Vyatta Core – Giải Pháp UTM
Mã Nguồn Mở


 !"#$%#
&'()&*(+#$,-
&'()&.*)#$/01
&'()&*+&2!345
&'()&6)*#$7
Mục lục
Danh sách hình vẽ
Danh sách bảng
2
1 GIỚI THIỆU
89:;1<#=>--##-?#@1A1B?-?C
1>#D1E101F-GD1H=1AHI-1J?KLM?N9O1O
1NHK>1<?PQ/;H?@8>@MRL@,--11
?NP>1AHI1:1-9AS1014RTR3RU1R1V
WR9:LXV?Y9RQZ
[\L#1J=NI[-9A?=?9O1O1:11A-#RF
N1#L1]?K1014D1E^9=1014?KI[
D19A?=?Q#19_H;[?KLM?N1 L9>
-?K,H=H:-RHD1L-HM1:11>#F-GQ3_ O1:1I[9A
101<`@1ab1J:,1RD11:1K9A?=?_1^9LM
%?`1<21@caR2b1dMe>ef?19_Q
%HJH=--#J??@gP?;-P-#=Vyatta Core – giải pháp UTM
mã nguồn mở11,91:1_4H[#I-?Y?N1J;#I1
1:1I[9A101# O#1:19A?=?B?N?51=Q
3#`-?KLH=-?NH^1XV# 8 8%a?K9V
9MhSiX,EIbH^11]H;1]11,91:1_4R [1O
?NQJ-9?jk?l1<3#em 1>#3#9:-

98[9A101L1;e-YH^1@8C^F1_j
3#Q
3#em"H^11-HD1:1=9A10X'r1uQ
3#em321@"H^11-HD1:1=J`X
xR32RxR 7y32Q
• Về phần cứng
3#7 991"-1:1I[9A10HjH^1MR1J_B_1
1-1-HD@•9A?=?3#emQ
• Dành cho cộng đồng
5
3#`"-9?jk?lR--?$9_1<3#em -
11KHk1:1-9:;-\ nRE1011J1A10R;e
-,e>YH^11:1 [1O1#L9F3#Q
2.2 Các chức năng chính của Vyatta Network OS
• Kết nối mạng
N{1<LM3#-?K1B1IH[#I901N9RC^HA#H<1:101
H[#IHK=.-raqRmRbQ-1w C^1?N
e> V#1u'&)Q66R1:1I9-1:11 v1JM1HK6&9@Q
• Tường lửa
\€1<3#EKe4e;? #L11J.-rQ`:1
_411,9k?•@ S?@ TR)TQ
• Lọc nội dung và phòng chống xâm nhập
7LM3#11,9??K?01HKL1:11<HK11:1?MH
UKU1>?-1B1I9w1MXV?Y9Ia1JJ
[1O3#ihbQ
• Bảo vệ các kết nối từ xa
IY9 1:1eIM 3 -a@€ O 1b pD1=L
M3#D1,etI[1JC^13-Q/k\1w11,9e
4#1Y9?NFX-1\ n\_4i@ m93Q
• Quản lý lưu lượng

Private & Public Cloud
Vyaa for The Cloud
Vyaa for The Cloud
Vyaa for the Amazon Cloud
Vyaa for the Amazon Cloud
Virtual Datacenter
Virtual Datacenter
Vyaa for Virtualizaon
Vyaa for Virtualizaon
Vyaa for Riverbed RSP
Vyaa for Riverbed RSP
Physical Network Edge
Physical Network Edge
Vyaa Appliances
Vyaa Appliances
Vyaa Network OS
Vyaa Network OS
7P)`:19:9;e3#
L1I=1:1J?9:91d-1:1-L=1:1?>P;
e?!RX?e?lH[1]@"
9"SSQ#Q1?S@@
`:19AI91<:1:-#@gY9-L10 O9:93#`
-?K?>P;e1:1#1A1O;-AM81Il1:1 
L9Q`:111-HD-1,P1:1-9A1014H=H^181L
?>\JQ
9
3 TẢI VÀ CÀI ĐẶT VYATTA CORE
A-#@g?>1:1n#1U;e-1:111-HD??KLM3#
`Q
3.1 Yêu cầu phần cứng tối thiểu

HJTmH„`%-elHK?:#_Fi`%FNQ
I,# ,51Lvyatta login:P„-LM3#Hjel1N#-
1>Q
/4Y9-e-?YeuH=-#Q
7P*/4Y9-LM3#
i|"HM\^91-HD3#`?>\JP1]1A5T
m=l-E`%kelHK?:#FE`%HJ-81L1:11
I9HV#Q
3.3.2 `-HDFi`%
e-H^1?>\i`%R1Je;1-HDLM3#I[
p -V-"
• Image-based install:1:1-#R1J;1-HD=91<3#
1n?K?:#1<R?C9@g-?KTa?bQyY
?:#R19f91U?K?H;elHK-L11#;HEp1:1?H;
@€ O1dHBQ
• Disk-based install:e:11- N?lR1:1-#@g@€ Oe;XI9
HD1:1T#=Ma01-@g1J9Vn101:1c "
SRS RS?RS@RSRS1RS?9RQQQbQ`:1?-1:19e:11<
3#1J;H^1?-@eLMH^11-e; @e@ -#Q
1
1
%HV#@g?U1-e; @e@ a1dAB81e;?@ b
1 N ,51L@eH4Y9R{L @@#@? aD1 @?
I1U1-e;?@ bQ
2 i-?1:1 !?-PH;-,}:P1-HDa|1:1
11U9Vn1-3#R?Yeu1-eR[_1-hqbQ
3 …i`%-H?-qmHjH^1IY9H;elHKFE1010
LM3#FH^11-Q
4 {LH;elHKN?:#Q
3.3.3 y;?1-HD

y1,PXWL@j#>L1??H;1,P1JL81Q
qN1J n9_?H;-,L1wIR n ,ˆH;X? !1<LQ
Ghi chú"3L1@€ O L`ie>}:eJHM\HjF-?L1
I[?NQ%HJ-I-#e>H=1Y91IQ
4.2 Quản trị hệ thống
--#N81-1,P>1B1@RH^1?>@BHk
?N@HV#Q
1
4
7P+`,P1:1>1@
Thực hành 1. `,P>@
%nL @@#@?@‐?6 H;HD@?1I[QHJ6
1_-@?1AHDQ
%nL@@#@? ?‐??# ?Q1?H;HD ??1I
[-#QHJ?# ?Q1?1_- ?1AHDQ
%n  L @@#@?@1‐@‐?99@‐?66&Q&Q&Qr( H;
?99?KH[1]9-@?QiL1J„@6@gH^1?9„
H[1]9-6&Q&Q&Qr( a1I-#ML1NH[„T@
 @b
%nL@@#@??‐@6&Q6&Q.&Q*.H;1]H[ @@HJw
9V ?I[-#QHJ6&Q6&Q.&Q*.1_- @@_ OQ
%nL@@#@?#‐ @@6+)Q6rQ&Q)(.H;1]H[H[1]#
1I[Q
`M1nN1J; n1:1L@B0H;X?N1,PlQ
4.3 Quản trị user
/;1081e-1,P3#E^,11:1011081"
• `0811W@S9@@H^11O1KI[Q
• `081}%h@Q
• `081}``‚
• € O7H;NeJ1>ee1081Q

n017H;1,PFXQ
Thực hành 3. `,P01@@
/;Y01@@N nL@@1@@
%nL@@1@@H;e;?NQ
%n?K1BP@@-HJH;€eIM-I[}@@R9))Q
1
7
5 TÍNH NĂNG NỔI BẬT
5.1 Giải pháp Định Tuyến
/[#I-Pˆ`9f91…>e>_11IlHV#Q9A-#R1…
@g;e1:19:9H[#I?-3#E^Q51HIH[#IR1…
1J;9VN?>P@"
7P†`:101H[#IH^1C^
/[#IK?=1J;e;HI1:101RvRmRQ/[#IN
?=P1JqQ9A-#1…@g;e*01Rm-qQ
1
8
5.1.1 01
1.1.1.1 2>P
7P6&2>P;e
;e?>P?NQ2C-?K?:#H^11-HD3#R1J
1 ?NQHJ@€ O1 91eH;-?1?Cn?NQ
1.1.1.2 `,P
/;1,PH[#IR?CR-1IHK1TQ
Thực hành 4. `,PH[#I
#Ž6•@91@9e6&Q&Q.&Q&S).
#Ž6•@91@9 @11
#Ž6•1??
#Ž6•@91@
9•

` @"‐R`‐11 R‐1Rm‐mRq‐q
‐1 @"
ab‐?Ra@b‐@1Ra b‐ cRab‐ @R
ab‐c1
eX7921??
ab6&Q&Q)&Q&S).6&Q&Q(&Q)*6&Q&Q(&Q)&&&")*
ab6&Q&Q*&Q&S).6&Q&Q(&Q)*6&Q&Q(&Q)&&&")*
ab6&Q&Q.&Q&S).6&Q&Q(&Q))6&Q&Q(&Q)&&&")*
`ab6&Q&Q(&Q&S).&Q&Q&Q&6@c&
`ab6&Q&Qr&Q&S).&Q&Q&Q&6@ca11 "6b&
#Ž*"’“
6N?K1 91e1JH[1]6&Q&Q)&Q6S).R@HJe;?WL
9F*
#Ž*"’“96&Q&Q)&Q6
2
0
6&Q&Q)&Q6a6&Q&Q)&Q6b(ra'.b#@c Q
r.#@c?6&Q&Q)&Q6"1?9—@}˜6˜r*?˜+Q*†?@
r.#@c?6&Q&Q)&Q6"1?9—@}˜)˜r*?˜6Q(r?@
r.#@c?6&Q&Q)&Q6"1?9—@}˜*˜r*?˜6Q.†?@
™`
‐‐‐6&Q&Q)&Q69@@1@‐‐‐
*91e@@? R*1 R&š91e@@R?)&&)?@
?SS?XS? ˜6Q.†+S*Q.')S+Q*†&S)Q+r*?@
#Ž*"’“
5.1.2 Giao thức OSPF
1.1.1.4 2>P
;e?>P?N@HV#R?>P-#M-1a01bQ
Hình 11 – Mô hình triển khai OSPF
1.1.1.5 `,P

#Ž*•@91@@9c @11
#Ž*•1??
1.1.1.6 y;?
B8R nL@9H;e;?01mHjNHKQ
5.1.3 Giao thức BGP
q-?K01H[#IN?=Q`I=01-#@ge>H^1
YlHV#Q51HIq1…1Je:L?
• q"2C9A€q?K1n
• q"2C9AFq1Je:1Q
--#@g;eNH[#IqQ
1.1.1.7 ;eq
Mô hình mạng
;e?>P?N@"
2
2
`:16R)R*R.H^1NF?:#R1nM-?K1 ?N #,QqM
-#N-6&&Q7l)&&-*&&1]-^RNe>
1AN-#Qe1-HDRNHD1:1>1Bk?@?R-H[1]
911:1Q
Hình 12 – Mô hình triển khai iBGP
Cấu hình iBGP
`:1H^1:j6R)R*R.HJw-qQ
Thực hành 8. `,Pq6R-6&&R01H[#Im
#Ž6•@91@@9c&Q&Q&Q&e6&Q&Q&Q66S*)
#Ž6•@91@@9c&Q&Q&Q&e6+)Q6rQ&Q&S).
#Ž6•@91@@9c&Q&Q&Q&e''Q''Q''Q&S*&
#Ž6•@91@@9c9?@‐ 6&Q&Q&Q66
#Ž6•@91@@9c9@@‐c1&
#Ž6•@91@96&&6&Q&Q&Q))?‐@6&&
#Ž6•@91@96&&6&Q&Q&Q))9 ‐@16&Q&Q&Q66

#Ž*•@91@96&&9?@‐ 6&Q&Q&Q**
#Ž*•1??
Thực hành 11. `,Pq.
#Ž.•@91@@9c&Q&Q&Q&e6&Q&Q&Q S*)
#Ž.•@91@@9c&Q&Q&Q&e6+)Q6rQ&Q&S).
#Ž.•@91@@9c&Q&Q&Q&e††Q††Q††Q&S*&
#Ž.•@91@@9c9?@‐ 6&Q&Q&Q
#Ž.•@91@@9c9@@‐c1&
2
4
#Ž.•@91@96&&6&Q&Q&Q66?‐@6&&
#Ž.•@91@96&&6&Q&Q&Q669 ‐@16&Q&Q&Q
#Ž.•@91@96&&6&Q&Q&Q))?‐@6&&
#Ž.•@91@96&&6&Q&Q&Q))9 ‐@16&Q&Q&Q
#Ž.•@91@96&&6&Q&Q&Q**?‐@6&&
#Ž.•@91@96&&6&Q&Q&Q**9 ‐@16&Q&Q&Q
#Ž.•@91@96&&9?@‐ 6&Q&Q&Q
#Ž.•1??
Kiểm tra
%nL@99H;e;?1,P9
Thực hành 12. iL@99@??#
#Ž6"’“@99@??#
q T6&Q&Q&Q66R1?6&&
q@6R@r.#@c??#
@*R@+(r&#@c??#
32@1 2@3smsh9S%ScX
1
6&Q&Q&Q)).6&&r6&&&&&&"&."6'&
6&Q&Q&Q**.6&&r6&&&&&&"&."6.&
6&Q&Q&Q .6&&(r&&&&&"&)"((&