Free Open Source Router and Firewall | How to Install VyOS and Configure OSPF: Step-by-Step Guide

by SinaOnline Network Training, Virtualization Training

VyOS Installation and Configuration Guide

Introduction

VyOS is an open-source network operating system based on Debian GNU/Linux that provides software-based network routing, firewall, and VPN functionality. This guide covers the installation and configuration of VyOS, including setting up OSPF.

Installation of VyOS

1. Download VyOS ISO:

   – Go to the VyOS download page and download the ISO image of the latest stable version.

2. Create a Bootable USB Drive:

   – For Windows: Use Rufus to create a bootable USB drive.

   – For Linux/macOS: Use the `dd` command.

3. Boot from the USB Drive:

   – Insert the USB drive into your server or PC and boot from it. You may need to change the boot order in the BIOS/UEFI settings.

4. Install VyOS:

   – Once booted, you will be presented with the VyOS live environment. Log in with the default credentials:

     Username: vyos
     Password: vyos

   – To start the installation, enter:

     install image

   – Follow the prompts to select the installation disk, partitioning scheme, and other options. You will also set a password for the `vyos` user and create a GRUB bootloader.

5. Reboot:

   – After the installation completes, reboot the system and remove the USB drive. The system will boot into the installed VyOS.

Basic Configuration of VyOS

1. Log In:

   – Log in with the user `vyos` and the password you set during installation.

2. Enter Configuration Mode:

   configure

3. Set Hostname:

   set system host-name my-router
   commit
   save

4. Configure Network Interfaces:

   – Identify the network interfaces using the `show interfaces` command.

   – Configure an interface (e.g., `eth0`) with a static IP address:

     set interfaces ethernet eth0 address ‘192.168.1.1/24’
     commit
     save

5. Configure Default Gateway:

   set protocols static route 0.0.0.0/0 next-hop 192.168.1.254
   commit
   save

6. Set DNS Servers:

   set system name-server 8.8.8.8
   set system name-server 8.8.4.4
   commit
   save

7. Enable SSH:

   set service ssh port 22
   commit
   save

Configuring OSPF

Enable OSPF

To configure OSPF (Open Shortest Path First) on VyOS:

1. Enter Configuration Mode:

   configure

2. Enable OSPF:

   set protocols ospf parameters router-id 1.1.1.1

   Replace `1.1.1.1` with a unique router ID for the OSPF instance.

Configure OSPF on Interfaces

Specify which interfaces will participate in OSPF and their respective areas:

   set protocols ospf area 0 network 192.168.1.0/24
   set protocols ospf area 0 network 192.168.2.0/24

   Replace `192.168.1.0/24` and `192.168.2.0/24` with the actual network addresses of your interfaces.

Adjust OSPF Interface Parameters (Optional)

You can adjust OSPF interface parameters like cost, hello interval, and dead interval:

   set interfaces ethernet eth0 ip ospf cost 10
   set interfaces ethernet eth0 ip ospf hello-interval 10
   set interfaces ethernet eth0 ip ospf dead-interval 40

   Replace `eth0` with your actual interface name.

Commit and Save the Configuration

   commit
   save

Example Configuration for OSPF

Here is an example configuration where two interfaces (`eth0` and `eth1`) participate in OSPF with different network segments.

Configuration for Router 1:

configure
set interfaces ethernet eth0 address ‘192.168.1.1/24’
set interfaces ethernet eth1 address ‘10.1.1.1/24’

set protocols ospf parameters router-id 1.1.1.1
set protocols ospf area 0 network 192.168.1.0/24
set protocols ospf area 0 network 10.1.1.0/24

commit
save

Configuration for Router 2:

configure
set interfaces ethernet eth0 address ‘192.168.1.2/24’
set interfaces ethernet eth1 address ‘10.1.2.1/24’

set protocols ospf parameters router-id 2.2.2.2
set protocols ospf area 0 network 192.168.1.0/24
set protocols ospf area 0 network 10.1.2.0/24

commit
save

Verifying OSPF Configuration

1. Check OSPF Neighbors:

   show ip ospf neighbor

2. Check OSPF Routes:

   show ip route ospf

3. Check OSPF Interface Status:

   show ip ospf interface

Additional OSPF Configurations

Configuring OSPF Authentication

To enhance security, you can configure OSPF authentication on the interfaces:

1. Set Authentication Type and Key:

   set interfaces ethernet eth0 ip ospf authentication message-digest
   set interfaces ethernet eth0 ip ospf message-digest-key 1 md5 ‘yourpassword’

   Replace `yourpassword` with a secure password.

2. Configure OSPF Area Authentication:

   set protocols ospf area 0 authentication message-digest

Configuring OSPF Redistribution

To redistribute routes from other protocols (e.g., BGP) into OSPF:

1. Set Redistribution:

   set protocols ospf redistribute bgp
   commit
   save

Troubleshooting OSPF

1. Check OSPF Process:

   show ip ospf

2. Check OSPF Logs:

   show log

3. Debug OSPF:

   monitor protocol ospf