Call a Specialist Today! 844-294-0783

Brocade Vyatta Network OS
A Network Operating System for the Way Forward


Overview:

The Brocade Vyatta Network OS lays the foundation for a flexible, easyto-use, and high-performance network services architecture capable of meeting current and future network demands. The operating system was built from the ground up to deliver robust network functionality that can be deployed virtually or as an appliance, and in concert with solutions from a large ecosystem of vendors, to address various Software-Defined Networking (SDN) and Network Functions Virtualization (NFV) use cases. With the Brocade Vyatta Network OS, organizations can bridge the gap between traditional and new architectures, as well as leverage existing investments and maximize operational efficiencies. Moreover, they can compose and deploy unique, new services that will drive differentiation and strengthen competitiveness.

Highlights

  • Offers a proven, modern network operating system that accelerates the adoption of next-generation architectures
  • Creates an open, programmable environment to enhance differentiation, service quality, and competitiveness
  • Supports a broad ecosystem for optimal customization and service monetization
  • Simplifies and automates network functions to improve time to service, increase operational efficiency, and reduce costs
  • Delivers breakthrough performance and scale to meet the needs of any deployment
  • Provides flexible deployment options to support a wide variety of use cases

Key Features

  • The foundation for a decomposable services architecture
  • Purpose-built for NFV and SDN deployments
  • A bridge between legacy and future network architectures
  • A simple common data model that enables disparate network elements up and down the stack to communicate and work seamlessly together
  • Traditional CLI and Linux interfaces to address operator preferences and skills
  • An open platform, with support for standard protocols and open APIs to avoid vendor lock-in
  • A robust ecosystem, with deep best-ofbreed VNF integrations that maximize network value
  • A programmable, extensible platform that can be tailored to address unique customer use cases
  • Intel DPDK support for breakthrough performance
  • Support for advanced networking capabilities
  • Flexible deployment options

Leading the Way With a Network OS for Deploying Business Services

Deliver services quickly and efficiently by deploying an established operating system as a VNF vRouter, VNF Platform, Distributed Services Platform, or NFV for Cloud Computing. It’s a scalable, high-performance solution that provides unprecedented flexibility and leverages your existing tools and skill sets. Simply select the deployment that best meets your architectural and business requirements.

Simplified Operations

Simplified Operations

Deliver new services with lower cost and risk. The Brocade Vyatta Network OS easily integrates with legacy tools to bridge existing operations processes, reducing the learning curve and time to implementation.

Deployment Flexibility

Deployment Flexibility

Compose the solution you need with a building block-style architecture. Add service functions, management features, and orchestration tools to support use cases such as a secure cloud gateway or a platform for branch and mobile services.

Lower Costs and Higher ROI

Lower Costs and Higher ROI

Leverage software to deliver new capabilities faster and more cost-effectively. This compact OS delivers extreme scalability and performance so you can focus on innovation and differentiated network services.

Features:

A Proven, Modern Operating System

The Brocade Vyatta Network OS separates the control and data planes in software to fit seamlessly within modern SDN and NFV environments. While purpose-built to enable the networks of the future, the operating system is grounded in a rich heritage of networking innovation. For more than a decade, the world’s leading brands have relied on Brocade to deliver network services across multitenant, multivendor virtual environments. These capabilities were built into the modern Brocade Vyatta Network OS to ensure it provides the utmost in flexibility, performance, and operational efficiency, helping organizations create new service offerings and value. Since 2012, the benefits of this operating system have been proven by the Brocade vRouter via deployments in public cloud, cloud-based customer edge services, and data centers worldwide.

A Vital Bridge

Moving to a new programmable network does not happen overnight. The Brocade Vyatta Network OS provides the vital bridge between new and existing protocols, interfaces, and tools to ensure that the network operates as it should. It ties all the network and virtualization capabilities of the operating system into a simple and common data model that “translates” all requirements and commands, so that they can be understood by the network and service orchestration components. This approach helps streamline deployments, speed time to service, and ensure ongoing availability.

The operating system not only caters to the network components, but also the skill sets of the operators responsible for managing them. The Brocade Vyatta Network OS enables operators to interact with network elements in a way that is familiar to them. Operators accustomed to working with traditional routers and switches can use a standard CLI interface, while operators more comfortable with software can use Linux commands, including all embedded scripting functions, libraries (Python, Ruby), and shells. The operating system can expose any function along any supported API—such as network configuration (NETCONF) and REST—regardless of which interface is used, so anyone can deploy or make changes to accelerate the operationalization of the network.

Figure 1: Brocade Vyatta Network OS common data model for all-API access
Figure 1:
Brocade Vyatta Network OS common data model for all-API access

An Open Platform, a Broad Ecosystem

To ensure interoperability across network environments and simplify integrations with third-party Virtual Network Functions (VNFs), the Brocade Vyatta Network OS uses standard protocols such as NETCONF; supports open source platforms, including OpenDaylight; provides plugin support for OpenStack; and offers published APIs. As a result, there is no vendor lock-in—organizations can freely choose the VNFs they want from a broad ecosystem of solutions.

The open interfaces of the Brocade Vyatta Network OS facilitate communication with all the components of the network. Using a common data model, based on standard protocols and open APIs, the operating system enables the control plane to communicate with both the network’s VNFs and applications (northbound), and the packet-forwarding plane (southbound), as shown in Figure 1. This approach allows the Brocade Vyatta Network OS to seamlessly support a robust ecosystem of best-of-breed solutions and help organizations reduce the costs associated with adopting services. Organizations can then confidently roll out new services to maximize the value of their networks.

A Programmable, Extensible Operating System

The building-block style of the Brocade Vyatta Network OS enables organizations to quickly and easily deploy new, valueadded services. Organizations can further differentiate their offerings, enhance their competitiveness, and improve the monetization of their services.

Figure 2: Brocade Vyatta Network OS deployment package options.
Figure 2:
Brocade Vyatta Network OS deployment package options.

A Wide Variety of Deployment Methods and Use Cases

The Brocade Vyatta Network OS can be deployed across a wide variety of hardware platforms to support various use cases (see Figure 2). For example, it can be deployed as a VNF, a VNF platform, or a distributed service platform to integrate into cloud, virtual, physical, or on-premises environments. It also can be deployed as a co-resident on the hardware housing the data planes, or centralized to manage a number of distributed data planes, depending on an organization’s requirements.

The Brocade Vyatta Network OS can be easily deployed to meet the requirements of:

  • Virtual Customer Edge (vCE) equipment
  • Virtual Customer Premise Equipment (vCPE)
  • Software-Defined WAN (SD-WAN)
  • Mobile Edge Computing (MEC)
  • Secure cloud access
  • Virtual security functions
  • Virtual IoT Gateway
  • Virtual Security Gateway
  • Virtual Top-of-Rack (vToR)
  • Virtual Route Reflector (vRR)

Automation and Orchestration

The Brocade Vyatta Network OS has deep integrations with existing key orchestration platforms and management suppliers, enabling organizations to automate services. This reduces the risks associated with rolling out new functions, by avoiding human error, cutting time to implementation, and lessening the learning curve. Enabling service automation is just one more way that the Brocade Vyatta Network OS helps to accelerate the operationalization of the environment.

Breakthrough Performance

Leveraging innovations from Brocade and the Intel Data Plane Development Kit (DPDK), the Brocade Vyatta Network OS enables carrier-class performance and reliability in software. By separating the control and data planes, and utilizing the Intel DPDK, the operating system allows multiple Intel CPU cores (x86) to be allocated to each forwarding plane to maximize performance, while eliminating resource contention (see Figure 3). Although performance scales independently within the control and data planes, the operating system’s overall performance scales with the associated hardware resources.

In addition, the separation of the control and data planes reduces the amount of compute memory and storage required, helping to minimize the overall footprint of the operating system. As a result, with the Brocade Vyatta Network OS, organizations can improve packet processing efficiency—across both silicon and general compute architectures— to ensure maximum utilization of the underlying hardware infrastructure, and consolidate resources to significantly reduce capital and operating costs.

Figure 3: Brocade Vyatta Network OS general vCPU architecture
Figure 3:
Brocade Vyatta Network OS general vCPU architecture

Advanced Network Functions

The Brocade Vyatta Network OS delivers all the advanced networking functions that organizations expect from a modern network operating system:

  • Full support for IPv4 and IPv6 dynamic routing protocols (BGP4/4+, OSPFv2/ v3, RIP), Multicast, PolicyBased Routing (PBR), NAT, and DHCP
  • Real-time monitoring and health checks to speed issue identification and resolution for optimal uptime
    • Complete logging and diagnostics information that can be monitored using industry-standard and embedded Linux tools
  • Carrier-class fault tolerance and fault mitigation capabilities for service continuity
    • Ability to auto-correct errors
    • Modularity of the operating system to isolate processes, so errors are isolated and cannot affect other functions

Brocade Global Services

Brocade Global Services has the expertise to help organizations build scalable, efficient cloud infrastructures. Leveraging 20 years of expertise in storage, networking, and virtualization, Brocade Global Services delivers worldclass professional services, technical support, and education services, enabling organizations to maximize their Brocade investments, accelerate new technology deployments, and optimize the performance of networking infrastructures.

Acquisition Options That Match Balance Sheet Objectives

Successful network deployments drive business forward, providing technical and financial agility. Brocade offers the broadest financing models, from traditional leasing to Brocade Network Subscription. Network-as-a-Service allows organizations to subscribe to network assets today then upgrade on demand, scale up or down, or return them with 60-day notification. Brocade Network Subscription plans can be structured to meet IASC guidelines for OpEx or CapEx treatment to align with financial goals.

Maximizing Investments

To help optimize technology investments, Brocade and its partners offer complete solutions that include professional services, technical support, and education.

Specifications:


Brocade vRouter Specifications
IPv4/IPv6 Routing
  • BGPv4, BGPv6
  • OSPFv2
  • OPSFv3
  • BGP Multipath
  • RIPv1 and RIPv2
  • Static Routes
  • Policy-Based Routing (PBR)
  • IPv6 Policy
  • IPv6 SLAAC
  • Multicast
IP Address Management
  • Static
  • DHCP Server
  • DHCP Client
  • DHCP Relay
  • Dynamic DNS
  • DNS Forwarding
  • IPv6 DNS Resolver
  • DHCPv6 Server, Client
  • DHCPv6 Relay
Encapsulations
  • Ethernet
  • 802.1Q
  • GRE
  • QinQ
Firewall
  • Stateful Inspection Firewall
  • Zone-based Firewall
  • IPv6 Firewalling
  • ICMP Type Filtering
  • Policy Rate Limiting
Tunneling/VPN
  • SSL-based OpenVPN
  • Site to Site VPN (IPsec)
  • Remote VPN (L2TPv3, IPsec)
  • OpenVPN Client Auto-Configuration
  • Layer 2 Bridging over GRE
  • Layer 2 Bridging over OpenVPN
  • OpenVPN Dynamic Client Bundler
  • Dynamic Multipoint VPN (DMVPN)
  • OpenLDAP Authentication
Additional Security
  • Network Address Translation
    • IPv4 to IPv4
    • IPv6 to IPv4
  • 3DES, AES Encryption, IKEv2
  • Suite-B for L3 IPsec
    • Advanced Encryption Standard (AES) Galois/Counter Mode (GCM) with key sizes of 128 and 256 bits
    • Elliptic Curve Diffie-Hellman (ECDH) – DH groups 19, 20
    • Elliptic Curve Digital Signature Algorithm (ECDSA)
    • Secure Hash Algorithm (SHA) - SHA-256 and SHA-384 for message digest
  • MD5, SHA-1, SHA-2 (256-bit) Authentication
  • RSA, Diffie-Helman Key Management
  • NAT Traversal
  • Role-Based Access Control (RBAC)
Performance Optimization
  • ECMP
  • Bandwidth Management
  • CPU Affinity
Virtual Routing and Forwarding (VRF-Lite)
  • VRF-aware routing: static, OSPF, BGP
  • VRF-aware services: FW, NAT, PBR, ALG, DHCP, SSH, TWAMP, VRRP, BFD, flow monitoring
  • VRF-aware tunnels: GRE, IPsec
Multiprotocol Label Switching (MPLS)
  • Label Distribution Protocol (LDP)
  • Resource Reservation Protocol (RSVP-TE)
  • Data plane support for MPLS forwarding
QoS Policies
  • 8 Queues
  • Policing
  • 1,024 Classes
  • DSCP Classification
  • DSCP Remarking
  • Per Queue DSCP Remarking
  • Weighted Round Robin (WRR)
  • Random Early Detection (RED)
  • Weighted Random Early Detection (WRED)
  • Strict Priority Queuing
  • Ethernet (Layer 2) Header Matching
  • Ethertype support
  • 4,095 VLAN Support and Tagging
  • Bandwidth Percentage Limits
High Availability
  • Stateful Firewall/NAT Failover
  • VRRPv2 (IPv4 and IPv6)
  • VRRPv3 (IPv6)
  • Configuration Replication
  • VRRP Support with IPsec VPN
  • Bidirectional Forwarding Detection (BFD)
  • Link Aggregation Control Protocol (LACP)
Administration and Authentication
  • Integrated CLI
  • Web GUI
  • Brocade Vyatta Remote Access API (RESTful API)
  • NETCONF/YANG
  • Configured API for Python, Perl, and Ruby languages
  • Telnet
  • SSHv2/SSH Public Key
  • Binary Image Install
  • Image Cloning
  • RADIUS
  • TACACS+
  • X.509 digital certificate authorization
  • Single Configuration File
  • Configuration Audit
  • CPU Affinity Configuration for Data Plane
Diagnostics, Logging, and Monitoring
  • Two-Way Active Measurement Protocol (TWAMP) Flow Monitoring
  • tcpdump
  • BGP MD5 Support
  • Wireshark Packet Capture
  • Syslog
  • SNMPv3
  • SNMP for IPv6
  • SPAN port mirroring
  • RSPAN port mirroring
  • ERSPAN mirroring
  • Flow monitoring
    • IPFIX (RFC 7011) export
    • NetFlow Version 9 export
Hypervisor Support
  • Embedded KVM libvirt
  • VMware ESXi
  • KVM
  • Microsoft Hyper-V
  • XenServer
  • Amazon Machine Image (AMI)
  • Interface hot-plug support
    • KVM
    • ESXi

RFC Compliance:


Multicast

  • RFC 1112 Host Extensions for IP Multicasting
  • RFC 2236 Internet Group Management Protocol Version 2
  • RFC 2710 Multicast Listener Discovery (MLD) for IPv6
  • RFC 3376 Internet Group Management Protocol Version 3
  • RFC 3810 Multicast Listener Discovery Version 2 (MLD v2) for IPv6
  • RFC 4604 Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source-Specific Multicast
  • RFC 3973 Protocol Independent Multicast-Dense Mode (PIM-DM) Protocol Specification (Revised)
  • RFC 4601 Protocol Independent Multicast - Sparse Mode (PIM-SM)
  • RFC 3618 Multicast Source Discovery Protocol (MSDP)

OSPF

  • RFC 2328 OSPF Version 2
  • RFC 2370 The OSPF Opaque LSA Option
  • RFC 1583 Compatibility OSPF Version 2

OSPFv3

  • RFC 5340 OSPF for IPv6
  • RFC 5838 Support of Address Families in OSPFv3

RIP and RIPng

  • RFC 1058 Routing Information Protocol
  • RFC 2453 RIP Version 2
  • RFC 2080 RIPng for IPv6
  • RFC 2081 RIPng Protocol Applicability Statement

BFD

  • RFC 5880 - BFD RFC (Not supported sections - 4.3, 4.4, 5, 6.4, 6.6, 6.8.13, 6.8.14, 6.8.18)
  • RFC 5881 - BFD for IPv4/v6 RFC 5882 - Generic Application of Bidirectional Forwarding Detection (BFD) (Not supported sections - 4.3, 7)
  • RFC 5883 - Bidirectional Forwarding Detection (BFD) for Multihop Paths (Not supported sections - 4.2)
  • RFC 7331 – BFD MIB

BGP

  • RFC 4271 A Border Gateway Protocol 4 (BGP-4)
  • RFC 1997 BGP Communities Attribute
  • RFC 2439 BGP Route Flap Damping
  • RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing
  • RFC 2918 Route Refresh Capability for BGP-4
  • RFC 4273 Definitions of Managed Objects for BGP-4
  • RFC 4360 BGP Extended Communities Attribute
  • RFC 4456 BGP Route Reflection—An Alternative to Full Mesh IBGP
  • RFC 4724 Graceful Restart Mechanism for BGP - Only Helper mode
  • RFC 4760 Multiprotocol Extensions for BGP-4
  • RFC 5065 Autonomous System Confederations for BGP
  • RFC 5082 The Generalized TTL Security Mechanism (GTSM)
  • RFC 5291 Outbound Route Filtering Capability for BGP-4
  • RFC 5292 Address-Prefix-Based Outbound Route Filter for BGP-4
  • RFC 5492 Capabilities Advertisement with BGP-4
  • RFC 5925 The TCP Authentication Option (MD5)
  • RFC 6793 BGP Support for Four-octet AS Number Space
  • RFC 2842 Capabilities Advertisement with BGP-4
  • RFC 4760 Multiprotocol Extensions for BGP-4
  • RFC 3065 Autonomous System Confederations for BGP
  • RFC 2796 BGP Route Reflection—An Alternative to Full Mesh IBGP

IPsec

  • RFC 2401 Security Architecture for the Internet Protocol
  • RFC 2402 IP Authentication Header (AH)
  • RFC 2406 IP Encapsulating Security Payload (ESP)
  • RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP
  • RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP)
  • RFC 2409 The Internet Key Exchange (IKE)
  • RFC 2412 The OAKLEY Key Determination Protocol
  • RFC 3526 More Modular Exponential (MODP) DiffieHellman groups for Internet Key Exchange (IKE)
  • RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers
  • RFC 4307 Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
  • RFC 4478 Repeated Authentication in Internet Key Exchange (IKEv2) Protocol
  • RFC 7296 Internet Key Exchange Protocol Version 2 (IKEv2)
  • RFC 7815 Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation

Tunneling

  • RFC 1853 IP in IP tunneling
  • RFC 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers
  • RFC 3884 Use of IPsec Transport Mode for Dynamic Routing
  • RFC 1702 Generic Routing Encapsulation over IPv4 Networks
  • RFC 2784 Generic Routing Encapsulation

General

  • RFC 2461 Neighbor Discovery for IP Version 6 (IPv6)
  • RFC 2464 Transmission of IPv6 Packets over Ethernet Networks
  • RFC 1918 Address Allocation for Private Internets
  • RFC 4330 Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6, and OSI
  • RFC 4291 IP Version 6 Addressing Architecture
  • RFC 4941 Privacy Extensions for Stateless Address Autoconfiguration in IPv6
  • RFC 4862 IPv6 Stateless Address Auto-configuration
  • RFC 4861 Neighbor Discovery for IP version 6 (IPv6)
  • RFC 2332 NBMA Next Hop Resolution Protocol (NHRP)
  • RFC 3046 DHCP Relay Agent Information Option
  • RFC 3442 The Classless Static Route Option for Dynamic Host Configuration Protocol (DHCP) version 4
  • RFC 2131 Dynamic Host Configuration Protocol
  • RFC 3315 Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
  • RFC 3736 Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6
  • RFC 3442 The Classless Static Route Option for Dynamic Host Configuration Protocol (DHCP) version 4
  • RFC 2136 Dynamic Updates in the Domain Name System (DNS UPDATE)
  • RFC 5735 Special Use IPv4 Addresses
  • RFC 3513 Internet Protocol Version 6 (IPv6) Addressing Architecture
  • RFC 2606 Reserved Top-Level DNS Names
  • RFC 6241 Network Configuration Protocol (NETCONF)
  • RFC 6020 YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)
  • RFC 6022 YANG Module for NETCONF Monitoring

SNMP

  • RFC 1525 Definitions of Managed Objects for Source Routing Bridges
  • RFC 2742 Definitions of Managed Objects for Extensible SNMP Agents
  • RFC 2786 Diffie-Helman USM Key Management Information Base and Textual Convention
  • RFC 2856 Textual Conventions for Additional High-Capacity Data Types
  • RFC 2864 The Inverted Stack Table Extension to the Interfaces Group MIB
  • RFC 3165 Definitions of Managed Objects for the Delegation of Management Scripts
  • RFC 3231 Definitions of Managed Objects for Scheduling Management Operations
  • RFC 3411 An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks
  • RFC 3412 Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)
  • RFC 3413 Simple Network Management Protocol (SNMP) Applications
  • RFC 3414 User-based Security Model (USM) for Version 3 of the Simple Network Management Protocol (SNMPv3)
  • RFC 3415 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)
  • RFC 3417 Transport Mappings for the Simple Network Management Protocol (SNMP)
  • RFC 3419 Textual Conventions for Transport Addresses
  • RFC 3584 Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework
  • RFC 3635 Definitions of Managed Objects for the Ethernetlike Interface Types
  • RFC 3826 The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
  • RFC 4001 Textual Conventions for Internet Network Addresses
  • RFC 4273 Definitions of Managed Objects for BGP-4
  • RFC 5591 Transport Security Model for the Simple Network Management Protocol (SNMP)
  • RFC 5953 Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)

Documentation:

Download the Brocade Vyatta Network OS Datasheet(PDF).