Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router - VyOS: Difference between revisions

← Older edit
Content deleted Content added
Nhumfrey (talk | contribs)
57 edits
Added install section
Nhumfrey (talk | contribs)
57 edits
m Grammer fixes
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
[https://www.vyos.net/ VyOS] is an Open Source router operating system built on top of Debian Linux.
[https://www.vyos.net/ VyOS] is an Open Source router operating system built on top of Debian Linux.
Rather than having to configure lots of different software packages, everything is control through a single configuration file and it uses a command-line based configuration interface, similar to Juniper's JunOS. It is based on Vyatta (as is Ubiquiti's EdgeOS).
Rather than having to configure lots of different software packages, everything is controlled through a single configuration file and it uses a command-line based configuration interface, similar to Juniper's Junos OS. It is based on Vyatta (as is Ubiquiti's EdgeOS).


Documentation for VyOS is available here: https://vyos.readthedocs.io/en/latest/
Documentation for VyOS is available here: https://vyos.readthedocs.io/en/latest/



== Hardware ==
== Hardware ==
Line 11: Line 12:
* Old [https://www.parkytowers.me.uk/thin/ Thin Clients] on eBay can make cheap routers, as most are fan-less and come with flash storage
* Old [https://www.parkytowers.me.uk/thin/ Thin Clients] on eBay can make cheap routers, as most are fan-less and come with flash storage
* More in the [https://vyos.readthedocs.io/en/latest/appendix/vyos-on-baremetal.html VyOS 'bare metal' documentation]
* More in the [https://vyos.readthedocs.io/en/latest/appendix/vyos-on-baremetal.html VyOS 'bare metal' documentation]



== Installing ==
== Installing ==
Line 22: Line 24:




== Configuring network Interfaces ==
== Configuring LAN Interface ==


This section describes how to configure the LAN interface (eth0) with an IP address and advertise addresses using SLAAC and DHCP.
TBC

First, configure addresses on the interface.
We are going to use the first /64 subnet of your IPv6 allocation for the LAN subnet.
<code>xxxx</code> needs to be replaced with your AAISP IPv6 allocation.

<pre>
set interface ethernet eth0 description "LAN"
set interface ethernet eth0 address 192.168.1.1/24
set interface ethernet eth0 address 2001:8b0:xxxx::1/64
</pre>

To configure SLAAC / IPv6 router advertisements enter the following two commands:
<pre>
set interface ethernet eth0 ipv6 router-advert send-advert true
set interface ethernet eth0 ipv6 router-advert prefix 2001:8b0:xxxx::/64
</pre>

Then to configure a DHCP server on the LAN interface:
<pre>
set service dhcp-server shared-network-name LAN authoritative
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 default-router '192.168.1.1'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server '217.169.20.20'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server '217.169.20.21'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 domain-name 'example.com'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 lease '86400'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 range 0 start '192.168.1.10'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 range 0 stop '192.168.1.250'
</pre>


== Configuring WAN / PPPoE ==

This section configures PPPoE on the WAN interface (eth1).

Replace the <code>user-id</code> and <code>password</code> with your AAISP username and password.
Note that IPv6 has to be explicitly enabled on the PPPoE interface.

<pre>
set interface ethernet eth1 description "WAN"
set interface ethernet eth1 pppoe 0 user-id mxxxx@a.1
set interface ethernet eth1 pppoe 0 password xxxx
set interface ethernet eth1 pppoe 0 mtu 1492
set interface ethernet eth1 pppoe 0 default-route auto
set interface ethernet eth1 pppoe 0 name-server auto
set interface ethernet eth1 pppoe 0 enable-ipv6
set interface ethernet eth1 pppoe 0 ipv6 address autoconf
</pre>

Unlike IPv4, routing for IPv6 isn't enabled automatically when the interface comes up. I had to add a default static route for IPv6.

<pre>
set protocols static interface-route6 ::/0 next-hop-interface pppoe0
</pre>


Finally, set up NAT, so that the private IPv4 addresses on the LAN interface can access the internet:

<pre>
set nat source rule 100 description "NAT for IPv4 on LAN"
set nat source rule 100 outbound-interface 'pppoe0'
set nat source rule 100 source address '192.168.1.0/24'
set nat source rule 100 translation address masquerade
</pre>


== Configuring PPPoE ==


== Complete Example Configuration ==
TBC


* The first network interface (eth0) is connected to the local LAN
== Example Configuration ==
* The second network interface (eth1) is connected to a VDSL modem for PPPoE
* IPv4 NAT is configured for LAN devices to access the Internet
* Passwords (***) and placeholders (xxxx) need to be replaced with your details
* No firewall is configured in this example


<pre>
<pre>
Line 100: Line 168:
lease 86400
lease 86400
range 0 {
range 0 {
start 192.168.1.100
start 192.168.1.10
stop 192.168.1.200
stop 192.168.1.250
}
}
}
}
Retrieved from "http://support.aa.net.uk/Router_-_VyOS"