vyos configure

1. interfaces {
2. bridge br1 {
3. address xxx.xxx.0.1/24
4. aging 300
5. description "Private switch"
6. hello-time 2
7. ip {
8. enable-arp-accept
9. }
10. max-age 20
11. priority 0
12. stp false
13. }
14. bridge br2 {
15. address xxx.xxx.101.1/24
16. aging 300
17. description "private switch"
18. hello-time 2
19. ip {
20. enable-arp-accept
21. }
22. max-age 20
23. priority 0
24. stp false
25. }
26. bridge br3 {
27. address xxx.xxx.2.1/24
28. description "private switch"
29. ip {
30. enable-arp-accept
31. }
32. }
33. bridge br4 {
34. address xxx.xxx.3.1/24
35. description "private switch"
36. ip {
37. enable-arp-accept
38. }
39. }
40. bridge br5 {
41. address xxx.xxx.4.1/24
42. description "private switch"
43. ip {
44. enable-arp-accept
45. }
46. }
47. ethernet eth0 {
48. bridge-group {
49. bridge br2
50. }
51. description private
52. duplex auto
53. hw-id XX:XX:XX:f8:3f:11
54. smp-affinity auto
55. speed auto
56. }
57. ethernet eth1 {
58. bridge-group {
59. bridge br1
60. }
61. description private
62. duplex auto
63. hw-id XX:XX:XX:f8:3f:12
64. smp-affinity auto
65. speed auto
66. vif 1 {
67. bridge-group {
68. bridge br2
69. }
70. description "private VLAN 1"
71. }
72. vif 1002 {
73. bridge-group {
74. bridge br3
75. }
76. description "private VLAN 1002"
77. }
78. vif 1003 {
79. bridge-group {
80. bridge br4
81. }
82. description "private VLAN 1003"
83. }
84. vif 1004 {
85. bridge-group {
86. bridge br5
87. }
88. description "private VLAN 1004"
89. }
90. }
91. ethernet eth2 {
92. bridge-group {
93. bridge br2
94. }
95. description private
96. duplex auto
97. hw-id XX:XX:XX:f8:3f:13
98. smp-affinity auto
99. speed auto
100. }
101. ethernet eth3 {
102. bridge-group {
103. bridge br2
104. }
105. description private
106. duplex auto
107. hw-id XX:XX:XX:f8:3f:14
108. smp-affinity auto
109. speed auto
110. }
111. ethernet eth4 {
112. bridge-group {
113. bridge br2
114. }
115. description private
116. duplex auto
117. hw-id XX:XX:XX:f8:3f:15
118. smp-affinity auto
119. speed auto
120. }
121. ethernet eth5 {
122. description public
123. duplex auto
124. hw-id XX:XX:XX:f8:3f:16
125. pppoe 0 {
126. default-route auto
127. mtu 1492
128. name-server auto
129. password xxxxxx
130. user-id xxxxxx
131. }
132. smp-affinity auto
133. speed auto
134. }
135. loopback lo {
136. address xxx.xxx.0.1/8
137. address ::1/128
138. description local
139. }
140. }
141. nat {
142. source {
143. rule 100 {
144. description "TO PUBLIC"
145. outbound-interface pppoe0
146. source {
147. address xxx.xxx.0.0/16
148. }
149. translation {
150. address masquerade
151. }
152. }
153. }
154. }
155. service {
156. dhcp-server {
157. shared-network-name xxxxxx {
158. subnet xxx.xxx.101.0/24 {
159. default-router xxx.xxx.101.1
160. dns-server xxx.xxx.101.1
161. lease 86400
162. range 0 {
163. start xxx.xxx.101.2
164. stop xxx.xxx.101.254
165. }
166. }
167. }
168. }
169. dns {
170. forwarding {
171. cache-size 512
172. listen-on br1
173. listen-on br2
174. name-server xxx.xxx.114.114
175. name-server xxx.xxx.8.8
176. }
177. }
178. snmp {
179. community v3 {
180. authorization ro
181. }
182. listen-address xxx.xxx.0.0 {
183. port 161
184. }
185. }
186. ssh {
187. port 22
188. }
189. }
190. system {
191. config-management {
192. commit-revisions 20
193. }
194. console {
195. device ttyS0 {
196. speed 9600
197. }
198. }
199. host-name xxxxxx
200. ip {
201. arp {
202. table-size 16384
203. }
204. }
205. login {
206. user xxxxxx {
207. authentication {
208. encrypted-password xxxxxx
209. plaintext-password xxxxxx
210. }
211. level admin
212. }
213. }
214. ntp {
215. server xxxxx.tld {
216. }
217. server xxxxx.tld {
218. }
219. server xxxxx.tld {
220. }
221. }
222. syslog {
223. global {
224. facility all {
225. level notice
226. }
227. facility protocols {
228. level debug
229. }
230. }
231. }
232. time-zone Asia/Shanghai
233. }
234. vpn {
235. }