E04 Addressing Devices
Back to the Material: IPv4 Addresses, Subnetting and ARP
Physical Topology Picture
Video: Instructions for E04
Danger: Watch these videos if necessary for more info
This laboratory is step by step instructed, but later when asked to apply the skills given here (at E04)... lot of confusion has happened.
Thus these videos are here to help!
Video: virtual machine adapters, ping & how to draw
Video: Configuring VLAN tagged/untagged
Example Video: E04 step-by-step, Exercise done in teaching by the teacher during spring 2022
I explain long and in detail, thus long video but, you can't go wrong with this one. Hopefully. Same video description has time tags for E01 - E05.
Preparing the topology
This exercise follows E02, thus uses its working configuration (and IPv4 calculations from E03).
Import vyos.ova to your topology
You can find vyos.ova file here: You can download the virtual machines from this Link!
- Add an Internal network adapter to vyos towards one of your switches
- it can have an new internal network name (e.g. RtoSW or LANx)
- Add a new adapter to one of your switches (to which vyos connects)
- the network name has to be the same as in step 1.
- Update your topology picture to follow the changes to the network
If you get confused, check this FAQ
Problem 13 - How do the (Network) Adapters in VirtualBox work?
Choose subnets for your topology
- Choose two of your 50 host subnets from E03 Calculating Subnets - Exercise 2
- These will be used for Lubuntu(s)
- Add one of your 13 host subnets (from E03 Calculating Subnets - Exercise 3)
- This will be used for Network Device (Management)
Logical Topology
Draw a logical topology picture of the subnets and fill it with your IPv4 addresses/subnets (see the example below).
Example: Logical topology
Warning: Do not confuse this picture with the Physical Topology picture
Both of the pictures 'fulfil' each other and visualize different aspects of the network
Logical topology has
- IPv4 subnets & Addresses - OSI Model Layer 3 information
- VLAN information (Where those subnets are used) - OSI Model Layer 2 information
Create and update the VLANs on the switches
- The old VLAN (
workstations, tag 5) will be the first 50 host address subnet - Create a new VLAN for the second 50 host address subnet
- You can pick a VLAN tag number for your subnet
- You can pick a VLAN name for your subnet
- The Network Device (Management) VLAN will be created later
Move the Lubuntu's to the first and second 50 host address subnet
Separate the other Lubuntu virtual machine to the newly created VLAN by tagging and untagging the necessary ports in your network switches.
- Lubuntu1 old VLAN
- Lubuntu2 new VLAN
Address devices manually
Vyos
Start the Vyos and configure IPv4 addresses for both of the 50 host address subnets.
Tips on how to configure the Vyos virtual machine
Vyos is a little bit different than the Switches.
Video: Configuring Vyos
Still without translation subtitles
Danger! Always use poweroff -command with the Vyos the virtual machine!
There have been reported cases that pulling the plug out of the virtual machine (shutting it down from VirtualBox) causes it to lose configuration.
1. Once logged in you are in the show state.
This is where you can e.g.
vyos@vyos:~$ show configuration - look at the configuration
vyos@vyos:~$ show interfaces - look at state of the interfaces
vyos@vyos:~$ show ip route - look at the routing table
2. To configure the device you need to write configure
vyos@vyos:~$ configure
[edit]
vyos@vyos# _
3. In configure, you can use the set commands.
The following just writes a "ToLAN1" string to the configuration under the interface eth0
set interfaces ethernet eth0 description toLAN1
4. Confirming/taking into use the configuration
Once all set commands are done, you can check your configuration changes with show | compare.
vyos@vyos# show | compare
[edit interfaces ethernet eth0]
+description toLAN4
[edit]
vyos@vyos#
After checking the changes you'll commit (take into use).
vyos@vyos# commit
[edit]
vyos@vyos#
save the configuration into the hard disk.
vyos@vyos# save
Saving configuration to '/config/config.boot'...
Done
[edit]
vyos@vyos#
And exit to return to the show state.
vyos@vyos# exit
exit
vyos@vyos:~$
Configuring VLAN interfaces (vif) for Vyos goes as follows:
Change the commands according to your network!!!
These are just examples of the commands...
You have different * Addresses for subnets * different vifs (vif means vlans in vyos)
set interfaces ethernet eth0 vif 5 address 192.168.0.254/24
set interfaces ethernet eth0 vif 10 address 192.168.10.254/24
results in show configuration
interfaces {
ethernet eth0 {
vif 5 {
address 192.168.0.254/24
}
vif 10 {
address 192.168.10.254/24
}
}
These vif interfaces work on the same physical eth0 port, but on different VLAN tags. Thus tagged ethernet traffic is received and sent from these logical ports/sub-interfaces/virtual interfaces (vif on vyos)/vlan interfaces (they have a lot of names).
Once committed, saved & exitted, you can verify the settings taken into use by show interfaces
vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 - u/u
eth0.5 192.168.0.254/24 u/u
eth0.10 192.168.10.254/24 u/u
lo 127.0.0.1/8 u/u
::1/128
vyos@vyos:~$
And also check the routing table with show ip route for connected networks (letter C infront of the row).
vyos@vyos:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route
C>* 192.168.0.0/24 is directly connected, eth0.5, 03:46:11
C>* 192.168.10.0/24 is directly connected, eth0.10, 03:46:11
vyos@vyos:~$
Info: This topology configuration is known as 'Router on a Stick'
Tip: You might want to name the router
Example: Naming in Vyos (Routers)
Vyos: set system host-name [name]
Requires a full reboot of the Vyos virtual machine to take affect.....
Address Lubuntu(s) manually
Change the addresses of the Lubuntu(s) to fit your subnets.
Use the Vyos interface address as the default gateway in each of the subnets for the lubuntu(s)
If necessary, remember the sections in the Exercise E02: First Switches on how to statically address the Lubuntu(s).
Address Switch(s) manually
It is time to create an additional VLAN for switch management. Use one of your 13 host subnets (from E03 Calculating Subnets - Exercise 3) as your Network Devices VLAN. Add it to your logical topology picture.
Quite often network devices (management) IP addresses are separated to a VLAN of their own. This segmentation allows for filtering who can get into the management VLAN.
- Create a
network_devicesVLAN and assign a tag to it on the switches network_devicesVLAN should be tagged to ports between the switches and router (to pre-existing physical connections)- Unconfigure the ipaddress given earlier to the switches
- with
unconfigure vlan <vlan> ipaddress-command
- with
- Configure a new IP addres according to your logical topology to the switches
configure vlan network_devices ipaddress <ip> <mask> - On the Router, Configure a
vif interfaceand address it for thenetwork devicesVLAN - Add a default gateway for the switches by
configure iproute add default <ip of router vif interface in network devices vlan>
Connectivity Tests
Test and document the connectivity with ping and traceroute between
- Lubuntu <-> Lubuntu
- Lubuntu <-> Vyos
- Lubuntu <-> Switch
What to document of the exercise?
Document in the repository E04.md & /documentation/E04/ -folder:
- Screenshots, analysis & text while doing
- Proof of working connectivity tests
- Configuration of all the network devices
- Your topology drawings (physical, logical, etc)
How to get the configuration from the devices!? - video (SUBTITLED ENGLISH)
SSH into Vyos from Lubuntu?
To enable SSH server in vyos.ova:
vyos$vyos# set service ssh port 22
vyos$vyos# commit
vyos$vyos# save
You can now similarly ssh vyos@
Back to the Schedule?
License
This course and its materials are written by Karo Saharinen and licenced by Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) license.
