Open Source Networking with Vyatta

33 %
67 %
Information about Open Source Networking with Vyatta

Published on March 11, 2009

Author: tobias382


Open Source Networking An introduction to using open source in the network. John Southworth February 26, 2009

Why would anyone want to use open source at the network layer? Chances are, you already do! - Vyatta is a replacement for enterprise level routing and security platforms. - It can be used easily almost anywhere. - It's a software package (linux distribution) that runs on standard x86 hardware.

How does Vyatta benefit users? Home users: Stable Secure Powerful Flexible Runs on just about anything Free and Open! Good community support Enterprise users: Stable Secure Powerful Flexible Virtualizable Subscription release available Commercial support Command line interface similar to Cisco or Juniper

So what does Vyatta do? Routing (Static, RIP, OSPF, and BGP) NAT VPN ( IPSEC, PPTP, OpenVPN, and L2TP ) Firewall IDS Webproxy Interfaces DSL, T1, T3, Ethernet (up to 10Gb), wireless modem, tunnel Its flexibility comes from the fact that Debian GNU/Linux is underneath it all: if you need another service running on the router, just install it.

Why Vyatta over standard Linux?

First, a set-up for a home user Community edition is available at Grab it, put it on an old pc, and play with it! I use a single board computer as my routing platform: ALIX 2D3 AMD Geode 500MHz 256MB RAM 3 10/100 Ethernet NICS It is configured for NAT, Firewall, OpenVPN, and OSPF. Works great, <$200 for a decent router. These are similar specs to a Cisco ASA5505 With the same software capabilities that Vyatta has, it costs over $600

Configuring an internet gateway with Vyatta: Demo Services for standard home router: DHCP Wan Interface DHCP server for LAN DNS Forwarding Firewall NAT

firewall { ethernet eth1 { system { broadcast-ping disable address host-name roto-router5000 conntrack-tcp-loose enable description quot;LAN side NICquot; login { ip-src-route disable duplex auto user root { log-martians enable hw-id 00:04:5a:5b:a8:ac authentication { name wanwall { speed auto encrypted-password *************** rule 999 { } level admin action accept loopback lo { } description quot;Allow all established connectionsquot; } user vyatta { state { } authentication { established enable service { encrypted-password *************** invalid disable dhcp-server { } related enable disabled false level admin } shared-network-name my-net { } } authoritative disable } } subnet { ntp-server name wan-in { client-prefix-length 24 package { rule 999 { default-router auto-sync 1 action accept dns-server repository community { description quot;Allow all established connectionsquot; lease 86400 components main state { start { distribution stable established enable stop password quot;quot; invalid disable } url related enable } username quot;quot; } } } } } } } dns { time-zone GMT receive-redirects disable forwarding { } send-redirects disable cache-size 150 syn-cookies enable dhcp eth0 } listen-on eth1 interfaces { } ethernet eth0 { } address dhcp nat { description quot;WAN side NICquot; rule 10 { duplex auto outbound-interface eth0 firewall { protocol all local { type masquerade name wanwall } } } in { ssh { name wan-in allow-root false } port 22 } protocol-version v2 hw-id 00:50:8b:a1:d5:e5 } speed auto } }

Now for something a little more fun! OpenVPN For the home users: Easy connection between friends, share files and information with your friends and family. OSPF does the route configuring work for you. For the working guys: OpenVPN tunnels for site to site vpns, runs OSPF for dynamic updates. I have 2 nodes setup for this, and we will configure the third link. There are 4 OSPF areas, one backbone and one area behind each router.

More functions, mainly for the enterprise guys. Got a branch office that needs a lot of equipment? Virtualize everything, even the router/firewall. This is the so called “Branch-in-a-Box”. Perhaps you need a lot of routers for point-to-point links or something similar. That's virtualizable too. Virtualizing routing is a very flexible idea; having your routing platform as software instead of being locked into a hardware solution gives this flexibility.

There is so much more this platform can do. There is a learning curve for the CLI for home users, but a web-ui is on the way.

Add a comment

Related presentations

Related pages

openredes - networking open source

Manuales y ejemplos de configuración de herramientas open source de administración y monitorización de redes. Vyatta, OSSIM, Nagios, ntop...
Read more

Vyatta - Wikipedia, the free encyclopedia

Vyatta provides software ... Linux distribution with networking applications ... all the functionality of the open source version as well as a ...
Read more

Vyatta Open Source Router | Facebook

Vyatta Open Source Router. 2,452 likes · 2 talking about this. Vyatta builds commercially supported, open-source networking solutions that ...
Read more

Network Functions Virtualization (NFV) - Brocade

Brocade networking solutions help the world's leading organizations ... Open Source Code; Brocade SMI ... discusses the benefits of the Brocade Vyatta ...
Read more

Vyatta Updates Open Source Router -

Open source networking vendor Vyatta is rolling out the latest community edition of its routing software, continuing efforts to target Cisco users in a ...
Read more

Vyatta: Beating Cisco with open networks - CNET

Vyatta, the open-source networking company, has been turning on the heat lately against Cisco, the networking giant. Even as Cisco expands ...
Read more

Vyatta - VyOS

... with only open source components; and VSE (Vyatta Subscription Edition) ... All the open source networking rhetoric disappears from the websites and ...
Read more

A hands-on look at Vyatta Community Edition 4 networking ...

Vyatta offers hardware and open source software for enterprise-level network infrastructure. Vyatta can turn any 32-bit x86 machine with at least one ...
Read more

Open Source Routing with Vyatta - Networking - Spiceworks

Does anyone have experience with Vyatta? http:/ / One of my clients migrated to a datacenter and upgraded their link to a 1GB connection, but ...
Read more

Brocade SDN + NFV

White Paper: Making the Case for Open Source Controllers: Brocade Vyatta 5400 vRouter for VMware ESX/ESXI Quick Reference Card: Solution Brief: ...
Read more