Scribd Logo
Upload

Welcome to Scribd!

  • Vyos Lab TXR

    Uploaded by

    fabio araujo
    8 views3 pages

    Original Title

    vyos-lab-txr

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views3 pages

    Vyos Lab TXR

    Uploaded by

    fabio araujo

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    /

    ***********************************************************************************
    *************
    ## ## Redes no VMware Workstation ##
    ## Rede "172" - rede local / Bridged - DHCP e Gateway no roteador TP-Link + saida
    para internet
    ## Rede 192.168.10.0/24 - HOST Only, DHCP e Gateway no Vmware Workstation
    ## Rede 192.168.11.0/24 - NAT, DHCP e Gateway no Vmware Workstation
    ## Rede 192.168.255.0/24 - Host Only / iSCSI + VSAN
    ##
    ## Redes que só existem no VyOS e nos hosts ESXi
    ## Rede 10.0.10.0/24 - VLAN 10 - Lan Segment VyOS - DHCP e Gateway (10.0.10.254) no
    vyOS
    ## Rede 10.0.20.0/24 - VLAN 20 - Lan Segment VyOS - DHCP e Gateway (10.0.20.254) no
    vyOS
    ## Rede 10.0.30.0/24 - VLAN 30 - Lan Segment VyOS - DHCP e Gateway (10.0.30.254) no
    vyOS
    ##
    ## OBS: São dua sopções: cria-se rota especifica em cada rede \ ou o VyOS tem que
    fazer o NAT (como o vmware workstation faria)
    ##
    ## Arquitetura
    ##
    ## Workstation: Vmnet0 (Bridged para 172.17.2.0/24), Rede-10 (Host Only), Rede-11
    (NAT), VyOS (Lan Segment)
    ## VyOS: tem uma perna em cada uma das redes acima
    ## eth0(Bridged)
    ## eth1(Rede-10)
    ## eth2(Rede-11)
    ## eth3(VyOS => LAN SEGMENT - Aqui entram as VLANS tagged 10, 20, 30, ...)
    ## a eth3 não tem IP, apenas as vifs eth3.10, eth3.20, eth3.30 tem os IPs
    final 254
    ## O VyOS faz DNS Forward (é opcional) então o VyOS deve ser o DNS Server nas
    redes em que o forward é habilitado.
    ##
    ## Distributed Switch: As portas de Uplink do DS são conectadas no Lan Segment VyOS
    ##
    ***********************************************************************************
    *************/

    configure

    set service ssh port 22

    set system host-name 'vyos'

    set interfaces ethernet eth0 address 172.17.2.254/24


    set interfaces ethernet eth0 description 'Rede local 172'

    set protocols static route 0.0.0.0/0 next-hop 172.17.2.1

    set interfaces ethernet eth1 address 192.168.10.254/24


    set interfaces ethernet eth1 description 'Rede local 10'

    set interfaces ethernet eth2 address 192.168.11.254/24


    set interfaces ethernet eth2 description 'Rede local 11'

    set interfaces ethernet eth3 description 'Trunk - Uplink Vmware'


    set interfaces ethernet eth3 vif 10 address 10.0.10.254/24
    set interfaces ethernet eth3 vif 10 description 'VLAN 10'
    set interfaces ethernet eth3 vif 20 address 10.0.20.254/24
    set interfaces ethernet eth3 vif 20 description 'VLAN 20'
    set interfaces ethernet eth3 vif 30 address 10.0.30.254/24
    set interfaces ethernet eth3 vif 30 description 'VLAN 30'

    set nat source rule 1 outbound-interface 'eth0'


    set nat source rule 1 source address '192.168.10.0/24'
    set nat source rule 1 translation address 'masquerade'

    set nat source rule 11 outbound-interface 'eth0'


    set nat source rule 11 source address '192.168.11.0/24'
    set nat source rule 11 translation address 'masquerade'

    set nat source rule 10 outbound-interface 'eth0'


    set nat source rule 10 source address '10.0.10.0/24'
    set nat source rule 10 translation address 'masquerade'

    set nat source rule 20 outbound-interface 'eth0'


    set nat source rule 20 source address '10.0.20.0/24'
    set nat source rule 20 translation address 'masquerade'

    set nat source rule 30 outbound-interface 'eth0'


    set nat source rule 30 source address '10.0.30.0/24'
    set nat source rule 30 translation address 'masquerade'

    set service dns forwarding cache-size '0'


    set service dns forwarding listen-address 10.0.10.254
    set service dns forwarding allow-from 10.0.10.0/24

    set service dns forwarding listen-address 10.0.20.254


    set service dns forwarding allow-from 10.0.20.0/24

    set service dns forwarding listen-address 10.0.30.254


    set service dns forwarding allow-from 10.0.30.0/24

    set service dns forwarding name-server '192.168.11.11'


    set service dns forwarding name-server '172.17.2.1'

    set service dhcp-server listen-address 10.0.10.254


    set service dhcp-server listen-address 10.0.20.254
    set service dhcp-server listen-address 10.0.30.254

    set service dhcp-server shared-network-name eth3.10 domain-name txrlab.local


    set service dhcp-server shared-network-name eth3.20 domain-name txrlab.local
    set service dhcp-server shared-network-name eth3.30 domain-name txrlab.local

    set service dhcp-server shared-network-name eth3.10 authoritative 'disable'


    set service dhcp-server shared-network-name eth3.10 subnet 10.0.10.0/24 range 10
    start 10.0.10.110
    set service dhcp-server shared-network-name eth3.10 subnet 10.0.10.0/24 range 10
    stop 10.0.10.160
    set service dhcp-server shared-network-name eth3.10 subnet 10.0.10.0/24 default-
    router 10.0.10.254
    set service dhcp-server shared-network-name eth3.10 subnet 10.0.10.0/24 name-server
    192.168.11.11
    set service dhcp-server shared-network-name eth3.10 subnet 10.0.10.0/24 lease 86400
    set service dhcp-server shared-network-name eth3.10 ping-check

    set service dhcp-server shared-network-name eth3.20 authoritative 'disable'


    set service dhcp-server shared-network-name eth3.20 subnet 10.0.20.0/24 range 20
    start 10.0.20.110
    set service dhcp-server shared-network-name eth3.20 subnet 10.0.20.0/24 range 20
    stop 10.0.20.160
    set service dhcp-server shared-network-name eth3.20 subnet 10.0.20.0/24 default-
    router 10.0.20.254
    set service dhcp-server shared-network-name eth3.20 subnet 10.0.20.0/24 name-server
    192.168.11.11
    set service dhcp-server shared-network-name eth3.20 subnet 10.0.20.0/24 lease 86400
    set service dhcp-server shared-network-name eth3.20 ping-check

    set service dhcp-server shared-network-name eth3.30 authoritative 'disable'


    set service dhcp-server shared-network-name eth3.30 subnet 10.0.30.0/24 range 30
    start 10.0.30.110
    set service dhcp-server shared-network-name eth3.30 subnet 10.0.30.0/24 range 30
    stop 10.0.30.160
    set service dhcp-server shared-network-name eth3.30 subnet 10.0.30.0/24 default-
    router 10.0.30.254
    set service dhcp-server shared-network-name eth3.30 subnet 10.0.30.0/24 name-server
    192.168.11.11
    set service dhcp-server shared-network-name eth3.30 subnet 10.0.30.0/24 lease 86400
    set service dhcp-server shared-network-name eth3.30 ping-check

    You might also like