Lab 5: prerequisites

  1. Install Docker CE from here or use the Linux VM with docker already installed
  2. Make sure you have docker-compose installed. If it is not installed, install it from here (if using the Linux VM above, follow the instructions here to also install docker-compose)
  3. Download the zip file and uncompress it
  4. Run docker-compose up from inside the zip folder to run the container network
$ docker-compose up
Creating network "lab5_firewall_default" with driver "bridge"
Creating network "lab5_firewall_lan0" with driver "bridge"
Creating network "lab5_firewall_lan1" with driver "bridge"
Creating lab5_firewall_firewall_1 ... done
Creating lab5_firewall_host2_1    ... done
Creating lab5_firewall_host3_1    ... done
Creating lab5_firewall_fix_1      ... done
Creating lab5_firewall_host1_1    ... done
Attaching to lab5_firewall_fix_1, lab5_firewall_host3_1, lab5_firewall_host1_1, lab5_firewall_host2_1, lab5_firewall_firewall_1
lab5_firewall_fix_1 exited with code 0

The above command will create a network composed of

  • two subnets and, recall that /16 means that addresses will have the first two bytes fixed, i.e., 172.30.*.* and 172.31.*.*
  • three hosts: host1 (, host2 ( in the first subnet and host3 ( in the second subnet
  • one firewall, in between, with three interfaces with IPs,,

Network is depicted in the following figure:
You can attach to each container running docker-compose exec <container> bash  in another terminal

$ docker-compose exec firewall bash
firewall # exit
$ docker-compose exec host1 bash
host1 #

To stop docker-compose use ctrl-C, then remove all containers and networks use docker-compose down .

$ docker-compose down
Removing lab5_firewall_host3_1    ... done
Removing lab5_firewall_host2_1    ... done
Removing lab5_firewall_host1_1    ... done
Removing lab5_firewall_firewall_1 ... done
Removing lab5_firewall_fix_1      ... done
Removing network lab5_firewall_default
Removing network lab5_firewall_lan0
Removing network lab5_firewall_lan1

Go to task 1!