76 lines
2.8 KiB
Markdown
76 lines
2.8 KiB
Markdown
# Essential Networking on Debian
|
|
|
|
VirtualBox has multiple options when it comes to it's networking settings.
|
|
We've already used two different ones, *NAT* and *bridged*, but we'll now try to create our own *internal* network.
|
|
For this we'll need a few minimal Debian installations.
|
|
I invite you to install at the least two basic installations.
|
|
|
|
* One will become our router
|
|
* The other one our first client
|
|
|
|
## Static routing
|
|
|
|
The most basic way of setting your network settings in Debian can be found in the `/etc/network/interfaces` file.
|
|
When you open it you'll notice it mentions it sources a folder called `interfaces.d`.
|
|
The choice is up to you whether you set your networking settings in this file or create a new file in the folder but I advise you to go for the second way.
|
|
Don't just *copy/paste* the code below, check whether the interface names and ranges make sense!
|
|
|
|
```bash
|
|
auto eth0
|
|
iface eth0 inet static
|
|
address 10.0.0.1
|
|
netmask 255.255.255.0
|
|
gateway 10.0.0.1
|
|
```
|
|
|
|
![overview](./network_basic.png)
|
|
|
|
If you set both machines with addresses in the same range, you should be able to ping each other.
|
|
Have a go at this until you can make it work.
|
|
Which service do you have to restart of reload to apply your changes?
|
|
|
|
## Forwarding traffic
|
|
|
|
One of our machines is supposed to be a router and the other a client.
|
|
Right now we can just ping between both machines but the outside world is completely invisible to us.
|
|
How can we tackle this?
|
|
Do we need more equipment?
|
|
|
|
An overview of what we would like to accomplish can be seen below.
|
|
|
|
![overview](./network_large.png)
|
|
|
|
In VirtualBox we can add more than one network adapter.
|
|
On the router machine I would like you to add a second network interface and set it to *bridged mode*.
|
|
When you reboot you should notice you have two network cards.
|
|
Can you ping outside of your network now?
|
|
|
|
You could try and add a dhcp configuration to your `/etc/network/interfaces` file for this second interface.
|
|
Once this is done, how do you ask for an IP address from the dhcp server?
|
|
Have a look at the `dhclient` program to see how it works.
|
|
|
|
Now, if everything went OK your router should have two IP addresses, one in the 10.0.0.0/24 range and one in the 192.168.0.0/24 range.
|
|
Who gave you this second address?
|
|
Can the client ping both IP addresses?
|
|
Can the client now ping outside of the network?
|
|
|
|
There are **two** main things you need to do in order for the router to actually route.
|
|
|
|
1. IP forwarding needs to be setup on the router
|
|
2. NAT needs to be enabled
|
|
|
|
```bash
|
|
sysctl net.ipv4.ip_forward=1
|
|
iptables -t nat -A POSTROUTING -j MASQUERADE
|
|
```
|
|
|
|
These settings won't save themselves so next time you reboot they'll be missing.
|
|
There are multiple ways of setting this up.
|
|
Have a look around and find me a good solution!
|
|
|
|
### Extra Challenge
|
|
|
|
Your client machines are now behind a NAT.
|
|
Can you think of a way to ssh into them?
|
|
|