Vyatta has achieved a major new release of its community-supported, Debian-based Linux distribution aimed at turning commodity x86 hardware into enterprise routers, firewalls, and VPN appliances. New features in Vyatta Community Edition 3 (VC3) include IPSec VPN, multilink PPP, and BGP scaling and security, the vendor says.
digg this story
Vyatta is a startup led by former MontaVista VP Kelly Herrell. It has gone through two funding rounds, the most recent led by Internet and cable TV provider Comcast. Although not yet profitable, the company is close, according to VP of Strategy Dave Roberts. “We may or may not need another round,” he told LinuxDevices.
Vyatta's flagship product is a commercially supported Linux distribution optimized for use as a combined router, firewall, and VPN (virtual private networking) server. It can be purchased as software, or preinstalled on Dell PowerEdge server hardware. The idea is that by using proprietary x86 hardware, rather than expensive, single-vendor hardware designs from Cisco or Juniper, Tier 2 Internet service providers and enterprises with large networks can save money and gain flexibility.
Roberts explained, “With the proprietary guys, bandwidth and memory tend to get locked in step, so if you want one, you have upgrade both together. A lot of the Tier 2 ISPs don't have the bandwidth requirements of the Tier 1s, but they still need full Internet routing tables.”
Roberts added, “If a Cisco router can even be upgraded with more memory, it might cost $5K for a GB or RAM.”
VoIP service providers have also been early adopters, according to Roberts — possibly because Vyatta's basis in normal Debian is conducive to getting all kinds of odd-ball telephony cards running, regardless of whether they are supported by the distribution's XORP router configuraton interface. Early customer wins that include ISP.com, Binfone, OpenTelcom, and Onega, according to Roberts.
Today's VC3 release
Vyatta's “VC” releases — such as today's VC3 release — resemble “Core” releases from the Red Hat-sponsored Fedora project, Roberts explained. “The community edition moves faster, [whereas] we're conservative on the supported edition,” he said.
Noting that VC releases have been downloaded no less than 100,000 times, Roberts added, “We're driving new features into community release, and as they stabilize, pulling them into the supported release.”
Like VC2, VC3 is based on standard Debian Linux, letting users draw from Debian's 19,000 or so x86 packages, when setting up their systems. “We do a partial mirror for the things we distribute, but we [tell users to] point to ftp.debian.org for the rest,” Roberts explained.
Despite the high geek factor of Debian, VC3 is easy to use, Roberts said, especially for network operators accustomed to IOS, tftp, and so on. “We want to build open source networking software and hardware systems that a normal Cisco/Juniper-trained network manager could sit down at and be very comfortable with. You don't have to know anything about LInux system administration if you don't want to. It's a benefit, not a requirement,” he said.
VC3 can be run from a live CD, or installed to hard disk or flash memory. “We're essentially a stripped-down version of Debian, with network-specific stuff, and the kernel is custom,” Roberts noted.
The biggest new feature appears to be support for multilink PPP. This feature enables companies to aggregate multiple smaller leased lines, typically T1s, instead of springing for a T3. Most ISPs support multilink connections, he said. Alternatively, Vyatta routers at either end of a leased line could enable enterprises to create a dedicated network pipe — for example to India, he suggested.
Yet another fairly new feature is support for virtualization — including both VMWare and Xen. This feature could enable branch offices to consolidate infrastructure onto a single device, Roberts added.
Other touted new features include:
- IPSec VPN with 3DES, AES (128 and 256-bit), MD5, and SHA1 encryption .
- Vyatta VPN routers can be configured in a cluster, with failover mechanisms, where high availability is needed.
- BGP (border gateway protocol) scaling and security enhancements is said to provide faster routing convergence with many peers.
Herrell stated, “We have proven the performance and reliability of our open-source networking solution in large, demanding networks. Vyatta can be deployed on server blades, dedicated appliances, or virtual machines using VMWare and Xen.”
Paul Wheeler, IT manager for the City of Madera, stated, “I have been continually impressed with Vyatta's attention to detail, excellent support, and ability to reliably add more power and flexibility to the solution.”
The VC3 release is available for download now. Vyatta plans to release a supported version in November.
This article was originally published on LinuxDevices and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.