The Lab Rebuild – Networks!

Posted on by

As this is just a home lab, I do not require a full enterprise solution for networking. No fancy switches needed here (although I do own multiple Cisco bits and pieces but these wont be implemented).

I have decided that I want to break the network down into the following VLANs.

  • LAN/Management (192.168.1.x /24)
  • Storage (192.168.2.x /24)
  • Test (192.168.3.x /24)
  • WLAN (192.168.4.x /24)

I am looking to implement Hyper-V as my virtualisation platform but at the moment, only a single node will be put in place. The method I have used to create these networks will allow for me to expand and create a failover network also for failover and migration traffic.

So how do we go about doing this and ensure each network is connected to the web? There are multiple ways of achieving this goal, setting up a “router on a stick”, fully managed router with VLAN capability. I have decided to use the Routing and Remote Access Role to configure my NAT’d networks.

How does it work?

Simple really – I will be using a HP Microserver N40L with a Quad Port Gigabit NIC installed. My primary VLAN, 192.168.1.x is already established and is what is configured on my router to gain access to the internet. With RRAS, you can NAT a single address and configure the gateways of your new VLANs to communicate via the primary network (192.168.1.X).

Still doesnt make sense? my gateway for my 1.x VLAN is 192.168.1.254. We will set the IP address for the LAN VLAN on the RRAS box as 192.168.1.253.

We want all our gateway addresses for all VLANs to end in 254 (this is what the clients will be configured to point to using DHCP.

When a network request is made, be it a internal or external query, it will communicate via the standard gateway which will in-turn query the LAN IP and pass on traffic.

e.g, a client, 192.168.4.10 wants to ping Google DNS. The external query will pass packets through to 192.168.4.254 which will relay packets through 192.168.1.253.

 

RRAS

Makes sense? Good. Right, so how do we do it? Good question.

I will not be describing how to deploy Windows Server and will assume you are able to deploy Server yourself. I will not be going into detail on switch configuration as everyone will have their own way of wanting to configure switches. I will be using a “ghetto” setup of 3 8 port managed switches.

Pre-Req – Have the adapters you will be using connected to a switch to ensure you can configure addresses. Addresses can not be configured on unplugged adapters.

Okay, lets get started.

  1. Open up Network Connections and configure the networks as follows (it is also to note which MAC address belongs to which adapter when connecting up network cables):
    1. Adapter #1:
      1. Name: LAN
      2. IP Address: 192.168.1.253/24
      3. Gateway: 192.168.1.254

       

    2. Adapter #2:
      1. Name: STORAGE (192.168.2.0)
      2. IP Address: 192.168.2.254/24

       

    3. Adapter #3:
      1. Name: LAB (192.168.3.0)
      2. IP Address: 192.168.2.3/24

       

    4. Adapter #4:
      1. Name: WLAN (192.168.4.0)
      2. IP Address: 192.168.3.4/24

For speed purposes, I used the following powershell script to configure the 3 new VLAN adapaters.

[sourcecode language=”powershell”]
Get-NetAdapter –Name *STORAGE* | New-NetIPAddress –IPAddress 192.168.2.254 –PrefixLength 24
Get-NetAdapter –Name *LAB* | New-NetIPAddress –IPAddress 192.168.3.254 –PrefixLength 24
Get-NetAdapter –Name *WLAN* | New-NetIPAddress –IPAddress 192.168.4.254 –PrefixLength 24
[/sourcecode]

Nice and easy so far! Next step!

Open up Server Manager and select Add Roles. Locate and select the Remote Access role. Accept the default settings and you will then be shown the Role Services page, here you will need to ensure you select Routing.

Using Routing and Remote Access, right-click the Server Name, and select Configure and Enable Routing and Remote Access.

Use the following settings for the Configure and Enable Routing and Remote Access Setup Wizard:

  1. Configuration:
    1. Network address translation (NAT)
  2. NAT Internet Connection:
    1. Select the LAN network interface.

Next you will need to select one of the new VLANs (we will add the others later).

    1. Select the STORAGE network
  1. Name and Address Translation Services
    1. We will set up name and address services later.

To add the remaining adapters:

Drop down the IPV4 tree under the Server Name

Right Click NAT, Select New Adapter

New Adapter

Select the adapter and ensure private is selected and select OK.

Private Adapter

All Done! You’re NAT window should now look like this:

Final RRAS

Now that we have all of our new VLANs NAT’d, we can now focus on IP distribution. I have chosen to deploy DHCP onto my RRAS server to distribute addresses strictly for my NAT’d VLANs. No specific reason why, just personal preference. I have then deployed DNS onto this box and created reverse forwarders for these IP ranges.

This can also be carried out directly on Hyper-V using virtual adapters if you dont want the overhead of physical devices!

To test, plug in your devices and a address should be distributed using DHCP and you will have access out to the internet!

Comments

Leave a comment

Your email address will not be published.
Required fields are marked *