So as I mentioned in a previous article, I would put together a quick start guide on getting Vyatta working “out of the box.” Here it is…

***Please note, at the time of this writing, the latest version was Vyatta Community Edition 2.0 – these commands might not work on the newest release.

STEP 1: Installing and Updating Vyatta

Let’s assume you have already downloaded the ISO Image from Vyatta’s website and burned it to CD and you have the hardware there that you want to run Vyatta on. For my example, I’m running an AMD Sempron 2600, 1GB Ram, 80GB HD, 2 Ethernet Cards (min. suggestion for a good router.) Okay, pop the CD in the drive and boot up to the CD. It should start loading the OS and Vyatta.

Vyatta is setup so you don’t have to have a hard drive to run it. It can run directly from the CD, as it’s setup in a “live cd” format. Problem with this is, if you reboot, you lose your configuration settings. So we’ll want to install it to the drive, in my case 80GB is major overkill. To do this, you’ll first need to login to Vyatta once it’s booted up. The default logins are (user: root pass: vyatta) To install to the drive you will issue the command:

install-system

During the install you will be asked how much diskspace to allot to the different partitions. I went with the default. Once that’s complete, pop the CD out, and reboot to your installed Vyatta. Now we can start configuring the system. Let’s start by setting up the Debian repos and making sure we’re running the latest version of Vyatta. So you need to get into the Vyatta configure Cli. You can go this by logging in as root and then running the commands:

su vyatta
configure
set system package repository community component "experimental testing main"
set system package repository community url http://archive.vyatta.com/vyatta
set system package repository etch component main
set system package repository main url http://mirrors.kernel.org/debian
commit
exit
exit

Now you can update to the latest version of Vyatta and update any packages with Debian:

apt-get update
apt-get -y install vc-base
full-upgrade

STEP 2: Configuring Ethernet Interfaces

I have some static IPs from my internet provider, so I’m going to assign one of them to one of the ethernet cards, and the other ethernet card will be used for my LAN. Below is sample code from my setup:

su vyatta
configure
set interfaces ethernet eth0 address 141.99.208.118 prefix-length 29
set interfaces ethernet eth0 description "Internet"
set interfaces ethernet eth1 address 192.168.15.1 prefix-length 24
set interfaces ethernet eth1 description "OfficeLan"
commit

So I created my first interface with my ISP’s IP: 141.99.208.118 /29 which is netmask: 255.255.255.248 (If you need to know how to get your prefix-length – good luck. It’s hard to explain without having some networking knowledge.) I also, added a description for this interface as “Internet” as I tend to get forgetful. This ethernet card will be plugged into my internet connection.

The second interface I created with the LAN IP: 192.168.15.1 /24 which is netmask: 255.255.255.0, and gave it a description as “Lan.” This ethernet will be plugged into a Switch or Hub which my workstations and IP phones are plugged into.

By the way, you may have noticed the “commit” command. This basically commits my settings to the system. If there’s something missing, or conflicting, it will let me know during the commit.

STEP 3: Setting Up Route and NAT

So the workstations and phones that will be connected to the same switch as my LAN ethernet, will have 192.168.15.x IPs, I want them to have an internet connection and the rest of the world to see their IP as: 141.99.208.118. I need to setup my route and NAT. Below I’m doing that.

set protocols static route 0.0.0.0/0 next-hop 141.99.208.117
set service nat rule 1
set service nat rule 1 type source
set service nat rule 1 translation-type masquerade
set service nat rule 1 outbound-interface eth0
set service nat rule 1 protocols all
set service nat rule 1 source network 192.168.15.0/24
set service nat rule 1 destination network 0.0.0.0/0
commit

So in the above, I setup the route with the next-hop being my default gateway from my ISP: 141.99.208.117. This will give my LAN the internet connection. The rest translates my LAN IPs into the ISP IP.

STEP 4: Setting up DHCP Server

While having static LAN IPs set on all my workstations and Phones is best, I do have users that come and go on their laptop. So I want the router to automatically assign IPs. I can set that up below:

set service dhcp-server name OfficeLan start 192.168.15.2 stop 192.168.15.27
set service dhcp-server name OfficeLan network-mask 24
set service dhcp-server name OfficeLan dns-server 4.2.2.2
set service dhcp-server name OfficeLan dns-server 4.2.2.1
set service dhcp-server name OfficeLan default-router 192.168.15.1
set service dhcp-server name OfficeLan interface eth1
set service dhcp-server name OfficeLan domain-name officelan.hostname.com
commit

In the example above, I want no more than 25 dynamic IPs on my network, so the DHCP server is only going to assign IPs in the range: 192.168.15.2 through 192.168.15.27. I setup the default nameservers to be Level3′s: 4.2.2.2 and 4.2.2.1 with the gateway: 192.168.15.1 on my second ethernet. And then I gave it a hostname.

STEP5: Enabling Vyatta GUI

For setting up the Vyatta GUI, you can issue the following command from the Vyatta Cli:

set service http
commit

(**Note: This is one such command that changes in the newer version.**)

That’s all you need for a basic setup. There’s additional configurations that can be done, including firewalls, etc. Hopefully I will publish something on those shortly.

You can download the commands mentioned in this article here for quick copy and pasting.

I’m not a big Debian user (as I love the power of “yum”) but found Vyatta to be very easy to use. So over the next month or so we tested all the configuration options that we would use within the office. We recently went live with it, and haven’t looked back at the dusty Linksys since. Sure, Vyatta is probably major overkill for our uses, but it’s rock solid.

So some quick features of the Vyatta system…

++ Vyatta is a Cli router, seeing as it’s based on Debian. However they do have a web based GUI which can be used once enabled. (That’s right, it’s not enabled by default.) GUI will probably seem bulky if you’re use to the likes of Linksys or Netgear interfaces. Keep in mind, Vyatta is more enterprise than these residential routers. But my main purpose is to introduce opensource more into the residential areas and uses.

++ You can do just about anything with Vyatta aside from port-forwarding. Yea, that seems kind of cheesy, but according to Vyatta, they are working on that. We were a bit disabled with not having port forwarding, but we got by, we just had to assign some additional IPs to our Vyatta to access systems within our network.
And there’s many more features, I just don’t have time to touch on.

During setup we did find the documentation a little hard to follow. That is, for those of us that didn’t have a complete understanding of networking, DNS, IPs, subnets, masks, etc. I mentioned this to Vyatta, and they didn’t seem to interested in putting together a “dummy’s” guide to Vyatta. So over the course of the next couple of weeks, I will do my best to spit out some articles and howto’s on getting Vyatta up and running for the “dummy.”

Whether it will be the big rival of Cisco, I don’t know. Only time will tell… but I have high hopes. As long as the Vyatta team focuses on the feature request of the community, and continues to put out a great product, I don’t see why someday they might have a large portion of the marketshare.