Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router - VyOS: Difference between revisions

2,741 bytes added ,  11 January 2020
m
Grammer fixes
No edit summary
m (Grammer fixes)
 
(2 intermediate revisions by the same user not shown)
[https://www.vyos.net/ VyOS] is an Open Source router operating system built on top of Debian Linux.
Rather than having to configure lots of different software packages, everything is controlcontrolled through a single configuration file and it uses a command-line based configuration interface, similar to Juniper's Junos OS. It is based on Vyatta (as is Ubiquiti's EdgeOS).
 
Documentation for VyOS is available here: https://vyos.readthedocs.io/en/latest/
 
 
== Configuring networkLAN InterfacesInterface ==
 
This section describes how to configure the LAN interface (eth0) with an IP address and advertise addresses using SLAAC and DHCP.
TBC
 
First, configure addresses on the interface.
== Configuring PPPoE ==
We are going to use the first /64 subnet of your IPv6 allocation for the LAN subnet.
<code>xxxx</code> needs to be replaced with your AAISP IPv6 allocation.
 
<pre>
set interface ethernet eth0 description "LAN"
set interface ethernet eth0 address 192.168.1.1/24
set interface ethernet eth0 address 2001:8b0:xxxx::1/64
</pre>
 
To configure SLAAC / IPv6 router advertisements enter the following two commands:
<pre>
set interface ethernet eth0 ipv6 router-advert send-advert true
set interface ethernet eth0 ipv6 router-advert prefix 2001:8b0:xxxx::/64
</pre>
 
Then to configure a DHCP server on the LAN interface:
<pre>
set service dhcp-server shared-network-name LAN authoritative
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 default-router '192.168.1.1'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server '217.169.20.20'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server '217.169.20.21'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 domain-name 'example.com'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 lease '86400'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 range 0 start '192.168.1.10'
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 range 0 stop '192.168.1.250'
</pre>
 
 
== Configuring WAN / PPPoE ==
 
This section configures PPPoE on the WAN interface (eth1).
 
Replace the <code>user-id</code> and <code>password</code> with your AAISP username and password.
Note that IPv6 has to be explicitly enabled on the PPPoE interface.
 
<pre>
set interface ethernet eth1 description "WAN"
set interface ethernet eth1 pppoe 0 user-id mxxxx@a.1
set interface ethernet eth1 pppoe 0 password xxxx
set interface ethernet eth1 pppoe 0 mtu 1492
set interface ethernet eth1 pppoe 0 default-route auto
set interface ethernet eth1 pppoe 0 name-server auto
set interface ethernet eth1 pppoe 0 enable-ipv6
set interface ethernet eth1 pppoe 0 ipv6 address autoconf
</pre>
 
Unlike IPv4, routing for IPv6 isn't enabled automatically when the interface comes up. I had to add a default static route for IPv6.
 
<pre>
set protocols static interface-route6 ::/0 next-hop-interface pppoe0
</pre>
 
 
Finally, set up NAT, so that the private IPv4 addresses on the LAN interface can access the internet:
 
<pre>
set nat source rule 100 description "NAT for IPv4 on LAN"
set nat source rule 100 outbound-interface 'pppoe0'
set nat source rule 100 source address '192.168.1.0/24'
set nat source rule 100 translation address masquerade
</pre>
 
TBC
 
== Complete Example Configuration ==
 
* The first network interface (eth0) is connected to the local LAN
* The second network interface (eth1) is connected to a VDSL modem for PPPoE
* IPv4 NAT is configured for LAN devices to access the Internet
* Passwords (***) and placeholders (xxxx) need to be replaced with your own details
* No firewall is configured in this example
 
lease 86400
range 0 {
start 192.168.1.10010
stop 192.168.1.200250
}
}
57

edits