Setting up a DNS on private network, needing internet access on one

[Nathan Sinclair]

Hi,

I recently picked up Virtual Box for setting up a server that will need NAPTR records for talking to the server. I am using BIND on my dns servers (set up two)
and want them to be in a private network.

I currently have it set up like this:

Server:
Adapter1: Bridged
Adapter2: NatNetwork

DNS1:
Adapter 1: NatNetwork

DNS2:
Adapter 1: NatNetwork.

However, the current set up doesn't work. I am needing to have access to the server from outside since there are members on the team that are not in the same physical building as I am. My understanding of NatNetwork adapter is that it acts as a virtual group that the computers part of the network can connect to. Not sure the difference between NatNetwork and NAT.

Currently, if I set up the second adapter on the server, i can't access the computer over the internet, and it comes up with an error when doing
sudo ifdown --force eth0 && sudo ip addr flush dev eth0 && sudo ifup --force eth0 (eth0 replaced with actual card)

I'm happy at this stage to get internet access on the server computer. But for reference, i have it port forwarded from the router to give ssh access to the server from outside. That rule hasn't changed.

the information in /etc/network/interfaces

auto card
allow-hotplug card
iface card inet dhcp

or

auto card
allow-hotplug card
iface card inet static
address ip
netmask 255.255.255.0
gateway ip
dns-search domain
dns-nameservers dns1 dns2 8.8.8.8

however neither let me ssh into the server.

i have to comment out the lines to get ssh to work again.

In the future I'll also need to set up the a fire wall for the domain since i dont want other access to the domain other than me and my team mate. This is my first project doing something like this, so any guides or advice for doing so will be appreciated!
The actual network in the future will have a website, current server, and android access to it (with the domain for server)

[socratis]

[pre]+-----------+-------------+-------------+----------------+----------------+
| | VM <-> Host | VM1 <-> VM2 | VM -> Internet | VM <- Internet |
+-----------+-------------+-------------+----------------+----------------+
| HostOnly | Yes | Yes | No | No |
| Internal | No | Yes | No | No |
| Bridged | Yes | Yes | Yes | Yes |
| NAT | No | No | Yes | Port forward |
| NATNet | No | Yes | Yes | Port forward |
+-----------+-------------+-------------+----------------+----------------+[/pre]
Bridged will allow your guest to appear as just another PC on your host's network. The host, all the other network PCs, the internet and the guest can all communicate. The guest would default to getting an IP address from your host network's router. The host needs to be connected to an active network to allow guests to use Bridged. And Bridged is not always compatible with Wi-Fi.

Internal makes a private network just for your guests. There is no host communication or internet. There is no DCHP server on an internal network by default, though you can put one on in Virtualbox. Otherwise configure static IP address for the guests within the guest OS's. Or you can make a router guest using a router OS like pfSense. You can make more than one internal network by naming the new networks differently.

Host-Only is a special form of internal network that also includes the host, via a virtual Host-Only network adapter made on your host, defaulting to IP address 192.168.56.1, and there is a default DHCP server handing out IP addresses to the guests starting at 192.168.56.101. You can change the IP address range or make multiple host-only networks in Virtualbox's Network settings in the main GUI. There is no internet in Host-Only.

Virtualbox has two kinds of NAT: regular NAT and a NAT network service. Regular NAT ("NAT" in the dropdown) connects each guest to the host's network connection and internet via an independent channel. The host and any other guests cannot connect to the NAT-connected guest, although ports can be opened, just like NAT in a router. (The NAT guest can, however, see any services and shared folders on the host's network.)

The NAT network service ("NAT network" in the dropdown) is like a home router, NAT to the outside world and multiple "LAN" guest connections. All the guests connected to this "NAT network" can see and communicate with each other. Internet is accessible. Ports can be opened just like a real router. You need to make a new NAT network in the main Virtualbox window, File Menu, Preferences, Network. Then attach the guests using the name of the NAT network you made in Preferences.

More information, ch. 6. Virtual networking. And remember, you can always have more than one network card.

[Nathan Sinclair]

Thank you for the reply socratis.

I've managed to sort out what i need for 3 computers, however i've added a webclient into the mix, for allowing a gui to access web pages.

So you have the server, two dns servers in a host-network which are able to get domain information between them. I can resolve the domain name for the server from the client if i only have a host network.

all good so far.

i'm running debian 8.8 on the webclient, though its not necessary... it's just i haven't used linux much before.

In fact there's no justified need that the webclient use linux at all. That's the only image that i can get currently. What a hassle!

I'm in a better place to sort out what the next step is now. Thanks for help