So if you haven’t already been introduced to Vyatta… Vyatta meet reader, reader meet Vyatta.
Vyatta is a fairly new Opensource, Debian based router that’s taking geeks by storm. And I can tell you from personal experience with Vyatta that it’s a powerful system.

So as I mentioned in a previous article, I would put together a quick start guide on getting Vyatta working “out of the box.” Here it is…

***Please note, at the time of this writing, the latest version was Vyatta Community Edition 2.0 - these commands might not work on the newest release.

STEP 1: Installing and Updating Vyatta

Let’s assume you have already downloaded the ISO Image from Vyatta’s website and burned it to CD and you have the hardware there that you want to run Vyatta on. For my example, I’m running an AMD Sempron 2600, 1GB Ram, 80GB HD, 2 Ethernet Cards (min. suggestion for a good router.) Okay, pop the CD in the drive and boot up to the CD. It should start loading the OS and Vyatta.

Vyatta is setup so you don’t have to have a hard drive to run it. It can run directly from the CD, as it’s setup in a “live cd” format. Problem with this is, if you reboot, you lose your configuration settings. So we’ll want to install it to the drive, in my case 80GB is major overkill. To do this, you’ll first need to login to Vyatta once it’s booted up. The default logins are (user: root pass: vyatta) To install to the drive you will issue the command:

install-system

During the install you will be asked how much diskspace to allot to the different partitions. I went with the default. Once that’s complete, pop the CD out, and reboot to your installed Vyatta. Now we can start configuring the system. Let’s start by setting up the Debian repos and making sure we’re running the latest version of Vyatta. So you need to get into the Vyatta configure Cli. You can go this by logging in as root and then running the commands:

su vyatta
configure
set system package repository community component "experimental testing main"
set system package repository community url http://archive.vyatta.com/vyatta
set system package repository etch component main
set system package repository main url http://mirrors.kernel.org/debian
commit
exit
exit

Now you can update to the latest version of Vyatta and update any packages with Debian:

apt-get update
apt-get -y install vc-base
full-upgrade

STEP 2: Configuring Ethernet Interfaces

I have some static IPs from my internet provider, so I’m going to assign one of them to one of the ethernet cards, and the other ethernet card will be used for my LAN. Below is sample code from my setup:

su vyatta
configure
set interfaces ethernet eth0 address 141.99.208.118 prefix-length 29
set interfaces ethernet eth0 description "Internet"
set interfaces ethernet eth1 address 192.168.15.1 prefix-length 24
set interfaces ethernet eth1 description "OfficeLan"
commit

So I created my first interface with my ISP’s IP: 141.99.208.118 /29 which is netmask: 255.255.255.248 (If you need to know how to get your prefix-length - good luck. It’s hard to explain without having some networking knowledge.) I also, added a description for this interface as “Internet” as I tend to get forgetful. This ethernet card will be plugged into my internet connection.

The second interface I created with the LAN IP: 192.168.15.1 /24 which is netmask: 255.255.255.0, and gave it a description as “Lan.” This ethernet will be plugged into a Switch or Hub which my workstations and IP phones are plugged into.

By the way, you may have noticed the “commit” command. This basically commits my settings to the system. If there’s something missing, or conflicting, it will let me know during the commit.

 

 

STEP 3: Setting Up Route and NAT

So the workstations and phones that will be connected to the same switch as my LAN ethernet, will have 192.168.15.x IPs, I want them to have an internet connection and the rest of the world to see their IP as: 141.99.208.118. I need to setup my route and NAT. Below I’m doing that.

set protocols static route 0.0.0.0/0 next-hop 141.99.208.117
set service nat rule 1
set service nat rule 1 type source
set service nat rule 1 translation-type masquerade
set service nat rule 1 outbound-interface eth0
set service nat rule 1 protocols all
set service nat rule 1 source network 192.168.15.0/24
set service nat rule 1 destination network 0.0.0.0/0
commit

So in the above, I setup the route with the next-hop being my default gateway from my ISP: 141.99.208.117. This will give my LAN the internet connection. The rest translates my LAN IPs into the ISP IP.

STEP 4: Setting up DHCP Server

While having static LAN IPs set on all my workstations and Phones is best, I do have users that come and go on their laptop. So I want the router to automatically assign IPs. I can set that up below:

set service dhcp-server name OfficeLan start 192.168.15.2 stop 192.168.15.27
set service dhcp-server name OfficeLan network-mask 24
set service dhcp-server name OfficeLan dns-server 4.2.2.2
set service dhcp-server name OfficeLan dns-server 4.2.2.1
set service dhcp-server name OfficeLan default-router 192.168.15.1
set service dhcp-server name OfficeLan interface eth1
set service dhcp-server name OfficeLan domain-name officelan.hostname.com
commit

In the example above, I want no more than 25 dynamic IPs on my network, so the DHCP server is only going to assign IPs in the range: 192.168.15.2 through 192.168.15.27. I setup the default nameservers to be Level3’s: 4.2.2.2 and 4.2.2.1 with the gateway: 192.168.15.1 on my second ethernet. And then I gave it a hostname.

STEP5: Enabling Vyatta GUI

For setting up the Vyatta GUI, you can issue the following command from the Vyatta Cli:

set service http
commit

(**Note: This is one such command that changes in the newer version.**)

That’s all you need for a basic setup. There’s additional configurations that can be done, including firewalls, etc. Hopefully I will publish something on those shortly.

You can download the commands mentioned in this article here for quick copy and pasting.