VLS2VLS-Routing
Background Information
The following configuration may be used to set up the proper routes between private Virtual LAN Segments (VLS) in OPS535 Virtual Lab on CentOS 8.x virtual machines. The custom routes added to the gateway VM (VM1), and their corresponding VMs (VM2 to VM4) in their private VLS will enable VMs in each private VLS to communicate with VMs in the other private VLS.
Virtual LAN Segment setting
Consider three VLSs (one for each student) where there are 3 gateways, one for each VLS in the OPS535 virtual lab:
VLS 1
VLS network: 192.168.1.0/24
Gateway (Host) IPs: Internal (ens224): 192.168.1.1 External (ens192): 172.20.1.1
VMs IPs:
- VM2: 192.168.1.2
- VM3: 192.168.1.3
- VM4: 192.168.1.4
Default gateway on each VM2: 172.20.255.1 Gateway to the 192.168.0.0/16 network: 192.168.1.1
VLS 2
VLS network: 192.168.2.0/24
Gateway (Host) IPs: Internal (ens224): 192.168.2.1 External (ens192): 172.20.2.1
VMs IPs:
- VM2: 192.168.2.2
- VM3: 192.168.2.3
- VM4: 192.168.2.4
Default gateway on each VM2: 172.20.255.1 Gateway to the 192.168.0.0/16 network: 192.168.2.1
VLS 3
VLS network: 192.168.3.0/24
Gateway (Host) IPs: Internal (ens224): 192.168.3.1 External (ens192): 172.20.3.1
VMs IPs:
- VM2: 192.168.3.2
- VM3: 192.168.3.3
- VM4: 192.168.3.4
Default gateway on each VM2: 172.20.255.1 Gateway to the 192.168.0.0/16 network: 192.168.3.1
Manually configure custom routes on the gateways to reach VMs in other VLSs
You only need to create the custom routes on your own VLS, but make sure that other student's VLS has the custom routes to your VLS.
On VLS 1
On VLS 1's gateway (192.168.1.1 or 172.20.1.1): Using nmcli:
- nmcli con modify ens192 +ipv4.routes "192.168.2.0/24 172.20.2.1 100"
- nmcli con modify ens192 +ipv4.routes "192.168.3.0/24 172.20.3.1 100"
- nmcli con down ens192
- nmcli con up ens192
Check to make sure that your kernel routing table has the proper entries with the following command:
- ip route show
On VLS 2
On VLS 2's gateway (192.168.2.1 or 172.20.2.1): Using nmcli:
- nmcli con modify ens192 +ipv4.routes "192.168.1.0/24 172.20.1.1 100"
- nmcli con modify ens192 +ipv4.routes "192.168.3.0/24 172.20.3.1 100"
- nmcli con down ens192
- nmcli con up ens192
Check to make sure that your kernel routing table has the proper entries with the following command:
- ip route show
On VLS 3
On VLS 3's gateway (192.168.3.1 or 172.20.3.1): Using nmcli:
- nmcli con modify ens192 +ipv4.routes "192.168.1.0/24 172.20.1.1 100"
- nmcli con modify ens192 +ipv4.routes "192.168.2.0/24 172.20.2.1 100"
- nmcli con down ens192
- nmcli con up ens192
Check to make sure that your kernel routing table has the proper entries with the following command:
- ip route show
Manually Configure routes on each VM in each VLS
You only need to create the custom routes on the VM in your VLS, but make sure that other students have proper routes on their VMs as well.
VLS 1 VM2 to VM4
On VLS 1's VM (192.168.1.2 .. 192.168.1.4)
- nmcli con modify ens224 +ipv4.routes "192.168.0.0/16 192.168.1.1 100"
- nmcli con down ens224
- nmcli con up ens224
- ip route show
VLS 2 VM2 to VM4
On VLS 2's VM (192.168.2.2 .. 192.168.2.4)
- nmcli con modify ens224 +ipv4.routes "192.168.0.0/16 192.168.2.1 100"
- nmcli con down ens224
- nmcli con up ens224
- ip route show
VLS 3 VM2 to VM4
On VLS 3's VM (192.168.3.2 .. 192.168.3.4)
- nmcli con modify ens224 +ipv4.routes "192.168.0.0/16 192.168.3.1 100"
- nmcli con down ens224
- nmcli con up ens224
- ip route show
Automate the process using BASH script
The above example shows that 2 custom routes on each VLS are needed to provides the proper routing to reach 2 other VLS on the your gateway (VM1). It will be quite time consuming to manage all the routes if the number of VLS is much greater (how about 40 VLSs?). The following script will be more practical if your need to set up all the necessary routes for a large number of VLSs. Both scripts use the shell environment variables "MY_VLS_NO" and "OTHER_VLS_NOS" to allow customization for different values of VLSs.
Shell Script for adding custom routes on your gateway to other's VLSs
- set the shell variable MY_VLS_NO to your assigned network ID (I use 2 here as an example, please change 2 to your assigned network ID)
export MY_VLS_NO=2
- set the shell variable OTHER_VLS_NOS to the list of VLS you want to have a route to their VLS network. The following example assign the list of network numbers 32, 33, 34, 35, 41, 42, and 43 that you want to create a custom route on your gateway:
export OTHER_VLS_NOS="32 33 34 35 41 42 43"
- If you want to add a route for each VLS network in the virtual lab, you need:
export OTHER_VLS_NOS="1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43"
The following Bash script to add 7 new custom routes to your gateway VM's routing table:
#! /bin/bash if [ -z "$MY_VLS_NO" ] then echo "Please run the following command to assign your network number" >&2 echo "to the shell varible MY_VLS_NO and run this script again." >&2 echo "Please replace xx with your actual network number." >&2 echo " export MY_VLS_NO=xx" >&2 exit 1 fi X=${MY_VLS_NO} echo "Your Network Number is $X" if [ -z "$OTHER_VLS_NOS" ] then echo "Please run the following command to assign the list of " >&2 echo "private VLS Networks you want to add a route on your gateway " >&2 echo "to the shell variable OTHER_VLS_NOS and run this script again." >&2 echo "The following command assign 32, 33, 34, 35, 41, 42, and 43" >&2 echo "to the variable OTHER_VLS_NOS. Please replace those number" >&2 echo "with the ones you actually wanted." >&2 echo " export OTHER_VLS_NOS=\"32 33 34 35 41 42 43\"" >&2 exit 2 fi Y=${OTHER_VLS_NOS} echo "Route to be added for the network number(s) $Y" echo -n "Press ENTER to continue ... " read dummy # Add new route for y in $Y do if [ "$X" -ne "$y" ] then nmcli con modify ens192 +ipv4.routes "192.168.${y}.0 172.20.${y}.1 100" echo "Adding route to 192.168.${y}.0 network." fi done nmcli con down ens192 nmcli con up ens192 ip route show # enable IP forwarding on the gateway, add "net.ipv4.ip_forward = 1" to /etc/sysctl.conf echo "1" > /proc/sys/net/ipv4/ip_forward