New to VyOS?

VyOS is an open source network operating system that can be installed on physical hardware or a virtual machine on your own server, or a cloud platform . It is based on GNU/Linux and joins multiple applications such as Quagga, ISC DHCPD, OpenVPN, StrongS/WAN and others under a single management interface.

We strive to make VyOS useful in any network, from a small office to a data center.

Unlike OpenWRT or pfSense, VyOS is more similar to traditional hardware routers, with a focus on comprehensive support for advanced routing features such as dynamic routing protocols and command line interface. However, we do not neglect other features such as VPN and firewalls.

Details

Features

We try to provide as many network functions as possible to make VyOS usable anywhere from a small office router to an ISP edge, within reason. Have a checklist.

VLANs:
802.1q and QinQ
Static and dynamic routing:
BGP for IPv4 and IPv6, OSPFv2, RIP, RIPng, policy-based routing, equal cost multi-path
Firewall:
Firewall rulesets for IPv4 and IPv6 traffic you can assign to interfaces, zone-based firewall, address/network/port groups for IPv4 firewalls
Tunnel interfaces:
PPPoE, GRE, IPIP, SIT, static L2TPv3, VXLAN
VPN:
Site-to-site IPsec for IPv4 and IPv6, L2TP/IPsec server, PPTP server, OpenVPN for site-to-site and remote access
NAT:
Source NAT, port forwards, one to one, one to many, and many to many translations
DHCP:
DHCP and DHCPv6 server and relay
Redundancy:
VRRP, connection table synchronization
Flow accounting:
NetFlow and sFlow
Proxy:
Web proxy and URL filtering
Shaping:
QoS policies (drop tail, fair queue, and others), traffic redirection.
What's missing

While we indeed want to present VyOS in a positive light, we'll be upfront about things it does not support at this time. In the current versions, you will not find, among other things:

MPLS switching and associated protocols such as LDP
Multicast routing protocols (PIM-SM etc.)

Remote management API
Graphical interface

The core ideas behind VyOS are:

Physical and virtual hardware supported equally

Virtualization support is something more than mere ability to run in a virtual machine. For best results, the guest OS has to cooperate with the hypervisor. We include drivers for paravirtual network and SCSI devices for best performance. Fully supported hypervisors are KVM, Xen in HVM mode, VMware, Microsoft Hyper-V, and VirtualBox.
Specifically for VMware, open-vm-tools package is included in the image. You can also find ready to use VyOS images in two cloud platforms: Amazon EC2 and Ravello.

VyOS disk and memory footprint is relatively small, so you don’t need big servers to run it, for a home or small office router you can run it on a small x86 board.

Command line interface and configuration system

We think in the age of graphical interfaces and SDN controllers, it’s still important for routers to provide a good command line interface. Some tasks that pose a challenge in a graphical interface can be made trivial in a CLI, such as:

  • View the entire configuration or any of its parts
  • Copy a chunk of configuration from one device or from a template to another
  • Demonstrate a configuration snippet to someone else

To become a go-to tool rather than the last resort, command line interface has to be well designed, so the quality of its design and implementation is one of the top priorities for us.

  • Configuration commands do not change the running configuration immediately. They stage the changes, and you can view the difference, and commit or discard them. No need to order your commands carefully to avoid breaking the configuration.
  • If someone else commits any changes while you are working on yours, you will be notified and can review the changes and fix any conflicts before committing.
  • You can easily view the configuration in a simple human-readable format, or view commands that produced it. No need to walk through multiple tabs in a GUI to find out how the router is configured.
  • If you are not sure if your changes are safe, you can use confirmed commit, and the system will automatically reload to the previous configuration if you are unable to issue the confirm command in specified amount of time.
  • On every commit, previous configuration version is archived. You can view older revisions and differences between them right on the router, and automatically backup to a remote server. No need for external tools such as RANCID to keep your configuration safe.
  • Fast deployment and safe upgrades

VyOS provides a live CD ISO image you can boot from and try it out or install it on your machine. Live CD provides the same functions as installed system, except for persistent configuration. If you choose to install it, it takes just a few minutes.

Upgrading a router can be a stressful task. We try to keep it as easy and safe as possible. The upgrade process uses the same ISO image as that used for installation, and the upgrade commands use the same ISO image URL.

You can keep multiple images copies on the same system and switch between them. On upgrade, your configuration is automatically copied to the new image. If something goes wrong, you can always revert to previous VyOS version.

Open development model

VyOS has been a community project from the beginning. When Vyatta Core got discontinued, a group of its users who wanted to keep using it forked the last available source code to start VyOS. The developers are people who want to have a router for their own use rather than a company that wants to sell routers to someone else.

The maintainers team makes development and release decisions, but there is no corporate entity that holds all copyrights to the source code and controls the project infrastructure.

Our source code is open to everyone’s pull requests, no need to sign a contributor agreement and transfer your copyright to anyone. For development and distribution infrastructure we rely on our users who provide virtual machines and host mirrors for us.
All development discussions are held openly in the issue tracker and the IRC channel.

Everyone is welcome to work together and make VyOS better!

Video Tutorials

Visit our channel
Stable Version
LiveCD/Install ISO
for physical and virtual 64-bit x86 machines
and VMWare OVA for vSphere/vCloud Air
Beta Version
Beta & Development build LiveCD/Install ISOs
for physical and virtual 64-bit x86 machines
Cloud
Links for markets from different providers like
AWS, Azure, GCE,
vCloud Air and others

Stories

“ Back in 2008 I've been using a general-purpose Linux distribution for my home router.
While firewall management was somewhat simplified thanks to Shorewall, routing and VPN
configuration had to be kept in sync by hand, and it was getting more and more annoying
as I kept adding more connections to my friends' networks and other locations.
Still I preferred this to having a GUI as the only configuration option.

Then someone pointed me to Vyatta Community Edition, and I got hooked up. I remember it well
how excited I was about my ability to manage everything through a single CLI where
the config is observable without going through multiple tabs, and the changes are easy to view
or revert.

When it became clear that the open source Vyatta is gone, I was among those who forked the last
available code and started VyOS, because I couldn't imagine my routers without it.

Since then I've used VyOS pretty much everywhere, from home office to service provider networks,
and I'm not going to stop any time soon. ”
Daniil Baturin
VyOS developer
“ Why I love VyOS?
Opensource NFV is here? Easy to use for any IT engineer out there. A tool that I frequently use in virtual deployments. Almost all network functions that you may require on the go is there.
I can talk about it for hours, but better, just grab iso or OVA and take a look! ”
Yuriy Andamasov
VyOS 0-day user