We currently have a DHCP server setup and the default gateway for this network is interface eth2. We only have interfaces eth0, eth1, and eth2 showing when I show interfaces.
Is it possible to create a second completely different DHCP server using a different IPsubnet and having the gateway on the vyos too and how would I do that? Do I need to create a new eth interface to set as the gateway?
you can not create a second DHCP process, but that is not required. VyOS supportd serving multiple DHCP pools from one server process.
set interface ethernet eth0 address 192.0.2.1/24
set interface ethernet eth1 address 192.0.3.1/24
set interface ethernet eth2 address 192.0.4.1/24
set service dhcp-server shared-network-name NET-VYOS-1 subnet 192.0.2.0/24 default-router '192.0.2.1'
set service dhcp-server shared-network-name NET-VYOS-1 subnet 192.0.2.0/24 range 0 start '192.0.2.10'
set service dhcp-server shared-network-name NET-VYOS-1 subnet 192.0.2.0/24 range 0 stop '192.0.2.25'
set service dhcp-server shared-network-name NET-VYOS-2 subnet 192.0.3.0/24 default-router '192.0.3.1'
set service dhcp-server shared-network-name NET-VYOS-2 subnet 192.0.3.0/24 range 0 start '192.0.3.11'
set service dhcp-server shared-network-name NET-VYOS-2 subnet 192.0.3.0/24 range 0 stop '192.0.3.100'
set service dhcp-server shared-network-name NET-VYOS-3 subnet 192.0.4.0/24 default-router '192.0.4.1'
set service dhcp-server shared-network-name NET-VYOS-3 subnet 192.0.4.0/24 range 0 start '192.0.4.20'
set service dhcp-server shared-network-name NET-VYOS-3 subnet 192.0.4.0/24 range 0 stop '192.0.4.40'
I see that you provided a template for configuring multiple DHCP pools with different subnet and how to tie them to eth interfaces. As I stated in my original post we currently only have eth0, eth1 and eth2 setup and all are being used. Can I create a new interface to use with the new network/dhcp poll we’re setting up?
If your physical NICs are all in use, you can use VLANs on one of the NICs to create an extra subnet. Let’s say eth2 is your LAN NIC and you want to have two subnets. One for Employees and an extra subnet for Guests.
You would do:
set interfaces ethernet eth2 description 'Trunk to some switch'
delete interfaces ethernet eth2 address
# VLAN#100: Employees
set interfaces ethernet eth2 vif 100 description Employees
set interfaces ethernet eth2 vif 100 address 192.168.100.1/24
# VLAN#200: Guests
set interfaces ethernet eth2 vif 200 description Guests
set interfaces ethernet eth2 vif 200 address 192.168.200.1/24
Then, instruct DHCP server to create multiple pools. Adjust options to your liking of course.
set service dhcp-server shared-network-name Employees authoritative
set service dhcp-server shared-network-name Employees subnet 192.168.100.0/24 default-router 192.168.100.1
set service dhcp-server shared-network-name Employees subnet 192.168.100.0/24 name-server 192.168.100.1
set service dhcp-server shared-network-name Employees subnet 192.168.100.0/24 range 1 start 192.168.100.10
set service dhcp-server shared-network-name Employees subnet 192.168.100.0/24 range 1 stop 192.168.100.250
set service dhcp-server shared-network-name Guests authoritative
set service dhcp-server shared-network-name Guests subnet 192.168.200.0/24 default-router 192.168.200.1
set service dhcp-server shared-network-name Guests subnet 192.168.200.0/24 name-server 192.168.200.1
set service dhcp-server shared-network-name Guests subnet 192.168.200.0/24 range 1 start 192.168.200.10
set service dhcp-server shared-network-name Guests subnet 192.168.200.0/24 range 1 stop 192.168.200.250
Make sure that your switch is configured correctly for VLANs because otherwise you can lose access to the router.
I didn’t do the original setup on this and don’t work with it a lot but it’s a virtual firewall/router appliance so there are no physical NICs. I’m confused why you’d refer to the eth interfaces as physical.
I thought I might be able to add an eth3 interface and assign an IP on it to act as the gateway for the separate network that I’m creating a separate DHCP pool for. is that not possible?
If I go into config mode and enter the command set interfaces ethernet eth3 and then ? it shows me that address is a configurable option so i t looks like I can add an eth3 interface. is this not the way to do it?
Thank you. I have two more questions. Since it is a virtual interface how do I know what to set the mac to? Do I just increment it one in the last charcter of the previous mac? ie if eth2 ends in 72 I would make eth3 mac exactly the same except the last part would be 73?
Also I’m used to Cisco stuff where I have a core router running vss and I would create a new vlan with a new vlan interface that has an IP address on it that serves as the gateway for that ip network/vlan. My questions how does the vyos know which vlan on our cisco switches its eth interfaces are associated with? We currently have the one lan setup on the vyos, tied to interface eth2, as I previously stated and there is a vlan created for this lan on our cisco switiching infrastructure but not vlan interface. The vyos and cisco switches somehow are making the association between the vlan id on the cisco switches and the ip address on the eth2 interface of the vyos but I can’t see where or how this is being done. I want to ensure the new vlan I create on the cisco switches will be associated with the new network I assign to eth3 on the vyos. Any thoughts on that?
show interfaces ethernet detail (when in op mode, or run show interfaces ethernet detail when in config mode) will give you all the info you need, the output resembles sudo ip l l.
To distinguish between interfaces in use and not in use, you can also use show interfaces ethernet (but then you won’t see the MAC addresses).
Sometimes, a reboot is required to get VyOS to see newly added interfaces.
I have no knowledge of the Cisco things you asked. Maybe somebody else here?