I want to create a network like this:
Internet -- physical router -- host (network 192.168.178.x)
-- virtual machine dmz -- eth0 (connected to pyshical router)
-- eth1 (connect to isolated network 10.0.0.x)
-- virtual machine www - eth0 (connect to isolated network 10.0.0.x)
I have a virtual host which is conntected to my physical router with eth0 and ip4 address 192.168.178.100. I create a virtual machine dmz which connects 'direct' to my router via my physical device eth0 on the virtual host:
<network connections='1'>
<name>direct</name>
<uuid>379d4687-445e-4bc6-8354-b555c7f18b15</uuid>
<forward dev='eth0' mode='bridge'>
<interface dev='eth0' connections='1'/>
</forward>
</network>
On my virtual machine i create a second nic eth1 which is connected on a virtual network virbr-local:
<network>
<name>local</name>
<uuid>d31b2e0d-810b-4ba0-8ac4-02bc53746142</uuid>
<bridge name='virbr-local' stp='on' delay='0'/>
<mac address='52:54:00:92:06:5c'/>
<domain name='local.box'/>
<dns>
<forwarder addr='192.168.178.1'/>
</dns>
<ip address='10.0.0.1' netmask='255.0.0.0'>
<dhcp>
<range start='10.0.0.100' end='10.0.0.255'/>
<host mac='52:54:00:51:31:86' ip='10.0.0.30'/>
</dhcp>
</ip>
<route address='10.0.0.0' prefix='8' gateway='10.0.0.30'/>
</network>
Now I want to create a second virtual machine which connects to the internet through the virtual machine dmz on the virbr-local subnet. Is there a way to accomplish this kind of setup?
My routing table on the virtual host looks likes this:
Destination Gateway Genmask Flags Metric Ref Use Iface
default fritz.box 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 * 255.0.0.0 U 0 0 0 virbr-local
10.0.0.0 10.0.0.30 255.0.0.0 UG 1 0 0 virbr-local
192.168.178.0 * 255.255.255.0 U 0 0 0 eth0
But when I want to ping an address from the www virtual machine I get a unreachable network message. I setup a DNAT om the virtual machine dmz. But looking witch tcpdump on eht1 there's no traffic.I appreciate some help to setup the network. I clearly missing something.
