Difference between revisions of "OPS335 Lab 1"
(→Setting up the VM Host PC with one guest VM) |
(→Setting up the VM Host PC with one guest VM) |
||
Line 30: | Line 30: | ||
*Click on the icon "Create a new virtual machine". | *Click on the icon "Create a new virtual machine". | ||
*Name your machine "vm01" then click on the "forward" button. | *Name your machine "vm01" then click on the "forward" button. | ||
− | Insert your F13 CD and select "Use CDROM". | + | *Insert your F13 CD and select "Use CDROM". |
− | For "OS type" select "Linux" and for Version select "Fedora 13" then click on the "Forward" button. | + | *For "OS type" select "Linux" and for Version select "Fedora 13" then click on the "Forward" button. |
− | Let the RAM default to 512MB and the CPUs to 1. Then click on the "Forward" button. | + | *Let the RAM default to 512MB and the CPUs to 1. Then click on the "Forward" button. |
− | Leave the disk image size set at 8GB and ensure "Allocate entire disk now" is checked, then click on the "Forward" button. | + | *Leave the disk image size set at 8GB and ensure "Allocate entire disk now" is checked, then click on the "Forward" button. |
− | At the "Ready to begin installation" window click on the "Finish" button. | + | *At the "Ready to begin installation" window click on the "Finish" button. |
− | Once your Fedora Live CD boots up, login and double click the "Install to Hard Disk" icon. | + | *Once your Fedora Live CD boots up, login and double click the "Install to Hard Disk" icon. |
− | Click the "Next" button to begin your F13 installation. | + | *Click the "Next" button to begin your F13 installation. |
− | Select "US English" for your keyboard and click on the "Next" button. | + | *Select "US English" for your keyboard and click on the "Next" button. |
− | Ensure "Basic Storage Devices" is selected and click on the "Next" button. | + | *Ensure "Basic Storage Devices" is selected and click on the "Next" button. |
− | Select the "Virtio Block Device" check box and click on the "Next" button. | + | *Select the "Virtio Block Device" check box and click on the "Next" button. |
− | Click on the "Re-initialize All" button". | + | *Click on the "Re-initialize All" button". |
− | Change your hostname to "vm01.localdomain" and click on the "Next" button. | + | *Change your hostname to "vm01.localdomain" and click on the "Next" button. |
− | Select "America/Toronto" as your timezone and click on the "Next" button. | + | *Select "America/Toronto" as your timezone and click on the "Next" button. |
− | Enter the password for root and click on the "Next" button. | + | *Enter the password for root and click on the "Next" button. |
− | Select "Use All Space" and click on the "Next" button. | + | *Select "Use All Space" and click on the "Next" button. |
− | Click on the "Write Changes to Disk" button. | + | *Click on the "Write Changes to Disk" button. |
− | When the "Congratulations" window is displayed click on the "Close" button. | + | *When the "Congratulations" window is displayed click on the "Close" button. |
− | Now, from the System men on the host PC, select "Shutdown" and then click on the "Restart" button. | + | *Now, from the System men on the host PC, select "Shutdown" and then click on the "Restart" button. |
− | At the "Welcome" screen click on the "Froward" button. | + | *At the "Welcome" screen click on the "Froward" button. |
− | At the "License" window click on the "Forward" button. | + | *At the "License" window click on the "Forward" button. |
− | Enter a user name of "Joker" and add the password then click the "Forward" button. | + | *Enter a user name of "Joker" and add the password then click the "Forward" button. |
− | Enter the correct date and time and click on the "Forward" button. | + | *Enter the correct date and time and click on the "Forward" button. |
− | In the "Profile" window, click on the "Finish" button and "Do not send profile". | + | *In the "Profile" window, click on the "Finish" button and "Do not send profile". |
− | Now login as user "joker" and open a terminal window. | + | *Now login as user "joker" and open a terminal window. |
− | Switch to root and update your VM guest machine [ yum update ]. This could take a long time and you should reboot after it's done. | + | *Switch to root and update your VM guest machine [ yum update ]. This could take a long time and you should reboot after it's done. |
− | Ensure your VM guest has internet access [ host cbc.ca ]. | + | *Ensure your VM guest has internet access [ host cbc.ca ]. |
− | Proceed to PART B | + | Proceed to PART B |
− | PART B - Testing your Gateway | + | |
− | Try pinging each machine from the other. | + | ==PART B - Testing your Gateway == |
− | Try pinging Matrix from each machine. | + | *Try pinging each machine from the other. |
− | Start the ssh server on both machines [ service sshd start ]. | + | *Try pinging Matrix from each machine. |
− | Enable the ssh server at startup on both machines [ chkconfig --levels 2345 sshd on ]. | + | *Start the ssh server on both machines [ service sshd start ]. |
− | Start Firefox on your host machine and authenticate yourself on Senenet. | + | *Enable the ssh server at startup on both machines [ chkconfig --levels 2345 sshd on ]. |
− | Try to ssh from the guest to the host machine. This should work. | + | *Start Firefox on your host machine and authenticate yourself on Senenet. |
− | Try to ssh from the host to the guest machine. This should not work. | + | *Try to ssh from the guest to the host machine. This should work. |
− | Try to ssh to your Matrix account from both the host and guest machines. | + | *Try to ssh from the host to the guest machine. This should not work. |
− | Try to ssh from your Matrix account back to your host and guest machines. | + | *Try to ssh to your Matrix account from both the host and guest machines. |
− | Add one iptables rule to the guest firewall that will accept new ssh connections to the guest machine. | + | *Try to ssh from your Matrix account back to your host and guest machines. |
− | Save your new firewall rules [ iptables-save > /etc/sysconfig/iptables ] | + | *Add one iptables rule to the guest firewall that will accept new ssh connections to the guest machine. |
− | Reboot your guest machine. | + | *Save your new firewall rules [ iptables-save > /etc/sysconfig/iptables ] |
− | Try to ssh from the host to the guest machine. This should now work. | + | *Reboot your guest machine. |
− | Start Firefox on the guest machine and try surfing the web without authicating yourself on Senenet. i.e. only the host machine is authenticated. | + | *Try to ssh from the host to the guest machine. This should now work. |
− | PART C - Answer the following questions and and email them to your instructor in ASCII text format | + | *Start Firefox on the guest machine and try surfing the web without authicating yourself on Senenet. i.e. only the host machine is authenticated. |
+ | |||
+ | == PART C - Answer the following questions and and email them to your instructor in ASCII text format == | ||
What is your full name and Seneca student ID? | What is your full name and Seneca student ID? |
Revision as of 14:40, 5 September 2011
Contents
Configure a Linux Gateway for Linux Hosts inside an Intranet
This lab will show you how to set up a simple intranet using one Fedora PC as a gateway. The same Fedora PC will be a host to a Fedora VM (Virtual Machine) which will act as a PC inside an intranet. Here is a diagram of your setup.
REQUIREMENTS: Lab00 should be completed and you should have a copy of Fedora 13, x86_64 live CD.
Setting up the VM Host PC with one guest VM
- Boot up your Fedora 13 x86_64 system, login as joker and use Firefox to authenticate your web access using your LEARN account and password.
- Open a terminal window and su to root.
- Ensure your system date and time are correct.
- Start your ssh server
service sshd start
You'll need this later in the lab. If you want your ssh server to be started each time you boot up, enter this command
chkconfig --levels 2345 sshd on
- Ensure your system is up to date
yum update
- Install the virtualization software
yum groupinstall virtualization
- Start the libvirt daemon
service libvirtd start
If you want the libvirt daemon to start at every boot up, enter this command [ chkconfig --levels 2345 libvirtd on ].
- Restart your firewall
service iptables restart
- You are now ready to build a VM guest. You learned how to do this last semester in OPS235. If you need to be refreshed please refer to OPS235 LAB06.
- Start the virtual machine manager
virt-manager
- Enter the root password.
- Click on the icon "Create a new virtual machine".
- Name your machine "vm01" then click on the "forward" button.
- Insert your F13 CD and select "Use CDROM".
- For "OS type" select "Linux" and for Version select "Fedora 13" then click on the "Forward" button.
- Let the RAM default to 512MB and the CPUs to 1. Then click on the "Forward" button.
- Leave the disk image size set at 8GB and ensure "Allocate entire disk now" is checked, then click on the "Forward" button.
- At the "Ready to begin installation" window click on the "Finish" button.
- Once your Fedora Live CD boots up, login and double click the "Install to Hard Disk" icon.
- Click the "Next" button to begin your F13 installation.
- Select "US English" for your keyboard and click on the "Next" button.
- Ensure "Basic Storage Devices" is selected and click on the "Next" button.
- Select the "Virtio Block Device" check box and click on the "Next" button.
- Click on the "Re-initialize All" button".
- Change your hostname to "vm01.localdomain" and click on the "Next" button.
- Select "America/Toronto" as your timezone and click on the "Next" button.
- Enter the password for root and click on the "Next" button.
- Select "Use All Space" and click on the "Next" button.
- Click on the "Write Changes to Disk" button.
- When the "Congratulations" window is displayed click on the "Close" button.
- Now, from the System men on the host PC, select "Shutdown" and then click on the "Restart" button.
- At the "Welcome" screen click on the "Froward" button.
- At the "License" window click on the "Forward" button.
- Enter a user name of "Joker" and add the password then click the "Forward" button.
- Enter the correct date and time and click on the "Forward" button.
- In the "Profile" window, click on the "Finish" button and "Do not send profile".
- Now login as user "joker" and open a terminal window.
- Switch to root and update your VM guest machine [ yum update ]. This could take a long time and you should reboot after it's done.
- Ensure your VM guest has internet access [ host cbc.ca ].
Proceed to PART B
PART B - Testing your Gateway
- Try pinging each machine from the other.
- Try pinging Matrix from each machine.
- Start the ssh server on both machines [ service sshd start ].
- Enable the ssh server at startup on both machines [ chkconfig --levels 2345 sshd on ].
- Start Firefox on your host machine and authenticate yourself on Senenet.
- Try to ssh from the guest to the host machine. This should work.
- Try to ssh from the host to the guest machine. This should not work.
- Try to ssh to your Matrix account from both the host and guest machines.
- Try to ssh from your Matrix account back to your host and guest machines.
- Add one iptables rule to the guest firewall that will accept new ssh connections to the guest machine.
- Save your new firewall rules [ iptables-save > /etc/sysconfig/iptables ]
- Reboot your guest machine.
- Try to ssh from the host to the guest machine. This should now work.
- Start Firefox on the guest machine and try surfing the web without authicating yourself on Senenet. i.e. only the host machine is authenticated.
PART C - Answer the following questions and and email them to your instructor in ASCII text format
What is your full name and Seneca student ID? What iptables rule did you add in PART B step 10? Explain how Network Address Translation is accomplished on the host. Refer specifically to the 3 rules in the POSTROUTING chain of the nat table on the host machine. How is ping and ssh affected (on both machines) if you disable ip forwarding on the host machine [ echo 0 > /proc/sys/net/ipv4/ip_forward ]? Did you clean up your work area, power off your PC and push your chair under the table when you completed this lab?