In keeping with my previous posts, I should have posted about running Vyatta Core 6.5 Software Router VM on ESXi 5.1 about two months ago however, I was not able to at the time so I am publishing it now.
My Router History
Having gone through a progression of routers for my home I think I should first list them out so that the increasing need can be understood.
- At first I started with a basic home router years ago before WiFi was even an option. My first home router was actually a Linksys model so old it did not come with a switch at all.
- My second home router was one with Wifi and a switch built in and for the two computers I had it worked well. Thing is I began to grow my army of computers I kept at home and eventually I ran into difficulties with my home router simply because of built in firmware was not capable of handling as many connections as I wanted to keep open. I was slowly doing more with my home computers; running Web Sites, MUDs (google it), an FTP site, and some other things.
- Eventually I was talking with a colleague at work who had taken his Linksys router and replaced the firmware with one called OpenWRT. Having checked it out, this firmware replacement for home routers offers to completely remove the Web GUI and allows you to only access it through SSH, and while this is secure it was not what I was looking for, but it did lead me to find DD-WRT which similarly offers an improved firmware with far less issues then stock firmware and far more features, but it does so through a Web Interface but still offers telnet and/or SSH access if you want. It allows you to take a decent router like the Linksys WRT54GL and turn it into a powerful processing device plus a good WiFi AP and a great router. So I went forward with this and for a few years I was quite happy using this. With DD-WRT I was able to keep up with what few constant servers I was running but still had all the functionality I wanted out of my home computers.
- Then I began to get serious about things like wanting to be able to QoS my connection and provide the best possible experience for my VoIP packets but still allow streaming data to flow well and this was just too much for a small Broadcom CPU running at 200 MHz with 8 MB of RAM to handle on top of VLAN managing, the bi-directional NAT, the Firewall, the WiFi AP, and everything else I was asking of it, so I resolved to upgrade to a more professional router, like a corporation would use. I already had tried pfSence while setting up VoIP for another company and I disliked it, so I went with a VM running SmoothWall Express 3.0 Polar. In order to achieve this I needed my ESXi tower to have a second Network Card (NIC) and a second virtual switch, as illustrated by this image.
- With SmoothWall Express installed and running I was able to get a Linksys E1550 router and with DD-WRT running on it I am able to use it to run my VPN server and a three SSID Wireless Access Point. This means that I have a main WiFi with access to everything, a guess WiFi which is firewalled to only be able to access the internet and not anything else on my network, and a third WiFi which uses WEP for a few older devices which still need it. The SmoothWall Express 3.0 was running fine until I can across something it could not do and that was route. It makes a great Firewall and Gateway but it does not have the ability to write different routes. Being that I used my Linksys E1550 with DD-WRT on it as a VPN server, I wanted the entire network to have a few extra routes in the routing table of the Gateway so that it could route packets for the subnets my VPN clients had to the VPN itself effectively creating a VPN tunnel between sites with my site as the main point.
Vyatta Core 6.5 Software Router VM on ESXi 5.1
At this point I came across Vyatta Core which is a free version of a paid Software Firewall so in one respect it is like SmoothWall Express and pfSence, but it goes much further. In SmoothWall Express and pfSence for example you do about 99% of your configuration through the Web Interface and the console or SSH is saved for installation and hacking, where as in Vyatta the Web Interface is saved for the paid version only and the free version is configured entirely by SSH which works in a similar way to the Cisco interface over Telnet.
As it turned out it was actually a little challenging to wrap my head around how Vyatta handles everything but now I understand how much more powerful things are when you have to go through such effort to customize them in the first place.
I scoured the internet for articles that seemed somewhat relevant and it was not easy to find as a few articles seemed to start off well through the process of configuring a Vyatta system and then were never finished. I did manage to assemble the list here for anyone else who wants to try it for themselves.