Eugene,
             I am running two routers on my Smartos box for my home
network. I have Verizon Fios and to get remote DVR functions I have to use
a mid-router to fake the Verizon router in thinking it is connected to the
Verizon ONT. I port forward all Verzion packets from the main Opnsense
router to Vyos, then off to the Verizon router.  This setup is well
documented. anyway I use the setup you describe. I have one interface or
Trunk as you call it then vlan the routers through that interface. Here are
the JSONs for Vyos and Opnsense. One note do not spoof the WAN interface,
only the lan interfaces. The key is your nic_tag, that points to your trunk
interface. All nics get set up in /usbkey/config. Hope this helps

/usb/config
#firewall nic definition
firewall_nic=a0:36:9f:3:51:6d

Vyos JSONs
 vmadm get 89168e3f-dec5-676e-879d-c90b69a7d988 |json
{
  "zonename": "89168e3f-dec5-676e-879d-c90b69a7d988",
  "autoboot": true,
  "brand": "kvm",
  "limit_priv":
"default,-file_link_any,-net_access,-proc_fork,-proc_info,-proc_session",
  "v": 1,
  "create_timestamp": "2017-01-10T00:25:40.170Z",
  "cpu_shares": 100,
  "max_lwps": 2000,
  "max_msg_ids": 4096,
  "max_sem_ids": 4096,
  "max_shm_ids": 4096,
  "max_shm_memory": 1536,
  "zfs_io_priority": 100,
  "max_physical_memory": 1536,
  "max_locked_memory": 1536,
  "max_swap": 1536,
  "billing_id": "00000000-0000-0000-0000-000000000000",
  "owner_uuid": "00000000-0000-0000-0000-000000000000",
  "alias": "vyos vz bridge router",
  "ram": 512,
  "vcpus": 1,
  "vnc_port": 23456,
  "disks": [
    {
      "path":
"/dev/zvol/rdsk/zones/89168e3f-dec5-676e-879d-c90b69a7d988-disk0",
      "boot": true,
      "model": "virtio",
      "media": "disk",
      "zfs_filesystem": "zones/89168e3f-dec5-676e-879d-c90b69a7d988-disk0",
      "zpool": "zones",
      "size": 1024,
      "compression": "off",
      "refreservation": 1024,
      "block_size": 8192
    }
  ],
  "nics": [
    {
      "interface": "net0",
      "mac": "52:54:00:b6:c8:21",
      "vlan_id": 100,
      "nic_tag": "firewall",
      "ip": "dhcp",
      "ips": [
        "dhcp"
      ],
      "model": "virtio",
      "allow_dhcp_spoofing": false,
      "allow_ip_spoofing": false,
      "allow_mac_spoofing": false,
      "allow_restricted_traffic": false,
      "allow_unfiltered_promisc": false,
      "primary": true
    },
    {
      "interface": "net1",
      "mac": "72:7c:9d:dd:6e:a3",
      "vlan_id": 173,
      "nic_tag": "firewall",
      "netmask": "255.255.255.0",
      "ip": "173.48.255.1",
      "ips": [
        "173.48.255.1/24"
      ],
      "model": "virtio",
      "allow_dhcp_spoofing": true,
      "allow_ip_spoofing": true,
      "allow_mac_spoofing": true,
      "allow_restricted_traffic": true,
      "allow_unfiltered_promisc": true
    }
  ],
  "uuid": "89168e3f-dec5-676e-879d-c90b69a7d988",
  "zone_state": "running",
  "zonepath": "/zones/89168e3f-dec5-676e-879d-c90b69a7d988",
  "zoneid": 6,
  "last_modified": "2018-02-18T12:59:40.000Z",
  "resolvers": [],
  "firewall_enabled": false,
  "server_uuid": "20c32547-dad7-dd11-abd6-d017c2956b6b",
  "platform_buildstamp": "20180203T031130Z",
  "state": "running",
  "boot_timestamp": "2018-02-18T12:59:40.000Z",
  "pid": 5356,
  "customer_metadata": {},
  "internal_metadata": {},
  "routes": {},
  "tags": {},
  "quota": 10,
  "zfs_root_recsize": 131072,
  "zfs_filesystem": "zones/89168e3f-dec5-676e-879d-c90b69a7d988",
  "zpool": "zones",
  "snapshots": []
}


[root@smugglers ~]# vmadm get c4cc5cd2-9d63-4546-c405-9e9bf724268a | json
{
  "zonename": "c4cc5cd2-9d63-4546-c405-9e9bf724268a",
  "autoboot": true,
  "brand": "kvm",
  "limit_priv":
"default,-file_link_any,-net_access,-proc_fork,-proc_info,-proc_session",
  "v": 1,
  "create_timestamp": "2017-10-27T16:13:45.003Z",
  "cpu_shares": 100,
  "max_lwps": 2000,
  "max_msg_ids": 4096,
  "max_sem_ids": 4096,
  "max_shm_ids": 4096,
  "max_shm_memory": 2048,
  "zfs_io_priority": 100,
  "max_physical_memory": 2048,
  "max_locked_memory": 2048,
  "max_swap": 2048,
  "billing_id": "00000000-0000-0000-0000-000000000000",
  "owner_uuid": "00000000-0000-0000-0000-000000000000",
  "alias": "Backup Opnsense Firewall",
  "ram": 1024,
  "vcpus": 2,
  "vnc_port": 99999,
  "disks": [
    {
      "path":
"/dev/zvol/rdsk/zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a-disk0",
      "boot": true,
      "model": "virtio",
      "media": "disk",
      "zfs_filesystem": "zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a-disk0",
      "zpool": "zones",
      "size": 5120,
      "compression": "off",
      "refreservation": 5120,
      "block_size": 8192
    }
  ],
  "nics": [
    {
      "interface": "net0",
      "mac": "ab:cd:ef:gh:ij:kl",
      "vlan_id": 10,
      "nic_tag": "firewall",
      "ip": "dhcp",
      "ips": [
        "dhcp"
      ],
      "model": "virtio",
      "allow_dhcp_spoofing": false,
      "allow_ip_spoofing": false,
      "allow_mac_spoofing": false,
      "allow_restricted_traffic": false,
      "allow_unfiltered_promisc": false,
      "primary": true
    },
    {
      "interface": "net1",
      "mac": "42:50:0e:e8:c7:28",
      "vlan_id": 100,
      "nic_tag": "firewall",
      "netmask": "255.255.255.0",
      "ip": "192.168.1.254",
      "ips": [
        "192.168.1.254/24"
      ],
      "model": "virtio",
      "allow_dhcp_spoofing": true,
      "allow_ip_spoofing": true,
      "allow_mac_spoofing": true,
      "allow_restricted_traffic": true,
      "allow_unfiltered_promisc": true
    },
    {
      "interface": "net2",
      "mac": "f2:8d:d3:20:1c:20",
      "vlan_id": 200,
      "nic_tag": "firewall",
      "netmask": "255.255.255.224",
      "ip": "192.168.200.30",
      "ips": [
        "192.168.200.30/27"
      ],
      "model": "virtio",
      "allow_dhcp_spoofing": true,
      "allow_ip_spoofing": true,
      "allow_mac_spoofing": true,
      "allow_restricted_traffic": true,
      "allow_unfiltered_promisc": true
    }
  ],
  "uuid": "c4cc5cd2-9d63-4546-c405-9e9bf724268a",
  "zone_state": "running",
  "zonepath": "/zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a",
  "zoneid": 7,
  "last_modified": "2018-02-18T12:59:41.000Z",
  "resolvers": [],
  "firewall_enabled": false,
  "server_uuid": "20c32547-dad7-dd11-abd6-d017c2956b6b",
  "platform_buildstamp": "20180203T031130Z",
  "state": "running",
  "boot_timestamp": "2018-02-18T12:59:41.000Z",
  "pid": 5431,
  "customer_metadata": {},
  "internal_metadata": {},
  "routes": {},
  "tags": {},
  "quota": 10,
  "zfs_root_recsize": 131072,
  "zfs_filesystem": "zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a",
  "zpool": "zones",
  "snapshots": []
}



On Mon, Feb 19, 2018 at 4:08 AM, Eugene Lee <eky_...@hotmail.com> wrote:

> Hi,
>
>
> I am fairly new still to Smartos and learning my way around it.  I have
> been in the process of migrating my environment from VMware ESXi to
> a Smartos host.  I have a Vyos virtual router that I would like to migrate
> from VMware to Smartos.  In VMware I know how to assign a trunk port to the
> Vyos virtual machine and then assign various IPs in different VLANs for
> routing in the Vyos router.  I am not sure what the equivalent way of doing
> this is in SmartOs.
>
>
> I know that you can add the vlan_id tag to the JSON file for the KVM
> machine but given I want a trunk port assigned to the KVM machine (that
> will be running Vyos), how do I go about doing this?  Hopefully what I want
> to achieve makes sense.
>
>
> Thanks,
>
> Eugene
>
> *smartos-discuss* | Archives
> <https://www.listbox.com/member/archive/184463/=now>
> <https://www.listbox.com/member/archive/rss/184463/26772761-5af1dc68> |
> Modify
> <https://www.listbox.com/member/?&;>
> Your Subscription <http://www.listbox.com>
>



-- 
Greg

http://www.linkedin.com/in/gregtreantos



-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00
Modify Your Subscription: 
https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb
Powered by Listbox: http://www.listbox.com

Reply via email to