VyOS¶

In 2023-03 I switched from my 5+ year old Unifi Security Gateway (USG) to a VyOS router built using a Lenovo Thinkcentre M720q with an aftermarket 10GbE Mellanox NIC and 3d printed baffle.

The newer "dream" line of Unifi routing products are very lack luster. Moving from the USG to a "dream" router would result in the loss of a bunch of features. So I finally decided to say goodbye to the fully unified unifi interface and built my own router.

As of 2023-03 I am using VyOS Rolling (based on 1.4/Saggita).

• My VyOS config gitops'd (sort of): ramblurr/home-ops/vyos/router0.
• Rolling ISO Build: ramblurr/vyos-custom

Resources for M720q:¶

• STH's Lenovo Thinkcentre/ThinkStation Tiny (Project TinyMiniMicro) Reference Thread
• Lenovo M720Q Tiny router/firewall build with aftermarket 4 port NIC

Hardware¶

• PCI-e x16 Riser Card - FRU 5C50W00877 (got mine off ebay)

Bootstrap¶

• Get ISO from https://github.com/Ramblurr/vyos-custom/releases
• Flash to USB and boot
• install image - follow prompts
• Reboot, get shell

• Connect to wifi temporarily to be able to run the ansible playbook

  set interfaces wireless wlan0 type station
  set interfaces wireless wlan0 address dhcp
  set interfaces wireless wlan0 ssid XXX
  set interfaces wireless wlan0 security wpa passphrase 'XX'
  
  set service ssh port '22'
  

Notes¶

Diff previous configs¶

Show commits:

run show system commit

Compare a diff to the current:

compare <N>

Roll back to a diff

rollback <N>

Show container logs:

show container log <container_name>

Monitor firewall

monitor firewall name '*' | tee ~/fw.log | grep ...

Upgrade

# 1. Sync latest config
# 2. Apply latest config
# 3. Add new system image
add system image <url>