So here we have the "Router on a stick" where we use a Vyatta VM to route between two VM networks with VLAN Trunk then optimize with Jumbo Frames (MTU 9000) on the vnics,vswitch and changing adapter types.
Part 1
Lab Setup
Configuration of Vyatta
Configuration of vSphere (VLAN Trunk)
Configure Routing
Benchmark using iPerf
Router on a Stick within vSphere using Vyatta and Optimizing for 1Gbps Routing - Part 1 from Richard Vimeo on Vimeo.
Part 2
Configuring Jumbo frame on guests
Configuring Jumbo frame on vSwitch
Changing vNic type
Benchmark with iPerf
Router on a Stick within vSphere using Vyatta and Optimizing for 1Gbps Routing - Part 2 from Richard Vimeo on Vimeo.
Here is the KB relating to why Windows XP (32bit) and Windows Server (32bit) come up with a 1.4Gbps link speed for 10Gbps drivers/adapters.
http://support.microsoft.com/kb/931857
And for those that cannot wait for the VMware Appliance here is the link to:
Vyatta VC 6.0 - Final with VMware Tools
Vyatta Config
firewall {
all-ping enable
broadcast-ping disable
conntrack-table-size 32768
conntrack-tcp-loose enable
ip-src-route disable
ipv6-receive-redirects disable
ipv6-src-route disable
log-martians enable
name ALLOW_ESTABLISHED {
default-action drop
rule 10 {
action accept
state {
established enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address dhcp
description Outside
duplex auto
firewall {
in {
name ALLOW_ESTABLISHED
}
local {
name ALLOW_ESTABLISHED
}
}
hw-id 00:50:56:83:39:3e
smp_affinity auto
speed auto
}
ethernet eth1 {
MTU 9000
description Inside
duplex auto
hw-id 00:50:56:83:70:c3
smp_affinity auto
speed auto
vif 10 {
address 192.168.10.1/24
description VLAN-10
}
vif 20 {
address 192.168.20.1/24
description VLAN-20
}
}
ethernet eth2 {
description DMZ
duplex auto
hw-id 00:50:56:83:51:b7
smp_affinity auto
speed auto
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
shared-network-name POOL1 {
authoritative disable
description VLAN10
subnet 192.168.10.0/24 {
default-router 192.168.10.1
dns-server 192.168.10.1
domain-name Vyatta.local
lease 86400
start 192.168.10.10 {
stop 192.168.10.200
}
}
}
shared-network-name POOL2 {
authoritative disable
description VLAN20
subnet 192.168.20.0/24 {
default-router 192.168.20.1
dns-server 192.168.20.1
domain-name vyatta.local
lease 86400
start 192.168.20.10 {
stop 192.168.20.240
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on eth1.10
listen-on eth1.20
name-server 208.67.222.222
name-server 208.67.220.220
}
}
nat {
rule 10 {
outbound-interface eth0
source {
address 192.168.10.0/24
}
type masquerade
}
rule 20 {
outbound-interface eth0
source {
address 192.168.20.0/24
}
type masquerade
}
}
ssh {
allow-root
port 22
protocol-version v2
}
}
system {
host-name vyatta
login {
user root {
authentication {
encrypted-password $1$ORKO400D$9GoL/vifapZLo3p.sLkUs/
plaintext-password ""
}
level admin
}
user vyatta {
authentication {
encrypted-password $1$Z9oMjC/m$r.T2vNILnVuZnIwkKhg58.
}
level admin
}
}
ntp-server 0.vyatta.pool.ntp.org
package {
auto-sync 1
repository community {
components main
distribution stable
password ""
url http://packages.vyatta.com/vyatta
username ""
}
repository lenny {
components main
distribution lenny
password ""
url http://packages.vyatta.com/debian/
username ""
}
repository VC6 {
components main
distribution VC6.0
password ""
url http://packages.vyatta.com/vyatta/
username ""
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone GMT
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "cluster@1:dhcp-relay@1:dhcp-server@4:firewall@3:ipsec@2:nat@3:quagga@1:system@3:vrrp@1:wanloadbalance@2:webgui@1:webproxy@1" === */
/* Release version: VC6.0-2010.03.22 */
Enjoy!
14 comments:
The download link isn't working. Great post though!
Thanks..should be fixed now
downloading as we speak :-) Thanks for fixing the download link!
Good stuff Roggy. I added a link to this on http://www.vyatta.org/documentation/tips-tricks
Hi. Can you tell me if Vyatta is a router software simulator? I had been looking for a vmware router simulator, but i don´t know if it exists...for that i ask you.
I a looking for a router IOS simulator for vmware but don´t even know if that exists.
Thank you.
Vyatta is not a simulator it is a full router!
However it is great for learning routing and creating labs.
If you want something to simulate IOS I suggest you look at GNS.
So I am wondering if this router on a stick configuration would work with two subnets on DIFFERENT esxi hosts? One is for dev, one is for test, and there are some instances where I need to share between the two.
Sure you would have to decide how you want to exchange routes though.
Take a look at my OSPF vmware lab for more info.
Hope that helps !
I'm using my modem in the bridge mode but it still uses its router, 192.168.20.1 and at the starting its ping time is 7 ms but over a time it reaches up to 55 ms, modem's ip is 192.168.2.1 and its ping time is 1 ms. I tried to use static routing using the closest router as target but my modem's router in the path still. Therefore how can I disable modem's router?
You are on the same vSwitch, It will route even without a router. I tried with physical vnics but not working.
Thanks for the link. I also thought at first it was a simulator. I've been looking for the best wireless routers to choose from, actually. I've been reading reviews for a month now, and I haven't decided yet. Thanks!
Thank you for the great explination and videos, well done!
Post a Comment