<p>Proxmoxの仮想マシンにてeth0とeth1をvirtIOで追加しています<br>
NICによっては、「Large Receive Offload」を無効化する必要があります。<br>
eth0 WAN<br>
eth1 LAN<br>
としています。</p>
<div class="code-block-container"><pre><code>set interfaces pppoe pppoe0 description 'WAN'
set interfaces pppoe pppoe0 authentication user プロバイダユーザ名
set interfaces pppoe pppoe0 authentication password プロバイダパスワード
set interfaces pppoe pppoe0 connect-on-demand
set interfaces pppoe pppoe0 default-route 'auto'
set interfaces pppoe pppoe0 mtu 1454
set interfaces pppoe pppoe0 source-interface 'eth0'

set interfaces ethernet eth1 address 172.16.103.1/24
set nat source rule 100 translation address masquerade
set nat source rule 100 source address 172.16.103.0/24
set nat source rule 100 outbound-interface pppoe0

set policy route PPPOE-IN rule 100 protocol 'tcp'
set policy route PPPOE-IN rule 100 set tcp-mss '1414'
set policy route PPPOE-IN rule 100 tcp flags 'SYN'
set interfaces ethernet eth0 policy route 'PPPOE-IN'
set interfaces ethernet eth1 policy route 'PPPOE-IN'
commit
save
</code></pre></div><p>とりあえずこれでping叩いてあげると繋がります。</p>
<div class="code-block-container"><pre><code>ping 1.1.1.1
curl httpbin.org/ip
show interfaces
</code></pre></div><p>後のfirewallなどの細かい設定はお好みに応じてどうぞ。</p>
<div class="code-block-container"><pre><code>set service ssh port 22
set system time-zone Asia/Tokyo
</code></pre></div><p>ポート開放例<br>
グローバルIP:8080 --&gt; 172.16.103.10:80　に変換</p>
<div class="code-block-container"><pre><code>set nat destination rule 200 destination port 8080
set nat destination rule 200 protocol tcp
set nat destination rule 200 translation address 172.16.103.10
set nat destination rule 200 translation port 80
set nat destination rule 200 inbound-interface pppoe0

commit
save
</code></pre></div><p>Firewall</p>
<div class="code-block-container"><pre><code>set firewall name OUTSIDE-LOCAL default-action 'drop'
set firewall name OUTSIDE-LOCAL rule 10 action 'accept'
set firewall name OUTSIDE-LOCAL rule 10 state established 'enable'
set firewall name OUTSIDE-LOCAL rule 10 state related 'enable'

set interfaces pppoe pppoe0 firewall in name 'OUTSIDE-IN'
set interfaces pppoe pppoe0 firewall local name 'OUTSIDE-LOCAL'

commit
save
</code></pre></div><p>ポート開放例+Firewall</p>
<div class="code-block-container"><pre><code>set firewall name OUTSIDE-IN rule 31 action 'accept'
set firewall name OUTSIDE-IN rule 31 protocol 'tcp'
set firewall name OUTSIDE-IN rule 31 destination port '8080'
set firewall name OUTSIDE-IN rule 31 state new 'enable'

set firewall name OUTSIDE-IN rule 32 action 'accept'
set firewall name OUTSIDE-IN rule 32 protocol 'tcp'
set firewall name OUTSIDE-IN rule 32 destination port '80'
set firewall name OUTSIDE-IN rule 32 state new 'enable'

commit
save

</code></pre></div><p>Q.VyOS1.2.8 LTSが欲しいです<br>
下記手順を参考にしてビルドしてあげる必要があります(無料)<br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__20f4885aa4c32" src="https://embed.zenn.studio/card#zenn-embedded__20f4885aa4c32" data-content="https%3A%2F%2Fqiita.com%2Fs64s_y%2Fitems%2Ff2b32f4ba257fbab9358" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://qiita.com/s64s_y/items/f2b32f4ba257fbab9358" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://qiita.com/s64s_y/items/f2b32f4ba257fbab9358</a><br style="display:none">
ビルドしたくない場合かコミュニティ以外のサポート必要なら下記(有料)<br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__673b8f0cddc68" src="https://embed.zenn.studio/card#zenn-embedded__673b8f0cddc68" data-content="https%3A%2F%2Fvyos.io%2Fsubscriptions%2Fsupport%2F" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://vyos.io/subscriptions/support/" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://vyos.io/subscriptions/support/</a></p>
<p>参考文献:<br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__8ded3d9444327" src="https://embed.zenn.studio/card#zenn-embedded__8ded3d9444327" data-content="https%3A%2F%2Fdocs.vyos.io%2Fen%2Fequuleus%2Fquick-start.html" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://docs.vyos.io/en/equuleus/quick-start.html" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://docs.vyos.io/en/equuleus/quick-start.html</a><br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__f545ee3f2653d" src="https://embed.zenn.studio/card#zenn-embedded__f545ee3f2653d" data-content="https%3A%2F%2Fnaga-sawa.hatenadiary.org%2Fentry%2F20171203%2F1512301821" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://naga-sawa.hatenadiary.org/entry/20171203/1512301821" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://naga-sawa.hatenadiary.org/entry/20171203/1512301821</a><br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__5b04d247587b" src="https://embed.zenn.studio/card#zenn-embedded__5b04d247587b" data-content="https%3A%2F%2Fkt-hiro.hatenablog.com%2Fentry%2F20180813%2F1534125175" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://kt-hiro.hatenablog.com/entry/20180813/1534125175" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://kt-hiro.hatenablog.com/entry/20180813/1534125175</a><br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__d93b36eef4bb4" src="https://embed.zenn.studio/card#zenn-embedded__d93b36eef4bb4" data-content="https%3A%2F%2Fqiita.com%2Fkousokujin%2Fitems%2Fa61d8bb679d28e23ff69" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://qiita.com/kousokujin/items/a61d8bb679d28e23ff69" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://qiita.com/kousokujin/items/a61d8bb679d28e23ff69</a><br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__382043743fcde" src="https://embed.zenn.studio/card#zenn-embedded__382043743fcde" data-content="https%3A%2F%2Fsupport.vyos.io%2Fen%2Fkb%2Farticles%2Fsub-interfaces-pppoe" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://support.vyos.io/en/kb/articles/sub-interfaces-pppoe" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://support.vyos.io/en/kb/articles/sub-interfaces-pppoe</a><br style="display:none">
<span class="embed-block zenn-embedded zenn-embedded-card"><iframe id="zenn-embedded__d8bdf0734dead" src="https://embed.zenn.studio/card#zenn-embedded__d8bdf0734dead" data-content="https%3A%2F%2Fharablo2012.blogspot.com%2F2018%2F09%2Fvyos.html" frameborder="0" scrolling="no" loading="lazy"></iframe></span><a href="https://harablo2012.blogspot.com/2018/09/vyos.html" style="display:none" target="_blank" rel="nofollow noopener noreferrer">https://harablo2012.blogspot.com/2018/09/vyos.html</a></p>


Proxmox+VyOS1.2.8 LTSでPPPoEでフレッツプロバイダに接続する

Discussion