You are here:   Research
  |  Login

Welcome to my blog, quickest way to find articles is usually to search for them.

Minimize
Search in All Title Contents
 
     

Using a virtual router for your lab and test environment

Dec 13 2012

When build lab and proof-of-concept solutions in a virtual environment it's very useful to also have a virtual router to enable multiple networks to connect, and to simulate a larger environments. Depending on virtualization platform you can use built-in network configurations to route, and bandwidth-limit network traffic.

In this article you learn to use a Windows Server 2016 based router, but the steps also works for Windows Server 2012 R2. The configuration works for both Hyper-V and VMWare environments, but the detailed steps and screenshots are taken from a Hyper-V based setup.

Note: For a guide on using a more advanced, Linux-based router instead, check out this post: 

Using pfSense Community Edition as a virtual router for your lab environment
http://deploymentresearch.com/Research/Post/614/Using-pfSense-Community-Edition-as-a-virtual-router-for-your-lab-environment

Scenario

In this guide you learn to setup NAT and Routing for two different sites: New York, and Chicago.

The NAT configurations is to provide Internet access to the sites, and the Routing is make sure machines in New York can reach machines in Chicago.

net
Very shiny Microsoft paint creation :)

Note #2: There is a video available for a Windows Server 2012 R2 version of the setup.

Note #3: I have posted a guide on how to configure Windows Server 2012 R2 RRAS (Option 1) with PowerShell.

Note #4: If you only are interesting in providing Internet access for a single network, you can just use the NAT feature in Hyper-V or VMware, no need for a virtual router. Ami Casto (@mdtpro) blogged about the Hyper-V NAT feature here: http://deploymentresearch.com/Research/Post/558/Setting-Up-New-Networking-Features-in-Server-2016.

Note #5: Yes, I wrote this guide for Windows Server 2012 R2, but you can absolutely replace Windows Server 2012 R2 with Windows Server 2016 in this guide.

    Scenario

    The step-by-step guides in this article configure a virtual router for part of (two sites) the fictive ViaMonstra network. For a full IP plan for ViaMonstra network, see http://viamonstra.com/?page_id=25.

    In this scenario you configure routing between the following local networks, and also provide them Internet access.

    • New York: 192.168.1.0/24
    • Chicago: 192.168.3.0/24

    In addition ViaMonstra also have Internet access. In a real world (physical) network you would have many routers, but in a virtual environment where all virtual machines are running on the same host you only need one router. This also means that in this guide there are two internal virtual networks (virtual switches in Hyper-V), and one external network.

    Creating the virtual networks (virtual switches in Hyper-V)

    Using Hyper-V Manager (or PowerShell), create the following virtual switches (if you are new into Hyper-V, check this documentation on how to create virtual networks: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/connect-to-network):

    • External network
      • Name: External
      • Connection Type: External network (connected to physical network adapter of your host)
    • New York       
      • Name: New York
      • Connection Type: Internal network
    • Chicago
      • Name: Chicago
      • Connection Type: Internal network

    VM
    The virtual switches configured.

    Create the Virtual Router VM in Hyper-V

    1. Create a virtual machine named GW01 with three network adapters (1 GB RAM and 60 GB disk).

    2. In the virtual machine settings, connect network adapter #1 to the External virtual network.

    3. Connect network adapter #2 to the New York virtual network.

    4. Connect network adapter #3 to the Chicago virtual network.

    5. On the virtual machine settings, make a note of the Mac Address for each network adapter. In my setup I had the following:   

    Adapter #1 (External): 00:15:5D:01:00:41

    Adapter #2 (New York): 00:15:5D:01:00:42

    Adapter #3 (Chicago): 00:15:5D:01:00:43

             

        NET01
        GW01 created with three network adapters.

        Option 1 - Using a Windows Server 2012 R2 or Windows Server 2016 VM with Routing and Remote Access.

          1. Install Windows Server 2012 R2 or Windows Server 2016 on GW01 and set the computer name to GW01.    

          2. Using Network Connections, configure the networks to the following.

          Note: Use the Mac Address you noted earlier to find correct adapter, they are very likely to be different in your environment :)

          Adapter #1 (00:15:5D:01:00:41)

            • Name: Internet
            • IP Address: DHCP

          Adapter #2 (00:15:5D:01:00:42)

            • Name: New York
            • IP Address: 192.168.1.1
            • Subnet mask: 255.255.255.0
            • DNS: 192.168.1.200

          Adapter #3 (00:15:5D:01:00:43)

            • Name: Chicago
            • IP Address: 192.168.4.1/24
            • Subnet mask: 255.255.255.0
              • DNS: 192.168.1.200

             

            net02
            Networks configured in Network Connections.

            3. Verify that you have Internet access by running the Test-NetConnection command in a PowerShell prompt.

            net05
            Verifying Internet access on GW01.

            4. Using Windows Firewall with Advanced Security, enable the File and Printer Sharing (Echo Request – ICMPv4-In) inbound rule.

             

            net03
            Configuring the firewall rules on GW01.

             

            5. Using Server Manager, add the Remote Access role, click Next three times, and on the Role services page, select Routing, and accept to add the features that are required.

            6. Complete the Add Roles and Features Wizard with the default settings, and when the setup is completed, click Close.

            7. Using Routing and Remote Access (from the start menu), right-click GW01 (local), and select Configure and Enable Routing and Remote Access.

            8. Use the following settings for the Configure and Enable Routing and Remote Access Setup Wizard:

            • Configuration: Network address translation (NAT)
            • NAT Internet Connection:        

                                  

                net04
                Selecting the Internet network interface.

                  

                • Network Selection: Select the New York network        

                Note: When finish the Routing and Remote Access Server Setup Wizard, ignore the error about the VPN firewall setting. That feature is not used when routing only.

                    9. Still in Routing and Remote Access, navigate to GW01 (Local) / IPV4 / NAT.

                    10. Right-click NAT and select New Interface. Then select the Chicago and click OK.

                    11. On the Network Address Translation Properties – Chicago page, make sure the private interface connected to private network option is selected, and click OK.

                    12. Still in Routing and Remote Access, navigate to GW01 (Local)

                    Done! :)   

                    Verifying that routing and NAT works

                    Time to verify that everything works: For example by deploying two virtual machines with Windows 10. In this scenario the PC0001 VM is in the New York site, and the PC0002 VM is in the Chicago site.

                    Testing NAT on the New York site

                    Configure the PC0001 VM to be connected to the New York virtual switch, and assign the following IP configuration to it:

                    • IP Address: 192.168.1.90
                    • Subnet mask: 255.255.255.0
                    • Default Gateway: 192.168.1.1
                    • DNS: Whatever DNS you are using, but for example 8.8.8.8 (Google DNS) works fine for testing.

                    Verify that you can ping 192.168.1.1

                    Verify that you can ping 8.8.8.8

                    Try to browse the Internet.

                     

                    Testing NAT on the Chicago site

                    Configure the PC0002 VM to be connected to the New York virtual switch, and assign the following IP configuration to it:

                    • IP Address: 192.168.4.90
                    • Subnet mask: 255.255.255.0
                    • Default Gateway: 192.168.4.1
                    • DNS: Whatever DNS you are using, but for example 8.8.8.8 (Google DNS) works fine for testing.

                    Verify that you can ping 192.168.4.1

                    Verify that you can ping 8.8.8.8

                    Try to browse the Internet.

                    Testing Routing between the sites:

                    From a command prompt on PC0001, verify that you can ping PC0002 (192.168.4.90).

                    Note: If you can’t ping PC0002, verify that you don’t have a firewall rule that prevents it.

                       

                     

                    Happy Routing / Johan








                    Happy deployment, and thanks for reading!
                    / The Deployment Research team



                    Ami Casto

                    Johan Arwidmark

                    Blog Archive

                    Minimize