alt Hacker NewsMaybe someone in this thread has a couple of ideas:
What’s the simplest way to spin up a simple „cattle, not pet“ routing VM? I don’t want to mess with any state, I just want version controllable config files. Ideally, if applying a version fails, it would automatically roll back to the previous state.
OpenWRT seems like it fits my description most closely, but maybe someone here is a fan of something more flashy/modern.
Replies
That sounds like you might like VyOS. I found it to be relatively easy to achieve exactly what I wanted, but went back to a GUI as it turned out I wanted a pet and not start a farm.
I recommend Pfsense or OpnSense if your hardware works with a FreeBSD-based thing. They're super easy to set up and don't have many surprises.
After I upgraded to a 10GbE ethernet card in my previous router, my card didn't work correctly with FreeBSD-based stuff anymore. I changed to ClearOS and that was actually comparably easy to Pfsense...maybe even easier? I recommend checking that one out.
OPNsense. I use it on dell optiplex SFF for about 8 years. Was never tempted to use VM for routing, but many do.
Version control is in the GUI, you can adapt for your needs the number of changes you need. automatic config.xml backup also possible.
[dead]
NixOS using https://github.com/thequux/nix-zone-firewall/ worked well for me for many years. I only stopped using it because my poor embedded Linux machine started having issues and it made more sense to go with a Mikrotik than to buy a new device to run as a soft router.