Run the Edge Router VM on Your Own Equipment

Introduction

This install guide will walk you through the steps required to launch a NetFoundry Edge Router VM on your private cloud VM stack e.g. VMware, Virtualbox; and assumes you have already created the Edge Router in your NetFoundry network and captured the registration one-time key. We will refer to this VM in some places as the virtual customer premises equipment (vCPE).

Alternatively, you may be seeking

How it Works

Data sessions inside your NetFoundry Network are established outbound from your on-premises Edge Router VM to your dedicated, hosted Edge Routers in NetFoundry data centers. The return path of the data session is utilized to receive data from the Endpoints in your NetFoundry network.  As a result, inbound firewall configuration is generally not required for full functionality. This method is similar to STUN/TURN.

See Edge Gateway Sizing Guide for information on sizing your gateway VM for required throughput.

When to Contact Customer Support

The VM is configured to work with a single virtual network adapter. Please consult with customer support if your requirements include a VM with multiple interfaces (multi-homed), IP forwarding/routing for an attached subnet, or high availability.

 

Get the VM

Select your desired VM stack from the NetFoundry Downloads page:

  • VMware: VMDK disk, VMware specific ovf file. open-vm-tools is installed.
  • Virtualbox: VMDK disk, VirtualBox specific ovf file.
  • KVM: QCOW2 disk with README file
  • Hyper-V: Gen1 VHD disk with README file

Register the VM

If your VM stack provides a way to run a script on first boot you may use something like this, substituting your own registration key:

#!/bin/bash
/opt/netfoundry/router-registration {key}

In the NetFoundry console, confirm the Edge Router is REGISTERED within ten minutes. If you are unable to inject a first boot script then you may log in after first boot and manually run the same commands.

Advanced Registration Parameters

In the above example we used the most simple form of the router-registration command. Know more about the registration command and the parameters available for special cases such as configuring transit link listeners in How to Register the Edge Router VM.

 

Defaults

The default username and password is "ziggy".  NetFoundry recommends you change the password after initial setup.  You can change the password using the following command:

passwd

We highly recommend replacing the password authentication with ssh keys.  In order to accomplish this, you would need add an ssh public key to the local /home/$USER/.ssh/authorized_keys file, creating the file if it doesn't already exist.  Once you verify ssh access is working, you can disable password authentication by editing the file /etc/ssh/sshd_config & changing the option "PasswordAuthentication" to "no", then restarting the VM.

How to Configure Static IP Address

Find the local interface

The first step toward setting up a static IP address is identifying the name of the ethernet interface you want to configure. To do so, use the ip link command, as shown below:

ip link

The command prints a list of all the available network interfaces. In this example, the name of the interface is ens3:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:6c:13:63 brd ff:ff:ff:ff:ff:ff

Netplan configuration files are stored in the /etc/netplan directory. You’ll find 50-cloud-init.yaml which is how the VM is setup to use DHCP.

 Disable cloud-init

To disable cloud-init from assigning a DHCP, create the following file:

sudo vi /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
The file should have the following content
network: {config: disabled}

Create and apply a static config

To assign a static IP create the following file:
sudo vi /etc/netplan/01-netcfg.yaml

The file content should in the following format with your information filled in.

network: 
version: 2
renderer: networkd
ethernets:
enp3s0:
addresses:
- 10.10.10.2/24
gateway4: 10.10.10.1
nameservers:
search: [mydomain, otherdomain]
addresses: [10.10.10.1, 1.1.1.1]

 Finally apply the configuration with the following command

sudo netplan apply

 

Firewall Requirements

Firewall requirements are further detailed in Create and Manage Edge Routers.

 

 

 

Was this article helpful?
3 out of 6 found this helpful

Comments

1 comment

  • Most of the step: "Step 3: VTC & firewalld configuration for multi-nic deployments" has to be run as root, or have "sudo" in front of the commands.

    0

Article is closed for comments.