Friday, June 20, 2008
Configuring a home Vyatta router with DHCP Client/Server and NAT
I struggled with this quite a bit the first time around finding a source of information to configure Vyatta's router solution just because examples are hard to find (not that there are any problems with it) so here is the configuration and examples that I had, I left IP addresses in there for examples but they may have to be changed depending on your home network setup
Before entering the below commands you have to be in configure mode and after commit them to memory (the commits are in there but will not put the configure in as you could do it all in one or multipule configure sessions)
Configure Outside interface for DHCP (eth0 is my outside interface)
Configure DHCP server for the internal network (note because of line wrap this looks funny but "set service" is the start of a new line that continues all the way to the next set service. One per line)
Set NAT (genaric rule to enable nat)
Forwarding SSH (creates a rule to forward ssh from any source to any destination that comes to the outside interface eth0 , this is because I have a dynamic IP address externaly so setting the destination is not useful and do not know the IP that I will be coming from) This acts like "port forwarding" in home routers
Before entering the below commands you have to be in configure mode and after commit them to memory (the commits are in there but will not put the configure in as you could do it all in one or multipule configure sessions)
Configure Outside interface for DHCP (eth0 is my outside interface)
dhclient eth0Configure inside interface with static IP address (eth1 is my inside interface)
commit
set interfaces ethernet eth1 address 192.168.11.1/24
commit
Configure DHCP server for the internal network (note because of line wrap this looks funny but "set service" is the start of a new line that continues all the way to the next set service. One per line)
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.10This toruns on the dhcp server for the 192.168.11.0/24 network and starts handing out IP addresses at 10 and stops at 50 I also set my outside DNS server as handed out by DHCP and the default router handed out
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.10 stop 192.168.11.50
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-server 24.159.193.40
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 default-router 192.168.11.1
commit
Set NAT (genaric rule to enable nat)
set service nat rule 1 outbound-interface eth0
set service nat rule 1 source address 192.168.11.0/24
set service nat rule 1 type masquerade
Forwarding SSH (creates a rule to forward ssh from any source to any destination that comes to the outside interface eth0 , this is because I have a dynamic IP address externaly so setting the destination is not useful and do not know the IP that I will be coming from) This acts like "port forwarding" in home routers
set service nat rule 2
set service nat rule 2 type destination
set service nat rule 2 inbound-interface eth0
set service nat rule 2 protocol tcp
set service nat rule 2 destination address 0.0.0.0/0
set service nat rule 2 destination port ssh
set service nat rule 2 source address 0.0.0.0/0
set service nat rule 2 inside-address address 192.168.11.48
commit
Labels: Linux, NAT, router, Vyatta
# posted by Slackerhobo : 11:31 AM
Comments:
<< Home
Very nice how-to. One comment, the way you got your address via "dhclient eth0" will of course work, but if you want it saved in your vyatta configuration you can instead use:
configure
set interfaces ethernet eth0 address dhcp
commit
That way it'll work after a reboot too. Also, if it's done this way then the show command will work. For example:
vyatta@vDUT:~$ show dhcp client leases
interface : eth3
ip address : 10.1.0.177 [Active]
subnet mask: 255.255.255.0
domain name: test.net
router : 10.1.0.1
name server: 10.0.0.31
dhcp server: 10.1.0.13
lease time : 300
last update: Thu Jun 26 13:31:49 GMT 2008
expiry : Thu Jun 26 13:36:48 GMT 2008
reason : BOUND
configure
set interfaces ethernet eth0 address dhcp
commit
That way it'll work after a reboot too. Also, if it's done this way then the show command will work. For example:
vyatta@vDUT:~$ show dhcp client leases
interface : eth3
ip address : 10.1.0.177 [Active]
subnet mask: 255.255.255.0
domain name: test.net
router : 10.1.0.1
name server: 10.0.0.31
dhcp server: 10.1.0.13
lease time : 300
last update: Thu Jun 26 13:31:49 GMT 2008
expiry : Thu Jun 26 13:36:48 GMT 2008
reason : BOUND
I want to mention that I have had several reboots now and the DHCP client appears to work after boot each time
I will go back and take a look and modify if I in fact did another path I had some downtime between configuration and the how to so had to pull some of the lines from history
I just logged in and the "show dhcp client leases" works I will review my configuration steps
Post a Comment
I will go back and take a look and modify if I in fact did another path I had some downtime between configuration and the how to so had to pull some of the lines from history
I just logged in and the "show dhcp client leases" works I will review my configuration steps
<< Home
Subscribe to Posts [Atom]