VirtualBox + RouterOS——Case Study 006

角色

Please take a look at the following diagram:



Objectives:

1. Interface e1 is able to obtain a) IP address from the DHCP server, b) Gateway 192.168.55.1 and c) DNS servers via the DHCP client.
2. PC2 and PC4 are mutually pingable.
3. PC2 and PC4 are able to ping hostnames (e.g. www.abc.com).

Procedures:

1. Clone the CHR RouterOS

2. Reset and initialise the VirtualBox Manboard for R1 VM
- add 4 NIC (one bridge, three internal networks)
- set each NIC promiscuous mode to allow-vmd
- add cables for NIC2-3

1. VBoxManage modifyvm R1 --nic1 bridged
   
2. VBoxManage modifyvm R1 --bridgeadapter1 'en6: Thunderbolt Ethernet 3'
   
3. 
   
4. VBoxManage modifyvm R1 --nic2 intnet
   
5. VBoxManage modifyvm R1 --nic3 intnet
   
6. VBoxManage modifyvm R1 --nic4 intnet
   
7. VBoxManage modifyvm R1 --nic5 none
   
8. VBoxManage modifyvm R1 --nic6 none
   
9. VBoxManage modifyvm R1 --nic7 none
   
10. VBoxManage modifyvm R1 --nic8 none
    
11. 
    
12. VBoxManage modifyvm R1 --intnet2 Cable2
    
13. VBoxManage modifyvm R1 --intnet3 Cable3
    
14. VBoxManage modifyvm R1 --intnet4 Cable4
    
15. 
    
16. VBoxManage modifyvm R1 --nicpromisc2 allow-vms
    
17. VBoxManage modifyvm R1 --nicpromisc3 allow-vms
    
18. VBoxManage modifyvm R1 --nicpromisc4 allow-vms

複製代碼

#

3. Reset and initialise the R1 vm

1. /system reset-configuration no-defaults=yes

複製代碼

#

After intialisation, you are able to ping any valid hostname via the console terminal since the default settings for ether1 (e1) after initialisation is dhcp client. (For the case that you do not have this settings, you can manually type

1. /ip dhcp-client add interface=ether1 disabled=no

複製代碼

#

4. Set IP addresses for ether2 (e2) and ether4(e4)

1. /ip address add address=10.10.10.1/24 interface=ether2
   
2. /ip address add address=10.10.20.1/24 interface=ether4

複製代碼

#

Now the settings for RouterOS R1 is complete. We proceed to the settings for PC2 and PC4

5. Clone the CHR RouterOS for PC2 and PC4 using the VirtualBox GUI

6. Initialise VirtualBox montherboards for PC2 and PC4

The following codes are used for setting up PC2

1. VBoxManage modifyvm PC2 --nic1 intnet
   
2. VBoxManage modifyvm PC2 --nic2 none
   
3. VBoxManage modifyvm PC2 --nic3 none
   
4. VBoxManage modifyvm PC2 --nic4 none
   
5. VBoxManage modifyvm PC2 --nic5 none
   
6. VBoxManage modifyvm PC2 --nic6 none
   
7. VBoxManage modifyvm PC2 --nic7 none
   
8. VBoxManage modifyvm PC2 --nic8 none
   
9. 
   
10. VBoxManage modifyvm PC2 --intnet1 Cable2
    
11. 
    
12. VBoxManage modifyvm PC2 --nicpromisc1 allow-vms

複製代碼

#

The following codes are used for setting up PC4

1. VBoxManage modifyvm PC4 --nic1 intnet
   
2. VBoxManage modifyvm PC4 --nic2 none
   
3. VBoxManage modifyvm PC4 --nic3 none
   
4. VBoxManage modifyvm PC4 --nic4 none
   
5. VBoxManage modifyvm PC4 --nic5 none
   
6. VBoxManage modifyvm PC4 --nic6 none
   
7. VBoxManage modifyvm PC4 --nic7 none
   
8. VBoxManage modifyvm PC4 --nic8 none
   
9. 
   
10. VBoxManage modifyvm PC4 --intnet1 Cable4
    
11. 
    
12. VBoxManage modifyvm PC4 --nicpromisc1 allow-vms

複製代碼

#

7. Start the PC2 and PC4 vms.

8. perform system reset for both PCs

1. /system reset-configuration no-defaults=yes

複製代碼

#

9. Remove the default dhcp client in interface ether1

1. /ip dhcp-client remove 0

複製代碼

#

10. Set the IP address for the ether1 of both PCs

PC2:

1. /ip address add address=10.10.10.2/24 interface=ether1

複製代碼

#
PC4:

1. /ip address add address=10.10.20.2/24 interface=ether1

複製代碼

#

11. Add default gateway for PC2 and PC4

PC2:

1. /ip route add gateway=10.10.10.1

複製代碼

#
PC4:

1. /ip route add gateway=10.10.20.1

複製代碼

#

With the above default gateways for each PC, both PC are able to be mutually pingable.

Up to this moment, we are still not able to ping www.abc.com because the return address (10.10.10.0/24 and 10.10.20.0/24) is not known. The only know return address is 192.168.55.0/24. As a result, we need to add the masquerade rule for Router R1. Also we need to set up the dns server in PC2 and PC4.

11. Add nat masquerade rule in Router R1

1. /ip firewall nat add acition=masquerate chain=srcnat out-interface=ether1

複製代碼

#

With Step 11, you are able to ping Internet IP address only. In order to ping hostname, we need two more steps.

12. Enable the DNS server in R1 to allow remote request

1. /ip dns set allow-remote-requests=yes

複製代碼

#

13. Set the dns server in PC2 and PC4
PC2:

1. /ip dns set servers=10.10.10.1

複製代碼

#
PC4:

1. /ip dns set servers=10.10.20.1

複製代碼

#

At this mement, both PC2 and PC4 are able to ping any valid hostname, e.g. 'www.abc.com'.