More than a router
VyOS is not just a router: It’s an open, customizable platform for network devices.
The entire codebase and the build toolchain are available for everyone to use, inspect and contribute to.
Our image build scripts are easy to use and allow multiple customization options. Build flavors (reusable JSON files with build configuration) make it easy to maintain your own builds without entering the same options each time. Binary package repositories of official VyOS releases are open to the public, so there is no need to build the entire system from source.
These are some customizations you can make:
In the future we plan to set up a web service for our customers to build images online.
VyOS uses a layered architecture. All components such as firewall, VPN and routing protocols are built on top of a configuration management framework that includes a custom shell environment, libraries for loading the config files and committing config changes, and libraries for reading values from the running config.
This makes it easy to integrate new applications into the system seamlessly. In fact, a number of VyOS features started their life as community-developed addons. There is no special “plugin API”, what you get to use is exactly what the maintainers use to add features to mainline VyOS.
Command definitions are written in XML and can be automatically validated using a RelaxNG schema. Scripts that generate target application configs can be written in Python 3, Perl, or shell.
To ensure forward compatibility even if the command syntax changes, we provide an API for writing migration scripts that parse config files and automatically update the syntax.
We provide custom development and consulting services. If there’s a missing feature you want to see in VyOS, you can sponsor its development. If you are a managed service provider and need a VyOS image with vendor or in-house software, we can help you integrate it and maintain the custom build.
We are actively working with community contributors and try to merge pull requests as soon as possible, or make suggestions on how to improve them.
BGP (IPv4 and IPv6), OSPF (v2 and v3), RIP and RIPng, policy-based routing.
IPsec, VTI, VXLAN, L2TPv3, L2TP/IPsec and PPTP servers, tunnel interfaces (GRE, IPIP, SIT), OpenVPN in client, server, or site-to-site modes, WireGuard.
Stateful firewall, zone-based firewall, all types of source and destination NAT (one to one, one to many, many to many).
DHCP and DHCPv6 server and relay, IPv6 RA, DNS forwarding, TFTP server, web proxy, PPPoE access concentrator, NetFlow/sFlow sensor, QoS.
VRRP for IPv4 and IPv6, ability to execute custom health checks and transition scripts; ECMP, stateful load balancing.
and archiving make external configuration backup tools redundant.
The entire codebase and the build toolchain are available to everyone for auditing, building customized images, and contributing.
Feel free to contact us with any technical or business questions.