alphaspirit - Fotolia

Configuring a VyOS router for home lab use

Administrators can install an open source virtual software router to practice networking skills, such as IP routing and subnetting.

Many -- dare I say most -- IT certifications include content related to IP routing. How can you include an honest-to-goodness...

router in your certification practice lab without having to invest in hundreds of dollars' worth of hardware?

Today I'm going to teach you what the VyOS router is and how you can add it to your home lab. This will give you the infrastructure necessary to practice skills such as IPv4 subnetting, DHCP traffic through router interfaces and site-to-site virtual private networks (VPNs).

Introducing the VyOS virtual router

Once upon a time, there was a free and open source virtual software router called Vyatta. Brocade Communications Systems acquired the project in 2012, closed its source code and charged money for product access.

The good news is that an independent group created a free and open source fork of Vyatta called VyOS. This was possible because Brocade still maintains a free and open source Vyatta version called Vyatta Core.

Under the hood, the VyOS router is a Linux-based network operating system that can be run from DVD or installed locally on a physical or virtual machine's hard drive. Here are a handful of VyOS's nifty features:

  • Robust command-line interface that's reminiscent of other router operating systems such as Cisco's IOS;
  • Scriptable environment, which means you can quickly configure VyOS virtual router instances without manually typing commands;
  • Routing protocol support, including Routing Information Protocol, Open Shortest Path First and Border Gateway Protocol (BGP), which is particularly impressive when you consider that BGP is the routing protocol of the global internet; and
  • Integrated security, stateful firewalling and VPN server capability.

Outlining the lab environment

Before we go any further, let me share with you what my virtual lab looks like. I use VMware Workstation as my hypervisor, but you can use Hyper-V, VirtualBox, or whichever product works for you.

Practice virtual lab topology
Figure 1. Our practice network topology.

Please read my related article if you need more information on how to build an IT certification practice lab. Each hypervisor has its own unique interface for deploying virtual switches, although the underlying concepts are identical.

For your reference, let me show you how I set up my VMware Workstation environment's virtual switches:

Virtual Network Editor in VMware Workstation
Figure 2. My VMware Workstation virtual networks.

In Figure 2, I want you to see what's going on. I have two virtual networks called VMnet5 and VMnet6. I've associated the network ID with VMnet5, and with VMnet6.

Moreover, I connected my two VMs to their respective VMware virtual networks as shown in Figure 3.

Virtual network adapters
Figure 3. My virtual machines' virtual network adapters are connected to separate virtual networks.

One more thing before we get to the router configuration: make sure that within each virtual machine (VM) you configure the correct static IPv4 settings. In my lab, both VMs run Windows Server 2012 R2.

Here are my IPv4 configurations for each machine:

IPv4 address:

Subnet mask:

Default gateway:

IPv4 address:

Subnet mask:

Default gateway:

Configuring the VyOS router

Under the hood, the VyOS router is a Linux-based network operating system that can be run from DVD or installed locally on a physical or virtual machine's hard drive.

Go ahead and download the VyOS ISO that's appropriate for your computer's processor architecture. Most users will be using this in a Hyper-V lab so download the ISO with amd64 in the filename.

Attach the ISO to a new VM to host the virtual router. The VyOS router has a tiny resource footprint, so you shouldn't need to assign more than 512 MB of RAM and 5 GB of hard drive space to the VM.

Now boot the VM from the VyOS disc and follow these instructions to install the operating system into the new, blank VM:

  1. Press ENTER to start the login process.
  2. Log in to the router with the username vyos and the password vyos.
  3. Type install image.
  4. Press ENTER to continue installation.
  5. Press ENTER to accept the default disk partition layout.
  6. Press ENTER to install the image on the current hard drive.
  7. Type yes and press ENTER to agree to wipe the VM's virtual hard disk.
  8. Press ENTER to accept the default virtual hard disk partition size.
  9. Type vyosrouter to apply that hostname to the virtual router. This can be any name you want; I'm sharing the name I chose.
  10. Press ENTER to accept the default boot configuration file.
  11. Type the administrator password again (vyos), and confirm.
  12. Press ENTER to install the GRUB boot loader on the default virtual hard drive.

Once the VyOS installation completes, eject the VyOS virtual DVD and type reboot now to restart the virtual router.

Now comes the challenging part -- assigning static IPv4 addresses to the appropriate network interfaces. Type show interfaces detail to figure out which of your two virtual network interfaces (eth0 and eth1) has which media access control (MAC) hardware address.

You'll then cross-reference those MAC addresses with each virtual network interface card (NIC) defined in the VM properties. My VyOS router, for instance, had the following interface linkage:

eth0 => VMnet5

eth1 => VMnet6

If you've ever performed router configuration before, then you know that in most cases you need to enter a dedicated configuration mode. Here's the code I used to assign each virtual NIC a static IP:


set interfaces ethernet eth0 address

set interfaces ethernet eth1 address




reboot now

Don't forget about the commit and save commands. If you leave those off, then you'll lose your carefully typed configuration. Reboot the virtual router to ensure the settings persist after restarting the virtual device.

Run the show interfaces command and verify that your interfaces have static IP addresses.

Let's finish up by testing our new network topology.

Test your new routed internetwork

I suggest temporarily disabling Windows Firewall on your VMs for the duration of this test. From my virtual machine, I'll open an administrative PowerShell or command prompt session and run the following sequence of ping commands:

ping (tests local machine connectivity)

ping (tests connectivity to router's "near side" interface)

ping (tests connectivity to router's "far side" interface)

ping (tests connectivity with mem1, the remote host)

I hope you found this tutorial helpful. This new setup will doubtless allow you to broaden and deepen your networking skills. Happy studying!

Next Steps

Build a virtual training lab for IT staff

How Windows admins can get started with Linux

Why Virtual routers are becoming more common

Dig Deeper on Microsoft Hyper-V management