Skip to content

Instantly share code, notes, and snippets.

@hunzo

hunzo/vyos-example.md

Last active March 10, 2023 06:25
Show Gist options
  • Save hunzo/9f7a48856dc1b94d3df048d435d382c6 to your computer and use it in GitHub Desktop.
Save hunzo/9f7a48856dc1b94d3df048d435d382c6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
vyos-example.md

Vyos Example

install

install images

set static ip

set interfaces ethernet eth0 address 10.10.31.200/24

set dhcp client

set interfaces ethernet eth0 address dhcp

create vlan sub interface

set interfaces ethernet eth1 vif 1100 description 'VLAN 1100'
set interfaces ethernet eth1 vif 1100 address '10.100.100.1/24'

set interfaces ethernet eth1 vif 1101 description 'VLAN 1101'
set interfaces ethernet eth1 vif 1101 address '10.100.101.1/24'

set hostname

set system host-name 'VR-01'

enable ssh

set service ssh

enable snmp

set service snmp community COMUNITY_STRING
set service snmp contact email@domain.name
set service snmp location Building1

set ospf

R1

set interfaces loopback lo address '20.1.1.1/32'
set protocols ospf parameters router-id '20.1.1.1'
set protocols ospf area 0 network '10.40.0.180/30'
set protocols ospf area 0 network '20.1.1.1/32'
set protocols ospf area 0 network '20.100.100.0/24'

dhcp server

set service dhcp-server shared-network-name SERVER-NET-01 subnet 20.100.100.0/24 default-router '20.100.100.1'
set service dhcp-server shared-network-name SERVER-NET-01 subnet 20.100.100.0/24 domain-name 'nida.local'
set service dhcp-server shared-network-name SERVER-NET-01 subnet 20.100.100.0/24 lease '86400'
set service dhcp-server shared-network-name SERVER-NET-01 subnet 20.100.100.0/24 name-server '10.100.100.171'
set service dhcp-server shared-network-name SERVER-NET-01 subnet 20.100.100.0/24 range 0 start '20.100.100.100'
set service dhcp-server shared-network-name SERVER-NET-01 subnet 20.100.100.0/24 range 0 stop '20.100.100.200'

set service dhcp-server shared-network-name SERVER-NET-02 subnet 20.100.200.0/24 default-router '20.100.200.1'
set service dhcp-server shared-network-name SERVER-NET-02 subnet 20.100.200.0/24 domain-name 'nida.local'
set service dhcp-server shared-network-name SERVER-NET-02 subnet 20.100.200.0/24 lease '86400'
set service dhcp-server shared-network-name SERVER-NET-02 subnet 20.100.200.0/24 name-server '10.100.100.171'
set service dhcp-server shared-network-name SERVER-NET-02 subnet 20.100.200.0/24 range 0 start '20.100.200.100'
set service dhcp-server shared-network-name SERVER-NET-02 subnet 20.100.200.0/24 range 0 stop '20.100.200.200'

set dns forward

set service dns forwarding cache-size '0'
set service dns forwarding listen-address '10.100.100.171'
set service dns forwarding allow-from '10.100.100.0/24'
set service dns forwarding allow-from '10.100.101.0/24'
set service dns forwarding allow-from '202.44.72.0/24'
set service dns forwarding allow-from '202.44.73.0/24'
set service dns forwarding allow-from '10.10.39.0/24'

enable lldp

set service lldp
set service lldp management-address
set service lldp interface all

example bgp

R1

set interfaces ethernet eth0 address '10.1.1.1/29'
set interfaces ethernet eth1 vif 100 address '192.168.100.1/24'
set interfaces ethernet eth1 vif 100 description 'vlan100'
set interfaces loopback lo address '1.1.1.1/32'
set policy route-map all rule 2 action 'permit'
set protocols bgp address-family ipv4-unicast network 192.168.100.0/24 route-map 'all'
set protocols bgp neighbor 10.1.1.2 address-family ipv4-unicast route-map import 'all'
set protocols bgp neighbor 10.1.1.2 remote-as '65002'
set protocols bgp neighbor 10.1.1.3 address-family ipv4-unicast route-map import 'all'
set protocols bgp neighbor 10.1.1.3 remote-as '65003'
set protocols bgp neighbor 10.1.1.4 address-family ipv4-unicast route-map import 'all'
set protocols bgp neighbor 10.1.1.4 remote-as '65003'
set protocols bgp parameters router-id '1.1.1.1'
set protocols bgp system-as '65001'
set protocols static route 0.0.0.0/0 next-hop 10.1.1.2 interface 'eth0'
set service ssh port '22'
set system host-name 'R1'

R2

set interfaces ethernet eth0 address '10.1.1.2/29'
set interfaces ethernet eth1 vif 200 address '192.168.200.1/24'
set interfaces ethernet eth1 vif 200 description 'vlan200'
set interfaces ethernet eth2 address '10.10.31.213/24'
set interfaces loopback lo address '2.2.2.2/32'
set nat source rule 100 outbound-interface 'eth2'
set nat source rule 100 source address '0.0.0.0/0'
set nat source rule 100 translation address 'masquerade'
set policy route-map all rule 2 action 'permit'
set protocols bgp neighbor 10.1.1.1 address-family ipv4-unicast route-map import 'all'
set protocols bgp neighbor 10.1.1.1 remote-as '65001'
set protocols bgp parameters router-id '2.2.2.2'
set protocols bgp system-as '65002'
set protocols static route 0.0.0.0/0 next-hop 10.10.31.1
set service ssh port '22'
set system host-name 'R2'

ref

https://bertvv.github.io/cheat-sheets/VyOS.html
https://www.flackbox.com/vyos-router-installation-configuration-tutorial
https://support.vyos.io/en/kb/articles/bridge-interfaces
https://docs.vyos.io/en/latest/quick-start.html#dhcp-dns-quick-start
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment