Build your own IPv6 lab on the cheap, part 1

IPv6 might not be quite here yet, but it's coming; here's how to get ahead of the familiarity curve now by building your own lab

1 2 3 4 5 Page 3
Page 3 of 5

I also wanted to enable SSH (console) and access to the HTTPS Web interface:

set service 'https'

set service ssh port '22'

set service ssh protocol-version 'v2'

And set a hostname for the system:

set system host-name 'ipv6-test-router'

set system domain-name '<your domain name>'

As I was attaching this router to its own switch, I also needed to configure a DHCP server so that I'd be able to get an IP when I plugged a laptop in. This block will turn on the IPv4 DHCP service on the inside interface and configure it to advertise itself as the default router and DNS server:

set service dhcp-server disabled 'false'

set service dhcp-server shared-network-name POOL1 authoritative 'disable'

set service dhcp-server shared-network-name POOL1 subnet 192.168.1.0/24 default-router '192.168.1.1'

set service dhcp-server shared-network-name POOL1 subnet 192.168.1.0/24 dns-server '192.168.1.1'

set service dhcp-server shared-network-name POOL1 subnet 192.168.1.0/24 domain-name '<your domain name>'

set service dhcp-server shared-network-name POOL1 subnet 192.168.1.0/24 lease '86400'

set service dhcp-server shared-network-name POOL1 subnet 192.168.1.0/24 start 192.168.1.100 stop '192.168.1.199'

After you've committed and saved that, you should be able to attach the inside interface to a switch, plug in a workstation, and get an IP. It might take a bit of trial and error to figure out which physical NIC on the machine is eth1 -- using the the show interfaces ethernet command can help with figuring out which link Vyatta believes is plugged in.

Once you have an IP, you can fire up a Web browser or SSH client and connect to the eth1 IP address. In my case, I used the CLI for the whole thing, so firing up PuTTY from my aged Windows XP laptop was the easiest way to get it done.

IPv4 on the outside

The next job is to get access to the IPv4 Internet. In my case, the Internet connection was a fairly standard subscriber-grade cable Internet connection that uses DHCP for address assignment. If you're using a DSL connection that uses PPPoE, you'll need a slightly different config (check the Vyatta forums for examples).

The next few blocks of configuration deal heavily with securing the router from the Internet. I can't stress enough how careful you should be with this if you intend to have real systems behind this firewall.

Related:
1 2 3 4 5 Page 3
Page 3 of 5