Q: New Router - 1.1.8 or Rolling


#1

Hi !

I’m going to setup new router (pretty standard configuration) with 2 failover links to ISPs, DMZ, and internal net.
On DMZ - 2 failover servers with ISPConfig (DNS/mail/web/ftp).

In the nearby feature will need VPN between several locations.
Traffic volume is quite low by today’s standards.

  1. Question - is beta/rolling stable enough for this simple installation? What new features rolling have compared to stable 1.1.8?

  2. Does VyOS have network threat detection engine (snort or suricata) as standard feature (I mean at least support with VyOS scripting engine/language) ?


#2

Hi

  1. Yes it is, still there are some sharp edges, i will recommend install and test it (it’s based on debian 8 so comes with more fresher software)
  2. No we don’t, and likely will not have any time soon

#3

Where I can find changelog of rolling releases, and list of open bugs/issues ?


#4

https://phabricator.vyos.net


#5

Is FreeRangeRouting implementation within VyOS rolling release is stable enough for everyday use ?
Simple setup - just 2 failover links to 2 ISPs (+BGP) and DNS server in our DMZ.


#6

Nope, there is experimental image, however it´s not recommended for production
for your simple setup - 1.2 should be stable enough
Do you want deploy it physical or virtual?


#7

Deployment is under KVM, on 10-port fanless mini PC with Celeron SoC, host OS is OpenSuSE Leap4.
1.1.8 is based on Debian Squeeze, which is ancient old, this is why I’m looking for rolling release.

PS: Is it safe to update rolling with apt-get upgrade ?


#8

No,
apt-get upgrade is never was supported.
should break system in most cases


#9

Rolling release - is it based on 1.2, 1.3 or 2.0 beta ?