Using VMware to run a linux router/firewall build on an XP pro machine.

[robmurphy]

What I want to do is get rid of the router (Netgear WGT624 v3) I have. I'm trying to cut down the power used as one of my systems is on 24/7. I still want to have the machine connected to the internet through a firewall with a private IP address.

What I would like to do is add an ethernet card to the PC and connect the cable modem to this. This would feed into the linux virtual machine. The Virtual machine would have 2 outputs: one to the host machine and another through the gigabit ethernet port on the motherboard. Ideally this port would be shared by the virtual machine and the host machine. In this way file/printer sharing on the LAN side will not have to go through the virtual machine.

The idea of doing this is under the normal backround load the power used is reduced from about 50W (including the router) to 40W. I suspect the the router uses much the same power idle as it does under load.

Using something like smoothwall on VMware should allow a much better solution than relying on a firewall running on XP and using ICS.

Has anyone tried doing something like this?

 

[drebo]

The power consumption of that NetGear router is far less than the added power consumption would be running a virtual machine on your computer. VMWare does add overhead, and that overhead would be more costly on your computer than running a discrete SOHO router.

 

[her209]

Run a transparent proxy server on the VM too.

 

[xSauronx]

Originally posted by: her209
Run a transparent proxy server on the VM too.

and use google. im willing to bet this has been done, though more likely where the VM router is used to route for other VMS

 

[robmurphy]

I have googled this. From doing a search I already know that Smoothwall is availabled, as best I understand it, as an image for vmplayer/vmserver.

I raised the thread to see if anyone else had tried this. If this worked the people could get a router with many facilities for sacrficing a little performance on 1 PC in the home network.

My main concerns are performance as a router, and making sure the solution does not negatively affect PC to PC transfers over the LAN, especialy to/from the host PC.

The host PC is an bit of a mongrel. Originally it was an HP/Compaq SR1340. It now has the uATX Gigabyte motherboard with the 780G chipset, 2 Gig of ram (2 * 1), and a 4850E cpu. I'm hoping the Cool 'n' quiet will still work when running a linux image using VMware. That way with no/little ethernet traffic the power consumption should be the same as at present with little/no load.

Rob.

 

[JackMDS]

To act as a software Router it needs two NICs.

One to connect to the Modem and the other to get out to the network.

Can a Virtual Computer with smoothwall have two NICs?

Giving that the whole thing need to work through a host I doubt that it can be done.

Even if it can work, saving 10 to 20 watts. and getting (I.e about 1KWh for 24 hours) and in turn have a Quirky choppy Network? Nah.

Being careful about how people in the house hold open and close the fridge door probably would save more.

 

[Mogadon]

It's possible to configure a virtual machine with multiple NICs.

I imagine it would work but without testing it I can't say how well, i've been meaning to check it out myself.

Try looking at some of the smoothwall or virtual machine specific forums around, there's probably people that have tried it.

Here's something I found in the smoothwall knowledge base.

 

[JackMDS]

Originally posted by: JackMDS

Can a Virtual Computer with smoothwall have two NICs?

Did some searching.

This might be a starting point, http://communities.vmware.com/thread/104079

http://www.vmware.com/appliances/directory/10

Please try and let us know.

 

[Mogadon]

Good info, I imagine you'd want 3 NICs, at least. 2 for smoothwall and 1 for the other vm/vm's (or more if needed).

I downloaded one of the smoothwall vmware images, I have a bunch of NICs at the office so I might test it out tomorrow.

 

[Jamsan]

VMWare (Server anyways, not sure about player) should have no issue handling multiple NICs. You could have the multiple virtual NICS be on the same physical NIC, but i wouldn't recommend that. Have 2 dedicated NICs on the host and dedicate them to the virtual machine. One should go to the modem, and the other should go to a switch (gigabit is cheap enough now-a-days). Since all of your LAN to LAN transfers are on the same subnet, the packets will be switched by the switch, and will not go through the router at all, so it shouldn't affect those transfers at all.

 

[JackMDS]

Hmm... it seems that there might be away to do it with Microsoft VPC too.

I do not have the time to try. If some one does try, please post here your notes about it.

http://blogs.msdn.com/virtual_...2005/01/06/347965.aspx

 

[robmurphy]

The virtual router will need 3 NICs I think, 1 for the connection to the internet, 1 for the host machine to connect to the internet, and another on the LAN subnet for other machines to connect to the internet. The physical NICs required should be 2. The connection for the host machine to access the internet would be a virtual NIC.

The host machine is my main machine, and does most of the internet accesses. The idea is to not have a quirky network.

Often it is recomended here to use on old PC (pentium 2 or above) with a linux build like smoothwall as a router/firewall. This is often recomended to get over the limitations of the usual home routers. Why not use the linux router, but have it run under VMware?

Rob.

 

[Mogadon]

Here's a link to a pdf where a guy sets up a VPN using a smoothwall vm on vmware using latest version of smoothwall.

http://www.texascollaborative....es/VPN%20Setup%202.pdf

 

[JackMDS]

The so called Entry Level Cable/DSL Routers are actually small computers (486 or P-II level in many cases) that have small amount of memory, and firmware that serve as the OS (many of them are using variation of Linux as their firmware/OS).

It has (sort of) two NICs (WAN Port, and LAN side); the LAN side feeds directly the 4 ports switch that is part of the combo.

Same idea is with using a computer with a variance of Linux.
Why some people are using a whole computer?
1. Coz many of them considers it is Chique/Cool.

2. A fully configured computer can provide power and special setting that the Puny Wireless Router cannot. In some cases this extra Power and flexibility is needed.

Windows 2003 with ISA server is even better and many corporations use it. C Unfortunately the cost of it is Not very feasible for enthusiasts.

The awkwardness of the Virtual approach has to do with the way the Virtual NICs are implemented, and I do not think it would dramatically change in the near future.

Similarly there is No Wireless Virtual machine either.
Virtual machine can use a Host with Wireless card but it sees the card as a regular NIC.
As an example, VPC2007 is a virtual Intel Pro 10/100 no matter what the real NIC on the host is.