Vyatta Quick Setup
This is a quick guide setup guide for the Vyatta open source router. This article assumes that you have already installed Vyatta either on physical hardware or in a virtual machine. For more information on creating a private network in ESXi Server see this article.
Vyatta can be downloaded from http://www.vyatta.org
Version 6.3 has a new LiveCD installer so there is a little work to get it going.
I used the VI Client to create a new VM. Select File, then New Virtual Machine.
Choose the following Settings:
Configuration: Custom
Name: "MyVyatta" Note: This name is whatever you want it to be.
Datastore: Choose the datsstore you wish Vyatta to install on.
Virtual Machine Version: 7
Guest OS: Linux/Other 2.6x Linux
CPU: "1"
Memory: "512"
Network: "2" / vmxnet3
SCSI Controller: keep the defaults
Select a Disk: keep the default
Create a Disk: "4"GB then select thin provisioning
Select the box to customize the configuration prior to completing the VM creation and do the following:
Click CD/DVD Drive 1
Select "Connect at power on"
Select Device Type: "Datastore ISO File"
Click "Browse..." and choose the LiveCD ISO file that you got from Vyatta.org
Start the new VM.
When it boots to the login prompt, login with a user and a password of "vyatta"
Now its time to install. Do this type
#install-image
Choose all of the defaults and when the install is complete type
#shutdown
Once it's shutdown, go back to the VI Client and select the Vyatta VM. Go to Edit Setting and do the following.
Click CD/DVD Drive 1
Unselect "Connect at power on"
Select Device Type: "Client Device"
Start the Vyatta VM and once it powers up, log back in.
Once you are logged into the Vyatta console you need to enter configuration mode, this is done by typing “configure” in the console.
#configure
Next use the show interfaces command to see the network configuration of your Vyatta router.
By using the MAC address of your network card you should be able to match your network card to the correct Vyatta ethernet interface.
You must set the IP address range for the Private Network in Vyatta. Because my private network is on eth1 I will use the following command to give it a static IP address.
#set interfaces ethernet eth1 address 192.168.1.1/24
Then commit the IP address by using the commit command
#commit
If you have a PC with a statically assigned IP address on the private network, you can test if the IP address took by pinging the IP address of your router inside of a virtual machine on the private network, if not, just continue.
Give the router a hostname and domain name by entering the following commands
#set system host-name <your-router-name>
#set system domain-name <your.domain.name>
Set up the Timzone by typing
#set system time-zone <your-time-zone>
Hit the tab key for timezone options.
#commit
Now we setup external interface to gets its address from a DHCP server. Please note, if you need PPPOE for your internet provider you will need to take other steps. My internet provider uses DHCP so I don't have the ability to test any other configuration
#set interfaces ethernet eth0 address dhcp
Now that the hostname, domain name, and IP information is set, its time to configure the private network to have a DHCP server.
The process below enables the DHCP server for the 192.168.1.0/24 network. It will distribute IP addresses at 50 and stop at 100. I also setup the outside DNS server and the default router for the DHCP server to give to clients.
This command names the network PRIVATE and sets the DHCP address range to start at 192.168.1.50
#set service dhcp-server shared-network-name PRIVATE subnet 192.168.1.0/24 start 192.168.1.50
Now we tell the DHCP server to stop handing out addresses at 100
#set service dhcp-server shared-network-name Home subnet 192.168.10.0/24 start 192.168.1.50 stop 192.168.1.100
Now setup the DNS and Default gateway. I use OpenDNS for my all of my DNS needs, it's free and allows for content filtering.
#set service dhcp-server shared-network-name PRIVATE subnet 192.168.1.0/24 dns-server 208.67.222.222
#set service dhcp-server shared-network-name PRIVATE subnet 192.168.1.0/24 dns-server 208.67.222.222
#set service dhcp-server shared-network-name PRIVATE subnet 192.168.1.0/24 default-router 192.168.1.1
The last step to setup connectivity for the private network is to setup NAT. NAT will allow you to connect to the internet from any device on the private network.
#Set service nat rule 10 type masquerade
#Set service nat rule 10 source address 192.168.1.0/24
#Set service nat rule 10 outbound-interface eth0
#commit
#save
#exit
Once you have added NAT, check to see if your private network PC can access the internet. At this point, there should be full access from the private network to anywhere on your network.
Tidak ada komentar:
Posting Komentar