'Convert' Cisco CSR 1000v configs over to VyOS

mc1903 · November 24, 2021, 10:39am

I have 3 Cisco CSR 1000v virtual routers in my home lab, providing BGP routing to a VMware NSX-T environment, that I am looking to replace with VyOS routers.

The Cisco 1000v’s work, but are unlicensed (evaluation mode) and throttle the throughput to just a few Mbps.

I am fed up rebuilding them once the evaluation period expires, so hence looking to switch over to VyOS using the latest free nightly build; as the subscription for an LTS build is just to much for me.

I am not a network engineer. I had help building the CSR 1000v’s from a former colleague, who is a Cisco CCNP, but he does not know VyOS.

Looking for advice from anyone who has done this before. What are your tips/tricks/pitfalls? Also what are the best resources to read up?

Are there any VyOS engineers/consultants who can do this? I am happy to pay ‘home lab’ prices; but my pockets are just not deep enough for a day’s paid professional consultancy.

Any thoughts would be appreciated.

Cheers
M

Dmitry · November 24, 2021, 11:15am

Hi @mc1903 , just try to draw the network topology. I believe many things/tricks and examples already described in docs BGP — VyOS 1.3.x (equuleus) documentation

mc1903 · November 24, 2021, 12:13pm

Thank you @Dmitry.

I had a quick look at the BGP docs and my head is swimming :-/

I can post my network topology here, but promise not to laugh at me please.

M

Edit:

Nikolay · November 25, 2021, 2:51am

Hi @mc1903,
Could you provide the CSRs configs?

mc1903 · November 25, 2021, 8:48am

Hello @Nikolay

Thank you. Here they are:

MC Lab Cisco CSR 1000v Configs

M

Nikolay · November 25, 2021, 9:06am

Good news!
There is nothing special in the networking configuration that is missing in VyOS.
There is no HTTP server in VyOS, but that’s not a big deal, I guess

Do you have any specific questions?
I think we can try to translate one config to VyOS as an example

mc1903 · November 25, 2021, 9:15am

Hello @Nikolay

I didn’t realise there was a http server

I would be truly greatful if you could try to translate the CSR 1000v #1 config for me.

Thank you again.
M

Nikolay · November 25, 2021, 9:49am

That’s about it (VyOS 1.4):

set sys host-name mc-ccsr-v-101
set vrf name mgmt
set vrf name mgmt table 1000
set system login user vyos authentication plaintext-password 'Password'
set service ssh
set service ssh vrf mgmt

set interfaces ethernet eth1 vrf mgmt
set interfaces ethernet eth1 address 10.1.1.31/24
set interfaces ethernet eth2 vif 51 address 10.5.1.253/24
set interfaces ethernet eth3 vif 52 address 10.5.2.254/24

set protocols static route 0.0.0.0/0 next-hop 10.5.1.254 interface eth2.51
set protocols static route 0.0.0.0/0 next-hop 10.1.1.254 vrf mgmt

set protocols bgp local-as 65510
set protocols bgp neighbor 10.5.2.1 remote-as '65511'
set protocols bgp neighbor 10.5.2.1 address-family ipv4-unicast default-originate
set protocols bgp neighbor 10.5.2.2 remote-as '65512'
set protocols bgp neighbor 10.5.2.2 address-family ipv4-unicast default-originate

set protocols bgp address-family ipv4-unicast redistribute connected
set protocols bgp address-family ipv4-unicast redistribute static
set protocols bgp parameters router-id '10.5.2.254'

Corresponding CSR config:

hostname mc-ccsr-v-101
!
vrf definition mgmt
 !
 address-family ipv4
 exit-address-family
!
username admin privilege 15 secret Password
!
!
interface GigabitEthernet1
 vrf forwarding mgmt
 ip address 10.1.1.31 255.255.255.0
 negotiation auto
!
interface GigabitEthernet2
 no ip address
 negotiation auto
!
interface GigabitEthernet2.51
 encapsulation dot1Q 51
 ip address 10.5.1.253 255.255.255.0
!
interface GigabitEthernet3
 no ip address
 negotiation auto
!
interface GigabitEthernet3.52
 encapsulation dot1Q 52
 ip address 10.5.2.254 255.255.255.0
!
router bgp 65510
 bgp log-neighbor-changes
 neighbor 10.5.2.1 remote-as 65511
 neighbor 10.5.2.2 remote-as 65512
 !
 address-family ipv4
  redistribute connected
  redistribute static
  neighbor 10.5.2.1 activate
  neighbor 10.5.2.2 activate
  default-information originate
 exit-address-family
!
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet2.51 10.5.1.254
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 10.1.1.254
ip route vrf mgmt 0.0.0.0 0.0.0.0 10.1.1.254
!

ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 10.1.1.254
Strange route. Looks like misconfig. Omitted

mc1903 · November 25, 2021, 9:56am

Wow, that was quick!

I will get a v1.4 image installed to test it now.

Again, thank you so much! I really appreciate your help.

M

mc1903 · November 25, 2021, 11:47am

@Nikolay with a small edit, that config worked like a dream!

The VyOS interfaces were eth0-eth2, where as the Cisco interfaces were Gi1-Gi3

I now have 3 working VyOS routers so now its time to do some testing!

Thank you for all of your help. I very much appreciate what you have done for me today and I will find a way of paying something forward to the VyOS project.

Cheers,
M

Nikolay · November 25, 2021, 11:50am

Great!

Welcome to our community, @mc1903!

system · November 27, 2021, 11:51am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.