Results 1 to 5 of 5
|
|
Enjoy an ad free experience by logging in. Not a member yet? Register.
|
|
-
03-31-2010 #1Just Joined!
- Join Date
- Mar 2010
- Posts
- 5
a little iptables, bridge, and vm help
Hi everyone. Thanks for looking at this.
I am experimenting around.
Basically, I have a windows 2003 serv virtual machine (vmware) inside Ubuntu 9.10.
The Ubuntu machine has IFconfig:
Code:sam@sam-laptop:~$ ifconfig eth0 Link encap:Ethernet HWaddr 00:15:c5:b8:c8:8b UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:17 eth1 Link encap:Ethernet HWaddr 00:16:cf:80:e1:73 inet addr:192.168.1.7 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::216:cfff:fe80:e173(slash)64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:76734 errors:0 dropped:0 overruns:0 frame:4709 TX packets:68133 errors:8 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:57927053 (57.9 MB) TX bytes:13361129 (13.3 MB) Interrupt:16 Base address:0xc000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1(slash)128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:164 errors:0 dropped:0 overruns:0 frame:0 TX packets:164 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:12988 (12.9 KB) TX bytes:12988 (12.9 KB) vmnet1 Link encap:Ethernet HWaddr 00:50:56:c0:00:01 inet addr:172.16.242.1 Bcast:172.16.242.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:1(slash)64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:368 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) vmnet8 Link encap:Ethernet HWaddr 00:50:56:c0:00:08 inet addr:172.16.206.1 Bcast:172.16.206.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:8(slash)64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:137 errors:0 dropped:0 overruns:0 frame:0 TX packets:397 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Iptables is
Code:Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination all -- anywhere 10.1.10.0 (slash 25) Chain OUTPUT (policy ACCEPT) target prot opt source destinationAlso ran a "sudo iptables -t nat -L"Code:Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.16.242.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1 192.168.1.0 0.0.0.0 255.255.255.0 U 2 0 0 eth1 10.1.10.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.16.206.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth1 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
Code:Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
And here is some of the tcpdump, so I am assuming my packets/routes are correct from the wireless router:
Code:17:14:51.873292 IP Laurie.home > 10.1.10.1: ICMP echo request, id 768, seq 33811, length 40 17:14:52.384680 IP 169.254.1.175.37679 > 169.254.1.255.5000: UDP, length 12 17:14:52.384949 IP Laurie.home > 172.16.206.128: ICMP echo request, id 768, seq 34067, length 40 17:14:52.804170 IP sam-laptop.home.mdns > 224.0.0.251.mdns: 0 PTR (QM)? 255.255.255.255.in-addr.arpa. (46) 17:14:52.860359 IP sam-laptop.home.59642 > iad04s01-in-f147.1e100.net.www: Flags [F.], seq 1, ack 1, win 108, options [nop,nop,TS val 1512845 ecr 2621050801], length 0 17:14:52.860430 IP sam-laptop.home.39915 > iad04s01-in-f104.1e100.net.www: Flags [F.], seq 1, ack 1, win 558, options [nop,nop,TS val 1512845 ecr 2621054269], length 0
The internal 2003 serv (I know, i know) has ips of 172.16.206.128 and 10.1.10.1 on the 255.255.255.0 subs.
I am curious ---- why can't I ping or simply access the internal server on my ubuntu machine from a another computer on the 192.168.1.0(slash)25 physcial network?
Do I need a bridge? Iptables? Can they both do the same thing?
thanks for your expertise guys.
THANKS!!!!!
-
03-31-2010 #2Just Joined!
- Join Date
- Mar 2010
- Posts
- 5
removed and condensed first message
-
04-01-2010 #3Just Joined!
- Join Date
- Mar 2010
- Location
- Grand Rapids, MI
- Posts
- 15
I'm running redhat and xen, so I may not be of any help. But who knows, maybe we'll stumble on something.
First, Can you ping the windows VM's from Ubuntu?
Next, if you change the IP on the windows vm to a 192.168.1 address, are you able to ping it from the other hosts on the subnet?
Lastly, do you want your Ubuntu hosts to act as a router between these subnets, or is there a router / VLAN switch handling this? If the Ubuntu host is acting as a router, are the other hosts configured to use it as a gateway?
-
04-01-2010 #4Linux Guru
- Join Date
- Nov 2007
- Location
- NH, USA
- Posts
- 3,149
you shouldn't have to do anything new, just make sure when you create the VM you give it a bridged NIC connection from each of the 2 networks, then make sure you configure the right IP on the right device inside of the guest
are you able to access anything on the physical network from the guest?
-
04-01-2010 #5Linux Guru
- Join Date
- Nov 2007
- Posts
- 1,875
A) I see your active NIC in Ubuntu is eth1 - is this a wireless NIC? VMware does not support "bridged" mode for virtual NIC's if the physical NIC is wireless.
B) That leaves you with attaching the Windows VM to the NAT (172.16.206.1/24) or host-only (172.16.242.1/24) network. Of course, these are different networks than your LAN (192.) and will not be accessible unless a route is specified to the machine trying to reach the Windows VM.
The VMware docs cover networking.
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
