Vyatta



Vyatta is the name of an open source network operating system, and also the name of the company it is developed by, called Vyatta inc.. This page is only about the system.

Vyatta is based on Debian GNU/Linux distribution modified to suits networking purposes. In general, it's a routing platform with security and VPN features. It aims to be a replacement for proprietary solutions like Cisco IOS and Juniper JunOS. Main features which makes Vyatta different from a general purpose Linux distributions are:
 * Single config file for all functions.
 * Custom CLI, similar to hardware solutions.
 * Only network related components are included.

= Supported hardware platforms =

Currently Vyatta runs on standard x86 hardware. In theory, it can be ran on any x86 PC, but for production usage it's better to use some of certainly supported machines and network interfaces. These lists are incomplete and it runs on a various hardware. Supposed minimal system requirements are 500+ MHz CPU and 128M of RAM, actual requirements depend on tasks it will do. If you want to run a full BGP4 table you will need way more RAM than just a simple gateway with NAT capabilities.

Vyatta also can be ran in a virtual machine, and virtual infrastructure security is one of tasks Vyatta inc. proposes to do with their system. Ready images are available for VMWare and Citrix XenServer, and it can also be installed on KVM, VirtualBox, qemu and probably other hypervisors.

Vyatta inc. sells some (custom) build hardware solutions with preinstalled Vyatta.

= Supported features =

Currently the following features are supported:


 * Network interfaces: Ethernet 10Mbit to 10Gbit, 802.1q VLANs, bonding, PPPoE, 802.11g wireless, 3G modems, tunnels (GRE, IPIP, 6in4), serial and dsl (drivers are not included).
 * Routing: static routes, equal-cost multipath routing, BGPv4, OSPF, OSPFv3 (currently not full support), RIP, RIPng, route redistribution.
 * Routing policies: access-lists, prefix-lists, as-path-lists, community-lists and route maps for both IPv4 and IPv6 (currently they are used for dynamic routing control, not PBR).
 * Firewall: Statefull IPv4 and IPv6 traffic filtering based on source or destination address, port, protocol and other parameters. It supports rules based on day time or date, and also rules for recently seen hosts. Firewall rules may change DSCP service class or mark packets. Traffic filtering based on security zones is supported too.
 * NAT: Source, destination or masquerade address translation based on traffic source, destination, port or protocol. Translation can be one to one as well as one to many or many to one.
 * VPN: IPsec site-to-site, PPTP or L2TP (and L2TP/IPsec) remote access server with authentication in RADIUS, OpenVPN client, server or site-to site.
 * Flow accouting: NetFlow or sFlow sensor functionality.
 * QoS: various QoS algorithms, can use DSCP marks.
 * Content inspection (Intrusion detection system)
 * Web proxy with URL filtering support.
 * DHCP server and relay for IPv4.
 * Caching DNS server.
 * Load balancing and Clustering, failover via VRRP.
 * IPv6: Routing, route-advertisment, stateless autoconfiguration.
 * Remote control: serial or kvm console, SSH, telnet, Web gui and SNMP.

= History =

Vyatta was originally created in 2005 and named OFR (Open Flexible Router) in it's early releases. The current name comes from a sanskrit word for "open".