My personal homelab has a very simple network topology, everything is connected to a single flat network. This has served me well over the years, but sometimes it can prevent me from deploying more complex scenarios. Most recently while working with NSX-T and Project Pacific, I had a need for additional VLANs which my home router does not support. There are a number of software solutions that can be used including the popular pfSense, which I have used before.
Over the Winter break, a colleague introduced me to VyOS, which is another popular software firewall and router solution. I had not heard of VyOS before but later realized it was derived from Vyatta, which I had heard of, but development of that solution had stopped and VyOS is now the open source version of that software. Having never played with VyoS before, I thought this might be a good learning opopournity and started to dabble with VyOS over the holiday. At a high level, I have VyOS connected to two networks: Outside network as VyOS refers which is your local LAN and Inside network as VyOS refers which is an is an isolated vSphere Portgroup (VSS/VDS) that is not connected to anything and configured to pass all traffic (4095). From here, you can create multiple VLANs in VyOS which can then be untagged using Virtual Guest Tagging (VGT) by placing a Nested ESXi VM on the same isolated portgroup and then creating the respective portgroups within the Nested ESXi VM mapping to the VyOS VLANs you have created.
One of the nice benefits of this solution is that you can create multiple "Isolated" yet routable networks that can still reach your primary LAN network and still have to access core infrastructure services running like Active Directory, DNS, etc. which was one of my requirements. After figuring out how VyOS works and applying that to my specific use case, I thought why not build some basic automation to setup this solution as I probably will forget how I setup everything. Initially I was using the VyOS OVA but later found out it was an extremely out of date there was no public version of the latest VyOS release in OVA form. I decided to use their latest rolling release and apply some vSphere API Automation to not only install VyOS but also fully configure based on template containing VyOS commands. I know the latest version of VyOS now includes a REST API but its a bit of a chicken/egg to enable and not very friendly to use compared to the solution I have built.