Author: adnim Language: asm
Description: BSD Router Project video (v3) Timestamp: 2018-12-07 23:41:41 +0000
View raw paste Parent paste by: adnim Reply
My name is Adam, Network Administrator and Computer Security Instructor at Alamance Community College.  I starred on the Linux Action Show with my boss, Winfield Henry, about a year ago discussing Proxmox VE (Open source Virtualization Platform) with Chris Fisher.  

I tried out the BSD Router Project which was discussed in the BSDNow episode titled, "The Gateway Drug".  It took five minutes to setup and test in virtualbox given my familiarity with Cisco IOS, *NIX (UNIX, Linux, and BSD), Virtualization, etc!

I have plans on implementing this project in development environments at the college and if successful, into production.  Should be an easy fit for any network admin with Cisco IOS experience.

Here is a link to my 16 min. video tutorial on how to setup the BSD Router Project in VirtualBox hosted on an Owncloud instance I've installed for our faculty/staff:

[removed and rehosted so we don'
t hammer their bandwidth]

Please keep up the awesome work guys!



Tutorial Notes
==========
1) Download BSD Router Project Hard Disk image (x64, i386).  Be certain to pick the vga edition, not serial as you'll be using the terminal in Virtualbox to configure the BSD Router:
http://bsdrp.net/downloads
2) Extract the archive and use the following command to covert the BSD Router Project image file into a .vdi (VirtualBox Hard Disk image file)
VBoxManage convert BSDRP-1.5-full-amd64-vga.img BSDRP-1.5-full-amd64-vga.vdi
3) Create FreeBSD 64-bit vm, attach BSDRP-1.5-full-amd64-vga.vdi as a virtual hard disk, create two network interfaces (one that bridges to the physical LAN, the second that uses a VirtualBox Internal LAN [intnet])
4) Boot BSD Router Project VM, log in as root, no password
5) Set root password using passwd
6) Enter Quagga (Cisco IOS clone) by typing in cli
7) Enter configuration mode by typing:
configuration terminal
8) Once in Quagga configure em0 (interface bridged with LAN) by typing:
interface em0
ip address 192.168.15.20/24
9) configure em1 (interface on VirtualBox Internal Network) with its own private network address on a different subnet:
interface em1
ip address 192.168.1.1
10) Create default route to forward all traffic to the physical router upstream (for example my pfSense router)
ip route 0.0.0.0/0 192.168.15.30
11) From the VirtualBox host ping the address that is on the interface which is bridged to the physical LAN to confirm BSD Router Project VM can communicate with Physical LAN:
ping 192.168.15.20
12) Create another VM and also set its network to use the same VirtualBox Internal network interface as used on the em1 in the BSD Router Project VM (intnet), in my tutorial I used OpenBSD
13) Set IP address in same subnet as address assigned to em1 in the BSD Router Project VM (Should be setup in OpenBSD install script):
192.168.1.2/24
14) Set BSD Router Project em1 interface IP address as default gateway on OpenBSD VM (For some reason OpenBSD install script didn'
t save gateway, fixed on next reboot with the following command):
echo "192.168.1.1" > /etc/mygate
15) Ping gateway address to confirm that OpenBSD can communicate with em1 on BSD Router Project VM, confirming it can communicate with the router:
ping 192.168.1.1
16) Ping Google, confirming static route to sending all traffic to physical router (pfsense [192.168.15.30]) works:
ping 8.8.8.8
17) If all went well you have a basic router configuration setup on the BSD Router Project VM, go back to BSD Router Project VM, exit configuration mode and save running-config to startup-config by typing:
exit
write memory

**Note, I did have to configure a reverse route to 192.168.1.0/24 via 192.168.15.20 on my physical pfSense router (General -> Routes).  Also, I modified the following default pfSense rule on my LAN interface:

ALLOW SOURCE:LAN SUBNET DESTINATION:ANY
to
ALLOW SOURCE:ANY DESTINATION:ANY

This allows both private IP subnets both on the physical (192,168.15.30) and virtual (192.168.1.1) to be forward to my WAN interface on pfSense.
View raw paste Parent paste by: adnim Reply