VyOS 1.2.1 releases: open source network operating system

VyOS

VyOS is forked from the Vyatta community, is a network operating system that provides software-based network routing, firewall, and VPN functionality. VyOS is based on Debian GNU/Linux and is fully open source free. VyOS can run on physical devices and virtual platforms, supporting integration packages for para-virtual drives and virtual platforms.

VyOS

Feature

VLANs:
802.1q and QinQ
Static and dynamic routing:
BGP for IPv4 and IPv6, OSPFv2, RIP, RIPng, policy-based routing, equal cost multi-path
Firewall:
Firewall rulesets for IPv4 and IPv6 traffic you can assign to interfaces, zone-based firewall, address/network/port groups for IPv4 firewalls
Tunnel interfaces:
PPPoE, GRE, IPIP, SIT, static L2TPv3, VXLAN
VPN:
Site-to-site IPsec for IPv4 and IPv6, L2TP/IPsec server, PPTP server, OpenVPN for site-to-site and remote access
NAT:
Source NAT, port forwards, one to one, one to many, and many to many translations
DHCP:
DHCP and DHCPv6 server and relay
Redundancy:
VRRP, connection table synchronization
Flow accounting:
NetFlow and sFlow
Proxy:
Web proxy and URL filtering
Shaping:
QoS policies (drop tail, fair queue, and others), traffic redirection.
Changelog v1.2.1

Resolved issues

  • Package updates: kernel 4.19.32, open-vm-tools 10.3, latest Intel NIC drivers.
  • The kernel now includes drivers for various USB serial adapters, which allows people to add a serial console to a machine without onboard RS232, or connect to something else from the router (T1326).
  • The collection of network card firmware is now much more extensive.
  • VRRP correctly uses a virtual rather than physical MAC addresses in the RFC-compliant mode (T1271).
  • DHCP WPAD URL option works correctly again (T1330)
  • Many to many NAT rules now can use source/destination and translation networks of non-matching size (T1312). If 1:1 network bits translation is desired, it’s now user’s responsibility to check if prefix length matches.
  • IPv6 network prefix translation is fixed (T1290).
  • Non-alphanumeric characters such as “>” can now be safely used in PPPoE passwords (T1308).
  • “show | commands” no longer fails when a config section ends with a leaf node such as “timezone” in “show system | commands” (T1305).