Skip to content

Networking

Goal

  • In this project you'll create a database and learn how to connect to it.

Hints

  • Try to solve the following tasks on your own without using the hints.
  • If you get stuck, you'll find an expandable hint block for every task with a detailed description of the solution.

Preparation - Configure VSCode

In this hands-on, we will look at connecting two VMs with private networks. This is easiest if the ssh connection to the two VMs are open side by side in split terminal windows. To do this, open VSCode, open a terminal, and click Split Button. Your VSCode should look more or less like this:

Split View

Task 1 - Create the two VMs

  • Create a security group with the CLI
exo compute security-group add network-handson-sg
exo compute security-group rule add network-handson-sg --port 22 --network
  • Set a variable for your existing ssh key
SSH_KEY_NAME=<your ssh key name>
  • Create the two VMs with the CLI
exo compute instance create \
  --disk-size 10 \
  --instance-type standard.micro \
  --template "Linux Ubuntu 22.04 LTS 64-bit" \
  --security-group network-handson-sg --ssh-key "$SSH_KEY_NAME" network-handson-vm1
  • Wait for the first vm to be ready and then create the second one
exo compute instance create \
  --disk-size 10 \
  --instance-type standard.micro \
  --template "Linux Ubuntu 22.04 LTS 64-bit" \
  --security-group network-handson-sg --ssh-key "$SSH_KEY_NAME" network-handson-vm2

Task 2 - Connect the two VMs

  • Connect to the first VM in the left terminal
ssh ubuntu@<ip>
  • Connect to the second VM in the right terminal
ssh ubuntu@<ip>

Task 3 - Test initial network connection

  • In the left terminal, ping the second VM
ping -c 3 <ip>

The VMs can not reach each other yet. We know already how to open up the security groups to make this work, however, in this hands-on we will first use private networks.

Task 4 - Create a managed private network

  • Create a managed private network with the UI or the CLI connecting the two VMs that we just created
Hints
  • Go to the Exoscale UI
  • Click on Compute in the left sidebar
  • Click on Private Networks in the left sidebar
  • Click on Add
  • Select DE-FRA-1 as the zone
  • Give the network a name
  • Select Managed as the type
  • Leave the default ip configuration
  • Click on Create
  • Select the network that you just created
  • Click on Attach
  • Select the two VMs that we just created

Task 5 - Enable the private IPs

The VMs we are using are not configured to use DHCP. Therefore we need to enable it manually.

  • In both VMs, run
sudo su
dhclient eth1

Task 5 - Test the private network

  • In the right terminal run the following command to monitor all incoming icmp traffic
tcpdump -i eth1 icmp
  • In the left terminal, ping the second VM, use the private IP that was assigned in the managed private network
ping -c 3 <ip>
  • You should see the ping requests in the right terminal
  • Stop the tcpdump in the right terminal with Ctrl + C

Task 6 - Create an unmanaged private network

  • Create an unmanaged private network with the UI or the CLI connecting the two VMs
Hints
  • Go to the Exoscale UI
  • Click on Compute in the left sidebar
  • Click on Private Networks in the left sidebar
  • Click on Add
  • Select DE-FRA-1 as the zone
  • Give the network a name
  • Select Manual as the type
  • Click on Create
  • Select the network that you just created
  • Click on Attach
  • Select the two VMs that we just created

Task 7 - Configure IP addresses for the VMs

  • In both VMs, run
ip a

The VMs now have a third network interface. This interface is not configured yet.

  • In the left terminal run:
ip addr add 192.168.0.1/24 dev eth2
ip link set eth2 up
  • In the right terminal run:
ip addr add 192.168.0.2/24 dev eth2
ip link set eth2 up
  • Start the tcpdump in the right terminal again
tcpdump -i eth2 icmp
  • In the left terminal, ping the second VM
ping -c 3 192.168.0.2
  • You should see the ping requests in the right terminal
  • Stop the tcpdump in the right terminal with Ctrl + C

Task 8 - Open the security groups

  • Start the tcpdump in the right terminal again, this time for the eth0 interface
tcpdump -i eth0 icmp
  • In the left terminal, ping the second VM
ping -c 3 <ip>
  • This will not work yet, because the security groups are not open
  • Open the security groups for icmp traffic from all instances in the same security group
Hints
  • Go to the Exoscale UI
  • Click on Compute in the left sidebar
  • Click on Security Groups in the left sidebar
  • Click on the security group that you created in task 1
  • Click on Add Rule
  • Click on Add Custom Rule
  • Select ICMP as the protocol
  • Select Security Group as the source type
  • Select the security group that you created in task 1
  • Click on Create
  • In the left terminal, ping the second VM
ping -c 3 <ip>
  • You should now see the ping requests in the right terminal