Vyatta Config Sync Howto and Overview

Tags: , , , , , , , , ,


Here is a quick run down of how to set up vyatta config sync on VSE (subscription edition).

Note: Vyatta subscription edition is required for this functionality.

Vyatta config sync allows you to select a subset of your router config, then set one of your routers as the master for that subset. In this example we’ll be syncing our nat config section from vyatta-01 (master) to vyatta-02 (slave).

Preparing the slave system:

First, we need to enable the web server on the slave system as this is the transport used by config-sync.

[email protected]# configure
[email protected]# set service https listen-address <IP_OF_VYATTA-02>
[email protected]# commit

Then, I recommend creating a user account dedicated to the purpose of config-sync.

[email protected]# configure
[email protected]# set system login user config-sync authentication plaintext-password secret
[email protected]# commit

Configuring vyatta config sync on the master system

Now we tell vyatta-01 about vyatta-02:

[email protected]# configure
[email protected]# set system config-sync remote-router <IP_OF_VYATTA-02>
[email protected]# set system config-sync remote-router <IP_OF_VYATTA-02> username config-sync
[email protected]# set system config-sync remote-router <IP_OF_VYATTA-02> password secret
[email protected]# commit

Then, we specify what to sync from vyatta-01 to vyatta-02…

[email protected]# configure
[email protected]# set system config-sync sync-map default rule 0 action include
[email protected]# set system config-sync sync-map default rule 0 location nat
[email protected]# commit

And finally we go back and assign the sync-map to the remote-router entry.

[email protected]# configure
[email protected]# set system config-sync remote-router <IP_OF_VYATTA-02> sync-map default
[email protected]# commit

That’s it. You should see vyatta-01 attempt to sync to vyatta-02 upon subsequent commits, and anything under nat should appear on vyatta-02.

For quick reference, here’s a config dump of the relevant sections:

Vyatta-01:

[email protected]# show system config-sync 
 remote-router <IP_OF_VYATTA-02> {
     password secret
     sync-map default
     username config-sync
 }
 sync-map default {
     rule 0 {
         action include
         location nat
     }
 }

Vyatta-02:

[email protected]# show service http
 listen-address <IP_OF_VYATTA-02>
 
[email protected]# show system login user config-sync
 authentication {
     encrypted-password $19aboeuo/20u230b+8239bulkj8271J.
     plaintext-password ""
 }

Related posts:

  1. How to fix vyatta protocol daemon is not running
  2. Ubuntu UEC/EC2 Puppet Client Howto
  3. Unison File Synchronizer Monitoring and Alerting with Simple Event Correlator (SEC)
  4. Xen Disk Hot Add (Block Device) Howto

One Response to “Vyatta Config Sync Howto and Overview”

  1. Eugene Says:
    October 28th, 2012 at 5:44 am

    If you have only community edition of Vyatta,
    you may use Vyatta-Config-Sync from Vyatta4People.Org:
    http://www.vyatta4people.org/vyatta-config-sync/
    Cheers!

    [Reply]

Join the Conversation