Home About

Linux Lab Foundation

This lab will provide the basis for the subsequent blog entries regarding linux. So let's being buidling the foundation!

For the this lab we'll setup 5 virtual machines in your favorite hypervisor. I'm using VMWare Workstation but the same results can be achieved with Oracle Virtualbox. I'll be using CentOS 7 minimal and Ubuntu Server 18.04 LTS.

List of VMs
1 - Virual Router
2 - CentOS Servers
2 - Ubuntu Servers

layout

Setting up the virtual router

The main heart of this lab will utilize a CentOS based router to isolate the traffic between the lab and live/production network. Last thing we need is to mess up the DHCP or DNS service from the production network.

  1. First step is to create a VM with 2 network interfaces. First interface is set to Bridged (WAN), this will communicate outside of the lab and out to the internet. The second interface will be set to Host-only (LAN), this will communicate with everything in the lab network.

router-setting1-1

  1. Make sure DHCP service in VMWare Workstation is unchecked. To do this go to EDIT > Virutal Network Editor, then select the Host-only network type and uncheck "Use locl DHCP service to distribute IP address to VMs".

vmware-network-editor

  1. Install CentOS onto vm-router-01.

  2. Once you've booted to your CentOS VM, lets take a look at your network interfaces.

You should have one interface (mine is ens33) with your home router's IP address, my home router hands out IPs in the 192.168.1.X range.

Another interface (ens37) has no IP address assigned to it. This is the Host-only interface and should not have an IP address assigned to it yet.

interfaces

  1. Setup the LAN interface. Edit /etc/sysconfig/network-scripts/ifcfg-ens37 Make sure to use a static IP address. I chose to use 10.0.0.0/24 for my lab's network/subnet.

TYPE="Ethernet"
PROXYMETHOD="none"
BROWSERONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4FAILUREFATAL="no"
IPV6INIT="yes"
IPV6AUTOCONF="yes"
IPV6DEFROUTE="yes"
IPV6FAILUREFATAL="no"
IPV6ADDRGENMODE="stable-privacy"
NAME="ens37"
DEVICE="ens37"
ONBOOT="yes"
IPADDR=10.0.0.1
BROADCAST=10.0.0.255
NETWORK=10.0.0.0
PREFIX=24*

  1. Enable IP forwarding by adding the line below to /etc/sysctl.conf.

sysctl -w net.ipv4.ipforward=1

  1. Configure NAT rules through the firewalld.

firewall-cmd --permanent --direct --passthrough ipv4 -t nat -I POSTROUTING -o ens37 -j MASQUERADE -s 10.0.0.0/24

  1. Restart firewalld, network service and check IP addresses.

interfaces2

  1. Create a route on your home router that points back to your lab network. Now this is different on most routers and may not be a feature that is available on low end model routers. The router I am using is Asus RT-N65U,
comments powered by Disqus