ARP reply not working with linux bridge on virtualbox VMs - virtual-machine

Please check this Topology diagram.
I have created 2 virtualbox VMs using ubuntu 16.04.4 TLS, call them VM1 and VM2.
I am running two containers on VM1, call them VM1-C1 and VM1-C2.
I am running two containers on VM2, call them VM2-C1 and VM2-C2.
VM1 and VM2 are connected directly using internal-network(vagrant has option).
Now, I need to steer traffic from VM1-C1 to VM2-C1 and then to internet via linux bridges.
And steer traffic from VM1-C2 to VM2-C2 and then to internet via linux bridges.
Is it possible to achieve this using linux bridges?
I created veth pairs [if1, if3], [if2, if4], [if5, if7], [if6, if8], [if9, if11], [if10, if12] to achieve this(I'll think of any optimizations or you can suggest me better options).
I configured IPs on if1 and if7 from subnet 192.16.1.0/24.
I configured IPs on if2 and if8 from subnet 192.16.2.0/24.
When I try to ping if7(192.16.1.10) from if1(192.16.1.1), I see the arp is reaching if7 and ARP reply is seen at eth0 of VM2.
But ARP reply is not seen at eth0 of VM1.
Any help is greatly appreciated.
Thanks in advance.

Related

tftp in libvirt hosts behind nat

I am trying to download a configuration file, which will automate os installation, from a tftp server to a libvirt virtual macine guest . I can download file from host without problem but it can not be download in guestos. From guesos, I can ping the server, the curl -O tftp://serverip/file command stucks. I can see that the server is accessed but somehow tftp protocol related traffic is not being forwarded completely I believe.
I have found an old post at tftp-for-libvirt-hosts-behind-nat, I have changed nic card to e1000, but the behaviour has not changed.
Another post at iptables rules to forward tftp via NAT which is completely foreing to me.
Any help much appreciated.

Connect to internet a VM on VMware throught another VM

I'm using VMware Workstation and I've two virtual machines (Ubuntu 64-bit). Both VMs are connected to the internet via Network Adapter NAT on the VMware settings.
My host machine is a classic Windows 10 with a VMware Network adapter (VMnet8) used by both VMs (from what I've understood). I'm already able to ping both VMs from each other (they're on the same subnet)
I would like to use one of the two VMs as a "gate" to access the internet (which is provided by the host machine) on the other VM but, I can't understand how do I need to link the virtual network adapter to achieve my goal.
I would like to use a VM as a "gate" to the internet because I'm testing iptables and I would like to exercise to use it as a firewall, filtering traffic on the "gate" VM
First of all you have to make sure the IP forward is active. To do that you have to go to /etc/ and edit the file sysctl.conf using:
sudo nano /etc/sysctl.conf
Remove the commend (the #) from the line net.ipv4.ip_forward=1
About the iptables rules, you need a POSTROUTING rule
sudo iptables -t nat -A POSTROUTING -s your_ip/24 -o your_network_interface -j MASQERADE
where, in your case, the your_ip could be something like 192.168.125.0 (meaning all the traffic from the 125 subnet) and your_network_interface could be eth0

IP not getting released from interface - Redhat 7

I am trying to use a single IP as a "floating IP" by assigning it to a secondary interface eth1 between 2 VMs. The primary interface eth0 has 2 different IPs for both VMs. Only one of the VMs will have the IP assigned to eth1 at any given time. If we have any issues with the primary VM we will unassign the IP from eth1 of the primary VM and reassign it to the secondary VM.
We are unassigning and assigning the IP using -
/sbin/ip addr ${ACTION} ${IP} dev ${INTERFACE}
However once we unassign the IP from eth1 of the primary VM and assign it to eth1 of the secondary VM I am unable to ssh to the secondary VM right away. I get a -
ssh: connect to host x.x.x.x port 22: Connection timed out
After about 15 mins some cache somewhere gets cleared and then I am able to ssh to the secondary box.
Have the following setting already updated in sshd_config and sshd has been restarted.
GSSAPIAuthentication no
UseDNS no
We are using Redhat 7.6
Any help in the troubleshooting what could be causing the delay in ssh'ing to the secondary box is much appreciated!
Thanks!
Your issue is with your network gear and the clients arp tables.
After you change the address check your arp tables with arp -a on Linux and show ip arp (Cisco gear). You will see the old MAC address maps to the old server IP.
After you change ip addresses send a gratuitous arp and that will force everything to update.
Assume your ethernet address is 10.0.10.1 and you are using eth1.
yum install arping -y
arping -A -I eth1 10.0.10.1
This very similar to what VMware does when you VMotion a VM to another host. It sends an RARP to notify the network the MAC address has moved to different a port.
EDIT: Also note, in older RHEL ver ifup-eth script used the arping tool to send a GARP. That means I might also try ip link set eth1 down and ip link set eth1 up see if that works.
This issue got resolved. We had to update the arp neihbor cache to get this to work so incorporated that into our script.

cannot connect to internet from virtual machine

I am using Vmware Player to use Ubuntu 14.04 but I am unable to get any internet connection in my virtual machine even though my system is connected to the internet. The original OS in my system is Windows 7. Can anybody suggest the way out.
Found the solution by browsing through multiple threads. Compiling it here.
EDIT : Please check if your network is in bridged mode or not if you are using VMWare/ VirtualBox before following the steps below. Enabling bridge mode and restarting guest OS can resolve the issue.
First check if your network is disabled by using the following cmd in terminal:
sudo lshw -C network
If it shows disabled after the name of your adapter ( note down the logical name for later use)
*-network DISABLED
description: Ethernet interface
product: 82545EM Gigabit Ethernet Controller (Copper)
vendor: Intel Corporation
physical id: 1
bus info: pci#0000:02:01.0
logical name: ens33
All we need to do is enable the adapter, so lets get started.
open up your interfaces file by using the following cmd:
sudo gedit /etc/network/interfaces
My file had the following data written:
auto lo
iface lo loopback
But the logical name of my NIC was ens33 ( not lo), so i changed it to read the following and saved the file.
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto wlan0
iface wlan0 inet dhcp
Now time to restart the networking service.
sudo /etc/init.d/networking restart
check if network is back up, it shouldn't have that disabled tag anymore.
sudo lshw -C network
Enjoy your internet :)
If that doesn't work -> But as explained earlier change the network adaptor settings to bridged in your virtual machine settings.
If all that does not work, the best way to resolve the issue is
Restore your VM network settings
If you are using an older version download a new version (trial version would also work) - we are just updating your settings
Follow the steps:
Depending on how you are connected to the network, try either Bridged or NAT mode for the VM's network adapter. Keep in mind that you may lose connectivity from the host machine to the VM. In this case you'll need another network adapter.
In most cases NAT should work. In this case only your host machine's IP is visible to the network, and ports are allocated for the VM to communicate to the outside world. The problem is that you can't connect to the VM from the host machine if you need to. Add another adapter as I mentioned above and connect to its IP address. You will have two adapters - one for the Internet and the other for host-to-guest.
In the bridge mode the VM is visible to the outside network, so a network configuration is required that enables the VM to get an IP address and participate in the network (for example, network administrators may block unknown MAC addresses). The host machine talks with the VM as it were just a computer on the network.
Update your question with additional information if my suggestion does not work: guest OS, how your host computer is connected to the network, what the current configuration of the VM's network adapters is. Is it a home or a workplace computer?
UPDATE
So I guess if you are connected to a corporate LAN, then NAT will work while Bridge will not. To add another interface 1) add an adapter in VMWare Player; 2) Add an interface in Ubuntu. Assuming your existing interface is eth0, edit /etc/network/interfaces, adding these lines:
auto eth1
iface eth1 inet dhcp
Then restart the networking service:
sudo /etc/init.d/networking restart
UPDATE 2
Another reason for your not being able to connect to the Internet may be a proxy server. Make sure that the proxy configuration in the VM is the same as in the host machine.
CLose VM,
Go to VM Settings and Network adapters
Then click on adapter 1 and select Shared Networking NAT.
Start VM

(Networking) XM6i emulating NetBSD 4.0.1 x68k

I have installed NetBSD 4.0.1 x68k on XM6i (http://www.ceres.dti.ne.jp/tsutsui/netbsd/x68k/NetBSD-x68k-on-XM6i.html) as a virtual machine emulating a 68030 platform. I have gotten everything to work except networking.
According to the documentation, you need to install a TAP-Win32 network adapter from OpenVPN installer, which I have. I have set the ipv4 settings of this adapter to IP address: 192.168.2.1 and Netmask: 255.255.255.0
In NetBSD, I have created a /etc/ifconfig.ne0 file to configure the ne0 network interface, which I assume represents the TAP-Win32 adapter. This file sets IP address to 192.168.2.17 and Netmask to 255.255.255.0
When i use "ping 192.168.2.1" on NetBSD I am unable to ping the host, the error message being: "host is down"
Does anyone know whats going wrong? If anyone could give me any advice I would be most grateful.
Update: Above problem has been solved .... but not quite.
If I have tinkered around with settings on host, now I can ping guest only if I run tcpdump -i ne0 on guest. Then after that I can also ping the host from the guest. I have tried restarting and trying without tcpdump but the changes didnt seem to stick, so i have to run tcpdump in order to setup the host only connection.
Is there any way I can do this without tcpdump and make the fix stick?
Edit: Here is the link to the new question with a more detailed explanation of the problem: Host Only connection NetBSD to Windows
It turns out to run a complete networking emulation on a 68030 machine on the latest version of XM6i, you need to run tcpdump on boot. There is no way around it.