? Well Bill I can only say you are right. A router would be best idea but since it gotta offer radius services for wlan it's a computer (to keep things cheap). I know there's no need to virtualize anything here but it's not my decision. Unfortunatly I gotta do it... it's supposed to be a kind of demostation that it can be done. Anyway I know it's a bad designe but I gotta do it. Do you have any suggestion to give me? I can't understand why it wont work... Many thanks again for your time. I really apriciate it. > Well Bill I can only say you are right. A router would be best idea > but since it gotta offer radius services for wlan it's a computer (to [quoted text clipped - 5 lines] > suggestion to give me? I can't understand why it wont work... > Many thanks again for your time. I really apriciate it. OK. First off, even if everything is on one physical network I would use two NICs in the router. They will both need to be set to link to the physical NIC in the host, since this is the only connection to the network. Virtual Machine Network Services will make sure the traffic gets to the correct NICs in the vm. Set one NIC to get its network config automatically. It will get its config from DHCP on the class B LAN and look just like an extra machine on the LAN. You have done that before and you know that it works. This is the "public" side of your NAT router. Manually set the second NIC with the IP addresses which are the gateway addresses for the Class C subnets. This is the "private" side of your NAT router. Now configure the NAT router using itables or whatever it is in Linux . |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.