返回列表 發帖

VirtualBox + RouterOS——Case Study 006

本帖最後由 角色 於 2018-3-5 12:51 編輯

Please take a look at the following diagram:



Objectives:

1. Interface e1 is able to obtain a) IP address from the DHCP server, b) Gateway 192.168.55.1 and c) DNS servers via the DHCP client.
2. PC2 and PC4 are mutually pingable.
3. PC2 and PC4 are able to ping hostnames (e.g. www.abc.com).

Procedures:

1. Clone the CHR RouterOS

2. Reset and initialise the VirtualBox Manboard for R1 VM
- add 4 NIC (one bridge, three internal networks)
- set each NIC promiscuous mode to allow-vmd
- add cables for NIC2-3
  1. VBoxManage modifyvm R1 --nic1 bridged
  2. VBoxManage modifyvm R1 --bridgeadapter1 'en6: Thunderbolt Ethernet 3'

  3. VBoxManage modifyvm R1 --nic2 intnet
  4. VBoxManage modifyvm R1 --nic3 intnet
  5. VBoxManage modifyvm R1 --nic4 intnet
  6. VBoxManage modifyvm R1 --nic5 none
  7. VBoxManage modifyvm R1 --nic6 none
  8. VBoxManage modifyvm R1 --nic7 none
  9. VBoxManage modifyvm R1 --nic8 none

  10. VBoxManage modifyvm R1 --intnet2 Cable2
  11. VBoxManage modifyvm R1 --intnet3 Cable3
  12. VBoxManage modifyvm R1 --intnet4 Cable4

  13. VBoxManage modifyvm R1 --nicpromisc2 allow-vms
  14. VBoxManage modifyvm R1 --nicpromisc3 allow-vms
  15. VBoxManage modifyvm R1 --nicpromisc4 allow-vms
複製代碼
#

3. Reset and initialise the R1 vm
  1. /system reset-configuration no-defaults=yes
複製代碼
#

After intialisation, you are able to ping any valid hostname via the console terminal since the default settings for ether1 (e1) after initialisation is dhcp client. (For the case that you do not have this settings, you can manually type
  1. /ip dhcp-client add interface=ether1 disabled=no
複製代碼
#

4. Set IP addresses for ether2 (e2) and ether4(e4)
  1. /ip address add address=10.10.10.1/24 interface=ether2
  2. /ip address add address=10.10.20.1/24 interface=ether4
複製代碼
#

Now the settings for RouterOS R1 is complete. We proceed to the settings for PC2 and PC4

5. Clone the CHR RouterOS for PC2 and PC4 using the VirtualBox GUI

6. Initialise VirtualBox montherboards for PC2 and PC4

The following codes are used for setting up PC2
  1. VBoxManage modifyvm PC2 --nic1 intnet
  2. VBoxManage modifyvm PC2 --nic2 none
  3. VBoxManage modifyvm PC2 --nic3 none
  4. VBoxManage modifyvm PC2 --nic4 none
  5. VBoxManage modifyvm PC2 --nic5 none
  6. VBoxManage modifyvm PC2 --nic6 none
  7. VBoxManage modifyvm PC2 --nic7 none
  8. VBoxManage modifyvm PC2 --nic8 none

  9. VBoxManage modifyvm PC2 --intnet1 Cable2

  10. VBoxManage modifyvm PC2 --nicpromisc1 allow-vms
複製代碼
#

The following codes are used for setting up PC4
  1. VBoxManage modifyvm PC4 --nic1 intnet
  2. VBoxManage modifyvm PC4 --nic2 none
  3. VBoxManage modifyvm PC4 --nic3 none
  4. VBoxManage modifyvm PC4 --nic4 none
  5. VBoxManage modifyvm PC4 --nic5 none
  6. VBoxManage modifyvm PC4 --nic6 none
  7. VBoxManage modifyvm PC4 --nic7 none
  8. VBoxManage modifyvm PC4 --nic8 none

  9. VBoxManage modifyvm PC4 --intnet1 Cable4

  10. VBoxManage modifyvm PC4 --nicpromisc1 allow-vms
複製代碼
#

7. Start the PC2 and PC4 vms.

8. perform system reset for both PCs
  1. /system reset-configuration no-defaults=yes
複製代碼
#

9. Remove the default dhcp client in interface ether1
  1. /ip dhcp-client remove 0
複製代碼
#

10. Set the IP address for the ether1 of both PCs

PC2:
  1. /ip address add address=10.10.10.2/24 interface=ether1
複製代碼
#
PC4:
  1. /ip address add address=10.10.20.2/24 interface=ether1
複製代碼
#

11. Add default gateway for PC2 and PC4

PC2:
  1. /ip route add gateway=10.10.10.1
複製代碼
#
PC4:
  1. /ip route add gateway=10.10.20.1
複製代碼
#

With the above default gateways for each PC, both PC are able to be mutually pingable.

Up to this moment, we are still not able to ping www.abc.com because the return address (10.10.10.0/24 and 10.10.20.0/24) is not known. The only know return address is 192.168.55.0/24. As a result, we need to add the masquerade rule for Router R1. Also we need to set up the dns server in PC2 and PC4.

11. Add nat masquerade rule in Router R1
  1. /ip firewall nat add acition=masquerate chain=srcnat out-interface=ether1
複製代碼
#

With Step 11, you are able to ping Internet IP address only. In order to ping hostname, we need two more steps.

12. Enable the DNS server in R1 to allow remote request
  1. /ip dns set allow-remote-requests=yes
複製代碼
#

13. Set the dns server in PC2 and PC4
PC2:
  1. /ip dns set servers=10.10.10.1
複製代碼
#
PC4:
  1. /ip dns set servers=10.10.20.1
複製代碼
#

At this mement, both PC2 and PC4 are able to ping any valid hostname, e.g. 'www.abc.com'.
附件: 您需要登錄才可以下載或查看附件。沒有帳號?註冊

返回列表