Virtualization and 2 NIC setup question

Discussion in 'sandboxing & virtualization' started by glentrino2duo, Dec 3, 2008.

Thread Status:
Not open for further replies.
  1. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    I am not sure if this is the proper forum but I'd appreciate any help/assistance/ideas...

    We have two networks totally isolated from each other (physically and with different subnets), one internal network only and one that connects to the internet only (with firewall of course). Usually those that are authorized to access the internet have two machines for each network, internal domain and internet.

    Now, with virtualization technology, we're thinking of reducing costs by setting up only one computer with two NICs. One for the internal network and one for a virtual machine that connects to the internet.

    How can I make the second NIC (the one for the quest OS) invisible/inaccessible to the host OS?
     
    Last edited: Dec 3, 2008
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,693
    With firewall rules.
    Also prevent routing from subnet a to subnet b...
    Mrk
     
  3. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    Thanks Mrkvonic for the reply. Exactly how do I prevent routing from subnet to subnet with the host? so, that there's no traffic between the host OS and NIC #2. Host OS will be Windows XP (for network).
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,693
    What firewall will you be using?

    I was thinking more along the line of something linux-like, but you can manage with fine with a solid Windows firewall too. Preferably something you can control per-rule and not per-application.

    Mrk
     
  5. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,547
    You do not need a firewall to achieve this. Simple disable the components at that NIC on the host. [Internet Protocol (TCP/IP), Client for Microsoft Windows, file and printer sharing For Microsoft Networks]

    Panagiotis
     
  6. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    Thanks! What I actually did was set it to static IP address, different subnet and DNS to itself in the host.
    Like if NIC 2 is physically connected to 192.168.10.0/255.255.255.128 network, I set it to IP 10.10.10.10/255.255.255.0/GW:10.10.10.10/DNS:10.10.10.10. With this setup, no network traffic whatsoever between host and NIC#2 network.
     
  7. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,547
    Yes, this is another method to do it.
    But, disabling the components is safer, since it "disconnects" that nic from the network. And it is easier to do it. ;)

    Panagiotis
     
  8. glentrino2duo

    glentrino2duo Registered Member

    Joined:
    May 8, 2006
    Posts:
    310
    You are right! I just tried your method, simply untick the boxes in LAN properties. Yes, will use your suggestion. Big thanks!
     
Loading...
Thread Status:
Not open for further replies.