System and Network configuration • Debain 12 VM as router for private network

Hi there,

I am trying a little network setup at home (just for learning for now):
1. Router (Internet connectivity): 192.168.31.1


2. Virtual Machine 'VM HomeServer' (Debian 12):
- IP Address: 192.168.31.230 for ‘public network’
- IP Address: 192.168.1.4 for private network
- This VM should act as router for the private network (in particular for ‘VM Sandbox’)
2.1 IP Address:
enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:41:2f:9d brd ff:ff:ff:ff:ff:ff
inet 192.168.31.230/24 brd 192.168.31.255 scope global enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe41:2f9d/64 scope link
valid_lft forever preferred_lft forever
enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:26:30:9f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.4/24 brd 192.168.1.255 scope global enp7s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe26:309f/64 scope link
valid_lft forever preferred_lft forever

2.2 Netplan:
network:
version: 2
renderer: networkd
ethernets:
enp7s0:
addresses:
- 192.168.1.4/24
dhcp4: no
routes:
- to: 192.168.1.0/24
via: 192.168.1.4
table: 101
- to: default
via: 192.168.31.1
table: 101
routing-policy:
- from: 192.168.1.0/24
table: 101
enp1s0:
addresses:
- 192.168.31.230/24
dhcp4: no
routes:
- to: default
via: 192.168.31.1
on-link: true
- to: 192.168.31.0/24
via: 192.168.31.1
table: 102
routing-policy:
- from: 192.168.31.0/24
table: 102

2.3 /etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1
net.ipv4.ip_forward=1

2.4 UFW: inactive

2.5 VM network adapter is set as bridged on host.


3. Virtual Machine 'VM Sandbox' (Debian 12)
- IP Address: 192.168.1.100 for private network
- This VM should communicate via ‘VM HomeServer’ with any computer on the private network or internet
2.1 IP Address:
lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:9b:35:94 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe9b:3594/64 scope link
valid_lft forever preferred_lft forever

2.2 Netplan:
network:
ethernets:
enp1s0:
dhcp4: no
dhcp6: no
optional: false
addresses:
- 192.168.1.100/24
routes:
- to: default
via: 192.168.1.4
version: 2
renderer: networkd

3.3 UFW: inactive

3.4 VM network adapter is set as bridged on host.


Results:
I can ping from ‘VM HomeServer’ to ‘VM Sandbox’ succfessful.
I can ping from ‘VM Sandbox’ to ‘VM HomeServer’ succfessful.
I can ping any public IP (e.g. 8.8.8. from ‘VM HomeServer’.

Issue:
I can’t ping any public IP (e.,g. 8.8.8. from ‘VM Sandbox’ as it shows a 100% packet loss.
I can’t dig any URL from ‘VM Sandbox’ as it shows the followign error message: communications error to 192.168.31.1#53: timed out.
A ‘traceroute’ to a public IP (e.g. 8.8.8. shows the following result (i.e. never finishesand just continues with ‘*’):
traceroute to 8.8.8.8 (8.8.8., 64 hops max
1 192.168.1.4 0.869ms 0.680ms 0.652ms
2 * *
A ‘traceroute’ to a private IP in the router network (e.g. 192.168.31.200 – another PC in my network) shows the following result (i.e. never finishesand just continues with ‘*’):
traceroute to 192.168.31.200 (192.168.31.200), 64 hops max
1 192.168.1.4 0.884ms 0.492ms 0.702ms
2 *

Question:
Any idea how I can enable ‘VM Sandbox’ to reach any PC in network ‘192.168.31.xxx’ and the internet via ‘VM HomeServer’ .

Thank you for your help.
C.

Statistics: Posted by maggiv8 — 2024-11-19 10:10 — Replies 0 — Views 6

---