Create a Vyos Router VM in Hyper-V for Labs 13

UPDATE 2016-12-28: Updated for latest Vyos 1.1.7 and again a view little script tweaks.

I play a lot with VMs and I wanted a small virtual router to allow internet access for my Labs. After some searching I found Vyos and created  a few scripts to automate the router installation. The result will be a router only consuming 256MB and offering DNS, DHCP and NAT to 5 different subnets. If you want you can extend or change the subnets as much as you want.

These are the steps I followed:

Download Vyos: http://packages.vyos.net/iso/release/1.1.7/vyos-1.1.7-amd64.iso and put it in D:\ISO. If you put ISO somewhere else, change the location in the script.

Open Powershell ISE as Administrator and copy script to create Vyos router in Hyper-V:

#Parameters
$VyosName = 'Vyos_Router'
$VyosIso = 'D:\ISO\vyos-1.1.7-amd64.iso'
#Environment Vars
$VirHdLocation = (Get-VMHost).VirtualHardDiskPath
$VmSwitchExternal =  (Get-VMSwitch -SwitchType External).Name
$FastestPhysicalAdapter = (Get-NetAdapter -Physical | Where-Object {$_.Status -eq 'Up'} | Sort-Object $_.LinkSpeed | Select-Object -First 1).Name
#Create Vyos Switches
#External Switch
If (((Get-VMSwitch -SwitchType External).Name) -eq $null) {New-VMSwitch -Name 'External' -NetAdapterName $FastestPhysicalAdapter -AllowManagementOS $true -Notes 'External Switch'}
#Vyos Private Switches
$VmSwitchExternal =  (Get-VMSwitch -SwitchType External).Name
If (!(((Get-VMSwitch -SwitchType Private).Name) -eq 'Vyos_10.99.1.x')) {
    New-VMSwitch -Name 'Vyos_10.99.1.x' -SwitchType Private -Notes 'Vyos Switch 1'
    New-VMSwitch -Name 'Vyos_10.99.2.x' -SwitchType Private -Notes 'Vyos Switch 2'
    New-VMSwitch -Name 'Vyos_10.99.3.x' -SwitchType Private -Notes 'Vyos Switch 3'
    New-VMSwitch -Name 'Vyos_10.99.4.x' -SwitchType Private -Notes 'Vyos Switch 4'
    New-VMSwitch -Name 'Vyos_10.99.5.x' -SwitchType Private -Notes 'Vyos Switch 5'
    }
#Create Vyos VM
New-VHD -Path $VirHdLocation\$VyosName.vhdx -SizeBytes 2GB -Dynamic
New-VM -Name $VyosName -VHDPath $VirHdLocation\$VyosName.vhdx -SwitchName $VmSwitchExternal -MemoryStartupBytes 256MB
#Connect ISO
Set-VMDvdDrive -VMName $VyosName -Path $VyosIso
#Start-VM
Start-VM -Name $VyosName

Script will check if external interface exists, if not it creates a virtual interface. Also 5 virtual switches will be created to facilitate five LAB subnets. Make sure the $VyosIso parameter is correct. The Vyos VM will be started. Don’t close the Powershell ISE.

Now we have to install vyos in the newly created VM. Open the VM Console and follow the next steps:

vyos login: vyos
Password: vyos
vyos@vyos:~$ install image
Would you like to continue? (Yes/No) [Yes]: [Enter]
Partition (Auto/Parted/Skip) [Auto]: [Enter]
Install the image on? [sda]: [Enter]
Continue? (Yes/No) [No]: Yes
How big of a root partition should I create? (1000MB - 2147MB) [2147]MB: [Enter]
What would you like to name this image? [1.1.7]: [Enter]
Which one should I copy to sda? [/config/config.boot]: [Enter]
Enter password for user 'vyos': [Choose a password]
Retype password for user 'vyos': [New password]
Which drive should GRUB modify the boot partition on? [sda]: [Enter]

Go back to your Powershell ISE and run the next lines:

Stop-VM $VyosName
Get-VMDvdDrive -VMName $VyosName | Remove-VMDvdDrive
Start-VM -Name $VyosName

The Vyos router VM will be restarted.  Open the VM Console and follow the next steps:

#Vyos Base Configuration
vyos login: vyos
Password: [New password]
vyos@vyos:~$ configure
vyos@vyos# set interfaces ethernet eth0 address dhcp
vyos@vyos# set service ssh port '22'
vyos@vyos# commit
vyos@vyos# save
vyos@vyos# exit
vyos@vyos:~$ show interfaces

We can now access the Vyos VM with SSH, I use Putty. The last command showed the IP address of the external interface, make a note of it. This is necessary to configure the Vyos router, unless you really like to type a lot.

But first we will add the virtual switches  [Powershell ISE]:

Stop-VM $VyosName
Get-VMSwitch -Name "Vyos_10.99.*" | Sort-Object Name | ForEach-Object {Add-VMNetworkAdapter -VMName $VyosName -SwitchName $_.Name}
Start-VM -Name $VyosName

Start a SSH connection and login:

login as: vyos
vyos@IPADDRESS's password: [New password]

paste the following configuration:

#Vyos Extended Configuration Script
configure
#Host Configuration
set system host-name vyos
set system domain-name lab.local
set system time-zone Europe/Amsterdam
#External Interface Configuration
set interfaces ethernet eth0 description 'Switch_External'
#Interface Configuration
set interfaces ethernet eth1 address 10.99.1.254/24
set interfaces ethernet eth1 description 'Switch_10.99.1.x'
set interfaces ethernet eth2 address 10.99.2.254/24
set interfaces ethernet eth2 description 'Switch_10.99.2.x'
set interfaces ethernet eth3 address 10.99.3.254/24
set interfaces ethernet eth3 description 'Switch_10.99.3.x'
set interfaces ethernet eth4 address 10.99.4.254/24
set interfaces ethernet eth4 description 'Switch_10.99.4.x'
set interfaces ethernet eth5 address 10.99.5.254/24
set interfaces ethernet eth5 description 'Switch_10.99.5.x'
#DNS Configuration
set service dns forwarding dhcp eth0
set service dns forwarding cache-size '0'
set service dns forwarding listen-on 'eth1'
set service dns forwarding listen-on 'eth2'
set service dns forwarding listen-on 'eth3'
set service dns forwarding listen-on 'eth4'
set service dns forwarding listen-on 'eth5'
#DHCP Configuration
set service dhcp-server disabled 'false'
set service dhcp-server shared-network-name ETH1_Pool subnet 10.99.1.0/24 start 10.99.1.200 stop 10.99.1.253
set service dhcp-server shared-network-name ETH1_Pool subnet 10.99.1.0/24 dns-server 10.99.1.1
set service dhcp-server shared-network-name ETH1_Pool subnet 10.99.1.0/24 dns-server 10.99.1.254
set service dhcp-server shared-network-name ETH1_Pool subnet 10.99.1.0/24 default-router 10.99.1.254
set service dhcp-server shared-network-name ETH1_Pool subnet 10.99.1.0/24 lease '86400'
set service dhcp-server shared-network-name ETH2_Pool subnet 10.99.2.0/24 start 10.99.2.200 stop 10.99.2.253
set service dhcp-server shared-network-name ETH2_Pool subnet 10.99.2.0/24 dns-server 10.99.2.1
set service dhcp-server shared-network-name ETH2_Pool subnet 10.99.2.0/24 dns-server 10.99.2.254
set service dhcp-server shared-network-name ETH2_Pool subnet 10.99.2.0/24 default-router 10.99.2.254
set service dhcp-server shared-network-name ETH2_Pool subnet 10.99.2.0/24 lease '86400'
set service dhcp-server shared-network-name ETH3_Pool subnet 10.99.3.0/24 start 10.99.3.200 stop 10.99.3.253
set service dhcp-server shared-network-name ETH3_Pool subnet 10.99.3.0/24 dns-server 10.99.3.1
set service dhcp-server shared-network-name ETH3_Pool subnet 10.99.3.0/24 dns-server 10.99.3.254
set service dhcp-server shared-network-name ETH3_Pool subnet 10.99.3.0/24 default-router 10.99.3.254
set service dhcp-server shared-network-name ETH3_Pool subnet 10.99.3.0/24 lease '86400'
set service dhcp-server shared-network-name ETH4_Pool subnet 10.99.4.0/24 start 10.99.4.200 stop 10.99.4.253
set service dhcp-server shared-network-name ETH4_Pool subnet 10.99.4.0/24 dns-server 10.99.4.1
set service dhcp-server shared-network-name ETH4_Pool subnet 10.99.4.0/24 dns-server 10.99.4.254
set service dhcp-server shared-network-name ETH4_Pool subnet 10.99.4.0/24 default-router 10.99.4.254
set service dhcp-server shared-network-name ETH4_Pool subnet 10.99.4.0/24 lease '86400'
set service dhcp-server shared-network-name ETH5_Pool subnet 10.99.5.0/24 start 10.99.5.200 stop 10.99.5.253
set service dhcp-server shared-network-name ETH5_Pool subnet 10.99.5.0/24 dns-server 10.99.5.1
set service dhcp-server shared-network-name ETH5_Pool subnet 10.99.5.0/24 dns-server 10.99.5.254
set service dhcp-server shared-network-name ETH5_Pool subnet 10.99.5.0/24 default-router 10.99.5.254
set service dhcp-server shared-network-name ETH5_Pool subnet 10.99.5.0/24 lease '86400'
#NAT Configuration
set nat source rule 100 outbound-interface eth0
set nat source rule 100 source address '10.99.0.0/16'
set nat source rule 100 translation address masquerade
#Save Configure
commit
save
exit
reboot

Finish with:

#Proceed with reboot? (Yes/No) [No]: Yes

After the reboot your router is fully configured and ready to go.

13 thoughts on “Create a Vyos Router VM in Hyper-V for Labs

  1. Reply Tony De Waal Jun 24,2015 13:48

    I just wanted to thank you for this tutorial. i am busy with my MCSA 70-412 exam and this tutorial is perfect for the lab environment needed. Great work.

    greetings from South Africa

    Tony

  2. Reply George Aug 11,2015 10:53

    Thanks. Worked perfectly.

  3. Reply BuZain Dec 8,2015 23:23

    Worked perfectly. Thanks.

  4. Reply Marc Dec 23,2015 19:23

    Hi Cesare,
    I was looking for the answer how to enable routing within VyOS and stumbled upon your tutorial.
    Thanks to this tutorial I now know how.
    So a big thanks to you!

    Looking forward talking to you at RWO 😉

  5. Reply GeoLeo Jan 27,2016 04:10

    Do you have to set the IP addresses, and other config information for IP for each virtual interface inside windows network connections too? Or only on the vyos router eth interfaces? I’m a little confused on if that is a missing step.

    • Reply Cesare Auteri Jan 27,2016 10:21

      I’m not sure what you mean. I described the configuration for the Vyos router including the IP configuration of the Vyos interfaces. If you create a new Windows VM and use one of the created Vyos VM switches, the VM will get a IP address from the Vyos DHCP service.

  6. Reply GeoLeo Jan 27,2016 14:08

    You have a great article. I’m back tracking a little because I found this article after I setup my host and vyos GW, but will continue its configuration for dhcp and natural from here. I’ll return with more info once I return to my desk but basically what confuses me is, even though the the eth0 interfaces are configured on vyos, and connected to each internal virtual switch, when I login to the Hyper-V host and run ipconfig I see all the switches with 169 addresses and I’m not sure if I should apply something to them for IP on the host Hyper-V server.

    • Reply Cesare Auteri Feb 5,2016 08:34

      Hi GeoLeo, I trashed your config to keep the comments clean. If you used my scripts and you have 2 physical nics, the only thing I can think of is that you have 2 external virtual switches and the wrong external virtual switch connected to the Vyos VM.

  7. Reply Matheen Mar 7,2016 14:44

    Hi
    Thanks for good article. I have only wireless adapter which I am using it as external network. But when I use that to NAT traffic from other internal interfaces, the internet is not working.
    Do you have any guidance on making that working?

    • Reply Cesare Auteri Mar 7,2016 20:19

      Hi Matheen,
      Internal interfaces will never route to the internet. That’s why you create the router, to route traffic from the internal switches to an external switch, connected to the internet. Any other switch you create outside of this vyos config should be an external switch if you need internet.

  8. Reply Bert Berrevoets Sep 4,2016 11:42

    Hello,

    At first great tutorial.
    But can i disable the dhcp server for 1 of the interfaces?

    Kind Regards,
    Bert Berrevoets.

    • Reply Cesare Auteri Sep 4,2016 14:06

      Just remove the “set service dhcp-server shared-network-name” configuration block of the interface you want to exclude from DHCP.

  9. Reply Josh Mar 13,2017 16:08

    Great article. I have a similar hyper-v setup but would like to use a windows server to host the dhcp service instead of the router. I’ve setup multiple scopes on the server but it only distributes the first scope. I believe I’ve setup dhcp relay properly but to no avail. Could you possibly give me a hint as to what may be wrong?

Leave a Reply

  

  

  


(Required)