Vyatta

As mentioned a few days ago, I’m using Vyatta for my home router software. Vyatta is amazing; it’s a complete open-source router platform based on Linux. It’s something that I’ve been looking for for the last decade. You just boot up the CD image and wham–it’s a router, with a Juniper-ish command shell. Type configure and you’re in router configuration mode, with context-sensitive editing. Type a couple more commands and it’ll copy itself off of the CD and onto your hard drive or USB drive. It doesn’t get much easier than that.

At the same time, it’s impressively powerful. It still lacks a few features that upper-end Cisco or Juniper routers have–no MPLS, no policy routing, and IPv6 support is weak. But it’s a huge step above any of the Linksys or D-Link routers that I’ve seen. It supports BGP and OSPF, plus reasonably flexible NAT and ACL settings. I’ve never benchmarked my router, but after 2 weeks of uptime it claims that it’s spent 99.9% of its time idle while copying almost 750 GB of data between interfaces. Vyatta claims that a 4x2.66 GHz Intel CPU can route 3 Gbps of 512 byte packets, and I see no reason to doubt that.

Vyatta is open source, but it has a company behind it (also named Vyatta), selling support to anyone who will pay. I’m always conflicted when I run into projects like this. I’m happy that they’re available, and that they’re making progress forward, but they only rarely develop any sort of community around them. Maybe Vyatta will prove me wrong.

Posted by Scott Laird Sun, 19 Apr 2009 05:15:00 GMT


Comments

  1. der Dennis about 2 hours later:

    I use M0n0wall on the WRAP-platform as my home router. If it matches your required feature set (I think there is no BGP or OSPF…) you should give it a spin…

  2. Scott Laird about 8 hours later:

    Actually, I’ve looked at m0n0wall’s documentation a few times, and it’s not really in the same league. Specifically, it seems to be lacking at least three things that are completely critical to me:

    1. A flexible CLI for defining firewall rules (and ideally everything else).
    2. VLAN support.
    3. Any dynamic routing support at all. I need RIPv2 for something, and m0n0wall doesn’t seem to support it.

    I’m using 3 or 4 VLANs on my Ethernet switch for various purposes right now; I could break them back out onto individual ports and feed them into the router one at a time, but it’s kinda nice to be able to define a new VLAN and have it routed without needing to touch any cables.

    IMHO, web interfaces are nice for some things, but fill-in-the-box router configs don’t give you nearly enough flexibility. Router config languages are languages, and there’s no comparing the expressiveness of a language to a fill-in-the-blanks form.

  3. Dave Roberts 10 days later:

    You should check out the community on http://www.vyatta.org/ . It’s growing well with lots of participation.