# Essential Networking on Debian VirtualBox has multiple options when it comes to it's networking settings. We've already used two different ones, *NAT* and *bridged*, but we'll now try to create our own *internal* network. For this we'll need a few minimal Debian installations. I invite you to install at the least two basic installations. * One will become our router * The other one our first client ## Static routing The most basic way of setting your network settings in Debian can be found in the `/etc/network/interfaces` file. When you open it you'll notice it mentions it sources a folder called `interfaces.d`. The choice is up to you whether you set your networking settings in this file or create a new file in the folder but I advise you to go for the second way. Don't just *copy/paste* the code below, check whether the interface names and ranges make sense! ```bash auto eth0 iface eth0 inet static address 10.0.0.1 netmask 255.255.255.0 gateway 10.0.0.1 ``` ![overview](./network_basic.png) If you set both machines with addresses in the same range, you should be able to ping each other. Have a go at this until you can make it work. Which service do you have to restart of reload to apply your changes? ## Forwarding traffic One of our machines is supposed to be a router and the other a client. Right now we can just ping between both machines but the outside world is completely invisible to us. How can we tackle this? Do we need more equipment? An overview of what we would like to accomplish can be seen below. ![overview](./network_large.png) In VirtualBox we can add more than one network adapter. On the router machine I would like you to add a second network interface and set it to *bridged mode*. When you reboot you should notice you have two network cards. Can you ping outside of your network now? You could try and add a dhcp configuration to your `/etc/network/interfaces` file for this second interface. Once this is done, how do you ask for an IP address from the dhcp server? Have a look at the `dhclient` program to see how it works. Now, if everything went OK your router should have two IP addresses, one in the 10.0.0.0/24 range and one in the 192.168.0.0/24 range. Who gave you this second address? Can the client ping both IP addresses? Can the client now ping outside of the network? There are **two** main things you need to do in order for the router to actually route. 1. IP forwarding needs to be setup on the router 2. NAT needs to be enabled ```bash sysctl net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -j MASQUERADE ``` These settings won't save themselves so next time you reboot they'll be missing. There are multiple ways of setting this up. Have a look around and find me a good solution! ### Extra Challenge Your client machines are now behind a NAT. Can you think of a way to ssh into them?