virtualbox.org

End user forums for VirtualBox
https://forums.virtualbox.org/

*** SOLVED *** Lab; creating a fake internet

https://forums.virtualbox.org/viewtopic.php?t=49048

Page 1 of 1

*** SOLVED *** Lab; creating a fake internet

Posted: 14. Apr 2012, 08:21
by SilkBC
Hi.

I am using VirtualBox 4.1.12. I am wanting to do some testing and simulate two different networks with a "fake internet" between them. I am basically wanting to create a mini simulation of our office network and our colo network. I have created two Debian 6 guests to be used as firewalls for each of the two networks and configured them to use internal network. As I did so, I created two different networks:

colo-wan
office-wan

On each firewall's eth0, I configured their respective "routable" IPs (I don't of course expect to reach the actual Internet). Of course I was not able to ping either firewall from the other, but this is where I am stuck. I found one site that suggested setting the netmask to /0 which would put the two firewalls on the same subnet, but when I do that and restart networking, it says that eth0 could not be brought up. Just as a test, I tried pinging each firewall from the other, but of course it did not work. The same guide also suggested that the following would work (to be done on each firewall):

Code: Select all

route add default dev eth0
but again, if I do that, the route does get added to the routing table, but I am still unable to ping either host from the other.

Is what I am trying to do possible, and if so, any idea how I can make it work?

Thanks, in advance, for your help.

-SilkBC

Posted: 14. Apr 2012, 18:09
by SilkBC
OK, I got this figured out. The problem was two-fold.

Our office LAN has VL and the firewall has VLAN interfaces. I was trying to recreate the firewall exactly and created the VLAN interfaces, but of course the eth0 wasn't plugged into anything that knew where to put that VLAN traffic, it was failing.

The other problem, and this is the important part, was I initially put eth0 on each firewall onto it's own WAN link, which of course is not going to work; they have to be part of the same network, of course. Once you do that, then running the route command in me previous post will allow them to communicate with each other over the fake internet. So just by way of summary:

1.) User internal networking
2.) Create at least three internal networks: fake_internet, office-lan, colo-lan (you can use whatever labels you want, but those are the ones I am using). Connect eth0 on each firewall/router to the fake_internet and then the eth1 to their respective *-lan networks.
3.) Do not use VLAN interfaces
4.) Add the following command to each firewall/router's /etc/rc.local:

Code: Select all

route add default dev eth0
I hope this helps

-SilkBC
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited