Category: VMware NSX-V 6.2

VMware NSX-V 6.2 blog posts.

VyOS Configuration Restore

In my home lab environment, I wanted to rebuild my VyOS virtual router/firewall. So I exported the configuration from the old appliance and I tried to perform a restore on the new virtual appliance. The question that arose was: how do you perform a VyOS configuration restore?

Somehow on the internet, I could not find any tutorial or manual that explained to me how this action could be performed. There are enough write-ups and articles surrounding the TFTP, FTP and SCP restore procedure but the VyOS appliance is empty… with a default configuration. I just wanted to restore the configuration without setting up all kinds of services and configuring by hand my interfaces on the VyOS appliance.

So it was time to examine the VyOS appliance and figure out what was going on under the covers.

Why do you need VyOS?

Before diving any further let‘s talk about VyOS! I use VyOS for my Lab environment because it is easily configurable and has an entire feature set of enterprise-grade network technology onboard by default. Like the routing protocols BGP and OSPF and high availability option VRRP.

So why do you need OSPF and BGP at home? I’m a VMware Consultant that is responsible for SDDC / SDN / NSX designs and implementations. I regularly need to perform tests in my Lab environment. VMware NSX likes to have a dynamic routing protocol to connect the virtual overlay network to the physical world. Both routing protocols can be used to perform this. An article about a detailed configuration can be found here at Jeffrey Kusters his blog (my ITQ colleague). I not going into further detail on VMware NSX, this blog post is focused on VyOS.

VyOS Virtual Hardware

My VyOS appliance is deployed on a VMware vSphere 6.5 infrastructure. I used the OVA file that is available on the VyOS website (vyos-1.1.8-amd64.ova). The virtual machine is called the “LAB-FW01” this hostname will appear in the video record. The YouTube video is listed below.

The Virtual Machine hardware is configured as default. I only assigned the virtual network cards to the right networks. An overview is listed here:

  • Public – Network adapter 1 – Connected to a WAN interface
  • Private – Network adapter 2 – Connected to a VLAN trunk

VyOS Configuration Restore

Now it is time for restoring the VyOS configuration file on a newly deployed VyOS appliance.

Preparation:

  1. Deploy a new VyOS appliance and make sure that the virtual networks are connected to the correct adapter.
  2. Verify and/or change the MAC addresses were needed. The MAC addresses should align between the configuration file and the new virtual appliance:
    • Option 01: Change the virtual network card MAC address to the ones that were used on the old appliance.
    • Option 02: Change the MAC addresses in the configuration file that is used for the restore. The MAC address should align with the newly deployed VyOS appliance.
  3. Create an ISO file with your latest configuration on it. I used the following opensource tooling as displayed below. Link to IsoCreator.
Creating an ISO file with VyOS Configuration
Creating an ISO file with VyOS Configuration

Procedure:

  1. Open your vSphere Infrastructure and navigate to the Virtual Machine. This would be in my case “LAB-FW01“.
  2. Assign the newly created ISO file to the Virtual Machine. You connect the ISO file to the CD-ROM drive.
  3. Power-on the Virtual Machine.
  4. Make sure you select in the GRUB bootloader the following mode to startup from: “VyOS 1.1.8 linux (USB console)”.
  5. When VyOS is booted, log in with the following default credentials:
    • Username: vyos
    • Password: vyos
    • You are now logged in into the Linux Shell.
  6. Now it’s time to mount the connected CD-ROM media:
    • sudo mount /dev/cdrom /mnt
  7. To make sure my configuration is available. I list the directory content with the following command:
    • ls -l /mnt
  8. Now it is time to copy my old configuration to the startup configuration location of VyOS. Use the following command to perform this action (keep in mind: My configuration is called “2018-06-05-vyos.config.boot”): 
    • cp /mnt/2018-06-05-vyos.config.boot /config/config.boot
  9. To verify the copy action, I run the following command to display my hostname that is  listed in the configuration file:
    • cat /config/config.boot | grep LAB-FW01
  10. Now it is time to reboot the VyOS appliance. At the next boot, the old configuration will be loaded and everything should be restored. The following commands are required for rebooting VyOS:
    • reboot
    • yes
  11. After the reboot is completed you should log in with your old credentials that belong to the restored configuration.
  12. To verify that the configuration is loaded correctly I run the following command to display all my interfaces and sub-interfaces:
    • show interfaces
  13. From this point, everything should be working.

Tips:

I have listed all the VyOS configuration locations that are important to this article. 

In case you messed up your VyOS configuration you can always restore the default out-of-the-box configuration with the procedure described above. You only need to change the copy action in step eight to the following: (cp /opt/vyatta/etc/config.boot.default /config/config.boot).

  • Startup configuration: /config/config.boot
  • Default configuration: /opt/vyatta/etc/config.boot.default

YouTube Recording:

Because there are a couple of steps involved I decided to record a video of me performing the procedure. Keep in mind: my VMware Remote Console is in dutch :).

Final word

About six months back I switched from pfSense to VyOS. The main reason was the BGP support and stability of the BGP routing process. I am happy I did. The VyOS appliance is just amazing and extremely reliable and robust.

If you are familiar with the Cisco CLI than you will be flying through the VyOS CLI in no-time.

VMware Certified Implementation Expert – Network Virtualization (VCIX-NV)

I’m very happy to announce that I passed the VCAP6-NV Deploy exam and unlocked the VCIX-NV accreditation!

About the VMware VCIX-NV:VMware VCIX-NV

The VCIX-NV exam consists of approximately 23 live lab activities and the passing score for this exam is 300 (scale is from 100 to 500). The total time for this exam is 210 minutes, but candidates who take the VCIX-NV Exam and have a home address in a country where English is not a primary language will have an additional 30 minutes added to the exam time.

VMware - Network Virtualization Roadmap
VMware – Network Virtualization (NV) Roadmap

 

Study material:

For my study I used the following list of website’s, HOL Labs and Blogs. This helped me to pass the exam:

VMware Hands-on Labs:

VMware Sources:

Blogs:

My best advice is: Build a Home Lab and deploy VMware NSX-V. After the deployment you start using all the features that NSX-V has to offer (yeah, I know that is a lot). Get familiar and deploy and design like you would in a production environment. This will help you to get the best understanding possible for the exam.

NSX LiveFire Training in Sofia

This week (12-06/15-06), I attended a VMware training (thanks to my employer ITQ). The training is only available for VMware partners and is called “NSX LiveFire”. It was held at the VMware office in Sofia City, Bulgaria. The training is a technical training given by VMware employees. This time by the following three instructors Bal Birdy, Luca Camarda and Nikodim Nikodimov.

Read more