Vista - Virtual Network within Virtual PC

Currently I am running the latest version of VPC 2007 sp1, I have XP Pro in one VM 2000 in one, and Server 2003 in two others. What I want to do is set one server up with DNS, Active Directory, and eventually RIS and WSUS. The other server I would like to be my gateway to the internet and be a DHCP server for VM clients XP and 2000. the servers should have static IPs. Would I use a NAT for the gateway server and assign my static IPs to both servers? Use the the local network as the 2nd adapter on the gateway and then on each of the VMs? Also on the static servers the DNS address would point back to the DNS server in the virtual network correct? I have tried to get this virtual network setup and cannot get the local network to see the Internet through the one sever.

Any help would be appreciated. Thanks in advance.

jcwi65

Hello jcwi65,

I have been playing around with various virtual network setups using Virtual
PC 2004, 2007 and Hyper-V. With 2007, you are correct in assuming to use
NAT for the gateway and static addresses for the servers. Let us assume
that your live network si using the 192.168.10.0/24 addressing scheme. We
will assign the 10.10.1.0/20 for the virtual network.

The gateway should have two adapters, one bound to your physical adapter
(and you can use DHCP for this address if you wish, although we will give it
a static one for this demonstration), and one adapter bound to the "Local
Only" option in VPC2007. All other VMs in the environment will use the
"Local Only" option. I have attached a diagram of a potential layout of
your network.

Static IPs are the way to go for your servers (gateway and DC). If you
really want to run DHCP from your gateway, be sure it is configured to only
service clients on its virtual side, and that all pertinent information is
correct (gateway information for the scope options should point to its
internal IP, DNS should point to the DC). Keep in mind that DHCP could also
run from your DC. This will guarantee that the DHCP broadcasts will stay in
the virtual environment. Just a thought.

As far as DNS, the DC should point to itself. As far as the gateway, the
internal IP needs no DNS configuration. The external one will need to be
configured in a way to get to the Internet (probably your ADSL/Cable modem,
or other Internet connection). When you configure DNS on the DC, put the
address of your Internet connection device (router or modem) in the DNS
forwarders section. That way when any client sends a DNS request to your
DNS server, and it doesn't have a record for it, it can query the router
(which will in turn send the request to your ISP, and so on).

No special configs for the clients, other than their network adapters being
bound to the "Local Only" option.

Check ou the attached diagram for somewhat of a visual.


Hope this helps.


Paul Yhonquea



"jcwi65" <guest@xxxxxx-email.com> wrote in message
news:9d7d25029ae046c96e15836a9cb1806e@xxxxxx-gateway.com...

Hello jcwi65,


I made an error in the diagram. The gateway's VM network adapter1 should be
the "Local Ony" adapter and the other one should be the one bound to the
physical adapter. IP address information should stay the same, just the
labels were off. My bad.


Paul Yhonquea



"Paul Yhonquea" <none@xxxxxx> wrote in message
news:eWkMhGdHKHA.3928@xxxxxx

The diagram did not come through, can you repost it? Your information has been very helpful. I have not been able to test it and will be doing so momentarily.

Here is the attachment (hope it goes through this time). It is a GIF file.
I have made the corrections that I spoke of earlier, so this diagram is
correct.


Hope this helps.


Paul Yhonquea


"jcwi65" <guest@xxxxxx-email.com> wrote in message
news:ce9b6ffc2d49bb6b0772b63146764c63@xxxxxx-gateway.com...

If you are viewing the thread from Microsoft's discussions website, it
doesn't seem to support attachments. Maybe a newsreader such as Outlook
Express? Or I can email it you you would like.

Let me know.


Paul Yhonquea



"jcwi65" <guest@xxxxxx-email.com> wrote in message
news:ce9b6ffc2d49bb6b0772b63146764c63@xxxxxx-gateway.com...

removal of email address from public view

"jcwi65" <guest@xxxxxx-email.com> wrote in message
news:6c865620feada81fa2945f6f8cee7c9a@xxxxxx-gateway.com...You need to be careful using NAT with Active Directory. This has nothing
to do with VPC. It applies as well on "real" machines on "real" networks.
The way that NAT handles DNS (ie the NAT server acting as a DNS proxy) is
not compatible with AD.

Put your server in Local Only and give it a static IP in its own IP
subnet. Use dcpromo to create a domain and let dcpromo set up DNS for you. I
would also configure DHCP on the DC and authorize it in AD.

Use RRAS in one of your servers (not the DC) as a NAT router to the
physical network. One NIC connects to the physical network through the NIC
in the host machine. The other NIC is in Local Only and is the default
gateway for your private LAN. Do not configure RRAS to do DHCP or DNS proxy.

Configure the DHCP scope to give your AD clients the NAT router's private
IP as their default gateway but the DC as their DNS server. Configure your
local DNS to forward to a public DNS server (so that it can resolve foreign
URLs as well as local SRV records).

Here is how my network looked when I ran a domain using VPC.

Internet
|
Netgear
192.168.0.1
|
Local Network (workgroup)
192.168.0.x dg 192.168.0.1
|
192.168.0.254 dg 192.168.0.1
RRAS/NAT
192.168.31.254 dg blank
|
DC
192.168.31.11 dg 192.168.31.254
|
AD members
192.168.31.x dg 192.168.31.254 dns 192.168.31.11

Bill,

This is pretty much what I was suggesting to jcwi65, but you did lay out the
technical details a bit better. Forgot about the piece dealing with
authorizing the DHCP server.

Paul Yhonquea


"Bill Grant" <not.available@xxxxxx> wrote in message
news:ezluDggHKHA.3708@xxxxxx

In what I have gathered from this information, the RRAS should be setup to connect two networks and not use any of the NAT options?