Router - VyOS: Difference between revisions
No edit summary |
(Added configuration commands for PPPoE) |
||
Line 30: | Line 30: | ||
== Configuring PPPoE == |
== Configuring PPPoE == |
||
This configures PPPoE on the WAN interface (eth1). |
|||
TBC |
|||
* Replace the <code>user-id</code> and <code>password</code> with your AAISP username and password |
|||
* Note that IPv6 has to be explicitly enabled on the PPPoE interface |
|||
* Unlike IPv4, routing for IPv6 isn't enabled automatically when the interface comes up. I had to add a default static route for IPv6. |
|||
<pre> |
|||
set interface ethernet eth1 description "WAN" |
|||
set interface ethernet eth1 pppoe 0 user-id mxxxx@a.1 |
|||
set interface ethernet eth1 pppoe 0 password xxxx |
|||
set interface ethernet eth1 pppoe 0 mtu 1492 |
|||
set interface ethernet eth1 pppoe 0 default-route auto |
|||
set interface ethernet eth1 pppoe 0 name-server auto |
|||
set interface ethernet eth1 pppoe 0 enable-ipv6 |
|||
set interface ethernet eth1 pppoe 0 ipv6 address autoconf |
|||
set protocols static interface-route6 ::/0 next-hop-interface pppoe0 |
|||
</pre> |
|||
== Example Configuration == |
== Example Configuration == |
Revision as of 21:06, 7 Ocak 2020
VyOS is an Open Source router operating system built on top of Debian Linux. Rather than having to configure lots of different software packages, everything is control through a single configuration file and it uses a command-line based configuration interface, similar to Juniper's Junos OS. It is based on Vyatta (as is Ubiquiti's EdgeOS).
Documentation for VyOS is available here: https://vyos.readthedocs.io/en/latest/
Hardware
VyOS runs on standard x86 PC hardware (note that version 1.2+ requires 64-bit hardware).
- PC Engines APU2 is x86 hardware with 2-4 network interfaces, with rack-mount enclosures available
- Old Thin Clients on eBay can make cheap routers, as most are fan-less and come with flash storage
- More in the VyOS 'bare metal' documentation
Installing
VyOS is open source (available on GitHub), however the stable (Long Term Support) releases (with a version number) are only available with a very expensive subscription.
Rolling releases, built nightly, are available for free and can be downloaded here: https://downloads.vyos.io/?dir=rolling/current/amd64
After downloading an ISO, copy it on to a USB drive (I used Etcher) and then boot off the USB drive to run the install image
command.
Full install instructions here: https://vyos.readthedocs.io/en/latest/install.html
Configuring network Interfaces
TBC
Configuring PPPoE
This configures PPPoE on the WAN interface (eth1).
- Replace the
user-id
andpassword
with your AAISP username and password - Note that IPv6 has to be explicitly enabled on the PPPoE interface
- Unlike IPv4, routing for IPv6 isn't enabled automatically when the interface comes up. I had to add a default static route for IPv6.
set interface ethernet eth1 description "WAN" set interface ethernet eth1 pppoe 0 user-id mxxxx@a.1 set interface ethernet eth1 pppoe 0 password xxxx set interface ethernet eth1 pppoe 0 mtu 1492 set interface ethernet eth1 pppoe 0 default-route auto set interface ethernet eth1 pppoe 0 name-server auto set interface ethernet eth1 pppoe 0 enable-ipv6 set interface ethernet eth1 pppoe 0 ipv6 address autoconf set protocols static interface-route6 ::/0 next-hop-interface pppoe0
Example Configuration
- The first network interface (eth0) is connected to the local LAN
- The second network interface (eth1) is connected to a VDSL modem for PPPoE
- IPv4 NAT is configured for LAN devices to access the Internet
- Passwords (***) and placeholders (xxxx) need to be replaced with your own details
- No firewall is configured in this example
interfaces { ethernet eth0 { description LAN address 192.168.1.1/24 address 2001:8b0:xxxx::1/64 ipv6 { router-advert { send-advert true prefix 2001:8b0:xxxx::/64 { } } } } ethernet eth1 { description WAN duplex auto speed auto pppoe 0 { default-route auto enable-ipv6 ipv6 { address { autoconf } } mtu 1492 name-server auto user-id mxxx@a.1 password **************** } } loopback lo { } } nat { source { rule 100 { description "NAT for IPv4 on LAN" outbound-interface pppoe0 source { address 192.168.1.0/24 } translation { address masquerade } } } } protocols { static { interface-route6 ::/0 { next-hop-interface pppoe0 { } } } } service { dhcp-server { shared-network-name LAN { authoritative subnet 192.168.1.0/24 { default-router 192.168.1.1 dns-server 217.169.20.20 dns-server 217.169.20.21 domain-name example.com lease 86400 range 0 { start 192.168.1.100 stop 192.168.1.200 } } } } ssh { port 22 } } system { config-management { commit-revisions 100 } console { device ttyS0 { speed 115200 } } host-name vyos login { user vyos { authentication { encrypted-password **************** plaintext-password **************** } level admin } } ntp { server time.aa.net.uk { } server 0.uk.pool.ntp.org { } server 1.uk.pool.ntp.org { } } syslog { global { facility all { level info } facility protocols { level debug } } } }