Vyatta Config Sync Howto and Overview

Tags: , , , , , , , , ,


Here is a quick run down of how to set up vyatta config sync on VSE (subscription edition).

Note: Vyatta subscription edition is required for this functionality.

Vyatta config sync allows you to select a subset of your router config, then set one of your routers as the master for that subset. In this example we’ll be syncing our nat config section from vyatta-01 (master) to vyatta-02 (slave).

Preparing the slave system:

First, we need to enable the web server on the slave system as this is the transport used by config-sync.

vyatta@vyatta-02# configure
vyatta@vyatta-02# set service https listen-address <IP_OF_VYATTA-02>
vyatta@vyatta-02# commit

Then, I recommend creating a user account dedicated to the purpose of config-sync.

vyatta@vyatta-02# configure
vyatta@vyatta-02# set system login user config-sync authentication plaintext-password secret
vyatta@vyatta-02# commit

Configuring vyatta config sync on the master system

Now we tell vyatta-01 about vyatta-02:

vyatta@vyatta-01# configure
vyatta@vyatta-01# set system config-sync remote-router <IP_OF_VYATTA-02>
vyatta@vyatta-01# set system config-sync remote-router <IP_OF_VYATTA-02> username config-sync
vyatta@vyatta-01# set system config-sync remote-router <IP_OF_VYATTA-02> password secret
vyatta@vyatta-01# commit

Then, we specify what to sync from vyatta-01 to vyatta-02…

vyatta@vyatta-01# configure
vyatta@vyatta-01# set system config-sync sync-map default rule 0 action include
vyatta@vyatta-01# set system config-sync sync-map default rule 0 location nat
vyatta@vyatta-01# commit

And finally we go back and assign the sync-map to the remote-router entry.

vyatta@vyatta-01# configure
vyatta@vyatta-01# set system config-sync remote-router <IP_OF_VYATTA-02> sync-map default
vyatta@vyatta-01# commit

That’s it. You should see vyatta-01 attempt to sync to vyatta-02 upon subsequent commits, and anything under nat should appear on vyatta-02.

For quick reference, here’s a config dump of the relevant sections:

Vyatta-01:

vyatta@vyatta-01# show system config-sync 
 remote-router <IP_OF_VYATTA-02> {
     password secret
     sync-map default
     username config-sync
 }
 sync-map default {
     rule 0 {
         action include
         location nat
     }
 }

Vyatta-02:

vyatta@vyatta-02# show service http
 listen-address <IP_OF_VYATTA-02>
 
vyatta@vyatta-02# show system login user config-sync
 authentication {
     encrypted-password $19aboeuo/20u230b+8239bulkj8271J.
     plaintext-password ""
 }

Related posts:

  1. How to fix vyatta protocol daemon is not running
  2. Ubuntu UEC/EC2 Puppet Client Howto
  3. Unison File Synchronizer Monitoring and Alerting with Simple Event Correlator (SEC)
  4. Xen Disk Hot Add (Block Device) Howto

One Response to “Vyatta Config Sync Howto and Overview”

  1. Eugene Says:
    October 28th, 2012 at 5:44 am

    If you have only community edition of Vyatta,
    you may use Vyatta-Config-Sync from Vyatta4People.Org:
    http://www.vyatta4people.org/vyatta-config-sync/
    Cheers!

    [Reply]

Join the Conversation