My home network is 192.168.10.x/24 My default gateway to the internet router is 192.168.10.2. My Hyper-V host (192.168.10.31 - gw 192.168.10.2) reside on the same network. With in Hyper-V host, there are two virtual switches. External Switch is connected to an actual physical NIC and connected to the home network 192.168.10.x, Internal virtual switch is created but not connected to any physical NIC, and the intended network is 192.168.30.x/24.
I deployed a series of VMs (AD, DNS, FileService) connected to the internal virtual switch on the Hyper-V host. e.g DC01 - 192.168.30.2, File Server - 192.168.30.3
I have setup the vyos with 2 interfaces
one (eth0) connect to the external virtual switch within Hyper-V , and the second interface (eth1) connect to the internal virtual switch.
eth0 set with IP address of 192.168.10.3, while eth1 set with IP address of 192.168.30.1
I would like to be able to route traffic from the 192.168.10.x (home) network to the 192.168.30.x (internal) network like AD authentication, file service, etc. At the same time, I would also like my internet network (192.168.30.x) to have internet access like my normal home network. However, given my configuration below, I am not able to do that. I can’t ping to any VM on 192.168.30.x from 192.168.10.x nor can I ping to my home network from my internal network. I am trying to avoid any form of NAT as I do not want to use IP:port format all of my internal network services
set system host-name router-01
set service ssh #set service ssh disable-password-authentications
set system domain-name tataoui.com
set system time-zone America/Chicago #set system name-server DNS-IP
set interface ethernet eth0 address 192.168.10.3/24
set interfaces ethernet eth0 description ‘Outside’
set interfaces ethernet eth0 duplex ‘auto’
set interfaces ethernet eth0 speed ‘auto’
set interface ethernet eth1 address 192.168.30.1/24
set interfaces ethernet eth1 description ‘Inside’
set interfaces ethernet eth1 duplex ‘auto’
set interfaces ethernet eth1 speed ‘auto’
set protocols static route 0.0.0.0/0 next-hop 192.168.10.2
I added route 192.168.30.0/24 using gateway 192.168.10.3 on my physical router (192.168.10.2) with no success. I still can’t ping out to my home network or beyond from my VM on 192.168.30.0 network
Seems like your router 192.168.10.2, is not allowing the hairpin route for hosts on your 192.168.10.0/24 network. Depending on what that router is you may or may not be able to fix it. But searching for allowing hairpin routing would be a good place to start.
You could probably also fix the problem by establishing a point to point link between the two routers where packets would flow out of the 192.168.10.0/24 interface and over to another. ie setup a /30 link between the two routers, point your static routes over that link. Or push a route to all your hosts on 192.168.10.0/24 so that they know that in order to get to 192.168.30.0/24 to talk directly to 192.168.10.3 instead of their default gw.
edit:
In any case understand that if your 192.168.30.x router has an interface on the 192.168.10.0/24, that host on that subnet 192.168.10.0/24 will have an asynchronous route. not really a problem unless your ocd; as long as you understand the flow and account for problems like routers trying to be “smart” and block “bad” topologies automatically.