Dear all,
At the day Vyatta passed away suddenly, I felt completely disappoint with this betrayal. Therefore, I almost haven’t joined to any activity of VyOS, the successor of Vyatta. However, the passion to this pretty project is still in me. For this reason, I decide to come back this forum to study from you and to share with you about my achievement in Vyos technology.
Today, I will share with you a pure Vyatta solution to build a enterprise-grade network. I’m so sorry for the appearance of Vyatta here due to the fact that I haven’t yet migrate my boxes to VyOS. Anyway, the implementation is completely same for both. See the topology
In the topology I drew 1 remote site but in fact we have 40+ remote sites.
In my case the following features were used:
- Open VPN (site-to-site with x.509)
- Tunneling
- OSPF routing
- VRRP
- Config-sync: this function is just for Vyatta Subscription Edition. Anyway, this is not a big issuse, you can copy necessary parts of configuration from master box to slaver box. There is still yet an alternative is the package “Vyatta config sync” from Vyatta4people (www.vyatta4peole.org).
There is one attention to you: by default, the variable igmp_max_memberships is just limit at 20, so that the maximum number of remote sites (with 2 connections to HQ for each) can join in the OSPF routing is 10 sites. I have tried to extend this variable to 200. That means now the capacity or OSPF routing is 200 subnets (100 remote sites)
Please send me an email (annduy@gmail.com) if my work may be usable for your business or your study. I’m really willing to share with you.
An