Router - VyOS
VyOS is an Open Source router operating system built on top of Debian Linux. Rather than having to configure lots of different software packages, everything is control through a single configuration file and it uses a command-line based configuration interface, similar to Juniper's Junos OS. It is based on Vyatta (as is Ubiquiti's EdgeOS).
Documentation for VyOS is available here: https://vyos.readthedocs.io/en/latest/
Hardware
VyOS runs on standard x86 PC hardware (note that version 1.2+ requires 64-bit hardware).
- PC Engines APU2 is x86 hardware with 2-4 network interfaces, with rack-mount enclosures available
- Old Thin Clients on eBay can make cheap routers, as most are fan-less and come with flash storage
- More in the VyOS 'bare metal' documentation
Installing
VyOS is open source (available on GitHub), however the stable (Long Term Support) releases (with a version number) are only available with a very expensive subscription.
Rolling releases, built nightly, are available for free and can be downloaded here: https://downloads.vyos.io/?dir=rolling/current/amd64
After downloading an ISO, copy it on to a USB drive (I used Etcher) and then boot off the USB drive to run the install image command.
Full install instructions here: https://vyos.readthedocs.io/en/latest/install.html
Configuring network Interfaces
TBC
Configuring PPPoE
TBC
Example Configuration
- The first network interface (eth0) is connected to the local LAN
- The second network interface (eth1) is connected to a VDSL modem for PPPoE
- IPv4 NAT is configured for LAN devices to access the Internet
- Passwords (***) and placeholders (xxxx) need to be replaced with your own details
- No firewall is configured in this example
interfaces {
ethernet eth0 {
description LAN
address 192.168.1.1/24
address 2001:8b0:xxxx::1/64
ipv6 {
router-advert {
send-advert true
prefix 2001:8b0:xxxx::/64 {
}
}
}
}
ethernet eth1 {
description WAN
duplex auto
speed auto
pppoe 0 {
default-route auto
enable-ipv6
ipv6 {
address {
autoconf
}
}
mtu 1492
name-server auto
user-id mxxx@a.1
password ****************
}
}
loopback lo {
}
}
nat {
source {
rule 100 {
description "NAT for IPv4 on LAN"
outbound-interface pppoe0
source {
address 192.168.1.0/24
}
translation {
address masquerade
}
}
}
}
protocols {
static {
interface-route6 ::/0 {
next-hop-interface pppoe0 {
}
}
}
}
service {
dhcp-server {
shared-network-name LAN {
authoritative
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 217.169.20.20
dns-server 217.169.20.21
domain-name example.com
lease 86400
range 0 {
start 192.168.1.100
stop 192.168.1.200
}
}
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 100
}
console {
device ttyS0 {
speed 115200
}
}
host-name vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
}
ntp {
server time.aa.net.uk {
}
server 0.uk.pool.ntp.org {
}
server 1.uk.pool.ntp.org {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
}