Posted on Network Router configuration

VyOS Installation and Router configuration

 

Untitled1

Fig:  Logical Network Diagram

Vyos Router Configuration Command line:

 

VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.

Summary of Network and IP setup:

Internet Router: Internet router which is directly connected with ISP, internal router and DC server.

Network Adapter name in this project:

1. NET601-14-GB-1 (External connection for Vyos 1, ISP)

2. NET601-14-GB-2 (Nelson Branch switch adapter)

3. NET601-14-GB-3 (Wellington branch switch adapter)

4. NET601-14-GB-4

5. NET601-14-GB-5 (Internal connection for vyos 1, internal connection for vy0s 2, DC Server, core server, administrative client machine)

DC server Network: 10.0.0.0/24

Core Server IP: Auto configure from DHCP server from DC server

VyOS 1 Internet router network: 172.16.1.0/24

Vyos 2 Internal router IP: 10.0.0.2/24

Nelson Network: 10.0.3.0/24

Wellington Network: 10.0.4.0/24

Installation:

default username:password of: vyos:vyos

vyos@vyos:~$ install image

Welcome to the VyOS install program.  This script will walk you through the process of installing the VyOS image to a local hard drive.

Would you like to continue? (Yes/No) [Yes]: [return]

Probing drives: OK

Looking for pre-existing RAID groups…none found.

The VyOS image will require a minimum 1000MB root.

Would you like me to try to partition a drive automatically

or would you rather partition it manually with parted?  If

you have already setup your partitions, you may skip this step

Partition (Auto/Parted/Skip) [Auto]: [return]

I found the following drives on your system: sda  2147MB

Install the image on? [sda]: [return]

This will destroy all data on /dev/sda. Continue? (Yes/No) [No]: Yes

How big of a root partition should I create? (1000MB – 2147MB) [2147]MB: [return]

Creating filesystem on /dev/sda1: OK

Done!

Mounting /dev/sda1…

What would you like to name this image? [VyOS_999.hydrogen.11291501]:

  1. This image will be named: VyOS_999.hydrogen.11291501

Copying squashfs image…

Copying kernel and initrd images…

Done!

I found the following configuration files:    /config/config.boot     /opt/vyatta/etc/config.boot.default

Which one should I copy to sda? [/config/config.boot]: [return]

Copying /config/config.boot to sda.

Enter password for administrator account

Enter password for user ‘vyos’:

Retype password for user ‘vyos’:

I need to install the GRUB boot loader.

I found the following drives on your system: sda  2147MB

Which drive should GRUB modify the boot partition on? [sda]: [return]

Setting up grub: OK

Done!

vyos@vyos:~$

Vyos 1 (Internet router configuration)

vyos@vyos# Set system host name “InternetRouter”        (Setup router hostname)

vyos@vyos# commit

vyos@vyos# save

vyos@vyos# exit

vyos @vyos ‘$ reboot now

Configure network interfaces:

vyos@Internetrouter# set interface ethernal eth0 address 172.16.1.9/24

vyos@Internetrouter# set int eth eth1 address 10.0.0.1/24

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set system gateway-address 172.16.1.1 ( gateway address configure)

vyos@Internetrouter# commit

vyos@Internetrouter# save

Enable SSH for remote management:

vyos@Internetrouter# set service ssh port 22 (ssh setup)

vyos@Internetrouter# commit

vyos@Internetrouter# save

Nat configure: Configure Source NAT for “Inside” network

vyos@Internetrouter# set nat source rule 100 outbound interface eth0

vyos@Internetrouter# set nat source rule 100 source address 10.0.0.0/24

vyos@Internetrouter# set nat source rule 100 translation address masquerade

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set nat source rule 200 outbound interface eth0

vyos@Internetrouter# set nat source rule 200 source address 10.0.3.0/24

vyos@Internetrouter# set nat source rule 200 translation address masquerade

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set nat source rule 300 outbound interface eth0

vyos@Internetrouter# set nat source rule 300 source address 10.0.4.0/24

vyos@Internetrouter# set nat source rule 300 translation address masquerade

vyos@Internetrouter# commit

vyos@Internetrouter# save

Static Route Configure:

vyos@Internetrouter# set protocols static route 0.0.0.0/0 next-hop 172.16.1.1

vyos@Internetrouter# set protocols static route 10.0.0.0/24 next-hop 172.16.1.1

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set protocols static route 10.0.3.0/24 next-hop 10.0.0.1

vyos@Internetrouter# set protocols static route 10.0.3.0/24 next-hop 10.0.0.2

vyos@Internetrouter# set protocols static route 10.0.3.0/24 next-hop 172.16.1.1

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set protocols static route 10.0.4.0/24 next-hop 10.0.0.1

vyos@Internetrouter# set protocols static route 10.0.4.0/24 next-hop 10.0.0.2

vyos@Internetrouter# set protocols static route 10.0.4.0/24 next-hop 172.16.1.1

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set protocols static route 172.16.1.0/24 next-hop 10.0.0.1

vyos@Internetrouter# set protocols static route 172.16.1.0/24 next-hop 10.0.0.2

vyos@Internetrouter# set protocols static route 172.16.1.0/24 next-hop 10.0.3.1

vyos@Internetrouter# set protocols static route 172.16.1.0/24 next-hop 10.0.4.1

vyos@Internetrouter# commit

vyos@Internetrouter# save

DNS forwarder configures:

vyos@Internetrouter#  Set service dns forwarding cache-size ‘0’

vyos@Internetrouter# set service dns forwarding listen-on ‘eth1’

vyos@Internetrouter#  set service dns forwarding name-server 172.16.1.1

Vyos 2 (Internal router configuration)

vyos@vyos# Set system host name “Internalrouter”        (Setup router hostname)

vyos@vyos# commit

vyos@vyos# save

vyos@vyos# exit

vyos @vyos ‘$ reboot now

Configure network interfaces:

vyos@Internalrouter# set interface ethernal eth0 address 10.0.0.2/24

vyos@Internalrouter# set interface ethernal eth0 address 10.0.3.1/24

vyos@Internalrouter# set interface ethernal eth0 address 10.0.4.1/24

vyos@Internetrouter# commit

vyos@Internetrouter# save

Enable SSH for remote management:

vyos@Internetrouter# set service ssh port 22 (ssh setup)

vyos@Internetrouter# commit

vyos@Internetrouter# save

Nat configure: Configure Source NAT for “Inside” network

vyos@Internalrouter# set nat source rule 200 outbound interface eth0

vyos@Internalrouter# set nat source rule 200 source address 10.0.3.0/24

vyos@Internalrouter# set nat source rule 200 translation address masquerade

vyos@Internalrouter# commit

vyos@Internalrouter# save

vyos@Internalrouter# set nat source rule 300 outbound interface eth0

vyos@Internalrouter# set nat source rule 300 source address 10.0.4.0/24

vyos@Internalrouter# set nat source rule 300 translation address masquerade

vyos@Internalrouter# commit

vyos@Internalrouter# save

Static Route Configure:

vyos@Internalrouter# set protocols static route 0.0.0.0/0 next-hop 10.0.0.1

vyos@Internalrouter# set protocols static route 10.0.3.0/24 next-hop 10.0.0.1

vyos@Internalrouter# set protocols static route 10.0.3.0/24 next-hop 10.0.0.2

vyos@Internalrouter# set protocols static route 10.0.4.0/24 next-hop 10.0.0.1

vyos@Internalrouter# set protocols static route 10.0.4.0/24 next-hop 10.0.0.2

vyos@Internetrouter# commit

vyos@Internetrouter# save

vyos@Internetrouter# set system gateway-address 10.0.0.1

vyos@Internetrouter# commit

vyos@Internetrouter# save

……………………………….

Thank you 🙂

 

 

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.