Table of Contents

VyOS NAT

Cenário

Configuração de rede

vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             -                                 u/u  
eth1             -                                 u/u  
eth2             -                                 u/u  
eth3             -                                 u/u  
lo               127.0.0.1/8                       u/u  
                 ::1/128
vyos@vyos:~$ configure
vyos@vyos# set interfaces ethernet eth0 address dhcp
vyos@vyos# set interfaces ethernet eth1 address 192.168.0.1/24
vyos@vyos# commit
vyos@vyos# save 
vyos@vyos# run show interfaces 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             192.168.122.60/24                 u/u  
eth1             192.168.0.1/24                    u/u  
eth2             -                                 u/u  
eth3             -                                 u/u  
lo               127.0.0.1/8                       u/u  
                 ::1/128
[edit]
vyos@vyos# ping 1.1.1.1 -c 2
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=56 time=24.0 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=56 time=24.4 ms
 
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 24.069/24.234/24.400/0.227 ms

Configurando IP no cliente

VPCS> show ip 
 
NAME        : VPCS[1]
IP/MASK     : 0.0.0.0/0
GATEWAY     : 0.0.0.0
DNS         : 
MAC         : 00:50:79:66:68:02
LPORT       : 20000
RHOST:PORT  : 127.0.0.1:30000
MTU         : 1500
VPCS> ip 192.168.0.10 255.255.255.0 192.168.0.1
Checking for duplicate address...
VPCS : 192.168.0.10 255.255.255.0 gateway 192.168.0.1
VPCS> show ip                                  
 
NAME        : VPCS[1]
IP/MASK     : 192.168.0.10/24
GATEWAY     : 192.168.0.1
DNS         : 
MAC         : 00:50:79:66:68:02
LPORT       : 20000
RHOST:PORT  : 127.0.0.1:30000
MTU         : 1500
VPCS> ping 192.168.0.1 -c 2
 
84 bytes from 192.168.0.1 icmp_seq=1 ttl=64 time=1.585 ms
84 bytes from 192.168.0.1 icmp_seq=2 ttl=64 time=1.485 ms
VPCS> ping 1.1.1.1 -c 2    
 
1.1.1.1 icmp_seq=1 timeout
1.1.1.1 icmp_seq=2 timeout

Configurando o NAT

vyos@vyos# set nat source rule 1 outbound-interface eth0
vyos@vyos# set nat source rule 1 source address 192.168.0.0/24
vyos@vyos# set nat source rule 1 translation address masquerade 
vyos@vyos# commit
vyos@vyos# save

Testando o NAT

VPCS> ping 1.1.1.1 -c 2
 
84 bytes from 1.1.1.1 icmp_seq=1 ttl=55 time=24.754 ms
84 bytes from 1.1.1.1 icmp_seq=2 ttl=55 time=25.145 ms

Referências

  1. Basic Configuration
  2. VyOS Lab Walkthrough Part 6: NAT (PAT), plus DNS "Fun"