Open source router and firewall platform
Stay up to date with all the latest updates, subscribe to our blog and newsletter, we promise not to spam :)
VyOS is not just a router, it’s an open, customizable platform for network devices.
The entire codebase and build toolchain are available for everyone to use, inspect, and contribute to.
Our image build scripts are easy to use and allow multiple customization options. Build flavours—reusable JSON files with build configuration, make it easy to maintain your own builds without entering the same options every time. Binary package repositories of official VyOS releases are open to the public, so there is no need to build the entire system from source.
These are some customizations you can make:
In the future we plan to setup a web service for our customers to build images online.
VyOS uses a layered architecture. All components such as firewall, IPsec, or routing protocols are built on top of a configuration management framework that includes a custom shell environment, libraries for loading the config file and committing config changes, and libraries for reading values from the running config.
This makes it easy to integrate new applications into the system seamlessly. In fact, a number of VyOS features started their life as community-developed addons. There is no special “plugin API”, what you get to use is exactly what the maintainers use to add features to the mainline VyOS.
Command definitions are written in XML and can be automatically validated using a RelaxNG schema. Scripts that generate target application configs can be written in Python 3, Perl, or shell.
To ensure forward compatibility even if command syntax changes, we provide an API for writing migration scripts that parse config files and automatically update the syntax.
We provide custom development and consulting services. If there’s a missing feature you want to see in VyOS, you can sponsor its development. If you are a managed service provider and need a VyOS image with vendor or in-house software, we can help you integrate it and maintain the custom build.
We are actively working with community contributors and try to merge pull requests as soon as possible, or make suggestions how to improve them.
VyOS runs on a wide range of hardware from small office routers to large servers, as well as virtual machines and multiple cloud providers.
BGP (IPv4 and IPv6), OSPF (v2 and v3), RIP and RIPng, policy-based routing.
IPsec, VTI, VXLAN, L2TPv3, L2TP/IPsec and PPTP servers, tunnel interfaces (GRE, IPIP, SIT), OpenVPN in client, server, or site-to-site mode, wireguard.
Stateful firewalls, zone-based firewall, all types of source and destination NAT (one to one, one to many, many to many).
DHCP and DHCPv6 server and relay, IPv6 RA, DNS forwarding, TFTP server, web proxy, PPPoE access concentrator, NetFlow/sFlow sensor, QoS.
VRRP for IPv4 and IPv6, ability to execute custom health checks and transition scripts; ECMP, stateful load balancing.
and archiving make external configuration backup tools redundant.
Its entire codebase and build toolchain are available to everyone for auditing, building customized images, and contributing.
