電訊茶室's Archiver

角色 發表於 2018-3-5 15:12

VirtualBox + RouterOS——Case Study 007

[i=s] 本帖最後由 角色 於 2018-3-5 19:21 編輯 [/i]

Please see the following figure:

[attach]4072[/attach]

General description:
There are two locations where have two routers connected to the Internet. The PCs under the router are able to ping the WAN port of the opposite router.

Objectives:
1. Create two routers with four interfaces. One of them is connected to the Internet via dhcp client mode. As shown in the figure, R1's e2 will be connected to the Internet. Interface e1 and e3 are connected a bridge name bridge1. R2's e3 will be connected to the Internet. Interfaces e1 and e2 are connected to a bridge named bridge2.
2. PC1 and PC2 are able to ping WAN IP of R2. Similarly for the case of PC3 and PC4. They are able to ping the WAN IP of R1 as well.

Procedures:

1. Clone two routers R1 and R2 from the RouterOS CHR

2. Configure the VirtualBox motherboard for 4 NIC interfaces for each router
R1: NIC2 configured as a bridge adapter, NIC1, NIC3 and NIC4 as 'internal network'
R2: NIC3 configured as a bridge adaptor, NIC1,NIC2 and NIC4 as 'internal network'

VBox Settings for R1:[code]
VBoxManage modifyvm R1 --nic2 bridged
VBoxManage modifyvm R1 --bridgeadapter2 'en6: Thunderbolt Ethernet 3'

VBoxManage modifyvm R1 --nic1 intnet
VBoxManage modifyvm R1 --nic3 intnet
VBoxManage modifyvm R1 --nic4 intnet
VBoxManage modifyvm R1 --nic5 none
VBoxManage modifyvm R1 --nic6 none
VBoxManage modifyvm R1 --nic7 none
VBoxManage modifyvm R1 --nic8 none

VBoxManage modifyvm R1 --intnet1 Cable11
VBoxManage modifyvm R1 --intnet3 Cable13
VBoxManage modifyvm R1 --intnet4 Cable14

VBoxManage modifyvm R1 --nicpromisc1 allow-vms
VBoxManage modifyvm R1 --nicpromisc3 allow-vms
VBoxManage modifyvm R1 --nicpromisc4 allow-vms
[/code]#

VBox Settings for R2[code]
VBoxManage modifyvm R2 --nic3 bridged
VBoxManage modifyvm R2 --bridgeadapter3 'en6: Thunderbolt Ethernet 3'

VBoxManage modifyvm R2 --nic1 intnet
VBoxManage modifyvm R2 --nic2 intnet
VBoxManage modifyvm R2 --nic4 intnet
VBoxManage modifyvm R2 --nic5 none
VBoxManage modifyvm R2 --nic6 none
VBoxManage modifyvm R2 --nic7 none
VBoxManage modifyvm R2 --nic8 none

VBoxManage modifyvm R2 --intnet1 Cable21
VBoxManage modifyvm R2 --intnet2 Cable22
VBoxManage modifyvm R2 --intnet4 Cable24

VBoxManage modifyvm R2 --nicpromisc1 allow-vms
VBoxManage modifyvm R2 --nicpromisc2 allow-vms
VBoxManage modifyvm R2 --nicpromisc4 allow-vms
[/code]#

3. Start the vms R1 and R2

4. System reset R1 and R2 using the following commands[code]/system reset-configuration no-defaults=yes[/code]#

5. Remove the default dhcp client in R1 and R2 using the command[code]/ip dhcp-client remove 0[/code]#
In general, there is only one default dhcp-client in the list.

6. Configure ether2 of R1 and ether3 of R2 as the dhcp-clients
R1:[code]/ip dhcp-client add interface=ether2 disabled=no[/code]#
R2:[code]/ip dhcp-client add interface=ether3 disabled=no[/code]#

7. Check if R1 and R2 are able to get IP address from the dhcp server using the following command[code]
/ip dhcp-client print
[/code][attach]4073[/attach]

[attach]4074[/attach]

Please note the setting for allow-remote-requests is 'no', it means any remote device (PC) requests dns from this server is not allowed. If you want to do so, you have to set it to yes using the command[code]/ip dns set allow-remote-requests=yes[/code]#

8. Now we are going to configure ether1,ether3 and ether4 of R1 to form a bridge named 'bridge1'[code]
R1:
/interface bridge add name=bridge1
/interface bridge port add bridge=bridge1 interface=ether1
/interface bridge port add bridge=bridge1 interface=ether3
/interface bridge port add bridge=bridge1 interface=ether4
[/code]#

9. Set the IP address for interface bridge1 for R1[code]
/ip address add address=10.10.10.254/24 interface=bridge1
[/code]#

10. Set up dhcp-server for the interface bridge1[code]
/ip dhcp-server setup
[/code]#
[attach]4075[/attach]

11. Clone RouterOS CHR for PC1

12. VirtualBox configure NIC1 as ‘internal network’ with network name ‘Cable11’[code]
VBoxManage modifyvm PC1 --nic1 intnet
VBoxManage modifyvm PC1 --nic2 none
VBoxManage modifyvm PC1 --nic3 none
VBoxManage modifyvm PC1 --nic4 none
VBoxManage modifyvm PC1 --nic5 none
VBoxManage modifyvm PC1 --nic6 none
VBoxManage modifyvm PC1 --nic7 none
VBoxManage modifyvm PC1 --nic8 none

VBoxManage modifyvm PC1 --intnet1 Cable11

VBoxManage modifyvm PC1 --nicpromisc1 allow-vms
[/code]#

13. Configure R1 with nat=masquerate[code]/ip firewall nat add acition=masquerate chain=srcnat out-interface=ether2[/code]#

Now you are able to ping Internet IP addresses and hostnames without problem.

頁: [1]

Powered by Discuz! Archiver 7.2  © 2001-2009 Comsenz Inc.