Router - VyOS: Difference between revisions

From AAISP Support Site
No edit summary
(Added configuration commands for PPPoE)
Line 30: Line 30:
== Configuring PPPoE ==
== Configuring PPPoE ==


This configures PPPoE on the WAN interface (eth1).
TBC

* Replace the <code>user-id</code> and <code>password</code> with your AAISP username and password
* Note that IPv6 has to be explicitly enabled on the PPPoE interface
* Unlike IPv4, routing for IPv6 isn't enabled automatically when the interface comes up. I had to add a default static route for IPv6.

<pre>
set interface ethernet eth1 description "WAN"

set interface ethernet eth1 pppoe 0 user-id mxxxx@a.1
set interface ethernet eth1 pppoe 0 password xxxx
set interface ethernet eth1 pppoe 0 mtu 1492
set interface ethernet eth1 pppoe 0 default-route auto
set interface ethernet eth1 pppoe 0 name-server auto
set interface ethernet eth1 pppoe 0 enable-ipv6
set interface ethernet eth1 pppoe 0 ipv6 address autoconf

set protocols static interface-route6 ::/0 next-hop-interface pppoe0
</pre>


== Example Configuration ==
== Example Configuration ==

Revision as of 21:06, 7 Ocak 2020

VyOS is an Open Source router operating system built on top of Debian Linux. Rather than having to configure lots of different software packages, everything is control through a single configuration file and it uses a command-line based configuration interface, similar to Juniper's Junos OS. It is based on Vyatta (as is Ubiquiti's EdgeOS).

Documentation for VyOS is available here: https://vyos.readthedocs.io/en/latest/


Hardware

VyOS runs on standard x86 PC hardware (note that version 1.2+ requires 64-bit hardware).


Installing

VyOS is open source (available on GitHub), however the stable (Long Term Support) releases (with a version number) are only available with a very expensive subscription.

Rolling releases, built nightly, are available for free and can be downloaded here: https://downloads.vyos.io/?dir=rolling/current/amd64

After downloading an ISO, copy it on to a USB drive (I used Etcher) and then boot off the USB drive to run the install image command. Full install instructions here: https://vyos.readthedocs.io/en/latest/install.html


Configuring network Interfaces

TBC

Configuring PPPoE

This configures PPPoE on the WAN interface (eth1).

  • Replace the user-id and password with your AAISP username and password
  • Note that IPv6 has to be explicitly enabled on the PPPoE interface
  • Unlike IPv4, routing for IPv6 isn't enabled automatically when the interface comes up. I had to add a default static route for IPv6.
set interface ethernet eth1 description "WAN"

set interface ethernet eth1 pppoe 0 user-id mxxxx@a.1
set interface ethernet eth1 pppoe 0 password xxxx
set interface ethernet eth1 pppoe 0 mtu 1492
set interface ethernet eth1 pppoe 0 default-route auto
set interface ethernet eth1 pppoe 0 name-server auto
set interface ethernet eth1 pppoe 0 enable-ipv6
set interface ethernet eth1 pppoe 0 ipv6 address autoconf

set protocols static interface-route6 ::/0 next-hop-interface pppoe0

Example Configuration

  • The first network interface (eth0) is connected to the local LAN
  • The second network interface (eth1) is connected to a VDSL modem for PPPoE
  • IPv4 NAT is configured for LAN devices to access the Internet
  • Passwords (***) and placeholders (xxxx) need to be replaced with your own details
  • No firewall is configured in this example
interfaces {
    ethernet eth0 {
        description LAN
        address 192.168.1.1/24
        address 2001:8b0:xxxx::1/64
        ipv6 {
            router-advert {
                send-advert true
                prefix 2001:8b0:xxxx::/64 {
                }
            }
        }
    }
    ethernet eth1 {
        description WAN
        duplex auto
        speed auto
        pppoe 0 {
            default-route auto
            enable-ipv6
            ipv6 {
                address {
                    autoconf
                }
            }
            mtu 1492
            name-server auto
            user-id mxxx@a.1
            password ****************
        }
    }
    loopback lo {
    }
}
nat {
    source {
        rule 100 {
            description "NAT for IPv4 on LAN"
            outbound-interface pppoe0
            source {
                address 192.168.1.0/24
            }
            translation {
                address masquerade
            }
        }
    }
}
protocols {
    static {
        interface-route6 ::/0 {
            next-hop-interface pppoe0 {
            }
        }
    }
}
service {
    dhcp-server {
        shared-network-name LAN {
            authoritative
            subnet 192.168.1.0/24 {
                default-router 192.168.1.1
                dns-server 217.169.20.20
                dns-server 217.169.20.21
                domain-name example.com
                lease 86400
                range 0 {
                    start 192.168.1.100
                    stop 192.168.1.200
                }
            }
        }
    }
    ssh {
        port 22
    }
}
system {
    config-management {
        commit-revisions 100
    }
    console {
        device ttyS0 {
            speed 115200
        }
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password ****************
                plaintext-password ****************
            }
            level admin
        }
    }
    ntp {
        server time.aa.net.uk {
        }
        server 0.uk.pool.ntp.org {
        }
        server 1.uk.pool.ntp.org {
        }
    }
    syslog {
        global {
            facility all {
                level info
            }
            facility protocols {
                level debug
            }
        }
    }
}