# VM Setup- Virtualbox- 3x Alpine 3.9 Virtual Machine## Network### Virtua

1. # VM Setup
2.  
3. - Virtualbox
4. - 3x Alpine 3.9 Virtual Machine
5.  
6. ## Network
7.  
8. ### VirtualBox
9.  
10. - Tools - Network
11. - `vboxnet0`
12. + `10.0.0.254/24`
13. + DHCP Enabled
14.  
15. ### Alpine 1
16.  
17. - eth0: NAT
18. + Used for internet
19. - eth1: Host-Only Adapter: `vboxnet0`
20. + Used to SSH into the machine from the host
21. - eth2: Internal Network: `VRF-2`
22. + Used to connect to Alpine 2
23. - eth3: Internal Network: `VRF-3`
24. + Used to connect to Alpine 3
25.  
26. ### Alpine 2
27.  
28. - eth0: NAT
29. + Used for internet
30. - eth1: Host-Only Adapter: `vboxnet0`
31. + Used to SSH into the machine from the host
32. - eth2: Internal Network: `VRF-2`
33. + Used to connect to Alpine 1
34.  
35. ### Alpine 3
36.  
37. - eth0: NAT
38. + Used for internet
39. - eth1: Host-Only Adapter: `vboxnet0`
40. + Used to SSH into the machine from the host
41. - eth2: Internal Network: `VRF-3`
42. + Used to connect to Alpine 1
43.  
44. ### All Alpines config
45.  
46. - All Alpine virtual machines have this config:
47.  
48. __/etc/network/interfaces__:
49. ```
50. auto lo
51. iface lo inet loopback
52.  
53. auto eth0
54. iface eth0 inet dhcp
55.  
56. auto eth1
57. iface eth1 inet dhcp
58. ```
59.  
60. __install packages__
61. ```shell
62. # fixes a issue with dhcp not grabbing the DNS configuration.
63. echo nameserver 8.8.8.8 > /etc/resolv.conf
64. apk update && apk upgrade && apk add dhclient
65.  
66. # we want to see traffic
67. apk add tcpdump
68. ```
69.  
70. - Edit the hostname for the machine
71.  
72. ```shell
73. vi /etc/hostname
74. ```
75.  
76. # VRF Test
77.  
78. ## Alpine 1
79.  
80. - We create 2 loopback adapters, to simulate source traffic from 'VPN' clients
81.  
82. ```shell
83. for NR in $(seq 1 2);
84. do
85. DEV=loopback${NR}
86. ip link add ${DEV} type dummy
87. ip addr add dev ${DEV} 10.8.0.${NR}/24
88. ip link set dev ${DEV} up
89. done
90. ```
91.  
92. - Next we setup the 2 VRF's, they will get table id `102` & `103`
93. - Both VRF interfaces will receive the same IP: `192.168.0.1/24`
94.  
95. ```shell
96. for NR in $(seq 2 3);
97. do
98. VRF_NAME=VRF-${NR}
99. VRF_ID=$((100 + $NR))
100. SLAVE_DEV=eth${NR}
101. # Define the VRF-<NR> and its table id
102. ip link add dev ${VRF_NAME} type vrf table ${VRF_ID}
103. # Add eth<NR> to VRF-<NR>
104. ip link set dev ${SLAVE_DEV} master ${VRF_NAME}
105. # Set the VRF-<NR> in its UP state
106. ip link set dev ${VRF_NAME} up
107. # Set the same IP address to the slave interface
108. ip addr add dev ${SLAVE_DEV} 192.168.0.1/24
109. # Set the slave interface in its UP state
110. ip link set dev ${SLAVE_DEV} up
111. done
112. ```
113.  
114. - Now we can setup source routing rules.
115. + Client `10.8.0.1/32` is only allowed to go into `VRF-2`
116. + Client `10.8.0.2/32` is only allowed to go into `VRF-3`
117.  
118. ```shell
119. VRF_ID=102
120. SOURCE_ADDR=10.8.0.1/32
121. ip rule add from ${SOURCE_ADDR} table ${VRF_ID}
122.  
123. VRF_ID=103
124. SOURCE_ADDR=10.8.0.2/32
125. ip rule add from ${SOURCE_ADDR} table ${VRF_ID}
126. ```
127.  
128. ## Alpine 2 & Alpine 3
129.  
130. - Alpine 2 & 3 need to know the way back to 10.8.0.0/24. We will add the same route to both machines.
131.  
132. ```shell
133. ip route add 10.8.0.0/24 dev eth2
134. ```
135.  
136. ## Testing
137.  
138. - We should now be able to ping `192.168.0.2` from Alpine 1. By specifying a different source IP we can direct the traffic to either Alpine 2 or Alpine 3.
139.  
140. ```shell
141. ping -c1 -I 10.8.0.1 192.168.0.2
142. ping -c1 -I 10.8.0.2 192.168.0.2
143. ```