0

Tu carrito

Vyos – WAN load balancing – Vlans – ESXi

ESXi interface - Vyos

Add interfaces

set interfaces ethernet eth0 description MEXLINE
set interfaces ethernet eth0 address dhcp
set interfaces ethernet eth1 description TELMEX
set interfaces ethernet eth1 address dhcp
set interfaces bridge br1 description HOME
set interfaces bridge br1 address 172.31.255.1/26
set interfaces ethernet eth2 bridge-group bridge br1
set interfaces ethernet eth3 bridge-group bridge br1 
set interfaces ethernet eth4 description GUESTS
set interfaces ethernet eth4 address 172.31.251.129/26
set interfaces ethernet eth5 description MANAGEMENT
set interfaces ethernet eth5 address 172.31.255.241/28
ESXi networks adapters

Enable SSH

set service ssh port 22

Enable DHCP

set service dhcp-server shared-network-name HOME subnet 172.31.255.0/26 default-router 172.31.255.1
set service dhcp-server shared-network-name HOME subnet 172.31.255.0/26 dns-server 172.31.255.1
set service dhcp-server shared-network-name HOME subnet 172.31.255.0/26 domain-name home-network
set service dhcp-server shared-network-name HOME subnet 172.31.255.0/26 lease 86400
set service dhcp-server shared-network-name HOME subnet 172.31.255.0/26 range 0 start 172.31.255.2
set service dhcp-server shared-network-name HOME subnet 172.31.255.0/26 range 0 stop 172.31.255.61

set service dhcp-server shared-network-name GUESTS subnet 172.31.251.128/26 default-router 172.31.251.129
set service dhcp-server shared-network-name GUESTS subnet 172.31.251.128/26 dns-server 172.31.251.129
set service dhcp-server shared-network-name GUESTS subnet 172.31.251.128/26 domain-name guests-network
set service dhcp-server shared-network-name GUESTS subnet 172.31.251.128/26 lease 86400
set service dhcp-server shared-network-name GUESTS subnet 172.31.251.128/26 range 0 start 172.31.251.130
set service dhcp-server shared-network-name GUESTS subnet 172.31.251.128/26 range 0 stop 172.31.251.190

set service dhcp-server shared-network-name MANAGEMENT subnet 172.31.255.240/28 default-router 172.31.255.241
set service dhcp-server shared-network-name MANAGEMENT subnet 172.31.255.240/28 dns-server 172.31.255.241
set service dhcp-server shared-network-name MANAGEMENT subnet 172.31.255.240/28 domain-name management-network
set service dhcp-server shared-network-name MANAGEMENT subnet 172.31.255.240/28 lease 86400
set service dhcp-server shared-network-name MANAGEMENT subnet 172.31.255.240/28 range 0 start 172.31.255.242
set service dhcp-server shared-network-name MANAGEMENT subnet 172.31.255.240/28 range 0 stop 172.31.255.254

Enable DNS forwarding service

set service dns forwarding cache-size 0
set service dns forwarding listen-address 172.31.255.1
set service dns forwarding listen-address 172.31.251.129
set service dns forwarding listen-address 172.31.255.241
set service dns forwarding name-server 1.1.1.1
set service dns forwarding name-server 1.0.0.1
set service dns forwarding name-server 8.8.8.8
set service dns forwarding name-server 8.8.4.4
set service dns forwarding allow-from 172.31.255.0/26
set service dns forwarding allow-from 172.31.251.128/26
set service dns forwarding allow-from 172.31.255.240/28

NAT configuration

set nat source rule 100 outbound-interface eth0
set nat source rule 100 source address 172.31.255.0/26
set nat source rule 100 translation address masquerade
set nat source rule 110 outbound-interface eth1
set nat source rule 110 source address 172.31.255.0/26
set nat source rule 110 translation address masquerade

set nat source rule 120 outbound-interface eth0
set nat source rule 120 source address 172.31.251.128/26
set nat source rule 120 translation address masquerade
set nat source rule 130 outbound-interface eth1
set nat source rule 130 source address 172.31.251.128/26
set nat source rule 130 translation address masquerade

set nat source rule 140 outbound-interface eth0
set nat source rule 140 source address 172.31.255.240/28
set nat source rule 140 translation address masquerade
set nat source rule 150 outbound-interface eth1
set nat source rule 150 source address 172.31.255.240/28
set nat source rule 150 translation address masquerade

Firewall

Firewall
set firewall name MEXLINE-IN default-action drop
set firewall name MEXLINE-IN rule 10 action accept
set firewall name MEXLINE-IN rule 10 state established enable
set firewall name MEXLINE-IN rule 10 state related enable
set firewall name MEXLINE-LOCAL default-action drop
set firewall name MEXLINE-LOCAL rule 10 action accept
set firewall name MEXLINE-LOCAL rule 10 state established enable
set firewall name MEXLINE-LOCAL rule 10 state related enable
set firewall name MEXLINE-LOCAL rule 20 action accept
set firewall name MEXLINE-LOCAL rule 20 icmp type-name echo-request
set firewall name MEXLINE-LOCAL rule 20 protocol icmp
set firewall name MEXLINE-LOCAL rule 20 state new enable

set firewall name TELMEX-IN default-action drop
set firewall name TELMEX-IN rule 10 action accept
set firewall name TELMEX-IN rule 10 state established enable
set firewall name TELMEX-IN rule 10 state related enable
set firewall name TELMEX-LOCAL default-action drop
set firewall name TELMEX-LOCAL rule 10 action accept
set firewall name TELMEX-LOCAL rule 10 state established enable
set firewall name TELMEX-LOCAL rule 10 state related enable
set firewall name TELMEX-LOCAL rule 20 action accept
set firewall name TELMEX-LOCAL rule 20 icmp type-name echo-request
set firewall name TELMEX-LOCAL rule 20 protocol icmp
set firewall name TELMEX-LOCAL rule 20 state new enable

set interfaces ethernet eth0 firewall in name MEXLINE-IN
set interfaces ethernet eth0 firewall local name MEXLINE-LOCAL
set interfaces ethernet eth1 firewall in name TELMEX-IN
set interfaces ethernet eth1 firewall local name TELMEX-LOCAL

WAN load balancing

wan load balance
set protocols static route 1.1.1.1/32 next-hop 192.168.1.1
set protocols static route 8.8.8.8/32 next-hop 192.168.1.1
set protocols static route 1.0.0.1/32 next-hop 192.168.4.1
set protocols static route 8.8.4.4/32 next-hop 192.168.4.1

set load-balancing wan interface-health eth0 failure-count 4
set load-balancing wan interface-health eth0 nexthop 192.168.1.1
set load-balancing wan interface-health eth0 test 10 type ping
set load-balancing wan interface-health eth0 test 10 target 1.1.1.1
set load-balancing wan interface-health eth0 test 20 type ping
set load-balancing wan interface-health eth0 test 20 target 8.8.8.8

set load-balancing wan interface-health eth1 failure-count 3
set load-balancing wan interface-health eth1 nexthop 192.168.4.1
set load-balancing wan interface-health eth1 test 10 type ping
set load-balancing wan interface-health eth1 test 10 target 1.0.0.1
set load-balancing wan interface-health eth1 test 20 type ping
set load-balancing wan interface-health eth1 test 20 target 8.8.4.4

set load-balancing wan rule 10 description HOME-BALANCING
set load-balancing wan rule 10 inbound-interface br1
set load-balancing wan rule 10 interface eth0 weight 6
set load-balancing wan rule 10 interface eth1 weight 1

set load-balancing wan rule 30 description GUESTS-BALANCING
set load-balancing wan rule 30 inbound-interface eth4
set load-balancing wan rule 30 interface eth0 weight 1
set load-balancing wan rule 30 interface eth1 weight 9

set load-balancing wan rule 40 description MGMNT-BALANCING
set load-balancing wan rule 40 inbound-interface eth5
set load-balancing wan rule 40 interface eth0 weight 1
set load-balancing wan rule 40 interface eth1 weight 1

Deja una respuesta

Tu dirección de correo electrónico no será publicada.