Details:
You will need to use 2 VMs, each with two Ethernet interfaces. You
will need to disable the primary interface (eth0) from one VM, the
Host VM, and route all the traffic from this VM via another VM, the
Router VM. You will use tools like ping
,
traceroute
and tcpdump
to make sure this is
the case.
There are several ways of creating two VMs we need for this lab. One way of doing this is to add a secondary ethernet adaptor on the existing VM, and then copy the whole VM directory to a new one. For example:
/extra
resides has at
least extra 5G disk space before starting this lab. If not, you will
have to move your VM to another unoccupied machine that has enough
disk space.
$ cp -av /extra/weesan /extra/weesan2
/proc/sys/net/ipv4/ip_forward
. Make sure it is
enabled, ie. 1
instead of 0
.
/etc/resolv.conf
on your VMs will be changed. So,
replace the content of /etc/resolv.conf
as below:
nameserver 138.23.169.10Note that this only fixes the hostname resolution on the Router VM but not the Host VM due to a firewall issue on the Router VM. In order to get around this problem (ie. be able to run "ping www.google.com" instead of "ping 74.125.19.99" on the Host VM above), you will need to disable the firewall rules on the Router VM (and on the Router VM only) to allow name resolution on the Host VM:
/etc/init.d/iptables stopWe will "fix" this in the firewall lab exercise.
/etc/sysconfig/network
,
/etc/sysconfig/network-scripts/ifcfg-eth[01]
on both VMs
to make the changes persistent. Also, change the "HOSTNAME" in
/etc/sysconfig/network
of the VMs to reflect their role.
For example, "router" for the Router VM and "host" for the Host VM.
Additionally, on the Router VM only, enable IP forwarding by changing
net.ipv4.ip_forward
to 1 in /etc/sysctl.conf
.