How to connect Vyatta to Cisco using VirtualBox and GNS3

Vyatta is  a software-based, open-source, network operating system that is portable to standard x86 hardware as well as common virtualization and cloud computing platforms. By deploying Vyatta, users benefit from a flexible enterprise-class routing and security feature set capable of scaling from DSL to 20Gbps performance at a fraction of the cost of proprietary solutions.”

Shortly, you take this piece of software, install it on a x86 machine (any decent PC with quality network card will do) and have yourself a network device capable to support dynamic routing protocol, policy routing, QoS and many more features. The best part (at least for guys like me) is that Vyatta is offering a free package that you can download on their website. This free version is without the commercial support, but you can find plenty support in the Vyatta community.



Why I would be interested in Vyatta when I can have Cisco devices and can emulate Cisco IOS with GNS3? I don’t have an evolved response to this question, but
mainly because I was bored and wanted to try something new, but still related to Cisco. I arrived to the conclusion that I should test how Cisco can interact with 3rd party devices. I choose Vyatta as 3rd party device, because it is a turn key network solution. Of course, you can take all the included software in Vyatta and build your own box based on whatever Linux distribution you want, but why to do this if you have a free solution which already works?

I plan to test more about Vyatta and Cisco integration, but for today,  I want show you how to install Vyatta and connect it with GNS3. First you need to download the image from Vyatta and build yourself a working box. You can download the Live CD image which allow you to boot from it and then install, or an image for your virtualization system (VMware of Citrix).

1. Create a Virtual Machine where to install Vyatta system

From my test environment I chose to create a Virtual Machine using VirtualBox with the following settings:

Minimum settings are Memory 512MB and Storage 2GB. The rest of the settings are optional, but if you would like to test some network stuff, then I recommend at leas 1 Network Adapter. I have 2 in this image, because one will be connected to the virtual network cloud (tap0 inteface) and the other one to the physical network, so I can access remotely this system.

2. Install Vyatta system

Download your copy of Vyatta, add the ISO image to the IDE Secondary Master (CD/DVD) and boot your virtual machine. It should read the image and boot until to arrive to a Linux style prompt that ask for username and password (vyatta / vyatta by default).

Login and install Vyatta from LiveCD. You can also work directly from LiveCD, but then the changes will not be permanent. The persistent installation can be image-based or system-based:

– Image-based install. The simplest, most flexible, and most powerful way to install a Vyatta system is using a binary system image. With this method, you can install multiple versions of the Vyatta system as images and switch between the images simply and easily. You install the image from a LiveCD, reboot your system and it runs the image.

At the command prompt type:

install-image

– Disk-based install. Installation from a LiveCD onto a persistent device such as a hard disk partition. However, unlike an image-based install, a disk-based install uses a traditional layout of files on the disk. Additional system images may be added at a later time to a system created using a disk-based install.

At the command prompt type:

install-system

To be honest, in the test environment, it doesn’t make much of a difference if you use the image or system installation. I used image as it’s the simplest one, as Vyatta recommend.

3. Connect Vyatta with GNS3

Then you need a system with GNS3 installed. I’m using the same system on which VirtualBox is installed.  The scenario for today is pretty straightforward, as I just want to demonstrate how to connect Vyatta to a Cisco device (well, an emulated one in my case):

If you don’t know how to achieve the connection above in GNS3, please read this tutorial about connection of GNS3 to VirtualBox Machines. I that post I used an Ubuntu system, instead of Vyatta, but the principle is the same.

4. Basic network configuration of Vyatta system

If you work more with Cisco, like I do, then you’ll find the configuration mode a little bit different that Cisco’s standard IOS CLI. If you work with Juniper, than this might look familliar as the configuration commands and the config files look pretty much like the Juniper ones.

By default no remote access is enabled, so you’ll have to access this device over console. In VirtualBox case, you’ll have a tab there with Console. If you access it, you’ll be able to login  to Vyatta system and configure it.

4.a) Check the config file to have an idea about what you have already configured by default:

@vyatta:~$ show configuration

and you’ll see something like this:

Please ignore the user “yotis”. This is not in the default config, but I have changed something there to secure my Vyatta installation. Now you know how the config look.

4.b) Enter the configuration mode:

@vyatta:~$ configure
[edit]
yotis@vyatta#

4.c) Configure the external interface (the one bridged to your physical network).

We want to do this to be able to remote access Vyatta device. Depending of your own IP address subnet, you’ll need to customize the command below to meet your requirements:

set interfaces ethernet eth0 address 1.1.1.1/24

Now, you might wonder, how in the name of God I suppose to know that command. The answer is read the documentation, or do what I did. Press key TAB at the command prompt to check your options. All configuration command start with set and then press TAB key:

@vyatta# set
cluster             firewall            load-balancing      protocols           service             vpn
content-inspection  interfaces          policy              qos-policy          system              zone-policy

we are interested in interfaces here, so:

@vyatta# set interfaces
adsl             bridge           loopback         openvpn          serial           wireless
bonding          ethernet         multilink        pseudo-ethernet  tunnel           wirelessmodem

And then ethernet, interface name, address keyword and the IP address. In the middle of a command keyword, if you press TAB key it will autocomplete the word, exactly like in Cisco CLI.

It’s preety simple. If you get stuck somewhere, get back to documentation or ask in the comments here.

4.d) Add a default gateway if you want to be able to access your system from anywhere (optional)

@vyatta# set protocols static route 0.0.0.0/0 next-hop 1.1.1.100

4.e) Configure the second interface (LAN)

Configure the second interface (bridged to tap0, in my case). This one will be connected to your Cisco router in GNS3. You’ll need to have the same IP subnet on both ends (Vyatta and Cisco), but I believe you already know this. Follow the same steps like in 4.c)

4.f) Commit your changes

No matter what configuration you set, it will not become active until you commit:

@vyatta# commit

4.f) Save your configuration

@vyatta# save
Saving configuration to ‘/opt/vyatta/etc/config/config.boot’…
Done

Almost done. You have configured Vyatta basic network system. Now configure the Cisco router in GNS3. I believe you know how to do that.

5. Test connection between Vyatta and Cisco router

I have 10.86.0.1 on Vyatta eth1 adapter and 10.86.0.2 on Cisco router

@vyatta:~$ ping  10.86.0.2
PING 10.86.0.2 (10.86.0.2) 56(84) bytes of data.
64 bytes from 10.86.0.2: icmp_seq=1 ttl=255 time=3.73 ms
64 bytes from 10.86.0.2: icmp_seq=2 ttl=255 time=1.90 ms
64 bytes from 10.86.0.2: icmp_seq=3 ttl=255 time=5.23 ms
64 bytes from 10.86.0.2: icmp_seq=4 ttl=255 time=4.43 ms
^C
— 10.86.0.2 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3012ms
rtt min/avg/max/mdev = 1.905/3.826/5.230/1.230 ms

This is it for today. In  next posts I will go a little bit deeper in the Vyatta configuration and establish some IGP and BGP connection to see how Cisco behave under different scenarios.