VMware virtual environment

motherwolfmotherwolf Member Posts: 117
Hey, I'm new to the site and thought I'd give it a try. I've just installed VMware and am trying to set up a Virtual client/server environment for sims practicing. I'm running XP on a client at work which is connected to the Domain. Within my virtual environment I want to have Server 2003 as my virtual server and an XP box or maybe two as my clients. How do I install AD, DNS and DHCP on my virtual server without causing havoc or conflicts to our actual network? I need to create a ficticious domain environment with all the amenities of a real one. Please advise. I'm taking 291 in a week or so and need the sims practice.

P.S. Great site, lots of info :)

Comments

  • Danman32Danman32 Member Posts: 1,243
    AD and DNS won't conflict with the actual network, just be sure your virtual hosts (Servers and XPs) point to the server running DNS for your virtual AD exclusively, and you use a uniqe name for your hosts and domain. Your DNS for AD should in turn forward queries that it can't resolve to the real DNS servers that resolve internet requests.

    DHCP could be a problem, but VM should provide a virtual network that is optionally NATed. DHCP broadcasts won't cross NAT, let alone routers, so it too shouldn't affect your real network.

    Well, DHCP broadcasts can be forwarded by routers if Bootp forwarding is enabled on them.
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    First of all, make sure the computer you run all of these VMs has LOST of memory!!! You want a minimum of 256 for the host os and 256 for each of the guest OSes or it will really really drag.

    Here is how I do my VMWare lab at home:

    I set up the virutal network as either NAT or host-only (NAT is easier to configure - if you do host only and expect to be able to access the internet, you have to have to be able to use the host PC as a router and have an entry in the routing table on your local router or your Virtual Network).

    The VMWare software has a built-in DHCP server, but you really should use the Microsoft one instead if you want to study for the exams. Just find out what subnet is assigned to your virtual network, assign a static IP to your server(s), and proceed with setting up your server lab. If you dont have RRAS with DHCP Relay installed on your host OS then this should not interfere with your work network.

    Make sure your virtual machines are using the DNS (and WINS if you install it) installed in your virtual lab, and not the one for your work network, or else your DNS and WINS server at work. It is OK to specify in the DNS Administrative console on your lab DNS server to forward requests to your ISP DNS server.

    This should be sufficient for closing off your virutal lab from your work environment and vice versa.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,323 Admin
    blargoe wrote:
    Make sure your virtual machines are using the DNS (and WINS if you install it) installed in your virtual lab, and not the one for your work network
    When I'm using VMWare in a testing environment, I completely isolate the VMWare host machine(s) from my home or corporate network. The only external network connection I permit is to the Internet.
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    MS Active Directory is very chatty, don't be surprised if your network boys find it and shut you down. Different domains tend to find each other and like to keep trying to talk even though they shouldn't - I see it all the time on my firewall.

    DHCP requests are broadcast, the computers on the rest of your network won't care if it's the same subnet range they usually get or not - I would recommend using DHCP with every ip address assigned via mac address by reservation - so if you want to create a scope of 192.168.10.3-10 (that's 8 hosts, plenty for your VM machines) set ALL of them to use a reserved mac so they don't accidentally get assigned to some poor soul's workstation.

    Better yet - do it at home and not at work. Unless you have the explicit permission of your boss and the network team. Good luck on your test next week. :)
    All things are possible, only believe.
  • Danman32Danman32 Member Posts: 1,243
    NAT should prevent his virtual packets from getting out though.
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    Correct, as long as she isn't using the "Bridged" network where all hosts are on the same lan as her host PC, the dhcp broadcasts won't matter, since they will be on an isolated network and broadcasts aren't going to cross that boundary unless for some reason her PC is configured as a router that allows DHCP to pass through.

    The chattiness of AD shouldn't matter either, as long as she isn't using bridged networking and her PC isn't allowing stuff to be routed back and forth and she isn't using a company DNS or WINS server in her virutal network, and she isn't trying to access from her host OS the computers on the virutal network.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Thanks for the clarifictation. I don't use VMWare too much.
    I would stilll make sure I at least had the boss's permission. Better safe than sorry. icon_wink.gif
    All things are possible, only believe.
Sign In or Register to comment.