Skip to content

Matt Adam

Tech Blog

Menu
  • Home
  • Home Lab
    • Home Lab
    • Home Lab with NSX-T
  • Kubernetes
    • Openshift
    • K3s
    • Tanzu
      • Tanzu – TKGs (WCP)
      • Tanzu – TKG (TKGm)
    • Avi Kubernetes Operator (AKO)
  • About
  • Privacy Policy
Menu

Home Lab – Deploy vyos Router

Posted on July 14, 2022September 8, 2022 by Matt Adam

The vyos router will be deployed inside vCenter and it’s sole function is to route between your home network and the NSX-T network. We will configure iBGP between the two, so that any new segments you add in NSX-T will auto populate to the vyos router. Likewise, we will NAT on the vyos, so that all the segments can get internet access.

Table of Contents

  • Deploy vyos Router in vCenter
    • Install vyos
    • Configure vyos

Deploy vyos Router in vCenter

Download the latest version of vyos here: https://s3-us.vyos.io/rolling/current/vyos-rolling-latest.iso

I’m not going to go step by step through the process of creating a VM and attaching the ISO, see previous guides for that. 2cpu and 8GB mem should be plenty. Disk size was 8GB

After the VM boots up, the default username is vyos, and password is vyos. Before you can ssh into the router, you will need to set an IP address using the vCenter Web Console.

Install vyos

Using vCenter Web Console, login: vyos:vyos and run the install command. There are a few options but it is simple to install.

install image

Configure vyos

I normally recommend rebooting immediately after installing vyos, and make sure to remove the content library iso file from the VM. All of the commands are below.

  1. configure the eth0 interface and enable ssh
  2. set mtu
  3. configure the eth1
  4. set the NAT rule for outbound on eth0
  5. configure BGP for NSX-T
reboot
configure
set interfaces ethernet eth0 address 192.168.3.17/24
set service ssh
set system name-server 192.168.3.6
set interfaces ethernet eth0 mtu 9000
set interfaces ethernet eth1 mtu 9000
set interfaces ethernet eth1 address 172.16.10.2/24
set nat source rule 100 source address 0.0.0.0/0
set nat source rule 100 outbound-interface eth0
set nat source rule 100 translation address masquerade
set protocols bgp local-as 65002
set protocols bgp neighbor 172.16.10.1 remote-as 65000
set protocols bgp neighbor 172.16.10.1 address-family ipv4-unicast
set protocols bgp address-family ipv4-unicast redistribute connected
set protocols bgp address-family ipv4-unicast redistribute kernel
set protocols bgp address-family ipv4-unicast redistribute static
set protocols static route 0.0.0.0/0 next-hop 192.168.3.1
commit
save

That’s it for now. Once NSX-T is configured, you should be able to run a “show ip bgp” and see all the learned routes. For now that iBGP link is down.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Upgrading the ESXi Node from vSphere7 to vSphere 8
  • Setting up the Kubernetes Dashboard
  • Running a DNS server in K3s
  • Raspberry Pi Kubernetes Cluster
  • Pod Routing: NodePort, ClusterIP, NodePortLocal

About

My name is Matt Adam and I’m a Product Line Manager at VMware.

I support the NSX Advanced Load Balancer (Avi Networks) with a focus on containers and Kubernetes. I have a background in load balancing, automation, development, and public cloud.

© 2023 Matt Adam | Powered by Minimalist Blog WordPress Theme