Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Show Page Sections

Configuration commands

This release contains updated configuration commands.

Diamond collector service

Diamond collector service commands have been added to this release.

service diamond session-name <name> collector netconf get path-map <path> key-field <value>

Bonding

Bonding commands have been added to this release.

interfaces bonding <tagnode> switch-group
interfaces bonding <tagnode> switch-group port-parameters
interfaces bonding <tagnode> switch-group port-parameters mode access
interfaces bonding <tagnode> switch-group port-parameters mode trunk
interfaces bonding <tagnode> switch-group port-parameters vlan-parameters primary-vlan-id <value>
interfaces bonding <tagnode> switch-group port-parameters vlan-parameters qos-parameters vlan <vlan-id>
interfaces bonding <tagnode> switch-group port-parameters vlan-parameters untagged-egress-vlans <value>
interfaces bonding <tagnode> switch-group port-parameters vlan-parameters vlans <value>
interfaces bonding <tagnode> switch-group switch <value>

Bridge spanning tree

Bridge spanning tree commands have been added to this release.

interfaces bonding <tagnode> bridge-group bpdu-filter
interfaces bonding <tagnode> vif <tagnode> bridge-group bpdu-filter
interfaces dataplane <tagnode> bridge-group bpdu-filter
interfaces dataplane <tagnode> switch-group bpdu-filter
interfaces dataplane <tagnode> vif <tagnode> bridge-group bpdu-filter
interfaces l2tpeth <tagnode> bridge-group bpdu-filter
interfaces l2tpeth <tagnode> vif <tagnode> bridge-group bpdu-filter
interfaces tunnel <tagnode> bridge-group bpdu-filter

Switch

Switch commands have been added to this release.

interfaces switch <name> default-port-parameters vlan-parameters qos-parameters vlan <vlan-id>

QoS

Qos commands have been added to this release.

interfaces dataplane <tagnode> switch-group port-parameters policy qos <value>
interfaces dataplane <tagnode> switch-group port-parameters vlan-parameters qos-parameters vlan <vlan-id> policy qos <value>
interfaces switch <name> default-port-parameters vlan-parameters qos-parameters vlan <vlan-id> policy qos <value>
policy qos mark-map <id>
policy qos mark-map <id> description <value>
policy qos mark-map <id> dscp-group <group-name>
policy qos mark-map <id> dscp-group <group-name> pcp-mark <value>
policy qos name <id> shaper mark-map <value>
policy qos name <id> shaper profile <id> map dscp-group <group-name>
policy qos name <id> shaper profile <id> map dscp-group <group-name> to <value>
policy qos name <id> shaper profile <id> queue <id> wred-map-bytes
policy qos name <id> shaper profile <id> queue <id> wred-map-bytes dscp-group <group-name>
policy qos name <id> shaper profile <id> queue <id> wred-map-bytes dscp-group <group-name> mark-probability <value>
policy qos name <id> shaper profile <id> queue <id> wred-map-bytes dscp-group <group-name> max-threshold <value>
policy qos name <id> shaper profile <id> queue <id> wred-map-bytes dscp-group <group-name> min-threshold <value>
policy qos name <id> shaper profile <id> queue <id> wred-map-bytes filter-weight <value>
policy qos name <id> shaper traffic-class <id> queue-limit-bytes <value>
policy qos profile <id> map dscp-group <group-name>
policy qos profile <id> map dscp-group <group-name> to <value>
policy qos profile <id> queue <id> wred-map-bytes
policy qos profile <id> queue <id> wred-map-bytes dscp-group <group-name>
policy qos profile <id> queue <id> wred-map-bytes dscp-group <group-name> mark-probability <value>
policy qos profile <id> queue <id> wred-map-bytes dscp-group <group-name> max-threshold <value>
policy qos profile <id> queue <id> wred-map-bytes dscp-group <group-name> min-threshold <value>
policy qos profile <id> queue <id> wred-map-bytes filter-weight <value>

Firewall

Firewall commands have been added to this release.

security firewall session-log tcp rst-received

SSH client

SSH client commands have been added to this release.

security ssh-client permit host-key-algorithm ssh-dss
security ssh-client permit key-exchange-algorithm diffie-hellman-group-exchange-sha1
security ssh-client permit key-exchange-algorithm diffie-hellman-group1-sha1
security ssh-client permit key-exchange-algorithm diffie-hellman-group14-sha1

Storm control

Storm control commands have been added to this release.

interfaces dataplane <tagnode> storm-control vlan <vlan-id>
interfaces dataplane <tagnode> storm-control vlan <vlan-id> profile <value>
security storm-control profile <profile-name> action shutdown
security storm-control profile <profile-name> recovery-interval <value>
service snmp notification storm-control all

Service application

Service application commands have been added to this release.

service application rule <rule-number> then name 9gag
service application rule <rule-number> then name 9p
service application rule <rule-number> then name adtelligent
service application rule <rule-number> then name akamai_video
service application rule <rule-number> then name alicall
service application rule <rule-number> then name anchorfree
service application rule <rule-number> then name appnext
service application rule <rule-number> then name arte_tv
service application rule <rule-number> then name avamar
service application rule <rule-number> then name azure_rms
service application rule <rule-number> then name barracuda
service application rule <rule-number> then name barracuda_vpn
service application rule <rule-number> then name bigbigchannel
service application rule <rule-number> then name brawlhalla
service application rule <rule-number> then name bytedance
service application rule <rule-number> then name call_of_duty
service application rule <rule-number> then name cisco
service application rule <rule-number> then name cisco_ap
service application rule <rule-number> then name cisco_cmx_cloud
service application rule <rule-number> then name cisco_corp_tv
service application rule <rule-number> then name cisco_ip_sla
service application rule <rule-number> then name cisco_rrm
service application rule <rule-number> then name cisco_sdavc
service application rule <rule-number> then name cisco_spark
service application rule <rule-number> then name cisco_ucm
service application rule <rule-number> then name cmore
service application rule <rule-number> then name coco
service application rule <rule-number> then name data_saver
service application rule <rule-number> then name demonware
service application rule <rule-number> then name diablo3
service application rule <rule-number> then name disqus
service application rule <rule-number> then name dns_crypt
service application rule <rule-number> then name epic_games
service application rule <rule-number> then name etisalat_c_me
service application rule <rule-number> then name fortnite
service application rule <rule-number> then name foxnetworks
service application rule <rule-number> then name foxplus
service application rule <rule-number> then name google_news
service application rule <rule-number> then name grammarly
service application rule <rule-number> then name gridftp
service application rule <rule-number> then name hexatech
service application rule <rule-number> then name hike_messenger
service application rule <rule-number> then name hot_vpn
service application rule <rule-number> then name hoxx_vpn
service application rule <rule-number> then name hpe_opagent
service application rule <rule-number> then name hpe_opbridge
service application rule <rule-number> then name hpe_sim
service application rule <rule-number> then name hypers
service application rule <rule-number> then name ibm
service application rule <rule-number> then name iec104
service application rule <rule-number> then name iflix
service application rule <rule-number> then name ironsource
service application rule <rule-number> then name jibe
service application rule <rule-number> then name jibe_cloud
service application rule <rule-number> then name kafka
service application rule <rule-number> then name keku
service application rule <rule-number> then name kodi
service application rule <rule-number> then name libon
service application rule <rule-number> then name lifesize
service application rule <rule-number> then name line2_com
service application rule <rule-number> then name mf_ucmdb
service application rule <rule-number> then name modbus_rtu
service application rule <rule-number> then name ms_ad_rms
service application rule <rule-number> then name mtalk
service application rule <rule-number> then name mumble
service application rule <rule-number> then name mytv_super
service application rule <rule-number> then name opc_classic
service application rule <rule-number> then name opera_turbo
service application rule <rule-number> then name optimicdn
service application rule <rule-number> then name oracle_oem
service application rule <rule-number> then name oto_global
service application rule <rule-number> then name overwatch
service application rule <rule-number> then name pacman
service application rule <rule-number> then name pccc
service application rule <rule-number> then name realvnc
service application rule <rule-number> then name ring_central
service application rule <rule-number> then name rockyou
service application rule <rule-number> then name simpli_fi
service application rule <rule-number> then name smashcast
service application rule <rule-number> then name snap_vpn
service application rule <rule-number> then name splunk_cloud
service application rule <rule-number> then name splunk_ufwd
service application rule <rule-number> then name springtech_vpn
service application rule <rule-number> then name storebuff
service application rule <rule-number> then name symantec_sep
service application rule <rule-number> then name talkbox
service application rule <rule-number> then name talkray
service application rule <rule-number> then name tanium
service application rule <rule-number> then name tenor
service application rule <rule-number> then name textme
service application rule <rule-number> then name textplus
service application rule <rule-number> then name tiange_9158
service application rule <rule-number> then name tikl
service application rule <rule-number> then name tiktok
service application rule <rule-number> then name tribair
service application rule <rule-number> then name tunnelbear
service application rule <rule-number> then name turbo_vpn
service application rule <rule-number> then name tvb
service application rule <rule-number> then name ubisoft
service application rule <rule-number> then name unreal_engine
service application rule <rule-number> then name upnp
service application rule <rule-number> then name ventrilo
service application rule <rule-number> then name vonage_mobile
service application rule <rule-number> then name voxer
service application rule <rule-number> then name vpn1_com
service application rule <rule-number> then name vpn_master
service application rule <rule-number> then name vpn_masterpro
service application rule <rule-number> then name vpn_monster
service application rule <rule-number> then name vpn_robot
service application rule <rule-number> then name vyke
service application rule <rule-number> then name x_vpn
service application rule <rule-number> then name youtube_music
service application rule <rule-number> then protocol 9gag
service application rule <rule-number> then protocol 9p
service application rule <rule-number> then protocol adtelligent
service application rule <rule-number> then protocol akamai_video
service application rule <rule-number> then protocol alicall
service application rule <rule-number> then protocol anchorfree
service application rule <rule-number> then protocol appnext
service application rule <rule-number> then protocol arte_tv
service application rule <rule-number> then protocol avamar
service application rule <rule-number> then protocol azure_rms
service application rule <rule-number> then protocol barracuda
service application rule <rule-number> then protocol barracuda_vpn
service application rule <rule-number> then protocol bigbigchannel
service application rule <rule-number> then protocol brawlhalla
service application rule <rule-number> then protocol bytedance
service application rule <rule-number> then protocol call_of_duty
service application rule <rule-number> then protocol cisco
service application rule <rule-number> then protocol cisco_ap
service application rule <rule-number> then protocol cisco_cmx_cloud
service application rule <rule-number> then protocol cisco_corp_tv
service application rule <rule-number> then protocol cisco_ip_sla
service application rule <rule-number> then protocol cisco_rrm
service application rule <rule-number> then protocol cisco_sdavc
service application rule <rule-number> then protocol cisco_spark
service application rule <rule-number> then protocol cisco_ucm
service application rule <rule-number> then protocol cmore
service application rule <rule-number> then protocol coco
service application rule <rule-number> then protocol data_saver
service application rule <rule-number> then protocol demonware
service application rule <rule-number> then protocol diablo3
service application rule <rule-number> then protocol disqus
service application rule <rule-number> then protocol dns_crypt
service application rule <rule-number> then protocol epic_games
service application rule <rule-number> then protocol etisalat_c_me
service application rule <rule-number> then protocol fortnite
service application rule <rule-number> then protocol foxnetworks
service application rule <rule-number> then protocol foxplus
service application rule <rule-number> then protocol google_news
service application rule <rule-number> then protocol grammarly
service application rule <rule-number> then protocol gridftp
service application rule <rule-number> then protocol hexatech
service application rule <rule-number> then protocol hike_messenger
service application rule <rule-number> then protocol hot_vpn
service application rule <rule-number> then protocol hoxx_vpn
service application rule <rule-number> then protocol hpe_opagent
service application rule <rule-number> then protocol hpe_opbridge
service application rule <rule-number> then protocol hpe_sim
service application rule <rule-number> then protocol hypers
service application rule <rule-number> then protocol ibm
service application rule <rule-number> then protocol iec104
service application rule <rule-number> then protocol iflix
service application rule <rule-number> then protocol ironsource
service application rule <rule-number> then protocol jibe
service application rule <rule-number> then protocol jibe_cloud
service application rule <rule-number> then protocol kafka
service application rule <rule-number> then protocol keku
service application rule <rule-number> then protocol kodi
service application rule <rule-number> then protocol libon
service application rule <rule-number> then protocol lifesize
service application rule <rule-number> then protocol line2_com
service application rule <rule-number> then protocol mf_ucmdb
service application rule <rule-number> then protocol modbus_rtu
service application rule <rule-number> then protocol ms_ad_rms
service application rule <rule-number> then protocol mtalk
service application rule <rule-number> then protocol mumble
service application rule <rule-number> then protocol mytv_super
service application rule <rule-number> then protocol opc_classic
service application rule <rule-number> then protocol opera_turbo
service application rule <rule-number> then protocol optimicdn
service application rule <rule-number> then protocol oracle_oem
service application rule <rule-number> then protocol oto_global
service application rule <rule-number> then protocol overwatch
service application rule <rule-number> then protocol pacman
service application rule <rule-number> then protocol pccc
service application rule <rule-number> then protocol realvnc
service application rule <rule-number> then protocol ring_central
service application rule <rule-number> then protocol rockyou
service application rule <rule-number> then protocol simpli_fi
service application rule <rule-number> then protocol smashcast
service application rule <rule-number> then protocol snap_vpn
service application rule <rule-number> then protocol splunk_cloud
service application rule <rule-number> then protocol splunk_ufwd
service application rule <rule-number> then protocol springtech_vpn
service application rule <rule-number> then protocol storebuff
service application rule <rule-number> then protocol symantec_sep
service application rule <rule-number> then protocol talkbox
service application rule <rule-number> then protocol talkray
service application rule <rule-number> then protocol tanium
service application rule <rule-number> then protocol tenor
service application rule <rule-number> then protocol textme
service application rule <rule-number> then protocol textplus
service application rule <rule-number> then protocol tiange_9158
service application rule <rule-number> then protocol tikl
service application rule <rule-number> then protocol tiktok
service application rule <rule-number> then protocol tribair
service application rule <rule-number> then protocol tunnelbear
service application rule <rule-number> then protocol turbo_vpn
service application rule <rule-number> then protocol tvb
service application rule <rule-number> then protocol ubisoft
service application rule <rule-number> then protocol unreal_engine
service application rule <rule-number> then protocol upnp
service application rule <rule-number> then protocol ventrilo
service application rule <rule-number> then protocol vonage_mobile
service application rule <rule-number> then protocol voxer
service application rule <rule-number> then protocol vpn1_com
service application rule <rule-number> then protocol vpn_master
service application rule <rule-number> then protocol vpn_masterpro
service application rule <rule-number> then protocol vpn_monster
service application rule <rule-number> then protocol vpn_robot
service application rule <rule-number> then protocol vyke
service application rule <rule-number> then protocol x_vpn
service application rule <rule-number> then protocol youtube_music

SNMP

SNMP commands have been added to this release.

service snmp notification entity-state all
service snmp sysobjectid <value>

Service SSH

Service SSH commands have been added to this release.

service ssh permit key-exchange-algorithm diffie-hellman-group-exchange-sha1
service ssh permit key-exchange-algorithm diffie-hellman-group1-sha1
service ssh permit key-exchange-algorithm diffie-hellman-group14-sha1
routing routing-instance <instance-name> service ssh permit key-exchange-algorithm diffie-hellman-group-exchange-sha1
routing routing-instance <instance-name> service ssh permit key-exchange-algorithm diffie-hellman-group1-sha1
routing routing-instance <instance-name> service ssh permit key-exchange-algorithm diffie-hellman-group14-sha1

System BMC

System BMC commands have been added to this release.

system bmc sel mode capacity
system bmc sel mode circular
system bmc sel syslog

Journal

Journal commands have been added to this release.

system journal export logstash index <value>

User isolation

User isolation commands have been added to this release.

system login user-isolation disable
system login user-isolation read-only-directory <value>
system login user-isolation shared-storage <path>
system login user-isolation shared-storage <path> allow-exec
system login user-isolation shared-storage <path> size <value>

Password

Password commands have been added to this release.

system password requirements disable-gecos-check

Session

Session commands have been added to this release.

system session timeout tcp rst-received <value>
routing routing-instance <instance-name> system session timeout tcp rst-received <value>

NTP

NTP commands have been added to this release.

system ntp syslog <class>
system ntp syslog <class> type all
system ntp syslog <class> type events
system ntp syslog <class> type info
system ntp syslog <class> type statistics
system ntp syslog <class> type status
routing routing-instance <instance-name> system ntp syslog <class>
routing routing-instance <instance-name> system ntp syslog <class> type all
routing routing-instance <instance-name> system ntp syslog <class> type events
routing routing-instance <instance-name> system ntp syslog <class> type info
routing routing-instance <instance-name> system ntp syslog <class> type statistics
routing routing-instance <instance-name> system ntp syslog <class> type status

Modified configuration commands

This section contains modified configuration commands.

Dataplane

  • Old
    interfaces dataplane <tagnode> hardware-switching enable
  • New
    interfaces dataplane <tagnode> switch-group port-parameters vlan-parameters qos-parameters vlan <vlan-id>

System sensor

  • Old
    system sensor <name>
    system sensor <name> threshold lower-critical <value>
    system sensor <name> threshold lower-non-critical <value>
    system sensor <name> threshold lower-non-recoverable <value>
    system sensor <name> threshold upper-critical <value>
    system sensor <name> threshold upper-non-critical <value>
    system sensor <name> threshold upper-non-recoverable <value> 
  • New
    system sensors sensor <name>
    system sensors sensor <name> threshold lower-critical <value>
    system sensors sensor <name> threshold lower-non-critical <value>
    system sensors sensor <name> threshold lower-non-recoverable <value>
    system sensors sensor <name> threshold upper-critical <value>
    system sensors sensor <name> threshold upper-non-critical <value>
    system sensors sensor <name> threshold upper-non-recoverable <value> 

Gratuitous-arp

The default of update was removed from the following commands:
interfaces bonding <tagnode> ip gratuitous-arp reply <value>
interfaces bonding <tagnode> vif <tagnode> ip gratuitous-arp reply <value>
interfaces dataplane <tagnode> ip gratuitous-arp reply <value>
interfaces dataplane <tagnode> vif <tagnode> ip gratuitous-arp reply <value>
interfaces switch <name> vif <tagnode> ip gratuitous-arp reply <value>

Deprecated configuration commands

A configuration command has been marked as deprecated in this release.

Password
system password requirements user-match <value>