Difference between revisions of "Virtual-Lan"

From CDOT Wiki
Jump to: navigation, search
(OS Installation)
m (Updating to non-deprecated commands)
 
(20 intermediate revisions by 2 users not shown)
Line 2: Line 2:
  
 
== OS Installation ==
 
== OS Installation ==
* Install 64-bit version of CentOS 5.5 with Virtualization Packages on the Host Computer (the physical unit)
+
* Install 64-bit version of CentOS 7 with Virtualization Packages on the Host Computer (the physical unit)
* Create Four Virtual Machines, each with 8GB of disk space, 1G Memory, 1CPU
+
* Create Four Virtual Machines, each with 10GB of disk space, 1G Memory, 1CPU
* Install CentOS5.5 (excluding Virutualization Packages) on VM1 to VM3 with at least the following packages:
+
* Install CentOS 7 (excluding Virutualization Packages) on VM1 to VM3 with at least the following packages:
 
** NFS
 
** NFS
 
** NIS
 
** NIS
 
** DNS
 
** DNS
 
** DHCP
 
** DHCP
** Postfix, sendmail
+
** Postfix,  
 
** OpenLDAP
 
** OpenLDAP
* CentOS 5.5 configuration:
+
** Wireshark
 +
** tcpdump
 +
* CentOS 7 configuration:
 
** Enable iptables
 
** Enable iptables
** Create a regular user account  
+
** Create a regular user account using your Seneca email ID
 
** Enable SELinux
 
** Enable SELinux
  
Line 22: Line 24:
 
** Name of the device used by each guest OS to connect to the virtual network
 
** Name of the device used by each guest OS to connect to the virtual network
  
* Install Fedora 14 (without Virtualization packages) on VM4 with the following packages:
+
* Install Fedora 21 (without Virtualization packages) on VM4 with the following packages:
 
** NFS
 
** NFS
 
** NIS
 
** NIS
Line 37: Line 39:
 
** Network Address 192.168.[x].0/24 where [x] assigned by your professor
 
** Network Address 192.168.[x].0/24 where [x] assigned by your professor
 
** Network Type: Isolated
 
** Network Type: Isolated
* Locate the name of the physical network device connected to the lab network. The following configuration assume eth3 as the device name name.
+
* Locate the [[Ops535_get_device_name|name of the physical network device]] connected to the lab network. The following configuration assume eth3 as the device name name.
 
** assignment 172.16.[x].1 to the alias of eth3: ifconfig eth3:0 172.16.[x].1
 
** assignment 172.16.[x].1 to the alias of eth3: ifconfig eth3:0 172.16.[x].1
 
* Adding routes to each student's "opsnet" virtual network manually or by running the following bash script on the host OS:
 
* Adding routes to each student's "opsnet" virtual network manually or by running the following bash script on the host OS:
 
  #!/bin/bash
 
  #!/bin/bash
  route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.16.1.1
+
  ip route add 192.168.1.0/24 via 172.16.1.1
  route add -net 192.168.2.0 netmask 255.255.255.0 gw 172.16.2.1
+
  ip route add 192.168.2.0/24 via 172.16.2.1
  route add -net 192.168.3.0 netmask 255.255.255.0 gw 172.16.3.1
+
  ip route add 192.168.3.0/24 via 172.16.3.1
  route add -net 192.168.4.0 netmask 255.255.255.0 gw 172.16.4.1
+
  ip route add 192.168.4.0/24 via 172.16.4.1
 
  ...
 
  ...
  route add -net 192.168.36.0 netmask 255.255.255.0 gw 172.16.36.1
+
  ip route add 192.168.36.0/24 via 172.16.36.1
  
 
or:
 
or:
 
  #!/bin/bash
 
  #!/bin/bash
  x=1
+
count=1
  while [ $x -le 36 ]
+
  x=1 # my network id
 +
  while [ ${count} -le 32 ]
 
  do
 
  do
   route add -net 192.168.${x}.0 netmask 255.255.255.0 gw 172.16.${x}.1
+
   if [ ${count} != ${x} ]
   x=$(expr $x + 1)
+
  then
 +
      ip route add 192.168.${count}.0/24 via 172.16.${count}.1
 +
   fi
 +
  count=$(expr ${count} + 1)
 
  done
 
  done
 +
 +
* You also need to add routes on all you VMs to each student's "opsnet" and the logical network "172.16.0.0" that connects all the hosts. You can do it manually or by running the following script on each of your VMs:
 +
#!/bin/bash
 +
x=10 # my network id
 +
ip route add 192.168.1.0/24 via 192.168.${x}.1
 +
ip route add 192.168.2.0/24 via 192.168.${x}.1
 +
ip route add 192.168.3.0/24 via 192.168.${x}.1
 +
ip route add 192.168.4.0/24 via 192.168.${x}.1
 +
...
 +
ip route add 192.168.36.0/24 via 192.168.${x}.1
 +
ip route add 172.16..0/16 via 192.168.${x}.1
 +
 +
or:
 +
#!/bin/bash
 +
count=1
 +
x=10 # my network id
 +
while [ ${count} -le 32 ]
 +
do
 +
  if [ ${count} != ${x} ]
 +
  then
 +
      ip route add 192.168.1.0/24 via 192.168.${x}.1
 +
  fi
 +
  count=$(expr ${count} + 1)
 +
done
 +
ip route add 172.16..0/16 via 192.168.${x}.1
  
 
* To test your static routes, pair up with a few fellow students and try to ping their VMs in their "opsnet".
 
* To test your static routes, pair up with a few fellow students and try to ping their VMs in their "opsnet".
  
 
* Save your network settings for the real lab.
 
* Save your network settings for the real lab.
 +
 +
* Reboot your Host and restart all your VMs to confirm all the settings are correct.
  
 
==Private Network Address Allocation==
 
==Private Network Address Allocation==
  
* [[OPS535 NETADD 201101| Network Address Allocation for 2011 Winter Semester]]
+
* [[OPS535 Network Address| Network Address Allocation]]
  
 
==CentOS Installation and update Issues==
 
==CentOS Installation and update Issues==
Line 73: Line 106:
 
Place the above line before the "mirrorlist=" line and try running yum update again.
 
Place the above line before the "mirrorlist=" line and try running yum update again.
 
==My Questions==
 
==My Questions==
* I can't ping other student's vm. What should do to fix that?
+
* I can't ping other student's vms. What should I do to fix that?
 +
 
 +
My Network is 192.168.x.0 and the other student's network is 192.168.y.0
 +
 
 +
===Checks the following setup ===
 +
# IP Addresses of your VMs
 +
# IP Addresses of the other student's VMs
 +
# IP address of the default gateway on your VMs, should be pointing to 192.168.122.1
 +
# IP address of the default gateway on the other student's VMs, should be pointing to 192.168.122.1
 +
# The kernel routing table on your host. Should have a route to 192.168.y.0 network via 172.16.y.1
 +
# The kernel routing table on the other student's host. Should have a route to 192.168.x.0 via 172.16.x.1
 +
# The ip_forward flag on your host, the contents of /proc/sys/net/ipv4/ip_forward should be set to "1"
 +
# The ip_forward flag on the other student's host, the contents of /proc/sys/net/ipv4/ip_forward should be set to "1"
 +
# A rule (or policy) in the FORWARD chain on your host's firewall to allow traffic between yours and the other student's VMs
 +
# A rule (or policy) in the FORWARD chain on the other student's host's firewall to allow traffic between yours and the other student's VMs
 +
 
 +
If all the above are set up properly, perform the following steps from one of your VMs:
 +
# ping your gateway 192.168.x.1
 +
# ping your host external IP 172.16.x.1
 +
# ping the other student's external IP 172.16.y.1
 +
# ping the other student's internal gateway 192.168.y.1
 +
# ping the other student's VMs 192.168.y.z
 +
 
 +
* If you can ping 172.16.x.1 but not 172.16.y.1, make sure that your host can ping the other student's host.
 +
* If you can't ping 172.16.x.1, check your internet network setup.
 +
* If you can ping 172.16.y.1, but not 192.168.y.1, ask/help the other student to check the kernel routing table on its VM.
  
 
[[Category:OPS535]]
 
[[Category:OPS535]]

Latest revision as of 18:48, 30 September 2018

Setup a Virtual Local Area Network environment for OPS535 Labs

OS Installation

  • Install 64-bit version of CentOS 7 with Virtualization Packages on the Host Computer (the physical unit)
  • Create Four Virtual Machines, each with 10GB of disk space, 1G Memory, 1CPU
  • Install CentOS 7 (excluding Virutualization Packages) on VM1 to VM3 with at least the following packages:
    • NFS
    • NIS
    • DNS
    • DHCP
    • Postfix,
    • OpenLDAP
    • Wireshark
    • tcpdump
  • CentOS 7 configuration:
    • Enable iptables
    • Create a regular user account using your Seneca email ID
    • Enable SELinux
  • Collect the following information:
    • IP address(es) assigned to the host OS and each VM for the virtual network
    • Name of the network device used by the host OS to connect to the virtual network
    • IP address, netmask, and gateway for each guest OS
    • Name of the device used by each guest OS to connect to the virtual network
  • Install Fedora 21 (without Virtualization packages) on VM4 with the following packages:
    • NFS
    • NIS
    • DNS
    • OpenLDAP
    • Wireshark
    • tcpdump

Virtual Network Configuration

  • Default Virtual Network
    • Network Address 192.168.122.0/24
    • Network Type: NAT
  • Create the 2nd Virtual Network, named "opsnet"
    • Network Address 192.168.[x].0/24 where [x] assigned by your professor
    • Network Type: Isolated
  • Locate the name of the physical network device connected to the lab network. The following configuration assume eth3 as the device name name.
    • assignment 172.16.[x].1 to the alias of eth3: ifconfig eth3:0 172.16.[x].1
  • Adding routes to each student's "opsnet" virtual network manually or by running the following bash script on the host OS:
#!/bin/bash
ip route add 192.168.1.0/24 via 172.16.1.1
ip route add 192.168.2.0/24 via 172.16.2.1
ip route add 192.168.3.0/24 via 172.16.3.1
ip route add 192.168.4.0/24 via 172.16.4.1
...
ip route add 192.168.36.0/24 via 172.16.36.1

or:

#!/bin/bash
count=1
x=1 # my network id
while [ ${count} -le 32 ]
do
  if [ ${count} != ${x} ]
  then
      ip route add 192.168.${count}.0/24 via 172.16.${count}.1
  fi
  count=$(expr ${count} + 1)
done
  • You also need to add routes on all you VMs to each student's "opsnet" and the logical network "172.16.0.0" that connects all the hosts. You can do it manually or by running the following script on each of your VMs:
#!/bin/bash
x=10 # my network id
ip route add 192.168.1.0/24 via 192.168.${x}.1
ip route add 192.168.2.0/24 via 192.168.${x}.1
ip route add 192.168.3.0/24 via 192.168.${x}.1
ip route add 192.168.4.0/24 via 192.168.${x}.1
...
ip route add 192.168.36.0/24 via 192.168.${x}.1
ip route add 172.16..0/16 via 192.168.${x}.1

or:

#!/bin/bash
count=1
x=10 # my network id
while [ ${count} -le 32 ]
do
  if [ ${count} != ${x} ]
  then
      ip route add 192.168.1.0/24 via 192.168.${x}.1
  fi
  count=$(expr ${count} + 1)
done
ip route add 172.16..0/16 via 192.168.${x}.1
  • To test your static routes, pair up with a few fellow students and try to ping their VMs in their "opsnet".
  • Save your network settings for the real lab.
  • Reboot your Host and restart all your VMs to confirm all the settings are correct.

Private Network Address Allocation

CentOS Installation and update Issues

If you think that the yum update process takes too long to complete, inspect the file /etc/yum.repos.d/CentOS-Base.repo and add belmont to the baseurl under the [base] and [updates] sections:

baseurl=http://belmont.senecac.on.ca/centos/$releasever/os/$basearch/

Place the above line before the "mirrorlist=" line and try running yum update again.

My Questions

  • I can't ping other student's vms. What should I do to fix that?

My Network is 192.168.x.0 and the other student's network is 192.168.y.0

Checks the following setup

  1. IP Addresses of your VMs
  2. IP Addresses of the other student's VMs
  3. IP address of the default gateway on your VMs, should be pointing to 192.168.122.1
  4. IP address of the default gateway on the other student's VMs, should be pointing to 192.168.122.1
  5. The kernel routing table on your host. Should have a route to 192.168.y.0 network via 172.16.y.1
  6. The kernel routing table on the other student's host. Should have a route to 192.168.x.0 via 172.16.x.1
  7. The ip_forward flag on your host, the contents of /proc/sys/net/ipv4/ip_forward should be set to "1"
  8. The ip_forward flag on the other student's host, the contents of /proc/sys/net/ipv4/ip_forward should be set to "1"
  9. A rule (or policy) in the FORWARD chain on your host's firewall to allow traffic between yours and the other student's VMs
  10. A rule (or policy) in the FORWARD chain on the other student's host's firewall to allow traffic between yours and the other student's VMs

If all the above are set up properly, perform the following steps from one of your VMs:

  1. ping your gateway 192.168.x.1
  2. ping your host external IP 172.16.x.1
  3. ping the other student's external IP 172.16.y.1
  4. ping the other student's internal gateway 192.168.y.1
  5. ping the other student's VMs 192.168.y.z
  • If you can ping 172.16.x.1 but not 172.16.y.1, make sure that your host can ping the other student's host.
  • If you can't ping 172.16.x.1, check your internet network setup.
  • If you can ping 172.16.y.1, but not 192.168.y.1, ask/help the other student to check the kernel routing table on its VM.