Welcome Guest, Not a member yet? Create Account  




Question Is this setup possible without NAT?

#1

Hello everyone,

since english isn't my native language and I am a novice I tried visualizing my desired setup.

Basically I have 2 Networks on the same physical cable with a dump switch. Vlans are not an option sadly. Each Network is NAT'd over a static IP provided by my ISP to reach the Internet.

ISP: 123.123.123.123/30
Net1: 10.0.0.0/23
Net2: 192.168.1.0/24

Net1 is my "management" net consisting of several management interfaces better not to be accessible via Net2. 
Net2 is for my generic Clients and includes Wifi with DHCP and more like fileserver, SIP, Printers etc. 

Everything works fine, and is configured at my Mikrotik Router which acts as the Access Router to the Internet and NAT's the outgoing interface eth0. 

What I want is to configure the second circle in my drawing with vyos as a staging lan for automatically provisioned vm's and route between those three nets, but, and here comes the caveat, without NAT. A vyos vm in a xenserver with 2 virtual NICS one for outer access and one to be shared with the virtual machines to be provisioned.

While still in Developement I tried it with dns forwarding to let vyos 172.16.0.1 act as a DNS Server while setting it up, but actually I would like the outer DNS Server to be reachable from within 
Net3: 172.16.0.1/24 staging

Graphic:



[Image: setup.png]

Config:

Code:
set interfaces ethernet eth0 address '10.0.0.68/24'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id 'da:f3:71:9a:98:b4'
set interfaces ethernet eth0 smp_affinity 'auto'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth1 address '172.16.0.1/24'
set interfaces ethernet eth1 description 'net_staging_1'
set interfaces ethernet eth1 duplex 'auto'
set interfaces ethernet eth1 hw-id '02:c6:15:59:c4:dd'
set interfaces ethernet eth1 smp_affinity 'auto'
set interfaces ethernet eth1 speed 'auto'
set interfaces loopback 'lo'
set protocols static route 0.0.0.0/0 next-hop 10.0.0.1 distance '1'
set service dhcp-server disabled 'false'
set service dhcp-server shared-network-name STAGING subnet 172.16.0.0/24 default-router '172.168.0.1'
set service dhcp-server shared-network-name STAGING subnet 172.16.0.0/24 dns-server '172.168.0.1'
set service dhcp-server shared-network-name STAGING subnet 172.16.0.0/24 dns-server '10.0.1.1'
set service dhcp-server shared-network-name STAGING subnet 172.16.0.0/24 domain-name 'staging'
set service dhcp-server shared-network-name STAGING subnet 172.16.0.0/24 lease '300'
set service dhcp-server shared-network-name STAGING subnet 172.16.0.0/24 start 172.16.0.100 stop '172.16.0.150'
set service dns forwarding cache-size '0'
set service dns forwarding listen-on 'eth1'
set service dns forwarding name-server '10.0.1.1'
set service dns forwarding name-server '10.0.1.2'
set service ssh port '22'
set system config-management commit-revisions '20'
set system console device ttyS0 speed '9600'
set system host-name 'vrouter1.k93h3d'
set system name-server '10.0.1.1'
set system name-server '10.0.1.2'
set system ntp server '0.pool.ntp.org'
set system ntp server '1.pool.ntp.org'
set system ntp server '2.pool.ntp.org'
set system package auto-sync '1'
set system package repository community components 'main'
set system package repository community distribution 'helium'
set system package repository community password ''
set system package repository community url 'http://packages.vyos.net/vyos'
set system package repository community username ''
set system syslog global facility all level 'notice'
set system syslog global facility protocols level 'debug'
set system time-zone 'UTC'
Reply

#2

Testing with a lease of 300 wasn't that helpful. Everything works as expected. Sorry to bother.
Reply





Users browsing this thread:
1 Guest(s)