Routing between VMWare LAN Segments

[JohnBradbury]

Okay so my home lab is expanding yet again and I want to start moving my VMs into a team. This will let me place the VMs on their own LAN segments and simulate various network speeds. This will give me a more realistic environment especially when setting up remote sites.

I need a good solution for routing the traffic across the segments. I don't want to use Windows Server as the resources needed to do this would be quite large.

I'm sure there will be a Linux solution for this but I'm looking for something simple and easy to setup as I don't have a lot of time to dedicate to this.

Any suggestions?

[Phoenix]

you could get one of the linux firewall appliances, they should do routing out the box and use minimal resources.. as well as helping you simulate security zones that you would get in normal b2b communications across corporate boundries

I used OpenBSD for my routing
and in some cases ISA2006 (for practice)
so plenty of scope for you to do it

Smoothwlal, Astaro both have good appliances I think

[zebulebu]

Personally I think it would depend on what you wanted to achieve from it. If you just want to set up rotuing without sodding about then one of the linux small distros would be ideal. If you're looking toexpand your skillset - why not get a couple of cheap 2500/2600 Cisco routers and use them? You'll need to make sure you get some with the right WIC cards in them. but that shouldn't be too hard.

Alternatively you could use ISA as Phoenix suggested. ISA is a complex beast, but installing it in your home/lab environment is an excellent way to learn its intricacies. I've got it running as my internal firewall and the things you can do with it are awesome. If you just want it to route traffic it would easily be able to handle it, but you would gain so much potential for learning that I would implement it anyway - even if its just extremely basic for now.

As for the linux distro, if you go down this route basically anything that uses IPTables is pretty easy - smoothwall is probably the best known and simplest to set up so you should probably start there.

[JohnBradbury]

Thanks guys for the input. I'll take a look at the available Linux Appliances and see what I can squeeze out of an ISA box.

Preferably I'd rather use ISA but that would depend on what kind of juice it needs to run. My current setup would require three ISA server.

I'll clone a box now and see if I can get it to run with 128MB, if so I should manage okay.

[popeye67]

I was messing with this too the other day. As per previous posters get small linux appliance (my favourite is zeroshell (boots of cd image (40mb or so) and then you can save config on vsmall vhdd (<1gb). add couple of netcards and of you go. very stable.

hth

this is whats already built in

- Radius Server which is able to provide strong authentication for the Wireless clients by using 802.1x, WPA and WPA2 protocols;
- Captive Portal for network authentication in the HotSpots by using a web browser. The credentials can be verified against a Radius server, a Kerberos 5 KDC (such as Active Directory KDC);
- QoS and traffic shaping management to control the maximum bandwidth, the guaranteed bandwidth and the priority of some types of traffic such as VoIP and P2P;
- VPN host-to-LAN and LAN-to-LAN with the IPSec/L2TP and OpenVPN protocols;
- Routing and Bridging capabilities with VLAN 802.1q support;
- Firewall Packet Filter and Stateful Packet Inspection (SPI);
- Layer 7 filter to block or shape the connections generated by Peer to Peer clients;
- TCP and UDP Virtual Server;
- Multizone DNS server;
- Multi subnet DHCP server;
- PPPoE client for connection to the WAN via ADSL, DSL and cable lines;
- Dynamic DNS client updater for DynDNS;
- NTP (Network Time Protocol) client and server;
- Syslog server for receiving and cataloging the system logs produced by the remote hosts;
- Kerberos 5 authentication;
- LDAP server;
- X509 certification authority.

[HiTekRedNek]

Hi, This is a complete N00bie question. I have had very limited experience in Linux and I am just so so in routing knowledge. What I am looking for is either help or a link to a tutorial about a specific VMWARE configuration.
I am looking to use zeroshell to route between my 2 LAN segments that I have configured under a VMWARE workstation team. I am building a multi site AD/DNS infrustructure simulation and would like to have the ability to be able to also see the outside world because I want to setup DNS forwarding through at least one of the sites. I may also want to configure a WSUS server to grab updates. Ideally I would like to isolate my virtual LAN's from the physical.

My network summary
Physical LAN = 192.168.2.0/24 def g/w 192.168.2.1
LAN A = 192.168.149.0/24 (VMNET3)
LAN B = 192.168.96.0/24 (VMNET4)

Much thanks to anybody who can provide some assistance.[/b]