Saturday, January 29, 2011

Use a random IP from a pool of static IPs for outgoing traffic.

I have got multiple Windows VBoxes running on a linux machine. The linux machine has got 20 static real IP addresses set, all on eth0. The VBoxes are configured to use NAT, which uses the default gateway IP address set on the linux machine to access the Internet. Herein lies the problem.

I want to each VBox to use a different IP for accessing Internet from the pool of 20 IPs (be it random or assigned) and not the default gateway set on the Linux box.

Any idea on how to do it?

What I have tried and doesn't work is use VBoxManage to take care of this thing as per VBox documentation...

VBoxManage VBoxInternal/Devices/pcnet/0/LUN#0/Config/http/BindIP "203.203.203.203"

That doesn't work.

I guess I might have to use iptables command on the linux box to configure it so that ip routing chain uses a random IP for all outgoing traffic, or multiple default gateways or something like that.

Update 1: Because this is a rented server I don't have access to the router. The DHCP that Windows VBoxes use is installed and managed by VirtualBox application running on linux which works only for the VBoxes.

Update 3: raerek provided the solution to use bridge instead of NAT. I found out that setting bridged network is not as simple as "just set it from a droplist". I probably need to install or configure drivers on the Linux machine. While I am still checking it, any solution that keeps the NAT (which works) and still being able to use an IP from the pool will be welcome.

From serverfault CDR

  • instead of setting 20 ip addresses on the linux host.... have you tried to setup DHCP on the router... by which any windows guest on the linux host would automatically get one... ?

    CDR : Because this is a rented server I don't have access to the router. The DHCP that Windows VBoxes use is installed and managed by VirtualBox application running on linux which works only for the VBoxes.
    From $pageUsers[$post.author].name

  • If I understand correctly, you do not need the 20 IPs for the linuxbox, so you'd better use bridged network instead of NAT, and give the unnesecary IPs directily to the VMs running Win. So from outside it will appear that you got a Linux and some Windows machines, all on the same segment. Only the Ethernet layer will know they are one, from the IP layer they'll look different machines with different IPs.

    CDR : What about firewall? Windows boxes are XP SP2 and I know they are fully insecure. I would try to protect those from the Linux machine if possible.
    From raerek

  • To secure Windows boxes from incoming traffic in a bridged, set up a netfilter firewall using iptables, with rules containing the Windows IP addresses or interface names (eth0:0, eth0:1 etc.).

    From pts
Posted by Ku XI at 5:31 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)