setting up a virtual nework to connect to the internet

[simongrahamuk]

This is one that I should really know the answer to, but well I dont.

In the past I have always set up my virtual network (domain) to be local only but I blew it all away yesterday and am now in the process of setting up a new lab.

Essentially what I want to do is have my server (only one for now) act as a domain controller for my domain and all of the clients use the dc as their gateway to access the internet. I intend to have all of my lab domain on a seperate ip range using static addresses from the dhcp range provided by my router.

effertively my setup will be (for now)

Router - Virtual server 1 - client1, client2, etc.

nothing complex.

If I set my servers NIC to use NAT through the hosts NIC then as soon as I set the static address that I want to use for the lab I loose my internet connection. Can anyone offer any suggestions as to how I can achieve my goal, i.e. what should I set the server's gateway as? do I need to add a second NIC?

[Jock_McTartan]

You need to set the VMs NIC behaviour as host interface (depending on software used may be called something else) - effectivaly it is then seen as another box on the network so you add an IP in the same range as your other PC's

[simongrahamuk]

Quote:

Originally Posted by Jock_McTartan

You need to set the VMs NIC behaviour as host interface (depending on software used may be called something else) - effectivaly it is then seen as another box on the network so you add an IP in the same range as your other PC's

Yep, that would be using bridged networking. but what I want to do is have my lab on a completely seperate Ip range from that of other clients (virtual or physical) and yet still allow them to connect to the internet without me having to use something such as ISA.

[Stoney]

If the server (dc) is a virtual server, then you just need to specify in the settings how the virtual network card should operate.

Now i've only done this with MS Virtual pc so forgive me if you're using VMware. On the virtual machine (server) you would go to the NIC settings and set the NIC to name of NIC card installed on host machine. This allows the virtual NIC to operate in the same way as the host NIC and such gives you direct access to the internet.

For the virtual clients you would set the NIC to local, so that they only operate within their own little virtual world and do not get direct internet access. They can connect to a virtual LAN and get a DHCP address etc, etc, they just can't be part of the hosts LAN or connect to the internet.

I would guess you would then need to setup ICS or something on the virtual DC so that when the virtual clients are part of the virtual LAN they can connect to the DC and get internet access.

HTH

[simongrahamuk]

Thanks Stoney, but its still not what I'm looking for.

In VMware (fusion) you have three options as to what you do with the nic.

1) Bridged - Appears on the physical network as another device
2) NAT - Uses the hosts network connection to access the internet so that all traffic looks asthough it is coming from the host and not the vm
3) Local only - the vm can only communicate with the host machine and other vm's on the physical pc.

Now bridged is what I would use if I wanted the virtual server to appear on the physical network as another device, but i don't want that. I want the VM to be able to acces the internet but use an IP Address on a completely different subnet to that of the physical network, hence why I thought using the NAT option would do what I wanted, essentially doing what a real world router would do and convert my virtual network traffic to my hosts physical address and vise versa. However when I set my IP up on the server I can no longer access the intenet.

[monkey]

Tar Very Much!!!

[Bluerinse]

Quote:

Originally Posted by simongrahamuk

Thanks Stoney, but its still not what I'm looking for.

In VMware (fusion) you have three options as to what you do with the nic.

1) Bridged - Appears on the physical network as another device
2) NAT - Uses the hosts network connection to access the internet so that all traffic looks asthough it is coming from the host and not the vm
3) Local only - the vm can only communicate with the host machine and other vm's on the physical pc.

Now bridged is what I would use if I wanted the virtual server to appear on the physical network as another device, but i don't want that. I want the VM to be able to acces the internet but use an IP Address on a completely different subnet to that of the physical network, hence why I thought using the NAT option would do what I wanted, essentially doing what a real world router would do and convert my virtual network traffic to my hosts physical address and vise versa. However when I set my IP up on the server I can no longer access the intenet.

Not sure how you accomplish this in a VM set up but on a real server.. you need to set up RRAS with two NICS.
Make sure you have a route that passes all traffic not destined for your clients subnet to be passed to the other NIC's subnet.

[Cooksan]

Hi Si

This is my first post, so be gentle.

Have you tried giving the DC 2 NICs, one as a NAT and the other on 1 of the virtual switches in VMware that you could switch off the built in DHCP. That way the DC and Clients could be assigned Static IPs. Then you would need to activate ICS on the NAT NIC in the DC and use the Static IP of the Local NIC as the gateway and DNS server for the clients. I have only used VMware a little at work but have read the manual for it quite a bit, yes I know I am SAD. I am sure there is about 10 virtual switches and they can be altered in the programme.

Hope this helps. How did I do for a first post.

[Phoenix]

there are a few ways of accomplishing this
I think I posted a very similar response just this morning to a near identical question


there are two ways of doing it, both will require a virtual 'bridge' system to join the two networks

in a routed way, it will bee (Bridged)-(Host Only)
the remainder of the VMs will be (host Only) on the same VMNet and talk to your internal network via the gateway

in order for these to connect to the internet you physical gateway (router) will need a route back to that private network


the second would be to have the gateway in a (NAT)-(Host Only) config
as its doing NAT this would remove to requirement for the Physical gateway to have a route, as the NAT is translating the private VMnet addresses to your real network range, no route is thus required


Hope that sort of helps

[simongrahamuk]

Quote:

Originally Posted by Phoenix

the second would be to have the gateway in a (NAT)-(Host Only) config
as its doing NAT this would remove to requirement for the Physical gateway to have a route, as the NAT is translating the private VMnet addresses to your real network range, no route is thus required

This is in essence what I have set up.

NIC 1 - NAT -IP 192.168.10.2
NIC 2 - LO - IP 192.168.10.1

Clients will have 192.168.10.X addresses

I think that my question now though is what should I set the Default Gateway as on the NIC's. On the NAT NIC I have set the GW as its self (192.168.10.2) and on the Local Only NIC I have set the GW as the address of the NAT NIC.

What would I put for the DNS servers on each NIC? obviously for the LO one I'll set it as itself but what about the NAT one?

Also I'm sure that I have set up simillar before using MS Virtual PC, but never VMWare. As I recall the VPC method just worked, so I'm struggling to see why as soon as I set a private address on the NAT interface I loose connection to the web?

[Phoenix]

Your routing is messed up if both nics are on the same subnet

either put all the systems on the NAT setting, or if u need the gateway method then make sure the NAT interface is different to all the host only interfaces and route between

[simongrahamuk]

Quote:

Originally Posted by Phoenix

Your routing is messed up if both nics are on the same subnet

either put all the systems on the NAT setting, or if u need the gateway method then make sure the NAT interface is different to all the host only interfaces and route between

Ok, so forget about how my routing is setup for now (I'll sort that out later).

The problem is this If I disable all interfaces except the NAT interface I should be able to get out to the internet, right? On a client I have done just this, single NIC gave it a static IP, for now say 192.168.10.5, standard class c mask, no default gateway or dns set. as soon as I set that address I no longer have internet access. prior to that the web works?

Ryan this couldn't be something to do with the fact that its VMWare fusion could it?

[takasa]

Quote:

Originally Posted by simongrahamuk

On a client I have done just this, single NIC gave it a static IP, for now say 192.168.10.5, standard class c mask, no default gateway or dns set. as soon as I set that address I no longer have internet access. prior to that the web works?

Wouldn't you lose net access when you take out the gateway and DNS settings?

[simongrahamuk]

Quote:

Originally Posted by takasa

Wouldn't you lose net access when you take out the gateway and DNS settings?

On a physical network connection yes, but because I'm trying to see how/why NAT doesn't seem to be working I'm not too sure.

[Phoenix]

it COULD be fusion, the base network stack is the same as Workstations as far as I know, but the options are very limited (sort of dumbed down like a lot of mac software)