Get it from www.bitsontheline.com, give my highest respect to the author.
=======
GNS3 and VirtualBox Integration Under OS X - Part 2
In part 2 of this tutorial we will look at configuring our virtual router.
In GNS3, right click the router and choose start, the links around the router will turn green indicating the router is powered up. Right click the router again but this time choose console. A new console window will open showing the boot up process of the router, once the router has performed all of its checks you will be asked ‘Would you like to enter the initial configuration dialog? [yes/no]:’ enter no.
Lets set the IP address of the e1/0 interface that is serving the 172.16.10.0 /24 segment:
In GNS3, right click the router and choose start, the links around the router will turn green indicating the router is powered up. Right click the router again but this time choose console. A new console window will open showing the boot up process of the router, once the router has performed all of its checks you will be asked ‘Would you like to enter the initial configuration dialog? [yes/no]:’ enter no.
Lets set the IP address of the e1/0 interface that is serving the 172.16.10.0 /24 segment:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int e1/0
Router(config-if)#ip address 172.16.10.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#
*Mar 1 00:07:45.639: %LINK-3-UPDOWN: Interface Ethernet1/0, changed state to up
*Mar 1 00:07:46.640: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1/0, changed state to up
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int e1/0
Router(config-if)#ip address 172.16.10.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#
*Mar 1 00:07:45.639: %LINK-3-UPDOWN: Interface Ethernet1/0, changed state to up
*Mar 1 00:07:46.640: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1/0, changed state to up
Now lets do the same for interface e1/1 that is connected to the 172.16.20.0 /24 segment:
Router(config-if)#exit
Router(config)#int e1/1
Router(config-if)#ip address 172.16.20.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#
*Mar 1 00:13:46.803: %LINK-3-UPDOWN: Interface Ethernet1/1, changed state to up
*Mar 1 00:13:47.805: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1/1, changed state to up
Router(config)#int e1/1
Router(config-if)#ip address 172.16.20.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#
*Mar 1 00:13:46.803: %LINK-3-UPDOWN: Interface Ethernet1/1, changed state to up
*Mar 1 00:13:47.805: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet1/1, changed state to up
Finally, lets set the IP address of our f0/0 interface:
Router(config-if)#exit
Router(config)#int f0/0
Router(config-if)#ip address 10.100.100.101 255.255.255.0
Router(config-if)#no shut
Router(config-if)#
*Mar 1 00:17:15.529: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:17:16.531: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config)#int f0/0
Router(config-if)#ip address 10.100.100.101 255.255.255.0
Router(config-if)#no shut
Router(config-if)#
*Mar 1 00:17:15.529: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:17:16.531: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
We now have 3 tap interfaces configured and 3 router interfaces configured within the same network range. To confirm everything is working as expected ping each of the tap interfaces from the router:
Router#ping 172.16.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/10/24 ms
Router#ping 172.16.20.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.20.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/7/24 ms
Router#ping 10.100.100.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.100.100.100, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/3/4 ms
Router#
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/10/24 ms
Router#ping 172.16.20.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.20.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/7/24 ms
Router#ping 10.100.100.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.100.100.100, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/3/4 ms
Router#
The router will be acting as the default gateway and DNS server for each client, lets configure the router as a DNS server now:
Router(config)#ip dns server
Router(config)#ip name-server 192.168.1.254
Router(config)#
Router(config)#ip name-server 192.168.1.254
Router(config)#
The IP address 192.168.1.254 is my physical ADSL router, enter the IP address of your physical Internet router.
We now need to configure our virtual router with a default route:
We now need to configure our virtual router with a default route:
Router(config)#ip route 0.0.0.0 0.0.0.0 10.100.100.100
Lets try and ping the address of our physical ADSL router from our virtual router:
Router#ping 192.168.1.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
Router#
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
Router#
It doesn’t work. This is expected as OS X currently doesn’t know what to do with traffic coming from the tap0 interface. To fix this we need to enable the OS X IP Firewall and divert traffic to a MacBook interface that has access to the Internet, in my case my Wireless Airport Card. Open an OS X terminal and enter the following commands, the IP address 192.168.1.71 is the address of my Airport card and should be changed to your address:
MacBook:~ Matt$ sudo sysctl -w net.inet.ip.forwarding=1
net.inet.ip.forwarding: 0 -> 1
MacBook:~ Matt$ sudo sysctl -w net.inet.ip.fw.enable=1
net.inet.ip.fw.enable: 1 -> 1
MacBook:~ Matt$ sudo natd -alias_address 192.168.1.71 -interface en1 -use_sockets -same_ports -unregistered_only -dynamic -clamp_mss
MacBook:~ Matt$ sudo ipfw add divert natd ip from any to any via en1
00100 divert 8668 ip from any to any via en1
MacBook:~ Matt$
net.inet.ip.forwarding: 0 -> 1
MacBook:~ Matt$ sudo sysctl -w net.inet.ip.fw.enable=1
net.inet.ip.fw.enable: 1 -> 1
MacBook:~ Matt$ sudo natd -alias_address 192.168.1.71 -interface en1 -use_sockets -same_ports -unregistered_only -dynamic -clamp_mss
MacBook:~ Matt$ sudo ipfw add divert natd ip from any to any via en1
00100 divert 8668 ip from any to any via en1
MacBook:~ Matt$
Can we ping the MacBooks Internet interface?
Router#ping 192.168.1.71
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.71, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Router#
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.71, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Router#
What about our physical ADSL router?
Router#ping 192.168.1.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Router#
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Router#
Looking good, what about Google?
Router#ping www.google.com
Translating “www.google.com”…domain server (192.168.1.254)
Translating “www.google.com”…domain server (192.168.1.254) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.85.229.103, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/46/48 ms
Router#
Translating “www.google.com”…domain server (192.168.1.254)
Translating “www.google.com”…domain server (192.168.1.254) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.85.229.103, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/46/48 ms
Router#
Everything is working as expected.
That’s the end of Part 2, in part 3 of this tutorial we will look at configuring our VirtualBox clients and bridging them to the virtual network. Stay tuned.
Matt
That’s the end of Part 2, in part 3 of this tutorial we will look at configuring our VirtualBox clients and bridging them to the virtual network. Stay tuned.
Matt