So it’s been a while, so as my “comeback” post I decided to make a post on something we all can relate to … creating a home lab. In this first post I will be going over the networking aspect within Hyper-V along with setting up a virtual router (free, glorious virtual router to be exact).
TL;DR: this is long, but a full guide on setting up two sites with routing within Hyper-V using VyOS.
The lab setup is pretty simple, but instead of me explaining it pictures do speak a thousand words..
The subnets are broken up into three sections:
- Home LAN (Lab DMZ) – 192.168.1.0/24 (default gateway on the home LAN is 192.168.1.1)
- Newark site (Exchange 2010) – 192.168.2.0/24 (default gateway = 192.168.2.254)
- NYC site (Exchange 2013) – 192.168.3.0/24 (default gateway = 192.168.3.254)
For this lab the VyOS router will be connecting to the appropriate vSwitch, which will serve the site directly. Since I want internet access there will be no ACLs or insane NAT rules within the VyOS, which is acting as the core router.
Different Types of Hyper-V Switches
What is VyOS, and why is it the best thing since sliced bread?
VyOS is a branch off of the popular open source router Vyatta. Back in April of 2012 Brocade purchased Vyatta and basically killed off the open source version of this. Although the website (vyatta.org) recently went to the old landing page, it now goes directly to the brocade website.
What occurred is most of the devs took what they had / new and created a new project, which is VyOS (vyos.net). Although this is an awesome, linux based open source router I found very little available for setting up / configuring it within Hyper-V with a basic configuration…. which prompted me to create this blog for all of you J
Here are the download links:
- Mirrors (in case the ones above are down): http://vyos.net/wiki/Mirrors
Before continuing, make sure you download the ISO for the version of Windows you are running (either 32 or 64 bit).
Preparing Hyper-V for VyOS and your networks
We will start off with Hyper-V first so we can ensure the connectivity to each site is setup correct.
- Open up the Hyper-V Manager MMC (you can search for the term “Hyper-V” and select the Hyper-V Manager in Server 2012, 2012 R2 and Windows 8, 8.1)
- Within the actions panel (far right) click on “Virtual Switch Manager”
When you originally setup Hyper-V you should have bound a physical NIC to a virtual switch. The purpose of this will allow any VM connecting into that virtual switch access to the LAN, and if your network policies / ACL’s match up internet access. It should look like this, but we will discuss how to set this up in the event you didn’t configure it for whatever reason..
To create a vSwitch that will bind to a physical NIC that is plugged into your network..
- Click on “New virtual network switch”
- Select “external” and then “Create Virtual Switch”
- Make sure the items highlighted above are the same
External: this allows any VM attached to this switch external access, in this case LAN access
The physical NIC on the LAN is selected
Allow management operating system to share this network adapter (this bridges off the connection, so both your VM’s and the OS running Hyper-V can utilize a single NIC).
- NOTE: If you have multiple network adapters connected to your LAN, you do not have to select this option. What this will do is you will dedicate one network adapter for Hyper-V VM’s, and one for the management OS (where Hyper-V is installed).
Moving on, creating the virtual switches for each site is the same principle…
- Click on “New virtual network switch”
- Select “Internal”
- Select the new virtual switch that was created, and name it something fancy that you will remember
- Select Apply, and that will create the vSwitch for you
- Rinse and repeat for the number of vSwitches you would require
I have four virtual switches created for the following purposes:
- LAN vSwitch: allows my VyOS router access to the LAN to provide internet connectivity
- Exchange 2013 vSwitch: this vSwitch connects the VyOS Eth1 port and the NYC site VM’s together, allowing internet connectivity and routing to the Newark site
- Exchange 2010 vSwitch: this vSwitch connects the VyOS Eth2 port and the Newark site VM’s together, allowing internet connectivity and routing to the NYC site
- Exchange 2010 Repl vSwitch (OPTIONAL): this is for the replication network in Exchange 2010, and is a PRIVATE vSwitch
Lets move onto the configuration of the VyOS image for Hyper-V..
Create and Configure the VM:
- In the “Actions” pane, click on New > Virtual Machine…
- Name your VM, and choose the location. I have change the VM default locations, so I am keeping what I have BUT you can click the checkbox below the name, and select a different VM path.
- (2012 <R2>, Windows 8<.1> only step!) You will need to select if this will be a generation 1 or 2 VM. You can find out more about what that is here, but simply select Generation 1 and then select next.
- Keep the assigned memory default, which is 512mb (it’s a router, it doesn’t need that much). Click next afterwards.
- Under the networking section select the LAN vSwitch. We will configure internet access / lan access for your core router first and then move on from there. Once this is selected click next.
- The next section has a few options..
o Name your VM, make it something you will remember. This will be the name of your VHDx file, so make sure it’s something you will remember and recognize.
o Select the location if the default doesn’t work for you
o Change the size to 5GB. That is more than enough for this VM, as when I fully configured / installed it is only taking up 1.2GB of storage.
o Click Next once you have the settings above the way you want them
- On the “Installation Options” section, you need to select the ISO you downloaded above. Click on “Install an operating system from a bootable CD/DVD ROM” and select “Image File (.ISO)” then Browse.. select your VyOS ISO file and then select Finish.
- Start your VM by double clicking it which will bring up the console. Click on the “Start” button to boot up the VM and don’t click on anything until you get to the logon prompt.
Installing VyOS on your router
- Once the VM boots, login. The username and password are both vyos
- Start the image installation by typing in Install Image and then press Enter
- It will ask you if you want to install this on the local hard drive, press Enter
- It will then ask you if you want to create a RAID, type N and select Enter
- It will ask you to about partitioning, select A for Auto and then select Enter
- Next will be the partition in which it is installed. By default it should be SDA. If [SDA] is listed, press enter. If not, type in SDA and press enter.
- Formatting of the VHDx file will happen next, type Y and press Enter
- The size of the root partition is next, and simply press enter to select the full partition
- You need to name the router. Name it something you will remember and like (I named mine “Core_Router_Lab”)
- Next will ask for the location of the config.boot. The default location is fine, so press Enter
- Select the partition for GRUB to be installed. Default location is fine, so press Enter
- You should get no errors and then installer exits.
- Next you will turn off the router and eject the ISO file, so do the following:
o Type the command poweroff and press enter
o When the machine is fully off, in the same hyper-v console you have open for the VM click on the media > DVD drive > eject
o Boot the machine up and do not touch anything until you are at the logon screen
Configuring the VyOS Router VM for your networks
FINALLY! The meat and potatoes of what we want to do!
As you remember above, we have two AD sites within our lab under a single forest called Contoso.com:
- AD Site: NYC
o Subnet 192.168.3.0/24
- AD Site: Newark
o Subnet: 192.168.2.0/24
We also have our LAN (192.168.1.0/24) which is our internet access point. Since we created a vSwitch for each subnet / site above, we are going to configure the VyOS router to be the default gateway for each of my site subnets listed above.
The first thing we are going to do is configure the VyOS Eth0 port, as that is my LAN port which will provide internet access.
- Log into the VyOS device using the username vyos and the password you configured during the setup
- View the interfaces attached to confirm that you see eth0, which should be on the LAN vSwitch
- Once you have confirmed that the eth0 interface is online, lets configure it. Enter into configuration mode
- Once in configuration mode, you will setup the IP address and subnet of the interface. Since the LAN network segment is 192.168.1.0/24, I will make my IP address 192.168.1.254 (it’s a hop in the network, so we need an address assigned to it).
Set interfaces Ethernet eth0 address 192.168.1.254/24
- We should also setup the default gateway for the LAN network, which is 192.168.1.1
Set system gateway-address 192.168.1.1
- Oh yea, dont forget about the name server
Set system name-server 192.168.1.1
- PROTIP: you need to commit and save the running config to the router. Changes will not take place until you commit them, and will not save to the vram dedicated within the VHDX file until you save them. NEVER turn off the router, and do not exit configuration mode without committing the changes
- Once the configuration is committed and saved, lets exit configuration mode and take a look:
- When you run the show int, you should see the following:
Eth0 – IP Address: 192.168.1.254/24
There you have it. Depending on the way your LAN router is, you may need to throw routes in there to make sure you can route out but now the VyOS routers eth0 is setup for the LAN connections.
How about the other sites? Easy…
- Shutdown the VyOS router by typing out the following:
Once the VM is fully offline, right click it within the Hyper-V Manager MMC and select “settings”
- Select “Add Hardware” and select “Network Adapter”
- Select the network adapter you added, and chose the vSwitch you wish to connect to it. Click apply, close out the Settings window and start your VyOS VM up again.
- Within the console itself, configure the new Ethernet interface for the proper subnet.
- Repeat as many times as needed.
That’s it. When you now add VM’s to your lab, you will attach them to the vSwitch that is appropriate for the subnet / site. The default gateway will be the Ethernet address you assigned within VyOS (for example, the NYC site is Eth2 on my VyOS router. I have it setup as 192.168.3.254/24 so the default gateway is 192.168.3.254).