When you as company are strapped for cash but need a full featured, flexible and redundant firewall/router setup, what do you do? Vyatta! What is Vyatta? It’s best described using Vyatta’s own words, “The free community Vyatta Core software(VC) is award-winning, Linux-based, open source software providing routing, firewalling, VPN, intrusion prevention, and WAN load balancing services, among others, for your network. When you run Vyatta on a standard x86 hardware system, you’ll create a powerful network appliance that can run circles around proprietary systems. Vyatta also runs virtualized in VMware, Xen, Hyper-V, and other hypervisors, providing networking and security services to virtual machines and cloud computing environments.“
Using Vyatta Core 6.0 I’m hoping to end up with two small firewalls which will failover using VRRP on both the outside (Internet) and inside (local VLANs) interfaces, it’ll provide access to my DMZ and NAT the rest. I currently have it mostly setup in a XenServer lab environment, and it works great, Vyatta is unbelievably simple to use, the command line interface is extremely intuitive yet powerful and if you absolutely must have a GUI there’s a web based one available.
In upcoming posts I’ll dive into setting up VRRP, source and destination NAT, Netflow/sFlow, firewalling, logging and possibly a bunch of other subjects.
Getting Vyatta Core up and running is as simple as downloading an ISO (Live CD) or VM image (VMware ESX 3 & 4, Citrix XenServer or generic virtualization ISO), the Quick Start Guide has an easy to read step-by-step on how to get started. Go try it out today, you won’t regret it!
Do note that the Vyatta Core Community edition is entirely unsupported, you can however use the forums or pop on the unofficial irc channel called ##vyatta (yes, double hash tag) on irc.freenode.net