SlideShare une entreprise Scribd logo

Open Source Networking with Vyatta

Matthew Turland
Matthew Turland
Technologie
1  sur  12
Télécharger pour lire hors ligne
Open Source Networking An introduction to using open source in the network. John Southworth February 26, 2009
Why would anyone want to use open source at the network layer? Chances are, you already do! - Vyatta is a replacement for enterprise level routing and security platforms. - It can be used easily almost anywhere. - It's a software package (linux distribution) that runs on standard x86 hardware.
How does Vyatta benefit users? Home users: Stable Secure Powerful Flexible Runs on just about anything Free and Open! Good community support Enterprise users: Stable Secure Powerful Flexible Virtualizable Subscription release available Commercial support Command line interface similar to Cisco or Juniper
So what does Vyatta do? Routing (Static, RIP, OSPF, and BGP) NAT VPN ( IPSEC, PPTP, OpenVPN, and L2TP ) Firewall IDS Webproxy Interfaces DSL, T1, T3, Ethernet (up to 10Gb), wireless modem, tunnel Its flexibility comes from the fact that Debian GNU/Linux is underneath it all: if you need another service running on the router, just install it.
Why Vyatta over standard Linux?
First, a set-up for a home user Community edition is available at http://vyatta.org/downloads Grab it, put it on an old pc, and play with it! I use a single board computer as my routing platform: ALIX 2D3 AMD Geode 500MHz 256MB RAM 3 10/100 Ethernet NICS It is configured for NAT, Firewall, OpenVPN, and OSPF. Works great, <$200 for a decent router. These are similar specs to a Cisco ASA5505 With the same software capabilities that Vyatta has, it costs over $600
Configuring an internet gateway with Vyatta: Demo Services for standard home router: DHCP Wan Interface DHCP server for LAN DNS Forwarding Firewall NAT
firewall { ethernet eth1 { system { broadcast-ping disable address 192.168.1.1/24 host-name roto-router5000 conntrack-tcp-loose enable description quot;LAN side NICquot; login { ip-src-route disable duplex auto user root { log-martians enable hw-id 00:04:5a:5b:a8:ac authentication { name wanwall { speed auto encrypted-password *************** rule 999 { } level admin action accept loopback lo { } description quot;Allow all established connectionsquot; } user vyatta { state { } authentication { established enable service { encrypted-password *************** invalid disable dhcp-server { } related enable disabled false level admin } shared-network-name my-net { } } authoritative disable } } subnet 192.168.1.0/24 { ntp-server 69.59.150.135 name wan-in { client-prefix-length 24 package { rule 999 { default-router 192.168.1.1 auto-sync 1 action accept dns-server 192.168.1.1 repository community { description quot;Allow all established connectionsquot; lease 86400 components main state { start 192.168.1.10 { distribution stable established enable stop 192.168.1.45 password quot;quot; invalid disable } url http://packages.vyatta.com/vyatta related enable } username quot;quot; } } } } } } } dns { time-zone GMT receive-redirects disable forwarding { } send-redirects disable cache-size 150 syn-cookies enable dhcp eth0 } listen-on eth1 interfaces { } ethernet eth0 { } address dhcp nat { description quot;WAN side NICquot; rule 10 { duplex auto outbound-interface eth0 firewall { protocol all local { type masquerade name wanwall } } } in { ssh { name wan-in allow-root false } port 22 } protocol-version v2 hw-id 00:50:8b:a1:d5:e5 } speed auto } }
Now for something a little more fun! OpenVPN For the home users: Easy connection between friends, share files and information with your friends and family. OSPF does the route configuring work for you. For the working guys: OpenVPN tunnels for site to site vpns, runs OSPF for dynamic updates. I have 2 nodes setup for this, and we will configure the third link. There are 4 OSPF areas, one backbone and one area behind each router.
More functions, mainly for the enterprise guys. Got a branch office that needs a lot of equipment? Virtualize everything, even the router/firewall. This is the so called “Branch-in-a-Box”. Perhaps you need a lot of routers for point-to-point links or something similar. That's virtualizable too. Virtualizing routing is a very flexible idea; having your routing platform as software instead of being locked into a hardware solution gives this flexibility.
There is so much more this platform can do. There is a learning curve for the CLI for home users, but a web-ui is on the way.

Recommandé

Huawei switch configuration commands
Huawei switch configuration commandsHuawei switch configuration commands
Huawei switch configuration commandsHuanetwork
 
Basic security &amp; info
Basic security &amp; infoBasic security &amp; info
Basic security &amp; infoTola LENG
 
IPTABLES
IPTABLESIPTABLES
IPTABLESTan Huynh Cong
 
Packet Tracer: Load Balancing with GLBP and FHRP
Packet Tracer: Load Balancing with GLBP and FHRPPacket Tracer: Load Balancing with GLBP and FHRP
Packet Tracer: Load Balancing with GLBP and FHRPRafat Khandaker
 
Huawei S5700 Basic Configuration Command
Huawei S5700 Basic Configuration CommandHuawei S5700 Basic Configuration Command
Huawei S5700 Basic Configuration CommandHuanetwork
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
7. protocols
7. protocols7. protocols
7. protocolsMarian Marinov
 
Cisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsCisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsBootcamp SCL
 

Recommandé

Huawei switch configuration commands
Huawei switch configuration commandsHuawei switch configuration commands
Huawei switch configuration commandsHuanetwork
 
Basic security &amp; info
Basic security &amp; infoBasic security &amp; info
Basic security &amp; infoTola LENG
 
IPTABLES
IPTABLESIPTABLES
IPTABLESTan Huynh Cong
 
Packet Tracer: Load Balancing with GLBP and FHRP
Packet Tracer: Load Balancing with GLBP and FHRPPacket Tracer: Load Balancing with GLBP and FHRP
Packet Tracer: Load Balancing with GLBP and FHRPRafat Khandaker
 
Huawei S5700 Basic Configuration Command
Huawei S5700 Basic Configuration CommandHuawei S5700 Basic Configuration Command
Huawei S5700 Basic Configuration CommandHuanetwork
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
7. protocols
7. protocols7. protocols
7. protocolsMarian Marinov
 
Cisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsCisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsBootcamp SCL
 
Huawei Router Basic Configuration Command
Huawei Router Basic Configuration CommandHuawei Router Basic Configuration Command
Huawei Router Basic Configuration CommandHuanetwork
 
7.protocols 2
7.protocols 27.protocols 2
7.protocols 2Marian Marinov
 
Ccna icnd2-labs exercices
Ccna icnd2-labs exercicesCcna icnd2-labs exercices
Ccna icnd2-labs exercicessaqrjareh
 
Huawei cisco command conversion
Huawei cisco command conversionHuawei cisco command conversion
Huawei cisco command conversionjames Omara
 
Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)DH Da Lat
 
Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file serverTola LENG
 
Juniper Chassis Cluster Configuration with SRX-1500s
Juniper Chassis Cluster Configuration with SRX-1500sJuniper Chassis Cluster Configuration with SRX-1500s
Juniper Chassis Cluster Configuration with SRX-1500sAshutosh Patel
 
7 slaac-rick graziani
7 slaac-rick graziani7 slaac-rick graziani
7 slaac-rick grazianiAlejandro Reyes
 
Webinar NETGEAR Prosafe Switch, la sicurezza della LAN
Webinar NETGEAR Prosafe Switch, la sicurezza della LANWebinar NETGEAR Prosafe Switch, la sicurezza della LAN
Webinar NETGEAR Prosafe Switch, la sicurezza della LANNetgear Italia
 
Ccnp3 lab 3_4_en
Ccnp3 lab 3_4_enCcnp3 lab 3_4_en
Ccnp3 lab 3_4_enOmar Herrera
 
Puertos tcp & udp
Puertos tcp & udpPuertos tcp & udp
Puertos tcp & udpClaudia Ortiz Ruiz
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commandsRobin Rohit
 
Huawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP serverHuawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP serverIPMAX s.r.l.
 
Composants et fonctionnement d'un Switch Cisco
Composants et fonctionnement d'un Switch Cisco Composants et fonctionnement d'un Switch Cisco
Composants et fonctionnement d'un Switch Cisco DJENNA AMIR
 
Layer 3 redundancy hsrp
Layer 3 redundancy hsrpLayer 3 redundancy hsrp
Layer 3 redundancy hsrpEdgardo Scrimaglia
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 
Vrrp
VrrpVrrp
VrrpAnuj Kumar
 
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...Netgate
 
Openvpn
OpenvpnOpenvpn
OpenvpnPavel Müller
 
Configuraion vpn
Configuraion vpnConfiguraion vpn
Configuraion vpnJacqueline Coba
 
OpenVPN
OpenVPNOpenVPN
OpenVPNEmil CHERICHEȘ
 
OpenVPN como solución de Redes Privadas Virtuales Corporativas
OpenVPN como solución de Redes Privadas Virtuales CorporativasOpenVPN como solución de Redes Privadas Virtuales Corporativas
OpenVPN como solución de Redes Privadas Virtuales CorporativasRommel León
 

Contenu connexe

Tendances

Huawei Router Basic Configuration Command
Huawei Router Basic Configuration CommandHuawei Router Basic Configuration Command
Huawei Router Basic Configuration CommandHuanetwork
 
Ccna icnd2-labs exercices
Ccna icnd2-labs exercicesCcna icnd2-labs exercices
Ccna icnd2-labs exercicessaqrjareh
 
Huawei cisco command conversion
Huawei cisco command conversionHuawei cisco command conversion
Huawei cisco command conversionjames Omara
 
Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)DH Da Lat
 
Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file serverTola LENG
 
Juniper Chassis Cluster Configuration with SRX-1500s
Juniper Chassis Cluster Configuration with SRX-1500sJuniper Chassis Cluster Configuration with SRX-1500s
Juniper Chassis Cluster Configuration with SRX-1500sAshutosh Patel
 
Webinar NETGEAR Prosafe Switch, la sicurezza della LAN
Webinar NETGEAR Prosafe Switch, la sicurezza della LANWebinar NETGEAR Prosafe Switch, la sicurezza della LAN
Webinar NETGEAR Prosafe Switch, la sicurezza della LANNetgear Italia
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commandsRobin Rohit
 
Huawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP serverHuawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP serverIPMAX s.r.l.
 
Composants et fonctionnement d'un Switch Cisco
Composants et fonctionnement d'un Switch Cisco Composants et fonctionnement d'un Switch Cisco
Composants et fonctionnement d'un Switch Cisco DJENNA AMIR
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...Netgate
 

Tendances (18)

Huawei Router Basic Configuration Command
Huawei Router Basic Configuration CommandHuawei Router Basic Configuration Command
Huawei Router Basic Configuration Command
 
7.protocols 2
7.protocols 27.protocols 2
7.protocols 2
 
Ccna icnd2-labs exercices
Ccna icnd2-labs exercicesCcna icnd2-labs exercices
Ccna icnd2-labs exercices
 
Huawei cisco command conversion
Huawei cisco command conversionHuawei cisco command conversion
Huawei cisco command conversion
 
Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)
 
Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file server
 
Juniper Chassis Cluster Configuration with SRX-1500s
Juniper Chassis Cluster Configuration with SRX-1500sJuniper Chassis Cluster Configuration with SRX-1500s
Juniper Chassis Cluster Configuration with SRX-1500s
 
7 slaac-rick graziani
7 slaac-rick graziani7 slaac-rick graziani
7 slaac-rick graziani
 
Webinar NETGEAR Prosafe Switch, la sicurezza della LAN
Webinar NETGEAR Prosafe Switch, la sicurezza della LANWebinar NETGEAR Prosafe Switch, la sicurezza della LAN
Webinar NETGEAR Prosafe Switch, la sicurezza della LAN
 
Ccnp3 lab 3_4_en
Ccnp3 lab 3_4_enCcnp3 lab 3_4_en
Ccnp3 lab 3_4_en
 
Puertos tcp & udp
Puertos tcp & udpPuertos tcp & udp
Puertos tcp & udp
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commands
 
Huawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP serverHuawei Switch How To - Configuring a basic DHCP server
Huawei Switch How To - Configuring a basic DHCP server
 
Composants et fonctionnement d'un Switch Cisco
Composants et fonctionnement d'un Switch Cisco Composants et fonctionnement d'un Switch Cisco
Composants et fonctionnement d'un Switch Cisco
 
Layer 3 redundancy hsrp
Layer 3 redundancy hsrpLayer 3 redundancy hsrp
Layer 3 redundancy hsrp
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewall
 
Vrrp
VrrpVrrp
Vrrp
 
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
Configuring Netgate Appliance Integrated Switches on pfSense 2.4.4 - pfSense ...
 

En vedette

OpenVPN como solución de Redes Privadas Virtuales Corporativas
OpenVPN como solución de Redes Privadas Virtuales CorporativasOpenVPN como solución de Redes Privadas Virtuales Corporativas
OpenVPN como solución de Redes Privadas Virtuales CorporativasRommel León
 

En vedette (7)

Openvpn
OpenvpnOpenvpn
Openvpn
 
Configuraion vpn
Configuraion vpnConfiguraion vpn
Configuraion vpn
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 
OpenVPN como solución de Redes Privadas Virtuales Corporativas
OpenVPN como solución de Redes Privadas Virtuales CorporativasOpenVPN como solución de Redes Privadas Virtuales Corporativas
OpenVPN como solución de Redes Privadas Virtuales Corporativas
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 
Openvpn
OpenvpnOpenvpn
Openvpn
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 

Similaire à Open Source Networking with Vyatta

VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話upaa
 
Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Anatoliy Okhotnikov
 
20141102 VyOS 1.1.0 and NIFTY Cloud New Features
20141102 VyOS 1.1.0 and NIFTY Cloud New Features20141102 VyOS 1.1.0 and NIFTY Cloud New Features
20141102 VyOS 1.1.0 and NIFTY Cloud New Features雄也 日下部
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantShixiong Shang
 
Deeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDeeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDocker, Inc.
 
Triển khai vpn client to site qua router gpon
Triển khai vpn client to site qua router gponTriển khai vpn client to site qua router gpon
Triển khai vpn client to site qua router gponlaonap166
 
Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1Yongyoon Shin
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 
Building a moat bastion server
Building a moat bastion serverBuilding a moat bastion server
Building a moat bastion servernseemiller
 
Air Live Rs 1200
Air Live Rs 1200Air Live Rs 1200
Air Live Rs 1200guest52b3f5
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxcarliotwaycave
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
 
OpenShift v3 Internal networking details
OpenShift v3 Internal networking detailsOpenShift v3 Internal networking details
OpenShift v3 Internal networking detailsEtsuji Nakai
 
Linux lecture9
Linux lecture9Linux lecture9
Linux lecture9gkj021
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefMatt Ray
 

Similaire à Open Source Networking with Vyatta (20)

VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話
 
Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)
 
20141102 VyOS 1.1.0 and NIFTY Cloud New Features
20141102 VyOS 1.1.0 and NIFTY Cloud New Features20141102 VyOS 1.1.0 and NIFTY Cloud New Features
20141102 VyOS 1.1.0 and NIFTY Cloud New Features
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPN
 
p10
p10p10
p10
 
p10
p10p10
p10
 
Deeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDeeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay Networks
 
Triển khai vpn client to site qua router gpon
Triển khai vpn client to site qua router gponTriển khai vpn client to site qua router gpon
Triển khai vpn client to site qua router gpon
 
Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 
Building a moat bastion server
Building a moat bastion serverBuilding a moat bastion server
Building a moat bastion server
 
Vyos clustering ipsec
Vyos clustering ipsecVyos clustering ipsec
Vyos clustering ipsec
 
Air Live Rs 1200
Air Live Rs 1200Air Live Rs 1200
Air Live Rs 1200
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
OpenShift v3 Internal networking details
OpenShift v3 Internal networking detailsOpenShift v3 Internal networking details
OpenShift v3 Internal networking details
 
Linux lecture9
Linux lecture9Linux lecture9
Linux lecture9
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and Chef
 
NAT64 Overview
NAT64 OverviewNAT64 Overview
NAT64 Overview
 

Plus de Matthew Turland

New SPL Features in PHP 5.3
New SPL Features in PHP 5.3New SPL Features in PHP 5.3
New SPL Features in PHP 5.3Matthew Turland
 
New SPL Features in PHP 5.3 (TEK-X)
New SPL Features in PHP 5.3 (TEK-X)New SPL Features in PHP 5.3 (TEK-X)
New SPL Features in PHP 5.3 (TEK-X)Matthew Turland
 
When RSS Fails: Web Scraping with HTTP
When RSS Fails: Web Scraping with HTTPWhen RSS Fails: Web Scraping with HTTP
When RSS Fails: Web Scraping with HTTPMatthew Turland
 
Open Source Content Management Systems
Open Source Content Management SystemsOpen Source Content Management Systems
Open Source Content Management SystemsMatthew Turland
 
PHP Basics for Designers
PHP Basics for DesignersPHP Basics for Designers
PHP Basics for DesignersMatthew Turland
 
Creating Web Services with Zend Framework - Matthew Turland
Creating Web Services with Zend Framework - Matthew TurlandCreating Web Services with Zend Framework - Matthew Turland
Creating Web Services with Zend Framework - Matthew TurlandMatthew Turland
 
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake DevilleThe OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake DevilleMatthew Turland
 
Utilizing the Xen Hypervisor in business practice - Bryan Fusilier
Utilizing the Xen Hypervisor in business practice - Bryan FusilierUtilizing the Xen Hypervisor in business practice - Bryan Fusilier
Utilizing the Xen Hypervisor in business practice - Bryan FusilierMatthew Turland
 
The Ruby Programming Language - Ryan Farnell
The Ruby Programming Language - Ryan FarnellThe Ruby Programming Language - Ryan Farnell
The Ruby Programming Language - Ryan FarnellMatthew Turland
 
PDQ Programming Languages plus an overview of Alice - Frank Ducrest
PDQ Programming Languages plus an overview of Alice - Frank DucrestPDQ Programming Languages plus an overview of Alice - Frank Ducrest
PDQ Programming Languages plus an overview of Alice - Frank DucrestMatthew Turland
 
Getting Involved in Open Source - Matthew Turland
Getting Involved in Open Source - Matthew TurlandGetting Involved in Open Source - Matthew Turland
Getting Involved in Open Source - Matthew TurlandMatthew Turland
 

Plus de Matthew Turland (15)

New SPL Features in PHP 5.3
New SPL Features in PHP 5.3New SPL Features in PHP 5.3
New SPL Features in PHP 5.3
 
New SPL Features in PHP 5.3 (TEK-X)
New SPL Features in PHP 5.3 (TEK-X)New SPL Features in PHP 5.3 (TEK-X)
New SPL Features in PHP 5.3 (TEK-X)
 
Sinatra
SinatraSinatra
Sinatra
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHP
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHP
 
When RSS Fails: Web Scraping with HTTP
When RSS Fails: Web Scraping with HTTPWhen RSS Fails: Web Scraping with HTTP
When RSS Fails: Web Scraping with HTTP
 
Open Source Content Management Systems
Open Source Content Management SystemsOpen Source Content Management Systems
Open Source Content Management Systems
 
PHP Basics for Designers
PHP Basics for DesignersPHP Basics for Designers
PHP Basics for Designers
 
Web Scraping with PHP
Web Scraping with PHPWeb Scraping with PHP
Web Scraping with PHP
 
Creating Web Services with Zend Framework - Matthew Turland
Creating Web Services with Zend Framework - Matthew TurlandCreating Web Services with Zend Framework - Matthew Turland
Creating Web Services with Zend Framework - Matthew Turland
 
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake DevilleThe OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
The OpenSolaris Operating System and Sun xVM VirtualBox - Blake Deville
 
Utilizing the Xen Hypervisor in business practice - Bryan Fusilier
Utilizing the Xen Hypervisor in business practice - Bryan FusilierUtilizing the Xen Hypervisor in business practice - Bryan Fusilier
Utilizing the Xen Hypervisor in business practice - Bryan Fusilier
 
The Ruby Programming Language - Ryan Farnell
The Ruby Programming Language - Ryan FarnellThe Ruby Programming Language - Ryan Farnell
The Ruby Programming Language - Ryan Farnell
 
PDQ Programming Languages plus an overview of Alice - Frank Ducrest
PDQ Programming Languages plus an overview of Alice - Frank DucrestPDQ Programming Languages plus an overview of Alice - Frank Ducrest
PDQ Programming Languages plus an overview of Alice - Frank Ducrest
 
Getting Involved in Open Source - Matthew Turland
Getting Involved in Open Source - Matthew TurlandGetting Involved in Open Source - Matthew Turland
Getting Involved in Open Source - Matthew Turland
 

Dernier

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Dernier (20)

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Open Source Networking with Vyatta

  • 1. Open Source Networking An introduction to using open source in the network. John Southworth February 26, 2009
  • 2. Why would anyone want to use open source at the network layer? Chances are, you already do! - Vyatta is a replacement for enterprise level routing and security platforms. - It can be used easily almost anywhere. - It's a software package (linux distribution) that runs on standard x86 hardware.
  • 3. How does Vyatta benefit users? Home users: Stable Secure Powerful Flexible Runs on just about anything Free and Open! Good community support Enterprise users: Stable Secure Powerful Flexible Virtualizable Subscription release available Commercial support Command line interface similar to Cisco or Juniper
  • 4. So what does Vyatta do? Routing (Static, RIP, OSPF, and BGP) NAT VPN ( IPSEC, PPTP, OpenVPN, and L2TP ) Firewall IDS Webproxy Interfaces DSL, T1, T3, Ethernet (up to 10Gb), wireless modem, tunnel Its flexibility comes from the fact that Debian GNU/Linux is underneath it all: if you need another service running on the router, just install it.
  • 5. Why Vyatta over standard Linux?
  • 6. First, a set-up for a home user Community edition is available at http://vyatta.org/downloads Grab it, put it on an old pc, and play with it! I use a single board computer as my routing platform: ALIX 2D3 AMD Geode 500MHz 256MB RAM 3 10/100 Ethernet NICS It is configured for NAT, Firewall, OpenVPN, and OSPF. Works great, <$200 for a decent router. These are similar specs to a Cisco ASA5505 With the same software capabilities that Vyatta has, it costs over $600
  • 7. Configuring an internet gateway with Vyatta: Demo Services for standard home router: DHCP Wan Interface DHCP server for LAN DNS Forwarding Firewall NAT
  • 8. firewall { ethernet eth1 { system { broadcast-ping disable address 192.168.1.1/24 host-name roto-router5000 conntrack-tcp-loose enable description quot;LAN side NICquot; login { ip-src-route disable duplex auto user root { log-martians enable hw-id 00:04:5a:5b:a8:ac authentication { name wanwall { speed auto encrypted-password *************** rule 999 { } level admin action accept loopback lo { } description quot;Allow all established connectionsquot; } user vyatta { state { } authentication { established enable service { encrypted-password *************** invalid disable dhcp-server { } related enable disabled false level admin } shared-network-name my-net { } } authoritative disable } } subnet 192.168.1.0/24 { ntp-server 69.59.150.135 name wan-in { client-prefix-length 24 package { rule 999 { default-router 192.168.1.1 auto-sync 1 action accept dns-server 192.168.1.1 repository community { description quot;Allow all established connectionsquot; lease 86400 components main state { start 192.168.1.10 { distribution stable established enable stop 192.168.1.45 password quot;quot; invalid disable } url http://packages.vyatta.com/vyatta related enable } username quot;quot; } } } } } } } dns { time-zone GMT receive-redirects disable forwarding { } send-redirects disable cache-size 150 syn-cookies enable dhcp eth0 } listen-on eth1 interfaces { } ethernet eth0 { } address dhcp nat { description quot;WAN side NICquot; rule 10 { duplex auto outbound-interface eth0 firewall { protocol all local { type masquerade name wanwall } } } in { ssh { name wan-in allow-root false } port 22 } protocol-version v2 hw-id 00:50:8b:a1:d5:e5 } speed auto } }
  • 9. Now for something a little more fun! OpenVPN For the home users: Easy connection between friends, share files and information with your friends and family. OSPF does the route configuring work for you. For the working guys: OpenVPN tunnels for site to site vpns, runs OSPF for dynamic updates. I have 2 nodes setup for this, and we will configure the third link. There are 4 OSPF areas, one backbone and one area behind each router.
  • 10.
  • 11. More functions, mainly for the enterprise guys. Got a branch office that needs a lot of equipment? Virtualize everything, even the router/firewall. This is the so called “Branch-in-a-Box”. Perhaps you need a lot of routers for point-to-point links or something similar. That's virtualizable too. Virtualizing routing is a very flexible idea; having your routing platform as software instead of being locked into a hardware solution gives this flexibility.
  • 12. There is so much more this platform can do. There is a learning curve for the CLI for home users, but a web-ui is on the way.