[Netkit.users] Making netkit communicate with honeyd

Deependra Singh Shekhawat deepsa at fedoraproject.org
Fri Jun 12 10:52:21 CEST 2009

Hash: SHA1

On 06/12/2009 02:14 PM, Massimo Rimondini wrote:
> Dear Deependra,
> I think I need some more clarification about the scenario.
>> I would like backtrack 3 to act as the media for the communication
>> between honeyd and netkit.
> So, Backtrack should act as a router between the Netkit and honeyd networks.
>> Honeyd simulates multiple routers which are connected in following way:
>> router 1 - (this is the entry router)
>> router 2 - connected to router 1
>> router 3 - connected to router 2
>> router 4 - connected to router 3
>> router 5 - connected to router 4
>> router 6 - connected to router 4
> Ok. I don't know in detail how honeyd operates, but I see that all the
> routers are on the same subnet (, and there are two things that
> sound strange to me in such a setting: (1) routers usually "separate"
> subnets and (2) to establish a chain of routers you need to equip each one
> with at least two network interfaces. Now, this configuration may be
> completely legal in honeyd, but I still miss the semantics.
>> Now router 5 and router connects to the first machine in netkit that is
> "and router ..."? You probably meant router 1.
>> This makes 2 possible paths to the netkit VM ( via the
>> honeyd network. Now when I ping it should go through the
>> honeyd network first (kind of like honeyd , entry router, acting as my
>> default gateway) and then to the netkit VM,
> Where do you ping from? From inside the honeyd network?
> Overall, the only thing that I can suggest at this stage is to check whether
> there are enough static routes in your Backtrack host and in Netkit to
> instruct them about where to send traffic directed to other subnets. Failing
> ARP resolutions may also be a reason for the problems you are reporting.
> Regards,
> Massimo.
> _______________________________________________
> Netkit.users mailing list
> Netkit.users at list.dia.uniroma3.it
> http://list.dia.uniroma3.it/mailman/listinfo/netkit.users
Hi Massimo,

I thank you very much for your quick reply and extremely sorry for not
providing the correct details , I just looked back to my mail and found
I posted some incorrect details about my honeyd config , please find it

# Router/Routes Setup
route entry
route link
route add net latency 68ms loss 0.2

route link
route add net latency 17ms loss 0.2

route link
route add net latency 9ms loss 0.1

route link
route add net latency 99ms loss 0.1

route link
route add net latency 92ms loss 0.2

route link
route add net latency 98ms
loss 0.2

route link
route add net latency 43ms
loss 0.2

route link
route add net latency 2ms loss 0.1

route link
route add net latency 47ms
loss 0.2

route link
route add net latency
34ms loss 0.1

route link
route link
route link
route link
route link
route link
route link
route link
route link
route link
route link

Now this is my honeyd config here you see multiple networks with
multiple routers. Now when I start honeyd before that I just do this:

# route add -net netmask lo

And then I start honeyd. Now I can actually ping and also
do traceroute on and see that my packet travels from all
the routers in the way

NOTE: I ping / traceroute from my backtrack 3 host which has three


I would like the router to end up communicating with the
netkit VM that is

You can't get login to honeyd routers as they are just simulated routers
with very basic functionality.

I can ping from Backtrack 3 because my netkit is configured
that way but what I would like to do is

ping from backtrack 3 which travels from honeyd first and
then end up in the netkit.

This requires honeyd to be able to communicate to the netkit VM.

I hope now I have clarified my situation a bit.

Also let me know what you think about the above honeyd config , I think
this time we don't have routers all on the same subnet or is it that
still we are on the same subnet? I would like to keep every router on
different subnet

Deependra Singh Shekhawat
- -- 
RHCE/RHCSS Certificate number: 804006843818597
Type: pub
bits/keyID: 1024D/483B234C
Date: 2007/06/29
Key Server: pgp.mit.edu
User ID: Deependra Singh Shekhawat (Fedora Project)
<jeevanullas at gmail.com> <deepsa at fedoraproject.org>
Key fingerprint: ED45 62EA A4D7 53FB 44C7  774A D55B F3F0 483B 234C
Version: GnuPG v1.4.9 (GNU/Linux)


More information about the Netkit.users mailing list