Daily Archives: 05/10/2012
Part 1 can be found here.
The content of this article is purely based on my personal experience and opinions. I have absolutely no intentions to criticise vyatta. To be honest, I still think it’s a great product, however, it just does not suit my needs in my lab environment.
Stefan Stranger has written a great article on Vyatta Virtual Router on Hyper-V back in 2008. The version Stefan used in his article was 4.0 and when I am writing this article, the latest version is 6.4. It can be downloaded here: http://www.vyatta.org/downloads
Vyatta is extremely light-weight. In my previous environment, I only needed to assign 256MB of RAM to each Vyatta instance. It is also very easy to setup. for me to configure an instance from scratch, would take me no more than 10 minutes.
Below is a list the setup commands I had to run to configure a Vyatta from scratch (based on my previous lab configuration):
set system host-name vyatta
set interfaces ethernet eth0 address 192.168.1.254/24
set interfaces ethernet eth1 address 192.168.2.254/24
set interfaces ethernet eth2 address 192.168.3.254/24
set interfaces ethernet eth3 address 192.168.6.254/24
set service ssh
set service telnet
set system name-server 192.168.2.10
set system name-server 192.168.4.10
set system gateway-address 192.168.1.1
set protocols static route 0.0.0.0/0 next-hop 192.168.1.1
set service snmp community public
set system login user vyatta authentication plaintext-password password1234
So why am I moving away from Vyatta? the short answer is: Vyatta does not officially support Hyper-V:
Read between the lines, Hyper-V is not supported.
What does it mean in my lab Hyper-V 2008 R2 hosts in the past (Based on version 6.1 that I have implemented)?
- After I reboot the Vyatta VM, all configurations were lost. It needed to be reconfigured again from scratch (that’s why I became so good at its commands). To work around this issue, I created a VM snapshot after it’s fully configured and I had to revert it back to the snapshot after every reboot.
- It does not support Hyper-V Synthetic NICs. This means I’m stuck with legacy NICs for Vyatta. Legacy NICs means 100mb/s instead of 10GB/s and I can only assign maximum 4 NICs to the Vyatta instance. This is why I’ve only got 4 virtual switches configured for each Hyper-V host in my lab.
- Vyatta is a cut down version of Linux, I could not install Linux Integration Service for Hyper-V. Otherwise, I might have already fixed the above mentioned 2 issues.
- Besides myself, two of my colleagues also tried to “Install” Vyatta 6.4 on the VHD (as oppose to run the Live CD mode). All 3 of us had the same issue: it runs OK, but the network latency caused by Vyatta is unacceptable. The ping latency from subnet A to subnet B in the same Hyper-V host gets to 2-4 seconds (2000-4000ms).
My colleague Matt McGowan spent sometime over a weekend and tried all versions of Vyatta after version 6 on a Hyper-V 2012 server, according to him, none of them could even boot up without disconnect all the legacy NICs first. This has become the last straw for me to give up on Vyatta. I had to find a better solution for my Hyper-V environment.
At that time, I was seriously thinking about buying a layer 3 managed switch (HP 1910-16G), which costs $400 AUD in my local computer shop. In the end, I’m glad I didn’t. After spoken to my good friend Zheng Han who is a RHCE and VCP, he advised me to take a look at CentOS.
So long story short, I’m hopeless when comes to Linux / Unix. I haven’t really done much with it ever since I graduated from uni. After a week or so playing with the latest version (CentOS 6.3) and learning how to use “vi”, with Zheng’s help, I got it working.
You’ve probably already seen the network diagram for my lab from Part 1. Here’s a logical diagram for the 3 Hyper-V hosts and the CentOS router in each host:
The Visio diagram of the above view can be downloaded here.
Now, I’ll use HyperVRT01 (the router on HyperV01) as an example and go through the steps of setting it up.
The following software is required:
- CentOS 6.3 (CentOS-6.3-x86_64-bin-DVD1.iso) –can be downloaded from a mirror site near you.
- Linux Integration Service For Hyper-V 3.4 (LinuxICv34.iso) – download from Microsoft.
Other Network information:
I have 2 domain controllers in my lab domain:
DC01 is also configured as a DHCP server serving multiple scopes in my lab. You’ll see the IP address of these 2 machines a lot in below steps.
*Note: if you are going to use CentOS and you are like me, a Linux noob, before you start, please make sure you get familiar with “vi” editor because it is heavily used.
Now, let’s start…
1. Create a new virtual machine in Hyper-V with the following settings:
- CPU: 1 virtual processor
- Memory: 512MB static
- Hard disk: 10GB (after install, I checked and only used 3GB)
- Assign 4 network adapters (note, DO NOT use legacy network adapters):
- Assign the 4 network adapters to virtual switches IN ORDER:
- #1: 192.168.1.0
- #2: 192.168.7.0
- #3: 192.168.8.0
- #4: 192.168.9.0
2. Mount the CentOS-6.3-x86_64-bin-DVD1.iso to the VM
3. Power on the VM to start installing CentOS
- Choose “Install system with basic video driver”
*Note: if you choose the first option to use the GUI based install wizard, you’ll need to assign minimum 1GB of memory to the VM. GUI based install won’t run on 512MB RAM.
- the rest of the install process is pretty much fool proof. I won’t waste my time going through the entire CentOS 6 install here.
Assume now CentOS is installed.
4. Install Linux Integration Service for Hyper-V:
- Mount LinuxICv34.ISO to the guest OS (HyperVRT01)
- Use the following command to install:
|mount /dev/cdrom /media
5. Disable Firewall
|service iptables stop
chkconfig iptables off
6. Configure DNS
|echo “nameserver 192.168.4.10” >/etc/resolv.conf
echo “nameserver 192.168.2.10” >>/etc/resolv.conf
7. Network settings
vi /etc/sysconfig/network then insert
8. Set IP Address:
- Start up all NICs:
|ifconfig eth0 up
ifconfig eth1 up
ifconfig eth2 up
ifconfig eth3 up
vi /etc/sysconfig/network-scripts/ifcfg-eth0 then insert
*Hint: Configure the first NIC eth0, then you can use Putty to connect via SSH. once in Putty, you can copy & paste commands.
vi /etc/sysconfig/network-scripts/ifcfg-eth1 then insert
vi /etc/sysconfig/network-scripts/ifcfg-eth2 then insert
vi /etc/sysconfig/network-scripts/ifcfg-eth3 then insert
- Restart network service
|service network restart|
Make sure all NICs start up OK:
9. OS Update
10. Enable IP forwarding (Routing)
- Check if routing is enabled:
0 = disabled
1 = enabled
- To enable routing:
vi /etc/sysctl.conf Then Edit:
|net.ipv4.ip_forward = 1|
11. Configure Route:
vi /etc/sysconfig/network-scripts/route-eth0 and insert:
|192.168.2.0/24 via 192.168.1.254 dev eth0
192.168.3.0/24 via 192.168.1.254 dev eth0
192.168.4.0/24 via 192.168.1.253 dev eth0
192.168.5.0/24 via 192.168.1.253 dev eth0
192.168.6.0/24 via 192.168.1.254 dev eth0
*Note: above list represent all subnets in the other 2 Hyper-V servers in my lab.
12. Restart Network Service again
|service network restart|
13. Configure DHCP Relay
- Install DHCP
|yum install dhcp|
- Configure DHCP Relay service (dhcrelay)
vi /etc/sysconfig/dhcrelay and Modify:
|INTERFACES=”eth0 eth1 eth2 eth3″
- Start DHCP Relay service (dhcrelay)
|chkconfig dhcrelay on
service dhcrelay start
14. Configure SNMP (Optional)
- Install SNMP:
|yum install net-snmp-utils
yum install net-snmp
- Backup SNMP Config File
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.org
- Create new config file :
vi /etc/snmp/snmpd.conf and insert:
syslocation “TYANG.ORG Head Office”
- Start SNMP service
|service snmpd start
chkconfig snmpd on
15. Install Webmin (Optional)
- Install the GPG key
|rpm –import http://www.webmin.com/jcameron-key.asc|
- Add webmin repository
vi /etc/yum.repos.d/webmin.repo and add:
name=Webmin Distribution Neutral
- update the repos:
- Install webmin
|yum install webmin|
- access webmin page:
This is it. the router is now setup!
After setup, check system status via webmin:
As you can see, after everything is configured, it only uses 136MB of memory and 3GB of disk space.
Routing and Gateways:
Additional, I made sure a windows client OS could obtain an IP address from the DHCP server (which is located on another Hyper-V host). and I was able to ping / trace route other VMs in other Hyper-V servers (I have already demonstrated it in part 1).
This concludes this 2-part series. Before I go, I have to reiterate, there is nothing wrong with the Vyatta product, it’s just it does not integrate with Hyper-V too well. Unlike Vyatta, CentOS 6 is a fully supported guest OS in Hyper-V (With Linux Integration Service for Hyper-V 3.4) and CentOS 5 and 6 are also supported in SCOM 2012 SP1 beta! Having said that, Vyatta was running perfectly fine in my VMware workstation previously. If Vyatta adds support to Hyper-V in the future, I would definitely consider it again.
Lastly, please feel free to get in touch with me if you believe there are anything inaccurate in this series or you need more information in regards to the CentOS router setup.