Vyatta
Материал из Xgu.ru
Vyatta — opensource-альтернатива маршрутизаторам Cisco.
[править] Возможности
- New command shell. Release VC4.0.2 introduces a redesigned command shell for the Vyatta system: the FusionCLI™ management interface. The FusionCLI management interface is based on the Bash command shell but integrates network-specific commands and a configuration mode. The resulting management interface has a look and feel similar to the previous Vyatta CLI, but also provides direct access to Linux commands at the CLI prompt. The FusionCLI management interface introduces some differences past Vyatta CLI behavior and user experience; please see the “Behavior Changes” section for details.
- Redesign of routing protocol support. Routing protocols and routing policy support has been completely redesigned in VC4.0.2. The following routing components have been re-implemented:
- The new implementation offers greatly improved stability and performance, along with a large increase in the number of commands and options available.
- DHCP client capability. This release introduces DHCP client capability. You can configure an interface to obtain its address from a DHCP server by setting the address to “dhcp” instead of to an actual IP address.
- Ability to configure a black-hole address for static routes. In this release, you can configure a “black-hole” address for interface routes. Traffic sent to a black-hole address is discarded. To specify a black-hole address, use the “set protocols static interface-route ipv4net blackhole distance 1–255” command.
- Equal-cost multi-path routing. The Vyatta system now supports equal-cost multi-path routing (ECMP). When multiple “best paths” of equal cost exist in the routing table, the system will load balance traffic among the paths. There are no CLI changes associated with this feature; however, equal-cost paths in the routing cache and the forwarding table can be viewed using the “show ip route cache” and “show ip route forward” commands, respectively.
- Remote access VPN. The Vyatta system’s VPN support has been extended to allow remote users to establish a VPN tunnel with a Vyatta system acting as the VPN server. This allows, for example, a user working from home to connect to the private corporate network across the WAN. Both PPTP and L2TP/IPsec VPN tunnels are supported. L2TP/IPsec VPN tunnels
- Tunnel interfaces. The Vyatta system now supports tunnel interfaces, which are logical interfaces supporting IP tunneling protocols. IP tunneling protocols provide a mechanism for encapsulating packets from one network protocol into a packet from another protocol, creating a “tunnel.” Vyatta tunnel interfaces support Generic Routing Encapsulation (GRE) tunnels (which can be used to carry non-IP protocols such as Novell IPX, Banyen VINES, AppleTalk, and DECNet, or to carry multicast, broadcast, or IPv6 traffic) and IP-in-IP tunnels (which can be used to carry IPv4 packets across IP networks with differing network capabilities).
- PPPoE support. This release introduces support for Point-to-Point Protocol over Ethernet (PPPoE). PPPoE encapsulates Point-to-Point Protocol (PPP) frames inside Ethernet frames. This provides the circuit-based connections and security features available with PPP to be used in Ethernet environments, commonly for use with DSL networks.
- WAN load balancing. The Vyatta system now supports automatic load balancing for outbound traffic across two or more WAN-facing interfaces. When WAN load balancing is enabled on interfaces, load balancing will automatically be performed across those interfaces. You can also determine which traffic egresses a specific interface and you can weight interfaces differently to reflect different link performance or administrative policies.
- Quality of Service. In this release, Quality of Service (QoS) policies can be defined to allow congestion management and traffic conditioning. Two QoS mechanisms are introduced in the current release:
- Fair queuing, which uses the Stochastic Fair Queuing algorithm aiming to provide per-flow–based fair access to network resources and prevent any one flow from consuming an inordinate amount of output port bandwidth
- Traffic shaping, which uses traffic classification and packet marking to provide class-based levels of service.
- Ability to clear interface statistics. A number of “clear interface” commands have been added to clear statistics from interfaces, including Ethernet interfaces, bridge interfaces, multi-link interfaces, tunnel interfaces, and serial interfaces.
[править] Дополнительная информация
- Vyatta (англ.) — домашняя страница проекта
- Vyatta Demos (англ.) — флэш-ролики, демонстрирующие возможности продуктов Vyatta
- Vyatta.org (англ.) — сайт opensource-community сформировавшегося вокруг проекта Vyatta
- Vyatta Linux-дистрибутив для роутеров
- Настройка Vyatta
- Настройка VPN(PPTP/L2TP/IPsec) в Vyatta
Сетевой уровень
|
---|