Lab 5: prerequisites

  1. Install Docker CE from here or use the Linux VM with docker already installed
  2. Make sure you have docker-compose installed. If it is not installed, install it from here (if using the Linux VM above, follow the instructions here to also install docker-compose)
  3. Download the zip file and uncompress it
  4. Run docker-compose up from inside the zip folder to run the container network
$ docker-compose up
[+] Running 7/7
⠿ Network lab5_firewall_lan0 Created 0.0s
⠿ Network lab5_firewall_lan1 Created 0.0s
⠿ Network lab5_firewall_default Created 0.0s
⠿ Container lab5_firewall-firewall-1 Created 0.1s
⠿ Container lab5_firewall-host2-1 Created 0.1s
⠿ Container lab5_firewall-host1-1 Created 0.1s
⠿ Container lab5_firewall-host3-1 Created 0.1s
Attaching to lab5_firewall-firewall-1, lab5_firewall-host1-1, lab5_firewall-host2-1, lab5_firewall-host3-1

The above command will create a network composed of

  • two subnets 172.30.0.0/16 and 172.31.0.0/16, recall that /16 means that addresses will have the first two bytes fixed, i.e., 172.30.*.* and 172.31.*.*
  • three hosts: host1 (172.30.0.10), host2 (127.30.0.12) in the first subnet and host3 (172.31.0.10) in the second subnet
  • one firewall, in between, with three interfaces with IPs 172.25.0.2, 172.30.0.2, 172.31.0.2

Network is depicted in the following scheme:

Internet ---------- 172.25.0.2 - (firewall) - 172.30.0.2 ------+-- 172.30.0.10 (host1)
                                      |                        |
                                 172.31.0.2                    +-- 172.30.0.12 (host2)
                                      |
                                      |
                                      +--- 172.31.0.10 (host3)

You can attach to each container running docker-compose exec <container> bash  in another terminal

$ docker-compose exec firewall bash
firewall # exit
$ docker-compose exec host1 bash
host1 #

To stop docker-compose use ctrl-C, then remove all containers and networks use docker-compose down .

^C
Gracefully stopping... (press Ctrl+C again to force)
[+] Running 4/4
⠿ Container lab5_firewall-host3-1 Stopped 10.3s
⠿ Container lab5_firewall-firewall-1 Stopped 10.5s
⠿ Container lab5_firewall-host1-1 Stopped 10.2s
⠿ Container lab5_firewall-host2-1 Stopped 10.2s
harry:LAB5_firewall focardi$ docker-compose down
[+] Running 7/7
⠿ Container lab5_firewall-host1-1 Removed 0.1s
⠿ Container lab5_firewall-host2-1 Removed 0.1s
⠿ Container lab5_firewall-host3-1 Removed 0.1s
⠿ Container lab5_firewall-firewall-1 Removed 0.1s
⠿ Network lab5_firewall_default Removed 0.1s
⠿ Network lab5_firewall_lan0 Removed 0.1s
⠿ Network lab5_firewall_lan1 Removed 0.2s

Go to task 1!