-
Notifications
You must be signed in to change notification settings - Fork 2
/
vyos_config.txt
105 lines (83 loc) · 5.63 KB
/
vyos_config.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
## Sashi Dahal
## For context and background, please visit: https://www.openstackfaq.com/openstack-liberty-private-cloud-howto/
##
## These are actual VYOS commands
## setup your gateway
set system gateway-address '1.1.1.1'
## setup your public IP addresses
set interfaces ethernet eth0 address '1.1.1.2/24'
set interfaces ethernet eth0 address '1.1.1.3/24'
## this is the pxe/dhcp default gateway address
set interfaces ethernet eth1 address '10.11.12.1/22'
## openstack-ansible management ip range
set interfaces ethernet eth2 address '172.29.236.1/22'
## openstack-ansible storage ip range
set interfaces ethernet eth3 address '172.29.244.1/22'
## floating-ip VLANs and IP range
set interfaces ethernet eth4 vif 101 address '192.168.101.1/24'
set interfaces ethernet eth4 vif 102 address '192.168.102.1/24'
set interfaces ethernet eth4 vif 103 address '192.168.103.1/24'
set interfaces ethernet eth4 vif 104 address '192.168.104.1/24'
set interfaces ethernet eth4 vif 105 address '192.168.105.1/24'
## direct attached/dhcp VLANs and IP range
set interfaces ethernet eth4 vif 201 address '192.168.201.1/24'
set interfaces ethernet eth4 vif 202 address '192.168.202.1/24'
set interfaces ethernet eth4 vif 203 address '192.168.203.1/24'
set interfaces ethernet eth4 vif 204 address '192.168.204.1/24'
set interfaces ethernet eth4 vif 205 address '192.168.205.1/24'
## openstack-ansible vxlan ip range
set interfaces ethernet eth5 address '172.29.240.1/22'
## 1:1 NAT between internal and public IP
set nat destination rule 11 destination address '1.1.1.3'
set nat destination rule 11 inbound-interface 'eth0'
set nat destination rule 11 translation address '10.11.12.3'
set nat source rule 11 outbound-interface 'eth0'
set nat source rule 11 source address '10.11.12.3'
set nat source rule 11 translation address '1.1.1.3'
# NAT for the pxe range
set nat source rule 100 outbound-interface 'eth0'
set nat source rule 100 protocol 'all'
set nat source rule 100 source address '10.11.12.0/22'
set nat source rule 100 translation address 'masquerade'
# NAT for the floating-ip range
set nat source rule 101 outbound-interface 'eth0'
set nat source rule 101 protocol 'all'
set nat source rule 101 source address '192.168.101.0/24'
set nat source rule 101 translation address 'masquerade'
# NAT for the direct-attached-dhcp ip range
set nat source rule 201 outbound-interface 'eth0'
set nat source rule 201 protocol 'all'
set nat source rule 201 source address '192.168.201.0/24'
set nat source rule 201 translation address 'masquerade'
# VYOS acts as a DHCP server for the initial boot
set service dhcp-server disabled 'false'
set service dhcp-server shared-network-name pxe-pool authoritative 'disable'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 default-router '10.11.12.1'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 dns-server '10.11.12.1'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 lease '86400'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 start 10.11.12.11 stop '10.11.12.99'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c11 ip-address '10.11.12.11'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c11 mac-address '52:54:00:11:12:11'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c12 ip-address '10.11.12.12'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c12 mac-address '52:54:00:11:12:12'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c13 ip-address '10.11.12.13'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c13 mac-address '52:54:00:11:12:13'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c14 ip-address '10.11.12.14'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c14 mac-address '52:54:00:11:12:14'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c15 ip-address '10.11.12.15'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c15 mac-address '52:54:00:11:12:15'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c16 ip-address '10.11.12.16'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c16 mac-address '52:54:00:11:12:16'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c17 ip-address '10.11.12.17'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c17 mac-address '52:54:00:11:12:17'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c18 ip-address '10.11.12.18'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c18 mac-address '52:54:00:11:12:18'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c19 ip-address '10.11.12.19'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c19 mac-address '52:54:00:11:12:19'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c20 ip-address '10.11.12.20'
set service dhcp-server shared-network-name pxe-pool subnet 10.11.12.0/22 static-mapping c20 mac-address '52:54:00:11:12:20'
# VYOS also acts as a DNS server ..
set service dns forwarding listen-on 'eth1'
set service dns forwarding name-server '8.8.8.8'
set service dns forwarding name-server '8.8.4.4'
set service ssh port '22'