I know it’s been a while. No, I haven’t been lost, in Guantanamo or similar. I was just too lazy/busy to write a post. But luckily I’m back. đŸ™‚
Today I’m going to write about how to connect GNS3 lab to the internet. For this we are going to have to create a tap interface on our Debian box. First thing would be to install the uml-utilities on your Debian box.
[10:52:55] xavi@lstkco14073: ~ $ sudo aptitude search uml-utilities
i uml-utilities – User-mode Linux (utility programs)
[10:53:00] xavi@lstkco14073: ~ $
Now install with:
[10:53:00] xavi@lstkco14073: ~ $ sudo aptitude install uml-utilities
Once uml-utilities is installed you can execute the following script to bring up a tap interface.
#!/bin/bash sudo tunctl -t tap0 -u `whoami` sudo ifconfig tap0 192.168.1.1 netmask 255.255.255.252 up /sbin/ifconfig tap0
[11:02:06] xavi@lstkco14073: ~ $ sh tap0
Set ‘tap0’ persistent and owned by uid 1000
tap0 Link encap:Ethernet HWaddr 5e:3c:9d:d8:ff:9a
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.252
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[11:02:17] xavi@lstkco14073: ~ $
We would need to connect this tap interface to the GNS3 simulation. We also would need to configure iptables to allow routing on the Debian box. For that we need to execute the following script.
#!/bin/bash # Script to enable IP packet forwarding and NAT # # eth0 is Internet connected interface # Enable IP Forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Clean up iptables iptables -F iptables -t nat -F iptables -X # Enable IP MASQUERADING/NAT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Set firewall policies iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT # Allow all connections not from wlan0 iptables -A INPUT ! -i eth0 -j ACCEPT # Allow all ICMP connections iptables -A INPUT -p ICMP -j ACCEPT # Allow all already established connections iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
In our next post we would configure the GNS3 simulator. Comments are always welcome.