I am trying to deploy a hub & spoke topology on Azure. I have VNet: hub, spoke1 & spoke2, respectively with the 3 following address spaces: 10.0.0.0/16, 10.1.0.0/16 & 10.2.0.0/16. And each have only one subnet on the /24 address space.
I have peered each spoke to the hub and deployed a Linux machine in my hub subnet. Now, I want to use that Linux machine as a router to forward traffic coming from 10.1.0.0/16 and targetting 10.2.0.0/16 to the spoke2 VNet and vice-versa.
I have added a User Defined Route on each spoke to use the Linux router IP address (10.0.0.5) as the Next hop when targetting the other spoke.
I have enable ip_forwarding on my Linux machine: echo 1 > /proc/sys/net/ipv4/ip_forward and added 2 routes ip route add 10.1.0.0/24 via 10.0.0.1 dev eth0 and ip route add 10.2.0.0/24 via 10.0.0.1 dev eth0 since 10.0.0.1 is my gateway on my router and eth0 my NIC.
I have also enabled IP Forwarding on the NIC of my router in Azure.
But... this does not work. Packets are not forwarded to appropriate network and I don't understand why.
If any of you has a hint or even the solution to implement this I would appreciate.
Thanks.
Don't forget about the setup for NIC for specific machine:
BTW: Microsoft has an easy tutorial on this.
You shoud configure the linux machine as a router.
create a linux bridge, and attach the eth0.
set the bridge ip as 10.0.0.1/24, and setup a dhcp server on it.
on each spokes, set 10.0.0.1 as next hop for target network.
On the linux machine, add router entry to 10.1.0.0/24 and 10.2.0.0/24 through 10.0.0.1.
Okay.
I don't know exactly what went wrong during my first tries.
I simply dropped the Resource Group and restarted from scratch with Windows VM, following Microsoft tutorial.
Then, I replaced step by step the Windows VM by Linux VM... and everything is working.
On the NVA, you simply have to:
enable the IP Forwarding on the Network Interface of the VM in Azure,
enable the IP Forwarding in the VM:
sudo sed -i 's/#net.ipv4.ip_forward=/net.ipv4.ip_forward=/' /etc/sysctl.conf
sudo sed -i 's/net.ipv4.ip_forward=0/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sudo sed -i 's/#net.ipv6.conf.all.forwarding=/net.ipv6.conf.all.forwarding=/' /etc/sysctl.conf
sudo sed -i 's/net.ipv6.conf.all.forwarding=0/net.ipv6.conf.all.forwarding=1/' /etc/sysctl.conf
sudo sysctl -p
Then define routes in Azure (Route table + Routes) in each spoke to forward traffic to the NVA IP.
Nothing more. Works out of the box.
I even created my NVA in a Virtual Machine Scale Set behind an Internal Load Balancer with HA-Ports, so my NVA is highly available.
Related
A bridge brOnline is connected to eth0 which provides access to the LAN / Internet. The setup is archived within modifying /etc/network/interfaces like below.
Why? The aim of this adventure is establish a virtual network between several virtual machines and the system hosting the virtual bridge an the virtual machines (host).
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto MyBridge
iface MyBridge inet dhcp
bridge_port eth0
bridge_stp on
bridge_fd 0.0
How can I connect to the bridge from my host?
One important thing: Adding eth0 to the bridge makes it somehow unavailable to the host!
So before adding the interface eth0 to the bridge, which magic was connected to eth0 which enabled my browser the access to the local network? Can or how can I connect this magic to the bridge to have access to the LAN and can talk to the other clients connected to the bridge?
The attempts have been wrong. For the host it is not necessary to connect over an tap-device to the bridge, it has the abilety to connect directly to the bridge. In Other words if you set your default route to bridge connecting to the gateway, than you can connect to the LAN-Interface too.
# see actual settings
# The displayed via is the default gw which may be provided by your dhcp
ip route
default via 42.69.42.69 dev eth0
...
# delete the default route, otherwise error: "file exists" will show up
sudo ip route del default via 42.69.42.69 dev eth0
# Add your bridge as default route
sudo ip route add default via 42.69.42.69 dev brOnline
# check
ip route
default via 10.13.0.10 dev brOnline
ping/ssh to the outside are possible, also firefox is working with those settings.
Hint:
Those changes are not permanent. To do so, you need to edit /etc/network/interfaces.
I'm still not able to ping to the other VM's and vice versa, but this might be an other topic.
I have an application where it sends some multicast request to the multicast group ,
If I test my Client and Server application on two separate PC which are in same subnet it works fine .
Since I can not run always on two PCs during testing of my application, I thought of using the virtualbox to run the another OS to run my server application .
My Host is ubuntu , I installed the vitrtualbox to run the another guest os linux , and since my traffic only has to be with in the HOST and Guest , I have selected a "host only network type" .
My guest OS get the IP address but when I run my server application, It fails to join to the multicast group says
"No Such Device" .
Can someone help me to set up a network between the Guest and HOST OS ..
My main goal is to send a multicast request and it should reach the guest OS.
In VM:
ls /sys/class/net - get net devices. (lo, eth0, eth1...). You should have one lo and two eth devices.
sudo nano /etc/network/interfaces. At eth0 there is a NAT connection. Lo is a localhost. We should set the Host-Only connection. Add the following:
# The host-only network interface
auto eth1
iface eth1 inet static
address 192.168.56.101
netmask 255.255.255.0
network 192.168.56.0
broadcast 192.168.56.255
(Address is taken from ipconfig/ifconfig output in host system. Instead eth1 you can have another connection name, taken from the step 4.b.i)
For checking the edited file, run:
sudo service network-manager restart
Check if you have all three connections running. Check Host-Only addresses.
ifconfig
Reboot
sudo reboot
I am creating GRE Tunnel between two Linux (CentOS6) servers using below steps.
On the master server:
chkconfig iptables off
service iptables stop
sysctl -w net.ipv4.conf.default.rp_filter=0
modprobe ip_gre
ip tunnel add tun1 mode gre remote 98.123.87.97 local 106.61.58.98 ttl 255
ip addr add 10.0.1.0/24 dev tun1
ip link set dev tun1 up
ip addr add 98.123.87.95/27 dev eth0
On the slave server:
chkconfig iptables off
service iptables stop
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv4.conf.proxy_arp=1
sysctl -w net.ipv4.conf.all.proxy_arp=1
sysctl -w net.ipv4.conf.eth0.rp_filter=0
sysctl -w net.ipv4.conf.default.rp_filter=0
modprobe ip_gre
ip tunnel add tunx mode gre remote 106.61.58.98 local 98.123.87.97 ttl 255
ip addr add 10.0.2.0/24 dev tun0
ip link set tunx up
ip route add 98.123.87.95/27 dev tun0
I need to add slave server's IP into the on my master server, I am getting the ping response form tunnelled IPs (Slave Server's IP) and when I am trying to SSH the tunnelled IP (Slave IP) I am reaching to Masters(this is what I want).
Problem is when I am trying to send outgoing traffic like DNS query by Tunnelled IP(Slave IP) I am getting time out request.
I guess this is routing issue of one of my server. Any idea what should i do to get through my outgoing traffic by tunnelled IPs?
Thanks,
Are you really adding 10.0.1.0/24 address? This is a network address, looks like mistake.
Also, you shuold add default route(or route to dns servers or whatever you want) on client machine through your tunnel with gateway=another_end_of_tunnel.
Don't forget to add static route to your machine if you don't want to loose connection, before adding default route!
Xen hypervisor has 2 modes for network configuration as I've seen in Virtual Manager. 1 NAT 2 Routed. Both ask for IP Subnet. However i want to configure a network where i could assign any IP instead of being assigned by DHCP of Xen.
I've use oracle Virtual Box there is an option to use Host-only adapter. I want to use Xen in that way.
In other words i want to share physical network interface to guest machine(VM)
I'm using Xen Hypervisor 3.x on CentOS 6.2 x86_64
I did the following to solve the issue this worked for me.
Disabling Xen's network scripts
If using Xen it is recommended to disable its network munging by editing /etc/xen/xend-config.sxp and changing the line
(network-script network-bridge)
To be
(network-script /bin/true)
Disabling NetworkManager
As of the time of writing (Fedora 12), NetworkManager still does not support bridging, so it is necessary to use "classic" network initscripts for the bridge, and to explicitly mark them as independent from NetworkManager (the "NM_CONTROLLED=no" lines in the scripts below).
If desired, you can also completely disable the NetworkManager:
# chkconfig NetworkManager off
# chkconfig network on
# service NetworkManager stop
# service network start
Creating network initscripts
In the /etc/sysconfig/network-scripts directory it is neccessary to create 2 config files. The first (ifcfg-eth0) defines your physical network interface, and says that it will be part of a bridge:
# cat > ifcfg-eth0 <<EOF
DEVICE=eth0
HWADDR=00:16:76:D6:C9:45
ONBOOT=yes
BRIDGE=br0
NM_CONTROLLED=no
EOF
Obviously change the HWADDR to match your actual NIC's address. You may also wish to configure the device's MTU here using e.g. MTU=9000.
The second config file (ifcfg-br0) defines the bridge device:
# cat > ifcfg-br0 <<EOF
DEVICE=br0
TYPE=Bridge
BOOTPROTO=dhcp
ONBOOT=yes
DELAY=0
NM_CONTROLLED=no
EOF
WARNING: The line TYPE=Bridge is case-sensitive - it must have uppercase 'B' and lower case 'ridge'
After changing this restart networking (or simply reboot)
# service network restart
Visit for more details
For Xen, this is just a special case of bridged networking.
You create a dummy bridge on your CentOS Dom0, then connect your VM to that bridge.
From the CentOS Documention (http://www.centos.org/docs/5/html/5.2/Virtualization/sect-Virtualization-Virtualized_network_devices-Laptop_network_configuration.html)
create a dummy0 network interface and assign it a static IP address.
In our example I selected 10.1.1.1 to avoid routing problems in our environment. To enable dummy device support add the following lines to /etc/modprobe.conf
alias dummy0 dummy
options dummy numdummies=1
To configure networking for dummy0 edit/create /etc/sysconfig/network-scripts/ifcfg-dummy0:
DEVICE=dummy0
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
IPV6INIT=no
PEERDNS=yes
TYPE=Ethernet
NETMASK=255.255.255.0
IPADDR=10.1.1.1
ARP=yes
You can then just connect your VM to the dummy0 bridge device
Additional Reference
http://wiki.xen.org/wiki/HostConfiguration/Networking
How can I access a site configured in IIS 7 on the host machine from a guest OS in VMWare (Fedora 10). I have configured the VM to use "NAT"
Depends on your network configuration of vmware product you are using (player, server, workstation). If it is set for a bridged mode, then you can do it as any other machine - by host machine's IP. If it is a "host only" or NAT mode - check what is the gateway IP for the guest (/sbin/route), and try using it:
# /sbin/route
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.x.y.z 0.0.0.0 UG 0 0 0 eth0
In this case, 10.x.y.z is the ip of the host machine.
Pretty easy...
Step 1 Configure IIS on the host OS to include a binding, if you would like to use a "url". for example mySite.com
Step 2. In the Guest open up the hosts file c:\windows\system32\drivers\etc\hosts.
Add the entry
[hostip address] [host iis bining url]
Example
192.168.0.1 mySite.com
restart your browser in the guest, and you should be good to go.