Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Deprecated commands

Some commands have been marked as deprecated in this release.

OpenVPN

  interfaces openvpn <tunnel-interface-name>
  interfaces openvpn <tunnel-interface-name> auth
  interfaces openvpn <tunnel-interface-name> auth ldap <value>
  interfaces openvpn <tunnel-interface-name> auth local
  interfaces openvpn <tunnel-interface-name> auth local group <value>
  interfaces openvpn <tunnel-interface-name> auth local user <value>
  interfaces openvpn <tunnel-interface-name> client-cert-not-required
  interfaces openvpn <tunnel-interface-name> description <value>
  interfaces openvpn <tunnel-interface-name> device-type <value>
  interfaces openvpn <tunnel-interface-name> disable
  interfaces openvpn <tunnel-interface-name> encryption <value>
  interfaces openvpn <tunnel-interface-name> hash <value>
  interfaces openvpn <tunnel-interface-name> ipv6
  interfaces openvpn <tunnel-interface-name> local-address <value>
  interfaces openvpn <tunnel-interface-name> local-host <value>
  interfaces openvpn <tunnel-interface-name> local-port <value>
  interfaces openvpn <tunnel-interface-name> mode <value>
  interfaces openvpn <tunnel-interface-name> openvpn-option <value>
  interfaces openvpn <tunnel-interface-name> protocol <value>
  interfaces openvpn <tunnel-interface-name> remote-address <value>
  interfaces openvpn <tunnel-interface-name> remote-host <value>
  interfaces openvpn <tunnel-interface-name> remote-port <value>
  interfaces openvpn <tunnel-interface-name> replace-default-route
  interfaces openvpn <tunnel-interface-name> replace-default-route local
  interfaces openvpn <tunnel-interface-name> server
  interfaces openvpn <tunnel-interface-name> server client <client>
  interfaces openvpn <tunnel-interface-name> server client <client> disable
  interfaces openvpn <tunnel-interface-name> server client <client> ip <value>
  interfaces openvpn <tunnel-interface-name> server client <client> push-route <value>
  interfaces openvpn <tunnel-interface-name> server client <client> subnet <value>
  interfaces openvpn <tunnel-interface-name> server domain-name <value>
  interfaces openvpn <tunnel-interface-name> server max-connections <value>
  interfaces openvpn <tunnel-interface-name> server name-server <value>
  interfaces openvpn <tunnel-interface-name> server push-route <value>
  interfaces openvpn <tunnel-interface-name> server subnet <value>
  interfaces openvpn <tunnel-interface-name> server topology <value>
  interfaces openvpn <tunnel-interface-name> shared-secret-key-file <value>
  interfaces openvpn <tunnel-interface-name> tls
  interfaces openvpn <tunnel-interface-name> tls ca-cert-file <value>
  interfaces openvpn <tunnel-interface-name> tls cert-file <value>
  interfaces openvpn <tunnel-interface-name> tls crl-file <value>
  interfaces openvpn <tunnel-interface-name> tls dh-file <value>
  interfaces openvpn <tunnel-interface-name> tls key-file <value>
  interfaces openvpn <tunnel-interface-name> tls role <value>

  interfaces switch-state switches <bridge-name> interfaces <port-name> forwarding-database <index>
  interfaces switch-state switches <bridge-name> interfaces <port-name> forwarding-database <index> mac <value>
  interfaces switch-state switches <bridge-name> interfaces <port-name> forwarding-database <index> state <value>
  interfaces switch-state switches <bridge-name> interfaces <port-name> forwarding-database <index> updated <value>
  interfaces switch-state switches <bridge-name> interfaces <port-name> forwarding-database <index> used <value>
  interfaces switch-state switches <bridge-name> interfaces <port-name> forwarding-database <index> vlan-id <value>

  interfaces openvpn <tunnel-interface-name> ip tcp-mss
  interfaces openvpn <tunnel-interface-name> ip tcp-mss limit <value>
  interfaces openvpn <tunnel-interface-name> ip tcp-mss mtu
  interfaces openvpn <tunnel-interface-name> ip tcp-mss mtu-minus <value>
  interfaces openvpn <tunnel-interface-name> ipv6 tcp-mss
  interfaces openvpn <tunnel-interface-name> ipv6 tcp-mss limit <value>
  interfaces openvpn <tunnel-interface-name> ipv6 tcp-mss mtu
  interfaces openvpn <tunnel-interface-name> ipv6 tcp-mss mtu-minus <value>

  interfaces openvpn <tunnel-interface-name> ipv6 address
  interfaces openvpn <tunnel-interface-name> ipv6 address autoconf
  interfaces openvpn <tunnel-interface-name> ipv6 address eui64 <value>
  interfaces openvpn <tunnel-interface-name> ipv6 address link-local <value>
  interfaces openvpn <tunnel-interface-name> ipv6 disable
  interfaces openvpn <tunnel-interface-name> ipv6 disable-forwarding
  interfaces openvpn <tunnel-interface-name> ipv6 dup-addr-detect-transmits <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert cur-hop-limit <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert default-lifetime <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert default-preference <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert link-mtu <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert managed-flag <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert max-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert min-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert other-config-flag <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert prefix <address>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert prefix <address> autonomous-flag <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert prefix <address> on-link-flag <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert prefix <address> preferred-lifetime <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert prefix <address> valid-lifetime <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert reachable-time <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert retrans-timer <value>
  interfaces openvpn <tunnel-interface-name> ipv6 router-advert send-advert <value>

  interfaces openvpn <tunnel-interface-name> ip multicast
  interfaces openvpn <tunnel-interface-name> ip multicast ttl-threshold <value>

  interfaces openvpn <tunnel-interface-name> remote-configuration
  interfaces openvpn <tunnel-interface-name> remote-configuration password <value>
  interfaces openvpn <tunnel-interface-name> remote-configuration server <value>
  interfaces openvpn <tunnel-interface-name> remote-configuration tunnel-password <value>
  interfaces openvpn <tunnel-interface-name> remote-configuration tunnel-username <value>
  interfaces openvpn <tunnel-interface-name> remote-configuration username <value>

  interfaces openvpn <tunnel-interface-name> policy route pbr <value>
  interfaces openvpn <tunnel-interface-name> policy route pbr-state name <group-name>
  interfaces openvpn <tunnel-interface-name> policy route pbr-state name <group-name> rule <rule-number>
  interfaces openvpn <tunnel-interface-name> policy route pbr-state name <group-name> rule <rule-number> bytes <value>
  interfaces openvpn <tunnel-interface-name> policy route pbr-state name <group-name> rule <rule-number> packets <value>

  interfaces openvpn <tunnel-interface-name> ip igmp
  interfaces openvpn <tunnel-interface-name> ip igmp access-group <value>
  interfaces openvpn <tunnel-interface-name> ip igmp enforce-router-alert
  interfaces openvpn <tunnel-interface-name> ip igmp immediate-leave group-list <value>
  interfaces openvpn <tunnel-interface-name> ip igmp join-group <multicast-group>
  interfaces openvpn <tunnel-interface-name> ip igmp join-group <multicast-group> source <value>
  interfaces openvpn <tunnel-interface-name> ip igmp last-member-query-count <value>
  interfaces openvpn <tunnel-interface-name> ip igmp last-member-query-interval <value>
  interfaces openvpn <tunnel-interface-name> ip igmp limit <value>
  interfaces openvpn <tunnel-interface-name> ip igmp limit-exception <value>
  interfaces openvpn <tunnel-interface-name> ip igmp offlink
  interfaces openvpn <tunnel-interface-name> ip igmp querier
  interfaces openvpn <tunnel-interface-name> ip igmp querier forced
  interfaces openvpn <tunnel-interface-name> ip igmp querier querier-timeout <value>
  interfaces openvpn <tunnel-interface-name> ip igmp query-interval <value>
  interfaces openvpn <tunnel-interface-name> ip igmp query-max-response-time <value>
  interfaces openvpn <tunnel-interface-name> ip igmp robustness-variable <value>
  interfaces openvpn <tunnel-interface-name> ip igmp startup-query-count <value>
  interfaces openvpn <tunnel-interface-name> ip igmp startup-query-interval <value>
  interfaces openvpn <tunnel-interface-name> ip igmp static-group <multicast-group>
  interfaces openvpn <tunnel-interface-name> ip igmp static-group <multicast-group> source <value>
  interfaces openvpn <tunnel-interface-name> ip igmp version <value>

  interfaces openvpn <tunnel-interface-name> ipv6 mld
  interfaces openvpn <tunnel-interface-name> ipv6 mld access-group <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld immediate-leave
  interfaces openvpn <tunnel-interface-name> ipv6 mld immediate-leave group-list <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld last-member-query-count <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld last-member-query-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld limit <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld limit-exception <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld querier-timeout <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld query-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld query-max-response-time <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld robustness-variable <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld static-group <multicast-group>
  interfaces openvpn <tunnel-interface-name> ipv6 mld static-group <multicast-group> source <value>
  interfaces openvpn <tunnel-interface-name> ipv6 mld version <value>

  interfaces openvpn <tunnel-interface-name> ip ospf
  interfaces openvpn <tunnel-interface-name> ip ospf authentication
  interfaces openvpn <tunnel-interface-name> ip ospf authentication key-chain <value>
  interfaces openvpn <tunnel-interface-name> ip ospf authentication md5
  interfaces openvpn <tunnel-interface-name> ip ospf authentication md5-key-id <key-id>
  interfaces openvpn <tunnel-interface-name> ip ospf authentication md5-key-id <key-id> md5-key <value>
  interfaces openvpn <tunnel-interface-name> ip ospf authentication plaintext
  interfaces openvpn <tunnel-interface-name> ip ospf authentication plaintext-password <value>
  interfaces openvpn <tunnel-interface-name> ip ospf cost <value>
  interfaces openvpn <tunnel-interface-name> ip ospf dead-interval <value>
  interfaces openvpn <tunnel-interface-name> ip ospf hello-interval <value>
  interfaces openvpn <tunnel-interface-name> ip ospf mtu-ignore
  interfaces openvpn <tunnel-interface-name> ip ospf network <value>
  interfaces openvpn <tunnel-interface-name> ip ospf priority <value>
  interfaces openvpn <tunnel-interface-name> ip ospf retransmit-interval <value>
  interfaces openvpn <tunnel-interface-name> ip ospf transmit-delay <value>

  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 area <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 authentication key-chain <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 cost <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 dead-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 hello-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> area <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> cost <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> dead-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> hello-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> link-lsa-suppression <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> mtu-ignore
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> neighbor <address>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> network <network-type>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> priority <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> retransmit-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 instance-id <instance-id> transmit-delay <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 link-lsa-suppression <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 mtu-ignore
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 neighbor <address>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 network <network-type>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 priority <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> area <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> authentication key-chain <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> cost <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> dead-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> hello-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> link-lsa-suppression <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> mtu-ignore
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> neighbor <address>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> network <network-type>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> priority <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> retransmit-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 process <name> instance-id <instance-id> transmit-delay <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 retransmit-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ospfv3 transmit-delay <value>

  interfaces openvpn <tunnel-interface-name> ip pim
  interfaces openvpn <tunnel-interface-name> ip pim bsr-border
  interfaces openvpn <tunnel-interface-name> ip pim dr-priority <value>
  interfaces openvpn <tunnel-interface-name> ip pim exclude-genid
  interfaces openvpn <tunnel-interface-name> ip pim hello-holdtime <value>
  interfaces openvpn <tunnel-interface-name> ip pim hello-interval <value>
  interfaces openvpn <tunnel-interface-name> ip pim mode <value>
  interfaces openvpn <tunnel-interface-name> ip pim neighbor-filter <value>
  interfaces openvpn <tunnel-interface-name> ip pim propagation-delay <value>
  interfaces openvpn <tunnel-interface-name> ip pim state-refresh
  interfaces openvpn <tunnel-interface-name> ip pim state-refresh origination-interval <value>
  interfaces openvpn <tunnel-interface-name> ip pim unicast-bsm

  interfaces openvpn <tunnel-interface-name> ipv6 pim
  interfaces openvpn <tunnel-interface-name> ipv6 pim bsr-border
  interfaces openvpn <tunnel-interface-name> ipv6 pim dr-priority <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim exclude-genid
  interfaces openvpn <tunnel-interface-name> ipv6 pim hello-holdtime <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim hello-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim mode <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim neighbor-filter <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim propagation-delay <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim state-refresh
  interfaces openvpn <tunnel-interface-name> ipv6 pim state-refresh origination-interval <value>
  interfaces openvpn <tunnel-interface-name> ipv6 pim unicast-bsm

  interfaces openvpn <tunnel-interface-name> ip rip authentication
  interfaces openvpn <tunnel-interface-name> ip rip authentication md5 <id>
  interfaces openvpn <tunnel-interface-name> ip rip authentication md5 <id> password <value>
  interfaces openvpn <tunnel-interface-name> ip rip authentication plaintext-password <value>
  interfaces openvpn <tunnel-interface-name> ip rip receive
  interfaces openvpn <tunnel-interface-name> ip rip receive version <value>
  interfaces openvpn <tunnel-interface-name> ip rip send
  interfaces openvpn <tunnel-interface-name> ip rip send version <value>
  interfaces openvpn <tunnel-interface-name> ip rip split-horizon
  interfaces openvpn <tunnel-interface-name> ip rip split-horizon disable
  interfaces openvpn <tunnel-interface-name> ip rip split-horizon poison-reverse

  interfaces openvpn <tunnel-interface-name> ipv6 ripng enable
  interfaces openvpn <tunnel-interface-name> ipv6 ripng metric-offset <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ripng neighbor <value>
  interfaces openvpn <tunnel-interface-name> ipv6 ripng split-horizon
  interfaces openvpn <tunnel-interface-name> ipv6 ripng split-horizon disable
  interfaces openvpn <tunnel-interface-name> ipv6 ripng split-horizon poison-reverse

  interfaces openvpn <tunnel-interface-name> firewall in <value>
  interfaces openvpn <tunnel-interface-name> firewall local <value>
  interfaces openvpn <tunnel-interface-name> firewall out <value>
  interfaces openvpn <tunnel-interface-name> firewall state in name <group-name>
  interfaces openvpn <tunnel-interface-name> firewall state in name <group-name> rule <rule-number>
  interfaces openvpn <tunnel-interface-name> firewall state in name <group-name> rule <rule-number> bytes <value>
  interfaces openvpn <tunnel-interface-name> firewall state in name <group-name> rule <rule-number> packets <value>
  interfaces openvpn <tunnel-interface-name> firewall state local name <group-name>
  interfaces openvpn <tunnel-interface-name> firewall state local name <group-name> rule <rule-number>
  interfaces openvpn <tunnel-interface-name> firewall state local name <group-name> rule <rule-number> bytes <value>
  interfaces openvpn <tunnel-interface-name> firewall state local name <group-name> rule <rule-number> packets <value>
  interfaces openvpn <tunnel-interface-name> firewall state out name <group-name>
  interfaces openvpn <tunnel-interface-name> firewall state out name <group-name> rule <rule-number>
  interfaces openvpn <tunnel-interface-name> firewall state out name <group-name> rule <rule-number> bytes <value>
  interfaces openvpn <tunnel-interface-name> firewall state out name <group-name> rule <rule-number> packets <value>

  interfaces openvpn <tunnel-interface-name> client-bundle
  interfaces openvpn <tunnel-interface-name> client-bundle generic
  interfaces openvpn <tunnel-interface-name> client-bundle linux
  interfaces openvpn <tunnel-interface-name> client-bundle osx
  interfaces openvpn <tunnel-interface-name> client-bundle windows

L2TP/IPsec Remote-Access VPN server

  security vpn l2tp
  security vpn l2tp remote-access
  security vpn l2tp remote-access authentication
  security vpn l2tp remote-access authentication local-users
  security vpn l2tp remote-access authentication local-users username <name>
  security vpn l2tp remote-access authentication local-users username <name> disable
  security vpn l2tp remote-access authentication local-users username <name> password <value>
  security vpn l2tp remote-access authentication local-users username <name> static-ip <value>
  security vpn l2tp remote-access authentication mode <value>
  security vpn l2tp remote-access authentication radius-server <server-address>
  security vpn l2tp remote-access authentication radius-server <server-address> key <value>
  security vpn l2tp remote-access client-ip-pool
  security vpn l2tp remote-access client-ip-pool start <value>
  security vpn l2tp remote-access client-ip-pool stop <value>
  security vpn l2tp remote-access description <value>
  security vpn l2tp remote-access dhcp-interface <value>
  security vpn l2tp remote-access dns-servers
  security vpn l2tp remote-access dns-servers server-1 <value>
  security vpn l2tp remote-access dns-servers server-2 <value>
  security vpn l2tp remote-access ipsec-settings
  security vpn l2tp remote-access ipsec-settings authentication
  security vpn l2tp remote-access ipsec-settings authentication mode <value>
  security vpn l2tp remote-access ipsec-settings authentication pre-shared-secret <value>
  security vpn l2tp remote-access ipsec-settings authentication x509
  security vpn l2tp remote-access ipsec-settings authentication x509 ca-cert-file <value>
  security vpn l2tp remote-access ipsec-settings authentication x509 crl-file <value>
  security vpn l2tp remote-access ipsec-settings authentication x509 server-cert-file <value>
  security vpn l2tp remote-access ipsec-settings authentication x509 server-key-file <value>
  security vpn l2tp remote-access ipsec-settings authentication x509 server-key-password <value>
  security vpn l2tp remote-access ipsec-settings ike-lifetime <value>
  security vpn l2tp remote-access mtu <value>
  security vpn l2tp remote-access outside-address <value>
  security vpn l2tp remote-access outside-nexthop <value>
  security vpn l2tp remote-access server-ip-pool
  security vpn l2tp remote-access server-ip-pool start <value>
  security vpn l2tp remote-access server-ip-pool stop <value>
  security vpn l2tp remote-access wins-servers
  security vpn l2tp remote-access wins-servers server-1 <value>
  security vpn l2tp remote-access wins-servers server-2 <value>

NAT

  service nat ipv6-to-ipv4
  service nat ipv6-to-ipv4 rule <rule-number>
  service nat ipv6-to-ipv4 rule <rule-number> destination prefix <value>
  service nat ipv6-to-ipv4 rule <rule-number> inbound-interface <value>
  service nat ipv6-to-ipv4 rule <rule-number> source prefix <value>

System management

  system config-management commit-archive location <value>
  routing routing-instance <instance-name> system config-management commit-archive location <value>