Static Routing on Vyos Router

Static Routing on Vyos Router

The primary function of routers in a network is to carry out routing functions. In case you were wondering, routing is a way to move packets from one point to a destination. Routers determine the path a packet must take from a source to its desired destination. This path can be the path to the next router that has the destination ip address in its routing table. These paths can be determined using various routing protocols, some of which are dynamic and others static.

This guide, “Static Routing on Vyos Router”, will discuss the static way of doing routing. Note that this type of routes must be applied manually onto the router and it cannot be updated. Meaning that, if a link fails, the router has no way of knowing how to reach the destination since the failed link will be removed from the routing information base. Generally, this type of routes are used in very small networks where it is easy to manage manually, your routing entries.

Static Routing on Vyos Router

We are going to use the network diagram shown above and below for clarity to demonstrate configuration of static routing on vyos router.

The network diagram above assumes that we have two networks. One is the head office network, and the other is the branch office network. Probably because the branch office is a small network, they used a vyos router to carry out routing functions.

We will not go back to configure our vyos router from scratch. But just in case you do not know how to configure your vyos router, please follow these guides:

Now try to ping your vyos router from your client machines. You should get a response. Remember that in this guide, the ip address for the vyos lan facing interface should be If your vyos router is a dhcp server for the branch office, then it will dish the appropriate ip addresses to the client machines.

Next, we set up a cisco router for the head office. This is just to show you the interaction between cisco devices and vyos routers. We could simply use vyos router at the head office.

The cisco router can have 3 interfaces. Interface 0/0 for the internet, interface 1/0 for the LAN and interface 2/0 for the link to the branch office.

Configure your cisco router as shown under.

$configure terminal

#interface gigabitEthernet 0/0

#description Internet

#ip address dhcp

#ip nat outside

#no shut


#interface gigabitEthernet 1/0

#description LAN

#ip address

#ip nat inside

#no shut


(config)#ip nat inside source list 1 interface gigabitEthernet 0/0 overload

(config)#ip access-list 1 permit

Make our cisco router a dhcp server to dish ip address to the head office clients.

(config)#ip dhcp pool NET_POOL





(config)#ip dhcp excluded-address

(config)#ip dhcp excluded-address

#do write memory

At this moment, your clients in the head office can connect to the internet. COOL!

However, our clients from the branch office cannot connect to services on the Head office network. You can try to ping a computer in the head office network from the branch office network. You will get a request timed out.

To enable branch office computers have access to head office, we need to configure routing. In this case, static routing.

On the vyos router, configure static routing by running the command.

#set protocols static route next-hop


 ip route on vyos



The result of a show ip route command is shown under.

show ip route

Now try to ping the computers in head office network. You should get a positive reply.

To be able to ping your branch office network from your head office network, simply do on the cisco router.

#ip route

A show ip route on the cisco router will give you:

cisco show ip route

Next up, we will look at some dynamic routing protocol on vyos router.;



Did You Enjoy What You Read? Sign Up To Our News Letter
I agree to have my personal information transfered to MailChimp ( more information )
Join over 1.000 visitors who are receiving our newsletter and learn how to design networks that work using open source technology and commercial offerings. Also learn how to proactively defend against security threats.
We hate spam. Your email address will not be sold or shared with anyone else.
Share This.