Physical or Bridge VIFs not using default route

Good evening,

I’m using VYOS in a business venture as the primary Route point for clients. At a high level, I’m envisioning the following setup:

ISP/s → Firewall/s → VYOS/s → Layer 2/3 Switch → Data Center for SaaS environment.

The part I’m attempting to configure is (possibly not the correct configuration) Bridge Interfaces with VIF interfaces for each client. Each client would have their own Bridge VIF interface and use the static Route on the Eth1.909 for Internet access.

Currently, only the Eth1.909 interface can ping 8.8.8.8, and the VIF interfaces cannot. A Traceroute
is as follows:

Could you let me know what I’m missing or have misconfigured? I was thinking A NAT is required but it’s somewhat the same as the Physical VIF as the Edge VLAN.

Thank you, below is my configuration.

firewall {
    name VLAN-TO-VLAN {
        default-action accept
        rule 10 {
            action accept
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            destination {
                address 10.0.0.0/8
            }
        }
    }
    state-policy {
        established {
            action accept
        }
        related {
            action accept
        }
    }
}
interfaces {
    bridge br170 {
        enable-vlan
        vif 170 {
            address 10.70.0.1/30
            mtu 1500
        }
    }
    ethernet eth0 {
        address dhcp
        description Vyos_Mgmt
        hw-id f4:6d:04:64:76:41
    }
    ethernet eth1 {
        description Edge_To_Firewall
        hw-id 00:17:54:01:ba:ea
        vif 909 {
            address 10.9.0.10/29
        }
    }
    ethernet eth2 {
        hw-id 00:17:54:01:ba:e9
    }
    loopback lo {
    }
}
protocols {
    static {
        route 0.0.0.0/0 {
            next-hop 10.9.0.9 {
            }
        }

@ginjaninja
I do not see any members in the bridge 170.
Use
https://docs.vyos.io/en/latest/configuration/interfaces/bridge.html
to configure it correctly.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.