Let's do some network planning. Our Wired Network will be on the 10.10.10.0/24 range.
We will assign 10.10.10.254 to the Router (VyOS). Our physical hosts, where we install the HyperVisors, will also be part of their network, The Ethernet NIC on our Main PC will use an easy to remember address (10.10.10.10), as we have seen on the previous post. 10.10.10.1 will be our Main DNS Server (VM), which we haven't setup yet.
Let's move on the Router (VyOS) setup.
Similarly with Cisco devices, we will use the configure option in order to move to the edit mode, where we will be able to do changes. First of all we will change the Device name using the set system host-name <Device_Name>.The changes won't apply until we use the commit option. Actually, those changes will be wiped when we restart the Router, unless we use the save option.
Important Note: All the commands below were applied using the console. Ideally you may want to enable SSH and connect to that VM using a Windows machine. Then you can copy paste any commands needed. In order to SSH we have give the VM an IP Address first. You can see the benefits of SSH on another post. We need to use the
set service ssh
to allow SSH connection. Then we can connect using the admin login/password.
To go back to the normal mode, we can type exit. If we type exit again, we log off from the console. We can use login/password: vyos/vyos to log back in.
This is also a Linux machine, so we can use Linux commands, for example ip a to check the IP network configuration. We can see the two NICs (eth0 and eth1). As we can see both interfaces do not have an IP Address configured yet.
eth0 is the Bridged Wireless adapter, while eth1 is the Bridged Wired adapter. So we will set eth1 with IP Address 10.10.10.254/24.
*Make sure that you are on the edit mode, else you will get the error below
The Wireless Network is managed by my home WiFi, so I will leave my WiFi Router to give an IP Address to eth0 (DHCP). Similarly with the Cisco cli, we can use ? (question mark) to see our available options set interface ethernet <interface_name> address ?
The commit option will apply the changes, which also triggers the DHCP client service to start on our VyOS Router - no manual configuration required.
The ip a option will show us the configured IP Addresses, but lets use the VyOS commands. On the priviledged mode (#) we can check our options using ?
There we can only see the settings applied.
Exit the privileged mode and let's check our option.
We can use the show interfaces ethernet [detailed] or we could check only one interface show interfaces ethernet <interface> which is a detailed view of that specific interface.
So we have configured our Main PC (10.10.10.10) and the Virtual Router (10.10.10.254) with the correct IP Address. Let's try to ping each other. We will ping from the VyOS to the Physical Host. We get no reply from the host, and when we press Ctl + C to escape the PING tool, we can see the result - 0 received.
If we try to ping from the PC (10.10.10.10) to the VyOS (10.10.10.254) we get responses.
If we check windows firewall, using the wf.msc cmd command
We will go to the Inbound Rules and see that there is a Rule
File and Printer Sharing (Echo Request - ICMPv4-In) for Public Profile, that is not enabled.
The Windows default action is to block any Inbound traffic that doesn't have a configured or enabled Inbound Rule. On the other side VyOS firewall doesn't block ping commands.
Our wired network is considered as public, and that is the reason why the PING is blocked. We can right click and enable this rule.
And we can confirm that we have basic connectivity between the two devices.
Since we got an IP Address from DHCP Server (WiFi Router), the default gateway of our Router is also configured, so we can ping a public IP Address.
We also got DNS Settings from our WiFi Router, so we can ping a hostname, as any other home Device.
No comments:
Post a Comment