Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Show Page Sections

New features – Broadcom Qumran AX platform

New CLI commands associated with the new features can be found in configuration commands section.

Hardware layer 3 forwarding

Physical ports may now be configured as isolated L2 domains rather than as switchports in a single L2 domain. This allows L3 configuration on physical ports directly.

QoS feature support

Support for QoS on physical ports with L3 configuration is also provided.

Layer 3 Egress ACLs

This feature extends the simple, stateless IP Packet filter support in hardware to add egress ACLs. It adds the ability to block outbound locally sourced traffic and transit traffic.

The filter support is only provided for non-reassembled packets and only affects L3 packets which are L3 processed that is, an L3 packet which is L2 forwarded between links in a VLAN would not be affected.

Layer 3 ACL Support

This feature extends the support for IP Packet filtering to include a range of fields.

  • IP_TTL

Traffic Forwarding Classification based on protocol

This feature provides the ability to assign a forwarding class to any locally originated control and management traffic, based on protocol (for example OSPF, BFD, Telnet).

IEEE 1588v2 Slave (sink) clock for time/phase sync [G.8275.2]

Extends support for G.8275.2 telecom profiles with or without assisted partial timing (APTS) support.

STP, RSTP, MSTP support

This feature provides support for the STP/RSTP/MSTP bridging protocols in hardware.

BFD strict mode support with BGP client

BGP fall-over BFD allows action to be taken by BGP when a BFD session fails for a neighbor.

Currently a BFD session is instigated after a BGP session is established. This feature adds BGP strict-mode operation, which prevents BGP session establishment until both the local and remote speakers have a stable BFD session.

Per-interface MAC Limiting

Per-interface MAC limiting is a security feature which protects against the flooding of the Ethernet Switching Table.

Per-interface MAC limiting allows the user to set a maximum limit for the number of MAC addresses that can be learned on the Layer 2 interface. When the limit is reached no new MAC addresses will be learned and traffic from these MAC addresses will be dropped.