|
|
| (119 intermediate revisions by 6 users not shown) |
| Line 1: |
Line 1: |
| − | FOCUS: Configure a Linux Gateway for Linux Hosts inside an Intranet
| + | #REDIRECT [[OPS335_Lab_2]] |
| − | This lab will show you how to set up a simple intranet using one Fedora PC as a gateway. The same Fedora PC will be a host to a Fedora VM (Virtual Machine) which will act as a PC inside an intranet. Here is a diagram of your setup.
| |
| − | | |
| − | REQUIREMENTS: Lab00 should be completed and you should have a copy of Fedora 13, x86_64 live CD.
| |
| − | | |
| − | PART A - Setting up the VM Host PC with one guest VM.
| |
| − | | |
| − | Boot up your Fedora 13 x86_64 system, login as joker and use Firefox to authenticate your web access using your LEARN account and password.
| |
| − | Open a terminal window and su to root.
| |
| − | Ensure your system date and time are correct.
| |
| − | Start your ssh server [ service sshd start ] - you'll need this later in the lab. If you want your ssh server to be started each time you boot up, enter this command [ chkconfig --levels 2345 sshd on ].
| |
| − | Ensure your system is up to date [ yum update ].
| |
| − | Install the virtualization software [ yum groupinstall virtualization ].
| |
| − | Start the libvirt daemon [ service libvirtd start ]. If you want the libvirt daemon to start at every boot up, enter this command [ chkconfig --levels 2345 libvirtd on ].
| |
| − | Restart your firewall [ service iptables restart ].
| |
| − | You are now ready to build a VM guest. You learned how to do this last semester in OPS235. If you need to be refreshed please refer to OPS235 LAB06.
| |
| − | | |
| − | Start the virtual machine manager [ virt-manager ].
| |
| − | Enter the root password.
| |
| − | Click on the icon "Create a new virtual machine".
| |
| − | Name your machine "vm01" then click on the "forward" button.
| |
| − | Insert your F13 CD and select "Use CDROM".
| |
| − | For "OS type" select "Linux" and for Version select "Fedora 13" then click on the "Forward" button.
| |
| − | Let the RAM default to 512MB and the CPUs to 1. Then click on the "Forward" button.
| |
| − | Leave the disk image size set at 8GB and ensure "Allocate entire disk now" is checked, then click on the "Forward" button.
| |
| − | At the "Ready to begin installation" window click on the "Finish" button.
| |
| − | Once your Fedora Live CD boots up, login and double click the "Install to Hard Disk" icon.
| |
| − | Click the "Next" button to begin your F13 installation.
| |
| − | Select "US English" for your keyboard and click on the "Next" button.
| |
| − | Ensure "Basic Storage Devices" is selected and click on the "Next" button.
| |
| − | Select the "Virtio Block Device" check box and click on the "Next" button.
| |
| − | Click on the "Re-initialize All" button".
| |
| − | Change your hostname to "vm01.localdomain" and click on the "Next" button.
| |
| − | Select "America/Toronto" as your timezone and click on the "Next" button.
| |
| − | Enter the password for root and click on the "Next" button.
| |
| − | Select "Use All Space" and click on the "Next" button.
| |
| − | Click on the "Write Changes to Disk" button.
| |
| − | When the "Congratulations" window is displayed click on the "Close" button.
| |
| − | Now, from the System men on the host PC, select "Shutdown" and then click on the "Restart" button.
| |
| − | At the "Welcome" screen click on the "Froward" button.
| |
| − | At the "License" window click on the "Forward" button.
| |
| − | Enter a user name of "Joker" and add the password then click the "Forward" button.
| |
| − | Enter the correct date and time and click on the "Forward" button.
| |
| − | In the "Profile" window, click on the "Finish" button and "Do not send profile".
| |
| − | Now login as user "joker" and open a terminal window.
| |
| − | Switch to root and update your VM guest machine [ yum update ]. This could take a long time and you should reboot after it's done.
| |
| − | Ensure your VM guest has internet access [ host cbc.ca ].
| |
| − | | |
| − | Proceed to PART B.
| |
| − | PART B - Testing your Gateway.
| |
| − | Try pinging each machine from the other.
| |
| − | Try pinging Matrix from each machine.
| |
| − | Start the ssh server on both machines [ service sshd start ].
| |
| − | Enable the ssh server at startup on both machines [ chkconfig --levels 2345 sshd on ].
| |
| − | Start Firefox on your host machine and authenticate yourself on Senenet.
| |
| − | Try to ssh from the guest to the host machine. This should work.
| |
| − | Try to ssh from the host to the guest machine. This should not work.
| |
| − | Try to ssh to your Matrix account from both the host and guest machines.
| |
| − | Try to ssh from your Matrix account back to your host and guest machines.
| |
| − | Add one iptables rule to the guest firewall that will accept new ssh connections to the guest machine.
| |
| − | Save your new firewall rules [ iptables-save > /etc/sysconfig/iptables ]
| |
| − | Reboot your guest machine.
| |
| − | Try to ssh from the host to the guest machine. This should now work.
| |
| − | Start Firefox on the guest machine and try surfing the web without authicating yourself on Senenet. i.e. only the host machine is authenticated.
| |
| − | PART C - Answer the following questions and and email them to your instructor in ASCII text format.
| |
| − | | |
| − | What is your full name and Seneca student ID?
| |
| − | What iptables rule did you add in PART B step 10?
| |
| − | Explain how Network Address Translation is accomplished on the host. Refer specifically to the 3 rules in the POSTROUTING chain of the nat table on the host machine.
| |
| − | How is ping and ssh affected (on both machines) if you disable ip forwarding on the host machine [ echo 0 > /proc/sys/net/ipv4/ip_forward ]?
| |
| − | Did you clean up your work area, power off your PC and push your chair under the table when you completed this lab?
| |
