diff options
author | rebortg <24626486+rebortg@users.noreply.github.com> | 2024-03-18 20:13:24 +0000 |
---|---|---|
committer | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-03-18 20:13:24 +0000 |
commit | b7e06049dce4b6556b5feb50305ec258cfe06bf8 (patch) | |
tree | 6479c3ad228ee1af6030bdd88d335c5c11cc11e4 | |
parent | 8e52d8235ac1c1d174afcdd5bd5dc4f36795daef (diff) | |
download | vyos-documentation-b7e06049dce4b6556b5feb50305ec258cfe06bf8.tar.gz vyos-documentation-b7e06049dce4b6556b5feb50305ec258cfe06bf8.zip |
Github: update translations
99 files changed, 17896 insertions, 6146 deletions
diff --git a/docs/_locale/de/LC_MESSAGES/automation.mo b/docs/_locale/de/LC_MESSAGES/automation.mo Binary files differindex cb431fe9..e9c17870 100644 --- a/docs/_locale/de/LC_MESSAGES/automation.mo +++ b/docs/_locale/de/LC_MESSAGES/automation.mo diff --git a/docs/_locale/de/LC_MESSAGES/cli.mo b/docs/_locale/de/LC_MESSAGES/cli.mo Binary files differindex 1722898e..458b4cbd 100644 --- a/docs/_locale/de/LC_MESSAGES/cli.mo +++ b/docs/_locale/de/LC_MESSAGES/cli.mo diff --git a/docs/_locale/de/LC_MESSAGES/configexamples.mo b/docs/_locale/de/LC_MESSAGES/configexamples.mo Binary files differindex 4c237a80..d0746d0d 100644 --- a/docs/_locale/de/LC_MESSAGES/configexamples.mo +++ b/docs/_locale/de/LC_MESSAGES/configexamples.mo diff --git a/docs/_locale/de/LC_MESSAGES/configuration.mo b/docs/_locale/de/LC_MESSAGES/configuration.mo Binary files differindex 5d09f4b5..c48c777b 100644 --- a/docs/_locale/de/LC_MESSAGES/configuration.mo +++ b/docs/_locale/de/LC_MESSAGES/configuration.mo diff --git a/docs/_locale/de/LC_MESSAGES/contributing.mo b/docs/_locale/de/LC_MESSAGES/contributing.mo Binary files differindex affcbb27..1acfd8cb 100644 --- a/docs/_locale/de/LC_MESSAGES/contributing.mo +++ b/docs/_locale/de/LC_MESSAGES/contributing.mo diff --git a/docs/_locale/de/LC_MESSAGES/copyright.mo b/docs/_locale/de/LC_MESSAGES/copyright.mo Binary files differindex 23772d99..b0418135 100644 --- a/docs/_locale/de/LC_MESSAGES/copyright.mo +++ b/docs/_locale/de/LC_MESSAGES/copyright.mo diff --git a/docs/_locale/de/LC_MESSAGES/documentation.mo b/docs/_locale/de/LC_MESSAGES/documentation.mo Binary files differindex bd88ebc5..5c8bb64e 100644 --- a/docs/_locale/de/LC_MESSAGES/documentation.mo +++ b/docs/_locale/de/LC_MESSAGES/documentation.mo diff --git a/docs/_locale/de/LC_MESSAGES/installation.mo b/docs/_locale/de/LC_MESSAGES/installation.mo Binary files differindex d04f2532..427f08fd 100644 --- a/docs/_locale/de/LC_MESSAGES/installation.mo +++ b/docs/_locale/de/LC_MESSAGES/installation.mo diff --git a/docs/_locale/de/LC_MESSAGES/quick-start.mo b/docs/_locale/de/LC_MESSAGES/quick-start.mo Binary files differindex c14e354d..bd8c13a0 100644 --- a/docs/_locale/de/LC_MESSAGES/quick-start.mo +++ b/docs/_locale/de/LC_MESSAGES/quick-start.mo diff --git a/docs/_locale/de/automation.pot b/docs/_locale/de/automation.pot index efd67b47..efe2eae0 100644 --- a/docs/_locale/de/automation.pot +++ b/docs/_locale/de/automation.pot @@ -8,6 +8,51 @@ msgstr "" "Language: de\n" "Plural-Forms: nplurals=2; plural=(n==1) ? 0 : 1;\n" +#: ../../automation/terraform/index.rst:15 +msgid "# terraformAZ # terraformvSphere # terraformGoogle" +msgstr "# terraformAZ # terraformvSphere # terraformGoogle" + +#: ../../automation/vyos-terraform.rst:707 +msgid "#az login" +msgstr "#az login" + +#: ../../automation/vyos-terraform.rst:261 +#: ../../automation/vyos-terraform.rst:283 +#: ../../automation/vyos-terraform.rst:711 +#: ../../automation/vyos-terraform.rst:731 +#: ../../automation/vyos-terraform.rst:1008 +#: ../../automation/vyos-terraform.rst:1029 +msgid "#cd /your folder" +msgstr "#cd /your folder" + +#: ../../automation/vyos-terraform.rst:287 +#: ../../automation/vyos-terraform.rst:735 +#: ../../automation/vyos-terraform.rst:1033 +msgid "#terraform apply" +msgstr "#terraform apply" + +#: ../../automation/vyos-terraform.rst:263 +#: ../../automation/vyos-terraform.rst:713 +#: ../../automation/vyos-terraform.rst:1010 +msgid "#terraform init" +msgstr "#terraform init" + +#: ../../automation/vyos-terraform.rst:285 +#: ../../automation/vyos-terraform.rst:733 +#: ../../automation/vyos-terraform.rst:1031 +msgid "#terraform plan" +msgstr "#terraform plan" + +#: ../../automation/vyos-terraform.rst:289 +#: ../../automation/vyos-terraform.rst:737 +#: ../../automation/vyos-terraform.rst:1035 +msgid "#yes" +msgstr "#yes" + +#: ../../automation/cloud-init.rst:363 +msgid "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." +msgstr "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." + #: ../../automation/cloud-init.rst:363 msgid "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." msgstr "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." @@ -32,11 +77,11 @@ msgstr "**user-data**: includes vyos-commands." msgid "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" msgstr "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" -#: ../../automation/vyos-api.rst:322 +#: ../../automation/vyos-api.rst:323 msgid "/config-file" msgstr "/config-file" -#: ../../automation/vyos-api.rst:265 +#: ../../automation/vyos-api.rst:266 msgid "/configure" msgstr "/configure" @@ -68,10 +113,239 @@ msgstr "/retrieve" msgid "/show" msgstr "/show" +#: ../../automation/vyos-terraform.rst:993 +msgid "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" +msgstr "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:61 +msgid "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/vyos-terraform.rst:692 +msgid "1.1 Create an account with Azure" +msgstr "1.1 Create an account with Azure" + +#: ../../automation/vyos-terraform.rst:243 +msgid "1.2 Create a key pair and download your .pem key" +msgstr "1.2 Create a key pair and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:63 +msgid "1.2 Create a key pair_ and download your .pem key" +msgstr "1.2 Create a key pair_ and download your .pem key" + +#: ../../automation/vyos-terraform.rst:245 +msgid "1.3 Create a security group for the new VyOS instance" +msgstr "1.3 Create a security group for the new VyOS instance" + +#: ../../automation/terraform/terraformAWS.rst:70 +msgid "1.3 Create a security group_ for the new VyOS instance and open all traffic" +msgstr "1.3 Create a security group_ for the new VyOS instance and open all traffic" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + +#: ../../automation/terraform/terraformAWS.rst:266 +msgid "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." +msgstr "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." + +#: ../../automation/terraform/terraformvSphere.rst:23 +msgid "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" +msgstr "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:77 +#: ../../automation/terraform/terraformAZ.rst:54 +#: ../../automation/terraform/terraformvSphere.rst:53 +msgid "1 Create an UNIX instance whenever you want (local, cloud, and so on)" +msgstr "1 Create an UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:54 +#: ../../automation/terraform/terraformAZ.rst:26 +#: ../../automation/terraform/terraformvSphere.rst:29 +msgid "1 Create an UNIX or Windows instance" +msgstr "1 Create an UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:29 +msgid "1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/terraform/terraformAZ.rst:21 +msgid "1 Create an account with Azure" +msgstr "1 Create an account with Azure" + +#: ../../automation/terraform/terraformAWS.rst:86 +msgid "2.1 Create a0 UNIX or Windows instance" +msgstr "2.1 Create a0 UNIX or Windows instance" + +#: ../../automation/vyos-terraform.rst:250 +#: ../../automation/vyos-terraform.rst:697 +#: ../../automation/vyos-terraform.rst:998 +msgid "2.1 Create a UNIX or Windows instance" +msgstr "2.1 Create a UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:88 +msgid "2.2 Download and install Terraform" +msgstr "2.2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:90 +msgid "2.3 Create the folder for example /root/awsterraform" +msgstr "2.3 Create the folder for example /root/awsterraform" + +#: ../../automation/vyos-terraform.rst:254 +msgid "2.3 Create the folder for example ../awsvyos/" +msgstr "2.3 Create the folder for example ../awsvyos/" + +#: ../../automation/vyos-terraform.rst:701 +msgid "2.3 Create the folder for example ../azvyos/" +msgstr "2.3 Create the folder for example ../azvyos/" + +#: ../../automation/vyos-terraform.rst:1002 +msgid "2.3 Create the folder for example ../vsphere/" +msgstr "2.3 Create the folder for example ../vsphere/" + +#: ../../automation/vyos-terraform.rst:1004 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project" + +#: ../../automation/vyos-terraform.rst:703 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" + +#: ../../automation/terraform/terraformAWS.rst:96 +msgid "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" +msgstr "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" + +#: ../../automation/vyos-terraform.rst:256 +msgid "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" +msgstr "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" + +#: ../../automation/vyos-terraform.rst:705 +msgid "2.5 Login with Azure using the command" +msgstr "2.5 Login with Azure using the command" + +#: ../../automation/terraform/terraformAWS.rst:98 +msgid "2.5 Type the commands :" +msgstr "2.5 Type the commands :" + +#: ../../automation/terraform/terraformAZ.rst:44 +msgid "2.6 Type the commands :" +msgstr "2.6 Type the commands :" + +#: ../../automation/terraform/terraformAWS.rst:31 +msgid "2 Create a key pair_ and download your .pem key" +msgstr "2 Create a key pair_ and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:79 +#: ../../automation/terraform/terraformAZ.rst:56 +#: ../../automation/terraform/terraformvSphere.rst:55 +msgid "2 Download and install Ansible" +msgstr "2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:56 +#: ../../automation/terraform/terraformAZ.rst:28 +#: ../../automation/terraform/terraformvSphere.rst:31 +msgid "2 Download and install Terraform" +msgstr "2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:270 +msgid "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" +msgstr "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" + +#: ../../automation/vyos-terraform.rst:268 +#: ../../automation/vyos-terraform.rst:718 +#: ../../automation/vyos-terraform.rst:1016 +msgid "3.1 Create a UNIX instance" +msgstr "3.1 Create a UNIX instance" + +#: ../../automation/terraform/terraformAWS.rst:109 +msgid "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" +msgstr "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:111 +msgid "3.2 Download and install Ansible" +msgstr "3.2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:113 +msgid "3.3 Create the folder for example /root/aws/" +msgstr "3.3 Create the folder for example /root/aws/" + +#: ../../automation/vyos-terraform.rst:722 +msgid "3.3 Create the folder for example /root/az/" +msgstr "3.3 Create the folder for example /root/az/" + +#: ../../automation/vyos-terraform.rst:1020 +msgid "3.3 Create the folder for example /root/vsphere/" +msgstr "3.3 Create the folder for example /root/vsphere/" + +#: ../../automation/vyos-terraform.rst:274 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" + +#: ../../automation/vyos-terraform.rst:724 +#: ../../automation/vyos-terraform.rst:1022 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" + +#: ../../automation/terraform/terraformAWS.rst:115 +msgid "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAWS.rst:81 +msgid "3 Create the folder for example /root/aws/" +msgstr "3 Create the folder for example /root/aws/" + +#: ../../automation/terraform/terraformAWS.rst:58 +msgid "3 Create the folder for example /root/awsterraform" +msgstr "3 Create the folder for example /root/awsterraform" + +#: ../../automation/terraform/terraformAZ.rst:58 +msgid "3 Create the folder for example /root/az/" +msgstr "3 Create the folder for example /root/az/" + +#: ../../automation/terraform/terraformAZ.rst:30 +msgid "3 Create the folder for example /root/azvyos/" +msgstr "3 Create the folder for example /root/azvyos/" + +#: ../../automation/terraform/terraformvSphere.rst:33 +msgid "3 Create the folder for example /root/vsphereterraform" +msgstr "3 Create the folder for example /root/vsphereterraform" + +#: ../../automation/terraform/terraformvSphere.rst:57 +msgid "3 Create the folder for example /root/vsphereterraform/" +msgstr "3 Create the folder for example /root/vsphereterraform/" + +#: ../../automation/terraform/terraformAWS.rst:123 +msgid "4.1 Type the commands on your Terrafom instance:" +msgstr "4.1 Type the commands on your Terrafom instance:" + +#: ../../automation/terraform/terraformAWS.rst:83 +msgid "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAZ.rst:60 +msgid "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" +msgstr "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" + +#: ../../automation/terraform/terraformvSphere.rst:59 +msgid "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" +msgstr "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" + #: ../../automation/vyos-api.rst:41 msgid "API Endpoints" msgstr "API Endpoints" +#: ../../automation/terraform/terraformAWS.rst:26 +msgid "AWS" +msgstr "AWS" + +#: ../../automation/vyos-terraform.rst:233 +msgid "AWS_terraform_ansible_single_vyos_instance" +msgstr "AWS_terraform_ansible_single_vyos_instance" + +#: ../../automation/cloud-init.rst:270 +msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." +msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." + #: ../../automation/cloud-init.rst:270 msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." @@ -92,18 +366,43 @@ msgstr "A single-quote symbol is not allowed inside command or value." msgid "Accept minion key" msgstr "Accept minion key" +#: ../../automation/terraform/terraformAWS.rst:255 +msgid "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformAZ.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformvSphere.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + #: ../../automation/vyos-api.rst:15 msgid "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." msgstr "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." +#: ../../automation/terraform/terraformAWS.rst:539 +#: ../../automation/terraform/terraformAZ.rst:484 +#: ../../automation/terraform/terraformvSphere.rst:397 +msgid "All files about the article can be found here_" +msgstr "All files about the article can be found here_" + #: ../../automation/cloud-init.rst:115 msgid "All of these can be overridden using the configuration in user-data." msgstr "All of these can be overridden using the configuration in user-data." +#: ../../automation/terraform/terraformAWS.rst:267 +msgid "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + #: ../../automation/cloud-init.rst:256 msgid "Also, this lab considers:" msgstr "Also, this lab considers:" +#: ../../automation/terraform/terraformAWS.rst:74 +#: ../../automation/terraform/terraformAZ.rst:51 +#: ../../automation/terraform/terraformvSphere.rst:50 #: ../../automation/vyos-ansible.rst:6 msgid "Ansible" msgstr "Ansible" @@ -121,6 +420,15 @@ msgstr "At this step we can get some op-mode information from VyOS nodes:" msgid "Authentication" msgstr "Authentication" +#: ../../automation/terraform/terraformAZ.rst:19 +msgid "Azure" +msgstr "Azure" + +#: ../../automation/vyos-terraform.rst:684 +#: ../../automation/vyos-terraform.rst:985 +msgid "Azure_terraform_ansible_single_vyos_instance" +msgstr "Azure_terraform_ansible_single_vyos_instance" + #: ../../automation/cloud-init.rst:241 msgid "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." msgstr "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." @@ -186,34 +494,38 @@ msgstr "Configuration" msgid "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" msgstr "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" -#: ../../automation/vyos-pyvyos.rst:94 +#: ../../automation/vyos-pyvyos.rst:102 msgid "Configure, then Delete Object" msgstr "Configure, then Delete Object" -#: ../../automation/vyos-pyvyos.rst:141 +#: ../../automation/vyos-pyvyos.rst:149 msgid "Configure, then Load File" msgstr "Configure, then Load File" -#: ../../automation/vyos-pyvyos.rst:101 +#: ../../automation/vyos-pyvyos.rst:109 msgid "Configure, then Save" msgstr "Configure, then Save" -#: ../../automation/vyos-pyvyos.rst:108 +#: ../../automation/vyos-pyvyos.rst:116 msgid "Configure, then Save File" msgstr "Configure, then Save File" -#: ../../automation/vyos-pyvyos.rst:68 +#: ../../automation/vyos-pyvyos.rst:76 msgid "Configure, then Set" msgstr "Configure, then Set" -#: ../../automation/vyos-pyvyos.rst:85 +#: ../../automation/vyos-pyvyos.rst:93 msgid "Configure, then Show Object" msgstr "Configure, then Show Object" -#: ../../automation/vyos-pyvyos.rst:77 +#: ../../automation/vyos-pyvyos.rst:85 msgid "Configure, then Show a Single Object Value" msgstr "Configure, then Show a Single Object Value" +#: ../../automation/terraform/index.rst:5 +msgid "Content" +msgstr "Content" + #: ../../automation/vyos-napalm.rst:89 msgid "Content of commands.conf" msgstr "Content of commands.conf" @@ -242,6 +554,30 @@ msgstr "Custom scripts are not executed with root privileges (Use sudo inside if msgid "DHCP on first Ethernet interface if no network configuration is provided." msgstr "DHCP on first Ethernet interface if no network configuration is provided." +#: ../../automation/terraform/terraformAWS.rst:6 +msgid "Deploying VyOS in the AWS cloud" +msgstr "Deploying VyOS in the AWS cloud" + +#: ../../automation/terraform/terraformAZ.rst:6 +msgid "Deploying VyOS in the Azure cloud" +msgstr "Deploying VyOS in the Azure cloud" + +#: ../../automation/terraform/terraformvSphere.rst:6 +msgid "Deploying VyOS in the vSphere infrastructure" +msgstr "Deploying VyOS in the vSphere infrastructure" + +#: ../../automation/terraform/terraformAWS.rst:39 +msgid "Deploying vyos in the AWS cloud" +msgstr "Deploying vyos in the AWS cloud" + +#: ../../automation/vyos-terraform.rst:299 +msgid "Deploying vyos in the Azure cloud" +msgstr "Deploying vyos in the Azure cloud" + +#: ../../automation/vyos-terraform.rst:742 +msgid "Deploying vyos in the Vsphere infrastructia" +msgstr "Deploying vyos in the Vsphere infrastructia" + #: ../../automation/vyos-netmiko.rst:12 msgid "Example" msgstr "Example" @@ -274,11 +610,39 @@ msgstr "Executing pre-hooks/post-hooks Scripts" msgid "File contents" msgstr "File contents" +#: ../../automation/terraform/terraformAWS.rst:476 +msgid "File contents of Ansible for AWS" +msgstr "File contents of Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:426 +msgid "File contents of Ansible for Azure" +msgstr "File contents of Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:338 +msgid "File contents of Ansible for vSphere" +msgstr "File contents of Ansible for vSphere" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "File contents of Terrafom for AWS" +msgstr "File contents of Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:93 +msgid "File contents of Terrafom for Azure" +msgstr "File contents of Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:96 +msgid "File contents of Terrafom for vSphere" +msgstr "File contents of Terrafom for vSphere" + #: ../../automation/cloud-init.rst:284 msgid "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" msgstr "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" #: ../../automation/cloud-init.rst:347 +msgid "Finally, file **meta-data** has no content, but it's required." +msgstr "Finally, file **meta-data** has no content, but it's required." + +#: ../../automation/cloud-init.rst:347 msgid "Finaly, file **meta-data** has no content, but it's required." msgstr "Finaly, file **meta-data** has no content, but it's required." @@ -306,7 +670,11 @@ msgstr "For more information on the NoCloud data source, visit its `page <https: msgid "From cli or GUI, power on VM, and after it boots, verify configuration" msgstr "From cli or GUI, power on VM, and after it boots, verify configuration" -#: ../../automation/vyos-pyvyos.rst:123 +#: ../../automation/terraform/terraformvyos.rst:26 +msgid "General commands that we will use for running Terraform scripts" +msgstr "General commands that we will use for running Terraform scripts" + +#: ../../automation/vyos-pyvyos.rst:131 msgid "Generate Object" msgstr "Generate Object" @@ -314,7 +682,7 @@ msgstr "Generate Object" msgid "Generate qcow image" msgstr "Generate qcow image" -#: ../../automation/vyos-pyvyos.rst:24 +#: ../../automation/vyos-pyvyos.rst:32 msgid "Getting Started" msgstr "Getting Started" @@ -326,6 +694,22 @@ msgstr "Here is a simple example:" msgid "Here is an example cloud-config that appends configuration at the time of first boot." msgstr "Here is an example cloud-config that appends configuration at the time of first boot." +#: ../../automation/terraform/terraformAWS.rst:23 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" + +#: ../../automation/terraform/terraformAZ.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" + +#: ../../automation/vyos-terraform.rst:987 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" + +#: ../../automation/terraform/terraformvSphere.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" + #: ../../automation/cloud-init.rst:377 msgid "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." msgstr "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." @@ -350,7 +734,7 @@ msgstr "If you need to gather information from linux commands to configure VyOS, msgid "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." msgstr "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." -#: ../../automation/vyos-pyvyos.rst:27 +#: ../../automation/vyos-pyvyos.rst:35 msgid "Importing and Disabling Warnings for verify=False" msgstr "Importing and Disabling Warnings for verify=False" @@ -362,6 +746,18 @@ msgstr "In Proxmox server three files are going to be used for this setup:" msgid "In VyOS, by default, enables only two modules:" msgstr "In VyOS, by default, enables only two modules:" +#: ../../automation/terraform/terraformAWS.rst:17 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." + #: ../../automation/cloud-init.rst:307 msgid "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" msgstr "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" @@ -374,7 +770,7 @@ msgstr "In this lab, we are using 1.3.0 VyOS version and setting a disk of 10G. msgid "Initial Configuration" msgstr "Initial Configuration" -#: ../../automation/vyos-pyvyos.rst:47 +#: ../../automation/vyos-pyvyos.rst:55 msgid "Initializing a VyDevice Object" msgstr "Initializing a VyDevice Object" @@ -386,7 +782,7 @@ msgstr "Injecting configuration data is not limited to cloud platforms. Users ca msgid "Install ``napalm-vyos`` module" msgstr "Install ``napalm-vyos`` module" -#: ../../automation/vyos-pyvyos.rst:15 +#: ../../automation/vyos-pyvyos.rst:23 msgid "Installation" msgstr "Installation" @@ -398,6 +794,10 @@ msgstr "It is possible to configure VyOS via netmiko_ proxy module. It requires msgid "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." msgstr "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." +#: ../../automation/terraform/terraformAWS.rst:282 +msgid "Make sure that Ansible is pinging from Terrafom." +msgstr "Make sure that Ansible is pinging from Terrafom." + #: ../../automation/cloud-init.rst:20 msgid "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." msgstr "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." @@ -410,6 +810,10 @@ msgstr "Most important keys that needs to be considered:" msgid "Napalm" msgstr "Napalm" +#: ../../automation/terraform/terraformvyos.rst:13 +msgid "Need to install_ Terraform" +msgstr "Need to install_ Terraform" + #: ../../automation/vyos-netmiko.rst:6 msgid "Netmiko" msgstr "Netmiko" @@ -418,6 +822,10 @@ msgstr "Netmiko" msgid "Netmiko-proxy" msgstr "Netmiko-proxy" +#: ../../automation/terraform/terraformAWS.rst:-1 +msgid "Network Topology Diagram" +msgstr "Network Topology Diagram" + #: ../../automation/cloud-init.rst:24 msgid "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." msgstr "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." @@ -431,6 +839,7 @@ msgid "NoCloud" msgstr "NoCloud" #: ../../automation/index.rst:6 +#: ../../automation/terraform/index.rst:6 msgid "Nornir" msgstr "Nornir" @@ -495,6 +904,18 @@ msgstr "Power on VM and verifications" msgid "Preconfig on boot" msgstr "Preconfig on boot" +#: ../../automation/terraform/terraformAWS.rst:21 +msgid "Preparation steps for deploying VyOS on AWS" +msgstr "Preparation steps for deploying VyOS on AWS" + +#: ../../automation/terraform/terraformAZ.rst:14 +msgid "Preparation steps for deploying VyOS on Azure" +msgstr "Preparation steps for deploying VyOS on Azure" + +#: ../../automation/terraform/terraformvSphere.rst:14 +msgid "Preparation steps for deploying VyOS on vSphere" +msgstr "Preparation steps for deploying VyOS on vSphere" + #: ../../automation/cloud-init.rst:296 msgid "Prepare cloud-init files" msgstr "Prepare cloud-init files" @@ -523,10 +944,14 @@ msgstr "References" msgid "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." msgstr "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." -#: ../../automation/vyos-pyvyos.rst:132 +#: ../../automation/vyos-pyvyos.rst:140 msgid "Reset Object" msgstr "Reset Object" +#: ../../automation/vyos-terraform.rst:22 +msgid "Run Terraform" +msgstr "Run Terraform" + #: ../../automation/vyos-ansible.rst:80 msgid "Run ansible" msgstr "Run ansible" @@ -555,11 +980,11 @@ msgstr "Salt" msgid "Salt master configuration:" msgstr "Salt master configuration:" -#: ../../automation/vyos-api.rst:344 +#: ../../automation/vyos-api.rst:345 msgid "Save a running configuration to a file." msgstr "Save a running configuration to a file." -#: ../../automation/vyos-api.rst:326 +#: ../../automation/vyos-api.rst:327 msgid "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." msgstr "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." @@ -571,7 +996,7 @@ msgstr "Script vyos-napalm.py" msgid "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." msgstr "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." -#: ../../automation/vyos-pyvyos.rst:115 +#: ../../automation/vyos-pyvyos.rst:123 msgid "Show Object" msgstr "Show Object" @@ -579,6 +1004,32 @@ msgstr "Show Object" msgid "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." msgstr "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." +#: ../../automation/command-scripting.rst:52 +msgid "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." +msgstr "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." + +#: ../../automation/terraform/terraformAWS.rst:537 +msgid "Sourse files for AWS from GIT" +msgstr "Sourse files for AWS from GIT" + +#: ../../automation/terraform/terraformAZ.rst:482 +msgid "Sourse files for Azure from GIT" +msgstr "Sourse files for Azure from GIT" + +#: ../../automation/terraform/terraformvSphere.rst:395 +msgid "Sourse files for vSphere from GIT" +msgstr "Sourse files for vSphere from GIT" + +#: ../../automation/terraform/terraformAWS.rst:88 +#: ../../automation/terraform/terraformAZ.rst:63 +#: ../../automation/terraform/terraformvSphere.rst:62 +msgid "Start" +msgstr "Start" + +#: ../../automation/terraform/terraformAWS.rst:102 +msgid "Start creating an AWS instance and check the result" +msgstr "Start creating an AWS instance and check the result" + #: ../../automation/cloud-init.rst:260 msgid "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." msgstr "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." @@ -591,11 +1042,64 @@ msgstr "Structure of /srv/salt:" msgid "Structure of files" msgstr "Structure of files" +#: ../../automation/vyos-terraform.rst:166 +#: ../../automation/vyos-terraform.rst:624 +msgid "Structure of files Ansible" +msgstr "Structure of files Ansible" + +#: ../../automation/terraform/terraformAWS.rst:463 +msgid "Structure of files Ansible for AWS" +msgstr "Structure of files Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:414 +msgid "Structure of files Ansible for Azure" +msgstr "Structure of files Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:326 +msgid "Structure of files Ansible for vSphere" +msgstr "Structure of files Ansible for vSphere" + +#: ../../automation/vyos-terraform.rst:38 +#: ../../automation/vyos-terraform.rst:302 +#: ../../automation/vyos-terraform.rst:745 +msgid "Structure of files Terrafom" +msgstr "Structure of files Terrafom" + +#: ../../automation/terraform/terraformAWS.rst:285 +msgid "Structure of files Terrafom for AWS" +msgstr "Structure of files Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:83 +msgid "Structure of files Terrafom for Azure" +msgstr "Structure of files Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:84 +msgid "Structure of files Terrafom for vSphere" +msgstr "Structure of files Terrafom for vSphere" + +#: ../../automation/terraform/terraformvyos.rst:15 +msgid "Structure of files in the standard Terraform project:" +msgstr "Structure of files in the standard Terraform project:" + #: ../../automation/cloud-init.rst:107 msgid "System Defaults/Fallbacks" msgstr "System Defaults/Fallbacks" -#: ../../automation/vyos-api.rst:301 +#: ../../automation/terraform/terraformAWS.rst:51 +#: ../../automation/terraform/terraformAZ.rst:23 +#: ../../automation/terraform/terraformvSphere.rst:26 +msgid "Terraform" +msgstr "Terraform" + +#: ../../automation/terraform/terraformAWS.rst:302 +msgid "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" +msgstr "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" + +#: ../../automation/terraform/terraformvyos.rst:6 +msgid "Terraform for VyOS" +msgstr "Terraform for VyOS" + +#: ../../automation/vyos-api.rst:302 msgid "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." msgstr "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." @@ -640,7 +1144,7 @@ msgstr "The default file looks like this:" msgid "The easiest way to configure the system via user-data is the Cloud-config syntax described below." msgstr "The easiest way to configure the system via user-data is the Cloud-config syntax described below." -#: ../../automation/vyos-api.rst:324 +#: ../../automation/vyos-api.rst:325 msgid "The endpoint ``/config-file`` is to save or load a configuration." msgstr "The endpoint ``/config-file`` is to save or load a configuration." @@ -676,7 +1180,7 @@ msgstr "This section needs improvements, examples and explanations." msgid "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." msgstr "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." -#: ../../automation/vyos-api.rst:360 +#: ../../automation/vyos-api.rst:361 msgid "To Load a configuration file." msgstr "To Load a configuration file." @@ -713,9 +1217,16 @@ msgid "To power off the system use the ``poweroff`` endpoint." msgstr "To power off the system use the ``poweroff`` endpoint." #: ../../automation/cloud-init.rst:223 +#: ../../automation/terraform/terraformAWS.rst:264 msgid "Troubleshooting" msgstr "Troubleshooting" +#: ../../automation/terraform/terraformAWS.rst:91 +#: ../../automation/terraform/terraformAZ.rst:66 +#: ../../automation/terraform/terraformvSphere.rst:65 +msgid "Type the commands on your Terrafom instance:" +msgstr "Type the commands on your Terrafom instance:" + #: ../../automation/command-scripting.rst:39 msgid "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." msgstr "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." @@ -728,7 +1239,7 @@ msgstr "User-data" msgid "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." msgstr "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." -#: ../../automation/vyos-pyvyos.rst:35 +#: ../../automation/vyos-pyvyos.rst:43 msgid "Using API Response Class" msgstr "Using API Response Class" @@ -736,6 +1247,10 @@ msgstr "Using API Response Class" msgid "Using PyVyOS" msgstr "Using PyVyOS" +#: ../../automation/vyos-pyvyos.rst:73 +msgid "Using pyvyos" +msgstr "Using pyvyos" + #: ../../automation/cloud-init.rst:373 msgid "VM ID: in this example, VM ID used is 555." msgstr "VM ID: in this example, VM ID used is 555." @@ -748,6 +1263,10 @@ msgstr "VM Resources: these parameters can be modified as needed." msgid "VM Storage: ``local`` volume is used." msgstr "VM Storage: ``local`` volume is used." +#: ../../automation/vyos-terraform.rst:991 +msgid "Vsphere" +msgstr "Vsphere" + #: ../../automation/vyos-api.rst:7 msgid "VyOS API" msgstr "VyOS API" @@ -756,6 +1275,10 @@ msgstr "VyOS API" msgid "VyOS Automation" msgstr "VyOS Automation" +#: ../../automation/terraform/index.rst:3 +msgid "VyOS Terraform" +msgstr "VyOS Terraform" + #: ../../automation/cloud-init.rst:418 msgid "VyOS `cloud-init-docs`_." msgstr "VyOS `cloud-init-docs`_." @@ -784,6 +1307,18 @@ msgstr "VyOS supports configuration via ansible. Need to install ``ansible`` and msgid "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." msgstr "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." +#: ../../automation/vyos-terraform.rst:8 +msgid "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" +msgstr "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" + +#: ../../automation/terraform/terraformvyos.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." + +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." + #: ../../automation/command-scripting.rst:8 msgid "VyOS supports executing configuration and operational commands non-interactively from shell scripts." msgstr "VyOS supports executing configuration and operational commands non-interactively from shell scripts." @@ -816,6 +1351,30 @@ msgstr "Will return:" msgid "With the ``retrieve`` endpoint you get parts or the whole configuration." msgstr "With the ``retrieve`` endpoint you get parts or the whole configuration." +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAWS.rst:40 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/vyos-terraform.rst:300 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." + +#: ../../automation/vyos-terraform.rst:743 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." + #: ../../automation/vyos-salt.rst:12 msgid "Without proxy it requires VyOS minion configuration and support op-mode data:" msgstr "Without proxy it requires VyOS minion configuration and support op-mode data:" @@ -828,11 +1387,15 @@ msgstr "Without proxy it requires VyOS minion configuration and supports op-mode msgid "You can install PyVyOS using pip:" msgstr "You can install PyVyOS using pip:" -#: ../../automation/vyos-api.rst:267 +#: ../../automation/vyos-pyvyos.rst:25 +msgid "You can install pyvyos using pip:" +msgstr "You can install pyvyos using pip:" + +#: ../../automation/vyos-api.rst:268 msgid "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." msgstr "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." -#: ../../automation/vyos-api.rst:286 +#: ../../automation/vyos-api.rst:287 msgid "``delete`` a single command" msgstr "``delete`` a single command" @@ -840,7 +1403,7 @@ msgstr "``delete`` a single command" msgid "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" msgstr "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" -#: ../../automation/vyos-api.rst:270 +#: ../../automation/vyos-api.rst:271 msgid "``set`` a single command" msgstr "``set`` a single command" @@ -856,10 +1419,29 @@ msgstr "``vyos``/``vyos`` credentials if no others specified by data source." msgid "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." msgstr "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." +#: ../../automation/vyos-pyvyos.rst:12 +msgid "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." +msgstr "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." + +#: ../../automation/vyos-pyvyos.rst:15 +msgid "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." +msgstr "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." + +#: ../../automation/vyos-pyvyos.rst:17 +msgid "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." +msgstr "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." + #: ../../automation/vyos-api.rst:188 msgid "add an image" msgstr "add an image" +#: ../../automation/terraform/terraformAWS.rst:560 +msgid "all" +msgstr "all" + +#: ../../automation/terraform/terraformAWS.rst:478 +#: ../../automation/terraform/terraformAZ.rst:428 +#: ../../automation/terraform/terraformvSphere.rst:340 #: ../../automation/vyos-ansible.rst:26 msgid "ansible.cfg" msgstr "ansible.cfg" @@ -880,6 +1462,12 @@ msgstr "commands.txt" msgid "delete an image, for example ``1.3-rolling-202006070117``" msgstr "delete an image, for example ``1.3-rolling-202006070117``" +#: ../../automation/terraform/terraformAWS.rst:528 +#: ../../automation/terraform/terraformAZ.rst:470 +#: ../../automation/terraform/terraformvSphere.rst:381 +msgid "group_vars/all" +msgstr "group_vars/all" + #: ../../automation/vyos-ansible.rst:42 msgid "hosts" msgstr "hosts" @@ -892,18 +1480,78 @@ msgstr "id_rsa_docker.pub. Needs to declare only public key exactly." msgid "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." msgstr "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." +#: ../../automation/terraform/terraformAWS.rst:495 +#: ../../automation/terraform/terraformAZ.rst:438 +#: ../../automation/terraform/terraformvSphere.rst:350 +msgid "instance.yml" +msgstr "instance.yml" + +#: ../../automation/vyos-terraform.rst:313 +#: ../../automation/vyos-terraform.rst:758 +msgid "main.tf" +msgstr "main.tf" + #: ../../automation/vyos-ansible.rst:56 msgid "main.yml" msgstr "main.yml" +#: ../../automation/terraform/terraformAWS.rst:488 +msgid "mykey.pem" +msgstr "mykey.pem" + +#: ../../automation/terraform/terraformAWS.rst:85 +msgid "mykey.pem you have to get using step 1.2" +msgstr "mykey.pem you have to get using step 1.2" + +#: ../../automation/vyos-pyvyos.rst:6 +msgid "pyvyos" +msgstr "pyvyos" + +#: ../../automation/vyos-pyvyos.rst:8 +msgid "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." +msgstr "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." + #: ../../automation/vyos-salt.rst:141 msgid "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" msgstr "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" #: ../../automation/index.rst:7 +#: ../../automation/terraform/index.rst:7 msgid "startup scripts" msgstr "startup scripts" +#: ../../automation/terraform/terraformAWS.rst:452 +#: ../../automation/terraform/terraformAZ.rst:405 +#: ../../automation/terraform/terraformvSphere.rst:307 +msgid "terraform.tfvars" +msgstr "terraform.tfvars" + #: ../../automation/vyos-salt.rst:131 msgid "top.sls" msgstr "top.sls" + +#: ../../automation/terraform/terraformvSphere.rst:20 +msgid "vSphere" +msgstr "vSphere" + +#: ../../automation/terraform/terraformAWS.rst:415 +#: ../../automation/terraform/terraformAZ.rst:298 +#: ../../automation/terraform/terraformvSphere.rst:239 +msgid "var.tf" +msgstr "var.tf" + +#: ../../automation/vyos-terraform.rst:516 +#: ../../automation/vyos-terraform.rst:899 +msgid "variables.tf" +msgstr "variables.tf" + +#: ../../automation/terraform/terraformAWS.rst:439 +#: ../../automation/terraform/terraformvSphere.rst:223 +msgid "versions.tf" +msgstr "versions.tf" + +#: ../../automation/terraform/terraformAWS.rst:300 +#: ../../automation/terraform/terraformAZ.rst:95 +#: ../../automation/terraform/terraformvSphere.rst:98 +msgid "vyos.tf" +msgstr "vyos.tf" diff --git a/docs/_locale/de/cli.pot b/docs/_locale/de/cli.pot index 8f272347..71b339f5 100644 --- a/docs/_locale/de/cli.pot +++ b/docs/_locale/de/cli.pot @@ -228,6 +228,10 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." +#: ../../cli.rst:653 +msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." +msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." + #: ../../cli.rst:784 msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." @@ -321,6 +325,10 @@ msgid "View the current active configuration in readable JSON format." msgstr "View the current active configuration in readable JSON format." #: ../../cli.rst:852 +msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." +msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." + +#: ../../cli.rst:852 msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." @@ -340,6 +348,10 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +#: ../../cli.rst:558 +msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." + #: ../../cli.rst:340 msgid "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." msgstr "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." diff --git a/docs/_locale/de/configexamples.pot b/docs/_locale/de/configexamples.pot index d7dd346f..23ff7ae0 100644 --- a/docs/_locale/de/configexamples.pot +++ b/docs/_locale/de/configexamples.pot @@ -272,7 +272,7 @@ msgstr "A brief excursion into VRFs: This has been one of the longest-standing f msgid "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." msgstr "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." -#: ../../configexamples/index.rst:37 +#: ../../configexamples/index.rst:38 msgid "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." msgstr "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." @@ -656,6 +656,10 @@ msgstr "Cisco VPC Crossconnect - Ports 39 and 40 bonded between each switch" msgid "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." msgstr "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." +#: ../../configexamples/lac-lns.rst:96 +msgid "Client" +msgstr "Client" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:94 msgid "Client configuration" msgstr "Client configuration" @@ -704,7 +708,7 @@ msgstr "Configuration 'dcsp' and shaper using QoS" msgid "Configuration Blueprints" msgstr "Configuration Blueprints" -#: ../../configexamples/index.rst:30 +#: ../../configexamples/index.rst:31 msgid "Configuration Blueprints (autotest)" msgstr "Configuration Blueprints (autotest)" @@ -717,6 +721,7 @@ msgid "Configuration of basic firewall in one site, in order to:" msgstr "Configuration of basic firewall in one site, in order to:" #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:113 +#: ../../configexamples/lac-lns.rst:29 #: ../../configexamples/pppoe-ipv6-basic.rst:26 msgid "Configurations" msgstr "Configurations" @@ -885,7 +890,7 @@ msgstr "Dynamic routing used between CE and PE nodes and eBGP peering establishe msgid "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." msgstr "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." -#: ../../configexamples/index.rst:34 +#: ../../configexamples/index.rst:35 msgid "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." msgstr "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." @@ -1252,6 +1257,14 @@ msgstr "In this example two LAN interfaces exist in different subnets instead of msgid "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." msgstr "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." +#: ../../configexamples/lac-lns.rst:17 +msgid "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." +msgstr "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." + +#: ../../configexamples/lac-lns.rst:98 +msgid "In this lab we use Windows PPPoE client." +msgstr "In this lab we use Windows PPPoE client." + #: ../../configexamples/zone-policy.rst:50 msgid "Inbound WAN connect to DMZ host." msgstr "Inbound WAN connect to DMZ host." @@ -1345,6 +1358,10 @@ msgstr "L3VPN configuration parameters table:" msgid "L3VPN for Hub-and-Spoke connectivity with VyOS" msgstr "L3VPN for Hub-and-Spoke connectivity with VyOS" +#: ../../configexamples/lac-lns.rst:32 +msgid "LAC" +msgstr "LAC" + #: ../../configexamples/zone-policy.rst:392 msgid "LAN, WAN, DMZ, local and TUN (tunnel)" msgstr "LAN, WAN, DMZ, local and TUN (tunnel)" @@ -1389,6 +1406,10 @@ msgstr "LAN and DMZ hosts have basic outbound access: Web, FTP, SSH." msgid "LAN can access DMZ resources." msgstr "LAN can access DMZ resources." +#: ../../configexamples/lac-lns.rst:72 +msgid "LNS" +msgstr "LNS" + #: ../../configexamples/l3vpn-hub-and-spoke.rst:551 msgid "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" msgstr "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" @@ -1433,9 +1454,22 @@ msgid "Masquerade Traffic originating from 10.200.201.0/24 that is heading out t msgstr "Masquerade Traffic originating from 10.200.201.0/24 that is heading out the public interface." #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:254 +#: ../../configexamples/lac-lns.rst:106 msgid "Monitoring" msgstr "Monitoring" +#: ../../configexamples/lac-lns.rst:117 +msgid "Monitoring on LAC side" +msgstr "Monitoring on LAC side" + +#: ../../configexamples/lac-lns.rst:108 +msgid "Monitoring on LNS side" +msgstr "Monitoring on LNS side" + +#: ../../configexamples/lac-lns.rst:140 +msgid "Monitoring on RADIUS Server side" +msgstr "Monitoring on RADIUS Server side" + #: ../../configexamples/autotest/tunnelbroker/tunnelbroker.rst:162 msgid "Multiple LAN/DMZ Setup" msgstr "Multiple LAN/DMZ Setup" @@ -1456,6 +1490,7 @@ msgstr "Native IPv4 and IPv6" msgid "Network Cabling" msgstr "Network Cabling" +#: ../../configexamples/lac-lns.rst:21 #: ../../configexamples/pppoe-ipv6-basic.rst:18 msgid "Network Topology" msgstr "Network Topology" @@ -1463,6 +1498,7 @@ msgstr "Network Topology" #: ../../configexamples/ansible.rst:-1 #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:-1 #: ../../configexamples/l3vpn-hub-and-spoke.rst:-1 +#: ../../configexamples/lac-lns.rst:-1 #: ../../configexamples/nmp.rst:-1 #: ../../configexamples/pppoe-ipv6-basic.rst:-1 #: ../../configexamples/qos.rst:-1 @@ -1655,6 +1691,10 @@ msgstr "PPPoE IPv6 Basic Setup for Home Network" msgid "PPPoE Setup" msgstr "PPPoE Setup" +#: ../../configexamples/lac-lns.rst:7 +msgid "PPPoE over L2TP" +msgstr "PPPoE over L2TP" + #: ../../configexamples/segment-routing-isis.rst:255 msgid "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" msgstr "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" @@ -2046,7 +2086,7 @@ msgstr "The lab I built is using a VRF (called **mgmt**) to provide out-of-band msgid "The lab was built using EVE-NG." msgstr "The lab was built using EVE-NG." -#: ../../configexamples/index.rst:32 +#: ../../configexamples/index.rst:33 msgid "The next pages contains automatic full tested configuration examples." msgstr "The next pages contains automatic full tested configuration examples." @@ -2054,7 +2094,7 @@ msgstr "The next pages contains automatic full tested configuration examples." msgid "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." msgstr "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." -#: ../../configexamples/index.rst:40 +#: ../../configexamples/index.rst:41 msgid "The process will do the following steps:" msgstr "The process will do the following steps:" @@ -2130,6 +2170,10 @@ msgstr "This configuration example and the requirments consists on:" msgid "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." msgstr "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." +#: ../../configexamples/lac-lns.rst:9 +msgid "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." +msgstr "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." + #: ../../configexamples/pppoe-ipv6-basic.rst:9 msgid "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." msgstr "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." @@ -2210,6 +2254,10 @@ msgstr "This section describes verification commands for MPLS/BGP/LDP protocols msgid "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." msgstr "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." +#: ../../configexamples/lac-lns.rst:91 +msgid "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." +msgstr "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." + #: ../../configexamples/autotest/Wireguard/Wireguard.rst:10 msgid "This simple structure show how to connect two offices. One remote branch and the central office." msgstr "This simple structure show how to connect two offices. One remote branch and the central office." @@ -2580,6 +2628,10 @@ msgstr "When you have both routers up, you should be able to establish a connect msgid "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" msgstr "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" +#: ../../configexamples/lac-lns.rst:-1 +msgid "Window PPPoE Client Configuration" +msgstr "Window PPPoE Client Configuration" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:13 msgid "Windows Server 2019 with a running Active Directory" msgstr "Windows Server 2019 with a running Active Directory" @@ -2713,15 +2765,15 @@ msgstr "compute3 - Port 11 of each switch" msgid "compute3 (VMware ESXi 6.5)" msgstr "compute3 (VMware ESXi 6.5)" -#: ../../configexamples/index.rst:43 +#: ../../configexamples/index.rst:44 msgid "configure each host in the lab" msgstr "configure each host in the lab" -#: ../../configexamples/index.rst:42 +#: ../../configexamples/index.rst:43 msgid "create the lab on a eve-ng server" msgstr "create the lab on a eve-ng server" -#: ../../configexamples/index.rst:44 +#: ../../configexamples/index.rst:45 msgid "do some defined tests" msgstr "do some defined tests" @@ -2742,7 +2794,7 @@ msgstr "extended community and remote label of specific destination" msgid "first the PCA" msgstr "first the PCA" -#: ../../configexamples/index.rst:46 +#: ../../configexamples/index.rst:47 msgid "generate the documentation and include files" msgstr "generate the documentation and include files" @@ -2754,7 +2806,7 @@ msgstr "green uses local routing table id and VNI 4000" msgid "information between PE and CE:" msgstr "information between PE and CE:" -#: ../../configexamples/index.rst:45 +#: ../../configexamples/index.rst:46 msgid "optional do an upgrade to a higher version and do step 3 again." msgstr "optional do an upgrade to a higher version and do step 3 again." @@ -2770,7 +2822,7 @@ msgstr "router2 (Random 1RU machine with 4 NICs)" msgid "save the output to a file and import it in nearly all openvpn clients." msgstr "save the output to a file and import it in nearly all openvpn clients." -#: ../../configexamples/index.rst:47 +#: ../../configexamples/index.rst:48 msgid "shutdown and destroy the lab, if there is no error" msgstr "shutdown and destroy the lab, if there is no error" diff --git a/docs/_locale/de/configuration.pot b/docs/_locale/de/configuration.pot index cc30affb..9f8c570d 100644 --- a/docs/_locale/de/configuration.pot +++ b/docs/_locale/de/configuration.pot @@ -168,9 +168,9 @@ msgstr "**Documentation under development**" msgid "**Ethernet (protocol, destination address or source address)**" msgstr "**Ethernet (protocol, destination address or source address)**" -#: ../../configuration/service/dhcp-server.rst:200 -#: ../../configuration/service/dhcp-server.rst:587 -#: ../../configuration/service/dhcp-server.rst:626 +#: ../../configuration/service/dhcp-server.rst:206 +#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:634 msgid "**Example:**" msgstr "**Example:**" @@ -269,11 +269,11 @@ msgstr "**Input**: stage where traffic destined for the router itself can be fil msgid "**Interface name**" msgstr "**Interface name**" -#: ../../configuration/vpn/site2site_ipsec.rst:303 +#: ../../configuration/vpn/site2site_ipsec.rst:306 msgid "**LEFT**" msgstr "**LEFT**" -#: ../../configuration/vpn/site2site_ipsec.rst:287 +#: ../../configuration/vpn/site2site_ipsec.rst:290 msgid "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" msgstr "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" @@ -309,11 +309,11 @@ msgstr "**MED check**" msgid "**Multi-path check**" msgstr "**Multi-path check**" -#: ../../configuration/protocols/bgp.rst:1193 +#: ../../configuration/protocols/bgp.rst:1215 msgid "**Node1:**" msgstr "**Node1:**" -#: ../../configuration/protocols/bgp.rst:1221 +#: ../../configuration/protocols/bgp.rst:1243 msgid "**Node2:**" msgstr "**Node2:**" @@ -326,10 +326,10 @@ msgid "**Node 1**" msgstr "**Node 1**" #: ../../configuration/protocols/babel.rst:192 -#: ../../configuration/protocols/bgp.rst:1103 -#: ../../configuration/protocols/bgp.rst:1130 -#: ../../configuration/protocols/bgp.rst:1148 -#: ../../configuration/protocols/bgp.rst:1176 +#: ../../configuration/protocols/bgp.rst:1125 +#: ../../configuration/protocols/bgp.rst:1152 +#: ../../configuration/protocols/bgp.rst:1170 +#: ../../configuration/protocols/bgp.rst:1198 #: ../../configuration/protocols/isis.rst:341 #: ../../configuration/protocols/isis.rst:416 #: ../../configuration/protocols/isis.rst:457 @@ -350,10 +350,10 @@ msgid "**Node 2**" msgstr "**Node 2**" #: ../../configuration/protocols/babel.rst:202 -#: ../../configuration/protocols/bgp.rst:1114 #: ../../configuration/protocols/bgp.rst:1136 -#: ../../configuration/protocols/bgp.rst:1160 +#: ../../configuration/protocols/bgp.rst:1158 #: ../../configuration/protocols/bgp.rst:1182 +#: ../../configuration/protocols/bgp.rst:1204 #: ../../configuration/protocols/isis.rst:352 #: ../../configuration/protocols/isis.rst:432 #: ../../configuration/protocols/isis.rst:511 @@ -384,6 +384,10 @@ msgid "**Output**: stage where traffic that is originated by the router itself c msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" #: ../../configuration/firewall/index.rst:65 +msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" +msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" + +#: ../../configuration/firewall/index.rst:65 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" @@ -411,7 +415,7 @@ msgstr "**Prerouting**: several actions can be done in this stage, and currently msgid "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" msgstr "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" -#: ../../configuration/service/dhcp-server.rst:391 +#: ../../configuration/service/dhcp-server.rst:397 msgid "**Primary**" msgstr "**Primary**" @@ -481,11 +485,11 @@ msgstr "**RADIUS based IP pools (Framed-IP-Address)**" msgid "**RADIUS sessions management DM/CoA**" msgstr "**RADIUS sessions management DM/CoA**" -#: ../../configuration/vpn/site2site_ipsec.rst:343 +#: ../../configuration/vpn/site2site_ipsec.rst:346 msgid "**RIGHT**" msgstr "**RIGHT**" -#: ../../configuration/vpn/site2site_ipsec.rst:293 +#: ../../configuration/vpn/site2site_ipsec.rst:296 msgid "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" msgstr "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" @@ -521,15 +525,15 @@ msgstr "**SW1**" msgid "**SW2**" msgstr "**SW2**" -#: ../../configuration/service/dhcp-server.rst:400 +#: ../../configuration/service/dhcp-server.rst:406 msgid "**Secondary**" msgstr "**Secondary**" -#: ../../configuration/vpn/ipsec.rst:261 +#: ../../configuration/vpn/ipsec.rst:265 msgid "**Setting up IPSec**" msgstr "**Setting up IPSec**" -#: ../../configuration/vpn/ipsec.rst:237 +#: ../../configuration/vpn/ipsec.rst:241 msgid "**Setting up the GRE tunnel**" msgstr "**Setting up the GRE tunnel**" @@ -575,11 +579,25 @@ msgstr "**address** can be specified multiple times, e.g. 192.168.100.1 and/or 1 msgid "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" msgstr "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" +#: ../../configuration/service/pppoe-server.rst:474 +#: ../../configuration/vpn/l2tp.rst:428 +#: ../../configuration/vpn/pptp.rst:352 +#: ../../configuration/vpn/sstp.rst:386 +msgid "**allow** - Negotiate IPv4 only if client requests (Default value)" +msgstr "**allow** - Negotiate IPv4 only if client requests (Default value)" + +#: ../../configuration/service/pppoe-server.rst:349 +#: ../../configuration/vpn/l2tp.rst:293 +#: ../../configuration/vpn/pptp.rst:217 +#: ../../configuration/vpn/sstp.rst:251 +msgid "**allow** - Negotiate IPv6 only if client requests" +msgstr "**allow** - Negotiate IPv6 only if client requests" + #: ../../configuration/container/index.rst:38 msgid "**allow-host-networks** cannot be used with **network**" msgstr "**allow-host-networks** cannot be used with **network**" -#: ../../configuration/container/index.rst:102 +#: ../../configuration/container/index.rst:107 msgid "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" msgstr "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" @@ -595,6 +613,10 @@ msgstr "**application**: analyzes received flow data in the context of intrusion msgid "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." msgstr "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." +#: ../../configuration/service/ids.rst:90 +msgid "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." +msgstr "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." + #: ../../configuration/protocols/ospf.rst:435 msgid "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." @@ -603,6 +625,13 @@ msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** msgid "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." +#: ../../configuration/service/pppoe-server.rst:401 +#: ../../configuration/vpn/l2tp.rst:345 +#: ../../configuration/vpn/pptp.rst:269 +#: ../../configuration/vpn/sstp.rst:303 +msgid "**calling-sid** - Calculate interface identifier from calling-station-id." +msgstr "**calling-sid** - Calculate interface identifier from calling-station-id." + #: ../../configuration/protocols/ospf.rst:121 msgid "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." msgstr "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." @@ -619,7 +648,28 @@ msgstr "**default** – this area will be used for shortcutting only if ABR doe msgid "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." msgstr "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." -#: ../../configuration/vpn/sstp.rst:199 +#: ../../configuration/service/pppoe-server.rst:566 +msgid "**deny**: Deny second session authorization." +msgstr "**deny**: Deny second session authorization." + +#: ../../configuration/service/pppoe-server.rst:475 +#: ../../configuration/vpn/l2tp.rst:429 +#: ../../configuration/vpn/pptp.rst:353 +#: ../../configuration/vpn/sstp.rst:387 +msgid "**deny** - Do not negotiate IPv4" +msgstr "**deny** - Do not negotiate IPv4" + +#: ../../configuration/service/pppoe-server.rst:350 +#: ../../configuration/vpn/l2tp.rst:294 +#: ../../configuration/vpn/pptp.rst:218 +#: ../../configuration/vpn/sstp.rst:252 +msgid "**deny** - Do not negotiate IPv6 (default value)" +msgstr "**deny** - Do not negotiate IPv6 (default value)" + +#: ../../configuration/service/pppoe-server.rst:507 +#: ../../configuration/vpn/l2tp.rst:461 +#: ../../configuration/vpn/pptp.rst:385 +#: ../../configuration/vpn/sstp.rst:419 msgid "**deny** - deny mppe" msgstr "**deny** - deny mppe" @@ -635,6 +685,10 @@ msgstr "**dhcp** interface address is received by DHCP from a DHCP server on thi msgid "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." msgstr "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." +#: ../../configuration/service/pppoe-server.rst:565 +msgid "**disable**: Disables session control." +msgstr "**disable**: Disables session control." + #: ../../configuration/service/dhcp-relay.rst:75 msgid "**discard:** Received packets which already contain relay information will be discarded." msgstr "**discard:** Received packets which already contain relay information will be discarded." @@ -667,6 +721,17 @@ msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It co msgid "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." +#: ../../configuration/service/pppoe-server.rst:400 +#: ../../configuration/vpn/l2tp.rst:344 +#: ../../configuration/vpn/pptp.rst:268 +#: ../../configuration/vpn/sstp.rst:302 +msgid "**ipv4-addr** - Calculate interface identifier from IPv4 address." +msgstr "**ipv4-addr** - Calculate interface identifier from IPv4 address." + +#: ../../configuration/service/ipoe-server.rst:91 +msgid "**l2**: It means that clients are on same network where interface is.**(default)**" +msgstr "**l2**: It means that clients are on same network where interface is.**(default)**" + #: ../../configuration/interfaces/bonding.rst:161 msgid "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" msgstr "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" @@ -707,10 +772,18 @@ msgstr "**level-2-only** - Act as an area (Level 2) router only." msgid "**level-2-only** - Level-2 only adjacencies are formed" msgstr "**level-2-only** - Level-2 only adjacencies are formed" -#: ../../configuration/vpn/sstp.rst:105 +#: ../../configuration/service/ipoe-server.rst:65 +#: ../../configuration/service/pppoe-server.rst:43 +#: ../../configuration/vpn/l2tp.rst:31 +#: ../../configuration/vpn/pptp.rst:32 +#: ../../configuration/vpn/sstp.rst:58 msgid "**local**: All authentication queries are handled locally." msgstr "**local**: All authentication queries are handled locally." +#: ../../configuration/service/ipoe-server.rst:93 +msgid "**local**: It means that client are behind some router." +msgstr "**local**: It means that client are behind some router." + #: ../../configuration/interfaces/wireguard.rst:140 msgid "**local side - commands**" msgstr "**local side - commands**" @@ -723,27 +796,36 @@ msgstr "**log-fail** In this mode, the recursor will attempt to validate all dat msgid "**narrow** - Use old style of TLVs with narrow metric." msgstr "**narrow** - Use old style of TLVs with narrow metric." -#: ../../configuration/container/index.rst:119 +#: ../../configuration/container/index.rst:124 msgid "**net-admin**: Network operations (interface, firewall, routing tables)" msgstr "**net-admin**: Network operations (interface, firewall, routing tables)" -#: ../../configuration/container/index.rst:120 +#: ../../configuration/container/index.rst:125 msgid "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" msgstr "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" -#: ../../configuration/container/index.rst:121 +#: ../../configuration/container/index.rst:126 msgid "**net-raw**: Permission to create raw network sockets" msgstr "**net-raw**: Permission to create raw network sockets" -#: ../../configuration/container/index.rst:100 +#: ../../configuration/container/index.rst:105 msgid "**no**: Do not restart containers on exit" msgstr "**no**: Do not restart containers on exit" +#: ../../configuration/service/ipoe-server.rst:66 +msgid "**noauth**: Authentication disabled" +msgstr "**noauth**: Authentication disabled" + +#: ../../configuration/service/pppoe-server.rst:44 +#: ../../configuration/vpn/pptp.rst:33 +msgid "**noauth**: Authentication disabled." +msgstr "**noauth**: Authentication disabled." + #: ../../configuration/service/dns.rst:66 msgid "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." msgstr "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." -#: ../../configuration/container/index.rst:101 +#: ../../configuration/container/index.rst:106 msgid "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" msgstr "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" @@ -755,10 +837,31 @@ msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It config msgid "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." -#: ../../configuration/vpn/sstp.rst:198 +#: ../../configuration/service/pppoe-server.rst:473 +#: ../../configuration/vpn/l2tp.rst:427 +#: ../../configuration/vpn/pptp.rst:351 +#: ../../configuration/vpn/sstp.rst:385 +msgid "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" + +#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/vpn/l2tp.rst:292 +#: ../../configuration/vpn/pptp.rst:216 +#: ../../configuration/vpn/sstp.rst:250 +msgid "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" + +#: ../../configuration/vpn/sstp.rst:204 msgid "**prefer** - ask client for mppe, if it rejects don't fail" msgstr "**prefer** - ask client for mppe, if it rejects don't fail" +#: ../../configuration/service/pppoe-server.rst:506 +#: ../../configuration/vpn/l2tp.rst:460 +#: ../../configuration/vpn/pptp.rst:384 +#: ../../configuration/vpn/sstp.rst:418 +msgid "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" +msgstr "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" + #: ../../configuration/service/dns.rst:77 msgid "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." msgstr "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." @@ -771,19 +874,55 @@ msgstr "**process-no-validate** In this mode the recursor acts as a \"security a msgid "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." msgstr "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." -#: ../../configuration/vpn/sstp.rst:103 +#: ../../configuration/service/ipoe-server.rst:63 +#: ../../configuration/service/pppoe-server.rst:41 +#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/vpn/pptp.rst:30 +#: ../../configuration/vpn/sstp.rst:56 msgid "**radius**: All authentication queries are handled by a configured RADIUS server." msgstr "**radius**: All authentication queries are handled by a configured RADIUS server." +#: ../../configuration/service/pppoe-server.rst:391 +#: ../../configuration/service/pppoe-server.rst:398 +#: ../../configuration/vpn/l2tp.rst:335 +#: ../../configuration/vpn/l2tp.rst:342 +#: ../../configuration/vpn/pptp.rst:259 +#: ../../configuration/vpn/pptp.rst:266 +#: ../../configuration/vpn/sstp.rst:293 +#: ../../configuration/vpn/sstp.rst:300 +msgid "**random** - Random interface identifier for IPv6" +msgstr "**random** - Random interface identifier for IPv6" + #: ../../configuration/interfaces/wireguard.rst:190 msgid "**remote side - commands**" msgstr "**remote side - commands**" +#: ../../configuration/service/pppoe-server.rst:567 +msgid "**replace**: Terminate first session when second is authorized **(default)**" +msgstr "**replace**: Terminate first session when second is authorized **(default)**" + #: ../../configuration/service/dhcp-relay.rst:81 msgid "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." msgstr "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." -#: ../../configuration/vpn/sstp.rst:197 +#: ../../configuration/service/pppoe-server.rst:472 +#: ../../configuration/vpn/l2tp.rst:426 +#: ../../configuration/vpn/pptp.rst:350 +#: ../../configuration/vpn/sstp.rst:384 +msgid "**require** - Require IPv4 negotiation" +msgstr "**require** - Require IPv4 negotiation" + +#: ../../configuration/service/pppoe-server.rst:347 +#: ../../configuration/vpn/l2tp.rst:291 +#: ../../configuration/vpn/pptp.rst:215 +#: ../../configuration/vpn/sstp.rst:249 +msgid "**require** - Require IPv6 negotiation" +msgstr "**require** - Require IPv6 negotiation" + +#: ../../configuration/service/pppoe-server.rst:505 +#: ../../configuration/vpn/l2tp.rst:459 +#: ../../configuration/vpn/pptp.rst:383 +#: ../../configuration/vpn/sstp.rst:417 msgid "**require** - ask client for mppe, if it rejects drop connection" msgstr "**require** - ask client for mppe, if it rejects drop connection" @@ -791,19 +930,23 @@ msgstr "**require** - ask client for mppe, if it rejects drop connection" msgid "**right**" msgstr "**right**" -#: ../../configuration/container/index.rst:122 +#: ../../configuration/container/index.rst:127 msgid "**setpcap**: Capability sets (from bounded or inherited set)" msgstr "**setpcap**: Capability sets (from bounded or inherited set)" +#: ../../configuration/service/ipoe-server.rst:99 +msgid "**shared**: Multiple clients share the same network. **(default)**" +msgstr "**shared**: Multiple clients share the same network. **(default)**" + #: ../../configuration/nat/nat44.rst:195 msgid "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." msgstr "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." -#: ../../configuration/container/index.rst:123 +#: ../../configuration/container/index.rst:128 msgid "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" msgstr "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" -#: ../../configuration/container/index.rst:124 +#: ../../configuration/container/index.rst:129 msgid "**sys-time**: Permission to set system clock" msgstr "**sys-time**: Permission to set system clock" @@ -819,10 +962,25 @@ msgstr "**upstream:** The upstream network interface is the outgoing interface w msgid "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." msgstr "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." +#: ../../configuration/service/ipoe-server.rst:100 +msgid "**vlan**: One VLAN per client." +msgstr "**vlan**: One VLAN per client." + #: ../../configuration/protocols/isis.rst:102 msgid "**wide** - Use new style of TLVs to carry wider metric." msgstr "**wide** - Use new style of TLVs to carry wider metric." +#: ../../configuration/service/pppoe-server.rst:392 +#: ../../configuration/service/pppoe-server.rst:399 +#: ../../configuration/vpn/l2tp.rst:336 +#: ../../configuration/vpn/l2tp.rst:343 +#: ../../configuration/vpn/pptp.rst:260 +#: ../../configuration/vpn/pptp.rst:267 +#: ../../configuration/vpn/sstp.rst:294 +#: ../../configuration/vpn/sstp.rst:301 +msgid "**x:x:x:x** - Specify interface identifier for IPv6" +msgstr "**x:x:x:x** - Specify interface identifier for IPv6" + #: ../../configuration/protocols/bgp.rst:143 msgid "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." msgstr "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." @@ -887,7 +1045,7 @@ msgstr "0 if not defined, which means no refreshing." msgid "0 if not defined." msgstr "0 if not defined." -#: ../../configuration/service/dhcp-server.rst:237 +#: ../../configuration/service/dhcp-server.rst:243 #: ../../configuration/system/syslog.rst:114 #: ../../configuration/system/syslog.rst:173 #: ../../configuration/trafficpolicy/index.rst:801 @@ -950,7 +1108,7 @@ msgstr "10 - 10 MBit/s" msgid "11" msgstr "11" -#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:325 msgid "119" msgstr "119" @@ -960,11 +1118,11 @@ msgstr "119" msgid "12" msgstr "12" -#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:330 msgid "121, 249" msgstr "121, 249" -#: ../../configuration/service/dhcp-server.rst:304 +#: ../../configuration/service/dhcp-server.rst:310 #: ../../configuration/system/syslog.rst:138 #: ../../configuration/trafficpolicy/index.rst:870 msgid "13" @@ -976,7 +1134,7 @@ msgstr "13" msgid "14" msgstr "14" -#: ../../configuration/service/dhcp-server.rst:264 +#: ../../configuration/service/dhcp-server.rst:270 #: ../../configuration/system/syslog.rst:142 #: ../../configuration/trafficpolicy/index.rst:866 msgid "15" @@ -1000,7 +1158,7 @@ msgstr "172.16.0.0 to 172.31.255.255 (CIDR: 172.16.0.0/12)" msgid "18" msgstr "18" -#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:275 #: ../../configuration/system/syslog.rst:150 msgid "19" msgstr "19" @@ -1025,7 +1183,7 @@ msgstr "1: Enable DAD (default)" msgid "1 if not defined." msgstr "1 if not defined." -#: ../../configuration/service/dhcp-server.rst:243 +#: ../../configuration/service/dhcp-server.rst:249 #: ../../configuration/system/syslog.rst:116 #: ../../configuration/system/syslog.rst:178 #: ../../configuration/trafficpolicy/index.rst:799 @@ -1059,7 +1217,7 @@ msgstr "25000 - 25 GBit/s" msgid "2500 - 2.5 GBit/s" msgstr "2500 - 2.5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:329 +#: ../../configuration/service/dhcp-server.rst:335 msgid "252" msgstr "252" @@ -1087,7 +1245,7 @@ msgstr "2. Since this is the first packet, connection status of this connection, msgid "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." msgstr "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." -#: ../../configuration/service/dhcp-server.rst:249 +#: ../../configuration/service/dhcp-server.rst:255 #: ../../configuration/system/syslog.rst:118 #: ../../configuration/system/syslog.rst:181 #: ../../configuration/trafficpolicy/index.rst:797 @@ -1115,7 +1273,7 @@ msgstr "38" msgid "3. Add a full path to the script" msgstr "3. Add a full path to the script" -#: ../../configuration/service/dhcp-server.rst:254 +#: ../../configuration/service/dhcp-server.rst:260 #: ../../configuration/system/syslog.rst:120 #: ../../configuration/system/syslog.rst:183 #: ../../configuration/trafficpolicy/index.rst:795 @@ -1131,11 +1289,11 @@ msgstr "40000 - 40 GBit/s" msgid "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." msgstr "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." -#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:280 msgid "42" msgstr "42" -#: ../../configuration/service/dhcp-server.rst:279 +#: ../../configuration/service/dhcp-server.rst:285 msgid "44" msgstr "44" @@ -1166,7 +1324,7 @@ msgstr "50000 - 50 GBit/s" msgid "5000 - 5 GBit/s" msgstr "5000 - 5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:284 +#: ../../configuration/service/dhcp-server.rst:290 msgid "54" msgstr "54" @@ -1179,7 +1337,7 @@ msgstr "5. Second packet for this connection is received by the router. Since co msgid "5 if not defined." msgstr "5 if not defined." -#: ../../configuration/service/dhcp-server.rst:259 +#: ../../configuration/service/dhcp-server.rst:265 #: ../../configuration/system/syslog.rst:124 #: ../../configuration/system/syslog.rst:189 #: ../../configuration/trafficpolicy/index.rst:791 @@ -1187,7 +1345,7 @@ msgstr "5 if not defined." msgid "6" msgstr "6" -#: ../../configuration/service/dhcp-server.rst:294 +#: ../../configuration/service/dhcp-server.rst:300 msgid "66" msgstr "66" @@ -1195,11 +1353,11 @@ msgstr "66" msgid "66% of traffic is routed to eth0, eth1 gets 33% of traffic." msgstr "66% of traffic is routed to eth0, eth1 gets 33% of traffic." -#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:305 msgid "67" msgstr "67" -#: ../../configuration/service/dhcp-server.rst:309 +#: ../../configuration/service/dhcp-server.rst:315 msgid "69" msgstr "69" @@ -1222,7 +1380,7 @@ msgstr "6in4 uses tunneling to encapsulate IPv6 traffic over IPv4 links as defin msgid "7" msgstr "7" -#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:320 msgid "70" msgstr "70" @@ -1299,11 +1457,11 @@ msgstr "<x.x.x.x>-<x.x.x.x>: IP range to match." msgid "<x.x.x.x>: IP address to match." msgstr "<x.x.x.x>: IP address to match." -#: ../../configuration/pki/index.rst:252 +#: ../../configuration/pki/index.rst:283 msgid "ACME" msgstr "ACME" -#: ../../configuration/pki/index.rst:281 +#: ../../configuration/pki/index.rst:312 msgid "ACME Directory Resource URI." msgstr "ACME Directory Resource URI." @@ -1311,7 +1469,7 @@ msgstr "ACME Directory Resource URI." msgid "API" msgstr "API" -#: ../../configuration/protocols/static.rst:150 +#: ../../configuration/protocols/static.rst:183 msgid "ARP" msgstr "ARP" @@ -1335,7 +1493,7 @@ msgstr "A *bit* is written as **bit**," msgid "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." msgstr "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." -#: ../../configuration/protocols/bgp.rst:929 +#: ../../configuration/protocols/bgp.rst:951 msgid "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" msgstr "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" @@ -1351,7 +1509,7 @@ msgstr "A GRE tunnel operates at layer 3 of the OSI model and is represented by msgid "A Rule-Set can be applied to every interface:" msgstr "A Rule-Set can be applied to every interface:" -#: ../../configuration/service/dhcp-server.rst:561 +#: ../../configuration/service/dhcp-server.rst:567 msgid "A SNTP server address can be specified for DHCPv6 clients." msgstr "A SNTP server address can be specified for DHCPv6 clients." @@ -1363,11 +1521,11 @@ msgstr "A VRF device is created with an associated route table. Network interfac msgid "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." msgstr "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." -#: ../../configuration/service/dns.rst:162 +#: ../../configuration/service/dns.rst:149 msgid "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." msgstr "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." -#: ../../configuration/service/dhcp-server.rst:533 +#: ../../configuration/service/dhcp-server.rst:539 msgid "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." msgstr "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." @@ -1384,6 +1542,10 @@ msgstr "A basic introduction to zone-based firewalls can be found `here <https:/ msgid "A bridge named `br100`" msgstr "A bridge named `br100`" +#: ../../configuration/container/index.rst:144 +msgid "A brief description what this network is all about." +msgstr "A brief description what this network is all about." + #: ../../configuration/trafficpolicy/index.rst:147 msgid "A class can have multiple match filters:" msgstr "A class can have multiple match filters:" @@ -1396,7 +1558,11 @@ msgstr "A common example is the case of some policies which, in order to be effe msgid "A complete LDAP auth OpenVPN configuration could look like the following example:" msgstr "A complete LDAP auth OpenVPN configuration could look like the following example:" -#: ../../configuration/vpn/sstp.rst:335 +#: ../../configuration/service/ids.rst:84 +msgid "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" +msgstr "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" + +#: ../../configuration/vpn/sstp.rst:508 msgid "A connection attempt will be shown as:" msgstr "A connection attempt will be shown as:" @@ -1420,7 +1586,7 @@ msgstr "A domain name is the label (name) assigned to a computer network and is msgid "A dummy interface for the provider-assigned IP;" msgstr "A dummy interface for the provider-assigned IP;" -#: ../../configuration/highavailability/index.rst:426 +#: ../../configuration/highavailability/index.rst:436 msgid "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." msgstr "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." @@ -1436,11 +1602,11 @@ msgstr "A generic `<name>` referencing this sync service." msgid "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." msgstr "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." -#: ../../configuration/pki/index.rst:189 +#: ../../configuration/pki/index.rst:191 msgid "A human readable description what this CA is about." msgstr "A human readable description what this CA is about." -#: ../../configuration/pki/index.rst:228 +#: ../../configuration/pki/index.rst:230 msgid "A human readable description what this certificate is about." msgstr "A human readable description what this certificate is about." @@ -1456,7 +1622,7 @@ msgstr "A managed device is a network node that implements an SNMP interface tha msgid "A match filter can contain multiple criteria and will match traffic if all those criteria are true." msgstr "A match filter can contain multiple criteria and will match traffic if all those criteria are true." -#: ../../configuration/protocols/bfd.rst:138 +#: ../../configuration/protocols/bfd.rst:145 msgid "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." msgstr "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." @@ -1476,7 +1642,7 @@ msgstr "A packet rate limit can be set for a rule to apply the rule to traffic a msgid "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." msgstr "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." -#: ../../configuration/protocols/bgp.rst:698 +#: ../../configuration/protocols/bgp.rst:720 msgid "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." msgstr "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." @@ -1488,7 +1654,7 @@ msgstr "A physical interface is required to connect this MACsec instance to. Tra msgid "A pool of addresses can be defined by using a hyphen between two IP addresses:" msgstr "A pool of addresses can be defined by using a hyphen between two IP addresses:" -#: ../../configuration/firewall/ipv4.rst:485 +#: ../../configuration/firewall/ipv4.rst:508 #: ../../configuration/firewall/ipv6.rst:491 msgid "A port can be set with a port number or a name which is here defined: ``/etc/services``." msgstr "A port can be set with a port number or a name which is here defined: ``/etc/services``." @@ -1526,11 +1692,11 @@ msgstr "A segment ID that contains an IP address prefix calculated by an IGP in msgid "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." msgstr "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." -#: ../../configuration/service/dhcp-server.rst:589 +#: ../../configuration/service/dhcp-server.rst:595 msgid "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" msgstr "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" -#: ../../configuration/protocols/bgp.rst:1146 +#: ../../configuration/protocols/bgp.rst:1168 msgid "A simple BGP configuration via IPv6." msgstr "A simple BGP configuration via IPv6." @@ -1538,7 +1704,7 @@ msgstr "A simple BGP configuration via IPv6." msgid "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." msgstr "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." -#: ../../configuration/protocols/bgp.rst:1101 +#: ../../configuration/protocols/bgp.rst:1123 msgid "A simple eBGP configuration:" msgstr "A simple eBGP configuration:" @@ -1602,7 +1768,7 @@ msgstr "A very small buffer will soon start dropping packets." msgid "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." msgstr "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." -#: ../../configuration/service/dns.rst:397 +#: ../../configuration/service/dns.rst:411 msgid "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." msgstr "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." @@ -1622,6 +1788,21 @@ msgstr "Accept SSH connections for the given `<device>` on TCP port `<port>`. Af msgid "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." msgstr "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." +#: ../../configuration/service/pppoe-server.rst:384 +#: ../../configuration/vpn/l2tp.rst:328 +#: ../../configuration/vpn/pptp.rst:252 +#: ../../configuration/vpn/sstp.rst:286 +msgid "Accept peer interface identifier. By default is not defined." +msgstr "Accept peer interface identifier. By default is not defined." + +#: ../../configuration/service/ipoe-server.rst:364 +#: ../../configuration/service/pppoe-server.rst:530 +#: ../../configuration/vpn/l2tp.rst:484 +#: ../../configuration/vpn/pptp.rst:408 +#: ../../configuration/vpn/sstp.rst:442 +msgid "Acceptable rate of connections (e.g. 1/min, 60/sec)" +msgstr "Acceptable rate of connections (e.g. 1/min, 60/sec)" + #: ../../configuration/policy/access-list.rst:3 msgid "Access List Policy" msgstr "Access List Policy" @@ -1665,7 +1846,7 @@ msgstr "Add Power Constraint element to Beacon and Probe Response frames." msgid "Add a forwarding rule matching UDP port on your internet router." msgstr "Add a forwarding rule matching UDP port on your internet router." -#: ../../configuration/container/index.rst:113 +#: ../../configuration/container/index.rst:118 msgid "Add a host device to the container." msgstr "Add a host device to the container." @@ -1693,11 +1874,11 @@ msgstr "Add new port to SSL-ports acl. Ports included by default in SSL-ports ac msgid "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" msgstr "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" -#: ../../configuration/policy/route-map.rst:221 +#: ../../configuration/policy/route-map.rst:224 msgid "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" msgstr "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" -#: ../../configuration/policy/route-map.rst:236 +#: ../../configuration/policy/route-map.rst:239 msgid "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" @@ -1705,11 +1886,11 @@ msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0 msgid "Add policy route matching VLAN source addresses" msgstr "Add policy route matching VLAN source addresses" -#: ../../configuration/pki/index.rst:217 +#: ../../configuration/pki/index.rst:219 msgid "Add public key portion for the certificate named `name` to the VyOS CLI." msgstr "Add public key portion for the certificate named `name` to the VyOS CLI." -#: ../../configuration/pki/index.rst:193 +#: ../../configuration/pki/index.rst:195 msgid "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." msgstr "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." @@ -1717,11 +1898,11 @@ msgstr "Add the CAs private key to the VyOS CLI. This should never leave the sys msgid "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." msgstr "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." -#: ../../configuration/pki/index.rst:232 +#: ../../configuration/pki/index.rst:234 msgid "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." msgstr "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." -#: ../../configuration/pki/index.rst:174 +#: ../../configuration/pki/index.rst:176 msgid "Add the public CA certificate for the CA named `name` to the VyOS CLI." msgstr "Add the public CA certificate for the CA named `name` to the VyOS CLI." @@ -1765,11 +1946,11 @@ msgstr "Address Families" msgid "Address Groups" msgstr "Address Groups" -#: ../../configuration/service/dhcp-server.rst:592 +#: ../../configuration/service/dhcp-server.rst:598 msgid "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." msgstr "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." -#: ../../configuration/service/dhcp-server.rst:582 +#: ../../configuration/service/dhcp-server.rst:588 msgid "Address pools" msgstr "Address pools" @@ -1777,14 +1958,30 @@ msgstr "Address pools" msgid "Address to listen for HTTPS requests" msgstr "Address to listen for HTTPS requests" -#: ../../configuration/container/index.rst:136 +#: ../../configuration/container/index.rst:160 +msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." +msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." + +#: ../../configuration/container/index.rst:141 msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." -#: ../../configuration/protocols/bgp.rst:647 +#: ../../configuration/protocols/bgp.rst:669 msgid "Administrative Distance" msgstr "Administrative Distance" +#: ../../configuration/service/ipoe-server.rst:335 +msgid "Advanced Interface Options" +msgstr "Advanced Interface Options" + +#: ../../configuration/service/ipoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:425 +#: ../../configuration/vpn/l2tp.rst:369 +#: ../../configuration/vpn/pptp.rst:293 +#: ../../configuration/vpn/sstp.rst:327 +msgid "Advanced Options" +msgstr "Advanced Options" + #: ../../configuration/nat/nat44.rst:301 msgid "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." msgstr "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." @@ -1797,7 +1994,11 @@ msgstr "Advantages of OpenVPN are:" msgid "Advertise DNS server per https://tools.ietf.org/html/rfc6106" msgstr "Advertise DNS server per https://tools.ietf.org/html/rfc6106" -#: ../../configuration/service/router-advert.rst:53 +#: ../../configuration/service/router-advert.rst:78 +msgid "Advertising a NAT64 Prefix" +msgstr "Advertising a NAT64 Prefix" + +#: ../../configuration/service/router-advert.rst:54 msgid "Advertising a Prefix" msgstr "Advertising a Prefix" @@ -1805,7 +2006,7 @@ msgstr "Advertising a Prefix" msgid "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" msgstr "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" -#: ../../configuration/vrf/index.rst:325 +#: ../../configuration/vrf/index.rst:344 msgid "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." msgstr "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." @@ -1813,10 +2014,18 @@ msgstr "After committing the configuration we can verify all leaked routes are i msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." -#: ../../configuration/pki/index.rst:212 +#: ../../configuration/vpn/ipsec.rst:418 +msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." +msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." + +#: ../../configuration/pki/index.rst:214 msgid "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." msgstr "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." +#: ../../configuration/vpn/ipsec.rst:399 +msgid "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." +msgstr "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." + #: ../../configuration/service/snmp.rst:39 msgid "Agent - software which runs on managed devices" msgstr "Agent - software which runs on managed devices" @@ -1825,7 +2034,7 @@ msgstr "Agent - software which runs on managed devices" msgid "Alert" msgstr "Alert" -#: ../../configuration/highavailability/index.rst:346 +#: ../../configuration/highavailability/index.rst:356 msgid "Algorithm" msgstr "Algorithm" @@ -1833,7 +2042,7 @@ msgstr "Algorithm" msgid "Aliases" msgstr "Aliases" -#: ../../configuration/service/dns.rst:167 +#: ../../configuration/service/dns.rst:154 msgid "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" msgstr "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" @@ -1861,7 +2070,7 @@ msgstr "All interfaces used for the DHCP relay must be configured. This includes msgid "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." msgstr "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." -#: ../../configuration/service/dns.rst:169 +#: ../../configuration/service/dns.rst:156 msgid "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" msgstr "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" @@ -1897,7 +2106,11 @@ msgstr "All traffic to and from an interface within a zone is permitted." msgid "All tunnel sessions can be checked via:" msgstr "All tunnel sessions can be checked via:" -#: ../../configuration/vpn/l2tp.rst:209 +#: ../../configuration/service/ipoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:193 +#: ../../configuration/vpn/l2tp.rst:236 +#: ../../configuration/vpn/pptp.rst:176 +#: ../../configuration/vpn/sstp.rst:209 msgid "Allocation clients ip addresses by RADIUS" msgstr "Allocation clients ip addresses by RADIUS" @@ -1913,7 +2126,7 @@ msgstr "Allow access to sites in a domain without retrieving them from the Proxy msgid "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." msgstr "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." -#: ../../configuration/service/dns.rst:359 +#: ../../configuration/service/dns.rst:362 msgid "Allow explicit IPv6 address for the interface." msgstr "Allow explicit IPv6 address for the interface." @@ -1933,7 +2146,7 @@ msgstr "Allow this BFD peer to not be directly connected" msgid "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." msgstr "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:812 +#: ../../configuration/firewall/ipv4.rst:835 #: ../../configuration/firewall/ipv6.rst:821 #: ../../configuration/system/conntrack.rst:199 msgid "Allowed values fpr TCP flags: ``ack``, ``cwr``, ``ecn``, ``fin``, ``psh``, ``rst``, ``syn`` and ``urg``. Multiple values are supported, and for inverted selection use ``not``, as shown in the example." @@ -1947,11 +2160,11 @@ msgstr "Allows specific VLAN IDs to pass through the bridge member interface. Th msgid "Allows to define URL path matching rules for a specific service." msgstr "Allows to define URL path matching rules for a specific service." -#: ../../configuration/protocols/static.rst:69 +#: ../../configuration/protocols/static.rst:92 msgid "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." -#: ../../configuration/protocols/static.rst:89 +#: ../../configuration/protocols/static.rst:112 msgid "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." @@ -1977,11 +2190,11 @@ msgstr "Also, for those who haven't updated to newer version, legacy documentati msgid "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." msgstr "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." -#: ../../configuration/protocols/static.rst:138 +#: ../../configuration/protocols/static.rst:171 msgid "Alternate Routing Tables" msgstr "Alternate Routing Tables" -#: ../../configuration/protocols/static.rst:142 +#: ../../configuration/protocols/static.rst:175 msgid "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." msgstr "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." @@ -2037,7 +2250,7 @@ msgstr "An agent is a network-management software module that resides on a manag msgid "An alternate command could be \"mpls-te on\" (Traffic Engineering)" msgstr "An alternate command could be \"mpls-te on\" (Traffic Engineering)" -#: ../../configuration/firewall/ipv4.rst:373 +#: ../../configuration/firewall/ipv4.rst:396 msgid "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." msgstr "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." @@ -2062,7 +2275,7 @@ msgstr "An basic introduction to zone-based firewalls can be found `here <https: #: ../../configuration/interfaces/tunnel.rst:71 #: ../../configuration/interfaces/tunnel.rst:93 #: ../../configuration/interfaces/tunnel.rst:194 -#: ../../configuration/system/login.rst:195 +#: ../../configuration/system/login.rst:199 msgid "An example:" msgstr "An example:" @@ -2074,7 +2287,7 @@ msgstr "An example of a configuration that sends ``telegraf`` metrics to remote msgid "An example of creating a VLAN-aware bridge is as follows:" msgstr "An example of creating a VLAN-aware bridge is as follows:" -#: ../../configuration/system/login.rst:149 +#: ../../configuration/system/login.rst:153 msgid "An example of key generation:" msgstr "An example of key generation:" @@ -2102,6 +2315,10 @@ msgstr "And base chain for traffic generated by the router is ``set firewall ipv msgid "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" msgstr "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" +#: ../../configuration/service/ids.rst:138 +msgid "And content of the script:" +msgstr "And content of the script:" + #: ../../configuration/policy/route.rst:76 msgid "And for ipv6:" msgstr "And for ipv6:" @@ -2114,7 +2331,7 @@ msgstr "And next, some configuration example where groups are used:" msgid "And op-mode commands:" msgstr "And op-mode commands:" -#: ../../configuration/system/ip.rst:84 +#: ../../configuration/system/ip.rst:97 msgid "And the different IPv4 **reset** commands available:" msgstr "And the different IPv4 **reset** commands available:" @@ -2131,6 +2348,10 @@ msgstr "Another term often used for DNAT is **1-to-1 NAT**. For a 1-to-1 NAT con msgid "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." msgstr "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." +#: ../../configuration/vpn/ipsec.rst:549 +msgid "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/vrf/index.rst:52 #: ../../configuration/vrf/index.rst:62 msgid "Apply a route-map filter to routes for the specified protocol." @@ -2221,11 +2442,15 @@ msgstr "As a result, the processing of each packet becomes more efficient, poten msgid "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." msgstr "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." +#: ../../configuration/vpn/ipsec.rst:523 +msgid "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." +msgstr "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." + #: ../../configuration/firewall/flowtables.rst:109 msgid "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." msgstr "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." -#: ../../configuration/system/option.rst:80 +#: ../../configuration/system/option.rst:110 msgid "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." msgstr "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." @@ -2265,7 +2490,7 @@ msgstr "As the example image below shows, the device was configured with rules b msgid "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." msgstr "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." -#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/l2tp.rst:86 msgid "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" msgstr "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" @@ -2301,7 +2526,7 @@ msgstr "Assign `<member>` interface to bridge `<interface>`. A completion helper msgid "Assign a specific backend to a rule" msgstr "Assign a specific backend to a rule" -#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:98 msgid "Assign interface identified by `<interface>` to VRF named `<name>`." msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." @@ -2309,7 +2534,10 @@ msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." msgid "Assign member interfaces to PortChannel" msgstr "Assign member interfaces to PortChannel" -#: ../../configuration/vpn/sstp.rst:80 +#: ../../configuration/service/pppoe-server.rst:437 +#: ../../configuration/vpn/l2tp.rst:381 +#: ../../configuration/vpn/pptp.rst:305 +#: ../../configuration/vpn/sstp.rst:339 msgid "Assign static IP address to `<user>` account." msgstr "Assign static IP address to `<user>` account." @@ -2317,7 +2545,7 @@ msgstr "Assign static IP address to `<user>` account." msgid "Assign the IP address to this machine for `<time>` seconds." msgstr "Assign the IP address to this machine for `<time>` seconds." -#: ../../configuration/system/login.rst:62 +#: ../../configuration/system/login.rst:66 msgid "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." msgstr "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." @@ -2401,6 +2629,14 @@ msgstr "Attaches user-defined network to a container. Only one network must be s msgid "Authentication" msgstr "Authentication" +#: ../../configuration/service/ipoe-server.rst:310 +#: ../../configuration/service/pppoe-server.rst:428 +#: ../../configuration/vpn/l2tp.rst:372 +#: ../../configuration/vpn/pptp.rst:296 +#: ../../configuration/vpn/sstp.rst:330 +msgid "Authentication Advanced Options" +msgstr "Authentication Advanced Options" + #: ../../configuration/interfaces/ethernet.rst:99 msgid "Authentication (EAPoL)" msgstr "Authentication (EAPoL)" @@ -2437,11 +2673,11 @@ msgstr "Authentication – to verify that the message is from a valid source." msgid "Authorization token" msgstr "Authorization token" -#: ../../configuration/service/pppoe-server.rst:159 +#: ../../configuration/service/pppoe-server.rst:228 msgid "Automatic VLAN Creation" msgstr "Automatic VLAN Creation" -#: ../../configuration/service/ipoe-server.rst:96 +#: ../../configuration/service/ipoe-server.rst:97 msgid "Automatic VLAN creation" msgstr "Automatic VLAN creation" @@ -2469,7 +2705,7 @@ msgstr "Azure-data-explorer" msgid "BFD" msgstr "BFD" -#: ../../configuration/protocols/bfd.rst:136 +#: ../../configuration/protocols/bfd.rst:143 msgid "BFD Static Route Monitoring" msgstr "BFD Static Route Monitoring" @@ -2505,7 +2741,7 @@ msgstr "BGP Example" msgid "BGP Router Configuration" msgstr "BGP Router Configuration" -#: ../../configuration/protocols/bgp.rst:888 +#: ../../configuration/protocols/bgp.rst:910 msgid "BGP Scaling Configuration" msgstr "BGP Scaling Configuration" @@ -2517,7 +2753,7 @@ msgstr "BGP aggregator attribute: AS number or IP address of an aggregation." msgid "BGP as-path list to match." msgstr "BGP as-path list to match." -#: ../../configuration/policy/route-map.rst:216 +#: ../../configuration/policy/route-map.rst:219 msgid "BGP atomic aggregate attribute." msgstr "BGP atomic aggregate attribute." @@ -2533,11 +2769,11 @@ msgstr "BGP extended community to match." msgid "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" msgstr "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" -#: ../../configuration/protocols/bgp.rst:890 +#: ../../configuration/protocols/bgp.rst:912 msgid "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." msgstr "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." -#: ../../configuration/vrf/index.rst:413 +#: ../../configuration/vrf/index.rst:432 msgid "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." msgstr "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." @@ -2569,18 +2805,16 @@ msgstr "Balancing Rules" msgid "Balancing based on domain name" msgstr "Balancing based on domain name" -#: ../../configuration/service/ipoe-server.rst:122 -#: ../../configuration/service/pppoe-server.rst:182 -#: ../../configuration/vpn/l2tp.rst:113 +#: ../../configuration/service/pppoe-server.rst:251 msgid "Bandwidth Shaping" msgstr "Bandwidth Shaping" -#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/ipoe-server.rst:129 #: ../../configuration/vpn/l2tp.rst:118 msgid "Bandwidth Shaping for local users" msgstr "Bandwidth Shaping for local users" -#: ../../configuration/service/pppoe-server.rst:184 +#: ../../configuration/service/pppoe-server.rst:253 msgid "Bandwidth rate limits can be set for local users or RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or RADIUS based attributes." @@ -2588,7 +2822,7 @@ msgstr "Bandwidth rate limits can be set for local users or RADIUS based attribu msgid "Bandwidth rate limits can be set for local users or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or via RADIUS based attributes." -#: ../../configuration/service/ipoe-server.rst:124 +#: ../../configuration/service/ipoe-server.rst:125 msgid "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." @@ -2648,7 +2882,7 @@ msgstr "Before enabling any hardware segmentation offload a corresponding softwa msgid "Before you are able to apply a rule-set to a zone you have to create the zones first." msgstr "Before you are able to apply a rule-set to a zone you have to create the zones first." -#: ../../configuration/vpn/site2site_ipsec.rst:422 +#: ../../configuration/vpn/site2site_ipsec.rst:425 msgid "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." msgstr "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." @@ -2672,6 +2906,10 @@ msgstr "Bidirectional NAT" msgid "Binary value" msgstr "Binary value" +#: ../../configuration/container/index.rst:153 +msgid "Bind container network to a given VRF instance." +msgstr "Bind container network to a given VRF instance." + #: ../../configuration/protocols/bfd.rst:39 msgid "Bind listener to specific interface/address, mandatory for IPv6" msgstr "Bind listener to specific interface/address, mandatory for IPv6" @@ -2680,7 +2918,7 @@ msgstr "Bind listener to specific interface/address, mandatory for IPv6" msgid "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." msgstr "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." -#: ../../configuration/protocols/static.rst:108 +#: ../../configuration/protocols/static.rst:142 msgid "Blackhole" msgstr "Blackhole" @@ -2708,11 +2946,11 @@ msgstr "Bond / Link Aggregation" msgid "Bond options" msgstr "Bond options" -#: ../../configuration/service/dhcp-server.rst:306 +#: ../../configuration/service/dhcp-server.rst:312 msgid "Boot image length in 512-octet blocks" msgstr "Boot image length in 512-octet blocks" -#: ../../configuration/service/dhcp-server.rst:301 +#: ../../configuration/service/dhcp-server.rst:307 msgid "Bootstrap file name" msgstr "Bootstrap file name" @@ -2761,6 +2999,14 @@ msgstr "Bridge answers on IP address 192.0.2.1/24 and 2001:db8::ffff/64" msgid "Bridge maximum aging `<time>` in seconds (default: 20)." msgstr "Bridge maximum aging `<time>` in seconds (default: 20)." +#: ../../configuration/service/ipoe-server.rst:360 +#: ../../configuration/service/pppoe-server.rst:526 +#: ../../configuration/vpn/l2tp.rst:480 +#: ../../configuration/vpn/pptp.rst:404 +#: ../../configuration/vpn/sstp.rst:438 +msgid "Burst count" +msgstr "Burst count" + #: ../../configuration/interfaces/pppoe.rst:41 msgid "Business Users" msgstr "Business Users" @@ -2777,11 +3023,11 @@ msgstr "By default, FRR will bring up peering with minimal common capability for msgid "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." msgstr "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." -#: ../../configuration/system/login.rst:126 +#: ../../configuration/system/login.rst:130 msgid "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." msgstr "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." -#: ../../configuration/service/dns.rst:393 +#: ../../configuration/service/dns.rst:401 msgid "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." msgstr "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." @@ -2794,6 +3040,10 @@ msgstr "By default, enabling RPKI does not change best path selection. In partic msgid "By default, it supports both planned and unplanned outages." msgstr "By default, it supports both planned and unplanned outages." +#: ../../configuration/protocols/bgp.rst:661 +msgid "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." +msgstr "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." + #: ../../configuration/service/https.rst:45 msgid "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." msgstr "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." @@ -2839,7 +3089,7 @@ msgstr "By using Pseudo-Ethernet interfaces there will be less system overhead c msgid "Bypassing the webproxy" msgstr "Bypassing the webproxy" -#: ../../configuration/pki/index.rst:170 +#: ../../configuration/pki/index.rst:172 msgid "CA (Certificate Authority)" msgstr "CA (Certificate Authority)" @@ -2860,20 +3110,20 @@ msgstr "Capability Negotiation" msgid "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." msgstr "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." -#: ../../configuration/pki/index.rst:33 +#: ../../configuration/pki/index.rst:35 msgid "Certificate Authority (CA)" msgstr "Certificate Authority (CA)" -#: ../../configuration/pki/index.rst:185 +#: ../../configuration/pki/index.rst:187 msgid "Certificate revocation list in PEM format." msgstr "Certificate revocation list in PEM format." -#: ../../configuration/pki/index.rst:63 +#: ../../configuration/pki/index.rst:65 #: ../../configuration/vpn/sstp.rst:27 msgid "Certificates" msgstr "Certificates" -#: ../../configuration/system/option.rst:66 +#: ../../configuration/system/option.rst:96 msgid "Change system keyboard layout to given language." msgstr "Change system keyboard layout to given language." @@ -2889,7 +3139,7 @@ msgstr "Changes in BGP policies require the BGP session to be cleared. Clearing msgid "Changes to the NAT system only affect newly established connections. Already established connections are not affected." msgstr "Changes to the NAT system only affect newly established connections. Already established connections are not affected." -#: ../../configuration/system/option.rst:70 +#: ../../configuration/system/option.rst:100 msgid "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." msgstr "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." @@ -2909,11 +3159,11 @@ msgstr "Check if the Intel® QAT device is up and ready to do the job." msgid "Check status" msgstr "Check status" -#: ../../configuration/system/ipv6.rst:64 +#: ../../configuration/system/ipv6.rst:77 msgid "Check the many parameters available for the `show ipv6 route` command:" msgstr "Check the many parameters available for the `show ipv6 route` command:" -#: ../../configuration/service/pppoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:315 msgid "Checking connections" msgstr "Checking connections" @@ -2945,11 +3195,11 @@ msgstr "Class treatment" msgid "Classes" msgstr "Classes" -#: ../../configuration/service/dhcp-server.rst:326 +#: ../../configuration/service/dhcp-server.rst:332 msgid "Classless static route" msgstr "Classless static route" -#: ../../configuration/policy/route-map.rst:269 +#: ../../configuration/policy/route-map.rst:272 msgid "Clear all BGP extcommunities." msgstr "Clear all BGP extcommunities." @@ -2973,7 +3223,15 @@ msgstr "Client Authentication" msgid "Client Configuration" msgstr "Client Configuration" -#: ../../configuration/vpn/sstp.rst:289 +#: ../../configuration/service/ipoe-server.rst:328 +#: ../../configuration/service/pppoe-server.rst:446 +#: ../../configuration/vpn/l2tp.rst:400 +#: ../../configuration/vpn/pptp.rst:324 +#: ../../configuration/vpn/sstp.rst:358 +msgid "Client IP Pool Advanced Options" +msgstr "Client IP Pool Advanced Options" + +#: ../../configuration/vpn/sstp.rst:358 msgid "Client IP addresses will be provided from pool `192.0.2.0/25`" msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" @@ -2981,15 +3239,15 @@ msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" msgid "Client Side" msgstr "Client Side" -#: ../../configuration/service/ipoe-server.rst:184 +#: ../../configuration/service/ipoe-server.rst:186 msgid "Client configuration" msgstr "Client configuration" -#: ../../configuration/service/dhcp-server.rst:266 +#: ../../configuration/service/dhcp-server.rst:272 msgid "Client domain name" msgstr "Client domain name" -#: ../../configuration/service/dhcp-server.rst:321 +#: ../../configuration/service/dhcp-server.rst:327 msgid "Client domain search" msgstr "Client domain search" @@ -3001,7 +3259,7 @@ msgstr "Client isolation can be used to prevent low-level bridging of frames bet msgid "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" msgstr "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" -#: ../../configuration/service/dhcp-server.rst:514 +#: ../../configuration/service/dhcp-server.rst:520 msgid "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." msgstr "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." @@ -3019,11 +3277,11 @@ msgstr "Command completion can be used to list available time zones. The adjustm msgid "Command for disabling a rule but keep it in the configuration." msgstr "Command for disabling a rule but keep it in the configuration." -#: ../../configuration/vrf/index.rst:128 +#: ../../configuration/vrf/index.rst:147 msgid "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." msgstr "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." -#: ../../configuration/firewall/ipv4.rst:1179 +#: ../../configuration/firewall/ipv4.rst:1202 #: ../../configuration/firewall/ipv6.rst:1195 msgid "Command used to update GeoIP database and firewall sets." msgstr "Command used to update GeoIP database and firewall sets." @@ -3032,7 +3290,7 @@ msgstr "Command used to update GeoIP database and firewall sets." msgid "Commands" msgstr "Commands" -#: ../../configuration/service/dhcp-server.rst:379 +#: ../../configuration/service/dhcp-server.rst:385 msgid "Common configuration, valid for both primary and secondary node." msgstr "Common configuration, valid for both primary and secondary node." @@ -3059,7 +3317,7 @@ msgstr "Common interface configuration" msgid "Common parameters" msgstr "Common parameters" -#: ../../configuration/protocols/bgp.rst:927 +#: ../../configuration/protocols/bgp.rst:949 msgid "Confederation Configuration" msgstr "Confederation Configuration" @@ -3098,7 +3356,7 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/policy/local-route.rst:9 #: ../../configuration/policy/prefix-list.rst:16 #: ../../configuration/policy/route-map.rst:10 -#: ../../configuration/protocols/bfd.rst:143 +#: ../../configuration/protocols/bfd.rst:150 #: ../../configuration/protocols/bgp.rst:164 #: ../../configuration/protocols/igmp-proxy.rst:14 #: ../../configuration/protocols/isis.rst:28 @@ -3111,15 +3369,15 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/service/dhcp-relay.rst:19 #: ../../configuration/service/dhcp-relay.rst:137 #: ../../configuration/service/dhcp-server.rst:22 -#: ../../configuration/service/dhcp-server.rst:510 +#: ../../configuration/service/dhcp-server.rst:516 #: ../../configuration/service/dns.rst:8 -#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:214 #: ../../configuration/service/https.rst:14 -#: ../../configuration/service/ipoe-server.rst:28 +#: ../../configuration/service/ids.rst:20 #: ../../configuration/service/lldp.rst:36 #: ../../configuration/service/mdns.rst:19 #: ../../configuration/service/ntp.rst:40 -#: ../../configuration/service/pppoe-server.rst:17 +#: ../../configuration/service/router-advert.rst:28 #: ../../configuration/service/salt-minion.rst:25 #: ../../configuration/service/ssh.rst:36 #: ../../configuration/service/tftp-server.rst:14 @@ -3127,18 +3385,18 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/system/default-route.rst:12 #: ../../configuration/system/flow-accounting.rst:43 #: ../../configuration/system/lcd.rst:17 -#: ../../configuration/system/login.rst:241 -#: ../../configuration/system/login.rst:310 +#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:314 #: ../../configuration/system/sflow.rst:12 #: ../../configuration/system/updates.rst:8 #: ../../configuration/vpn/dmvpn.rst:38 #: ../../configuration/vpn/dmvpn.rst:182 #: ../../configuration/vpn/openconnect.rst:21 -#: ../../configuration/vpn/sstp.rst:65 +#: ../../configuration/vpn/sstp.rst:40 #: ../../configuration/vrf/index.rst:16 -#: ../../configuration/vrf/index.rst:253 -#: ../../configuration/vrf/index.rst:288 -#: ../../configuration/vrf/index.rst:436 +#: ../../configuration/vrf/index.rst:272 +#: ../../configuration/vrf/index.rst:307 +#: ../../configuration/vrf/index.rst:455 msgid "Configuration" msgstr "Configuration" @@ -3148,8 +3406,8 @@ msgstr "Configuration" #: ../../configuration/protocols/pim6.rst:78 #: ../../configuration/protocols/rip.rst:239 #: ../../configuration/protocols/segment-routing.rst:187 -#: ../../configuration/system/login.rst:279 -#: ../../configuration/system/login.rst:350 +#: ../../configuration/system/login.rst:283 +#: ../../configuration/system/login.rst:354 msgid "Configuration Example" msgstr "Configuration Example" @@ -3171,7 +3429,7 @@ msgstr "Configuration Options" msgid "Configuration commands covered in this section:" msgstr "Configuration commands covered in this section:" -#: ../../configuration/vpn/ipsec.rst:284 +#: ../../configuration/vpn/ipsec.rst:288 msgid "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" msgstr "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" @@ -3183,7 +3441,7 @@ msgstr "Configuration commands will display. Note the command with the public ke msgid "Configuration example:" msgstr "Configuration example:" -#: ../../configuration/vrf/index.rst:430 +#: ../../configuration/vrf/index.rst:449 msgid "Configuration for these exported routes must, at a minimum, specify these two parameters." msgstr "Configuration for these exported routes must, at a minimum, specify these two parameters." @@ -3191,15 +3449,15 @@ msgstr "Configuration for these exported routes must, at a minimum, specify thes msgid "Configuration of :ref:`routing-static`" msgstr "Configuration of :ref:`routing-static`" -#: ../../configuration/service/dhcp-server.rst:371 +#: ../../configuration/service/dhcp-server.rst:377 msgid "Configuration of a DHCP failover pair" msgstr "Configuration of a DHCP failover pair" -#: ../../configuration/vrf/index.rst:438 +#: ../../configuration/vrf/index.rst:457 msgid "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." msgstr "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." -#: ../../configuration/protocols/static.rst:166 +#: ../../configuration/protocols/static.rst:199 #: ../../configuration/system/conntrack.rst:12 msgid "Configure" msgstr "Configure" @@ -3208,11 +3466,11 @@ msgstr "Configure" msgid "Configure BFD" msgstr "Configure BFD" -#: ../../configuration/service/dns.rst:258 +#: ../../configuration/service/dns.rst:245 msgid "Configure DNS `<record>` which should be updated. This can be set multiple times." msgstr "Configure DNS `<record>` which should be updated. This can be set multiple times." -#: ../../configuration/service/dns.rst:253 +#: ../../configuration/service/dns.rst:241 msgid "Configure DNS `<zone>` to be updated." msgstr "Configure DNS `<zone>` to be updated." @@ -3230,15 +3488,27 @@ msgstr "Configure Graceful Restart :rfc:`3623` helper support. By default, helpe msgid "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." msgstr "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." +#: ../../configuration/service/ids.rst:69 +msgid "Configure ICMP threshold parameters." +msgstr "Configure ICMP threshold parameters." + #: ../../configuration/service/dhcp-relay.rst:40 msgid "Configure IP address of the DHCP `<server>` which will handle the relayed packets." msgstr "Configure IP address of the DHCP `<server>` which will handle the relayed packets." -#: ../../configuration/vpn/sstp.rst:214 +#: ../../configuration/service/ipoe-server.rst:162 +#: ../../configuration/service/pppoe-server.rst:124 +#: ../../configuration/vpn/l2tp.rst:167 +#: ../../configuration/vpn/pptp.rst:107 +#: ../../configuration/vpn/sstp.rst:140 msgid "Configure RADIUS `<server>` and its required port for authentication requests." msgstr "Configure RADIUS `<server>` and its required port for authentication requests." -#: ../../configuration/vpn/sstp.rst:218 +#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/pppoe-server.rst:90 +#: ../../configuration/vpn/l2tp.rst:133 +#: ../../configuration/vpn/pptp.rst:73 +#: ../../configuration/vpn/sstp.rst:106 msgid "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." @@ -3246,23 +3516,39 @@ msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for commu msgid "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." msgstr "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." +#: ../../configuration/service/ids.rst:74 +msgid "Configure TCP threshold parameters" +msgstr "Configure TCP threshold parameters" + +#: ../../configuration/service/ids.rst:79 +msgid "Configure UDP threshold parameters" +msgstr "Configure UDP threshold parameters" + #: ../../_include/interface-mtu.txt:4 msgid "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." msgstr "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." -#: ../../configuration/system/login.rst:375 +#: ../../configuration/system/login.rst:379 msgid "Configure `<message>` which is shown after user has logged in to the system." msgstr "Configure `<message>` which is shown after user has logged in to the system." -#: ../../configuration/system/login.rst:370 +#: ../../configuration/system/login.rst:374 msgid "Configure `<message>` which is shown during SSH connect and before a user is logged in." msgstr "Configure `<message>` which is shown during SSH connect and before a user is logged in." -#: ../../configuration/service/dns.rst:341 +#: ../../configuration/service/dns.rst:346 +msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:355 msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." -#: ../../configuration/service/dns.rst:334 +#: ../../configuration/service/dns.rst:341 +msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:348 msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." @@ -3274,13 +3560,13 @@ msgstr "Configure a URL that contains information about images." msgid "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." msgstr "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." -#: ../../configuration/protocols/bfd.rst:154 -#: ../../configuration/protocols/bfd.rst:167 +#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:174 msgid "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." -#: ../../configuration/protocols/bfd.rst:148 -#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:155 +#: ../../configuration/protocols/bfd.rst:168 msgid "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." @@ -3304,6 +3590,10 @@ msgstr "Configure agent IP address associated with this interface." msgid "Configure aggregation delay timer interval." msgstr "Configure aggregation delay timer interval." +#: ../../configuration/service/ids.rst:24 +msgid "Configure alert script that will be executed when an attack is detected." +msgstr "Configure alert script that will be executed when an attack is detected." + #: ../../configuration/vpn/openconnect.rst:285 msgid "Configure an accounting server and enable accounting with:" msgstr "Configure an accounting server and enable accounting with:" @@ -3328,6 +3618,10 @@ msgstr "Configure backend `<name>` mode TCP or HTTP" msgid "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" msgstr "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" +#: ../../configuration/service/ids.rst:33 +msgid "Configure direction for processing traffic." +msgstr "Configure direction for processing traffic." + #: ../../configuration/service/console-server.rst:49 msgid "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." msgstr "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." @@ -3336,6 +3630,14 @@ msgstr "Configure either one or two stop bits. This defaults to one stop bits if msgid "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." msgstr "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." +#: ../../configuration/service/ids.rst:64 +msgid "Configure general threshold parameters." +msgstr "Configure general threshold parameters." + +#: ../../configuration/service/ids.rst:28 +msgid "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." +msgstr "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." + #: ../../configuration/interfaces/bridge.rst:46 msgid "Configure individual bridge port `<priority>`." msgstr "Configure individual bridge port `<priority>`." @@ -3353,6 +3655,14 @@ msgstr "Configure interface-specific Host/Router behaviour. If set, the interfac msgid "Configure interface `<interface>` with one or more interface addresses." msgstr "Configure interface `<interface>` with one or more interface addresses." +#: ../../configuration/service/ids.rst:42 +msgid "Configure listen interface for mirroring traffic." +msgstr "Configure listen interface for mirroring traffic." + +#: ../../configuration/service/ids.rst:55 +msgid "Configure local IPv4 address to listen for sflow." +msgstr "Configure local IPv4 address to listen for sflow." + #: ../../configuration/service/snmp.rst:148 msgid "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" msgstr "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" @@ -3369,7 +3679,7 @@ msgstr "Configure next-hop `<address>` for an IPv4 static route. Multiple static msgid "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." msgstr "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." -#: ../../configuration/system/option.rst:95 +#: ../../configuration/system/option.rst:125 msgid "Configure one of the predefined system performance profiles." msgstr "Configure one of the predefined system performance profiles." @@ -3381,7 +3691,7 @@ msgstr "Configure one or more attributes to the given NTP server." msgid "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." msgstr "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." -#: ../../configuration/service/dns.rst:264 +#: ../../configuration/service/dns.rst:249 msgid "Configure optional TTL value on the given resource record. This defaults to 600 seconds." msgstr "Configure optional TTL value on the given resource record. This defaults to 600 seconds." @@ -3405,6 +3715,10 @@ msgstr "Configure port mirroring for `interface` outbound traffic and copy the t msgid "Configure port number of remote VXLAN endpoint." msgstr "Configure port number of remote VXLAN endpoint." +#: ../../configuration/service/ids.rst:59 +msgid "Configure port number to be used for sflow conection. Default port is 6343." +msgstr "Configure port number to be used for sflow conection. Default port is 6343." + #: ../../configuration/system/syslog.rst:73 msgid "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." msgstr "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." @@ -3429,7 +3743,7 @@ msgstr "Configure service `<name>` mode TCP or HTTP" msgid "Configure service `<name>` to use the backend <name>" msgstr "Configure service `<name>` to use the backend <name>" -#: ../../configuration/system/login.rst:394 +#: ../../configuration/system/login.rst:398 msgid "Configure session timeout after which the user will be logged out." msgstr "Configure session timeout after which the user will be logged out." @@ -3445,7 +3759,7 @@ msgstr "Configure the A-side router for NPTv6 using the prefixes above:" msgid "Configure the B-side router for NPTv6 using the prefixes above:" msgstr "Configure the B-side router for NPTv6 using the prefixes above:" -#: ../../configuration/service/dns.rst:247 +#: ../../configuration/service/dns.rst:236 msgid "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." msgstr "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." @@ -3457,11 +3771,11 @@ msgstr "Configure the IPv4 or IPv6 listen address of the TFTP server. Multiple I msgid "Configure the connection tracking protocol helper modules. All modules are enable by default." msgstr "Configure the connection tracking protocol helper modules. All modules are enable by default." -#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:256 msgid "Configure the discrete port under which the RADIUS server can be reached." msgstr "Configure the discrete port under which the RADIUS server can be reached." -#: ../../configuration/system/login.rst:321 +#: ../../configuration/system/login.rst:325 msgid "Configure the discrete port under which the TACACS server can be reached." msgstr "Configure the discrete port under which the TACACS server can be reached." @@ -3469,6 +3783,10 @@ msgstr "Configure the discrete port under which the TACACS server can be reached msgid "Configure the load-balancing reverse-proxy service for HTTP." msgstr "Configure the load-balancing reverse-proxy service for HTTP." +#: ../../configuration/service/ids.rst:46 +msgid "Configure traffic capture mode." +msgstr "Configure traffic capture mode." + #: ../../_include/interface-mac.txt:4 msgid "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." msgstr "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." @@ -3489,10 +3807,54 @@ msgstr "Configured value" msgid "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." msgstr "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." +#: ../../configuration/service/ipoe-server.rst:27 +msgid "Configuring IPoE Server" +msgstr "Configuring IPoE Server" + +#: ../../configuration/vpn/l2tp.rst:57 +msgid "Configuring IPsec" +msgstr "Configuring IPsec" + +#: ../../configuration/vpn/l2tp.rst:12 +msgid "Configuring L2TP Server" +msgstr "Configuring L2TP Server" + +#: ../../configuration/vpn/l2tp.rst:270 +msgid "Configuring LNS (L2TP Network Server)" +msgstr "Configuring LNS (L2TP Network Server)" + +#: ../../configuration/service/pppoe-server.rst:18 +msgid "Configuring PPPoE Server" +msgstr "Configuring PPPoE Server" + +#: ../../configuration/vpn/pptp.rst:13 +msgid "Configuring PPTP Server" +msgstr "Configuring PPTP Server" + #: ../../configuration/vpn/openconnect.rst:279 msgid "Configuring RADIUS accounting" msgstr "Configuring RADIUS accounting" +#: ../../configuration/service/ipoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:76 +#: ../../configuration/vpn/l2tp.rst:119 +#: ../../configuration/vpn/pptp.rst:59 +#: ../../configuration/vpn/sstp.rst:92 +msgid "Configuring RADIUS authentication" +msgstr "Configuring RADIUS authentication" + +#: ../../configuration/vpn/sstp.rst:24 +msgid "Configuring SSTP Server" +msgstr "Configuring SSTP Server" + +#: ../../configuration/vpn/sstp.rst:476 +msgid "Configuring SSTP client" +msgstr "Configuring SSTP client" + +#: ../../configuration/vpn/ipsec.rst:494 +msgid "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." +msgstr "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." + #: ../../configuration/service/tftp-server.rst:39 msgid "Configuring a listen-address is essential for the service to work." msgstr "Configuring a listen-address is essential for the service to work." @@ -3502,11 +3864,15 @@ msgstr "Configuring a listen-address is essential for the service to work." msgid "Connect/Disconnect" msgstr "Connect/Disconnect" -#: ../../configuration/vpn/sstp.rst:155 +#: ../../configuration/service/ipoe-server.rst:376 +#: ../../configuration/service/pppoe-server.rst:546 +#: ../../configuration/vpn/l2tp.rst:500 +#: ../../configuration/vpn/pptp.rst:424 +#: ../../configuration/vpn/sstp.rst:458 msgid "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." msgstr "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." -#: ../../configuration/protocols/rpki.rst:129 +#: ../../configuration/protocols/rpki.rst:143 msgid "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." msgstr "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." @@ -3542,7 +3908,7 @@ msgstr "Console" msgid "Console Server" msgstr "Console Server" -#: ../../configuration/container/index.rst:106 +#: ../../configuration/container/index.rst:111 msgid "Constrain the memory available to the container." msgstr "Constrain the memory available to the container." @@ -3550,6 +3916,14 @@ msgstr "Constrain the memory available to the container." msgid "Container" msgstr "Container" +#: ../../configuration/container/index.rst:136 +msgid "Container Networks" +msgstr "Container Networks" + +#: ../../configuration/container/index.rst:156 +msgid "Container Registry" +msgstr "Container Registry" + #: ../../configuration/system/conntrack.rst:65 msgid "Contrack Timeouts" msgstr "Contrack Timeouts" @@ -3590,7 +3964,10 @@ msgstr "Create DHCP address range with a range id of `<n>`. DHCP leases are take msgid "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" msgstr "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" -#: ../../configuration/vpn/sstp.rst:70 +#: ../../configuration/service/pppoe-server.rst:49 +#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/pptp.rst:38 +#: ../../configuration/vpn/sstp.rst:63 msgid "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." msgstr "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." @@ -3606,6 +3983,10 @@ msgstr "Create a file named ``VyOS-1.3.6.1.4.1.44641.ConfigMgmt-Commands`` using msgid "Create a load balancing rule, it can be a number between 1 and 9999:" msgstr "Create a load balancing rule, it can be a number between 1 and 9999:" +#: ../../configuration/service/dhcp-server.rst:189 +msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." +msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." + #: ../../configuration/service/dhcp-server.rst:183 msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." @@ -3614,31 +3995,31 @@ msgstr "Create a new DHCP static mapping named `<description>` which is valid fo msgid "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." msgstr "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." -#: ../../configuration/pki/index.rst:40 -#: ../../configuration/pki/index.rst:45 +#: ../../configuration/pki/index.rst:42 +#: ../../configuration/pki/index.rst:47 msgid "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." msgstr "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." -#: ../../configuration/pki/index.rst:67 -#: ../../configuration/pki/index.rst:71 +#: ../../configuration/pki/index.rst:69 +#: ../../configuration/pki/index.rst:73 msgid "Create a new public/private keypair and output the certificate on the console." msgstr "Create a new public/private keypair and output the certificate on the console." -#: ../../configuration/pki/index.rst:89 -#: ../../configuration/pki/index.rst:94 +#: ../../configuration/pki/index.rst:91 +#: ../../configuration/pki/index.rst:96 msgid "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." msgstr "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." -#: ../../configuration/pki/index.rst:77 -#: ../../configuration/pki/index.rst:82 +#: ../../configuration/pki/index.rst:79 +#: ../../configuration/pki/index.rst:84 msgid "Create a new self-signed certificate. The public/private is then shown on the console." msgstr "Create a new self-signed certificate. The public/private is then shown on the console." -#: ../../configuration/pki/index.rst:52 +#: ../../configuration/pki/index.rst:54 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." -#: ../../configuration/pki/index.rst:57 +#: ../../configuration/pki/index.rst:59 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." @@ -3686,10 +4067,15 @@ msgstr "Create named `<alias>` for the configured static mapping for `<hostname> msgid "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." msgstr "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." -#: ../../configuration/service/dns.rst:234 +#: ../../configuration/service/dns.rst:248 msgid "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." msgstr "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +#: ../../configuration/service/dns.rst:221 +#: ../../configuration/service/dns.rst:326 +msgid "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +msgstr "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." + #: ../../configuration/system/login.rst:21 msgid "Create new system user with username `<name>` and real-name specified by `<string>`." msgstr "Create new system user with username `<name>` and real-name specified by `<string>`." @@ -3698,10 +4084,14 @@ msgstr "Create new system user with username `<name>` and real-name specified by msgid "Create service `<name>` to listen on <port>" msgstr "Create service `<name>` to listen on <port>" -#: ../../configuration/container/index.rst:132 +#: ../../configuration/container/index.rst:140 msgid "Creates a named container network" msgstr "Creates a named container network" +#: ../../configuration/service/ipoe-server.rst:55 +msgid "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" +msgstr "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" + #: ../../configuration/vpn/dmvpn.rst:83 msgid "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." msgstr "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." @@ -3722,6 +4112,10 @@ msgstr "Creating a traffic policy" msgid "Creating rules for using flow tables:" msgstr "Creating rules for using flow tables:" +#: ../../configuration/container/index.rst:173 +msgid "Credentials can be defined here and will only be used when adding a container image to the system." +msgstr "Credentials can be defined here and will only be used when adding a container image to the system." + #: ../../configuration/system/syslog.rst:178 msgid "Critical" msgstr "Critical" @@ -3754,7 +4148,7 @@ msgstr "Cur Hop Limit" msgid "Currently does not do much as caching is not implemented." msgstr "Currently does not do much as caching is not implemented." -#: ../../configuration/vrf/index.rst:86 +#: ../../configuration/vrf/index.rst:105 msgid "Currently dynamic routing is supported for the following protocols:" msgstr "Currently dynamic routing is supported for the following protocols:" @@ -3778,7 +4172,7 @@ msgstr "Custom firewall chains can be created, with commands ``set firewall ipv4 msgid "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." msgstr "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." -#: ../../configuration/highavailability/index.rst:373 +#: ../../configuration/highavailability/index.rst:383 msgid "Custom health-check script allows checking real-server availability" msgstr "Custom health-check script allows checking real-server availability" @@ -3794,6 +4188,10 @@ msgstr "DCO can be enabled for both new and existing tunnels,VyOS adds an option msgid "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." msgstr "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." +#: ../../configuration/service/ids.rst:5 +msgid "DDoS Protection" +msgstr "DDoS Protection" + #: ../../configuration/service/dhcp-relay.rst:5 msgid "DHCP Relay" msgstr "DHCP Relay" @@ -3802,15 +4200,15 @@ msgstr "DHCP Relay" msgid "DHCP Server" msgstr "DHCP Server" -#: ../../configuration/service/dhcp-server.rst:351 +#: ../../configuration/service/dhcp-server.rst:357 msgid "DHCP failover parameters" msgstr "DHCP failover parameters" -#: ../../configuration/service/dhcp-server.rst:341 +#: ../../configuration/service/dhcp-server.rst:347 msgid "DHCP lease range" msgstr "DHCP lease range" -#: ../../configuration/service/dhcp-server.rst:377 +#: ../../configuration/service/dhcp-server.rst:383 msgid "DHCP range spans from `192.168.189.10` - `192.168.189.250`" msgstr "DHCP range spans from `192.168.189.10` - `192.168.189.250`" @@ -3822,7 +4220,7 @@ msgstr "DHCP relay example" msgid "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." msgstr "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." -#: ../../configuration/service/dhcp-server.rst:584 +#: ../../configuration/service/dhcp-server.rst:590 msgid "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." msgstr "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." @@ -3887,11 +4285,11 @@ msgstr "DNS name servers" msgid "DNS search list to advertise" msgstr "DNS search list to advertise" -#: ../../configuration/service/dhcp-server.rst:261 +#: ../../configuration/service/dhcp-server.rst:267 msgid "DNS server IPv4 address" msgstr "DNS server IPv4 address" -#: ../../configuration/service/dhcp-server.rst:591 +#: ../../configuration/service/dhcp-server.rst:597 msgid "DNS server is located at ``2001:db8::ffff``" msgstr "DNS server is located at ``2001:db8::ffff``" @@ -3903,7 +4301,7 @@ msgstr "DSCP values as per :rfc:`2474` and :rfc:`4595`:" msgid "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" msgstr "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" -#: ../../configuration/firewall/ipv4.rst:444 +#: ../../configuration/firewall/ipv4.rst:467 #: ../../configuration/firewall/ipv6.rst:451 msgid "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." msgstr "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." @@ -3940,15 +4338,18 @@ msgstr "Default Gateway/Route" msgid "Default Router Preference" msgstr "Default Router Preference" -#: ../../configuration/vpn/sstp.rst:201 +#: ../../configuration/service/pppoe-server.rst:509 +#: ../../configuration/vpn/l2tp.rst:463 +#: ../../configuration/vpn/pptp.rst:387 +#: ../../configuration/vpn/sstp.rst:421 msgid "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." msgstr "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." -#: ../../configuration/service/dhcp-server.rst:374 +#: ../../configuration/service/dhcp-server.rst:380 msgid "Default gateway and DNS server is at `192.0.2.254`" msgstr "Default gateway and DNS server is at `192.0.2.254`" -#: ../../configuration/container/index.rst:108 +#: ../../configuration/container/index.rst:113 msgid "Default is 512 MB. Use 0 MB for unlimited memory." msgstr "Default is 512 MB. Use 0 MB for unlimited memory." @@ -3976,7 +4377,7 @@ msgstr "Defaults to 'uid'" msgid "Defaults to 225.0.0.50." msgstr "Defaults to 225.0.0.50." -#: ../../configuration/system/option.rst:68 +#: ../../configuration/system/option.rst:98 msgid "Defaults to ``us``." msgstr "Defaults to ``us``." @@ -3988,6 +4389,10 @@ msgstr "Define Conection Timeouts" msgid "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." msgstr "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." +#: ../../configuration/container/index.rst:148 +msgid "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." +msgstr "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." + #: ../../configuration/firewall/groups.rst:52 msgid "Define a IPv4 or IPv6 Network group." msgstr "Define a IPv4 or IPv6 Network group." @@ -4040,6 +4445,10 @@ msgstr "Define different modes for sending replies in response to received ARP r msgid "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." msgstr "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." +#: ../../configuration/service/ntp.rst:88 +msgid "Define how to handle leaf-seonds." +msgstr "Define how to handle leaf-seonds." + #: ../../configuration/firewall/flowtables.rst:71 msgid "Define interfaces to be used in the flowtable." msgstr "Define interfaces to be used in the flowtable." @@ -4080,7 +4489,7 @@ msgstr "Define the zone as a local zone. A local zone has no interfaces and will msgid "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." msgstr "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." -#: ../../configuration/protocols/rpki.rst:114 +#: ../../configuration/protocols/rpki.rst:128 msgid "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." msgstr "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." @@ -4092,26 +4501,47 @@ msgstr "Defines alternate sources for multicasting and IGMP data. The network ad msgid "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." msgstr "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." -#: ../../configuration/protocols/static.rst:120 -#: ../../configuration/protocols/static.rst:133 +#: ../../configuration/protocols/static.rst:154 +#: ../../configuration/protocols/static.rst:167 msgid "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:496 +#: ../../configuration/vpn/l2tp.rst:450 +#: ../../configuration/vpn/pptp.rst:374 +#: ../../configuration/vpn/sstp.rst:408 +msgid "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." +msgstr "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." + #: ../../configuration/protocols/static.rst:34 #: ../../configuration/protocols/static.rst:54 -#: ../../configuration/protocols/static.rst:81 -#: ../../configuration/protocols/static.rst:101 +#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:124 msgid "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:515 +#: ../../configuration/vpn/l2tp.rst:469 +#: ../../configuration/vpn/pptp.rst:393 +#: ../../configuration/vpn/sstp.rst:427 +msgid "Defines preferred MRU. By default is not defined." +msgstr "Defines preferred MRU. By default is not defined." + #: ../../configuration/protocols/failover.rst:31 msgid "Defines protocols for checking ARP, ICMP, TCP" msgstr "Defines protocols for checking ARP, ICMP, TCP" -#: ../../configuration/vpn/sstp.rst:178 +#: ../../configuration/vpn/sstp.rst:184 msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." +#: ../../configuration/service/pppoe-server.rst:479 +#: ../../configuration/vpn/l2tp.rst:433 +#: ../../configuration/vpn/pptp.rst:357 +#: ../../configuration/vpn/sstp.rst:391 +msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." +msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." + #: ../../configuration/system/console.rst:21 msgid "Defines the specified device as a system console. Available console devices can be (see completion helper):" msgstr "Defines the specified device as a system console. Available console devices can be (see completion helper):" @@ -4120,15 +4550,15 @@ msgstr "Defines the specified device as a system console. Available console devi msgid "Defining Peers" msgstr "Defining Peers" -#: ../../configuration/service/dhcp-server.rst:579 +#: ../../configuration/service/dhcp-server.rst:585 msgid "Delegate prefixes from the range indicated by the start and stop qualifier." msgstr "Delegate prefixes from the range indicated by the start and stop qualifier." -#: ../../configuration/policy/route-map.rst:231 +#: ../../configuration/policy/route-map.rst:234 msgid "Delete BGP communities matching the community-list." msgstr "Delete BGP communities matching the community-list." -#: ../../configuration/policy/route-map.rst:246 +#: ../../configuration/policy/route-map.rst:249 msgid "Delete BGP communities matching the large-community-list." msgstr "Delete BGP communities matching the large-community-list." @@ -4136,11 +4566,15 @@ msgstr "Delete BGP communities matching the large-community-list." msgid "Delete Logs" msgstr "Delete Logs" -#: ../../configuration/policy/route-map.rst:226 +#: ../../configuration/container/index.rst:211 +msgid "Delete a particular container image based on it's image ID. You can also delete all container images at once." +msgstr "Delete a particular container image based on it's image ID. You can also delete all container images at once." + +#: ../../configuration/policy/route-map.rst:229 msgid "Delete all BGP communities" msgstr "Delete all BGP communities" -#: ../../configuration/policy/route-map.rst:241 +#: ../../configuration/policy/route-map.rst:244 msgid "Delete all BGP large-communities" msgstr "Delete all BGP large-communities" @@ -4205,15 +4639,37 @@ msgstr "Devices evaluating whether an IPv4 address is public must be updated to msgid "Different NAT Types" msgstr "Different NAT Types" -#: ../../configuration/pki/index.rst:100 +#: ../../configuration/pki/index.rst:102 msgid "Diffie-Hellman parameters" msgstr "Diffie-Hellman parameters" +#: ../../configuration/service/ids.rst:93 +msgid "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." +msgstr "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." + +#: ../../configuration/system/option.rst:46 +msgid "Disable CPU power saving mechanisms also known as C states." +msgstr "Disable CPU power saving mechanisms also known as C states." + +#: ../../configuration/service/pppoe-server.rst:457 +#: ../../configuration/vpn/l2tp.rst:411 +#: ../../configuration/vpn/pptp.rst:335 +#: ../../configuration/vpn/sstp.rst:369 +msgid "Disable Compression Control Protocol (CCP). CCP is enabled by default." +msgstr "Disable Compression Control Protocol (CCP). CCP is enabled by default." + #: ../../configuration/protocols/pim6.rst:37 msgid "Disable MLD reports and query on the interface." msgstr "Disable MLD reports and query on the interface." -#: ../../configuration/vpn/sstp.rst:75 +#: ../../configuration/system/login.rst:39 +msgid "Disable (lock) account. User will not be able to log in." +msgstr "Disable (lock) account. User will not be able to log in." + +#: ../../configuration/service/pppoe-server.rst:432 +#: ../../configuration/vpn/l2tp.rst:376 +#: ../../configuration/vpn/pptp.rst:300 +#: ../../configuration/vpn/sstp.rst:334 msgid "Disable `<user>` account." msgstr "Disable `<user>` account." @@ -4221,11 +4677,23 @@ msgstr "Disable `<user>` account." msgid "Disable a BFD peer" msgstr "Disable a BFD peer" -#: ../../configuration/container/index.rst:128 +#: ../../configuration/container/index.rst:133 msgid "Disable a container." msgstr "Disable a container." -#: ../../configuration/firewall/ipv4.rst:930 +#: ../../configuration/container/index.rst:166 +msgid "Disable a given container registry" +msgstr "Disable a given container registry" + +#: ../../configuration/system/option.rst:35 +msgid "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." +msgstr "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." + +#: ../../configuration/service/conntrack-sync.rst:103 +msgid "Disable connection logging via Syslog." +msgstr "Disable connection logging via Syslog." + +#: ../../configuration/firewall/ipv4.rst:953 #: ../../configuration/firewall/ipv6.rst:939 msgid "Disable conntrack loose track option" msgstr "Disable conntrack loose track option" @@ -4242,7 +4710,7 @@ msgstr "Disable dhcpv6-relay service." msgid "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." msgstr "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." -#: ../../configuration/protocols/bgp.rst:616 +#: ../../configuration/protocols/bgp.rst:628 msgid "Disable immediate session reset if peer's connected link goes down." msgstr "Disable immediate session reset if peer's connected link goes down." @@ -4286,11 +4754,11 @@ msgstr "Disabled by default - no kernel module loaded." msgid "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." msgstr "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." -#: ../../configuration/protocols/static.rst:76 +#: ../../configuration/protocols/static.rst:99 msgid "Disables interface-based IPv4 static route." msgstr "Disables interface-based IPv4 static route." -#: ../../configuration/protocols/static.rst:96 +#: ../../configuration/protocols/static.rst:119 msgid "Disables interface-based IPv6 static route." msgstr "Disables interface-based IPv6 static route." @@ -4306,7 +4774,7 @@ msgstr "Disables web filtering without discarding configuration." msgid "Disables web proxy transparent mode at a listening address." msgstr "Disables web proxy transparent mode at a listening address." -#: ../../configuration/service/router-advert.rst:73 +#: ../../configuration/service/router-advert.rst:99 msgid "Disabling Advertisements" msgstr "Disabling Advertisements" @@ -4326,11 +4794,11 @@ msgstr "Disadvantages are:" msgid "Disassociate stations based on excessive transmission failures or other indications of connection loss." msgstr "Disassociate stations based on excessive transmission failures or other indications of connection loss." -#: ../../configuration/vrf/index.rst:142 +#: ../../configuration/vrf/index.rst:161 msgid "Display IPv4 routing table for VRF identified by `<name>`." msgstr "Display IPv4 routing table for VRF identified by `<name>`." -#: ../../configuration/vrf/index.rst:161 +#: ../../configuration/vrf/index.rst:180 msgid "Display IPv6 routing table for VRF identified by `<name>`." msgstr "Display IPv6 routing table for VRF identified by `<name>`." @@ -4338,7 +4806,7 @@ msgstr "Display IPv6 routing table for VRF identified by `<name>`." msgid "Display Logs" msgstr "Display Logs" -#: ../../configuration/system/login.rst:188 +#: ../../configuration/system/login.rst:192 msgid "Display OTP key for user" msgstr "Display OTP key for user" @@ -4346,11 +4814,11 @@ msgstr "Display OTP key for user" msgid "Display all authorization attempts of the specified image" msgstr "Display all authorization attempts of the specified image" -#: ../../configuration/protocols/static.rst:200 +#: ../../configuration/protocols/static.rst:233 msgid "Display all known ARP table entries on a given interface only (`eth1`):" msgstr "Display all known ARP table entries on a given interface only (`eth1`):" -#: ../../configuration/protocols/static.rst:188 +#: ../../configuration/protocols/static.rst:221 msgid "Display all known ARP table entries spanning across all interfaces" msgstr "Display all known ARP table entries spanning across all interfaces" @@ -4382,7 +4850,7 @@ msgstr "Displays information about all neighbors discovered via LLDP." msgid "Displays queue information for a PPPoE interface." msgstr "Displays queue information for a PPPoE interface." -#: ../../configuration/vrf/index.rst:213 +#: ../../configuration/vrf/index.rst:232 msgid "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." msgstr "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." @@ -4390,14 +4858,28 @@ msgstr "Displays the route packets taken to a network host utilizing VRF instanc msgid "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." msgstr "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." +#: ../../configuration/system/ip.rst:55 +#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:85 +msgid "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + +#: ../../configuration/system/ipv6.rst:51 +msgid "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + #: ../../_include/interface-ipv6.txt:37 msgid "Do not assign a link-local IPv6 address to this interface." msgstr "Do not assign a link-local IPv6 address to this interface." -#: ../../configuration/trafficpolicy/index.rst:1208 +#: ../../configuration/trafficpolicy/index.rst:1210 msgid "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." msgstr "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." +#: ../../configuration/protocols/bgp.rst:609 +msgid "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." +msgstr "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." + #: ../../configuration/service/dns.rst:103 msgid "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." msgstr "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." @@ -4426,7 +4908,7 @@ msgstr "Domain name(s) for which to obtain certificate" msgid "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." msgstr "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." -#: ../../configuration/pki/index.rst:259 +#: ../../configuration/pki/index.rst:290 msgid "Domain names to apply, multiple domain-names can be specified." msgstr "Domain names to apply, multiple domain-names can be specified." @@ -4435,19 +4917,19 @@ msgstr "Domain names to apply, multiple domain-names can be specified." msgid "Domain search order" msgstr "Domain search order" -#: ../../configuration/pki/index.rst:25 +#: ../../configuration/pki/index.rst:27 msgid "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" msgstr "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" -#: ../../configuration/protocols/bgp.rst:1172 +#: ../../configuration/protocols/bgp.rst:1194 msgid "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/protocols/bgp.rst:1126 +#: ../../configuration/protocols/bgp.rst:1148 msgid "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/vpn/site2site_ipsec.rst:299 +#: ../../configuration/vpn/site2site_ipsec.rst:302 msgid "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." msgstr "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." @@ -4459,10 +4941,17 @@ msgstr "Download/Update complete blacklist" msgid "Download/Update partial blacklist." msgstr "Download/Update partial blacklist." -#: ../../configuration/vpn/sstp.rst:85 +#: ../../configuration/service/pppoe-server.rst:262 +#: ../../configuration/vpn/l2tp.rst:386 +#: ../../configuration/vpn/pptp.rst:310 +#: ../../configuration/vpn/sstp.rst:344 msgid "Download bandwidth limit in kbit/s for `<user>`." msgstr "Download bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:320 +msgid "Download bandwidth limit in kbit/s for user on interface `<interface>`." +msgstr "Download bandwidth limit in kbit/s for user on interface `<interface>`." + #: ../../configuration/policy/route-map.rst:202 msgid "Drop AS-NUMBER from the BGP AS path." msgstr "Drop AS-NUMBER from the BGP AS path." @@ -4479,7 +4968,7 @@ msgstr "Drop rate" msgid "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" msgstr "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" -#: ../../configuration/service/pppoe-server.rst:367 +#: ../../configuration/service/pppoe-server.rst:625 msgid "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" msgstr "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" @@ -4495,19 +4984,23 @@ msgstr "Dummy interface" msgid "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." msgstr "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." -#: ../../configuration/vrf/index.rst:193 +#: ../../configuration/vrf/index.rst:212 msgid "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." msgstr "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." -#: ../../configuration/pki/index.rst:285 +#: ../../configuration/pki/index.rst:316 msgid "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" msgstr "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" +#: ../../configuration/vpn/ipsec.rst:568 +msgid "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." +msgstr "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." + #: ../../configuration/service/ssh.rst:113 msgid "Dynamic-protection" msgstr "Dynamic-protection" -#: ../../configuration/service/dns.rst:212 +#: ../../configuration/service/dns.rst:199 msgid "Dynamic DNS" msgstr "Dynamic DNS" @@ -4519,11 +5012,11 @@ msgstr "EAPoL comes with an identify option. We automatically use the interface msgid "ESP Phase:" msgstr "ESP Phase:" -#: ../../configuration/vpn/ipsec.rst:111 +#: ../../configuration/vpn/ipsec.rst:113 msgid "ESP (Encapsulating Security Payload) Attributes" msgstr "ESP (Encapsulating Security Payload) Attributes" -#: ../../configuration/vpn/ipsec.rst:112 +#: ../../configuration/vpn/ipsec.rst:115 msgid "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" msgstr "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" @@ -4587,7 +5080,7 @@ msgstr "Eenables the Generic Protocol extension (VXLAN-GPE). Currently, this is msgid "Email address to associate with certificate" msgstr "Email address to associate with certificate" -#: ../../configuration/pki/index.rst:265 +#: ../../configuration/pki/index.rst:296 msgid "Email used for registration and recovery contact." msgstr "Email used for registration and recovery contact." @@ -4599,35 +5092,35 @@ msgstr "Embedding one policy into another one" msgid "Emergency" msgstr "Emergency" -#: ../../configuration/protocols/bfd.rst:89 +#: ../../configuration/protocols/bfd.rst:96 msgid "Enable BFD for ISIS on an interface" msgstr "Enable BFD for ISIS on an interface" -#: ../../configuration/protocols/bfd.rst:77 +#: ../../configuration/protocols/bfd.rst:84 msgid "Enable BFD for OSPF on an interface" msgstr "Enable BFD for OSPF on an interface" -#: ../../configuration/protocols/bfd.rst:81 +#: ../../configuration/protocols/bfd.rst:88 msgid "Enable BFD for OSPFv3 on an interface" msgstr "Enable BFD for OSPFv3 on an interface" -#: ../../configuration/protocols/bfd.rst:61 +#: ../../configuration/protocols/bfd.rst:68 msgid "Enable BFD in BGP" msgstr "Enable BFD in BGP" -#: ../../configuration/protocols/bfd.rst:85 +#: ../../configuration/protocols/bfd.rst:92 msgid "Enable BFD in ISIS" msgstr "Enable BFD in ISIS" -#: ../../configuration/protocols/bfd.rst:73 +#: ../../configuration/protocols/bfd.rst:80 msgid "Enable BFD in OSPF" msgstr "Enable BFD in OSPF" -#: ../../configuration/protocols/bfd.rst:69 +#: ../../configuration/protocols/bfd.rst:76 msgid "Enable BFD on a BGP peer group" msgstr "Enable BFD on a BGP peer group" -#: ../../configuration/protocols/bfd.rst:65 +#: ../../configuration/protocols/bfd.rst:72 msgid "Enable BFD on a single BGP neighbor" msgstr "Enable BFD on a single BGP neighbor" @@ -4651,7 +5144,7 @@ msgstr "Enable IGMP and MLD querier." msgid "Enable IGMP and MLD snooping." msgstr "Enable IGMP and MLD snooping." -#: ../../configuration/service/dhcp-server.rst:271 +#: ../../configuration/service/dhcp-server.rst:277 msgid "Enable IP forwarding on client" msgstr "Enable IP forwarding on client" @@ -4705,7 +5198,7 @@ msgstr "Enable OSPF with Segment Routing (Experimental):" msgid "Enable OSPF with route redistribution of the loopback and default originate:" msgstr "Enable OSPF with route redistribution of the loopback and default originate:" -#: ../../configuration/system/login.rst:103 +#: ../../configuration/system/login.rst:107 msgid "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." @@ -4713,6 +5206,18 @@ msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE msgid "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." msgstr "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." +#: ../../configuration/service/router-advert.rst:82 +msgid "Enable PREF64 option as outlined in :rfc:`8781`." +msgstr "Enable PREF64 option as outlined in :rfc:`8781`." + +#: ../../configuration/service/ipoe-server.rst:386 +#: ../../configuration/service/pppoe-server.rst:575 +#: ../../configuration/vpn/l2tp.rst:510 +#: ../../configuration/vpn/pptp.rst:434 +#: ../../configuration/vpn/sstp.rst:468 +msgid "Enable SNMP" +msgstr "Enable SNMP" + #: ../../configuration/service/lldp.rst:59 msgid "Enable SNMP queries of the LLDP database" msgstr "Enable SNMP queries of the LLDP database" @@ -4833,15 +5338,19 @@ msgstr "Enabled on-demand PPPoE connections bring up the link only when traffic msgid "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." msgstr "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." -#: ../../configuration/vrf/index.rst:461 +#: ../../configuration/vrf/index.rst:480 msgid "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." msgstr "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." -#: ../../configuration/vpn/sstp.rst:277 +#: ../../configuration/service/ipoe-server.rst:220 +#: ../../configuration/service/pppoe-server.rst:182 +#: ../../configuration/vpn/l2tp.rst:225 +#: ../../configuration/vpn/pptp.rst:165 +#: ../../configuration/vpn/sstp.rst:198 msgid "Enables bandwidth shaping via RADIUS." msgstr "Enables bandwidth shaping via RADIUS." -#: ../../configuration/vrf/index.rst:483 +#: ../../configuration/vrf/index.rst:502 msgid "Enables import or export of routes between the current unicast VRF and VPN." msgstr "Enables import or export of routes between the current unicast VRF and VPN." @@ -4853,6 +5362,10 @@ msgstr "Enables the Generic Protocol extension (VXLAN-GPE). Currently, this is o msgid "Enables the echo transmission mode" msgstr "Enables the echo transmission mode" +#: ../../configuration/system/option.rst:27 +msgid "Enables the root partition auto-extension and resizes to the maximum available space on system boot." +msgstr "Enables the root partition auto-extension and resizes to the maximum available space on system boot." + #: ../../configuration/service/router-advert.rst:27 msgid "Enabling Advertisments" msgstr "Enabling Advertisments" @@ -4877,7 +5390,7 @@ msgstr "Enforce strict path checking" msgid "Enslave `<member>` interface to bond `<interface>`." msgstr "Enslave `<member>` interface to bond `<interface>`." -#: ../../configuration/protocols/bgp.rst:764 +#: ../../configuration/protocols/bgp.rst:786 msgid "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." msgstr "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." @@ -4945,11 +5458,11 @@ msgstr "Every NAT rule has a translation command defined. The address defined fo msgid "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" msgstr "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" -#: ../../configuration/system/login.rst:47 +#: ../../configuration/system/login.rst:51 msgid "Every SSH key comes in three parts:" msgstr "Every SSH key comes in three parts:" -#: ../../configuration/system/login.rst:68 +#: ../../configuration/system/login.rst:72 msgid "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" msgstr "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" @@ -4965,12 +5478,16 @@ msgstr "Every Virtual Ethernet interfaces behaves like a real Ethernet interface msgid "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." msgstr "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." +#: ../../configuration/vpn/ipsec.rst:439 +msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." +msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:98 msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." #: ../../configuration/firewall/bridge.rst:321 -#: ../../configuration/highavailability/index.rst:397 +#: ../../configuration/highavailability/index.rst:407 #: ../../configuration/interfaces/bonding.rst:291 #: ../../configuration/interfaces/l2tpv3.rst:86 #: ../../configuration/interfaces/pppoe.rst:323 @@ -4980,23 +5497,24 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/protocols/failover.rst:63 #: ../../configuration/protocols/igmp-proxy.rst:61 #: ../../configuration/protocols/pim.rst:217 -#: ../../configuration/protocols/rpki.rst:156 +#: ../../configuration/protocols/rpki.rst:166 #: ../../configuration/service/broadcast-relay.rst:55 -#: ../../configuration/service/conntrack-sync.rst:186 +#: ../../configuration/service/conntrack-sync.rst:190 #: ../../configuration/service/dhcp-relay.rst:85 #: ../../configuration/service/dhcp-relay.rst:174 -#: ../../configuration/service/dhcp-server.rst:362 -#: ../../configuration/service/dns.rst:160 -#: ../../configuration/service/dns.rst:276 +#: ../../configuration/service/dhcp-server.rst:368 +#: ../../configuration/service/dns.rst:147 +#: ../../configuration/service/dns.rst:260 #: ../../configuration/service/eventhandler.rst:83 -#: ../../configuration/service/ipoe-server.rst:150 +#: ../../configuration/service/ids.rst:82 #: ../../configuration/service/mdns.rst:50 #: ../../configuration/service/monitoring.rst:134 +#: ../../configuration/service/router-advert.rst:108 #: ../../configuration/service/snmp.rst:94 #: ../../configuration/service/snmp.rst:145 #: ../../configuration/service/tftp-server.rst:47 #: ../../configuration/system/acceleration.rst:58 -#: ../../configuration/system/login.rst:397 +#: ../../configuration/system/login.rst:401 #: ../../configuration/system/name-server.rst:28 #: ../../configuration/system/name-server.rst:63 #: ../../configuration/system/sflow.rst:49 @@ -5005,9 +5523,8 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/trafficpolicy/index.rst:1122 #: ../../configuration/vpn/dmvpn.rst:161 #: ../../configuration/vpn/openconnect.rst:97 -#: ../../configuration/vpn/sstp.rst:286 -#: ../../configuration/vrf/index.rst:99 -#: ../../configuration/vrf/index.rst:232 +#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:251 msgid "Example" msgstr "Example" @@ -5028,16 +5545,18 @@ msgstr "Example, from radius-server send command for disconnect client with user #: ../../configuration/nat/nat44.rst:425 #: ../../configuration/nat/nat66.rst:78 #: ../../configuration/nat/nat66.rst:96 -#: ../../configuration/protocols/static.rst:174 -#: ../../configuration/service/dns.rst:363 +#: ../../configuration/protocols/static.rst:67 +#: ../../configuration/protocols/static.rst:135 +#: ../../configuration/protocols/static.rst:207 +#: ../../configuration/service/dns.rst:366 #: ../../configuration/service/monitoring.rst:69 #: ../../configuration/service/monitoring.rst:98 #: ../../configuration/service/ssh.rst:165 #: ../../configuration/service/ssh.rst:200 #: ../../configuration/system/flow-accounting.rst:164 -#: ../../configuration/vpn/l2tp.rst:41 -#: ../../configuration/vpn/site2site_ipsec.rst:162 -#: ../../configuration/vpn/site2site_ipsec.rst:273 +#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:276 #: ../../_include/interface-address-with-dhcp.txt:22 #: ../../_include/interface-address.txt:9 #: ../../_include/interface-description.txt:7 @@ -5121,13 +5640,12 @@ msgstr "Example: Set `eth0` member port to be native VLAN 2" msgid "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." msgstr "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." -#: ../../configuration/container/index.rst:177 +#: ../../configuration/container/index.rst:216 #: ../../configuration/service/https.rst:77 -#: ../../configuration/service/router-advert.rst:80 msgid "Example Configuration" msgstr "Example Configuration" -#: ../../configuration/service/dns.rst:378 +#: ../../configuration/service/dns.rst:384 msgid "Example IPv6 only:" msgstr "Example IPv6 only:" @@ -5135,7 +5653,7 @@ msgstr "Example IPv6 only:" msgid "Example Network" msgstr "Example Network" -#: ../../configuration/firewall/ipv4.rst:1130 +#: ../../configuration/firewall/ipv4.rst:1153 #: ../../configuration/firewall/ipv6.rst:1153 msgid "Example Partial Config" msgstr "Example Partial Config" @@ -5156,7 +5674,7 @@ msgstr "Example for configuring a simple L2TP over IPsec VPN for remote access ( msgid "Example of redirection:" msgstr "Example of redirection:" -#: ../../configuration/firewall/ipv4.rst:925 +#: ../../configuration/firewall/ipv4.rst:948 #: ../../configuration/firewall/ipv6.rst:934 msgid "Example synproxy" msgstr "Example synproxy" @@ -5167,16 +5685,16 @@ msgstr "Example synproxy" #: ../../configuration/interfaces/wireless.rst:541 #: ../../configuration/loadbalancing/reverse-proxy.rst:187 #: ../../configuration/policy/index.rst:46 -#: ../../configuration/protocols/bgp.rst:1096 +#: ../../configuration/protocols/bgp.rst:1118 #: ../../configuration/protocols/isis.rst:336 #: ../../configuration/protocols/ospf.rst:834 -#: ../../configuration/service/pppoe-server.rst:343 +#: ../../configuration/service/pppoe-server.rst:601 #: ../../configuration/service/webproxy.rst:419 msgid "Examples" msgstr "Examples" #: ../../configuration/nat/nat44.rst:154 -#: ../../configuration/vpn/site2site_ipsec.rst:157 +#: ../../configuration/vpn/site2site_ipsec.rst:160 msgid "Examples:" msgstr "Examples:" @@ -5224,6 +5742,10 @@ msgstr "External DHCPv6 server is at 2001:db8::4" msgid "External Route Summarisation" msgstr "External Route Summarisation" +#: ../../configuration/service/ids.rst:101 +msgid "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" +msgstr "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" + #: ../../configuration/trafficpolicy/index.rst:441 msgid "FQ-CoDel" msgstr "FQ-CoDel" @@ -5275,7 +5797,7 @@ msgstr "Facility Code" #: ../../configuration/loadbalancing/wan.rst:218 #: ../../configuration/protocols/failover.rst:3 #: ../../configuration/service/dhcp-server.rst:136 -#: ../../configuration/service/dhcp-server.rst:369 +#: ../../configuration/service/dhcp-server.rst:375 msgid "Failover" msgstr "Failover" @@ -5303,6 +5825,14 @@ msgstr "Fair Queue is a non-shaping (work-conserving) policy, so it will only be msgid "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." msgstr "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." +#: ../../configuration/service/ids.rst:9 +msgid "FastNetMon" +msgstr "FastNetMon" + +#: ../../configuration/service/ids.rst:11 +msgid "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." +msgstr "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." + #: ../../configuration/protocols/rpki.rst:78 msgid "Features of the Current Implementation" msgstr "Features of the Current Implementation" @@ -5311,11 +5841,15 @@ msgstr "Features of the Current Implementation" msgid "Field" msgstr "Field" -#: ../../configuration/service/dns.rst:241 +#: ../../configuration/service/dns.rst:231 +msgid "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." +msgstr "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." + +#: ../../configuration/service/dns.rst:255 msgid "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." msgstr "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." -#: ../../configuration/service/pppoe-server.rst:228 +#: ../../configuration/service/pppoe-server.rst:302 msgid "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" msgstr "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" @@ -5404,7 +5938,7 @@ msgstr "Firewall groups represent collections of IP addresses, networks, ports, msgid "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." msgstr "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." -#: ../../configuration/highavailability/index.rst:381 +#: ../../configuration/highavailability/index.rst:391 msgid "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" msgstr "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" @@ -5428,7 +5962,7 @@ msgstr "Firmware Update" msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." -#: ../../configuration/vpn/ipsec.rst:267 +#: ../../configuration/vpn/ipsec.rst:271 msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." @@ -5544,15 +6078,15 @@ msgstr "For Hashing:" msgid "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." msgstr "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." -#: ../../configuration/policy/route-map.rst:311 +#: ../../configuration/policy/route-map.rst:314 msgid "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." msgstr "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." -#: ../../configuration/service/pppoe-server.rst:188 +#: ../../configuration/service/pppoe-server.rst:257 msgid "For Local Users" msgstr "For Local Users" -#: ../../configuration/service/pppoe-server.rst:223 +#: ../../configuration/service/pppoe-server.rst:297 msgid "For RADIUS users" msgstr "For RADIUS users" @@ -5592,7 +6126,7 @@ msgstr "For a simple home network using just the ISP's equipment, this is usuall msgid "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." msgstr "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." -#: ../../configuration/system/login.rst:132 +#: ../../configuration/system/login.rst:136 msgid "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." msgstr "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." @@ -5618,7 +6152,7 @@ msgstr "For fragmented TCP or UDP packets and all other IPv4 and IPv6 protocol t msgid "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" msgstr "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" -#: ../../configuration/protocols/bgp.rst:823 +#: ../../configuration/protocols/bgp.rst:845 msgid "For inbound updates the order of preference is:" msgstr "For inbound updates the order of preference is:" @@ -5642,7 +6176,11 @@ msgstr "For latest releases, refer the `firewall (interface-groups) <https://doc msgid "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." msgstr "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." -#: ../../configuration/service/pppoe-server.rst:299 +#: ../../configuration/protocols/bfd.rst:61 +msgid "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." +msgstr "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." + +#: ../../configuration/service/pppoe-server.rst:307 msgid "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." msgstr "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." @@ -5650,7 +6188,7 @@ msgstr "For network maintenance, it's a good idea to direct users to a backup se msgid "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." msgstr "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." -#: ../../configuration/protocols/bgp.rst:829 +#: ../../configuration/protocols/bgp.rst:851 msgid "For outbound updates the order of preference is:" msgstr "For outbound updates the order of preference is:" @@ -5695,7 +6233,7 @@ msgstr "For the average user a serial console has no advantage over a console of msgid "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." msgstr "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." -#: ../../configuration/container/index.rst:179 +#: ../../configuration/container/index.rst:218 msgid "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." msgstr "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." @@ -5737,7 +6275,7 @@ msgstr "Formally, a virtual link looks like a point-to-point network connecting msgid "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." msgstr "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." -#: ../../configuration/highavailability/index.rst:362 +#: ../../configuration/highavailability/index.rst:372 msgid "Forward method" msgstr "Forward method" @@ -5765,7 +6303,7 @@ msgstr "From a security perspective, it is not recommended to let a third party msgid "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" msgstr "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" -#: ../../configuration/highavailability/index.rst:380 +#: ../../configuration/highavailability/index.rst:390 msgid "Fwmark" msgstr "Fwmark" @@ -5806,6 +6344,11 @@ msgstr "GRE is often seen as a one size fits all solution when it comes to class msgid "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." msgstr "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." +#: ../../configuration/pki/index.rst:123 +#: ../../configuration/pki/index.rst:128 +msgid "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." +msgstr "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." + #: ../../configuration/protocols/isis.rst:25 #: ../../configuration/protocols/ospf.rst:25 #: ../../configuration/protocols/ospf.rst:1081 @@ -5835,18 +6378,18 @@ msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key." msgid "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." -#: ../../configuration/pki/index.rst:153 -#: ../../configuration/pki/index.rst:157 +#: ../../configuration/pki/index.rst:155 +#: ../../configuration/pki/index.rst:159 msgid "Generate a WireGuard pre-shared secret used for peers to communicate." msgstr "Generate a WireGuard pre-shared secret used for peers to communicate." -#: ../../configuration/pki/index.rst:136 -#: ../../configuration/pki/index.rst:141 +#: ../../configuration/pki/index.rst:138 +#: ../../configuration/pki/index.rst:143 msgid "Generate a new WireGuard public/private key portion and output the result to the console." msgstr "Generate a new WireGuard public/private key portion and output the result to the console." -#: ../../configuration/pki/index.rst:104 -#: ../../configuration/pki/index.rst:111 +#: ../../configuration/pki/index.rst:106 +#: ../../configuration/pki/index.rst:113 msgid "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." msgstr "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." @@ -5898,6 +6441,14 @@ msgstr "Given the following example we have one VyOS router acting as OpenVPN se msgid "Gloabal" msgstr "Gloabal" +#: ../../configuration/service/ipoe-server.rst:352 +#: ../../configuration/service/pppoe-server.rst:518 +#: ../../configuration/vpn/l2tp.rst:472 +#: ../../configuration/vpn/pptp.rst:396 +#: ../../configuration/vpn/sstp.rst:430 +msgid "Global Advanced options" +msgstr "Global Advanced options" + #: ../../configuration/firewall/general.rst:84 msgid "Global Options" msgstr "Global Options" @@ -5956,7 +6507,7 @@ msgstr "HTTP based services" msgid "HTTP basic authentication username" msgstr "HTTP basic authentication username" -#: ../../configuration/system/option.rst:27 +#: ../../configuration/system/option.rst:57 msgid "HTTP client" msgstr "HTTP client" @@ -5968,7 +6519,7 @@ msgstr "HT (High Throughput) capabilities (802.11n)" msgid "Hairpin NAT/NAT Reflection" msgstr "Hairpin NAT/NAT Reflection" -#: ../../configuration/service/dhcp-server.rst:573 +#: ../../configuration/service/dhcp-server.rst:579 msgid "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." msgstr "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." @@ -5980,7 +6531,7 @@ msgstr "Handling and monitoring" msgid "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." msgstr "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." -#: ../../configuration/highavailability/index.rst:372 +#: ../../configuration/highavailability/index.rst:382 msgid "Health-check" msgstr "Health-check" @@ -6024,7 +6575,7 @@ msgstr "Here is a second example of a dual-stack tunnel over IPv6 between a VyOS msgid "Here is an example :abbr:`NET (Network Entity Title)` value:" msgstr "Here is an example :abbr:`NET (Network Entity Title)` value:" -#: ../../configuration/protocols/rpki.rst:167 +#: ../../configuration/protocols/rpki.rst:177 msgid "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." msgstr "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." @@ -6074,7 +6625,7 @@ msgstr "Host Information" msgid "Host name" msgstr "Host name" -#: ../../configuration/service/dhcp-server.rst:630 +#: ../../configuration/service/dhcp-server.rst:638 msgid "Host specific mapping shall be named ``client1``" msgstr "Host specific mapping shall be named ``client1``" @@ -6094,7 +6645,7 @@ msgstr "How to configure Event Handler" msgid "How to make it work" msgstr "How to make it work" -#: ../../configuration/vpn/ipsec.rst:263 +#: ../../configuration/vpn/ipsec.rst:267 msgid "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." msgstr "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." @@ -6158,14 +6709,18 @@ msgstr "IKE (Internet Key Exchange) Attributes" msgid "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" msgstr "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" -#: ../../configuration/vpn/site2site_ipsec.rst:160 +#: ../../configuration/vpn/site2site_ipsec.rst:163 msgid "IKEv1" msgstr "IKEv1" -#: ../../configuration/vpn/site2site_ipsec.rst:271 +#: ../../configuration/vpn/site2site_ipsec.rst:274 msgid "IKEv2" msgstr "IKEv2" +#: ../../configuration/vpn/ipsec.rst:372 +msgid "IKEv2 IPSec road-warriors remote-access VPN" +msgstr "IKEv2 IPSec road-warriors remote-access VPN" + #: ../../configuration/system/ip.rst:3 msgid "IP" msgstr "IP" @@ -6198,11 +6753,11 @@ msgstr "IPSec IKE and ESP Groups;" msgid "IPSec IKEv2 Remote Access VPN" msgstr "IPSec IKEv2 Remote Access VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN" msgstr "IPSec IKEv2 site2site VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" msgstr "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" @@ -6218,7 +6773,7 @@ msgstr "IPSec VPN tunnels." msgid "IP address" msgstr "IP address" -#: ../../configuration/service/dhcp-server.rst:202 +#: ../../configuration/service/dhcp-server.rst:208 msgid "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" @@ -6227,19 +6782,19 @@ msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named msgid "IP address ``192.168.2.1/24``" msgstr "IP address ``192.168.2.1/24``" -#: ../../configuration/service/dhcp-server.rst:286 +#: ../../configuration/service/dhcp-server.rst:292 msgid "IP address for DHCP server identifier" msgstr "IP address for DHCP server identifier" -#: ../../configuration/service/dhcp-server.rst:276 +#: ../../configuration/service/dhcp-server.rst:282 msgid "IP address of NTP server" msgstr "IP address of NTP server" -#: ../../configuration/service/dhcp-server.rst:316 +#: ../../configuration/service/dhcp-server.rst:322 msgid "IP address of POP3 server" msgstr "IP address of POP3 server" -#: ../../configuration/service/dhcp-server.rst:311 +#: ../../configuration/service/dhcp-server.rst:317 msgid "IP address of SMTP server" msgstr "IP address of SMTP server" @@ -6255,7 +6810,7 @@ msgstr "IP address of route to match, based on prefix-list." msgid "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." msgstr "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." -#: ../../configuration/service/dhcp-server.rst:346 +#: ../../configuration/service/dhcp-server.rst:352 msgid "IP address to exclude from DHCP lease range" msgstr "IP address to exclude from DHCP lease range" @@ -6295,7 +6850,7 @@ msgstr "IP next-hop of route to match, based on type." msgid "IP precedence as defined in :rfc:`791`:" msgstr "IP precedence as defined in :rfc:`791`:" -#: ../../configuration/vpn/l2tp.rst:33 +#: ../../configuration/vpn/l2tp.rst:83 msgid "IP protocol number 50 (ESP)" msgstr "IP protocol number 50 (ESP)" @@ -6307,19 +6862,19 @@ msgstr "IP route source of route to match, based on access-list." msgid "IP route source of route to match, based on prefix-list." msgstr "IP route source of route to match, based on prefix-list." -#: ../../configuration/service/ipoe-server.rst:7 +#: ../../configuration/service/ipoe-server.rst:5 msgid "IPoE Server" msgstr "IPoE Server" -#: ../../configuration/service/ipoe-server.rst:30 +#: ../../configuration/service/ipoe-server.rst:29 msgid "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." msgstr "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." -#: ../../configuration/service/ipoe-server.rst:13 +#: ../../configuration/service/ipoe-server.rst:11 msgid "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." msgstr "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." -#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:153 msgid "IPoE server will listen on interfaces eth1.50 and eth1.51" msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" @@ -6327,11 +6882,11 @@ msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" msgid "IPsec" msgstr "IPsec" -#: ../../configuration/vpn/ipsec.rst:172 +#: ../../configuration/vpn/ipsec.rst:176 msgid "IPsec policy matching GRE" msgstr "IPsec policy matching GRE" -#: ../../configuration/service/pppoe-server.rst:346 +#: ../../configuration/service/pppoe-server.rst:604 msgid "IPv4" msgstr "IPv4" @@ -6343,11 +6898,11 @@ msgstr "IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, msgid "IPv4 Firewall Configuration" msgstr "IPv4 Firewall Configuration" -#: ../../configuration/service/dhcp-server.rst:291 +#: ../../configuration/service/dhcp-server.rst:297 msgid "IPv4 address of next bootstrap server" msgstr "IPv4 address of next bootstrap server" -#: ../../configuration/service/dhcp-server.rst:251 +#: ../../configuration/service/dhcp-server.rst:257 msgid "IPv4 address of router on the client's subnet" msgstr "IPv4 address of router on the client's subnet" @@ -6355,7 +6910,7 @@ msgstr "IPv4 address of router on the client's subnet" msgid "IPv4 or IPv6 source address of NetFlow packets" msgstr "IPv4 or IPv6 source address of NetFlow packets" -#: ../../configuration/protocols/bgp.rst:1099 +#: ../../configuration/protocols/bgp.rst:1121 msgid "IPv4 peering" msgstr "IPv4 peering" @@ -6376,8 +6931,12 @@ msgid "IPv4 server" msgstr "IPv4 server" #: ../../configuration/interfaces/pppoe.rst:244 -#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/service/ipoe-server.rst:256 +#: ../../configuration/service/pppoe-server.rst:341 #: ../../configuration/system/ipv6.rst:3 +#: ../../configuration/vpn/l2tp.rst:286 +#: ../../configuration/vpn/pptp.rst:210 +#: ../../configuration/vpn/sstp.rst:244 msgid "IPv6" msgstr "IPv6" @@ -6385,6 +6944,13 @@ msgstr "IPv6" msgid "IPv6 Access List" msgstr "IPv6 Access List" +#: ../../configuration/service/pppoe-server.rst:381 +#: ../../configuration/vpn/l2tp.rst:325 +#: ../../configuration/vpn/pptp.rst:249 +#: ../../configuration/vpn/sstp.rst:283 +msgid "IPv6 Advanced Options" +msgstr "IPv6 Advanced Options" + #: ../../configuration/interfaces/pppoe.rst:379 msgid "IPv6 DHCPv6-PD Example" msgstr "IPv6 DHCPv6-PD Example" @@ -6417,7 +6983,7 @@ msgstr "IPv6 SLAAC and IA-PD" msgid "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" msgstr "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" -#: ../../configuration/service/dhcp-server.rst:628 +#: ../../configuration/service/dhcp-server.rst:636 msgid "IPv6 address ``2001:db8::101`` shall be statically mapped" msgstr "IPv6 address ``2001:db8::101`` shall be statically mapped" @@ -6434,10 +7000,18 @@ msgid "IPv6 address of route to match, based on specified prefix-length. Note th msgstr "IPv6 address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." #: ../../configuration/service/pppoe-server.rst:270 +msgid "IPv6 client's prefix" +msgstr "IPv6 client's prefix" + +#: ../../configuration/service/pppoe-server.rst:270 msgid "IPv6 client's prefix assignment" msgstr "IPv6 client's prefix assignment" -#: ../../configuration/protocols/bgp.rst:1144 +#: ../../configuration/service/pppoe-server.rst:295 +msgid "IPv6 default client's pool assignment" +msgstr "IPv6 default client's pool assignment" + +#: ../../configuration/protocols/bgp.rst:1166 msgid "IPv6 peering" msgstr "IPv6 peering" @@ -6445,7 +7019,7 @@ msgstr "IPv6 peering" msgid "IPv6 prefix." msgstr "IPv6 prefix." -#: ../../configuration/service/dhcp-server.rst:629 +#: ../../configuration/service/dhcp-server.rst:637 msgid "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" msgstr "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" @@ -6457,7 +7031,7 @@ msgstr "IPv6 relay" msgid "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." msgstr "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." -#: ../../configuration/service/dhcp-server.rst:502 +#: ../../configuration/service/dhcp-server.rst:508 msgid "IPv6 server" msgstr "IPv6 server" @@ -6477,7 +7051,7 @@ msgstr "IS-IS Global Configuration" msgid "IS-IS SR Configuration" msgstr "IS-IS SR Configuration" -#: ../../configuration/service/dhcp-server.rst:233 +#: ../../configuration/service/dhcp-server.rst:239 msgid "ISC-DHCP Option name" msgstr "ISC-DHCP Option name" @@ -6493,7 +7067,7 @@ msgstr "If **max-threshold** is set but **min-threshold is not, then **min-thres msgid "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." msgstr "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." -#: ../../configuration/pki/index.rst:249 +#: ../../configuration/pki/index.rst:251 msgid "If CA is present, this certificate will be included in generated CRLs" msgstr "If CA is present, this certificate will be included in generated CRLs" @@ -6517,7 +7091,11 @@ msgstr "If :cfgcmd:`strict` is set the BGP session won’t become established un msgid "If ``alias`` is set, it can be used instead of the device when connecting." msgstr "If ``alias`` is set, it can be used instead of the device when connecting." -#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/policy/route-map.rst:204 +msgid "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." +msgstr "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." + +#: ../../configuration/vpn/l2tp.rst:79 msgid "If a local firewall policy is in place on your external interface you will need to allow the ports below:" msgstr "If a local firewall policy is in place on your external interface you will need to allow the ports below:" @@ -6530,7 +7108,7 @@ msgstr "If a registry is not specified, Docker.io will be used as the container msgid "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." msgstr "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." -#: ../../configuration/protocols/bgp.rst:771 +#: ../../configuration/protocols/bgp.rst:793 msgid "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." msgstr "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." @@ -6660,11 +7238,46 @@ msgstr "If the AS-Path for the route has only private ASNs, the private ASNs are msgid "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." msgstr "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." +#: ../../configuration/service/ipoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:205 +#: ../../configuration/vpn/l2tp.rst:248 +#: ../../configuration/vpn/pptp.rst:188 +#: ../../configuration/vpn/sstp.rst:221 +msgid "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:233 +#: ../../configuration/service/pppoe-server.rst:195 +#: ../../configuration/vpn/l2tp.rst:238 +#: ../../configuration/vpn/pptp.rst:178 +#: ../../configuration/vpn/sstp.rst:211 +msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." +msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." + #: ../../configuration/vpn/l2tp.rst:211 msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." -#: ../../configuration/vpn/l2tp.rst:218 +#: ../../configuration/service/ipoe-server.rst:237 +#: ../../configuration/service/pppoe-server.rst:199 +#: ../../configuration/vpn/l2tp.rst:242 +#: ../../configuration/vpn/pptp.rst:182 +#: ../../configuration/vpn/sstp.rst:215 +msgid "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:240 +#: ../../configuration/service/pppoe-server.rst:202 +#: ../../configuration/vpn/l2tp.rst:245 +#: ../../configuration/vpn/pptp.rst:185 +#: ../../configuration/vpn/sstp.rst:218 +msgid "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." + +#: ../../configuration/service/pppoe-server.rst:219 +#: ../../configuration/vpn/l2tp.rst:262 +#: ../../configuration/vpn/pptp.rst:202 +#: ../../configuration/vpn/sstp.rst:235 msgid "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." msgstr "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." @@ -6688,6 +7301,10 @@ msgstr "If the current queue size is larger than **queue-limit**, then packets w msgid "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" msgstr "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +#: ../../configuration/firewall/index.rst:83 +msgid "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +msgstr "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" + #: ../../configuration/firewall/index.rst:26 msgid "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" msgstr "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" @@ -6705,7 +7322,7 @@ msgstr "If the statically mapped peer is running Cisco IOS, specify the cisco ke msgid "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." msgstr "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." -#: ../../configuration/service/conntrack-sync.rst:126 +#: ../../configuration/service/conntrack-sync.rst:130 msgid "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" msgstr "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" @@ -6713,7 +7330,7 @@ msgstr "If the table is empty and you have a warning message, it means conntrack msgid "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." msgstr "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." -#: ../../configuration/vpn/site2site_ipsec.rst:241 +#: ../../configuration/vpn/site2site_ipsec.rst:244 msgid "If there is SNAT rules on eth1, need to add exclude rule" msgstr "If there is SNAT rules on eth1, need to add exclude rule" @@ -6726,14 +7343,21 @@ msgstr "If this command is invoked from configure mode with the ``run`` prefix t msgid "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." msgstr "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." -#: ../../configuration/protocols/bgp.rst:768 +#: ../../configuration/protocols/bgp.rst:790 msgid "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." msgstr "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." -#: ../../configuration/vpn/sstp.rst:183 +#: ../../configuration/vpn/sstp.rst:189 msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." +#: ../../configuration/service/pppoe-server.rst:484 +#: ../../configuration/vpn/l2tp.rst:438 +#: ../../configuration/vpn/pptp.rst:362 +#: ../../configuration/vpn/sstp.rst:396 +msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." +msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." + #: ../../_include/interface-ip.txt:75 msgid "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." msgstr "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." @@ -6750,11 +7374,11 @@ msgstr "If this parameter is not set, the default holdoff time is 30 seconds." msgid "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." msgstr "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." -#: ../../configuration/system/login.rst:270 +#: ../../configuration/system/login.rst:274 msgid "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." -#: ../../configuration/system/login.rst:339 +#: ../../configuration/system/login.rst:343 msgid "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." @@ -6786,10 +7410,17 @@ msgstr "If you are responsible for the global addresses assigned to your network msgid "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." msgstr "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." -#: ../../configuration/vpn/l2tp.rst:165 +#: ../../configuration/service/ipoe-server.rst:146 +#: ../../configuration/service/pppoe-server.rst:108 +#: ../../configuration/vpn/l2tp.rst:151 msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +#: ../../configuration/vpn/pptp.rst:91 +#: ../../configuration/vpn/sstp.rst:124 +msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." + #: ../../configuration/interfaces/openvpn.rst:306 msgid "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." msgstr "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." @@ -6813,6 +7444,10 @@ msgstr "If you enable this, you will probably want to set diversity-factor and c msgid "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." msgstr "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." +#: ../../configuration/vpn/ipsec.rst:483 +msgid "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." +msgstr "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." + #: ../../configuration/interfaces/bonding.rst:312 msgid "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." msgstr "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." @@ -6849,10 +7484,26 @@ msgstr "If you only want to check if the user account is enabled and can authent msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." +#: ../../configuration/service/ipoe-server.rst:215 +#: ../../configuration/service/pppoe-server.rst:177 +#: ../../configuration/vpn/l2tp.rst:220 +#: ../../configuration/vpn/pptp.rst:160 +#: ../../configuration/vpn/sstp.rst:193 +msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." +msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." + #: ../../configuration/system/console.rst:41 msgid "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." msgstr "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." +#: ../../configuration/vpn/sstp.rst:482 +msgid "If you use a self-signed certificate, do not forget to install CA on the client side." +msgstr "If you use a self-signed certificate, do not forget to install CA on the client side." + +#: ../../configuration/vpn/ipsec.rst:538 +msgid "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." +msgstr "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." + #: ../../configuration/system/flow-accounting.rst:140 msgid "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." msgstr "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." @@ -6861,7 +7512,7 @@ msgstr "If you want to change the maximum number of flows, which are tracking si msgid "If you want to disable a rule but let it in the configuration." msgstr "If you want to disable a rule but let it in the configuration." -#: ../../configuration/system/login.rst:294 +#: ../../configuration/system/login.rst:298 msgid "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." msgstr "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." @@ -6873,7 +7524,7 @@ msgstr "If you want to use existing blacklists you have to create/download a dat msgid "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." msgstr "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." -#: ../../configuration/protocols/bgp.rst:760 +#: ../../configuration/protocols/bgp.rst:782 msgid "Ignore AS_PATH length when selecting a route" msgstr "Ignore AS_PATH length when selecting a route" @@ -6885,7 +7536,7 @@ msgstr "Ignore VRRP main interface faults" msgid "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" msgstr "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" -#: ../../configuration/vpn/site2site_ipsec.rst:279 +#: ../../configuration/vpn/site2site_ipsec.rst:282 msgid "Imagine the following topology" msgstr "Imagine the following topology" @@ -6893,11 +7544,35 @@ msgstr "Imagine the following topology" msgid "Immediate" msgstr "Immediate" +#: ../../configuration/pki/index.rst:254 +msgid "Import files to PKI format" +msgstr "Import files to PKI format" + +#: ../../configuration/pki/index.rst:265 +msgid "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." +msgstr "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." + +#: ../../configuration/pki/index.rst:280 +msgid "Import the OpenVPN shared secret stored in file to the VyOS CLI." +msgstr "Import the OpenVPN shared secret stored in file to the VyOS CLI." + +#: ../../configuration/pki/index.rst:271 +msgid "Import the certificate from the file to VyOS CLI." +msgstr "Import the certificate from the file to VyOS CLI." + +#: ../../configuration/pki/index.rst:275 +msgid "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." +msgstr "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." + +#: ../../configuration/pki/index.rst:261 +msgid "Import the public CA certificate from the defined file to VyOS CLI." +msgstr "Import the public CA certificate from the defined file to VyOS CLI." + #: ../../configuration/protocols/rpki.rst:46 msgid "Imported prefixes during the validation may have values:" msgstr "Imported prefixes during the validation may have values:" -#: ../../configuration/protocols/static.rst:158 +#: ../../configuration/protocols/static.rst:191 msgid "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." @@ -6905,7 +7580,7 @@ msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP msgid "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." msgstr "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." -#: ../../configuration/vpn/ipsec.rst:117 +#: ../../configuration/vpn/ipsec.rst:120 msgid "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." msgstr "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." @@ -6945,7 +7620,7 @@ msgstr "In a nutshell, the current implementation provides the following feature msgid "In addition, you can specify many other parameters to get BGP information:" msgstr "In addition, you can specify many other parameters to get BGP information:" -#: ../../configuration/system/login.rst:301 +#: ../../configuration/system/login.rst:305 msgid "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." @@ -6953,12 +7628,16 @@ msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service msgid "In addition to displaying flow accounting information locally, one can also exported them to a collection server." msgstr "In addition to displaying flow accounting information locally, one can also exported them to a collection server." -#: ../../configuration/pki/index.rst:144 -#: ../../configuration/pki/index.rst:159 +#: ../../configuration/pki/index.rst:146 +#: ../../configuration/pki/index.rst:161 #: ../../configuration/pki/pki_cli_import_help.txt:1 msgid "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." msgstr "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." +#: ../../configuration/interfaces/pppoe.rst:388 +msgid "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." +msgstr "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." + #: ../../configuration/service/broadcast-relay.rst:48 msgid "In addition you can also disable the whole service without the need to remove it from the current configuration." msgstr "In addition you can also disable the whole service without the need to remove it from the current configuration." @@ -7003,7 +7682,7 @@ msgstr "In firewall bridge rules, the action can be:" msgid "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." msgstr "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." -#: ../../configuration/system/login.rst:236 +#: ../../configuration/system/login.rst:240 msgid "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." msgstr "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." @@ -7023,7 +7702,7 @@ msgstr "In order for the system to use and complete unqualified host names, a li msgid "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." msgstr "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." -#: ../../configuration/protocols/bgp.rst:820 +#: ../../configuration/protocols/bgp.rst:842 msgid "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." msgstr "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." @@ -7039,7 +7718,7 @@ msgstr "In order to have VyOS Traffic Control working you need to follow 2 steps msgid "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." msgstr "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." -#: ../../configuration/service/dhcp-server.rst:623 +#: ../../configuration/service/dhcp-server.rst:631 msgid "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." msgstr "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." @@ -7079,6 +7758,10 @@ msgstr "In our example, we used the key name ``openvpn-1`` which we will referen msgid "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" msgstr "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" +#: ../../configuration/vpn/ipsec.rst:411 +msgid "In our example the certificate name is called vyos:" +msgstr "In our example the certificate name is called vyos:" + #: ../../configuration/trafficpolicy/index.rst:906 msgid "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." msgstr "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." @@ -7123,7 +7806,11 @@ msgstr "In the case you want to apply some kind of **shaping** to your **inbound msgid "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." msgstr "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." -#: ../../configuration/service/pppoe-server.rst:259 +#: ../../configuration/vpn/ipsec.rst:564 +msgid "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." +msgstr "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." + +#: ../../configuration/service/pppoe-server.rst:333 msgid "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." msgstr "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." @@ -7131,7 +7818,7 @@ msgstr "In the example above, the first 499 sessions connect without delay. PADO msgid "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" msgstr "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" -#: ../../configuration/system/login.rst:399 +#: ../../configuration/system/login.rst:403 msgid "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." msgstr "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." @@ -7151,7 +7838,7 @@ msgstr "In the following example we can see a basic multicast setup:" msgid "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." msgstr "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." -#: ../../configuration/highavailability/index.rst:400 +#: ../../configuration/highavailability/index.rst:410 msgid "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" msgstr "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" @@ -7175,7 +7862,7 @@ msgstr "In this example, we use **masquerade** as the translation address instea msgid "In this example, we will be using the example Quick Start configuration above as a starting point." msgstr "In this example, we will be using the example Quick Start configuration above as a starting point." -#: ../../configuration/highavailability/index.rst:430 +#: ../../configuration/highavailability/index.rst:440 msgid "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." msgstr "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." @@ -7191,7 +7878,7 @@ msgstr "In this example we will use the most complicated case: a setup where eac msgid "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." msgstr "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." -#: ../../configuration/service/dns.rst:165 +#: ../../configuration/service/dns.rst:152 msgid "In this scenario:" msgstr "In this scenario:" @@ -7319,6 +8006,10 @@ msgstr "Intel® QAT" msgid "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" msgstr "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" +#: ../../configuration/service/ids.rst:96 +msgid "Interface **eth0** used to connect to upstream." +msgstr "Interface **eth0** used to connect to upstream." + #: ../../configuration/protocols/isis.rst:146 #: ../../configuration/protocols/ospf.rst:356 #: ../../configuration/protocols/ospf.rst:1139 @@ -7329,7 +8020,7 @@ msgstr "Interface Configuration" msgid "Interface Groups" msgstr "Interface Groups" -#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:87 msgid "Interface Routes" msgstr "Interface Routes" @@ -7367,7 +8058,7 @@ msgid "Interface weight" msgstr "Interface weight" #: ../../configuration/interfaces/index.rst:3 -#: ../../configuration/vrf/index.rst:71 +#: ../../configuration/vrf/index.rst:90 msgid "Interfaces" msgstr "Interfaces" @@ -7388,10 +8079,18 @@ msgstr "Interfaces that participate in the DHCP relay process. If this command i msgid "Interfaces whose DHCP client nameservers to forward requests to." msgstr "Interfaces whose DHCP client nameservers to forward requests to." +#: ../../configuration/service/ids.rst:105 +msgid "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." +msgstr "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." + #: ../../configuration/system/flow-accounting.rst:70 msgid "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" msgstr "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" +#: ../../configuration/vpn/ipsec.rst:374 +msgid "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." +msgstr "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:6 msgid "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." msgstr "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." @@ -7412,7 +8111,7 @@ msgstr "Interval in milliseconds" msgid "Interval in minutes between updates (default: 60)" msgstr "Interval in minutes between updates (default: 60)" -#: ../../configuration/protocols/bgp.rst:906 +#: ../../configuration/protocols/bgp.rst:928 msgid "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." msgstr "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." @@ -7432,11 +8131,11 @@ msgstr "It's slower than IPsec due to higher protocol overhead and the fact it r msgid "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" msgstr "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" -#: ../../configuration/system/option.rst:111 +#: ../../configuration/system/option.rst:141 msgid "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." msgstr "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." -#: ../../configuration/system/option.rst:102 +#: ../../configuration/system/option.rst:132 msgid "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." msgstr "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." @@ -7457,11 +8156,11 @@ msgstr "It helps to think of the syntax as: (see below). The 'rule-set' should b msgid "It is compatible with Cisco (R) AnyConnect (R) clients." msgstr "It is compatible with Cisco (R) AnyConnect (R) clients." -#: ../../configuration/service/dhcp-server.rst:590 +#: ../../configuration/service/dhcp-server.rst:596 msgid "It is connected to ``eth1``" msgstr "It is connected to ``eth1``" -#: ../../configuration/system/login.rst:42 +#: ../../configuration/system/login.rst:46 msgid "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." msgstr "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." @@ -7477,11 +8176,11 @@ msgstr "It is important to note that when creating firewall rules, the DNAT tran msgid "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." msgstr "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." -#: ../../configuration/vrf/index.rst:505 +#: ../../configuration/vrf/index.rst:524 msgid "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." -#: ../../configuration/vrf/index.rst:113 +#: ../../configuration/vrf/index.rst:132 msgid "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." @@ -7489,14 +8188,19 @@ msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained msgid "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" msgstr "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" -#: ../../configuration/system/login.rst:93 +#: ../../configuration/system/login.rst:97 msgid "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." msgstr "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." -#: ../../configuration/vrf/index.rst:496 +#: ../../configuration/vrf/index.rst:515 msgid "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." msgstr "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." +#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:132 +msgid "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." +msgstr "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." + #: ../../configuration/service/conntrack-sync.rst:30 msgid "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" msgstr "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" @@ -7517,7 +8221,7 @@ msgstr "It uses a stochastic model to classify incoming packets into different f msgid "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." msgstr "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." -#: ../../configuration/vrf/index.rst:220 +#: ../../configuration/vrf/index.rst:239 msgid "Join a given VRF. This will open a new subshell within the specified VRF." msgstr "Join a given VRF. This will open a new subshell within the specified VRF." @@ -7529,15 +8233,19 @@ msgstr "Jump to a different rule in this route-map on a match." msgid "Juniper EX Switch" msgstr "Juniper EX Switch" +#: ../../configuration/system/option.rst:31 +msgid "Kernel" +msgstr "Kernel" + #: ../../configuration/system/syslog.rst:112 msgid "Kernel messages" msgstr "Kernel messages" -#: ../../configuration/system/login.rst:40 +#: ../../configuration/system/login.rst:44 msgid "Key Based Authentication" msgstr "Key Based Authentication" -#: ../../configuration/pki/index.rst:30 +#: ../../configuration/pki/index.rst:32 msgid "Key Generation" msgstr "Key Generation" @@ -7545,7 +8253,7 @@ msgstr "Key Generation" msgid "Key Management" msgstr "Key Management" -#: ../../configuration/vpn/site2site_ipsec.rst:383 +#: ../../configuration/vpn/site2site_ipsec.rst:386 msgid "Key Parameters:" msgstr "Key Parameters:" @@ -7557,11 +8265,15 @@ msgstr "Key Points:" msgid "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." msgstr "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." -#: ../../configuration/pki/index.rst:167 +#: ../../configuration/vpn/ipsec.rst:381 +msgid "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." +msgstr "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." + +#: ../../configuration/pki/index.rst:169 msgid "Key usage (CLI)" msgstr "Key usage (CLI)" -#: ../../configuration/system/option.rst:58 +#: ../../configuration/system/option.rst:88 msgid "Keyboard Layout" msgstr "Keyboard Layout" @@ -7574,7 +8286,7 @@ msgstr "Keypairs" msgid "Keyword" msgstr "Keyword" -#: ../../configuration/vpn/l2tp.rst:4 +#: ../../configuration/vpn/l2tp.rst:5 msgid "L2TP" msgstr "L2TP" @@ -7606,7 +8318,7 @@ msgstr "L2TPv3 is described in :rfc:`3931`." msgid "L2TPv3 options" msgstr "L2TPv3 options" -#: ../../configuration/vrf/index.rst:399 +#: ../../configuration/vrf/index.rst:418 msgid "L3VPN VRFs" msgstr "L3VPN VRFs" @@ -7635,7 +8347,7 @@ msgstr "LLDP performs functions similar to several proprietary protocols, such a msgid "LNS (L2TP Network Server)" msgstr "LNS (L2TP Network Server)" -#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/l2tp.rst:272 msgid "LNS are often used to connect to a LAC (L2TP Access Concentrator)." msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)." @@ -7647,11 +8359,11 @@ msgstr "Label Distribution Protocol" msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." -#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:599 msgid "Lease time will be left at the default value which is 24 hours" msgstr "Lease time will be left at the default value which is 24 hours" -#: ../../configuration/service/dhcp-server.rst:336 +#: ../../configuration/service/dhcp-server.rst:342 msgid "Lease timeout in seconds (default: 86400)" msgstr "Lease timeout in seconds (default: 86400)" @@ -7699,15 +8411,19 @@ msgstr "Lifetime in days; default is 365" msgid "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" msgstr "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" +#: ../../configuration/vpn/ipsec.rst:535 +msgid "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." +msgstr "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." + #: ../../configuration/loadbalancing/reverse-proxy.rst:162 msgid "Limit allowed cipher algorithms used during SSL/TLS handshake" msgstr "Limit allowed cipher algorithms used during SSL/TLS handshake" -#: ../../configuration/system/login.rst:112 +#: ../../configuration/system/login.rst:116 msgid "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." msgstr "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." -#: ../../configuration/system/login.rst:118 +#: ../../configuration/system/login.rst:122 msgid "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." msgstr "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." @@ -7723,7 +8439,7 @@ msgstr "Limiter" msgid "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." msgstr "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." -#: ../../configuration/system/login.rst:381 +#: ../../configuration/system/login.rst:385 msgid "Limits" msgstr "Limits" @@ -7767,7 +8483,7 @@ msgstr "List of supported algorithms: ``diffie-hellman-group1-sha1``, ``diffie-h msgid "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" msgstr "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" -#: ../../configuration/policy/route-map.rst:362 +#: ../../configuration/policy/route-map.rst:365 msgid "List of well-known communities" msgstr "List of well-known communities" @@ -7775,7 +8491,7 @@ msgstr "List of well-known communities" msgid "Listen for DHCP requests on interface ``eth1``." msgstr "Listen for DHCP requests on interface ``eth1``." -#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:137 msgid "Lists VRFs that have been created" msgstr "Lists VRFs that have been created" @@ -7787,7 +8503,7 @@ msgstr "Load-balancing" msgid "Load-balancing algorithms to be used for distributind requests among the vailable servers" msgstr "Load-balancing algorithms to be used for distributind requests among the vailable servers" -#: ../../configuration/highavailability/index.rst:347 +#: ../../configuration/highavailability/index.rst:357 msgid "Load-balancing schedule algorithm:" msgstr "Load-balancing schedule algorithm:" @@ -7795,11 +8511,11 @@ msgstr "Load-balancing schedule algorithm:" msgid "Load Balance" msgstr "Load Balance" -#: ../../configuration/service/pppoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:317 msgid "Load Balancing" msgstr "Load Balancing" -#: ../../configuration/system/login.rst:422 +#: ../../configuration/system/login.rst:426 msgid "Load the container image in op-mode." msgstr "Load the container image in op-mode." @@ -7848,11 +8564,11 @@ msgstr "Local User Account" msgid "Local path that includes the known hosts file." msgstr "Local path that includes the known hosts file." -#: ../../configuration/protocols/rpki.rst:145 +#: ../../configuration/protocols/rpki.rst:155 msgid "Local path that includes the private key file of the router." msgstr "Local path that includes the private key file of the router." -#: ../../configuration/protocols/rpki.rst:149 +#: ../../configuration/protocols/rpki.rst:159 msgid "Local path that includes the public key file of the router." msgstr "Local path that includes the public key file of the router." @@ -7864,7 +8580,7 @@ msgstr "Local route" msgid "Locally connect to serial port identified by `<device>`." msgstr "Locally connect to serial port identified by `<device>`." -#: ../../configuration/policy/route-map.rst:273 +#: ../../configuration/policy/route-map.rst:276 msgid "Locally significant administrative distance." msgstr "Locally significant administrative distance." @@ -7918,11 +8634,11 @@ msgstr "Logging to a remote host leaves the local logging configuration intact, msgid "Login/User Management" msgstr "Login/User Management" -#: ../../configuration/system/login.rst:363 +#: ../../configuration/system/login.rst:367 msgid "Login Banner" msgstr "Login Banner" -#: ../../configuration/system/login.rst:383 +#: ../../configuration/system/login.rst:387 msgid "Login limits" msgstr "Login limits" @@ -7981,7 +8697,7 @@ msgstr "MACsec options" msgid "MDI power" msgstr "MDI power" -#: ../../configuration/system/login.rst:91 +#: ../../configuration/system/login.rst:95 msgid "MFA/2FA authentication using OTP (one time passwords)" msgstr "MFA/2FA authentication using OTP (one time passwords)" @@ -8024,11 +8740,11 @@ msgstr "Main structure VyOS firewall cli is shown next:" msgid "Main structure is shown next:" msgstr "Main structure is shown next:" -#: ../../configuration/service/pppoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:303 msgid "Maintenance mode" msgstr "Maintenance mode" -#: ../../configuration/service/conntrack-sync.rst:107 +#: ../../configuration/service/conntrack-sync.rst:111 msgid "Make sure conntrack is enabled by running and show connection tracking table." msgstr "Make sure conntrack is enabled by running and show connection tracking table." @@ -8048,7 +8764,7 @@ msgstr "Mandatory Settings" msgid "Manual Neighbor Configuration" msgstr "Manual Neighbor Configuration" -#: ../../configuration/pki/index.rst:336 +#: ../../configuration/pki/index.rst:367 msgid "Manually trigger certificate renewal. This will be done twice a day." msgstr "Manually trigger certificate renewal. This will be done twice a day." @@ -8056,15 +8772,19 @@ msgstr "Manually trigger certificate renewal. This will be done twice a day." msgid "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." msgstr "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." -#: ../../configuration/vpn/sstp.rst:223 +#: ../../configuration/service/ipoe-server.rst:166 +#: ../../configuration/service/pppoe-server.rst:128 +#: ../../configuration/vpn/l2tp.rst:171 +#: ../../configuration/vpn/pptp.rst:111 +#: ../../configuration/vpn/sstp.rst:144 msgid "Mark RADIUS server as offline for this given `<time>` in seconds." msgstr "Mark RADIUS server as offline for this given `<time>` in seconds." -#: ../../configuration/pki/index.rst:206 +#: ../../configuration/pki/index.rst:208 msgid "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." -#: ../../configuration/pki/index.rst:244 +#: ../../configuration/pki/index.rst:246 msgid "Mark the private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the private key as password protected. User is asked for the password when the key is referenced." @@ -8076,7 +8796,7 @@ msgstr "Match BGP large communities." msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." -#: ../../configuration/firewall/ipv4.rst:440 +#: ../../configuration/firewall/ipv4.rst:463 #: ../../configuration/firewall/ipv6.rst:447 msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." @@ -8089,17 +8809,21 @@ msgstr "Match RPKI validation result." msgid "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." -#: ../../configuration/firewall/ipv4.rst:773 +#: ../../configuration/firewall/ipv4.rst:796 #: ../../configuration/firewall/ipv6.rst:783 msgid "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:831 +#: ../../configuration/firewall/ipv4.rst:854 #: ../../configuration/firewall/ipv6.rst:840 msgid "Match against the state of a packet." msgstr "Match against the state of a packet." -#: ../../configuration/firewall/ipv4.rst:620 +#: ../../configuration/firewall/ipv4.rst:336 +msgid "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." +msgstr "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." + +#: ../../configuration/firewall/ipv4.rst:643 #: ../../configuration/firewall/ipv6.rst:630 msgid "Match based on dscp value." msgstr "Match based on dscp value." @@ -8108,16 +8832,16 @@ msgstr "Match based on dscp value." msgid "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." msgstr "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:631 +#: ../../configuration/firewall/ipv4.rst:654 #: ../../configuration/firewall/ipv6.rst:641 msgid "Match based on fragment criteria." msgstr "Match based on fragment criteria." -#: ../../configuration/firewall/ipv4.rst:642 +#: ../../configuration/firewall/ipv4.rst:665 msgid "Match based on icmp code and type." msgstr "Match based on icmp code and type." -#: ../../configuration/firewall/ipv4.rst:653 +#: ../../configuration/firewall/ipv4.rst:676 msgid "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." msgstr "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." @@ -8147,18 +8871,18 @@ msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:239 -#: ../../configuration/firewall/ipv4.rst:663 +#: ../../configuration/firewall/ipv4.rst:686 #: ../../configuration/firewall/ipv6.rst:673 msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:248 -#: ../../configuration/firewall/ipv4.rst:674 +#: ../../configuration/firewall/ipv4.rst:697 #: ../../configuration/firewall/ipv6.rst:684 msgid "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:707 +#: ../../configuration/firewall/ipv4.rst:730 #: ../../configuration/firewall/ipv6.rst:717 msgid "Match based on ipsec criteria." msgstr "Match based on ipsec criteria." @@ -8168,35 +8892,35 @@ msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:256 -#: ../../configuration/firewall/ipv4.rst:684 +#: ../../configuration/firewall/ipv4.rst:707 #: ../../configuration/firewall/ipv6.rst:694 msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:265 -#: ../../configuration/firewall/ipv4.rst:695 +#: ../../configuration/firewall/ipv4.rst:718 #: ../../configuration/firewall/ipv6.rst:705 msgid "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:750 +#: ../../configuration/firewall/ipv4.rst:773 #: ../../configuration/firewall/ipv6.rst:760 #: ../../configuration/policy/route.rst:176 msgid "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." msgstr "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:762 +#: ../../configuration/firewall/ipv4.rst:785 #: ../../configuration/firewall/ipv6.rst:772 #: ../../configuration/policy/route.rst:184 msgid "Match based on packet type criteria." msgstr "Match based on packet type criteria." -#: ../../configuration/firewall/ipv4.rst:729 +#: ../../configuration/firewall/ipv4.rst:752 #: ../../configuration/firewall/ipv6.rst:739 msgid "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" msgstr "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" -#: ../../configuration/firewall/ipv4.rst:718 +#: ../../configuration/firewall/ipv4.rst:741 #: ../../configuration/firewall/ipv6.rst:728 msgid "Match based on the maximum number of packets to allow in excess of rate." msgstr "Match based on the maximum number of packets to allow in excess of rate." @@ -8209,7 +8933,7 @@ msgstr "Match based on vlan ID. Range is also supported." msgid "Match based on vlan priority(pcp). Range is also supported." msgstr "Match based on vlan priority(pcp). Range is also supported." -#: ../../configuration/firewall/ipv4.rst:801 +#: ../../configuration/firewall/ipv4.rst:824 #: ../../configuration/firewall/ipv6.rst:810 msgid "Match bases on recently seen sources." msgstr "Match bases on recently seen sources." @@ -8224,7 +8948,7 @@ msgstr "Match criteria based on connection mark." msgid "Match criteria based on nat connection status." msgstr "Match criteria based on nat connection status." -#: ../../configuration/firewall/ipv4.rst:345 +#: ../../configuration/firewall/ipv4.rst:368 #: ../../configuration/firewall/ipv6.rst:345 msgid "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." msgstr "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." @@ -8237,6 +8961,14 @@ msgstr "Match criteria based on source and/or destination mac-address." msgid "Match domain name" msgstr "Match domain name" +#: ../../configuration/service/ipoe-server.rst:382 +#: ../../configuration/service/pppoe-server.rst:571 +#: ../../configuration/vpn/l2tp.rst:506 +#: ../../configuration/vpn/pptp.rst:430 +#: ../../configuration/vpn/sstp.rst:464 +msgid "Match firewall mark value" +msgstr "Match firewall mark value" + #: ../../configuration/firewall/ipv6.rst:894 #: ../../configuration/policy/route.rst:234 msgid "Match hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." @@ -8250,12 +8982,12 @@ msgstr "Match local preference." msgid "Match route metric." msgstr "Match route metric." -#: ../../configuration/firewall/ipv4.rst:885 +#: ../../configuration/firewall/ipv4.rst:908 #: ../../configuration/policy/route.rst:229 msgid "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." msgstr "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." -#: ../../configuration/firewall/ipv4.rst:906 +#: ../../configuration/firewall/ipv4.rst:929 #: ../../configuration/firewall/ipv6.rst:915 msgid "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." msgstr "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." @@ -8275,11 +9007,24 @@ msgstr "Matching traffic" msgid "Maximum A-MSDU length 3839 (default) or 7935 octets" msgstr "Maximum A-MSDU length 3839 (default) or 7935 octets" +#: ../../configuration/vpn/l2tp.rst:492 +#: ../../configuration/vpn/pptp.rst:416 +msgid "Maximum Transmission Unit (MTU) (default: **1436**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1436**)" + +#: ../../configuration/service/pppoe-server.rst:538 +msgid "Maximum Transmission Unit (MTU) (default: **1492**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1492**)" + +#: ../../configuration/vpn/sstp.rst:450 +msgid "Maximum Transmission Unit (MTU) (default: **1500**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1500**)" + #: ../../configuration/service/dns.rst:108 msgid "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." msgstr "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." -#: ../../configuration/vpn/sstp.rst:159 +#: ../../configuration/vpn/sstp.rst:165 msgid "Maximum number of IPv4 nameservers" msgstr "Maximum number of IPv4 nameservers" @@ -8287,6 +9032,14 @@ msgstr "Maximum number of IPv4 nameservers" msgid "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." msgstr "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." +#: ../../configuration/service/ipoe-server.rst:372 +#: ../../configuration/service/pppoe-server.rst:542 +#: ../../configuration/vpn/l2tp.rst:496 +#: ../../configuration/vpn/pptp.rst:420 +#: ../../configuration/vpn/sstp.rst:454 +msgid "Maximum number of concurrent session start attempts" +msgstr "Maximum number of concurrent session start attempts" + #: ../../configuration/interfaces/wireless.rst:77 msgid "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." msgstr "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." @@ -8295,7 +9048,11 @@ msgstr "Maximum number of stations allowed in station table. New stations will b msgid "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." msgstr "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." -#: ../../configuration/vpn/sstp.rst:250 +#: ../../configuration/service/ipoe-server.rst:190 +#: ../../configuration/service/pppoe-server.rst:152 +#: ../../configuration/vpn/l2tp.rst:195 +#: ../../configuration/vpn/pptp.rst:135 +#: ../../configuration/vpn/sstp.rst:168 msgid "Maximum number of tries to send Access-Request/Accounting-Request queries" msgstr "Maximum number of tries to send Access-Request/Accounting-Request queries" @@ -8323,6 +9080,10 @@ msgstr "Messages generated internally by syslogd" msgid "Metris version, the default is ``2``" msgstr "Metris version, the default is ``2``" +#: ../../configuration/vpn/ipsec.rst:510 +msgid "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/service/router-advert.rst:1 msgid "Min and max intervals between unsolicited multicast RAs" msgstr "Min and max intervals between unsolicited multicast RAs" @@ -8351,7 +9112,12 @@ msgstr "Modify the time that pim will register suppress a FHR will send register msgid "Monitor, the system passively monitors any kind of wireless traffic" msgstr "Monitor, the system passively monitors any kind of wireless traffic" +#: ../../configuration/service/ipoe-server.rst:390 #: ../../configuration/service/monitoring.rst:2 +#: ../../configuration/service/pppoe-server.rst:583 +#: ../../configuration/vpn/l2tp.rst:518 +#: ../../configuration/vpn/pptp.rst:442 +#: ../../configuration/vpn/sstp.rst:538 msgid "Monitoring" msgstr "Monitoring" @@ -8371,7 +9137,7 @@ msgstr "Most operating systems include native client support for IPsec IKEv2 VPN msgid "Mount a volume into the container" msgstr "Mount a volume into the container" -#: ../../configuration/service/dhcp-server.rst:235 +#: ../../configuration/service/dhcp-server.rst:241 msgid "Multi" msgstr "Multi" @@ -8383,7 +9149,7 @@ msgstr "Multi-client server is the most popular OpenVPN mode on routers. It alwa msgid "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." msgstr "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." -#: ../../configuration/service/dhcp-server.rst:359 +#: ../../configuration/service/dhcp-server.rst:365 msgid "Multi: can be specified multiple times." msgstr "Multi: can be specified multiple times." @@ -8428,7 +9194,7 @@ msgstr "Multicast receivers will talk MLD to their local router, so, besides hav msgid "Multiple DNS servers can be defined." msgstr "Multiple DNS servers can be defined." -#: ../../configuration/protocols/rpki.rst:121 +#: ../../configuration/protocols/rpki.rst:135 msgid "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." msgstr "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." @@ -8460,16 +9226,16 @@ msgstr "Multiple interfaces may be specified." msgid "Multiple networks/client IP addresses can be configured." msgstr "Multiple networks/client IP addresses can be configured." -#: ../../configuration/system/login.rst:248 -#: ../../configuration/system/login.rst:317 +#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:321 msgid "Multiple servers can be specified." msgstr "Multiple servers can be specified." -#: ../../configuration/service/dns.rst:374 +#: ../../configuration/service/dns.rst:380 msgid "Multiple services can be used per interface. Just specify as many services per interface as you like!" msgstr "Multiple services can be used per interface. Just specify as many services per interface as you like!" -#: ../../configuration/firewall/ipv4.rst:494 +#: ../../configuration/firewall/ipv4.rst:517 #: ../../configuration/firewall/ipv6.rst:500 msgid "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" msgstr "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" @@ -8487,22 +9253,22 @@ msgstr "Multiple users can connect to the same serial device but only one is all msgid "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." msgstr "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." -#: ../../configuration/service/dhcp-server.rst:241 #: ../../configuration/service/dhcp-server.rst:247 -#: ../../configuration/service/dhcp-server.rst:252 -#: ../../configuration/service/dhcp-server.rst:272 -#: ../../configuration/service/dhcp-server.rst:287 -#: ../../configuration/service/dhcp-server.rst:292 -#: ../../configuration/service/dhcp-server.rst:297 -#: ../../configuration/service/dhcp-server.rst:302 -#: ../../configuration/service/dhcp-server.rst:307 -#: ../../configuration/service/dhcp-server.rst:327 -#: ../../configuration/service/dhcp-server.rst:332 -#: ../../configuration/service/dhcp-server.rst:337 +#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:293 +#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:308 +#: ../../configuration/service/dhcp-server.rst:313 +#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:338 +#: ../../configuration/service/dhcp-server.rst:343 msgid "N" msgstr "N" -#: ../../configuration/highavailability/index.rst:363 +#: ../../configuration/highavailability/index.rst:373 #: ../../configuration/nat/index.rst:5 msgid "NAT" msgstr "NAT" @@ -8523,6 +9289,10 @@ msgstr "NAT64" msgid "NAT64 client configuration:" msgstr "NAT64 client configuration:" +#: ../../configuration/service/router-advert.rst:84 +msgid "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." +msgstr "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." + #: ../../configuration/nat/nat64.rst:44 msgid "NAT64 server configuration:" msgstr "NAT64 server configuration:" @@ -8587,7 +9357,15 @@ msgstr "NTP supplies a warning of any impending leap second adjustment, but no i msgid "Name Server" msgstr "Name Server" -#: ../../configuration/service/dhcp-server.rst:356 +#: ../../configuration/vpn/sstp.rst:84 +msgid "Name of installed certificate authority certificate." +msgstr "Name of installed certificate authority certificate." + +#: ../../configuration/vpn/sstp.rst:88 +msgid "Name of installed server certificate." +msgstr "Name of installed server certificate." + +#: ../../configuration/service/dhcp-server.rst:362 msgid "Name of static mapping" msgstr "Name of static mapping" @@ -8595,11 +9373,11 @@ msgstr "Name of static mapping" msgid "Name of the single table Only if set group-metrics single-table." msgstr "Name of the single table Only if set group-metrics single-table." -#: ../../configuration/service/dhcp-server.rst:296 +#: ../../configuration/service/dhcp-server.rst:302 msgid "Name or IPv4 address of TFTP server" msgstr "Name or IPv4 address of TFTP server" -#: ../../configuration/service/dhcp-server.rst:281 +#: ../../configuration/service/dhcp-server.rst:287 msgid "NetBIOS over TCP/IP name server" msgstr "NetBIOS over TCP/IP name server" @@ -8677,6 +9455,10 @@ msgstr "Network management station (NMS) - software which runs on the manager" msgid "Network news subsystem" msgstr "Network news subsystem" +#: ../../configuration/service/ids.rst:87 +msgid "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" +msgstr "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" + #: ../../configuration/service/monitoring.rst:47 msgid "Networks allowed to query this server" msgstr "Networks allowed to query this server" @@ -8693,11 +9475,11 @@ msgstr "Next-hop interface for the route" msgid "Next it is necessary to configure 2FA for OpenConnect:" msgstr "Next it is necessary to configure 2FA for OpenConnect:" -#: ../../configuration/policy/route-map.rst:279 +#: ../../configuration/policy/route-map.rst:282 msgid "Nexthop IP address." msgstr "Nexthop IP address." -#: ../../configuration/policy/route-map.rst:298 +#: ../../configuration/policy/route-map.rst:301 msgid "Nexthop IPv6 address." msgstr "Nexthop IPv6 address." @@ -8705,6 +9487,18 @@ msgstr "Nexthop IPv6 address." msgid "Nexthop IPv6 address to match." msgstr "Nexthop IPv6 address to match." +#: ../../configuration/system/ip.rst:47 +#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/vrf/index.rst:71 +msgid "Nexthop Tracking" +msgstr "Nexthop Tracking" + +#: ../../configuration/system/ip.rst:49 +#: ../../configuration/system/ipv6.rst:45 +#: ../../configuration/vrf/index.rst:73 +msgid "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." +msgstr "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." + #: ../../configuration/protocols/rpki.rst:59 msgid "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" msgstr "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" @@ -8713,7 +9507,7 @@ msgstr "No ROA exists which covers that prefix. Unfortunately this is the case f msgid "No VLAN tagging required by your ISP." msgstr "No VLAN tagging required by your ISP." -#: ../../configuration/protocols/bgp.rst:707 +#: ../../configuration/protocols/bgp.rst:729 msgid "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." msgstr "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." @@ -8753,7 +9547,7 @@ msgstr "Note: certificate names don't matter, we use 'openvpn-local' and 'openvp msgid "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." msgstr "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." -#: ../../configuration/vpn/ipsec.rst:294 +#: ../../configuration/vpn/ipsec.rst:298 #: ../../configuration/vpn/rsa-keys.rst:35 msgid "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." @@ -8762,11 +9556,11 @@ msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT publi msgid "Notice" msgstr "Notice" -#: ../../configuration/service/conntrack-sync.rst:194 +#: ../../configuration/service/conntrack-sync.rst:198 msgid "Now configure conntrack-sync service on ``router1`` **and** ``router2``" msgstr "Now configure conntrack-sync service on ``router1`` **and** ``router2``" -#: ../../configuration/vpn/ipsec.rst:297 +#: ../../configuration/vpn/ipsec.rst:301 msgid "Now the noted public keys should be entered on the opposite routers." msgstr "Now the noted public keys should be entered on the opposite routers." @@ -8786,7 +9580,7 @@ msgstr "Now when connecting the user will first be asked for the password and th msgid "Now you are ready to setup IPsec. The key points:" msgstr "Now you are ready to setup IPsec. The key points:" -#: ../../configuration/vpn/ipsec.rst:311 +#: ../../configuration/vpn/ipsec.rst:315 msgid "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." @@ -8794,6 +9588,10 @@ msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of ad msgid "Number of antennas on this card" msgstr "Number of antennas on this card" +#: ../../configuration/service/dns.rst:166 +msgid "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." +msgstr "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." + #: ../../configuration/system/syslog.rst:231 msgid "Number of lines to be displayed, default 10" msgstr "Number of lines to be displayed, default 10" @@ -8822,7 +9620,7 @@ msgstr "OSPFv2 (IPv4)" msgid "OSPFv3 (IPv6)" msgstr "OSPFv3 (IPv6)" -#: ../../configuration/system/login.rst:141 +#: ../../configuration/system/login.rst:145 msgid "OTP-key generation" msgstr "OTP-key generation" @@ -8830,7 +9628,7 @@ msgstr "OTP-key generation" msgid "Offloading" msgstr "Offloading" -#: ../../configuration/service/dhcp-server.rst:245 +#: ../../configuration/service/dhcp-server.rst:251 msgid "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" msgstr "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" @@ -8842,7 +9640,7 @@ msgstr "Often we need to embed one policy into another one. It is possible to do msgid "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." msgstr "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." -#: ../../configuration/service/conntrack-sync.rst:211 +#: ../../configuration/service/conntrack-sync.rst:215 msgid "On active router run:" msgstr "On active router run:" @@ -8858,7 +9656,7 @@ msgstr "On low rates (below 40Mbit) you may want to tune `quantum` down to somet msgid "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." msgstr "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." -#: ../../configuration/service/conntrack-sync.rst:242 +#: ../../configuration/service/conntrack-sync.rst:246 msgid "On standby router run:" msgstr "On standby router run:" @@ -8866,34 +9664,34 @@ msgstr "On standby router run:" msgid "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." msgstr "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." -#: ../../configuration/vpn/ipsec.rst:181 -#: ../../configuration/vpn/ipsec.rst:239 -#: ../../configuration/vpn/ipsec.rst:299 +#: ../../configuration/vpn/ipsec.rst:185 +#: ../../configuration/vpn/ipsec.rst:243 +#: ../../configuration/vpn/ipsec.rst:303 #: ../../configuration/vpn/rsa-keys.rst:40 msgid "On the LEFT:" msgstr "On the LEFT:" -#: ../../configuration/vpn/ipsec.rst:314 +#: ../../configuration/vpn/ipsec.rst:318 #: ../../configuration/vpn/rsa-keys.rst:59 msgid "On the LEFT (static address):" msgstr "On the LEFT (static address):" -#: ../../configuration/vpn/ipsec.rst:221 +#: ../../configuration/vpn/ipsec.rst:225 msgid "On the RIGHT, setup by analogy and swap local and remote addresses." msgstr "On the RIGHT, setup by analogy and swap local and remote addresses." -#: ../../configuration/vpn/ipsec.rst:250 -#: ../../configuration/vpn/ipsec.rst:305 +#: ../../configuration/vpn/ipsec.rst:254 +#: ../../configuration/vpn/ipsec.rst:309 #: ../../configuration/vpn/rsa-keys.rst:46 msgid "On the RIGHT:" msgstr "On the RIGHT:" -#: ../../configuration/vpn/ipsec.rst:339 +#: ../../configuration/vpn/ipsec.rst:343 #: ../../configuration/vpn/rsa-keys.rst:84 msgid "On the RIGHT (dynamic address):" msgstr "On the RIGHT (dynamic address):" -#: ../../configuration/service/conntrack-sync.rst:207 +#: ../../configuration/service/conntrack-sync.rst:211 msgid "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" msgstr "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" @@ -8921,7 +9719,7 @@ msgstr "Once a class has a filter configured, you will also have to define what msgid "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." msgstr "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." -#: ../../configuration/protocols/bgp.rst:702 +#: ../../configuration/protocols/bgp.rst:724 msgid "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." msgstr "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." @@ -8957,6 +9755,10 @@ msgstr "Once the matching rules are set for a class, you can start configuring h msgid "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." msgstr "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." +#: ../../configuration/service/pppoe-server.rst:285 +msgid "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." +msgstr "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." + #: ../../configuration/vpn/openconnect.rst:257 msgid "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." msgstr "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." @@ -8965,11 +9767,11 @@ msgstr "Once you commit the above changes you can create a config file in the /c msgid "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." msgstr "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." -#: ../../configuration/vpn/sstp.rst:307 +#: ../../configuration/vpn/sstp.rst:478 msgid "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." msgstr "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." -#: ../../configuration/protocols/rpki.rst:183 +#: ../../configuration/protocols/rpki.rst:193 msgid "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." msgstr "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." @@ -9001,7 +9803,7 @@ msgstr "Only VRRP is supported. Required option." msgid "Only allow certain IP addresses or prefixes to access the https webserver." msgstr "Only allow certain IP addresses or prefixes to access the https webserver." -#: ../../configuration/firewall/ipv4.rst:459 +#: ../../configuration/firewall/ipv4.rst:482 #: ../../configuration/firewall/ipv6.rst:466 msgid "Only in the source criteria, you can specify a mac-address." msgstr "Only in the source criteria, you can specify a mac-address." @@ -9022,7 +9824,7 @@ msgstr "Only request an address from the PPPoE server but do not install any def msgid "Only request an address from the SSTP server but do not install any default route." msgstr "Only request an address from the SSTP server but do not install any default route." -#: ../../configuration/system/login.rst:51 +#: ../../configuration/system/login.rst:55 msgid "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." @@ -9030,7 +9832,7 @@ msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note t msgid "Only works with a VXLAN device with external flag set." msgstr "Only works with a VXLAN device with external flag set." -#: ../../configuration/highavailability/index.rst:457 +#: ../../configuration/highavailability/index.rst:467 msgid "Op-mode check virtual-server status" msgstr "Op-mode check virtual-server status" @@ -9055,7 +9857,7 @@ msgid "OpenConnect supports a subset of it's configuration options to be applied msgstr "OpenConnect supports a subset of it's configuration options to be applied on a per user/group basis, for configuration purposes we refer to this functionality as \"Identity based config\". The following `OpenConnect Server Manual <https://ocserv.gitlab.io/www/manual.html#:~:text=Configuration%20files%20that% 20will%20be%20applied%20per%20user%20connection%20or%0A%23%20per%20group>`_ outlines the set of configuration options that are allowed. This can be leveraged to apply different sets of configs to different users or groups of users." #: ../../configuration/interfaces/openvpn.rst:7 -#: ../../configuration/pki/index.rst:117 +#: ../../configuration/pki/index.rst:119 msgid "OpenVPN" msgstr "OpenVPN" @@ -9105,23 +9907,23 @@ msgstr "Operating Modes" #: ../../configuration/interfaces/virtual-ethernet.rst:55 #: ../../configuration/interfaces/wireless.rst:416 #: ../../configuration/interfaces/wwan.rst:79 -#: ../../configuration/pki/index.rst:290 +#: ../../configuration/pki/index.rst:321 #: ../../configuration/protocols/igmp-proxy.rst:73 -#: ../../configuration/protocols/static.rst:183 -#: ../../configuration/service/conntrack-sync.rst:103 +#: ../../configuration/protocols/static.rst:216 +#: ../../configuration/service/conntrack-sync.rst:107 #: ../../configuration/service/console-server.rst:76 #: ../../configuration/service/dhcp-relay.rst:124 #: ../../configuration/service/dhcp-relay.rst:201 -#: ../../configuration/service/dns.rst:195 +#: ../../configuration/service/dns.rst:182 #: ../../configuration/service/lldp.rst:71 #: ../../configuration/service/mdns.rst:79 #: ../../configuration/service/ssh.rst:145 #: ../../configuration/service/webproxy.rst:330 #: ../../configuration/system/default-route.rst:25 #: ../../configuration/system/flow-accounting.rst:175 -#: ../../configuration/vrf/index.rst:111 -#: ../../configuration/vrf/index.rst:323 -#: ../../configuration/vrf/index.rst:503 +#: ../../configuration/vrf/index.rst:130 +#: ../../configuration/vrf/index.rst:342 +#: ../../configuration/vrf/index.rst:522 msgid "Operation" msgstr "Operation" @@ -9131,17 +9933,17 @@ msgid "Operation-mode" msgstr "Operation-mode" #: ../../configuration/firewall/bridge.rst:284 -#: ../../configuration/firewall/ipv4.rst:954 +#: ../../configuration/firewall/ipv4.rst:977 #: ../../configuration/firewall/ipv6.rst:962 msgid "Operation-mode Firewall" msgstr "Operation-mode Firewall" -#: ../../configuration/container/index.rst:143 +#: ../../configuration/container/index.rst:179 msgid "Operation Commands" msgstr "Operation Commands" -#: ../../configuration/service/dhcp-server.rst:412 -#: ../../configuration/service/dhcp-server.rst:664 +#: ../../configuration/service/dhcp-server.rst:418 +#: ../../configuration/service/dhcp-server.rst:672 #: ../../configuration/system/acceleration.rst:42 msgid "Operation Mode" msgstr "Operation Mode" @@ -9151,12 +9953,12 @@ msgid "Operation mode of wireless radio." msgstr "Operation mode of wireless radio." #: ../../configuration/interfaces/wireguard.rst:338 -#: ../../configuration/protocols/bfd.rst:94 -#: ../../configuration/protocols/bfd.rst:175 +#: ../../configuration/protocols/bfd.rst:101 +#: ../../configuration/protocols/bfd.rst:182 msgid "Operational Commands" msgstr "Operational Commands" -#: ../../configuration/protocols/bgp.rst:950 +#: ../../configuration/protocols/bgp.rst:972 #: ../../configuration/protocols/mpls.rst:218 #: ../../configuration/protocols/ospf.rst:609 #: ../../configuration/protocols/ospf.rst:1268 @@ -9164,8 +9966,8 @@ msgstr "Operational Commands" msgid "Operational Mode Commands" msgstr "Operational Mode Commands" -#: ../../configuration/system/ip.rst:47 -#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/system/ip.rst:60 +#: ../../configuration/system/ipv6.rst:56 msgid "Operational commands" msgstr "Operational commands" @@ -9177,11 +9979,11 @@ msgstr "Option" msgid "Option 43 for UniFI" msgstr "Option 43 for UniFI" -#: ../../configuration/service/dhcp-server.rst:234 +#: ../../configuration/service/dhcp-server.rst:240 msgid "Option description" msgstr "Option description" -#: ../../configuration/service/dhcp-server.rst:232 +#: ../../configuration/service/dhcp-server.rst:238 msgid "Option number" msgstr "Option number" @@ -9211,7 +10013,7 @@ msgstr "Optional" msgid "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." msgstr "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." -#: ../../configuration/system/login.rst:107 +#: ../../configuration/system/login.rst:111 msgid "Optional/default settings" msgstr "Optional/default settings" @@ -9231,12 +10033,11 @@ msgstr "Optionally set a specific static IPv4 or IPv6 address for the container. #: ../../configuration/interfaces/openvpn.rst:631 #: ../../configuration/service/dhcp-relay.rst:53 #: ../../configuration/service/dhcp-relay.rst:160 -#: ../../configuration/service/dhcp-server.rst:224 -#: ../../configuration/vpn/sstp.rst:230 +#: ../../configuration/service/dhcp-server.rst:230 msgid "Options" msgstr "Options" -#: ../../configuration/vpn/ipsec.rst:159 +#: ../../configuration/vpn/ipsec.rst:162 msgid "Options (Global IPsec settings) Attributes" msgstr "Options (Global IPsec settings) Attributes" @@ -9256,7 +10057,7 @@ msgstr "Or **binary** prefixes." msgid "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." msgstr "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." -#: ../../configuration/service/pppoe-server.rst:238 +#: ../../configuration/service/pppoe-server.rst:312 msgid "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." msgstr "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." @@ -9325,15 +10126,15 @@ msgstr "Overview of defined groups. You see the type, the members, and where the msgid "PBR multiple uplinks" msgstr "PBR multiple uplinks" -#: ../../configuration/vrf/index.rst:244 +#: ../../configuration/vrf/index.rst:263 msgid "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" msgstr "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" -#: ../../configuration/vrf/index.rst:245 +#: ../../configuration/vrf/index.rst:264 msgid "PC2 is in VRF ``blue`` which is the development department" msgstr "PC2 is in VRF ``blue`` which is the development department" -#: ../../configuration/vrf/index.rst:246 +#: ../../configuration/vrf/index.rst:265 msgid "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." msgstr "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." @@ -9369,7 +10170,7 @@ msgstr "PIM – Protocol Independent Multicast" msgid "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." msgstr "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." -#: ../../configuration/pki/index.rst:7 +#: ../../configuration/pki/index.rst:9 msgid "PKI" msgstr "PKI" @@ -9377,7 +10178,14 @@ msgstr "PKI" msgid "PPDU" msgstr "PPDU" -#: ../../configuration/vpn/sstp.rst:174 +#: ../../configuration/service/pppoe-server.rst:453 +#: ../../configuration/vpn/l2tp.rst:407 +#: ../../configuration/vpn/pptp.rst:331 +#: ../../configuration/vpn/sstp.rst:365 +msgid "PPP Advanced Options" +msgstr "PPP Advanced Options" + +#: ../../configuration/vpn/sstp.rst:180 msgid "PPP Settings" msgstr "PPP Settings" @@ -9393,7 +10201,7 @@ msgstr "PPPoE Server" msgid "PPPoE options" msgstr "PPPoE options" -#: ../../configuration/vpn/pptp.rst:4 +#: ../../configuration/vpn/pptp.rst:5 msgid "PPTP-Server" msgstr "PPTP-Server" @@ -9409,11 +10217,11 @@ msgstr "Particularly large networks may wish to run their own RPKI certificate a msgid "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." msgstr "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." -#: ../../configuration/vpn/sstp.rst:166 +#: ../../configuration/vpn/sstp.rst:172 msgid "Path to `<file>` pointing to the certificate authority certificate." msgstr "Path to `<file>` pointing to the certificate authority certificate." -#: ../../configuration/vpn/sstp.rst:170 +#: ../../configuration/vpn/sstp.rst:176 msgid "Path to `<file>` pointing to the servers certificate (public portion)." msgstr "Path to `<file>` pointing to the servers certificate (public portion)." @@ -9457,11 +10265,11 @@ msgstr "Per default VyOSs has minimal syslog logging enabled which is stored and msgid "Per default every packet is sampled (that is, the sampling rate is 1)." msgstr "Per default every packet is sampled (that is, the sampling rate is 1)." -#: ../../configuration/service/pppoe-server.rst:323 +#: ../../configuration/service/pppoe-server.rst:556 msgid "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." msgstr "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." -#: ../../configuration/system/option.rst:78 +#: ../../configuration/system/option.rst:108 msgid "Performance" msgstr "Performance" @@ -9469,11 +10277,11 @@ msgstr "Performance" msgid "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." msgstr "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." -#: ../../configuration/vrf/index.rst:197 +#: ../../configuration/vrf/index.rst:216 msgid "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." msgstr "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." -#: ../../configuration/vrf/index.rst:183 +#: ../../configuration/vrf/index.rst:202 msgid "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." msgstr "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." @@ -9497,7 +10305,7 @@ msgstr "Please, refer to appropiate section for more information about firewall msgid "Please, refer to appropriate section for more information about firewall configuration:" msgstr "Please, refer to appropriate section for more information about firewall configuration:" -#: ../../configuration/service/ipoe-server.rst:23 +#: ../../configuration/service/ipoe-server.rst:21 msgid "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." msgstr "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." @@ -9513,7 +10321,7 @@ msgstr "Please refer to the :ref:`ipsec` documentation for the individual IPSec msgid "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." msgstr "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." -#: ../../configuration/service/dhcp-server.rst:364 +#: ../../configuration/service/dhcp-server.rst:370 msgid "Please see the :ref:`dhcp-dns-quick-start` configuration." msgstr "Please see the :ref:`dhcp-dns-quick-start` configuration." @@ -9571,7 +10379,11 @@ msgstr "Port Groups" msgid "Port Mirror (SPAN)" msgstr "Port Mirror (SPAN)" -#: ../../configuration/vpn/sstp.rst:242 +#: ../../configuration/service/ipoe-server.rst:182 +#: ../../configuration/service/pppoe-server.rst:144 +#: ../../configuration/vpn/l2tp.rst:187 +#: ../../configuration/vpn/pptp.rst:127 +#: ../../configuration/vpn/sstp.rst:160 msgid "Port for Dynamic Authorization Extension server (DM/CoA)" msgstr "Port for Dynamic Authorization Extension server (DM/CoA)" @@ -9656,7 +10468,7 @@ msgstr "Preference associated with the default router" msgid "Prefix Conversion" msgstr "Prefix Conversion" -#: ../../configuration/service/dhcp-server.rst:564 +#: ../../configuration/service/dhcp-server.rst:570 msgid "Prefix Delegation" msgstr "Prefix Delegation" @@ -9696,11 +10508,11 @@ msgstr "Prefix to match against." msgid "Prefixes" msgstr "Prefixes" -#: ../../configuration/policy/route-map.rst:212 +#: ../../configuration/policy/route-map.rst:215 msgid "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." msgstr "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." -#: ../../configuration/policy/route-map.rst:207 +#: ../../configuration/policy/route-map.rst:210 msgid "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." @@ -9708,11 +10520,11 @@ msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's msgid "Principle of SNMP Communication" msgstr "Principle of SNMP Communication" -#: ../../configuration/vrf/index.rst:532 +#: ../../configuration/vrf/index.rst:551 msgid "Print a summary of neighbor connections for the specified AFI/SAFI combination." msgstr "Print a summary of neighbor connections for the specified AFI/SAFI combination." -#: ../../configuration/vrf/index.rst:511 +#: ../../configuration/vrf/index.rst:530 msgid "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." msgstr "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." @@ -9733,6 +10545,10 @@ msgstr "Priority Queue, as other non-shaping policies, is only useful if your ou msgid "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." msgstr "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." +#: ../../configuration/vpn/ipsec.rst:544 +msgid "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." +msgstr "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." + #: ../../configuration/service/monitoring.rst:38 msgid "Prometheus-client" msgstr "Prometheus-client" @@ -9841,7 +10657,7 @@ msgstr "Pseudo Ethernet/MACVLAN options" msgid "Publish a port for the container." msgstr "Publish a port for the container." -#: ../../configuration/container/index.rst:147 +#: ../../configuration/container/index.rst:183 msgid "Pull a new image for container" msgstr "Pull a new image for container" @@ -9875,7 +10691,7 @@ msgstr "R1:" msgid "R1 has 192.0.2.1/24 & 2001:db8::1/64" msgstr "R1 has 192.0.2.1/24 & 2001:db8::1/64" -#: ../../configuration/vrf/index.rst:248 +#: ../../configuration/vrf/index.rst:267 msgid "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" msgstr "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" @@ -9887,12 +10703,11 @@ msgstr "R2:" msgid "R2 has 192.0.2.2/24 & 2001:db8::2/64" msgstr "R2 has 192.0.2.2/24 & 2001:db8::2/64" -#: ../../configuration/system/login.rst:234 -#: ../../configuration/vpn/sstp.rst:207 +#: ../../configuration/system/login.rst:238 msgid "RADIUS" msgstr "RADIUS" -#: ../../configuration/service/ipoe-server.rst:111 +#: ../../configuration/service/ipoe-server.rst:112 msgid "RADIUS Setup" msgstr "RADIUS Setup" @@ -9900,6 +10715,14 @@ msgstr "RADIUS Setup" msgid "RADIUS advanced features" msgstr "RADIUS advanced features" +#: ../../configuration/service/ipoe-server.rst:158 +#: ../../configuration/service/pppoe-server.rst:120 +#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/vpn/pptp.rst:103 +#: ../../configuration/vpn/sstp.rst:136 +msgid "RADIUS advanced options" +msgstr "RADIUS advanced options" + #: ../../configuration/vpn/l2tp.rst:139 msgid "RADIUS authentication" msgstr "RADIUS authentication" @@ -9916,11 +10739,15 @@ msgstr "RADIUS provides the IP addresses in the example above via Framed-IP-Addr msgid "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" msgstr "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" -#: ../../configuration/system/login.rst:266 +#: ../../configuration/system/login.rst:270 msgid "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." msgstr "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." -#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/service/ipoe-server.rst:144 +#: ../../configuration/service/pppoe-server.rst:106 +#: ../../configuration/vpn/l2tp.rst:149 +#: ../../configuration/vpn/pptp.rst:89 +#: ../../configuration/vpn/sstp.rst:122 msgid "RADIUS source address" msgstr "RADIUS source address" @@ -9928,7 +10755,7 @@ msgstr "RADIUS source address" msgid "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." msgstr "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." -#: ../../configuration/service/dhcp-server.rst:256 +#: ../../configuration/service/dhcp-server.rst:262 msgid "RFC 868 time server IPv4 address" msgstr "RFC 868 time server IPv4 address" @@ -9970,8 +10797,8 @@ msgstr "Random-Detect could be useful for heavy traffic. One use of this algorit #: ../../configuration/protocols/static.rst:37 #: ../../configuration/protocols/static.rst:57 -#: ../../configuration/protocols/static.rst:84 -#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:107 +#: ../../configuration/protocols/static.rst:127 msgid "Range is 1 to 255, default is 1." msgstr "Range is 1 to 255, default is 1." @@ -10016,15 +10843,15 @@ msgstr "Re-generated the public/private keyportion which SSH uses to secure conn msgid "Reachable Time" msgstr "Reachable Time" -#: ../../configuration/highavailability/index.rst:388 +#: ../../configuration/highavailability/index.rst:398 msgid "Real server" msgstr "Real server" -#: ../../configuration/highavailability/index.rst:389 +#: ../../configuration/highavailability/index.rst:399 msgid "Real server IP address and port" msgstr "Real server IP address and port" -#: ../../configuration/highavailability/index.rst:404 +#: ../../configuration/highavailability/index.rst:414 msgid "Real server is auto-excluded if port check with this server fail." msgstr "Real server is auto-excluded if port check with this server fail." @@ -10032,7 +10859,11 @@ msgstr "Real server is auto-excluded if port check with this server fail." msgid "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." msgstr "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." -#: ../../configuration/vpn/l2tp.rst:205 +#: ../../configuration/service/ipoe-server.rst:227 +#: ../../configuration/service/pppoe-server.rst:189 +#: ../../configuration/vpn/l2tp.rst:232 +#: ../../configuration/vpn/pptp.rst:172 +#: ../../configuration/vpn/sstp.rst:205 msgid "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." msgstr "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." @@ -10068,7 +10899,7 @@ msgstr "Redistribution Configuration" msgid "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." msgstr "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." -#: ../../configuration/service/dns.rst:278 +#: ../../configuration/service/dns.rst:262 msgid "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" msgstr "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" @@ -10159,7 +10990,10 @@ msgstr "Remote port" msgid "Remote transmission interval will be multiplied by this value" msgstr "Remote transmission interval will be multiplied by this value" -#: ../../configuration/vpn/l2tp.rst:216 +#: ../../configuration/service/pppoe-server.rst:217 +#: ../../configuration/vpn/l2tp.rst:260 +#: ../../configuration/vpn/pptp.rst:200 +#: ../../configuration/vpn/sstp.rst:233 msgid "Renaming clients interfaces by RADIUS" msgstr "Renaming clients interfaces by RADIUS" @@ -10179,7 +11013,10 @@ msgstr "Request only a temporary address and not form an IA_NA (Identity Associa msgid "Requests are forwarded through ``eth2`` as the `upstream interface`" msgstr "Requests are forwarded through ``eth2`` as the `upstream interface`" -#: ../../configuration/vpn/sstp.rst:95 +#: ../../configuration/service/pppoe-server.rst:442 +#: ../../configuration/vpn/l2tp.rst:396 +#: ../../configuration/vpn/pptp.rst:320 +#: ../../configuration/vpn/sstp.rst:354 msgid "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." msgstr "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." @@ -10191,12 +11028,12 @@ msgstr "Requirements" msgid "Requirements:" msgstr "Requirements:" -#: ../../configuration/firewall/ipv4.rst:926 +#: ../../configuration/firewall/ipv4.rst:949 #: ../../configuration/firewall/ipv6.rst:935 msgid "Requirements to enable synproxy:" msgstr "Requirements to enable synproxy:" -#: ../../configuration/protocols/bgp.rst:1064 +#: ../../configuration/protocols/bgp.rst:1086 #: ../../configuration/protocols/mpls.rst:248 msgid "Reset" msgstr "Reset" @@ -10205,11 +11042,11 @@ msgstr "Reset" msgid "Reset OpenVPN" msgstr "Reset OpenVPN" -#: ../../configuration/system/ipv6.rst:150 +#: ../../configuration/system/ipv6.rst:163 msgid "Reset commands" msgstr "Reset commands" -#: ../../configuration/service/dns.rst:199 +#: ../../configuration/service/dns.rst:186 msgid "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." msgstr "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." @@ -10225,7 +11062,7 @@ msgstr "Restart DHCP relay service" msgid "Restart DHCPv6 relay agent immediately." msgstr "Restart DHCPv6 relay agent immediately." -#: ../../configuration/container/index.rst:167 +#: ../../configuration/container/index.rst:203 msgid "Restart a given container" msgstr "Restart a given container" @@ -10233,7 +11070,7 @@ msgstr "Restart a given container" msgid "Restart mDNS repeater service." msgstr "Restart mDNS repeater service." -#: ../../configuration/service/dhcp-server.rst:428 +#: ../../configuration/service/dhcp-server.rst:434 msgid "Restart the DHCP server" msgstr "Restart the DHCP server" @@ -10245,7 +11082,7 @@ msgstr "Restart the IGMP proxy process." msgid "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." msgstr "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." -#: ../../configuration/service/dns.rst:204 +#: ../../configuration/service/dns.rst:191 msgid "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." msgstr "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." @@ -10263,11 +11100,11 @@ msgstr "Results in:" msgid "Retransmit Timer" msgstr "Retransmit Timer" -#: ../../configuration/service/conntrack-sync.rst:140 +#: ../../configuration/service/conntrack-sync.rst:144 msgid "Retrieve current statistics of connection tracking subsystem." msgstr "Retrieve current statistics of connection tracking subsystem." -#: ../../configuration/service/conntrack-sync.rst:173 +#: ../../configuration/service/conntrack-sync.rst:177 msgid "Retrieve current status of connection tracking subsystem." msgstr "Retrieve current status of connection tracking subsystem." @@ -10287,15 +11124,15 @@ msgstr "Round Robin" msgid "Route Aggregation Configuration" msgstr "Route Aggregation Configuration" -#: ../../configuration/protocols/bgp.rst:682 +#: ../../configuration/protocols/bgp.rst:704 msgid "Route Dampening" msgstr "Route Dampening" -#: ../../configuration/protocols/bgp.rst:1189 +#: ../../configuration/protocols/bgp.rst:1211 msgid "Route Filtering" msgstr "Route Filtering" -#: ../../configuration/protocols/bgp.rst:818 +#: ../../configuration/protocols/bgp.rst:840 msgid "Route Filtering Configuration" msgstr "Route Filtering Configuration" @@ -10311,7 +11148,7 @@ msgstr "Route Map Policy" msgid "Route Redistribution" msgstr "Route Redistribution" -#: ../../configuration/protocols/bgp.rst:904 +#: ../../configuration/protocols/bgp.rst:926 msgid "Route Reflector Configuration" msgstr "Route Reflector Configuration" @@ -10319,7 +11156,7 @@ msgstr "Route Reflector Configuration" msgid "Route Selection" msgstr "Route Selection" -#: ../../configuration/protocols/bgp.rst:737 +#: ../../configuration/protocols/bgp.rst:759 msgid "Route Selection Configuration" msgstr "Route Selection Configuration" @@ -10327,11 +11164,11 @@ msgstr "Route Selection Configuration" msgid "Route and Route6 Policy" msgstr "Route and Route6 Policy" -#: ../../configuration/protocols/bgp.rst:690 +#: ../../configuration/protocols/bgp.rst:712 msgid "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." msgstr "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." -#: ../../configuration/protocols/bgp.rst:1191 +#: ../../configuration/protocols/bgp.rst:1213 msgid "Route filter can be applied using a route-map:" msgstr "Route filter can be applied using a route-map:" @@ -10363,7 +11200,7 @@ msgstr "Router Lifetime" msgid "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." msgstr "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." -#: ../../configuration/vrf/index.rst:425 +#: ../../configuration/vrf/index.rst:444 msgid "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" msgstr "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" @@ -10375,7 +11212,7 @@ msgstr "Routes on Node 2:" msgid "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." msgstr "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." -#: ../../configuration/protocols/bgp.rst:662 +#: ../../configuration/protocols/bgp.rst:684 #: ../../configuration/protocols/ospf.rst:92 #: ../../configuration/protocols/rip.rst:64 #: ../../configuration/protocols/static.rst:39 @@ -10391,7 +11228,7 @@ msgstr "Routes with this attribute can only be sent to your neighbor if your loc msgid "Routine" msgstr "Routine" -#: ../../configuration/vrf/index.rst:82 +#: ../../configuration/vrf/index.rst:101 msgid "Routing" msgstr "Routing" @@ -10404,7 +11241,7 @@ msgid "Rule-Sets" msgstr "Rule-Sets" #: ../../configuration/firewall/bridge.rst:287 -#: ../../configuration/firewall/ipv4.rst:957 +#: ../../configuration/firewall/ipv4.rst:980 #: ../../configuration/firewall/ipv6.rst:965 msgid "Rule-set overview" msgstr "Rule-set overview" @@ -10447,7 +11284,7 @@ msgstr "Rules allow to control and route incoming traffic to specific backend ba msgid "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." msgstr "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." -#: ../../configuration/service/dns.rst:391 +#: ../../configuration/service/dns.rst:399 msgid "Running Behind NAT" msgstr "Running Behind NAT" @@ -10511,7 +11348,7 @@ msgstr "SNMPv3 (version 3 of the SNMP protocol) introduced a whole slew of new s msgid "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." msgstr "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." -#: ../../configuration/protocols/rpki.rst:127 +#: ../../configuration/protocols/rpki.rst:141 #: ../../configuration/service/ssh.rst:5 msgid "SSH" msgstr "SSH" @@ -10520,11 +11357,11 @@ msgstr "SSH" msgid "SSH :ref:`ssh_key_based_authentication`" msgstr "SSH :ref:`ssh_key_based_authentication`" -#: ../../configuration/system/login.rst:57 +#: ../../configuration/system/login.rst:61 msgid "SSH :ref:`ssh_operation`" msgstr "SSH :ref:`ssh_operation`" -#: ../../configuration/system/option.rst:44 +#: ../../configuration/system/option.rst:74 msgid "SSH client" msgstr "SSH client" @@ -10532,7 +11369,7 @@ msgstr "SSH client" msgid "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." msgstr "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." -#: ../../configuration/protocols/rpki.rst:137 +#: ../../configuration/protocols/rpki.rst:151 msgid "SSH username to establish an SSH connection to the cache server." msgstr "SSH username to establish an SSH connection to the cache server." @@ -10545,7 +11382,6 @@ msgid "SSID to be used in IEEE 802.11 management frames" msgstr "SSID to be used in IEEE 802.11 management frames" #: ../../configuration/vpn/openconnect.rst:24 -#: ../../configuration/vpn/sstp.rst:162 msgid "SSL Certificates" msgstr "SSL Certificates" @@ -10609,7 +11445,44 @@ msgstr "Scanning is not supported on all wireless drivers and wireless hardware. msgid "Script execution" msgstr "Script execution" +#: ../../configuration/service/ipoe-server.rst:299 +#: ../../configuration/service/pppoe-server.rst:417 +#: ../../configuration/vpn/l2tp.rst:361 +#: ../../configuration/vpn/pptp.rst:285 +#: ../../configuration/vpn/sstp.rst:319 +msgid "Script to run before session interface comes up" +msgstr "Script to run before session interface comes up" + +#: ../../configuration/service/ipoe-server.rst:291 +#: ../../configuration/service/pppoe-server.rst:409 +#: ../../configuration/vpn/l2tp.rst:353 +#: ../../configuration/vpn/pptp.rst:277 +#: ../../configuration/vpn/sstp.rst:311 +msgid "Script to run when session interface changed by RADIUS CoA handling" +msgstr "Script to run when session interface changed by RADIUS CoA handling" + +#: ../../configuration/service/ipoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:413 +#: ../../configuration/vpn/l2tp.rst:357 +#: ../../configuration/vpn/pptp.rst:281 +#: ../../configuration/vpn/sstp.rst:315 +msgid "Script to run when session interface going to terminate" +msgstr "Script to run when session interface going to terminate" + +#: ../../configuration/service/ipoe-server.rst:303 +#: ../../configuration/service/pppoe-server.rst:421 +#: ../../configuration/vpn/l2tp.rst:365 +#: ../../configuration/vpn/pptp.rst:289 +#: ../../configuration/vpn/sstp.rst:323 +msgid "Script to run when session interface is completely configured and started" +msgstr "Script to run when session interface is completely configured and started" + #: ../../configuration/highavailability/index.rst:299 +#: ../../configuration/service/ipoe-server.rst:287 +#: ../../configuration/service/pppoe-server.rst:405 +#: ../../configuration/vpn/l2tp.rst:349 +#: ../../configuration/vpn/pptp.rst:273 +#: ../../configuration/vpn/sstp.rst:307 msgid "Scripting" msgstr "Scripting" @@ -10617,7 +11490,11 @@ msgstr "Scripting" msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." -#: ../../configuration/vpn/sstp.rst:246 +#: ../../configuration/service/ipoe-server.rst:186 +#: ../../configuration/service/pppoe-server.rst:148 +#: ../../configuration/vpn/l2tp.rst:191 +#: ../../configuration/vpn/pptp.rst:131 +#: ../../configuration/vpn/sstp.rst:164 msgid "Secret for Dynamic Authorization Extension server (DM/CoA)" msgstr "Secret for Dynamic Authorization Extension server (DM/CoA)" @@ -10634,7 +11511,7 @@ msgstr "Security/authentication messages" msgid "See :rfc:`7761#section-4.1` for details." msgstr "See :rfc:`7761#section-4.1` for details." -#: ../../configuration/system/ip.rst:52 +#: ../../configuration/system/ip.rst:65 msgid "See below the different parameters available for the IPv4 **show** command:" msgstr "See below the different parameters available for the IPv4 **show** command:" @@ -10670,7 +11547,7 @@ msgstr "Select TLS version used." msgid "Select cipher suite used for cryptographic operations. This setting is mandatory." msgstr "Select cipher suite used for cryptographic operations. This setting is mandatory." -#: ../../configuration/vrf/index.rst:468 +#: ../../configuration/vrf/index.rst:487 msgid "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." msgstr "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." @@ -10694,6 +11571,10 @@ msgstr "Send all DNS queries to the IPv4/IPv6 DNS server specified under `<addre msgid "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." msgstr "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." +#: ../../configuration/vpn/l2tp.rst:276 +msgid "Sent to the client (LAC) in the Host-Name attribute" +msgstr "Sent to the client (LAC) in the Host-Name attribute" + #: ../../configuration/system/console.rst:5 msgid "Serial Console" msgstr "Serial Console" @@ -10703,7 +11584,6 @@ msgid "Serial interfaces can be any interface which is directly connected to the msgstr "Serial interfaces can be any interface which is directly connected to the CPU or chipset (mostly known as a ttyS interface in Linux) or any other USB to serial converter (Prolific PL2303 or FTDI FT232/FT4232 based chips)." #: ../../configuration/interfaces/openvpn.rst:325 -#: ../../configuration/vpn/sstp.rst:210 msgid "Server" msgstr "Server" @@ -10711,7 +11591,7 @@ msgstr "Server" msgid "Server:" msgstr "Server:" -#: ../../configuration/pki/index.rst:210 +#: ../../configuration/pki/index.rst:212 msgid "Server Certificate" msgstr "Server Certificate" @@ -10723,7 +11603,7 @@ msgstr "Server Configuration" msgid "Server Side" msgstr "Server Side" -#: ../../configuration/service/ipoe-server.rst:156 +#: ../../configuration/service/ipoe-server.rst:157 msgid "Server configuration" msgstr "Server configuration" @@ -10748,19 +11628,19 @@ msgstr "Set BFD peer IPv4 address or IPv6 address" msgid "Set BGP community-list to exactly match." msgstr "Set BGP community-list to exactly match." -#: ../../configuration/policy/route-map.rst:318 +#: ../../configuration/policy/route-map.rst:321 msgid "Set BGP local preference attribute." msgstr "Set BGP local preference attribute." -#: ../../configuration/policy/route-map.rst:336 +#: ../../configuration/policy/route-map.rst:339 msgid "Set BGP origin code." msgstr "Set BGP origin code." -#: ../../configuration/policy/route-map.rst:341 +#: ../../configuration/policy/route-map.rst:344 msgid "Set BGP originator ID attribute." msgstr "Set BGP originator ID attribute." -#: ../../configuration/policy/route-map.rst:359 +#: ../../configuration/policy/route-map.rst:362 msgid "Set BGP weight attribute" msgstr "Set BGP weight attribute" @@ -10776,7 +11656,7 @@ msgstr "Set IPSec inbound match criterias, where:" msgid "Set IP fragment match, where:" msgstr "Set IP fragment match, where:" -#: ../../configuration/policy/route-map.rst:331 +#: ../../configuration/policy/route-map.rst:334 msgid "Set OSPF external metric-type." msgstr "Set OSPF external metric-type." @@ -10796,12 +11676,12 @@ msgstr "Set SNAT rule 30 to only NAT packets arriving from the 203.0.113.0/24 ne msgid "Set SSL certeficate <name> for service <name>" msgstr "Set SSL certeficate <name> for service <name>" -#: ../../configuration/firewall/ipv4.rst:918 +#: ../../configuration/firewall/ipv4.rst:941 #: ../../configuration/firewall/ipv6.rst:927 msgid "Set TCP-MSS (maximum segment size) for the connection" msgstr "Set TCP-MSS (maximum segment size) for the connection" -#: ../../configuration/service/dns.rst:280 +#: ../../configuration/service/dns.rst:264 msgid "Set TTL to 300 seconds" msgstr "Set TTL to 300 seconds" @@ -10825,7 +11705,7 @@ msgstr "Set a destination and/or source port. Accepted input:" msgid "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." msgstr "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." -#: ../../configuration/system/login.rst:387 +#: ../../configuration/system/login.rst:391 msgid "Set a limit on the maximum number of concurrent logged-in users on the system." msgstr "Set a limit on the maximum number of concurrent logged-in users on the system." @@ -10864,11 +11744,16 @@ msgstr "Set action to take on entries matching this rule." msgid "Set an API-KEY is the minimal configuration to get a working API Endpoint." msgstr "Set an API-KEY is the minimal configuration to get a working API Endpoint." -#: ../../configuration/vpn/sstp.rst:100 +#: ../../configuration/service/ipoe-server.rst:60 +#: ../../configuration/service/ipoe-server.rst:88 +#: ../../configuration/service/pppoe-server.rst:38 +#: ../../configuration/vpn/l2tp.rst:26 +#: ../../configuration/vpn/pptp.rst:27 +#: ../../configuration/vpn/sstp.rst:53 msgid "Set authentication backend. The configured authentication backend is used for all queries." msgstr "Set authentication backend. The configured authentication backend is used for all queries." -#: ../../configuration/container/index.rst:117 +#: ../../configuration/container/index.rst:122 msgid "Set container capabilities or permissions." msgstr "Set container capabilities or permissions." @@ -10880,6 +11765,19 @@ msgstr "Set delay between gratuitous ARP messages sent on an interface." msgid "Set delay for second set of gratuitous ARPs after transition to MASTER." msgstr "Set delay for second set of gratuitous ARPs after transition to MASTER." +#: ../../configuration/service/ipoe-server.rst:356 +#: ../../configuration/service/pppoe-server.rst:522 +#: ../../configuration/vpn/l2tp.rst:476 +#: ../../configuration/vpn/pptp.rst:400 +#: ../../configuration/vpn/sstp.rst:434 +msgid "Set description." +msgstr "Set description." + +#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:332 +msgid "Set description `<text>` for dynamic DNS service being configured." +msgstr "Set description `<text>` for dynamic DNS service being configured." + #: ../../configuration/policy/as-path-list.rst:21 msgid "Set description for as-path-list policy." msgstr "Set description for as-path-list policy." @@ -10956,7 +11854,7 @@ msgstr "Set eth1 to be the listening interface for the DHCPv6 relay." msgid "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." msgstr "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." -#: ../../configuration/policy/route-map.rst:251 +#: ../../configuration/policy/route-map.rst:254 msgid "Set extcommunity bandwidth" msgstr "Set extcommunity bandwidth" @@ -11025,6 +11923,10 @@ msgstr "Set maximum number of packets to alow in excess of rate." msgid "Set minimum time interval for refreshing gratuitous ARPs while MASTER." msgstr "Set minimum time interval for refreshing gratuitous ARPs while MASTER." +#: ../../configuration/vpn/l2tp.rst:72 +msgid "Set mode for IPsec authentication between VyOS and L2TP clients." +msgstr "Set mode for IPsec authentication between VyOS and L2TP clients." + #: ../../configuration/highavailability/index.rst:285 msgid "Set number of gratuitous ARP messages to send at a time after transition to MASTER." msgstr "Set number of gratuitous ARP messages to send at a time after transition to MASTER." @@ -11055,7 +11957,11 @@ msgstr "Set packet modifications: Packet Differentiated Services Codepoint (DSCP msgid "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." msgstr "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." -#: ../../configuration/policy/route-map.rst:350 +#: ../../configuration/vpn/l2tp.rst:76 +msgid "Set predefined shared secret phrase." +msgstr "Set predefined shared secret phrase." + +#: ../../configuration/policy/route-map.rst:353 msgid "Set prefixes to table." msgstr "Set prefixes to table." @@ -11063,7 +11969,7 @@ msgstr "Set prefixes to table." msgid "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." msgstr "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." -#: ../../configuration/policy/route-map.rst:260 +#: ../../configuration/policy/route-map.rst:263 msgid "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11080,7 +11986,7 @@ msgstr "Set rule action to drop." msgid "Set service to bind on IP address, by default listen on any IPv4 and IPv6" msgstr "Set service to bind on IP address, by default listen on any IPv4 and IPv6" -#: ../../configuration/policy/route-map.rst:265 +#: ../../configuration/policy/route-map.rst:268 msgid "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11096,7 +12002,7 @@ msgstr "Set some metric to routes learned from a particular neighbor." msgid "Set source-address to your local IP (LAN)." msgstr "Set source-address to your local IP (LAN)." -#: ../../configuration/policy/route-map.rst:346 +#: ../../configuration/policy/route-map.rst:349 msgid "Set source IP/IPv6 address for route." msgstr "Set source IP/IPv6 address for route." @@ -11105,7 +12011,7 @@ msgstr "Set source IP/IPv6 address for route." msgid "Set source address or prefix to match." msgstr "Set source address or prefix to match." -#: ../../configuration/policy/route-map.rst:354 +#: ../../configuration/policy/route-map.rst:357 msgid "Set tag value for routing protocol." msgstr "Set tag value for routing protocol." @@ -11113,8 +12019,8 @@ msgstr "Set tag value for routing protocol." msgid "Set the \"recursion desired\" bit in requests to the upstream nameserver." msgstr "Set the \"recursion desired\" bit in requests to the upstream nameserver." -#: ../../configuration/policy/route-map.rst:290 -#: ../../configuration/policy/route-map.rst:303 +#: ../../configuration/policy/route-map.rst:293 +#: ../../configuration/policy/route-map.rst:306 msgid "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." msgstr "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." @@ -11175,6 +12081,10 @@ msgstr "Set the Segment Routing Local Block i.e. the label range used by MPLS to msgid "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." msgstr "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." +#: ../../configuration/container/index.rst:99 +msgid "Set the User ID or Group ID of the container" +msgstr "Set the User ID or Group ID of the container" + #: ../../configuration/protocols/pim.rst:147 msgid "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." msgstr "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." @@ -11259,7 +12169,7 @@ msgstr "Set the name of the x509 client keypair used to authenticate against the msgid "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" msgstr "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" -#: ../../configuration/policy/route-map.rst:284 +#: ../../configuration/policy/route-map.rst:287 msgid "Set the next-hop as unchanged. Pass through the route-map without changing its value" msgstr "Set the next-hop as unchanged. Pass through the route-map without changing its value" @@ -11271,7 +12181,15 @@ msgstr "Set the number of TCP maximum retransmit attempts." msgid "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." msgstr "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." -#: ../../configuration/system/login.rst:84 +#: ../../configuration/protocols/rpki.rst:121 +msgid "Set the number of seconds the router waits until retrying to connect to the cache server." +msgstr "Set the number of seconds the router waits until retrying to connect to the cache server." + +#: ../../configuration/protocols/rpki.rst:114 +msgid "Set the number of seconds the router waits until the router expires the cache." +msgstr "Set the number of seconds the router waits until the router expires the cache." + +#: ../../configuration/system/login.rst:88 msgid "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." msgstr "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." @@ -11291,11 +12209,11 @@ msgstr "Set the peer's key used to receive (RX) traffic" msgid "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." msgstr "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." -#: ../../configuration/container/index.rst:98 +#: ../../configuration/container/index.rst:103 msgid "Set the restart behavior of the container." msgstr "Set the restart behavior of the container." -#: ../../configuration/policy/route-map.rst:323 +#: ../../configuration/policy/route-map.rst:326 msgid "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." msgstr "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." @@ -11328,12 +12246,12 @@ msgstr "Set the timeout in secounds for a protocol or state in a custom rule." msgid "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." msgstr "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." -#: ../../configuration/firewall/ipv4.rst:922 +#: ../../configuration/firewall/ipv4.rst:945 #: ../../configuration/firewall/ipv6.rst:931 msgid "Set the window scale factor for TCP window scaling" msgstr "Set the window scale factor for TCP window scaling" -#: ../../configuration/system/login.rst:124 +#: ../../configuration/system/login.rst:128 msgid "Set window of concurrently valid codes." msgstr "Set window of concurrently valid codes." @@ -11357,7 +12275,7 @@ msgstr "Sets the unique id for this vxlan-interface. Not sure how it correlates msgid "Setting VRRP group priority" msgstr "Setting VRRP group priority" -#: ../../configuration/service/dhcp-server.rst:231 +#: ../../configuration/service/dhcp-server.rst:237 msgid "Setting name" msgstr "Setting name" @@ -11389,7 +12307,12 @@ msgstr "Setting up certificates:" msgid "Setting up tunnel:" msgstr "Setting up tunnel:" -#: ../../configuration/service/dhcp-server.rst:373 +#: ../../configuration/system/option.rst:42 +#: ../../configuration/system/option.rst:53 +msgid "Setting will only become active with the next reboot!" +msgstr "Setting will only become active with the next reboot!" + +#: ../../configuration/service/dhcp-server.rst:379 msgid "Setup DHCP failover for network 192.0.2.0/24" msgstr "Setup DHCP failover for network 192.0.2.0/24" @@ -11397,15 +12320,19 @@ msgstr "Setup DHCP failover for network 192.0.2.0/24" msgid "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." msgstr "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." -#: ../../configuration/system/login.rst:262 +#: ../../configuration/system/login.rst:266 msgid "Setup the `<timeout>` in seconds when querying the RADIUS server." msgstr "Setup the `<timeout>` in seconds when querying the RADIUS server." -#: ../../configuration/system/login.rst:331 +#: ../../configuration/system/login.rst:335 msgid "Setup the `<timeout>` in seconds when querying the TACACS server." msgstr "Setup the `<timeout>` in seconds when querying the TACACS server." -#: ../../configuration/service/dns.rst:327 +#: ../../configuration/service/dns.rst:336 +msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." +msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:341 msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." @@ -11413,11 +12340,11 @@ msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS p msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." -#: ../../configuration/system/option.rst:31 +#: ../../configuration/system/option.rst:61 msgid "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." msgstr "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." -#: ../../configuration/system/option.rst:36 +#: ../../configuration/system/option.rst:66 msgid "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." msgstr "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." @@ -11445,25 +12372,25 @@ msgstr "Short GI capabilities for 20 and 40 MHz" msgid "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." msgstr "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." -#: ../../configuration/vrf/index.rst:488 +#: ../../configuration/vrf/index.rst:507 msgid "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." msgstr "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." -#: ../../configuration/protocols/bgp.rst:953 +#: ../../configuration/protocols/bgp.rst:975 #: ../../configuration/protocols/mpls.rst:225 msgid "Show" msgstr "Show" -#: ../../configuration/service/dhcp-server.rst:416 +#: ../../configuration/service/dhcp-server.rst:422 msgid "Show DHCP server daemon log file" msgstr "Show DHCP server daemon log file" -#: ../../configuration/service/dhcp-server.rst:668 +#: ../../configuration/service/dhcp-server.rst:676 msgid "Show DHCPv6 server daemon log file" msgstr "Show DHCPv6 server daemon log file" #: ../../configuration/firewall/bridge.rst:306 -#: ../../configuration/firewall/ipv4.rst:1115 +#: ../../configuration/firewall/ipv4.rst:1138 #: ../../configuration/firewall/ipv6.rst:1138 msgid "Show Firewall log" msgstr "Show Firewall log" @@ -11528,23 +12455,23 @@ msgstr "Show WWAN module model." msgid "Show WWAN module signal strength." msgstr "Show WWAN module signal strength." -#: ../../configuration/container/index.rst:163 +#: ../../configuration/container/index.rst:199 msgid "Show a list available container networks" msgstr "Show a list available container networks" -#: ../../configuration/pki/index.rst:297 +#: ../../configuration/pki/index.rst:328 msgid "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." msgstr "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." -#: ../../configuration/pki/index.rst:332 +#: ../../configuration/pki/index.rst:363 msgid "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." msgstr "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." -#: ../../configuration/pki/index.rst:315 +#: ../../configuration/pki/index.rst:346 msgid "Show a list of installed certificates" msgstr "Show a list of installed certificates" -#: ../../configuration/protocols/bfd.rst:98 +#: ../../configuration/protocols/bfd.rst:105 msgid "Show all BFD peers" msgstr "Show all BFD peers" @@ -11572,7 +12499,7 @@ msgstr "Show bridge `<name>` mdb displays the current multicast group membership msgid "Show brief interface information." msgstr "Show brief interface information." -#: ../../configuration/system/ipv6.rst:46 +#: ../../configuration/system/ipv6.rst:59 msgid "Show commands" msgstr "Show commands" @@ -11584,11 +12511,11 @@ msgstr "Show configured serial ports and their respective interface configuratio msgid "Show connection data of load balanced traffic:" msgstr "Show connection data of load balanced traffic:" -#: ../../configuration/service/conntrack-sync.rst:132 +#: ../../configuration/service/conntrack-sync.rst:136 msgid "Show connection syncing external cache entries" msgstr "Show connection syncing external cache entries" -#: ../../configuration/service/conntrack-sync.rst:136 +#: ../../configuration/service/conntrack-sync.rst:140 msgid "Show connection syncing internal cache entries" msgstr "Show connection syncing internal cache entries" @@ -11654,44 +12581,44 @@ msgstr "Show list of IPs currently blocked by SSH dynamic-protection." msgid "Show logs for mDNS repeater service." msgstr "Show logs for mDNS repeater service." -#: ../../configuration/container/index.rst:159 +#: ../../configuration/container/index.rst:195 msgid "Show logs from a given container" msgstr "Show logs from a given container" -#: ../../configuration/service/dhcp-server.rst:420 +#: ../../configuration/service/dhcp-server.rst:426 msgid "Show logs from all DHCP client processes." msgstr "Show logs from all DHCP client processes." -#: ../../configuration/service/dhcp-server.rst:672 +#: ../../configuration/service/dhcp-server.rst:680 msgid "Show logs from all DHCPv6 client processes." msgstr "Show logs from all DHCPv6 client processes." -#: ../../configuration/service/dhcp-server.rst:424 +#: ../../configuration/service/dhcp-server.rst:430 msgid "Show logs from specific `interface` DHCP client process." msgstr "Show logs from specific `interface` DHCP client process." -#: ../../configuration/service/dhcp-server.rst:676 +#: ../../configuration/service/dhcp-server.rst:684 msgid "Show logs from specific `interface` DHCPv6 client process." msgstr "Show logs from specific `interface` DHCPv6 client process." -#: ../../configuration/pki/index.rst:311 +#: ../../configuration/pki/index.rst:342 msgid "Show only information for specified Certificate Authority." msgstr "Show only information for specified Certificate Authority." -#: ../../configuration/pki/index.rst:328 +#: ../../configuration/pki/index.rst:359 msgid "Show only information for specified certificate." msgstr "Show only information for specified certificate." -#: ../../configuration/service/dhcp-server.rst:478 -#: ../../configuration/service/dhcp-server.rst:699 +#: ../../configuration/service/dhcp-server.rst:484 +#: ../../configuration/service/dhcp-server.rst:707 msgid "Show only leases in the specified pool." msgstr "Show only leases in the specified pool." -#: ../../configuration/service/dhcp-server.rst:708 +#: ../../configuration/service/dhcp-server.rst:716 msgid "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" msgstr "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" -#: ../../configuration/service/dhcp-server.rst:496 +#: ../../configuration/service/dhcp-server.rst:502 msgid "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" msgstr "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" @@ -11703,23 +12630,23 @@ msgstr "Show routing table entry for the default route." msgid "Show specific MACsec interface information" msgstr "Show specific MACsec interface information" -#: ../../configuration/vpn/site2site_ipsec.rst:221 +#: ../../configuration/vpn/site2site_ipsec.rst:224 msgid "Show status of new setup:" msgstr "Show status of new setup:" -#: ../../configuration/service/dhcp-server.rst:447 +#: ../../configuration/service/dhcp-server.rst:453 msgid "Show statuses of all active leases:" msgstr "Show statuses of all active leases:" -#: ../../configuration/service/dhcp-server.rst:465 +#: ../../configuration/service/dhcp-server.rst:471 msgid "Show statuses of all active leases granted by local (this server) or remote (failover server):" msgstr "Show statuses of all active leases granted by local (this server) or remote (failover server):" -#: ../../configuration/service/dhcp-server.rst:432 +#: ../../configuration/service/dhcp-server.rst:438 msgid "Show the DHCP server statistics:" msgstr "Show the DHCP server statistics:" -#: ../../configuration/service/dhcp-server.rst:443 +#: ../../configuration/service/dhcp-server.rst:449 msgid "Show the DHCP server statistics for the specified pool." msgstr "Show the DHCP server statistics for the specified pool." @@ -11731,11 +12658,11 @@ msgstr "Show the console server log." msgid "Show the full config uploaded to the QAT device." msgstr "Show the full config uploaded to the QAT device." -#: ../../configuration/container/index.rst:151 +#: ../../configuration/container/index.rst:187 msgid "Show the list of all active containers." msgstr "Show the list of all active containers." -#: ../../configuration/container/index.rst:155 +#: ../../configuration/container/index.rst:191 msgid "Show the local container images." msgstr "Show the local container images." @@ -11747,7 +12674,7 @@ msgstr "Show the logs of a specific Rule-Set." msgid "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." -#: ../../configuration/firewall/ipv4.rst:1125 +#: ../../configuration/firewall/ipv4.rst:1148 msgid "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." @@ -11764,11 +12691,11 @@ msgstr "Show the route" msgid "Show transceiver information from plugin modules, e.g SFP+, QSFP" msgstr "Show transceiver information from plugin modules, e.g SFP+, QSFP" -#: ../../configuration/protocols/bfd.rst:179 +#: ../../configuration/protocols/bfd.rst:186 msgid "Showing BFD monitored static routes" msgstr "Showing BFD monitored static routes" -#: ../../configuration/service/dhcp-server.rst:684 +#: ../../configuration/service/dhcp-server.rst:692 msgid "Shows status of all assigned leases:" msgstr "Shows status of all assigned leases:" @@ -11796,7 +12723,7 @@ msgstr "Sierra Wireless AirPrime MC7455 miniPCIe card (LTE)" msgid "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" msgstr "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" -#: ../../configuration/vpn/site2site_ipsec.rst:427 +#: ../../configuration/vpn/site2site_ipsec.rst:430 msgid "Similar combinations are applicable for the dead-peer-detection." msgstr "Similar combinations are applicable for the dead-peer-detection." @@ -11828,6 +12755,14 @@ msgstr "Since it's a HQ and branch offices setup, we will want all clients to ha msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." +#: ../../configuration/service/ipoe-server.rst:131 +#: ../../configuration/service/pppoe-server.rst:93 +#: ../../configuration/vpn/l2tp.rst:136 +#: ../../configuration/vpn/pptp.rst:76 +#: ../../configuration/vpn/sstp.rst:109 +msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" +msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" + #: ../../configuration/service/mdns.rst:13 msgid "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." @@ -11836,6 +12771,10 @@ msgstr "Since the mDNS protocol sends the AA records in the packet itself, the r msgid "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." +#: ../../configuration/service/ids.rst:98 +msgid "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" +msgstr "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" + #: ../../configuration/interfaces/vxlan.rst:157 msgid "Single VXLAN device (SVD)" msgstr "Single VXLAN device (SVD)" @@ -11857,7 +12796,7 @@ msgstr "Site-to-site mode supports x.509 but doesn't require it and can also wor msgid "Site to Site VPN" msgstr "Site to Site VPN" -#: ../../configuration/pki/index.rst:275 +#: ../../configuration/pki/index.rst:306 msgid "Size of the RSA key." msgstr "Size of the RSA key." @@ -11865,6 +12804,10 @@ msgstr "Size of the RSA key." msgid "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." msgstr "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." +#: ../../configuration/service/ids.rst:110 +msgid "So, firewall configuration needed for this setup:" +msgstr "So, firewall configuration needed for this setup:" + #: ../../configuration/nat/nat44.rst:554 msgid "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." msgstr "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." @@ -11885,7 +12828,14 @@ msgstr "Some ISPs by default only delegate a /64 prefix. To request for a specif msgid "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." msgstr "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." -#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/service/ipoe-server.rst:140 +#: ../../configuration/service/pppoe-server.rst:102 +#: ../../configuration/vpn/pptp.rst:85 +#: ../../configuration/vpn/sstp.rst:118 +msgid "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." +msgstr "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." + +#: ../../configuration/vpn/l2tp.rst:145 msgid "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." msgstr "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." @@ -11893,6 +12843,10 @@ msgstr "Some RADIUS_ severs use an access control list which allows or denies qu msgid "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." msgstr "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." +#: ../../configuration/container/index.rst:171 +msgid "Some container registries require credentials to be used." +msgstr "Some container registries require credentials to be used." + #: ../../configuration/firewall/general-legacy.rst:38 msgid "Some firewall settings are global and have an affect on the whole system." msgstr "Some firewall settings are global and have an affect on the whole system." @@ -11933,11 +12887,11 @@ msgstr "Some users tend to connect their mobile devices using WireGuard to their msgid "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." msgstr "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." -#: ../../configuration/service/dhcp-server.rst:703 +#: ../../configuration/service/dhcp-server.rst:711 msgid "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" msgstr "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" -#: ../../configuration/service/dhcp-server.rst:491 +#: ../../configuration/service/dhcp-server.rst:497 msgid "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" msgstr "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" @@ -11949,7 +12903,16 @@ msgstr "Source Address" msgid "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." msgstr "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." -#: ../../configuration/vpn/sstp.rst:268 +#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:208 +#: ../../configuration/service/pppoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:170 +#: ../../configuration/vpn/l2tp.rst:157 +#: ../../configuration/vpn/l2tp.rst:213 +#: ../../configuration/vpn/pptp.rst:97 +#: ../../configuration/vpn/pptp.rst:153 +#: ../../configuration/vpn/sstp.rst:130 +#: ../../configuration/vpn/sstp.rst:186 msgid "Source IPv4 address used in all RADIUS server queires." msgstr "Source IPv4 address used in all RADIUS server queires." @@ -11961,11 +12924,11 @@ msgstr "Source NAT rules" msgid "Source Prefix" msgstr "Source Prefix" -#: ../../configuration/system/login.rst:276 +#: ../../configuration/system/login.rst:280 msgid "Source all connections to the RADIUS servers from given VRF `<name>`." msgstr "Source all connections to the RADIUS servers from given VRF `<name>`." -#: ../../configuration/system/login.rst:345 +#: ../../configuration/system/login.rst:349 msgid "Source all connections to the TACACS servers from given VRF `<name>`." msgstr "Source all connections to the TACACS servers from given VRF `<name>`." @@ -11973,7 +12936,7 @@ msgstr "Source all connections to the TACACS servers from given VRF `<name>`." msgid "Source protocol to match." msgstr "Source protocol to match." -#: ../../configuration/vpn/ipsec.rst:225 +#: ../../configuration/vpn/ipsec.rst:229 msgid "Source tunnel from dummy interface" msgstr "Source tunnel from dummy interface" @@ -12001,15 +12964,48 @@ msgstr "Spatial Multiplexing Power Save (SMPS) settings" msgid "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." msgstr "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." -#: ../../configuration/vpn/sstp.rst:238 +#: ../../configuration/service/ipoe-server.rst:178 +#: ../../configuration/service/pppoe-server.rst:140 +#: ../../configuration/vpn/l2tp.rst:183 +#: ../../configuration/vpn/pptp.rst:123 +#: ../../configuration/vpn/sstp.rst:156 msgid "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" msgstr "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" -#: ../../configuration/vpn/sstp.rst:194 +#: ../../configuration/service/pppoe-server.rst:470 +#: ../../configuration/vpn/l2tp.rst:424 +#: ../../configuration/vpn/pptp.rst:348 +#: ../../configuration/vpn/sstp.rst:382 +msgid "Specifies IPv4 negotiation preference." +msgstr "Specifies IPv4 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:345 +#: ../../configuration/vpn/l2tp.rst:289 +#: ../../configuration/vpn/pptp.rst:213 +#: ../../configuration/vpn/sstp.rst:247 +msgid "Specifies IPv6 negotiation preference." +msgstr "Specifies IPv6 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:552 +msgid "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" +msgstr "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" + +#: ../../configuration/service/pppoe-server.rst:502 +#: ../../configuration/vpn/l2tp.rst:456 +#: ../../configuration/vpn/pptp.rst:380 +#: ../../configuration/vpn/sstp.rst:414 +msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." +msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." + +#: ../../configuration/vpn/sstp.rst:200 msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." -#: ../../configuration/vrf/index.rst:477 +#: ../../configuration/service/ipoe-server.rst:81 +msgid "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." +msgstr "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." + +#: ../../configuration/vrf/index.rst:496 msgid "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." msgstr "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." @@ -12017,6 +13013,13 @@ msgstr "Specifies an optional route-map to be applied to routes imported or expo msgid "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." msgstr "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." +#: ../../configuration/service/pppoe-server.rst:388 +#: ../../configuration/vpn/l2tp.rst:332 +#: ../../configuration/vpn/pptp.rst:256 +#: ../../configuration/vpn/sstp.rst:290 +msgid "Specifies fixed or random interface identifier for IPv6. By default is fixed." +msgstr "Specifies fixed or random interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:173 msgid "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." msgstr "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." @@ -12025,15 +13028,36 @@ msgstr "Specifies how long squid assumes an externally validated username:passwo msgid "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." msgstr "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." +#: ../../configuration/service/pppoe-server.rst:462 +#: ../../configuration/vpn/l2tp.rst:416 +#: ../../configuration/vpn/pptp.rst:340 +#: ../../configuration/vpn/sstp.rst:374 +msgid "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." +msgstr "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." + #: ../../configuration/interfaces/bonding.rst:40 msgid "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" msgstr "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" +#: ../../configuration/service/pppoe-server.rst:396 +#: ../../configuration/vpn/l2tp.rst:340 +#: ../../configuration/vpn/pptp.rst:264 +#: ../../configuration/vpn/sstp.rst:298 +msgid "Specifies peer interface identifier for IPv6. By default is fixed." +msgstr "Specifies peer interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:81 msgid "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." msgstr "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." -#: ../../configuration/vpn/sstp.rst:110 +#: ../../configuration/service/ipoe-server.rst:348 +msgid "Specifies relay agent IP addre" +msgstr "Specifies relay agent IP addre" + +#: ../../configuration/service/pppoe-server.rst:70 +#: ../../configuration/vpn/l2tp.rst:52 +#: ../../configuration/vpn/pptp.rst:54 +#: ../../configuration/vpn/sstp.rst:79 msgid "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." msgstr "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." @@ -12057,7 +13081,7 @@ msgstr "Specifies the available :abbr:`MAC (Message Authentication Code)` algori msgid "Specifies the base DN under which the users are located." msgstr "Specifies the base DN under which the users are located." -#: ../../configuration/service/dhcp-server.rst:239 +#: ../../configuration/service/dhcp-server.rst:245 msgid "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." msgstr "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." @@ -12094,22 +13118,33 @@ msgstr "Specifies the port `<port>` that the SSTP port will listen on (default 4 msgid "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." msgstr "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." -#: ../../configuration/vrf/index.rst:452 +#: ../../configuration/vrf/index.rst:471 msgid "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." msgstr "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." -#: ../../configuration/vrf/index.rst:445 +#: ../../configuration/vrf/index.rst:464 msgid "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." msgstr "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." -#: ../../configuration/vpn/sstp.rst:281 +#: ../../configuration/service/ipoe-server.rst:224 +#: ../../configuration/service/pppoe-server.rst:186 +#: ../../configuration/vpn/l2tp.rst:229 +#: ../../configuration/vpn/pptp.rst:169 +#: ../../configuration/vpn/sstp.rst:202 msgid "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." msgstr "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." -#: ../../configuration/vpn/sstp.rst:188 +#: ../../configuration/vpn/sstp.rst:194 msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." +#: ../../configuration/service/pppoe-server.rst:490 +#: ../../configuration/vpn/l2tp.rst:444 +#: ../../configuration/vpn/pptp.rst:368 +#: ../../configuration/vpn/sstp.rst:402 +msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." +msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." + #: ../../configuration/interfaces/vxlan.rst:77 msgid "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." msgstr "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." @@ -12122,28 +13157,47 @@ msgstr "Specifies whether the VXLAN device is capable of vni filtering." msgid "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." msgstr "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." -#: ../../configuration/vpn/sstp.rst:272 +#: ../../configuration/service/ipoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:217 +#: ../../configuration/vpn/pptp.rst:157 +#: ../../configuration/vpn/sstp.rst:190 msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." +#: ../../configuration/service/pppoe-server.rst:174 +msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." +msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." + +#: ../../configuration/service/ipoe-server.rst:344 +msgid "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." +msgstr "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." + #: ../../configuration/service/ssh.rst:45 msgid "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." msgstr "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." -#: ../../configuration/firewall/ipv4.rst:401 +#: ../../configuration/service/ids.rst:51 +msgid "Specify IPv4 and/or IPv6 networks that should be protected/monitored." +msgstr "Specify IPv4 and/or IPv6 networks that should be protected/monitored." + +#: ../../configuration/service/ids.rst:38 +msgid "Specify IPv4 and/or IPv6 networks which are going to be excluded." +msgstr "Specify IPv4 and/or IPv6 networks which are going to be excluded." + +#: ../../configuration/firewall/ipv4.rst:424 #: ../../configuration/firewall/ipv6.rst:408 msgid "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." msgstr "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." -#: ../../configuration/service/dhcp-server.rst:550 +#: ../../configuration/service/dhcp-server.rst:556 msgid "Specify a NIS+ server address for DHCPv6 clients." msgstr "Specify a NIS+ server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:545 +#: ../../configuration/service/dhcp-server.rst:551 msgid "Specify a NIS server address for DHCPv6 clients." msgstr "Specify a NIS server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:555 +#: ../../configuration/service/dhcp-server.rst:561 msgid "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." msgstr "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." @@ -12167,6 +13221,14 @@ msgstr "Specify an alternate AS for this BGP process when interacting with the s msgid "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." msgstr "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." +#: ../../configuration/service/dns.rst:254 +msgid "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." +msgstr "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." + +#: ../../configuration/service/ipoe-server.rst:339 +msgid "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" +msgstr "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" + #: ../../configuration/service/ntp.rst:84 #: ../../configuration/service/ssh.rst:110 #: ../../configuration/system/syslog.rst:79 @@ -12181,11 +13243,11 @@ msgstr "Specify nexthop on the path to the destination, ``ipv4-address`` can be msgid "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." msgstr "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." -#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:249 msgid "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." -#: ../../configuration/system/login.rst:314 +#: ../../configuration/system/login.rst:318 msgid "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." @@ -12225,7 +13287,7 @@ msgstr "Specify the systems `<timezone>` as the Region/Location that best define msgid "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" msgstr "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" -#: ../../configuration/service/dns.rst:269 +#: ../../configuration/service/dns.rst:283 msgid "Specify timeout / update interval to check if IP address changed." msgstr "Specify timeout / update interval to check if IP address changed." @@ -12233,6 +13295,10 @@ msgstr "Specify timeout / update interval to check if IP address changed." msgid "Specify timeout interval for keepalive message in seconds." msgstr "Specify timeout interval for keepalive message in seconds." +#: ../../configuration/service/ipoe-server.rst:97 +msgid "Specify where interface is shared by multiple users or it is vlan-per-user." +msgstr "Specify where interface is shared by multiple users or it is vlan-per-user." + #: ../../configuration/interfaces/vxlan.rst:191 msgid "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." msgstr "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." @@ -12285,7 +13351,7 @@ msgstr "Starting with VyOS 1.2 a :abbr:`mDNS (Multicast DNS)` repeater functiona msgid "Static" msgstr "Static" -#: ../../configuration/service/dhcp-server.rst:189 +#: ../../configuration/service/dhcp-server.rst:195 msgid "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." msgstr "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." @@ -12314,12 +13380,12 @@ msgid "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured man msgstr "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured manually on each device wishing to use MACsec. Keys must be set statically on all devices for traffic to flow properly. Key rotation is dependent on the administrator updating all keys manually across connected devices. Static SAK mode can not be used with MKA." #: ../../configuration/service/dhcp-server.rst:174 -#: ../../configuration/service/dhcp-server.rst:621 +#: ../../configuration/service/dhcp-server.rst:629 msgid "Static mappings" msgstr "Static mappings" -#: ../../configuration/service/dhcp-server.rst:460 -#: ../../configuration/service/dhcp-server.rst:694 +#: ../../configuration/service/dhcp-server.rst:466 +#: ../../configuration/service/dhcp-server.rst:702 msgid "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." msgstr "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." @@ -12384,7 +13450,7 @@ msgstr "Supported versions of RIP are:" msgid "Supports as HELPER for configured grace period." msgstr "Supports as HELPER for configured grace period." -#: ../../configuration/vpn/ipsec.rst:178 +#: ../../configuration/vpn/ipsec.rst:182 msgid "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" msgstr "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" @@ -12404,17 +13470,17 @@ msgstr "Synamic instructs to forward to all peers which we have a direct connect msgid "Sync groups" msgstr "Sync groups" -#: ../../configuration/firewall/ipv4.rst:911 +#: ../../configuration/firewall/ipv4.rst:934 #: ../../configuration/firewall/ipv6.rst:920 msgid "Synproxy" msgstr "Synproxy" -#: ../../configuration/firewall/ipv4.rst:912 +#: ../../configuration/firewall/ipv4.rst:935 #: ../../configuration/firewall/ipv6.rst:921 msgid "Synproxy connections" msgstr "Synproxy connections" -#: ../../configuration/firewall/ipv4.rst:929 +#: ../../configuration/firewall/ipv4.rst:952 #: ../../configuration/firewall/ipv6.rst:938 msgid "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" msgstr "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" @@ -12484,23 +13550,23 @@ msgstr "System identifier: ``1921.6800.1002`` - for system idetifiers we recomme msgid "System is unusable - a panic condition" msgstr "System is unusable - a panic condition" -#: ../../configuration/system/login.rst:299 +#: ../../configuration/system/login.rst:303 msgid "TACACS+" msgstr "TACACS+" -#: ../../configuration/system/login.rst:418 +#: ../../configuration/system/login.rst:422 msgid "TACACS Example" msgstr "TACACS Example" -#: ../../configuration/system/login.rst:305 +#: ../../configuration/system/login.rst:309 msgid "TACACS is defined in :rfc:`8907`." msgstr "TACACS is defined in :rfc:`8907`." -#: ../../configuration/system/login.rst:335 +#: ../../configuration/system/login.rst:339 msgid "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." msgstr "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." -#: ../../configuration/protocols/static.rst:140 +#: ../../configuration/protocols/static.rst:173 #: ../../configuration/system/flow-accounting.rst:83 msgid "TBD" msgstr "TBD" @@ -12553,15 +13619,19 @@ msgstr "Tell hosts to use the administered (stateful) protocol (i.e. DHCP) for a msgid "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" msgstr "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" -#: ../../configuration/vpn/sstp.rst:227 +#: ../../configuration/service/ipoe-server.rst:170 +#: ../../configuration/service/pppoe-server.rst:132 +#: ../../configuration/vpn/l2tp.rst:175 +#: ../../configuration/vpn/pptp.rst:115 +#: ../../configuration/vpn/sstp.rst:148 msgid "Temporary disable this RADIUS server." msgstr "Temporary disable this RADIUS server." -#: ../../configuration/system/login.rst:258 +#: ../../configuration/system/login.rst:262 msgid "Temporary disable this RADIUS server. It won't be queried." msgstr "Temporary disable this RADIUS server. It won't be queried." -#: ../../configuration/system/login.rst:327 +#: ../../configuration/system/login.rst:331 msgid "Temporary disable this TACACS server. It won't be queried." msgstr "Temporary disable this TACACS server. It won't be queried." @@ -12589,7 +13659,7 @@ msgstr "Test disconnecting given connection-oriented interface. `<interface>` ca msgid "Test from the IPv6 only client:" msgstr "Test from the IPv6 only client:" -#: ../../configuration/vpn/sstp.rst:305 +#: ../../configuration/vpn/sstp.rst:374 msgid "Testing SSTP" msgstr "Testing SSTP" @@ -12621,7 +13691,7 @@ msgstr "The ASP has documented their IPSec requirements:" msgid "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." msgstr "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." -#: ../../configuration/vrf/index.rst:94 +#: ../../configuration/vrf/index.rst:113 msgid "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." msgstr "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." @@ -12661,7 +13731,7 @@ msgstr "The Intel AX200 card does not work out of the box in AP mode, see https: msgid "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." msgstr "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." -#: ../../configuration/vpn/pptp.rst:6 +#: ../../configuration/vpn/pptp.rst:7 msgid "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." msgstr "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." @@ -12701,19 +13771,19 @@ msgstr "The VXLAN specification was originally created by VMware, Arista Network msgid "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." msgstr "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." -#: ../../configuration/service/dns.rst:173 +#: ../../configuration/service/dns.rst:160 msgid "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" msgstr "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" -#: ../../configuration/service/dns.rst:171 +#: ../../configuration/service/dns.rst:158 msgid "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" msgstr "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" -#: ../../configuration/service/dns.rst:175 +#: ../../configuration/service/dns.rst:162 msgid "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." msgstr "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." -#: ../../configuration/pki/index.rst:254 +#: ../../configuration/pki/index.rst:285 msgid "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." msgstr "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." @@ -12770,7 +13840,11 @@ msgstr "The ``https`` service listens on port 443 with backend `bk-default` to h msgid "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." msgstr "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." -#: ../../configuration/vpn/l2tp.rst:176 +#: ../../configuration/service/ipoe-server.rst:154 +#: ../../configuration/service/pppoe-server.rst:116 +#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/vpn/pptp.rst:99 +#: ../../configuration/vpn/sstp.rst:132 msgid "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." msgstr "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." @@ -12787,11 +13861,11 @@ msgstr "The above directory and default-config must be a child directory of /con msgid "The action can be :" msgstr "The action can be :" -#: ../../configuration/pki/index.rst:271 +#: ../../configuration/pki/index.rst:302 msgid "The address the server listens to during http-01 challenge" msgstr "The address the server listens to during http-01 challenge" -#: ../../configuration/protocols/bgp.rst:775 +#: ../../configuration/protocols/bgp.rst:797 msgid "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." msgstr "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." @@ -12803,7 +13877,7 @@ msgstr "The allocated address block is 100.64.0.0/10." msgid "The amount of Duplicate Address Detection probes to send." msgstr "The amount of Duplicate Address Detection probes to send." -#: ../../configuration/protocols/bgp.rst:835 +#: ../../configuration/protocols/bgp.rst:857 msgid "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." msgstr "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." @@ -12823,11 +13897,15 @@ msgstr "The bonding interface provides a method for aggregating multiple network msgid "The case of ingress shaping" msgstr "The case of ingress shaping" -#: ../../configuration/service/pppoe-server.rst:385 +#: ../../configuration/service/pppoe-server.rst:644 +msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." +msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." + +#: ../../configuration/service/pppoe-server.rst:644 msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." -#: ../../configuration/service/ipoe-server.rst:90 +#: ../../configuration/service/ipoe-server.rst:91 msgid "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." msgstr "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." @@ -12839,7 +13917,7 @@ msgstr "The command :opcmd:`show interfaces wireguard wg01 public-key` will then msgid "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." msgstr "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." -#: ../../configuration/service/pppoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:305 msgid "The command below enables it, assuming the RADIUS connection has been setup and is working." msgstr "The command below enables it, assuming the RADIUS connection has been setup and is working." @@ -12855,9 +13933,9 @@ msgstr "The command pon TESTUNNEL establishes the PPTP tunnel to the remote syst msgid "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" msgstr "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" -#: ../../configuration/service/dhcp-server.rst:210 -#: ../../configuration/service/dhcp-server.rst:601 -#: ../../configuration/service/dhcp-server.rst:644 +#: ../../configuration/service/dhcp-server.rst:216 +#: ../../configuration/service/dhcp-server.rst:608 +#: ../../configuration/service/dhcp-server.rst:652 msgid "The configuration will look as follows:" msgstr "The configuration will look as follows:" @@ -12881,6 +13959,10 @@ msgstr "The connection tracking table contains one entry for each connection bei msgid "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" msgstr "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" +#: ../../configuration/service/pppoe-server.rst:299 +msgid "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" +msgstr "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" + #: ../../configuration/service/ntp.rst:29 msgid "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." msgstr "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." @@ -12905,7 +13987,7 @@ msgstr "The default hostname used is `vyos`." msgid "The default is 1492." msgstr "The default is 1492." -#: ../../configuration/service/dhcp-server.rst:526 +#: ../../configuration/service/dhcp-server.rst:532 msgid "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." msgstr "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." @@ -12937,6 +14019,14 @@ msgstr "The default value is 3." msgid "The default value is 3 packets." msgstr "The default value is 3 packets." +#: ../../configuration/protocols/rpki.rst:124 +msgid "The default value is 600 seconds." +msgstr "The default value is 600 seconds." + +#: ../../configuration/protocols/rpki.rst:117 +msgid "The default value is 7200 seconds." +msgstr "The default value is 7200 seconds." + #: ../../configuration/service/dhcp-server.rst:99 msgid "The default value is 86400 seconds which corresponds to one day." msgstr "The default value is 86400 seconds which corresponds to one day." @@ -12987,15 +14077,19 @@ msgstr "The embedded Squid proxy can use LDAP to authenticate users against a co msgid "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." msgstr "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." -#: ../../configuration/service/pppoe-server.rst:369 +#: ../../configuration/service/pppoe-server.rst:627 +msgid "The example below covers a dual-stack configuration." +msgstr "The example below covers a dual-stack configuration." + +#: ../../configuration/service/pppoe-server.rst:627 msgid "The example below covers a dual-stack configuration via pppoe-server." msgstr "The example below covers a dual-stack configuration via pppoe-server." -#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/service/pppoe-server.rst:606 msgid "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." msgstr "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." -#: ../../configuration/service/ipoe-server.rst:35 +#: ../../configuration/service/ipoe-server.rst:34 msgid "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." msgstr "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." @@ -13023,7 +14117,7 @@ msgstr "The first IP in the container network is reserved by the engine and cann msgid "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." msgstr "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." -#: ../../configuration/vpn/ipsec.rst:174 +#: ../../configuration/vpn/ipsec.rst:178 msgid "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." msgstr "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." @@ -13039,14 +14133,18 @@ msgstr "The first ip address is the RP's address and the second value is the mat msgid "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." msgstr "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." -#: ../../configuration/vpn/sstp.rst:311 +#: ../../configuration/vpn/sstp.rst:484 msgid "The following PPP configuration tests MSCHAP-v2:" msgstr "The following PPP configuration tests MSCHAP-v2:" -#: ../../configuration/system/login.rst:143 +#: ../../configuration/system/login.rst:147 msgid "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" msgstr "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" +#: ../../configuration/protocols/bgp.rst:664 +msgid "The following command uses the explicit-null label value for all the BGP instances." +msgstr "The following command uses the explicit-null label value for all the BGP instances." + #: ../../configuration/interfaces/openvpn.rst:708 msgid "The following commands let you check tunnel status." msgstr "The following commands let you check tunnel status." @@ -13059,7 +14157,7 @@ msgstr "The following commands let you reset OpenVPN." msgid "The following commands translate to \"--net host\" when the container is created" msgstr "The following commands translate to \"--net host\" when the container is created" -#: ../../configuration/vrf/index.rst:101 +#: ../../configuration/vrf/index.rst:120 msgid "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" msgstr "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" @@ -13083,6 +14181,10 @@ msgstr "The following configuration reverse-proxy terminate SSL." msgid "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." msgstr "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." +#: ../../configuration/interfaces/pppoe.rst:383 +msgid "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." +msgstr "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." + #: ../../configuration/policy/examples.rst:155 msgid "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." msgstr "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." @@ -13095,7 +14197,7 @@ msgstr "The following example creates a WAP. When configuring multiple WAP inter msgid "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." msgstr "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." -#: ../../configuration/vrf/index.rst:237 +#: ../../configuration/vrf/index.rst:256 msgid "The following example topology was built using EVE-NG." msgstr "The following example topology was built using EVE-NG." @@ -13140,7 +14242,7 @@ msgstr "The forwarding delay time is the time spent in each of the listening and msgid "The generated configuration will look like:" msgstr "The generated configuration will look like:" -#: ../../configuration/pki/index.rst:107 +#: ../../configuration/pki/index.rst:109 msgid "The generated parameters are then output to the console." msgstr "The generated parameters are then output to the console." @@ -13168,7 +14270,7 @@ msgstr "The hostname can be up to 63 characters. A hostname must start and end w msgid "The hostname or IP address of the master" msgstr "The hostname or IP address of the master" -#: ../../configuration/service/dhcp-server.rst:632 +#: ../../configuration/service/dhcp-server.rst:640 msgid "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." msgstr "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." @@ -13212,7 +14314,7 @@ msgstr "The legacy and zone-based firewall configuration options is not longer s msgid "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." msgstr "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." -#: ../../configuration/policy/route-map.rst:255 +#: ../../configuration/policy/route-map.rst:258 msgid "The link bandwidth extended community is encoded as non-transitive" msgstr "The link bandwidth extended community is encoded as non-transitive" @@ -13240,6 +14342,10 @@ msgstr "The main points regarding this packet flow and terminology used in VyOS msgid "The main structure VyOS firewall cli is shown next:" msgstr "The main structure VyOS firewall cli is shown next:" +#: ../../configuration/firewall/index.rst:92 +msgid "The main structure of the VyOS firewall CLI is shown next:" +msgstr "The main structure of the VyOS firewall CLI is shown next:" + #: ../../configuration/interfaces/bonding.rst:271 msgid "The maximum number of targets that can be specified is 16. The default value is no IP address." msgstr "The maximum number of targets that can be specified is 16. The default value is no IP address." @@ -13272,11 +14378,15 @@ msgstr "The multicast-group used by all leaves for this vlan extension. Has to b msgid "The name of the service can be different, in this example it is only for convenience." msgstr "The name of the service can be different, in this example it is only for convenience." +#: ../../configuration/service/dns.rst:171 +msgid "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." +msgstr "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." + #: ../../configuration/service/dhcp-server.rst:13 msgid "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." msgstr "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." -#: ../../configuration/service/conntrack-sync.rst:188 +#: ../../configuration/service/conntrack-sync.rst:192 msgid "The next example is a simple configuration of conntrack-sync." msgstr "The next example is a simple configuration of conntrack-sync." @@ -13324,7 +14434,7 @@ msgstr "The outgoing interface to perform the translation on" msgid "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." msgstr "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." -#: ../../configuration/vpn/ipsec.rst:235 +#: ../../configuration/vpn/ipsec.rst:239 msgid "The peer names RIGHT and LEFT are used as informational text." msgstr "The peer names RIGHT and LEFT are used as informational text." @@ -13332,7 +14442,7 @@ msgstr "The peer names RIGHT and LEFT are used as informational text." msgid "The peer with lower priority will become the key server and start distributing SAKs." msgstr "The peer with lower priority will become the key server and start distributing SAKs." -#: ../../configuration/vrf/index.rst:181 +#: ../../configuration/vrf/index.rst:200 msgid "The ping command is used to test whether a network host is reachable or not." msgstr "The ping command is used to test whether a network host is reachable or not." @@ -13352,7 +14462,7 @@ msgstr "The prefix and ASN that originated it match a signed ROA. These are prob msgid "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." msgstr "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." -#: ../../configuration/service/dhcp-server.rst:375 +#: ../../configuration/service/dhcp-server.rst:381 msgid "The primary DHCP server uses address `192.168.189.252`" msgstr "The primary DHCP server uses address `192.168.189.252`" @@ -13368,11 +14478,11 @@ msgstr "The primary option is only valid for active-backup, transmit-load-balanc msgid "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." msgstr "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." -#: ../../configuration/service/dhcp-server.rst:539 +#: ../../configuration/service/dhcp-server.rst:545 msgid "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" msgstr "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" -#: ../../configuration/vrf/index.rst:222 +#: ../../configuration/vrf/index.rst:241 msgid "The prompt is adjusted to reflect this change in both config and op-mode." msgstr "The prompt is adjusted to reflect this change in both config and op-mode." @@ -13400,7 +14510,7 @@ msgstr "The public IP address of the local side of the VPN will be 198.51.100.10 msgid "The public IP address of the remote side of the VPN will be 203.0.113.11." msgstr "The public IP address of the remote side of the VPN will be 203.0.113.11." -#: ../../configuration/service/ipoe-server.rst:130 +#: ../../configuration/service/ipoe-server.rst:131 #: ../../configuration/vpn/l2tp.rst:120 msgid "The rate-limit is set in kbit/sec." msgstr "The rate-limit is set in kbit/sec." @@ -13421,6 +14531,10 @@ msgstr "The remote site will have a subnet of 10.1.0.0/16." msgid "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." msgstr "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." +#: ../../configuration/service/dns.rst:161 +msgid "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." +msgstr "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." + #: ../../configuration/interfaces/openvpn.rst:458 msgid "The required config file may look like this:" msgstr "The required config file may look like this:" @@ -13465,7 +14579,7 @@ msgstr "The sFlow accounting based on hsflowd https://sflow.net/" msgid "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." msgstr "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." -#: ../../configuration/vpn/ipsec.rst:227 +#: ../../configuration/vpn/ipsec.rst:231 msgid "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." msgstr "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." @@ -13473,7 +14587,7 @@ msgstr "The scheme above doesn't work when one of the routers has a dynamic exte msgid "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." msgstr "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." -#: ../../configuration/service/dhcp-server.rst:376 +#: ../../configuration/service/dhcp-server.rst:382 msgid "The secondary DHCP server uses address `192.168.189.253`" msgstr "The secondary DHCP server uses address `192.168.189.253`" @@ -13533,11 +14647,14 @@ msgstr "The type can be the following: asbr-summary, external, network, nssa-ext msgid "The ultimate goal of classifying traffic is to give each class a different treatment." msgstr "The ultimate goal of classifying traffic is to give each class a different treatment." -#: ../../configuration/service/ipoe-server.rst:18 +#: ../../configuration/service/ipoe-server.rst:16 msgid "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." msgstr "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." -#: ../../configuration/vpn/l2tp.rst:221 +#: ../../configuration/service/pppoe-server.rst:222 +#: ../../configuration/vpn/l2tp.rst:265 +#: ../../configuration/vpn/pptp.rst:205 +#: ../../configuration/vpn/sstp.rst:238 msgid "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." msgstr "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." @@ -13549,7 +14666,11 @@ msgstr "The vendor-class-id option can be used to request a specific class of ve msgid "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." msgstr "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." -#: ../../configuration/system/login.rst:138 +#: ../../configuration/service/router-advert.rst:86 +msgid "The well known NAT64 prefix is ``64:ff9b::/96``" +msgstr "The well known NAT64 prefix is ``64:ff9b::/96``" + +#: ../../configuration/system/login.rst:142 msgid "The window size must be between 1 and 21." msgstr "The window size must be between 1 and 21." @@ -13557,6 +14678,10 @@ msgstr "The window size must be between 1 and 21." msgid "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." msgstr "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." +#: ../../configuration/service/ids.rst:125 +msgid "Then, FastNetMon configuration:" +msgstr "Then, FastNetMon configuration:" + #: ../../configuration/nat/nat44.rst:621 msgid "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." msgstr "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." @@ -13596,7 +14721,7 @@ msgstr "There are a lot of matching criteria against which the packet can be tes msgid "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." msgstr "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." -#: ../../configuration/system/ipv6.rst:92 +#: ../../configuration/system/ipv6.rst:105 msgid "There are different parameters for getting prefix-list information:" msgstr "There are different parameters for getting prefix-list information:" @@ -13612,7 +14737,7 @@ msgstr "There are many parameters you will be able to use in order to match the msgid "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" msgstr "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" -#: ../../configuration/service/ipoe-server.rst:153 +#: ../../configuration/service/ipoe-server.rst:154 msgid "There are rate-limited and non rate-limited users (MACs)" msgstr "There are rate-limited and non rate-limited users (MACs)" @@ -13628,7 +14753,7 @@ msgstr "There are three modes of operation for a wireless interface:" msgid "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" msgstr "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" -#: ../../configuration/protocols/bgp.rst:896 +#: ../../configuration/protocols/bgp.rst:918 msgid "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" msgstr "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" @@ -13757,7 +14882,7 @@ msgstr "This command allows peerings between directly connected eBGP peers using msgid "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." msgstr "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." -#: ../../configuration/protocols/bgp.rst:812 +#: ../../configuration/protocols/bgp.rst:834 msgid "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." msgstr "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." @@ -13814,19 +14939,19 @@ msgstr "This command allows you to select a specific access concentrator when yo msgid "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." msgstr "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." -#: ../../configuration/protocols/bgp.rst:867 +#: ../../configuration/protocols/bgp.rst:889 msgid "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." msgstr "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." -#: ../../configuration/protocols/bgp.rst:843 +#: ../../configuration/protocols/bgp.rst:865 msgid "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." msgstr "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." -#: ../../configuration/protocols/bgp.rst:851 +#: ../../configuration/protocols/bgp.rst:873 msgid "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." msgstr "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." -#: ../../configuration/protocols/bgp.rst:859 +#: ../../configuration/protocols/bgp.rst:881 msgid "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." msgstr "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." @@ -13854,7 +14979,7 @@ msgstr "This command can be used to filter the RIP path using prefix lists. :cfg msgid "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." msgstr "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." -#: ../../configuration/protocols/bgp.rst:652 +#: ../../configuration/protocols/bgp.rst:674 msgid "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." msgstr "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." @@ -13878,7 +15003,7 @@ msgstr "This command change distance value of OSPFv3 globally. The distance rang msgid "This command change the distance value of RIP. The distance range is 1 to 255." msgstr "This command change the distance value of RIP. The distance range is 1 to 255." -#: ../../configuration/protocols/bgp.rst:638 +#: ../../configuration/protocols/bgp.rst:650 msgid "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." msgstr "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." @@ -13954,23 +15079,23 @@ msgstr "This command defines matching parameters for access list rule. Matching msgid "This command defines the IS-IS router behavior:" msgstr "This command defines the IS-IS router behavior:" -#: ../../configuration/protocols/bgp.rst:720 +#: ../../configuration/protocols/bgp.rst:742 msgid "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:726 +#: ../../configuration/protocols/bgp.rst:748 msgid "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:713 +#: ../../configuration/protocols/bgp.rst:735 msgid "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." msgstr "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." -#: ../../configuration/protocols/bgp.rst:595 +#: ../../configuration/protocols/bgp.rst:601 msgid "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." msgstr "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." -#: ../../configuration/protocols/bgp.rst:732 +#: ../../configuration/protocols/bgp.rst:754 msgid "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." msgstr "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." @@ -13997,7 +15122,7 @@ msgstr "This command disables check of the MTU value in the OSPF DBD packets. Th msgid "This command disables it." msgstr "This command disables it." -#: ../../configuration/protocols/bgp.rst:607 +#: ../../configuration/protocols/bgp.rst:619 msgid "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." msgstr "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." @@ -14009,23 +15134,23 @@ msgstr "This command disables split-horizon on the interface. By default, VyOS d msgid "This command disables the load sharing across multiple LFA backups." msgstr "This command disables the load sharing across multiple LFA backups." -#: ../../configuration/protocols/bgp.rst:1009 +#: ../../configuration/protocols/bgp.rst:1031 msgid "This command displays BGP dampened routes." msgstr "This command displays BGP dampened routes." -#: ../../configuration/protocols/bgp.rst:1032 +#: ../../configuration/protocols/bgp.rst:1054 msgid "This command displays BGP received-routes that are accepted after filtering." msgstr "This command displays BGP received-routes that are accepted after filtering." -#: ../../configuration/protocols/bgp.rst:1022 +#: ../../configuration/protocols/bgp.rst:1044 msgid "This command displays BGP routes advertised to a neighbor." msgstr "This command displays BGP routes advertised to a neighbor." -#: ../../configuration/protocols/bgp.rst:1017 +#: ../../configuration/protocols/bgp.rst:1039 msgid "This command displays BGP routes allowed by the specified AS Path access list." msgstr "This command displays BGP routes allowed by the specified AS Path access list." -#: ../../configuration/protocols/bgp.rst:1026 +#: ../../configuration/protocols/bgp.rst:1048 msgid "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." msgstr "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." @@ -14052,11 +15177,11 @@ msgstr "This command displays a summary table with a database contents (LSA)." msgid "This command displays a table of paths to area boundary and autonomous system boundary routers." msgstr "This command displays a table of paths to area boundary and autonomous system boundary routers." -#: ../../configuration/protocols/bgp.rst:957 +#: ../../configuration/protocols/bgp.rst:979 msgid "This command displays all entries in BGP routing table." msgstr "This command displays all entries in BGP routing table." -#: ../../configuration/protocols/bgp.rst:1036 +#: ../../configuration/protocols/bgp.rst:1058 msgid "This command displays dampened routes received from BGP neighbor." msgstr "This command displays dampened routes received from BGP neighbor." @@ -14064,27 +15189,27 @@ msgstr "This command displays dampened routes received from BGP neighbor." msgid "This command displays external information redistributed into OSPFv3" msgstr "This command displays external information redistributed into OSPFv3" -#: ../../configuration/protocols/bgp.rst:1040 +#: ../../configuration/protocols/bgp.rst:1062 msgid "This command displays information about BGP routes whose AS path matches the specified regular expression." msgstr "This command displays information about BGP routes whose AS path matches the specified regular expression." -#: ../../configuration/protocols/bgp.rst:1013 +#: ../../configuration/protocols/bgp.rst:1035 msgid "This command displays information about flapping BGP routes." msgstr "This command displays information about flapping BGP routes." -#: ../../configuration/protocols/bgp.rst:977 +#: ../../configuration/protocols/bgp.rst:999 msgid "This command displays information about the particular entry in the BGP routing table." msgstr "This command displays information about the particular entry in the BGP routing table." -#: ../../configuration/protocols/bgp.rst:1004 +#: ../../configuration/protocols/bgp.rst:1026 msgid "This command displays routes that are permitted by the BGP community list." msgstr "This command displays routes that are permitted by the BGP community list." -#: ../../configuration/protocols/bgp.rst:997 +#: ../../configuration/protocols/bgp.rst:1019 msgid "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." msgstr "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." -#: ../../configuration/protocols/bgp.rst:993 +#: ../../configuration/protocols/bgp.rst:1015 msgid "This command displays routes with classless interdomain routing (CIDR)." msgstr "This command displays routes with classless interdomain routing (CIDR)." @@ -14126,7 +15251,7 @@ msgstr "This command displays the neighbors status." msgid "This command displays the neighbors status for a neighbor on the specified interface." msgstr "This command displays the neighbors status for a neighbor on the specified interface." -#: ../../configuration/protocols/bgp.rst:1045 +#: ../../configuration/protocols/bgp.rst:1067 msgid "This command displays the status of all BGP connections." msgstr "This command displays the status of all BGP connections." @@ -14134,7 +15259,7 @@ msgstr "This command displays the status of all BGP connections." msgid "This command enable/disables summarisation for the configured address range." msgstr "This command enable/disables summarisation for the configured address range." -#: ../../configuration/protocols/bgp.rst:603 +#: ../../configuration/protocols/bgp.rst:615 msgid "This command enable logging neighbor up/down changes and reset reason." msgstr "This command enable logging neighbor up/down changes and reset reason." @@ -14174,7 +15299,7 @@ msgstr "This command enables sending timestamps with each Hello and IHU message msgid "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." msgstr "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." -#: ../../configuration/protocols/bgp.rst:875 +#: ../../configuration/protocols/bgp.rst:897 msgid "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." msgstr "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." @@ -14198,7 +15323,7 @@ msgstr "This command generate a default route into the RIP." msgid "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:632 +#: ../../configuration/protocols/bgp.rst:644 msgid "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." msgstr "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." @@ -14241,7 +15366,7 @@ msgstr "This command is used for advertising IPv4 or IPv6 networks." msgid "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." msgstr "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." -#: ../../configuration/protocols/bgp.rst:620 +#: ../../configuration/protocols/bgp.rst:632 msgid "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." msgstr "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." @@ -14253,15 +15378,15 @@ msgstr "This command modifies the default metric (hop count) value for redistrib msgid "This command override AS number of the originating router with the local AS number." msgstr "This command override AS number of the originating router with the local AS number." -#: ../../configuration/protocols/bgp.rst:885 +#: ../../configuration/protocols/bgp.rst:907 msgid "This command prevents from sending back prefixes learned from the neighbor." msgstr "This command prevents from sending back prefixes learned from the neighbor." -#: ../../configuration/protocols/bgp.rst:804 +#: ../../configuration/protocols/bgp.rst:826 msgid "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." msgstr "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." -#: ../../configuration/protocols/bgp.rst:741 +#: ../../configuration/protocols/bgp.rst:763 msgid "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." msgstr "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." @@ -14297,19 +15422,19 @@ msgstr "This command redistributes routing information from the given route sour msgid "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." msgstr "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." -#: ../../configuration/protocols/bgp.rst:1068 +#: ../../configuration/protocols/bgp.rst:1090 msgid "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1088 +#: ../../configuration/protocols/bgp.rst:1110 msgid "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1075 +#: ../../configuration/protocols/bgp.rst:1097 msgid "This command resets all BGP connections of given router." msgstr "This command resets all BGP connections of given router." -#: ../../configuration/protocols/bgp.rst:1084 +#: ../../configuration/protocols/bgp.rst:1106 msgid "This command resets all external BGP peers of given router." msgstr "This command resets all external BGP peers of given router." @@ -14389,7 +15514,7 @@ msgstr "This command sets number of seconds for RxmtInterval timer value. This v msgid "This command sets old-style (ISO 10589) or new style packet formats:" msgstr "This command sets old-style (ISO 10589) or new style packet formats:" -#: ../../configuration/protocols/bgp.rst:944 +#: ../../configuration/protocols/bgp.rst:966 msgid "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." msgstr "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." @@ -14401,7 +15526,7 @@ msgstr "This command sets overload bit to avoid any transit traffic through this msgid "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." msgstr "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." -#: ../../configuration/protocols/bgp.rst:659 +#: ../../configuration/protocols/bgp.rst:681 msgid "This command sets the administrative distance for a particular route. The distance range is 1 to 255." msgstr "This command sets the administrative distance for a particular route. The distance range is 1 to 255." @@ -14461,7 +15586,7 @@ msgstr "This command should NOT be set normally." msgid "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:938 +#: ../../configuration/protocols/bgp.rst:960 msgid "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." msgstr "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." @@ -14517,11 +15642,11 @@ msgstr "This command specifies attributes to be left unchanged for advertisement msgid "This command specifies circuit type for interface:" msgstr "This command specifies circuit type for interface:" -#: ../../configuration/protocols/bgp.rst:920 +#: ../../configuration/protocols/bgp.rst:942 msgid "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." msgstr "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." -#: ../../configuration/protocols/bgp.rst:671 +#: ../../configuration/protocols/bgp.rst:693 msgid "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." msgstr "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." @@ -14530,7 +15655,7 @@ msgstr "This command specifies hold-time in seconds. The timer range is 4 to 655 msgid "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." msgstr "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." -#: ../../configuration/protocols/bgp.rst:677 +#: ../../configuration/protocols/bgp.rst:699 msgid "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." msgstr "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." @@ -14558,15 +15683,15 @@ msgstr "This command specifies metric type for redistributed routes. Difference msgid "This command specifies network type to Point-to-Point. The default network type is broadcast." msgstr "This command specifies network type to Point-to-Point. The default network type is broadcast." -#: ../../configuration/protocols/bgp.rst:784 +#: ../../configuration/protocols/bgp.rst:806 msgid "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." msgstr "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." -#: ../../configuration/protocols/bgp.rst:754 +#: ../../configuration/protocols/bgp.rst:776 msgid "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." msgstr "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." -#: ../../configuration/protocols/bgp.rst:791 +#: ../../configuration/protocols/bgp.rst:813 msgid "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." msgstr "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." @@ -14582,7 +15707,7 @@ msgstr "This command specifies that simple password authentication should be use msgid "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." msgstr "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." -#: ../../configuration/protocols/bgp.rst:748 +#: ../../configuration/protocols/bgp.rst:770 msgid "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." msgstr "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." @@ -14622,7 +15747,7 @@ msgstr "This command specifies the base receive cost for this interface. For wir msgid "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." msgstr "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." -#: ../../configuration/protocols/bgp.rst:799 +#: ../../configuration/protocols/bgp.rst:821 msgid "This command specifies the default local preference value. The local preference range is 0 to 4294967295." msgstr "This command specifies the default local preference value. The local preference range is 0 to 4294967295." @@ -14634,7 +15759,7 @@ msgstr "This command specifies the default metric value of redistributed routes. msgid "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." msgstr "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." -#: ../../configuration/protocols/bgp.rst:916 +#: ../../configuration/protocols/bgp.rst:938 msgid "This command specifies the given neighbor as route reflector client." msgstr "This command specifies the given neighbor as route reflector client." @@ -14658,7 +15783,7 @@ msgstr "This command specifies the minimum RTT, in milliseconds, starting from w msgid "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." msgstr "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." -#: ../../configuration/protocols/bgp.rst:589 +#: ../../configuration/protocols/bgp.rst:595 msgid "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." msgstr "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." @@ -14714,7 +15839,7 @@ msgstr "This command summarizes intra area paths from specified area into one su msgid "This command to ensure not advertise the summary lsa for the matched external LSAs." msgstr "This command to ensure not advertise the summary lsa for the matched external LSAs." -#: ../../configuration/protocols/bgp.rst:1079 +#: ../../configuration/protocols/bgp.rst:1101 msgid "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." msgstr "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." @@ -14763,7 +15888,7 @@ msgstr "This command will generate a default-route in L2 database." msgid "This command will give an overview of a rule in a single rule-set" msgstr "This command will give an overview of a rule in a single rule-set" -#: ../../configuration/firewall/ipv4.rst:1091 +#: ../../configuration/firewall/ipv4.rst:1114 msgid "This command will give an overview of a rule in a single rule-set, plus information for default action." msgstr "This command will give an overview of a rule in a single rule-set, plus information for default action." @@ -14771,7 +15896,7 @@ msgstr "This command will give an overview of a rule in a single rule-set, plus msgid "This command will give an overview of a rule in a single rule-set." msgstr "This command will give an overview of a rule in a single rule-set." -#: ../../configuration/firewall/ipv4.rst:1072 +#: ../../configuration/firewall/ipv4.rst:1095 #: ../../configuration/firewall/ipv6.rst:1088 msgid "This command will give an overview of a single rule-set." msgstr "This command will give an overview of a single rule-set." @@ -14805,7 +15930,7 @@ msgid "This configuration modifies the behavior of the network statement. If you msgstr "This configuration modifies the behavior of the network statement. If you have this configured the underlying network must exist in the routing table." #: ../../configuration/service/dhcp-server.rst:76 -#: ../../configuration/service/dhcp-server.rst:520 +#: ../../configuration/service/dhcp-server.rst:526 msgid "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." msgstr "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." @@ -14825,7 +15950,7 @@ msgstr "This creates a route policy called FILTER-WEB with one rule to set the r msgid "This defaults to 10000." msgstr "This defaults to 10000." -#: ../../configuration/system/login.rst:254 +#: ../../configuration/system/login.rst:258 msgid "This defaults to 1812." msgstr "This defaults to 1812." @@ -14833,7 +15958,7 @@ msgstr "This defaults to 1812." msgid "This defaults to 2007." msgstr "This defaults to 2007." -#: ../../configuration/service/dns.rst:271 +#: ../../configuration/service/dns.rst:285 msgid "This defaults to 300 seconds." msgstr "This defaults to 300 seconds." @@ -14841,7 +15966,7 @@ msgstr "This defaults to 300 seconds." msgid "This defaults to 30 seconds." msgstr "This defaults to 30 seconds." -#: ../../configuration/system/login.rst:323 +#: ../../configuration/system/login.rst:327 msgid "This defaults to 49." msgstr "This defaults to 49." @@ -14857,7 +15982,7 @@ msgstr "This defaults to UDP" msgid "This defaults to both 1.2 and 1.3." msgstr "This defaults to both 1.2 and 1.3." -#: ../../configuration/pki/index.rst:283 +#: ../../configuration/pki/index.rst:314 msgid "This defaults to https://acme-v02.api.letsencrypt.org/directory" msgstr "This defaults to https://acme-v02.api.letsencrypt.org/directory" @@ -14893,15 +16018,27 @@ msgstr "This establishes our Port Forward rule, but if we created a firewall pol msgid "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." msgstr "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." +#: ../../configuration/vpn/ipsec.rst:392 +msgid "This example uses CACert as certificate authority." +msgstr "This example uses CACert as certificate authority." + +#: ../../configuration/vpn/ipsec.rst:386 +msgid "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." +msgstr "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." + +#: ../../configuration/protocols/bfd.rst:64 +msgid "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." +msgstr "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." + #: ../../configuration/protocols/ospf.rst:476 msgid "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." msgstr "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." -#: ../../configuration/service/dns.rst:404 +#: ../../configuration/service/dns.rst:418 msgid "This functionality is controlled by adding the following configuration:" msgstr "This functionality is controlled by adding the following configuration:" -#: ../../configuration/firewall/ipv4.rst:376 +#: ../../configuration/firewall/ipv4.rst:399 #: ../../configuration/firewall/ipv6.rst:378 msgid "This functions for both individual addresses and address groups." msgstr "This functions for both individual addresses and address groups." @@ -14946,13 +16083,13 @@ msgstr "This is a mandatory command. Sets regular expression to match against lo msgid "This is a mandatory command. Sets the full path to the script. The script file must be executable." msgstr "This is a mandatory command. Sets the full path to the script. The script file must be executable." -#: ../../configuration/pki/index.rst:261 -#: ../../configuration/pki/index.rst:267 +#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:298 msgid "This is a mandatory option" msgstr "This is a mandatory option" -#: ../../configuration/protocols/rpki.rst:117 -#: ../../configuration/protocols/rpki.rst:124 +#: ../../configuration/protocols/rpki.rst:131 +#: ../../configuration/protocols/rpki.rst:138 msgid "This is a mandatory setting." msgstr "This is a mandatory setting." @@ -15019,7 +16156,7 @@ msgstr "This is the LCD model used in your system." msgid "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." msgstr "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." -#: ../../configuration/service/dhcp-server.rst:197 +#: ../../configuration/service/dhcp-server.rst:203 msgid "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." msgstr "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." @@ -15031,7 +16168,7 @@ msgstr "This is the name of the physical interface used to connect to your LCD d msgid "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" msgstr "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" -#: ../../configuration/service/dhcp-server.rst:195 +#: ../../configuration/service/dhcp-server.rst:201 msgid "This is useful, for example, in combination with hostfile update." msgstr "This is useful, for example, in combination with hostfile update." @@ -15088,7 +16225,7 @@ msgstr "This option is used by some DHCP clients as a way for users to specify i msgid "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." msgstr "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." -#: ../../configuration/system/login.rst:390 +#: ../../configuration/system/login.rst:394 msgid "This option must be used with ``timeout`` option." msgstr "This option must be used with ``timeout`` option." @@ -15101,7 +16238,7 @@ msgstr "This option only affects 802.3ad mode." msgid "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." msgstr "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." -#: ../../configuration/pki/index.rst:277 +#: ../../configuration/pki/index.rst:308 msgid "This options defaults to 2048" msgstr "This options defaults to 2048" @@ -15219,11 +16356,19 @@ msgstr "This the simplest queue possible you can apply to your traffic. Traffic msgid "This topology was built using GNS3." msgstr "This topology was built using GNS3." +#: ../../configuration/system/option.rst:38 +msgid "This will add the following option to the Kernel commandline:" +msgstr "This will add the following option to the Kernel commandline:" + +#: ../../configuration/system/option.rst:48 +msgid "This will add the following two options to the Kernel commandline:" +msgstr "This will add the following two options to the Kernel commandline:" + #: ../../configuration/interfaces/ethernet.rst:9 msgid "This will be the most widely used interface on a router carrying traffic to the real world." msgstr "This will be the most widely used interface on a router carrying traffic to the real world." -#: ../../configuration/protocols/static.rst:171 +#: ../../configuration/protocols/static.rst:204 msgid "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." msgstr "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." @@ -15239,7 +16384,7 @@ msgstr "This will render the following ddclient_ configuration entry:" msgid "This will show you a basic firewall overview" msgstr "This will show you a basic firewall overview" -#: ../../configuration/firewall/ipv4.rst:961 +#: ../../configuration/firewall/ipv4.rst:984 msgid "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" msgstr "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" @@ -15255,12 +16400,12 @@ msgstr "This will show you a basic summary of zones configuration." msgid "This will show you a rule-set statistic since the last boot." msgstr "This will show you a rule-set statistic since the last boot." -#: ../../configuration/firewall/ipv4.rst:1112 +#: ../../configuration/firewall/ipv4.rst:1135 #: ../../configuration/firewall/ipv6.rst:1135 msgid "This will show you a statistic of all rule-sets since the last boot." msgstr "This will show you a statistic of all rule-sets since the last boot." -#: ../../configuration/firewall/ipv4.rst:1016 +#: ../../configuration/firewall/ipv4.rst:1039 #: ../../configuration/firewall/ipv6.rst:1032 msgid "This will show you a summary of rule-sets and groups" msgstr "This will show you a summary of rule-sets and groups" @@ -15301,29 +16446,49 @@ msgstr "Time in seconds that the prefix will remain preferred (default 4 hours)" msgid "Time in seconds that the prefix will remain valid (default: 30 days)" msgstr "Time in seconds that the prefix will remain valid (default: 30 days)" +#: ../../configuration/service/router-advert.rst:1 +msgid "Time in seconds that the prefix will remain valid (default: 65528 seconds)" +msgstr "Time in seconds that the prefix will remain valid (default: 65528 seconds)" + #: ../../configuration/service/webproxy.rst:177 msgid "Time is in minutes and defaults to 60." msgstr "Time is in minutes and defaults to 60." -#: ../../configuration/firewall/ipv4.rst:874 +#: ../../configuration/firewall/ipv4.rst:897 #: ../../configuration/firewall/ipv6.rst:883 #: ../../configuration/policy/route.rst:225 msgid "Time to match the defined rule." msgstr "Time to match the defined rule." +#: ../../configuration/service/ipoe-server.rst:368 +#: ../../configuration/service/pppoe-server.rst:534 +#: ../../configuration/vpn/l2tp.rst:488 +#: ../../configuration/vpn/pptp.rst:412 +#: ../../configuration/vpn/sstp.rst:446 +msgid "Timeout in seconds" +msgstr "Timeout in seconds" + #: ../../configuration/protocols/failover.rst:24 msgid "Timeout in seconds between health target checks." msgstr "Timeout in seconds between health target checks." -#: ../../configuration/vpn/sstp.rst:234 +#: ../../configuration/service/ipoe-server.rst:174 +#: ../../configuration/service/pppoe-server.rst:136 +#: ../../configuration/vpn/l2tp.rst:179 +#: ../../configuration/vpn/pptp.rst:119 +#: ../../configuration/vpn/sstp.rst:152 msgid "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" msgstr "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" -#: ../../configuration/vpn/sstp.rst:254 +#: ../../configuration/service/ipoe-server.rst:194 +#: ../../configuration/service/pppoe-server.rst:156 +#: ../../configuration/vpn/l2tp.rst:199 +#: ../../configuration/vpn/pptp.rst:139 +#: ../../configuration/vpn/sstp.rst:172 msgid "Timeout to wait response from server (seconds)" msgstr "Timeout to wait response from server (seconds)" -#: ../../configuration/protocols/bgp.rst:667 +#: ../../configuration/protocols/bgp.rst:689 #: ../../configuration/protocols/isis.rst:257 msgid "Timers" msgstr "Timers" @@ -15332,7 +16497,7 @@ msgstr "Timers" msgid "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" msgstr "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" -#: ../../configuration/vpn/l2tp.rst:58 +#: ../../configuration/vpn/l2tp.rst:108 msgid "To allow VPN-clients access via your external address, a NAT rule is required:" msgstr "To allow VPN-clients access via your external address, a NAT rule is required:" @@ -15344,7 +16509,7 @@ msgstr "To allow listing additional custom domain, for example ``openthread.thre msgid "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" msgstr "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" -#: ../../configuration/vpn/site2site_ipsec.rst:257 +#: ../../configuration/vpn/site2site_ipsec.rst:260 msgid "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" msgstr "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" @@ -15442,11 +16607,11 @@ msgstr "To configure syslog, you need to switch into configuration mode." msgid "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." msgstr "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." -#: ../../configuration/service/ipoe-server.rst:98 +#: ../../configuration/service/ipoe-server.rst:99 msgid "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." msgstr "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." -#: ../../configuration/system/login.rst:377 +#: ../../configuration/system/login.rst:381 msgid "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." msgstr "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." @@ -15462,11 +16627,11 @@ msgstr "To create routing table 100 and add a new default gateway to be used by msgid "To define a zone setup either one with interfaces or a local zone." msgstr "To define a zone setup either one with interfaces or a local zone." -#: ../../configuration/service/router-advert.rst:75 +#: ../../configuration/service/router-advert.rst:101 msgid "To disable advertisements without deleting the configuration:" msgstr "To disable advertisements without deleting the configuration:" -#: ../../configuration/system/login.rst:190 +#: ../../configuration/system/login.rst:194 msgid "To display the configured OTP user key, use the command:" msgstr "To display the configured OTP user key, use the command:" @@ -15483,7 +16648,11 @@ msgstr "To enable/disable helper support for a specific neighbour, the router-id msgid "To enable MLD reports and query on interfaces `eth0` and `eth1`:" msgstr "To enable MLD reports and query on interfaces `eth0` and `eth1`:" -#: ../../configuration/vpn/l2tp.rst:141 +#: ../../configuration/service/ipoe-server.rst:116 +#: ../../configuration/service/pppoe-server.rst:78 +#: ../../configuration/vpn/l2tp.rst:121 +#: ../../configuration/vpn/pptp.rst:61 +#: ../../configuration/vpn/sstp.rst:94 msgid "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." msgstr "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." @@ -15511,6 +16680,10 @@ msgstr "To enable the HTTP security headers in the configuration file, use the c msgid "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" msgstr "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" +#: ../../configuration/vpn/l2tp.rst:282 +msgid "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." +msgstr "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." + #: ../../configuration/service/snmp.rst:216 msgid "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." msgstr "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." @@ -15527,11 +16700,15 @@ msgstr "To generate the CA, the server private key and certificates the followin msgid "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." msgstr "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." -#: ../../configuration/service/dhcp-server.rst:566 +#: ../../configuration/service/dhcp-server.rst:572 msgid "To hand out individual prefixes to your clients the following configuration is used:" msgstr "To hand out individual prefixes to your clients the following configuration is used:" -#: ../../configuration/highavailability/index.rst:336 +#: ../../configuration/vpn/ipsec.rst:405 +msgid "To import it from the filesystem use:" +msgstr "To import it from the filesystem use:" + +#: ../../configuration/highavailability/index.rst:346 msgid "To know more about scripting, check the :ref:`command-scripting` section." msgstr "To know more about scripting, check the :ref:`command-scripting` section." @@ -15539,7 +16716,7 @@ msgstr "To know more about scripting, check the :ref:`command-scripting` section msgid "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" msgstr "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" -#: ../../configuration/protocols/static.rst:161 +#: ../../configuration/protocols/static.rst:194 msgid "To manipulate or display ARP_ table entries, the following commands are implemented." msgstr "To manipulate or display ARP_ table entries, the following commands are implemented." @@ -15552,7 +16729,7 @@ msgstr "To perform a graceful shutdown, the FRR ``graceful-restart prepare ip os msgid "To request a /56 prefix from your ISP use:" msgstr "To request a /56 prefix from your ISP use:" -#: ../../configuration/service/dhcp-server.rst:680 +#: ../../configuration/service/dhcp-server.rst:688 msgid "To restart the DHCPv6 server" msgstr "To restart the DHCPv6 server" @@ -15568,7 +16745,7 @@ msgstr "To setup a destination NAT rule we need to gather:" msgid "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" msgstr "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" -#: ../../configuration/service/ipoe-server.rst:113 +#: ../../configuration/service/ipoe-server.rst:114 msgid "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." msgstr "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." @@ -15596,6 +16773,10 @@ msgstr "Topology:" msgid "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" msgstr "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" +#: ../../configuration/service/ipoe-server.rst:433 +msgid "Toubleshooting" +msgstr "Toubleshooting" + #: ../../configuration/highavailability/index.rst:171 msgid "Track" msgstr "Track" @@ -15644,7 +16825,7 @@ msgstr "Traffic from multicast sources will go to the Rendezvous Point, and rece msgid "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." msgstr "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." -#: ../../configuration/firewall/ipv4.rst:928 +#: ../../configuration/firewall/ipv4.rst:951 #: ../../configuration/firewall/ipv6.rst:937 msgid "Traffic must be symmetric" msgstr "Traffic must be symmetric" @@ -15653,11 +16834,11 @@ msgstr "Traffic must be symmetric" msgid "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" msgstr "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" -#: ../../configuration/highavailability/index.rst:322 +#: ../../configuration/highavailability/index.rst:332 msgid "Transition scripts" msgstr "Transition scripts" -#: ../../configuration/highavailability/index.rst:324 +#: ../../configuration/highavailability/index.rst:334 msgid "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" msgstr "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" @@ -15667,6 +16848,8 @@ msgstr "Transparent Proxy" #: ../../configuration/interfaces/openvpn.rst:701 #: ../../configuration/interfaces/tunnel.rst:227 +#: ../../configuration/vpn/pptp.rst:484 +#: ../../configuration/vpn/sstp.rst:580 msgid "Troubleshooting" msgstr "Troubleshooting" @@ -15682,6 +16865,10 @@ msgstr "Tunnel" msgid "Tunnel keys" msgstr "Tunnel keys" +#: ../../configuration/vpn/l2tp.rst:280 +msgid "Tunnel password used to authenticate the client (LAC)" +msgstr "Tunnel password used to authenticate the client (LAC)" + #: ../../configuration/loadbalancing/wan.rst:257 msgid "Two environment variables are available:" msgstr "Two environment variables are available:" @@ -15714,15 +16901,15 @@ msgstr "UDP Broadcast Relay" msgid "UDP mode works better with NAT:" msgstr "UDP mode works better with NAT:" -#: ../../configuration/vpn/l2tp.rst:34 +#: ../../configuration/vpn/l2tp.rst:84 msgid "UDP port 1701 for IPsec" msgstr "UDP port 1701 for IPsec" -#: ../../configuration/vpn/l2tp.rst:39 +#: ../../configuration/vpn/l2tp.rst:89 msgid "UDP port 4500 (NAT-T)" msgstr "UDP port 4500 (NAT-T)" -#: ../../configuration/vpn/l2tp.rst:32 +#: ../../configuration/vpn/l2tp.rst:82 msgid "UDP port 500 (IKE)" msgstr "UDP port 500 (IKE)" @@ -15778,11 +16965,11 @@ msgstr "Up to seven queues -defined as classes_ with different priorities- can b msgid "Update" msgstr "Update" -#: ../../configuration/container/index.rst:171 +#: ../../configuration/container/index.rst:207 msgid "Update container image" msgstr "Update container image" -#: ../../configuration/firewall/ipv4.rst:1175 +#: ../../configuration/firewall/ipv4.rst:1198 #: ../../configuration/firewall/ipv6.rst:1191 msgid "Update geoip database" msgstr "Update geoip database" @@ -15795,10 +16982,17 @@ msgstr "Updates" msgid "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." msgstr "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." -#: ../../configuration/vpn/sstp.rst:90 +#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/vpn/l2tp.rst:391 +#: ../../configuration/vpn/pptp.rst:315 +#: ../../configuration/vpn/sstp.rst:349 msgid "Upload bandwidth limit in kbit/s for `<user>`." msgstr "Upload bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:325 +msgid "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." +msgstr "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." + #: ../../configuration/loadbalancing/wan.rst:209 msgid "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" msgstr "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" @@ -15816,7 +17010,7 @@ msgstr "Use 802.11n protocol" msgid "Use CA certificate from PKI subsystem" msgstr "Use CA certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:365 +#: ../../configuration/service/dns.rst:379 msgid "Use DynDNS as your preferred provider:" msgstr "Use DynDNS as your preferred provider:" @@ -15848,27 +17042,27 @@ msgstr "Use `delete system conntrack modules` to deactive all modules." msgid "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." msgstr "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." -#: ../../configuration/firewall/ipv4.rst:515 +#: ../../configuration/firewall/ipv4.rst:538 #: ../../configuration/firewall/ipv6.rst:525 msgid "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:578 +#: ../../configuration/firewall/ipv4.rst:601 #: ../../configuration/firewall/ipv6.rst:588 msgid "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:599 +#: ../../configuration/firewall/ipv4.rst:622 #: ../../configuration/firewall/ipv6.rst:609 msgid "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:536 +#: ../../configuration/firewall/ipv4.rst:559 #: ../../configuration/firewall/ipv6.rst:546 msgid "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:557 +#: ../../configuration/firewall/ipv4.rst:580 #: ../../configuration/firewall/ipv6.rst:567 msgid "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." @@ -15885,7 +17079,7 @@ msgstr "Use an automatically generated self-signed certificate" msgid "Use any local address, configured on any interface if this is not set." msgstr "Use any local address, configured on any interface if this is not set." -#: ../../configuration/service/dns.rst:279 +#: ../../configuration/service/dns.rst:263 msgid "Use auth key file at ``/config/auth/my.key``" msgstr "Use auth key file at ``/config/auth/my.key``" @@ -15893,10 +17087,14 @@ msgstr "Use auth key file at ``/config/auth/my.key``" msgid "Use certificate from PKI subsystem" msgstr "Use certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:408 +#: ../../configuration/service/dns.rst:410 msgid "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." msgstr "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." +#: ../../configuration/service/dns.rst:368 +msgid "Use deSEC (dedyn.io) as your preferred provider:" +msgstr "Use deSEC (dedyn.io) as your preferred provider:" + #: ../../configuration/firewall/general-legacy.rst:478 msgid "Use inverse-match to match anything except the given country-codes." msgstr "Use inverse-match to match anything except the given country-codes." @@ -15905,7 +17103,7 @@ msgstr "Use inverse-match to match anything except the given country-codes." msgid "Use local socket for API" msgstr "Use local socket for API" -#: ../../configuration/vpn/sstp.rst:288 +#: ../../configuration/vpn/sstp.rst:357 msgid "Use local user `foo` with password `bar`" msgstr "Use local user `foo` with password `bar`" @@ -15913,7 +17111,7 @@ msgstr "Use local user `foo` with password `bar`" msgid "Use tab completion to get a list of categories." msgstr "Use tab completion to get a list of categories." -#: ../../configuration/system/option.rst:53 +#: ../../configuration/system/option.rst:83 msgid "Use the address of the specified interface on the local machine as the source address of the connection." msgstr "Use the address of the specified interface on the local machine as the source address of the connection." @@ -15925,7 +17123,7 @@ msgstr "Use the following topology to build a nat66 based isolated network betwe msgid "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." msgstr "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." -#: ../../configuration/system/option.rst:48 +#: ../../configuration/system/option.rst:78 msgid "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." msgstr "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." @@ -15957,10 +17155,26 @@ msgstr "Use this PIM command to modify the time out value (31-60000 seconds) for msgid "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." -#: ../../configuration/vpn/sstp.rst:137 +#: ../../configuration/service/ipoe-server.rst:261 +msgid "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/service/pppoe-server.rst:355 +msgid "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/pptp.rst:223 +msgid "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/sstp.rst:257 msgid "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +#: ../../configuration/vpn/l2tp.rst:299 +msgid "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + #: ../../configuration/service/pppoe-server.rst:93 msgid "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." msgstr "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." @@ -16005,7 +17219,7 @@ msgstr "Use this command to check the tunnel status for OpenVPN server interface msgid "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." msgstr "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." -#: ../../configuration/system/ipv6.rst:154 +#: ../../configuration/system/ipv6.rst:167 msgid "Use this command to clear Border Gateway Protocol statistics or status." msgstr "Use this command to clear Border Gateway Protocol statistics or status." @@ -16013,16 +17227,32 @@ msgstr "Use this command to clear Border Gateway Protocol statistics or status." msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." -#: ../../configuration/vpn/sstp.rst:146 +#: ../../configuration/service/ipoe-server.rst:269 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/service/pppoe-server.rst:363 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/pptp.rst:231 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/sstp.rst:265 msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +#: ../../configuration/vpn/l2tp.rst:307 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + #: ../../configuration/service/pppoe-server.rst:120 msgid "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." msgstr "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." -#: ../../configuration/protocols/static.rst:112 -#: ../../configuration/protocols/static.rst:125 +#: ../../configuration/protocols/static.rst:146 +#: ../../configuration/protocols/static.rst:159 msgid "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." msgstr "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." @@ -16226,6 +17456,10 @@ msgstr "Use this command to control the maximum number of equal cost paths to re msgid "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." msgstr "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." +#: ../../configuration/vpn/l2tp.rst:68 +msgid "Use this command to define IPsec interface." +msgstr "Use this command to define IPsec interface." + #: ../../configuration/trafficpolicy/index.rst:425 msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." @@ -16234,8 +17468,19 @@ msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." -#: ../../configuration/service/pppoe-server.rst:81 -#: ../../configuration/vpn/sstp.rst:132 +#: ../../configuration/service/ipoe-server.rst:277 +#: ../../configuration/service/pppoe-server.rst:371 +#: ../../configuration/vpn/l2tp.rst:315 +#: ../../configuration/vpn/pptp.rst:239 +#: ../../configuration/vpn/sstp.rst:273 +msgid "Use this command to define default IPv6 address pool name." +msgstr "Use this command to define default IPv6 address pool name." + +#: ../../configuration/service/ipoe-server.rst:77 +#: ../../configuration/service/pppoe-server.rst:61 +#: ../../configuration/vpn/l2tp.rst:48 +#: ../../configuration/vpn/pptp.rst:50 +#: ../../configuration/vpn/sstp.rst:75 msgid "Use this command to define default address pool name." msgstr "Use this command to define default address pool name." @@ -16255,15 +17500,31 @@ msgstr "Use this command to define in the selected interface whether you choose msgid "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +#: ../../configuration/service/ipoe-server.rst:70 +msgid "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + #: ../../configuration/service/pppoe-server.rst:73 msgid "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." -#: ../../configuration/vpn/sstp.rst:121 +#: ../../configuration/vpn/pptp.rst:43 +msgid "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/vpn/sstp.rst:68 msgid "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." -#: ../../configuration/service/pppoe-server.rst:42 +#: ../../configuration/vpn/l2tp.rst:41 +msgid "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:54 +msgid "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:65 msgid "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." msgstr "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." @@ -16283,8 +17544,11 @@ msgstr "Use this command to define the maximum number of entries to keep in the msgid "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." msgstr "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." -#: ../../configuration/service/pppoe-server.rst:77 -#: ../../configuration/vpn/sstp.rst:128 +#: ../../configuration/service/ipoe-server.rst:332 +#: ../../configuration/service/pppoe-server.rst:450 +#: ../../configuration/vpn/l2tp.rst:404 +#: ../../configuration/vpn/pptp.rst:328 +#: ../../configuration/vpn/sstp.rst:362 msgid "Use this command to define the next address pool name." msgstr "Use this command to define the next address pool name." @@ -16352,7 +17616,7 @@ msgstr "Use this command to enable PIMv6 in the selected interface so that it ca msgid "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." msgstr "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." -#: ../../configuration/service/pppoe-server.rst:236 +#: ../../configuration/service/pppoe-server.rst:310 msgid "Use this command to enable bandwidth shaping via RADIUS." msgstr "Use this command to enable bandwidth shaping via RADIUS." @@ -16364,7 +17628,7 @@ msgstr "Use this command to enable proxy Address Resolution Protocol (ARP) on th msgid "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." msgstr "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." -#: ../../configuration/service/pppoe-server.rst:249 +#: ../../configuration/service/pppoe-server.rst:323 msgid "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." msgstr "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." @@ -16386,7 +17650,7 @@ msgstr "Use this command to enable the logging of the default action on custom c msgid "Use this command to enable the logging of the default action on the specified chain." msgstr "Use this command to enable the logging of the default action on the specified chain." -#: ../../configuration/system/ipv6.rst:165 +#: ../../configuration/system/ipv6.rst:178 msgid "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." msgstr "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." @@ -16394,11 +17658,11 @@ msgstr "Use this command to flush the kernel IPv6 route cache. An address can be msgid "Use this command to get an overview of a zone." msgstr "Use this command to get an overview of a zone." -#: ../../configuration/system/ipv6.rst:120 +#: ../../configuration/system/ipv6.rst:133 msgid "Use this command to get information about OSPFv3." msgstr "Use this command to get information about OSPFv3." -#: ../../configuration/system/ipv6.rst:142 +#: ../../configuration/system/ipv6.rst:155 msgid "Use this command to get information about the RIPNG protocol" msgstr "Use this command to get information about the RIPNG protocol" @@ -16410,10 +17674,22 @@ msgstr "Use this command to instruct the system to establish a PPPoE connection msgid "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." msgstr "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." -#: ../../configuration/service/pppoe-server.rst:311 +#: ../../configuration/service/ipoe-server.rst:394 +msgid "Use this command to locally check the active sessions in the IPoE server." +msgstr "Use this command to locally check the active sessions in the IPoE server." + +#: ../../configuration/service/pppoe-server.rst:587 msgid "Use this command to locally check the active sessions in the PPPoE server." msgstr "Use this command to locally check the active sessions in the PPPoE server." +#: ../../configuration/vpn/pptp.rst:446 +msgid "Use this command to locally check the active sessions in the PPTP server." +msgstr "Use this command to locally check the active sessions in the PPTP server." + +#: ../../configuration/vpn/sstp.rst:542 +msgid "Use this command to locally check the active sessions in the SSTP server." +msgstr "Use this command to locally check the active sessions in the SSTP server." + #: ../../configuration/protocols/igmp.rst:104 msgid "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." msgstr "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." @@ -16427,7 +17703,7 @@ msgstr "Use this command to not install advertised DNS nameservers into the loca msgid "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." msgstr "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." -#: ../../configuration/system/ipv6.rst:160 +#: ../../configuration/system/ipv6.rst:173 msgid "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." msgstr "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." @@ -16467,7 +17743,7 @@ msgstr "Use this command to see discovery hello information" msgid "Use this command to see the Label Information Base." msgstr "Use this command to see the Label Information Base." -#: ../../configuration/service/pppoe-server.rst:26 +#: ../../configuration/service/pppoe-server.rst:33 msgid "Use this command to set a name for this PPPoE-server access concentrator." msgstr "Use this command to set a name for this PPPoE-server access concentrator." @@ -16511,31 +17787,31 @@ msgstr "Use this command to set the username for authenticating with a remote PP msgid "Use this command to show IPv6 Border Gateway Protocol information." msgstr "Use this command to show IPv6 Border Gateway Protocol information." -#: ../../configuration/system/ipv6.rst:50 +#: ../../configuration/system/ipv6.rst:63 msgid "Use this command to show IPv6 Neighbor Discovery Protocol information." msgstr "Use this command to show IPv6 Neighbor Discovery Protocol information." -#: ../../configuration/system/ipv6.rst:58 +#: ../../configuration/system/ipv6.rst:71 msgid "Use this command to show IPv6 forwarding status." msgstr "Use this command to show IPv6 forwarding status." -#: ../../configuration/system/ipv6.rst:54 +#: ../../configuration/system/ipv6.rst:67 msgid "Use this command to show IPv6 multicast group membership." msgstr "Use this command to show IPv6 multicast group membership." -#: ../../configuration/system/ipv6.rst:62 +#: ../../configuration/system/ipv6.rst:75 msgid "Use this command to show IPv6 routes." msgstr "Use this command to show IPv6 routes." -#: ../../configuration/system/ipv6.rst:105 +#: ../../configuration/system/ipv6.rst:118 msgid "Use this command to show all IPv6 access lists" msgstr "Use this command to show all IPv6 access lists" -#: ../../configuration/system/ipv6.rst:90 +#: ../../configuration/system/ipv6.rst:103 msgid "Use this command to show all IPv6 prefix lists" msgstr "Use this command to show all IPv6 prefix lists" -#: ../../configuration/system/ipv6.rst:146 +#: ../../configuration/system/ipv6.rst:159 msgid "Use this command to show the status of the RIPNG protocol" msgstr "Use this command to show the status of the RIPNG protocol" @@ -16595,6 +17871,14 @@ msgstr "Used to block specific domains by the Proxy. Specifying \"vyos.net\" wil msgid "User-level messages" msgstr "User-level messages" +#: ../../configuration/service/ipoe-server.rst:250 +#: ../../configuration/service/pppoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:255 +#: ../../configuration/vpn/pptp.rst:195 +#: ../../configuration/vpn/sstp.rst:228 +msgid "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." +msgstr "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." + #: ../../configuration/policy/examples.rst:18 msgid "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." @@ -16603,11 +17887,11 @@ msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing t msgid "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." msgstr "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." -#: ../../configuration/protocols/bgp.rst:900 +#: ../../configuration/protocols/bgp.rst:922 msgid "Using BGP confederation" msgstr "Using BGP confederation" -#: ../../configuration/protocols/bgp.rst:899 +#: ../../configuration/protocols/bgp.rst:921 msgid "Using BGP route-reflectors" msgstr "Using BGP route-reflectors" @@ -16615,6 +17899,10 @@ msgstr "Using BGP route-reflectors" msgid "Using VLAN aware Bridge" msgstr "Using VLAN aware Bridge" +#: ../../configuration/vpn/sstp.rst:29 +msgid "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" +msgstr "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" + #: ../../configuration/interfaces/bridge.rst:266 msgid "Using the operation mode command to view Bridge Information" msgstr "Using the operation mode command to view Bridge Information" @@ -16652,6 +17940,10 @@ msgstr "VHT operating channel center frequency - center freq 2 (for use with the msgid "VLAN" msgstr "VLAN" +#: ../../configuration/service/pppoe-server.rst:232 +msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." +msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." + #: ../../configuration/service/pppoe-server.rst:163 msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." @@ -16668,6 +17960,10 @@ msgstr "VLAN Example" msgid "VLAN Options" msgstr "VLAN Options" +#: ../../configuration/service/ipoe-server.rst:315 +msgid "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" +msgstr "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" + #: ../../configuration/service/lldp.rst:28 msgid "VLAN name" msgstr "VLAN name" @@ -16688,32 +17984,32 @@ msgstr "VPN-clients will request configuration parameters, optionally you can DN msgid "VRF" msgstr "VRF" -#: ../../configuration/vrf/index.rst:411 +#: ../../configuration/vrf/index.rst:430 msgid "VRF Route Leaking" msgstr "VRF Route Leaking" -#: ../../configuration/vrf/index.rst:283 +#: ../../configuration/vrf/index.rst:302 msgid "VRF and NAT" msgstr "VRF and NAT" -#: ../../configuration/vrf/index.rst:380 +#: ../../configuration/vrf/index.rst:399 msgid "VRF blue routing table" msgstr "VRF blue routing table" -#: ../../configuration/vrf/index.rst:347 +#: ../../configuration/vrf/index.rst:366 msgid "VRF default routing table" msgstr "VRF default routing table" -#: ../../configuration/vrf/index.rst:363 +#: ../../configuration/vrf/index.rst:382 msgid "VRF red routing table" msgstr "VRF red routing table" -#: ../../configuration/vrf/index.rst:235 -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:254 +#: ../../configuration/vrf/index.rst:261 msgid "VRF route leaking" msgstr "VRF route leaking" -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:261 msgid "VRF topology example" msgstr "VRF topology example" @@ -16769,11 +18065,19 @@ msgstr "Valid values are 0..255." msgid "Value" msgstr "Value" -#: ../../configuration/vpn/sstp.rst:263 +#: ../../configuration/service/ipoe-server.rst:203 +#: ../../configuration/service/pppoe-server.rst:165 +#: ../../configuration/vpn/l2tp.rst:208 +#: ../../configuration/vpn/pptp.rst:148 +#: ../../configuration/vpn/sstp.rst:181 msgid "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." msgstr "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." -#: ../../configuration/vpn/sstp.rst:258 +#: ../../configuration/service/ipoe-server.rst:198 +#: ../../configuration/service/pppoe-server.rst:160 +#: ../../configuration/vpn/l2tp.rst:203 +#: ../../configuration/vpn/pptp.rst:143 +#: ../../configuration/vpn/sstp.rst:176 msgid "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." msgstr "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." @@ -16795,11 +18099,11 @@ msgstr "Verify that connections are hitting the rule on both sides:" msgid "Version" msgstr "Version" -#: ../../configuration/highavailability/index.rst:339 +#: ../../configuration/highavailability/index.rst:349 msgid "Virtual-server" msgstr "Virtual-server" -#: ../../configuration/highavailability/index.rst:398 +#: ../../configuration/highavailability/index.rst:408 msgid "Virtual-server can be configured with VRRP virtual address or without VRRP." msgstr "Virtual-server can be configured with VRRP virtual address or without VRRP." @@ -16807,7 +18111,7 @@ msgstr "Virtual-server can be configured with VRRP virtual address or without VR msgid "Virtual Ethernet" msgstr "Virtual Ethernet" -#: ../../configuration/highavailability/index.rst:342 +#: ../../configuration/highavailability/index.rst:352 msgid "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." msgstr "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." @@ -16823,11 +18127,11 @@ msgstr "VyOS 1.1 supported login as user ``root``. This has been removed due to msgid "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." msgstr "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." -#: ../../configuration/vrf/index.rst:84 +#: ../../configuration/vrf/index.rst:103 msgid "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." msgstr "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." -#: ../../configuration/pki/index.rst:9 +#: ../../configuration/pki/index.rst:11 msgid "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." msgstr "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." @@ -16839,7 +18143,7 @@ msgstr "VyOS 1.4 uses chrony instead of ntpd (see :vytask:`T3008`) which will no msgid "VyOS Arista EOS setup" msgstr "VyOS Arista EOS setup" -#: ../../configuration/vpn/ipsec.rst:120 +#: ../../configuration/vpn/ipsec.rst:123 msgid "VyOS ESP group has the next options:" msgstr "VyOS ESP group has the next options:" @@ -16883,10 +18187,14 @@ msgstr "VyOS SNMP supports both IPv4 and IPv6." msgid "VyOS also comes with a build in SSTP server, see :ref:`sstp`." msgstr "VyOS also comes with a build in SSTP server, see :ref:`sstp`." -#: ../../configuration/service/dhcp-server.rst:504 +#: ../../configuration/service/dhcp-server.rst:510 msgid "VyOS also provides DHCPv6 server functionality which is described in this section." msgstr "VyOS also provides DHCPv6 server functionality which is described in this section." +#: ../../configuration/vpn/ipsec.rst:474 +msgid "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." +msgstr "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:127 msgid "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." msgstr "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." @@ -16928,7 +18236,11 @@ msgstr "VyOS facilitates IP Multicast by supporting **PIM Sparse Mode**, **IGMP* msgid "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." msgstr "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." -#: ../../configuration/service/dns.rst:214 +#: ../../configuration/service/ids.rst:17 +msgid "VyOS includes the FastNetMon Community Edition." +msgstr "VyOS includes the FastNetMon Community Edition." + +#: ../../configuration/service/dns.rst:201 msgid "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." msgstr "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." @@ -16952,15 +18264,15 @@ msgstr "VyOS makes use of Linux `netfilter <https://netfilter.org/>`_ for packet msgid "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" msgstr "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" -#: ../../configuration/pki/index.rst:21 +#: ../../configuration/pki/index.rst:23 msgid "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." msgstr "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." -#: ../../configuration/pki/index.rst:35 +#: ../../configuration/pki/index.rst:37 msgid "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." msgstr "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." -#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:323 msgid "VyOS operational mode commands are not only available for generating keys but also to display them." msgstr "VyOS operational mode commands are not only available for generating keys but also to display them." @@ -17000,6 +18312,10 @@ msgstr "VyOS provides some operational commands on OpenVPN." msgid "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." msgstr "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." +#: ../../configuration/pki/index.rst:255 +msgid "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." +msgstr "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." + #: ../../configuration/loadbalancing/reverse-proxy.rst:8 msgid "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." msgstr "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." @@ -17020,6 +18336,10 @@ msgstr "VyOS supports both MLD version 1 and version 2 (which allows source-spec msgid "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." msgstr "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." +#: ../../configuration/vpn/ipsec.rst:452 +msgid "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." +msgstr "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." + #: ../../configuration/system/updates.rst:5 msgid "VyOS supports online checking for updates" msgstr "VyOS supports online checking for updates" @@ -17060,11 +18380,11 @@ msgstr "VyOS uses the `mirror` option to configure port mirroring. The configura msgid "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." -#: ../../configuration/service/ipoe-server.rst:9 +#: ../../configuration/service/ipoe-server.rst:7 msgid "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." -#: ../../configuration/vpn/l2tp.rst:6 +#: ../../configuration/vpn/l2tp.rst:7 msgid "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." @@ -17076,7 +18396,7 @@ msgstr "VyOS utilizes accel-ppp_ to provide SSTP server functionality. We suppor msgid "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." msgstr "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." -#: ../../configuration/vpn/site2site_ipsec.rst:164 +#: ../../configuration/vpn/site2site_ipsec.rst:167 msgid "WAN interface on `eth1`" msgstr "WAN interface on `eth1`" @@ -17117,7 +18437,7 @@ msgstr "We'll configure OpenVPN using self-signed certificates, and then discuss msgid "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." msgstr "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." -#: ../../configuration/vpn/ipsec.rst:232 +#: ../../configuration/vpn/ipsec.rst:236 msgid "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." msgstr "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." @@ -17129,11 +18449,15 @@ msgstr "We can't support all displays from the beginning. If your display type i msgid "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." msgstr "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." -#: ../../configuration/protocols/rpki.rst:158 +#: ../../configuration/protocols/rpki.rst:168 msgid "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" msgstr "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" -#: ../../configuration/protocols/bgp.rst:1249 +#: ../../configuration/vpn/ipsec.rst:456 +msgid "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." +msgstr "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." + +#: ../../configuration/protocols/bgp.rst:1271 msgid "We could expand on this and also deny link local and multicast in the rule 20 action deny." msgstr "We could expand on this and also deny link local and multicast in the rule 20 action deny." @@ -17145,6 +18469,10 @@ msgstr "We do not have CLI nodes for every single OpenVPN option. If an option i msgid "We don't recomend to use arguments. Using environments is more preffereble." msgstr "We don't recomend to use arguments. Using environments is more preffereble." +#: ../../configuration/vpn/ipsec.rst:506 +msgid "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." +msgstr "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." + #: ../../configuration/interfaces/wireguard.rst:148 msgid "We listen on port 51820" msgstr "We listen on port 51820" @@ -17153,7 +18481,7 @@ msgstr "We listen on port 51820" msgid "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" msgstr "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" -#: ../../configuration/system/option.rst:85 +#: ../../configuration/system/option.rst:115 msgid "We now utilize `tuned` for dynamic resource balancing based on profiles." msgstr "We now utilize `tuned` for dynamic resource balancing based on profiles." @@ -17169,7 +18497,7 @@ msgstr "We only need a single step for this interface:" msgid "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" msgstr "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" -#: ../../configuration/system/login.rst:420 +#: ../../configuration/system/login.rst:424 msgid "We use a vontainer providing the TACACS serve rin this example." msgstr "We use a vontainer providing the TACACS serve rin this example." @@ -17177,7 +18505,7 @@ msgstr "We use a vontainer providing the TACACS serve rin this example." msgid "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." msgstr "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." -#: ../../configuration/service/dhcp-server.rst:331 +#: ../../configuration/service/dhcp-server.rst:337 msgid "Web Proxy Autodiscovery (WPAD) URL" msgstr "Web Proxy Autodiscovery (WPAD) URL" @@ -17201,15 +18529,19 @@ msgstr "When LDP is working, you will be able to see label information in the ou msgid "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." msgstr "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." -#: ../../configuration/vrf/index.rst:73 +#: ../../configuration/vrf/index.rst:92 msgid "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." msgstr "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." -#: ../../configuration/service/dns.rst:354 +#: ../../configuration/service/dns.rst:351 +msgid "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." +msgstr "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." + +#: ../../configuration/service/dns.rst:357 msgid "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." msgstr "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." -#: ../../configuration/service/dns.rst:347 +#: ../../configuration/service/dns.rst:361 msgid "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." msgstr "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." @@ -17225,7 +18557,11 @@ msgstr "When a link is reconnected or a new slave joins the bond the receive tra msgid "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." msgstr "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." -#: ../../configuration/protocols/bgp.rst:684 +#: ../../configuration/protocols/bgp.rst:589 +msgid "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." +msgstr "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." + +#: ../../configuration/protocols/bgp.rst:706 msgid "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." msgstr "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." @@ -17237,7 +18573,7 @@ msgstr "When adding IPv6 routing information exchange feature to BGP. There were msgid "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." msgstr "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." -#: ../../configuration/service/pppoe-server.rst:169 +#: ../../configuration/service/pppoe-server.rst:238 msgid "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." msgstr "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." @@ -17271,17 +18607,21 @@ msgstr "When dequeuing, each hash-bucket with data is queried in a round robin f msgid "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." msgstr "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." -#: ../../configuration/vrf/index.rst:188 +#: ../../configuration/vrf/index.rst:207 msgid "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." msgstr "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." -#: ../../configuration/pki/index.rst:176 -#: ../../configuration/pki/index.rst:219 +#: ../../configuration/vpn/ipsec.rst:529 +msgid "When first connecting to the new VPN the user is prompted to enter proper credentials." +msgstr "When first connecting to the new VPN the user is prompted to enter proper credentials." + +#: ../../configuration/pki/index.rst:178 +#: ../../configuration/pki/index.rst:221 msgid "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" -#: ../../configuration/pki/index.rst:197 -#: ../../configuration/pki/index.rst:235 +#: ../../configuration/pki/index.rst:199 +#: ../../configuration/pki/index.rst:237 msgid "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" @@ -17325,7 +18665,7 @@ msgstr "When set the interface is enabled for \"dial-on-demand\"." msgid "When specified, this should be the only keyword for the interface." msgstr "When specified, this should be the only keyword for the interface." -#: ../../configuration/system/option.rst:60 +#: ../../configuration/system/option.rst:90 msgid "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." msgstr "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." @@ -17334,7 +18674,7 @@ msgstr "When starting a VyOS live system (the installation CD) the configured ke msgid "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." msgstr "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." -#: ../../configuration/vpn/site2site_ipsec.rst:416 +#: ../../configuration/vpn/site2site_ipsec.rst:419 msgid "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." msgstr "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." @@ -17346,6 +18686,10 @@ msgstr "When the command above is set, VyOS will answer every ICMP echo request msgid "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." msgstr "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." +#: ../../configuration/highavailability/index.rst:321 +msgid "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" +msgstr "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" + #: ../../_include/interface-address-with-dhcp.txt:14 msgid "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" msgstr "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" @@ -17366,6 +18710,10 @@ msgstr "When using NAT for a large number of host systems it recommended that a msgid "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." msgstr "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." +#: ../../configuration/protocols/rpki.rst:161 +msgid "When using SSH, private-key-file and public-key-file are mandatory options." +msgstr "When using SSH, private-key-file and public-key-file are mandatory options." + #: ../../configuration/vpn/openconnect.rst:222 msgid "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" msgstr "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" @@ -17450,12 +18798,23 @@ msgstr "Will be recorded only packets/flows on **incoming** direction in configu msgid "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" msgstr "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" +#: ../../configuration/vpn/ipsec.rst:501 +msgid "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." +msgstr "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." + +#: ../../configuration/service/pppoe-server.rst:579 +#: ../../configuration/vpn/l2tp.rst:514 +#: ../../configuration/vpn/pptp.rst:438 +#: ../../configuration/vpn/sstp.rst:472 +msgid "Windows Internet Name Service (WINS) servers propagated to client" +msgstr "Windows Internet Name Service (WINS) servers propagated to client" + #: ../../configuration/vpn/remoteaccess_ipsec.rst:147 msgid "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." msgstr "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." #: ../../configuration/interfaces/wireguard.rst:7 -#: ../../configuration/pki/index.rst:132 +#: ../../configuration/pki/index.rst:134 msgid "WireGuard" msgstr "WireGuard" @@ -17524,17 +18883,17 @@ msgstr "With this command, you can specify how the URL path should be matched ag msgid "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." msgstr "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." -#: ../../configuration/service/dhcp-server.rst:257 -#: ../../configuration/service/dhcp-server.rst:262 -#: ../../configuration/service/dhcp-server.rst:267 -#: ../../configuration/service/dhcp-server.rst:277 -#: ../../configuration/service/dhcp-server.rst:282 -#: ../../configuration/service/dhcp-server.rst:312 -#: ../../configuration/service/dhcp-server.rst:317 -#: ../../configuration/service/dhcp-server.rst:322 -#: ../../configuration/service/dhcp-server.rst:342 -#: ../../configuration/service/dhcp-server.rst:347 -#: ../../configuration/service/dhcp-server.rst:357 +#: ../../configuration/service/dhcp-server.rst:263 +#: ../../configuration/service/dhcp-server.rst:268 +#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:318 +#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:363 msgid "Y" msgstr "Y" @@ -17542,7 +18901,7 @@ msgstr "Y" msgid "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." msgstr "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." -#: ../../configuration/system/login.rst:365 +#: ../../configuration/system/login.rst:369 msgid "You are able to set post-login or pre-login banner messages to display certain information for this system." msgstr "You are able to set post-login or pre-login banner messages to display certain information for this system." @@ -17562,7 +18921,11 @@ msgstr "You can also define custom timeout values to apply to a specific subset msgid "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" msgstr "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" -#: ../../configuration/system/ipv6.rst:107 +#: ../../configuration/service/router-advert.rst:58 +msgid "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." +msgstr "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." + +#: ../../configuration/system/ipv6.rst:120 msgid "You can also specify which IPv6 access-list should be shown:" msgstr "You can also specify which IPv6 access-list should be shown:" @@ -17578,7 +18941,7 @@ msgstr "You can also use another attributes for identify client for disconnect, msgid "You can also write a description for a filter:" msgstr "You can also write a description for a filter:" -#: ../../configuration/system/login.rst:78 +#: ../../configuration/system/login.rst:82 msgid "You can assign multiple keys to the same user by using a unique identifier per SSH key." msgstr "You can assign multiple keys to the same user by using a unique identifier per SSH key." @@ -17614,7 +18977,7 @@ msgstr "You can create multiple VLAN interfaces on a physical interface. The VLA msgid "You can disable a VRRP group with ``disable`` option:" msgstr "You can disable a VRRP group with ``disable`` option:" -#: ../../configuration/system/ipv6.rst:122 +#: ../../configuration/system/ipv6.rst:135 msgid "You can get more specific OSPFv3 information by using the parameters shown below:" msgstr "You can get more specific OSPFv3 information by using the parameters shown below:" @@ -17626,11 +18989,11 @@ msgstr "You can not assign the same allowed-ips statement to multiple WireGuard msgid "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" msgstr "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" -#: ../../configuration/vpn/sstp.rst:332 +#: ../../configuration/vpn/sstp.rst:505 msgid "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." msgstr "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." -#: ../../configuration/system/login.rst:443 +#: ../../configuration/system/login.rst:447 msgid "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." msgstr "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." @@ -17718,6 +19081,10 @@ msgstr "You will also need the public key of your peer as well as the network(s) msgid "Your ISPs modem is connected to port ``eth0`` of your VyOS box." msgstr "Your ISPs modem is connected to port ``eth0`` of your VyOS box." +#: ../../configuration/service/router-advert.rst:110 +msgid "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" +msgstr "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" + #: ../../configuration/system/ip.rst:31 #: ../../configuration/system/ipv6.rst:27 #: ../../configuration/vrf/index.rst:44 @@ -17758,7 +19125,7 @@ msgstr "(This can be useful when a called service has many and/or often changing msgid ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." msgstr ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." -#: ../../configuration/protocols/static.rst:152 +#: ../../configuration/protocols/static.rst:185 msgid ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." msgstr ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." @@ -17818,7 +19185,7 @@ msgstr ":abbr:`IPSec (IP Security)` - too many RFCs to list, but start with :rfc msgid ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." msgstr ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." -#: ../../configuration/vrf/index.rst:401 +#: ../../configuration/vrf/index.rst:420 msgid ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." msgstr ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." @@ -18010,43 +19377,43 @@ msgstr ":lastproofread:2021-07-12" msgid ":opcmd:`generate pki wireguard key-pair`." msgstr ":opcmd:`generate pki wireguard key-pair`." -#: ../../configuration/vrf/index.rst:88 +#: ../../configuration/vrf/index.rst:107 msgid ":ref:`routing-bgp`" msgstr ":ref:`routing-bgp`" -#: ../../configuration/vrf/index.rst:104 +#: ../../configuration/vrf/index.rst:123 msgid ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" msgstr ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" -#: ../../configuration/vrf/index.rst:89 +#: ../../configuration/vrf/index.rst:108 msgid ":ref:`routing-isis`" msgstr ":ref:`routing-isis`" -#: ../../configuration/vrf/index.rst:105 +#: ../../configuration/vrf/index.rst:124 msgid ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" msgstr ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" -#: ../../configuration/vrf/index.rst:90 +#: ../../configuration/vrf/index.rst:109 msgid ":ref:`routing-ospf`" msgstr ":ref:`routing-ospf`" -#: ../../configuration/vrf/index.rst:106 +#: ../../configuration/vrf/index.rst:125 msgid ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" msgstr ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" -#: ../../configuration/vrf/index.rst:91 +#: ../../configuration/vrf/index.rst:110 msgid ":ref:`routing-ospfv3`" msgstr ":ref:`routing-ospfv3`" -#: ../../configuration/vrf/index.rst:107 +#: ../../configuration/vrf/index.rst:126 msgid ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" msgstr ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" -#: ../../configuration/vrf/index.rst:92 +#: ../../configuration/vrf/index.rst:111 msgid ":ref:`routing-static`" msgstr ":ref:`routing-static`" -#: ../../configuration/vrf/index.rst:108 +#: ../../configuration/vrf/index.rst:127 msgid ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" @@ -18054,7 +19421,7 @@ msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgid ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." msgstr ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." -#: ../../configuration/service/dns.rst:230 +#: ../../configuration/service/dns.rst:217 msgid ":rfc:`2136` Based" msgstr ":rfc:`2136` Based" @@ -18062,7 +19429,7 @@ msgstr ":rfc:`2136` Based" msgid ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." msgstr ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." -#: ../../configuration/pki/index.rst:15 +#: ../../configuration/pki/index.rst:17 msgid ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." msgstr ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." @@ -18086,19 +19453,19 @@ msgstr "`4. Add optional parameters`_" msgid "`<name>` must be identical on both sides!" msgstr "`<name>` must be identical on both sides!" -#: ../../configuration/pki/index.rst:202 +#: ../../configuration/pki/index.rst:204 msgid "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:181 +#: ../../configuration/pki/index.rst:183 msgid "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:240 +#: ../../configuration/pki/index.rst:242 msgid "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:224 +#: ../../configuration/pki/index.rst:226 msgid "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" @@ -18202,7 +19569,7 @@ msgstr "``802.3ad`` - IEEE 802.3ad Dynamic link aggregation. Creates aggregation msgid "``9600`` - 9600 bps" msgstr "``9600`` - 9600 bps" -#: ../../configuration/vpn/ipsec.rst:149 +#: ../../configuration/vpn/ipsec.rst:152 msgid "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" @@ -18210,6 +19577,14 @@ msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgid "``Known limitations:``" msgstr "``Known limitations:``" +#: ../../configuration/service/ipoe-server.rst:247 +#: ../../configuration/service/pppoe-server.rst:209 +#: ../../configuration/vpn/l2tp.rst:252 +#: ../../configuration/vpn/pptp.rst:192 +#: ../../configuration/vpn/sstp.rst:225 +msgid "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." +msgstr "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." + #: ../../configuration/loadbalancing/wan.rst:259 msgid "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" msgstr "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" @@ -18226,11 +19601,11 @@ msgstr "``a`` - 802.11a - 54 Mbits/sec" msgid "``ac`` - 802.11ac - 1300 Mbits/sec" msgstr "``ac`` - 802.11ac - 1300 Mbits/sec" -#: ../../configuration/policy/route-map.rst:375 +#: ../../configuration/policy/route-map.rst:378 msgid "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" msgstr "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" -#: ../../configuration/policy/route-map.rst:368 +#: ../../configuration/policy/route-map.rst:371 msgid "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" msgstr "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" @@ -18256,7 +19631,7 @@ msgstr "``active-backup`` - Active-backup policy: Only one slave in the bond is msgid "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." msgstr "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." -#: ../../configuration/vpn/ipsec.rst:96 +#: ../../configuration/vpn/ipsec.rst:98 msgid "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" msgstr "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" @@ -18268,11 +19643,15 @@ msgstr "``all-available`` all checking target addresses must be available to pas msgid "``any-available`` any of the checking target addresses must be available to pass this check" msgstr "``any-available`` any of the checking target addresses must be available to pass this check" -#: ../../configuration/vpn/site2site_ipsec.rst:385 +#: ../../configuration/vpn/site2site_ipsec.rst:388 msgid "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." msgstr "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." #: ../../configuration/vpn/site2site_ipsec.rst:18 +msgid "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" +msgstr "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" + +#: ../../configuration/vpn/site2site_ipsec.rst:18 msgid "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" msgstr "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" @@ -18292,11 +19671,11 @@ msgstr "``begin`` Matches the beginning of the URL path" msgid "``bgp`` - Border Gateway Protocol (BGP)" msgstr "``bgp`` - Border Gateway Protocol (BGP)" -#: ../../configuration/vpn/site2site_ipsec.rst:147 +#: ../../configuration/vpn/site2site_ipsec.rst:150 msgid "``bind`` - select a VTI interface to bind to this peer;" msgstr "``bind`` - select a VTI interface to bind to this peer;" -#: ../../configuration/policy/route-map.rst:376 +#: ../../configuration/policy/route-map.rst:379 msgid "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" msgstr "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" @@ -18312,6 +19691,10 @@ msgstr "``burst``: Number of packets allowed to overshoot the limit within ``per msgid "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" msgstr "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:61 +msgid "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" +msgstr "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" + #: ../../configuration/service/lldp.rst:65 msgid "``cdp`` - Listen for CDP for Cisco routers/switches" msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" @@ -18320,6 +19703,14 @@ msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" msgid "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" msgstr "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:64 +msgid "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" +msgstr "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" + +#: ../../configuration/vpn/ipsec.rst:66 +msgid "``clear`` closes the CHILD_SA and does not take further action (default);" +msgstr "``clear`` closes the CHILD_SA and does not take further action (default);" + #: ../../configuration/vpn/ipsec.rst:65 msgid "``clear`` set action to clear;" msgstr "``clear`` set action to clear;" @@ -18328,11 +19719,15 @@ msgstr "``clear`` set action to clear;" msgid "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." msgstr "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +#: ../../configuration/vpn/site2site_ipsec.rst:414 +msgid "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +msgstr "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." + #: ../../configuration/vpn/ipsec.rst:47 msgid "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" msgstr "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" -#: ../../configuration/vpn/ipsec.rst:122 +#: ../../configuration/vpn/ipsec.rst:125 msgid "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." msgstr "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." @@ -18344,7 +19739,7 @@ msgstr "``compression`` whether IPComp compression of content is proposed on the msgid "``connected`` - Connected routes (directly attached subnet or host)" msgstr "``connected`` - Connected routes (directly attached subnet or host)" -#: ../../configuration/vpn/site2site_ipsec.rst:72 +#: ../../configuration/vpn/site2site_ipsec.rst:69 msgid "``connection-type`` - how to handle this connection process. Possible variants:" msgstr "``connection-type`` - how to handle this connection process. Possible variants:" @@ -18366,39 +19761,43 @@ msgstr "``d`` - Execution interval in days" msgid "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." msgstr "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +#: ../../configuration/vpn/site2site_ipsec.rst:403 +msgid "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +msgstr "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." + #: ../../configuration/vpn/ipsec.rst:56 msgid "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" msgstr "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" -#: ../../configuration/vpn/site2site_ipsec.rst:88 +#: ../../configuration/vpn/site2site_ipsec.rst:85 msgid "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" msgstr "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" -#: ../../configuration/vpn/site2site_ipsec.rst:92 +#: ../../configuration/vpn/site2site_ipsec.rst:89 msgid "``description`` - description for this peer;" msgstr "``description`` - description for this peer;" -#: ../../configuration/vpn/ipsec.rst:101 +#: ../../configuration/vpn/ipsec.rst:103 msgid "``dh-group`` dh-group;" msgstr "``dh-group`` dh-group;" -#: ../../configuration/vpn/site2site_ipsec.rst:23 +#: ../../configuration/vpn/site2site_ipsec.rst:24 msgid "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" msgstr "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" -#: ../../configuration/vpn/site2site_ipsec.rst:94 +#: ../../configuration/vpn/site2site_ipsec.rst:91 msgid "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" msgstr "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" -#: ../../configuration/vpn/ipsec.rst:88 +#: ../../configuration/vpn/ipsec.rst:90 msgid "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." msgstr "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." -#: ../../configuration/vpn/site2site_ipsec.rst:396 +#: ../../configuration/vpn/site2site_ipsec.rst:399 msgid "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." msgstr "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." -#: ../../configuration/vpn/ipsec.rst:162 +#: ../../configuration/vpn/ipsec.rst:166 msgid "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" msgstr "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" @@ -18406,7 +19805,7 @@ msgstr "``disable-route-autoinstall`` Do not automatically install routes to rem msgid "``disable`` - disable this tunnel;" msgstr "``disable`` - disable this tunnel;" -#: ../../configuration/vpn/ipsec.rst:147 +#: ../../configuration/vpn/ipsec.rst:150 msgid "``disable`` Disable PFS;" msgstr "``disable`` Disable PFS;" @@ -18424,15 +19823,15 @@ msgstr "``disable`` disable MOBIKE;" msgid "``drop``: drop the packet." msgstr "``drop``: drop the packet." -#: ../../configuration/system/login.rst:71 +#: ../../configuration/system/login.rst:75 msgid "``ecdsa-sha2-nistp256``" msgstr "``ecdsa-sha2-nistp256``" -#: ../../configuration/system/login.rst:72 +#: ../../configuration/system/login.rst:76 msgid "``ecdsa-sha2-nistp384``" msgstr "``ecdsa-sha2-nistp384``" -#: ../../configuration/system/login.rst:73 +#: ../../configuration/system/login.rst:77 msgid "``ecdsa-sha2-nistp521``" msgstr "``ecdsa-sha2-nistp521``" @@ -18440,7 +19839,7 @@ msgstr "``ecdsa-sha2-nistp521``" msgid "``edp`` - Listen for EDP for Extreme routers/switches" msgstr "``edp`` - Listen for EDP for Extreme routers/switches" -#: ../../configuration/vpn/ipsec.rst:145 +#: ../../configuration/vpn/ipsec.rst:148 msgid "``enable`` Inherit Diffie-Hellman group from IKE group (default);" msgstr "``enable`` Inherit Diffie-Hellman group from IKE group (default);" @@ -18452,11 +19851,11 @@ msgstr "``enable`` enable IPComp compression;" msgid "``enable`` enable MOBIKE (default for IKEv2);" msgstr "``enable`` enable MOBIKE (default for IKEv2);" -#: ../../configuration/vpn/ipsec.rst:103 +#: ../../configuration/vpn/ipsec.rst:105 msgid "``encryption`` encryption algorithm;" msgstr "``encryption`` encryption algorithm;" -#: ../../configuration/vpn/ipsec.rst:153 +#: ../../configuration/vpn/ipsec.rst:156 msgid "``encryption`` encryption algorithm (default 128 bit AES-CBC);" msgstr "``encryption`` encryption algorithm (default 128 bit AES-CBC);" @@ -18468,7 +19867,7 @@ msgstr "``end`` Matches the end of the URL path." msgid "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" msgstr "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" -#: ../../configuration/vpn/site2site_ipsec.rst:149 +#: ../../configuration/vpn/site2site_ipsec.rst:152 msgid "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." msgstr "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." @@ -18488,11 +19887,11 @@ msgstr "``file`` - path to the key file;" msgid "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/ipsec.rst:164 +#: ../../configuration/vpn/ipsec.rst:168 msgid "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/site2site_ipsec.rst:97 +#: ../../configuration/vpn/site2site_ipsec.rst:94 msgid "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" @@ -18500,7 +19899,7 @@ msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagr msgid "``g`` - 802.11g - 54 Mbits/sec (default)" msgstr "``g`` - 802.11g - 54 Mbits/sec (default)" -#: ../../configuration/policy/route-map.rst:367 +#: ../../configuration/policy/route-map.rst:370 msgid "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" @@ -18508,11 +19907,11 @@ msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL msgid "``h`` - Execution interval in hours" msgstr "``h`` - Execution interval in hours" -#: ../../configuration/vpn/ipsec.rst:105 +#: ../../configuration/vpn/ipsec.rst:107 msgid "``hash`` hash algorithm." msgstr "``hash`` hash algorithm." -#: ../../configuration/vpn/ipsec.rst:155 +#: ../../configuration/vpn/ipsec.rst:158 msgid "``hash`` hash algorithm (default sha1)." msgstr "``hash`` hash algorithm (default sha1)." @@ -18536,23 +19935,23 @@ msgstr "``ht40-`` - Both 20 MHz and 40 MHz with secondary channel below the prim msgid "``hvc0`` - Xen console" msgstr "``hvc0`` - Xen console" -#: ../../configuration/vpn/site2site_ipsec.rst:25 +#: ../../configuration/vpn/site2site_ipsec.rst:26 msgid "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" msgstr "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" -#: ../../configuration/vpn/site2site_ipsec.rst:101 +#: ../../configuration/vpn/site2site_ipsec.rst:98 msgid "``ike-group`` - IKE group to use for key exchanges;" msgstr "``ike-group`` - IKE group to use for key exchanges;" -#: ../../configuration/vpn/ipsec.rst:82 +#: ../../configuration/vpn/ipsec.rst:84 msgid "``ikev1`` use IKEv1 for Key Exchange;" msgstr "``ikev1`` use IKEv1 for Key Exchange;" -#: ../../configuration/vpn/site2site_ipsec.rst:103 +#: ../../configuration/vpn/site2site_ipsec.rst:100 msgid "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" msgstr "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" -#: ../../configuration/vpn/ipsec.rst:73 +#: ../../configuration/vpn/ipsec.rst:75 msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." @@ -18560,7 +19959,7 @@ msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticat msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" -#: ../../configuration/vpn/ipsec.rst:84 +#: ../../configuration/vpn/ipsec.rst:86 msgid "``ikev2`` use IKEv2 for Key Exchange;" msgstr "``ikev2`` use IKEv2 for Key Exchange;" @@ -18568,23 +19967,27 @@ msgstr "``ikev2`` use IKEv2 for Key Exchange;" msgid "``in``: Ruleset for forwarded packets on an inbound interface" msgstr "``in``: Ruleset for forwarded packets on an inbound interface" -#: ../../configuration/vpn/site2site_ipsec.rst:75 +#: ../../configuration/vpn/site2site_ipsec.rst:72 msgid "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" msgstr "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" -#: ../../configuration/vpn/ipsec.rst:166 +#: ../../configuration/system/option.rst:50 +msgid "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" +msgstr "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" + +#: ../../configuration/vpn/ipsec.rst:170 msgid "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" msgstr "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" -#: ../../configuration/pki/index.rst:148 +#: ../../configuration/pki/index.rst:150 msgid "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." msgstr "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." -#: ../../configuration/policy/route-map.rst:366 +#: ../../configuration/policy/route-map.rst:369 msgid "``internet`` - Well-known communities value 0" msgstr "``internet`` - Well-known communities value 0" -#: ../../configuration/vpn/ipsec.rst:69 +#: ../../configuration/vpn/ipsec.rst:71 msgid "``interval`` keep-alive interval in seconds <2-86400> (default 30);" msgstr "``interval`` keep-alive interval in seconds <2-86400> (default 30);" @@ -18602,7 +20005,7 @@ msgstr "``jump``: jump to another custom chain." msgid "``kernel`` - Kernel routes" msgstr "``kernel`` - Kernel routes" -#: ../../configuration/vpn/ipsec.rst:78 +#: ../../configuration/vpn/ipsec.rst:80 msgid "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" msgstr "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" @@ -18610,7 +20013,7 @@ msgstr "``key-exchange`` which protocol should be used to initialize the connect msgid "``key`` - a private key, which will be used for authenticating local router on remote peer:" msgstr "``key`` - a private key, which will be used for authenticating local router on remote peer:" -#: ../../configuration/system/option.rst:107 +#: ../../configuration/system/option.rst:137 msgid "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." msgstr "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." @@ -18622,19 +20025,19 @@ msgstr "``least-connection`` Distributes requests to the server with the fewest msgid "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" msgstr "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" -#: ../../configuration/vpn/ipsec.rst:125 +#: ../../configuration/vpn/ipsec.rst:128 msgid "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" msgstr "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:128 +#: ../../configuration/vpn/ipsec.rst:131 msgid "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" msgstr "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:131 +#: ../../configuration/vpn/ipsec.rst:134 msgid "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" msgstr "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" -#: ../../configuration/vpn/ipsec.rst:86 +#: ../../configuration/vpn/ipsec.rst:88 msgid "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" @@ -18642,22 +20045,26 @@ msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgid "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" -#: ../../configuration/policy/route-map.rst:373 +#: ../../configuration/policy/route-map.rst:376 msgid "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" msgstr "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" -#: ../../configuration/vpn/site2site_ipsec.rst:107 +#: ../../configuration/vpn/site2site_ipsec.rst:104 msgid "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" msgstr "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" -#: ../../configuration/policy/route-map.rst:363 +#: ../../configuration/policy/route-map.rst:366 msgid "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" msgstr "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" -#: ../../configuration/vpn/site2site_ipsec.rst:31 +#: ../../configuration/vpn/site2site_ipsec.rst:32 msgid "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" msgstr "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:50 +msgid "``local-key`` - name of PKI key-pair with local private key" +msgstr "``local-key`` - name of PKI key-pair with local private key" + #: ../../configuration/firewall/general-legacy.rst:753 msgid "``local``: Ruleset for packets destined for this router" msgstr "``local``: Ruleset for packets destined for this router" @@ -18674,7 +20081,7 @@ msgstr "``m`` - Execution interval in minutes" msgid "``main`` Routing table used by VyOS and other interfaces not participating in PBR" msgstr "``main`` Routing table used by VyOS and other interfaces not participating in PBR" -#: ../../configuration/vpn/ipsec.rst:93 +#: ../../configuration/vpn/ipsec.rst:95 msgid "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" @@ -18682,19 +20089,23 @@ msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommen msgid "``message``: Full message that has triggered the script." msgstr "``message``: Full message that has triggered the script." +#: ../../configuration/system/option.rst:40 +msgid "``mitigations=off``" +msgstr "``mitigations=off``" + #: ../../configuration/vpn/ipsec.rst:92 msgid "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" msgstr "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" -#: ../../configuration/vpn/site2site_ipsec.rst:35 +#: ../../configuration/vpn/site2site_ipsec.rst:36 msgid "``mode`` - mode for authentication between VyOS and remote peer:" msgstr "``mode`` - mode for authentication between VyOS and remote peer:" -#: ../../configuration/vpn/ipsec.rst:91 +#: ../../configuration/vpn/ipsec.rst:93 msgid "``mode`` IKEv1 Phase 1 Mode Selection:" msgstr "``mode`` IKEv1 Phase 1 Mode Selection:" -#: ../../configuration/vpn/ipsec.rst:136 +#: ../../configuration/vpn/ipsec.rst:139 msgid "``mode`` the type of the connection:" msgstr "``mode`` the type of the connection:" @@ -18758,19 +20169,19 @@ msgstr "``net.ipv6.conf.all.accept_redirects``" msgid "``net.ipv6.conf.all.accept_source_route``" msgstr "``net.ipv6.conf.all.accept_source_route``" -#: ../../configuration/policy/route-map.rst:364 +#: ../../configuration/policy/route-map.rst:367 msgid "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" msgstr "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" -#: ../../configuration/policy/route-map.rst:365 +#: ../../configuration/policy/route-map.rst:368 msgid "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" msgstr "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" -#: ../../configuration/policy/route-map.rst:374 +#: ../../configuration/policy/route-map.rst:377 msgid "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" msgstr "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" -#: ../../configuration/policy/route-map.rst:377 +#: ../../configuration/policy/route-map.rst:380 msgid "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" msgstr "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" @@ -18782,7 +20193,7 @@ msgstr "``no`` disable remote host re-authenticaton during an IKE rekey;" msgid "``none`` - Execution interval in minutes" msgstr "``none`` - Execution interval in minutes" -#: ../../configuration/vpn/site2site_ipsec.rst:85 +#: ../../configuration/vpn/site2site_ipsec.rst:82 msgid "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." msgstr "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." @@ -18798,7 +20209,7 @@ msgstr "``noselect`` marks the server as unused, except for display purposes. Th msgid "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" msgstr "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" -#: ../../configuration/vpn/ipsec.rst:160 +#: ../../configuration/vpn/ipsec.rst:164 msgid "``options``" msgstr "``options``" @@ -18814,11 +20225,19 @@ msgstr "``ospfv3`` - Open Shortest Path First (IPv6) (OSPFv3)" msgid "``out``: Ruleset for forwarded packets on an outbound interface" msgstr "``out``: Ruleset for forwarded packets on an outbound interface" +#: ../../configuration/vpn/site2site_ipsec.rst:54 +msgid "``passphrase`` - local private key passphrase" +msgstr "``passphrase`` - local private key passphrase" + +#: ../../configuration/vpn/site2site_ipsec.rst:67 +msgid "``passphrase`` - private key passphrase, if needed." +msgstr "``passphrase`` - private key passphrase, if needed." + #: ../../configuration/vpn/site2site_ipsec.rst:70 msgid "``password`` - passphrase private key, if needed." msgstr "``password`` - passphrase private key, if needed." -#: ../../configuration/pki/index.rst:163 +#: ../../configuration/pki/index.rst:165 msgid "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." @@ -18826,7 +20245,7 @@ msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer msgid "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." msgstr "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." -#: ../../configuration/vpn/ipsec.rst:142 +#: ../../configuration/vpn/ipsec.rst:145 msgid "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" msgstr "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" @@ -18835,11 +20254,11 @@ msgid "``pool`` mobilizes persistent client mode association with a number of re msgstr "``pool`` mobilizes persistent client mode association with a number of remote servers." #: ../../configuration/vpn/site2site_ipsec.rst:126 -#: ../../configuration/vpn/site2site_ipsec.rst:136 +#: ../../configuration/vpn/site2site_ipsec.rst:139 msgid "``port`` - define port. Have effect only when used together with ``prefix``;" msgstr "``port`` - define port. Have effect only when used together with ``prefix``;" -#: ../../configuration/vpn/site2site_ipsec.rst:37 +#: ../../configuration/vpn/site2site_ipsec.rst:38 msgid "``pre-shared-secret`` - use predefined shared secret phrase;" msgstr "``pre-shared-secret`` - use predefined shared secret phrase;" @@ -18851,27 +20270,35 @@ msgstr "``prefer`` marks the server as preferred. All other things being equal, msgid "``prefix`` - IP network at local side." msgstr "``prefix`` - IP network at local side." -#: ../../configuration/vpn/site2site_ipsec.rst:138 +#: ../../configuration/vpn/site2site_ipsec.rst:141 msgid "``prefix`` - IP network at remote side." msgstr "``prefix`` - IP network at remote side." -#: ../../configuration/vpn/ipsec.rst:107 +#: ../../configuration/vpn/ipsec.rst:109 msgid "``prf`` pseudo-random function." msgstr "``prf`` pseudo-random function." -#: ../../configuration/vpn/ipsec.rst:151 +#: ../../configuration/vpn/site2site_ipsec.rst:130 +msgid "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" +msgstr "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" + +#: ../../configuration/system/option.rst:51 +msgid "``processor.max_cstate=1`` Limit processor to maximum C-state 1" +msgstr "``processor.max_cstate=1`` Limit processor to maximum C-state 1" + +#: ../../configuration/vpn/ipsec.rst:154 msgid "``proposal`` ESP-group proposal with number <1-65535>:" msgstr "``proposal`` ESP-group proposal with number <1-65535>:" -#: ../../configuration/vpn/ipsec.rst:99 +#: ../../configuration/vpn/ipsec.rst:101 msgid "``proposal`` the list of proposals and their parameters:" msgstr "``proposal`` the list of proposals and their parameters:" -#: ../../configuration/vpn/site2site_ipsec.rst:130 +#: ../../configuration/vpn/site2site_ipsec.rst:133 msgid "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" msgstr "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" -#: ../../configuration/vpn/site2site_ipsec.rst:21 +#: ../../configuration/vpn/site2site_ipsec.rst:22 msgid "``psk`` - Preshared secret key name:" msgstr "``psk`` - Preshared secret key name:" @@ -18890,7 +20317,7 @@ msgstr "``rate``: Number of packets. Default 5." msgid "``reject``: reject the packet." msgstr "``reject``: reject the packet." -#: ../../configuration/vpn/site2site_ipsec.rst:111 +#: ../../configuration/vpn/site2site_ipsec.rst:108 msgid "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." @@ -18898,10 +20325,18 @@ msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. msgid "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" msgstr "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" -#: ../../configuration/vpn/site2site_ipsec.rst:133 +#: ../../configuration/vpn/site2site_ipsec.rst:52 +msgid "``remote-key`` - name of PKI key-pair with remote public key" +msgstr "``remote-key`` - name of PKI key-pair with remote public key" + +#: ../../configuration/vpn/site2site_ipsec.rst:136 msgid "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" msgstr "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" +#: ../../configuration/vpn/site2site_ipsec.rst:113 +msgid "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" +msgstr "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" + #: ../../configuration/loadbalancing/reverse-proxy.rst:64 msgid "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" @@ -18910,10 +20345,14 @@ msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgid "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" msgstr "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" -#: ../../configuration/vpn/site2site_ipsec.rst:80 +#: ../../configuration/vpn/site2site_ipsec.rst:77 msgid "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." msgstr "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." +#: ../../configuration/vpn/ipsec.rst:68 +msgid "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" +msgstr "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" + #: ../../configuration/vpn/ipsec.rst:54 #: ../../configuration/vpn/ipsec.rst:67 msgid "``restart`` set action to restart;" @@ -18941,19 +20380,19 @@ msgstr "``round-robin`` - Round-robin policy: Transmit packets in sequential ord msgid "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" msgstr "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" -#: ../../configuration/policy/route-map.rst:369 +#: ../../configuration/policy/route-map.rst:372 msgid "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" msgstr "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" -#: ../../configuration/policy/route-map.rst:371 +#: ../../configuration/policy/route-map.rst:374 msgid "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" msgstr "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" -#: ../../configuration/policy/route-map.rst:370 +#: ../../configuration/policy/route-map.rst:373 msgid "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" msgstr "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" -#: ../../configuration/policy/route-map.rst:372 +#: ../../configuration/policy/route-map.rst:375 msgid "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" @@ -18961,11 +20400,19 @@ msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FI msgid "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" +#: ../../configuration/vpn/site2site_ipsec.rst:48 +msgid "``rsa`` - options for RSA authentication mode:" +msgstr "``rsa`` - options for RSA authentication mode:" + +#: ../../configuration/vpn/site2site_ipsec.rst:40 +msgid "``rsa`` - use simple shared RSA key." +msgstr "``rsa`` - use simple shared RSA key." + #: ../../configuration/vpn/site2site_ipsec.rst:39 msgid "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" -#: ../../configuration/vpn/site2site_ipsec.rst:27 +#: ../../configuration/vpn/site2site_ipsec.rst:28 msgid "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" msgstr "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" @@ -18978,10 +20425,13 @@ msgid "``set firewall ipv4 forward filter ...``." msgstr "``set firewall ipv4 forward filter ...``." #: ../../configuration/firewall/index.rst:54 -#: ../../configuration/firewall/index.rst:72 msgid "``set firewall ipv4 input filter ...``." msgstr "``set firewall ipv4 input filter ...``." +#: ../../configuration/firewall/index.rst:72 +msgid "``set firewall ipv4 output filter ...``." +msgstr "``set firewall ipv4 output filter ...``." + #: ../../configuration/firewall/index.rst:63 msgid "``set firewall ipv6 forward filter ...``." msgstr "``set firewall ipv6 forward filter ...``." @@ -19010,19 +20460,19 @@ msgstr "``sonmp`` - Listen for SONMP for Nortel routers/switches" msgid "``source-address`` Distributes requests based on the source IP address of the client" msgstr "``source-address`` Distributes requests based on the source IP address of the client" -#: ../../configuration/system/login.rst:74 +#: ../../configuration/system/login.rst:78 msgid "``ssh-dss``" msgstr "``ssh-dss``" -#: ../../configuration/system/login.rst:75 +#: ../../configuration/system/login.rst:79 msgid "``ssh-ed25519``" msgstr "``ssh-ed25519``" -#: ../../configuration/system/login.rst:49 +#: ../../configuration/system/login.rst:53 msgid "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" msgstr "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" -#: ../../configuration/system/login.rst:76 +#: ../../configuration/system/login.rst:80 msgid "``ssh-rsa``" msgstr "``ssh-rsa``" @@ -19034,6 +20484,10 @@ msgstr "``ssl-fc-sni-end`` SSL frontend match end of connection Server Name" msgid "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" msgstr "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" +#: ../../configuration/vpn/ipsec.rst:54 +msgid "``start`` tries to immediately re-create the CHILD_SA;" +msgstr "``start`` tries to immediately re-create the CHILD_SA;" + #: ../../configuration/policy/route-map.rst:173 msgid "``static`` - Statically configured routes" msgstr "``static`` - Statically configured routes" @@ -19083,11 +20537,11 @@ msgstr "``test-script``: A user defined script must return 0 to be considered su msgid "``threshold``: ``below`` or ``above`` the specified rate limit." msgstr "``threshold``: ``below`` or ``above`` the specified rate limit." -#: ../../configuration/system/option.rst:97 +#: ../../configuration/system/option.rst:127 msgid "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." msgstr "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." -#: ../../configuration/vpn/ipsec.rst:71 +#: ../../configuration/vpn/ipsec.rst:73 msgid "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" @@ -19095,10 +20549,18 @@ msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 msgid "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." msgstr "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." -#: ../../configuration/vpn/ipsec.rst:140 +#: ../../configuration/vpn/ipsec.rst:143 msgid "``transport`` transport mode;" msgstr "``transport`` transport mode;" +#: ../../configuration/vpn/ipsec.rst:63 +msgid "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" +msgstr "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" + +#: ../../configuration/vpn/ipsec.rst:52 +msgid "``trap`` installs a trap policy for the CHILD_SA;" +msgstr "``trap`` installs a trap policy for the CHILD_SA;" + #: ../../configuration/loadbalancing/wan.rst:179 msgid "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" msgstr "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" @@ -19115,7 +20577,7 @@ msgstr "``ttyUSBX`` - USB Serial device name" msgid "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" msgstr "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" -#: ../../configuration/vpn/ipsec.rst:138 +#: ../../configuration/vpn/ipsec.rst:141 msgid "``tunnel`` tunnel mode (default);" msgstr "``tunnel`` tunnel mode (default);" @@ -19123,11 +20585,11 @@ msgstr "``tunnel`` tunnel mode (default);" msgid "``type``: Specify the type of test. type can be ping, ttl or a user defined script" msgstr "``type``: Specify the type of test. type can be ping, ttl or a user defined script" -#: ../../configuration/vpn/site2site_ipsec.rst:51 +#: ../../configuration/vpn/site2site_ipsec.rst:56 msgid "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" msgstr "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" -#: ../../configuration/vpn/site2site_ipsec.rst:152 +#: ../../configuration/vpn/site2site_ipsec.rst:155 msgid "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." msgstr "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." @@ -19135,7 +20597,7 @@ msgstr "``virtual-address`` - Defines a virtual IP address which is requested by msgid "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." msgstr "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." -#: ../../configuration/vpn/ipsec.rst:168 +#: ../../configuration/vpn/ipsec.rst:172 msgid "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." @@ -19143,11 +20605,11 @@ msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated l msgid "``vnc`` - Virtual Network Control (VNC)" msgstr "``vnc`` - Virtual Network Control (VNC)" -#: ../../configuration/vpn/site2site_ipsec.rst:140 +#: ../../configuration/vpn/site2site_ipsec.rst:143 msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" -#: ../../configuration/vpn/site2site_ipsec.rst:54 +#: ../../configuration/vpn/site2site_ipsec.rst:59 msgid "``x509`` - options for x509 authentication mode:" msgstr "``x509`` - options for x509 authentication mode:" @@ -19163,10 +20625,26 @@ msgstr "``xor-hash`` - XOR policy: Transmit based on the selected transmit hash msgid "``yes`` enable remote host re-authentication during an IKE rekey;" msgstr "``yes`` enable remote host re-authentication during an IKE rekey;" -#: ../../configuration/system/option.rst:39 +#: ../../configuration/service/ntp.rst:90 +msgid "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." +msgstr "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." + +#: ../../configuration/service/ntp.rst:94 +msgid "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." +msgstr "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." + +#: ../../configuration/system/option.rst:69 msgid "`source-address` and `source-interface` can not be used at the same time." msgstr "`source-address` and `source-interface` can not be used at the same time." +#: ../../configuration/service/ntp.rst:102 +msgid "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." +msgstr "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." + +#: ../../configuration/service/ntp.rst:107 +msgid "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" +msgstr "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" + #: ../../configuration/protocols/rpki.rst:12 msgid "`tweet by EvilMog`_, 2020-02-21" msgstr "`tweet by EvilMog`_, 2020-02-21" @@ -19194,7 +20672,7 @@ msgstr "alert" msgid "all" msgstr "all" -#: ../../configuration/vrf/index.rst:428 +#: ../../configuration/vrf/index.rst:447 msgid "an RD / RTLIST" msgstr "an RD / RTLIST" @@ -19234,23 +20712,23 @@ msgstr "bgpd" msgid "bonding" msgstr "bonding" -#: ../../configuration/service/dhcp-server.rst:305 +#: ../../configuration/service/dhcp-server.rst:311 msgid "boot-size" msgstr "boot-size" -#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:304 msgid "bootfile-name" msgstr "bootfile-name" -#: ../../configuration/service/dhcp-server.rst:300 +#: ../../configuration/service/dhcp-server.rst:306 msgid "bootfile-name, filename" msgstr "bootfile-name, filename" -#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:294 msgid "bootfile-server" msgstr "bootfile-server" -#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:309 msgid "bootfile-size" msgstr "bootfile-size" @@ -19258,7 +20736,7 @@ msgstr "bootfile-size" msgid "bridge" msgstr "bridge" -#: ../../configuration/service/dhcp-server.rst:236 +#: ../../configuration/service/dhcp-server.rst:242 msgid "client-prefix-length" msgstr "client-prefix-length" @@ -19286,15 +20764,19 @@ msgstr "cron" msgid "daemon" msgstr "daemon" -#: ../../configuration/service/dns.rst:384 +#: ../../configuration/service/dns.rst:405 msgid "ddclient_ has another way to determine the WAN IP address. This is controlled by:" msgstr "ddclient_ has another way to determine the WAN IP address. This is controlled by:" -#: ../../configuration/service/dns.rst:218 +#: ../../configuration/service/dns.rst:232 msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." -#: ../../configuration/service/dns.rst:413 +#: ../../configuration/service/dns.rst:205 +msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." +msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." + +#: ../../configuration/service/dns.rst:415 msgid "ddclient_ will skip any address located before the string set in `<pattern>`." msgstr "ddclient_ will skip any address located before the string set in `<pattern>`." @@ -19306,7 +20788,7 @@ msgstr "debug" msgid "decrement-lifetime" msgstr "decrement-lifetime" -#: ../../configuration/service/dhcp-server.rst:335 +#: ../../configuration/service/dhcp-server.rst:341 msgid "default-lease-time, max-lease-time" msgstr "default-lease-time, max-lease-time" @@ -19318,7 +20800,7 @@ msgstr "default-lifetime" msgid "default-preference" msgstr "default-preference" -#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:254 msgid "default-router" msgstr "default-router" @@ -19330,15 +20812,15 @@ msgstr "default min-threshold" msgid "deprecate-prefix" msgstr "deprecate-prefix" -#: ../../configuration/highavailability/index.rst:354 +#: ../../configuration/highavailability/index.rst:364 msgid "destination-hashing" msgstr "destination-hashing" -#: ../../configuration/service/dhcp-server.rst:285 +#: ../../configuration/service/dhcp-server.rst:291 msgid "dhcp-server-identifier" msgstr "dhcp-server-identifier" -#: ../../configuration/highavailability/index.rst:364 +#: ../../configuration/highavailability/index.rst:374 msgid "direct" msgstr "direct" @@ -19356,17 +20838,17 @@ msgstr "disable: No source validation" msgid "dnssl" msgstr "dnssl" -#: ../../configuration/service/dhcp-server.rst:263 -#: ../../configuration/service/dhcp-server.rst:265 +#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:271 msgid "domain-name" msgstr "domain-name" -#: ../../configuration/service/dhcp-server.rst:260 +#: ../../configuration/service/dhcp-server.rst:266 msgid "domain-name-servers" msgstr "domain-name-servers" -#: ../../configuration/service/dhcp-server.rst:318 -#: ../../configuration/service/dhcp-server.rst:320 +#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:326 msgid "domain-search" msgstr "domain-search" @@ -19402,11 +20884,11 @@ msgstr "ethernet" msgid "exact-match: exact match of the network prefixes." msgstr "exact-match: exact match of the network prefixes." -#: ../../configuration/service/dhcp-server.rst:343 +#: ../../configuration/service/dhcp-server.rst:349 msgid "exclude" msgstr "exclude" -#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:354 msgid "failover" msgstr "failover" @@ -19418,8 +20900,8 @@ msgstr "fast: Request partner to transmit LACPDUs every 1 second" msgid "file <file name>" msgstr "file <file name>" -#: ../../configuration/protocols/bgp.rst:826 -#: ../../configuration/protocols/bgp.rst:832 +#: ../../configuration/protocols/bgp.rst:848 +#: ../../configuration/protocols/bgp.rst:854 msgid "filter-list" msgstr "filter-list" @@ -19431,6 +20913,10 @@ msgstr "ftp" msgid "full - always use full-duplex" msgstr "full - always use full-duplex" +#: ../../configuration/service/router-advert.rst:16 +msgid "geneve" +msgstr "geneve" + #: ../../configuration/interfaces/ethernet.rst:32 msgid "half - always use half-duplex" msgstr "half - always use half-duplex" @@ -19443,7 +20929,7 @@ msgstr "hop-limit" msgid "host: single host IP address to match." msgstr "host: single host IP address to match." -#: ../../configuration/system/option.rst:89 +#: ../../configuration/system/option.rst:119 msgid "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" msgstr "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" @@ -19475,8 +20961,8 @@ msgstr "invalid" msgid "inverse-match: network/netmask to match (requires network be defined)." msgstr "inverse-match: network/netmask to match (requires network be defined)." -#: ../../configuration/service/dhcp-server.rst:268 -#: ../../configuration/service/dhcp-server.rst:270 +#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:276 msgid "ip-forwarding" msgstr "ip-forwarding" @@ -19496,7 +20982,7 @@ msgstr "it does not increase hardware device interrupt rate (although it does in msgid "kern" msgstr "kern" -#: ../../configuration/service/router-advert.rst:16 +#: ../../configuration/service/router-advert.rst:17 msgid "l2tpv3" msgstr "l2tpv3" @@ -19504,27 +20990,27 @@ msgstr "l2tpv3" msgid "ldpd" msgstr "ldpd" -#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:339 msgid "lease" msgstr "lease" -#: ../../configuration/highavailability/index.rst:351 +#: ../../configuration/highavailability/index.rst:361 msgid "least-connection" msgstr "least-connection" -#: ../../configuration/vpn/site2site_ipsec.rst:275 +#: ../../configuration/vpn/site2site_ipsec.rst:278 msgid "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" msgstr "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" -#: ../../configuration/vpn/site2site_ipsec.rst:167 +#: ../../configuration/vpn/site2site_ipsec.rst:170 msgid "left local_ip: `198.51.100.3` # server side WAN IP" msgstr "left local_ip: `198.51.100.3` # server side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:276 +#: ../../configuration/vpn/site2site_ipsec.rst:279 msgid "left public_ip:172.18.201.10" msgstr "left public_ip:172.18.201.10" -#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:168 msgid "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" msgstr "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" @@ -19592,7 +21078,7 @@ msgstr "local use 5 (local5)" msgid "local use 7 (local7)" msgstr "local use 7 (local7)" -#: ../../configuration/highavailability/index.rst:355 +#: ../../configuration/highavailability/index.rst:365 msgid "locality-based-least-connection" msgstr "locality-based-least-connection" @@ -19666,12 +21152,12 @@ msgstr "more information related IGP - :ref:`routing-isis`" msgid "more information related IGP - :ref:`routing-ospf`" msgstr "more information related IGP - :ref:`routing-ospf`" -#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:264 #: ../../configuration/service/router-advert.rst:1 msgid "name-server" msgstr "name-server" -#: ../../configuration/service/dhcp-server.rst:280 +#: ../../configuration/service/dhcp-server.rst:286 msgid "netbios-name-servers" msgstr "netbios-name-servers" @@ -19687,7 +21173,7 @@ msgstr "network: network/netmask to match (requires inverse-match be defined) BU msgid "news" msgstr "news" -#: ../../configuration/service/dhcp-server.rst:290 +#: ../../configuration/service/dhcp-server.rst:296 msgid "next-server" msgstr "next-server" @@ -19711,11 +21197,11 @@ msgstr "notice" msgid "ntp" msgstr "ntp" -#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:279 msgid "ntp-server" msgstr "ntp-server" -#: ../../configuration/service/dhcp-server.rst:275 +#: ../../configuration/service/dhcp-server.rst:281 msgid "ntp-servers" msgstr "ntp-servers" @@ -19723,7 +21209,7 @@ msgstr "ntp-servers" msgid "one rule with a LAN (inbound-interface) and the WAN (interface)." msgstr "one rule with a LAN (inbound-interface) and the WAN (interface)." -#: ../../configuration/service/router-advert.rst:17 +#: ../../configuration/service/router-advert.rst:18 msgid "openvpn" msgstr "openvpn" @@ -19763,8 +21249,8 @@ msgstr "policy extcommunity-list" msgid "policy large-community-list" msgstr "policy large-community-list" -#: ../../configuration/service/dhcp-server.rst:313 -#: ../../configuration/service/dhcp-server.rst:315 +#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:321 msgid "pop-server" msgstr "pop-server" @@ -19772,17 +21258,17 @@ msgstr "pop-server" msgid "preferred-lifetime" msgstr "preferred-lifetime" -#: ../../configuration/protocols/bgp.rst:827 -#: ../../configuration/protocols/bgp.rst:831 +#: ../../configuration/protocols/bgp.rst:849 +#: ../../configuration/protocols/bgp.rst:853 msgid "prefix-list, distribute-list" msgstr "prefix-list, distribute-list" -#: ../../configuration/service/router-advert.rst:18 +#: ../../configuration/service/router-advert.rst:19 msgid "pseudo-ethernet" msgstr "pseudo-ethernet" -#: ../../configuration/service/dhcp-server.rst:338 -#: ../../configuration/service/dhcp-server.rst:340 +#: ../../configuration/service/dhcp-server.rst:344 +#: ../../configuration/service/dhcp-server.rst:346 msgid "range" msgstr "range" @@ -19790,7 +21276,7 @@ msgstr "range" msgid "reachable-time" msgstr "reachable-time" -#: ../../configuration/system/ip.rst:82 +#: ../../configuration/system/ip.rst:95 msgid "reset commands" msgstr "reset commands" @@ -19798,7 +21284,7 @@ msgstr "reset commands" msgid "retrans-timer" msgstr "retrans-timer" -#: ../../configuration/service/dhcp-server.rst:325 +#: ../../configuration/service/dhcp-server.rst:331 msgid "rfc3442-static-route, windows-static-route" msgstr "rfc3442-static-route, windows-static-route" @@ -19806,15 +21292,15 @@ msgstr "rfc3442-static-route, windows-static-route" msgid "rfc3768-compatibility" msgstr "rfc3768-compatibility" -#: ../../configuration/vpn/site2site_ipsec.rst:277 +#: ../../configuration/vpn/site2site_ipsec.rst:280 msgid "right local_ip: 172.18.202.10 # right side WAN IP" msgstr "right local_ip: 172.18.202.10 # right side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:169 +#: ../../configuration/vpn/site2site_ipsec.rst:172 msgid "right local_ip: `203.0.113.2` # remote office side WAN IP" msgstr "right local_ip: `203.0.113.2` # remote office side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:168 +#: ../../configuration/vpn/site2site_ipsec.rst:171 msgid "right subnet: `10.0.0.0/24` site2,remote office side" msgstr "right subnet: `10.0.0.0/24` site2,remote office side" @@ -19822,16 +21308,16 @@ msgstr "right subnet: `10.0.0.0/24` site2,remote office side" msgid "ripd" msgstr "ripd" -#: ../../configuration/highavailability/index.rst:349 +#: ../../configuration/highavailability/index.rst:359 msgid "round-robin" msgstr "round-robin" -#: ../../configuration/protocols/bgp.rst:825 -#: ../../configuration/protocols/bgp.rst:833 +#: ../../configuration/protocols/bgp.rst:847 +#: ../../configuration/protocols/bgp.rst:855 msgid "route-map" msgstr "route-map" -#: ../../configuration/service/dhcp-server.rst:250 +#: ../../configuration/service/dhcp-server.rst:256 msgid "routers" msgstr "routers" @@ -19848,7 +21334,7 @@ msgstr "sFlow is a technology that enables monitoring of network traffic by send msgid "security" msgstr "security" -#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:289 msgid "server-identifier" msgstr "server-identifier" @@ -19865,11 +21351,11 @@ msgstr "set a destination and/or source address. Accepted input:" msgid "sha256 Hashes" msgstr "sha256 Hashes" -#: ../../configuration/system/ip.rst:50 +#: ../../configuration/system/ip.rst:63 msgid "show commands" msgstr "show commands" -#: ../../configuration/service/dhcp-server.rst:289 +#: ../../configuration/service/dhcp-server.rst:295 msgid "siaddr" msgstr "siaddr" @@ -19877,8 +21363,8 @@ msgstr "siaddr" msgid "slow: Request partner to transmit LACPDUs every 30 seconds" msgstr "slow: Request partner to transmit LACPDUs every 30 seconds" -#: ../../configuration/service/dhcp-server.rst:308 -#: ../../configuration/service/dhcp-server.rst:310 +#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:316 msgid "smtp-server" msgstr "smtp-server" @@ -19886,7 +21372,7 @@ msgstr "smtp-server" msgid "software filters can easily be added to hash over new protocols," msgstr "software filters can easily be added to hash over new protocols," -#: ../../configuration/highavailability/index.rst:353 +#: ../../configuration/highavailability/index.rst:363 msgid "source-hashing" msgstr "source-hashing" @@ -19898,11 +21384,11 @@ msgstr "spoke01-spoke04" msgid "spoke05" msgstr "spoke05" -#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:359 msgid "static-mapping" msgstr "static-mapping" -#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:329 msgid "static-route" msgstr "static-route" @@ -19912,7 +21398,7 @@ msgstr "static-route" msgid "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." msgstr "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." -#: ../../configuration/service/dhcp-server.rst:238 +#: ../../configuration/service/dhcp-server.rst:244 msgid "subnet-mask" msgstr "subnet-mask" @@ -19928,8 +21414,8 @@ msgstr "tail" msgid "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." msgstr "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." -#: ../../configuration/service/dhcp-server.rst:293 -#: ../../configuration/service/dhcp-server.rst:295 +#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:301 msgid "tftp-server-name" msgstr "tftp-server-name" @@ -19938,21 +21424,21 @@ msgstr "tftp-server-name" msgid "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." msgstr "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." -#: ../../configuration/service/dhcp-server.rst:242 -#: ../../configuration/service/dhcp-server.rst:244 +#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:250 msgid "time-offset" msgstr "time-offset" -#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:259 msgid "time-server" msgstr "time-server" -#: ../../configuration/service/dhcp-server.rst:255 +#: ../../configuration/service/dhcp-server.rst:261 msgid "time-servers" msgstr "time-servers" -#: ../../configuration/highavailability/index.rst:365 -#: ../../configuration/service/router-advert.rst:19 +#: ../../configuration/highavailability/index.rst:375 +#: ../../configuration/service/router-advert.rst:20 msgid "tunnel" msgstr "tunnel" @@ -19984,7 +21470,7 @@ msgstr "valid-lifetime" msgid "veth interfaces need to be created in pairs - it's called the peer name" msgstr "veth interfaces need to be created in pairs - it's called the peer name" -#: ../../configuration/service/router-advert.rst:20 +#: ../../configuration/service/router-advert.rst:21 msgid "vxlan" msgstr "vxlan" @@ -19996,11 +21482,11 @@ msgstr "warning" msgid "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." msgstr "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." -#: ../../configuration/highavailability/index.rst:352 +#: ../../configuration/highavailability/index.rst:362 msgid "weighted-least-connection" msgstr "weighted-least-connection" -#: ../../configuration/highavailability/index.rst:350 +#: ../../configuration/highavailability/index.rst:360 msgid "weighted-round-robin" msgstr "weighted-round-robin" @@ -20008,15 +21494,15 @@ msgstr "weighted-round-robin" msgid "while a *byte* is written as a single **b**." msgstr "while a *byte* is written as a single **b**." -#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:284 msgid "wins-server" msgstr "wins-server" -#: ../../configuration/service/router-advert.rst:21 +#: ../../configuration/service/router-advert.rst:22 msgid "wireguard" msgstr "wireguard" -#: ../../configuration/service/router-advert.rst:22 +#: ../../configuration/service/router-advert.rst:23 msgid "wireless" msgstr "wireless" @@ -20024,15 +21510,15 @@ msgstr "wireless" msgid "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." msgstr "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." -#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:334 msgid "wpad-url" msgstr "wpad-url" -#: ../../configuration/service/dhcp-server.rst:330 +#: ../../configuration/service/dhcp-server.rst:336 msgid "wpad-url, wpad-url code 252 = text" msgstr "wpad-url, wpad-url code 252 = text" -#: ../../configuration/service/router-advert.rst:23 +#: ../../configuration/service/router-advert.rst:24 msgid "wwan" msgstr "wwan" diff --git a/docs/_locale/de/contributing.pot b/docs/_locale/de/contributing.pot index 5f9d0337..706fcbfb 100644 --- a/docs/_locale/de/contributing.pot +++ b/docs/_locale/de/contributing.pot @@ -207,6 +207,10 @@ msgstr "Schlecht: radius (unless it's about the distance between a center of a c msgid "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." msgstr "Wenn man mutig ist und die neuesten Rolling Releases einsetzt, kann es manchmal zu Fehlern kommen, die wir in unserem Design übersehen haben. Diese Bugs sollten über Phabricator_ gemeldet werden, aber Sie können uns helfen, das Problem einzugrenzen. Loggen Sie sich in Ihr VyOS-System ein und wechseln Sie in den Konfigurationsmodus, indem Sie ``configure`` eingeben. Laden Sie nun Ihre Boot-Konfiguration neu, indem Sie einfach ``load`` gefolgt von Return eingeben." +#: ../../contributing/debugging.rst:160 +msgid "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +msgstr "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." + #: ../../contributing/debugging.rst:170 msgid "Boot Timing" msgstr "Startzeitpunkt" @@ -884,6 +888,10 @@ msgid "Our StrongSWAN build differs from the upstream:" msgstr "Our StrongSWAN build differs from the upstream:" #: ../../contributing/testing.rst:20 +msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." +msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." + +#: ../../contributing/testing.rst:20 msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." @@ -924,6 +932,10 @@ msgstr "Please submit your patches using the well-known GitHub pull-request agai msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." +#: ../../contributing/development.rst:254 +msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." +msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." + #: ../../contributing/testing.rst:104 msgid "Port description" msgstr "Port description" @@ -1017,6 +1029,10 @@ msgstr "Smoketests executes predefined VyOS CLI commands and checks if the desir msgid "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." msgstr "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +#: ../../contributing/testing.rst:45 +msgid "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +msgstr "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." + #: ../../contributing/build-vyos.rst:202 msgid "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." msgstr "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." @@ -1198,6 +1214,10 @@ msgid "The package ends up in deb_dist dir." msgstr "The package ends up in deb_dist dir." #: ../../contributing/debugging.rst:148 +msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" +msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" + +#: ../../contributing/debugging.rst:148 msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" @@ -1314,10 +1334,18 @@ msgid "To debug issues in priorities or to see what's going on in the background msgstr "To debug issues in priorities or to see what's going on in the background you can use the ``/opt/vyatta/sbin/priority.pl`` script which lists to you the execution order of the scripts." #: ../../contributing/build-vyos.rst:373 +msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" +msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" + +#: ../../contributing/build-vyos.rst:373 msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" #: ../../contributing/debugging.rst:182 +msgid "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" +msgstr "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" + +#: ../../contributing/debugging.rst:182 msgid "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" msgstr "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" @@ -1409,6 +1437,10 @@ msgstr "Virtualization Platforms" msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." +#: ../../contributing/debugging.rst:190 +msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." +msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." + #: ../../contributing/build-vyos.rst:168 msgid "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." msgstr "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." @@ -1485,6 +1517,10 @@ msgstr "When you are able to verify that it is actually a bug, spend some time t msgid "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." msgstr "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +#: ../../contributing/testing.rst:109 +msgid "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +msgstr "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." + #: ../../contributing/issues-features.rst:21 msgid "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." msgstr "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." @@ -1550,6 +1586,10 @@ msgstr "You have your own custom kernel `*.deb` packages in the `packages` folde msgid "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." msgstr "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +#: ../../contributing/debugging.rst:166 +msgid "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +msgstr "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." + #: ../../contributing/development.rst:146 msgid "You then can proceed with cloning your fork or add a new remote to your local repository:" msgstr "You then can proceed with cloning your fork or add a new remote to your local repository:" @@ -1666,6 +1706,10 @@ msgstr "commit:expression:" msgid "contine execution using ``cont``" msgstr "contine execution using ``cont``" +#: ../../contributing/debugging.rst:128 +msgid "continue execution using ``cont``" +msgstr "continue execution using ``cont``" + #: ../../contributing/development.rst:675 msgid "default:" msgstr "default:" diff --git a/docs/_locale/de/copyright.pot b/docs/_locale/de/copyright.pot index be71d158..8787d36c 100644 --- a/docs/_locale/de/copyright.pot +++ b/docs/_locale/de/copyright.pot @@ -13,6 +13,10 @@ msgid "Copyright Notice" msgstr "Copyright Notice" #: ../../copyright.md:3 +msgid "Copyright (C) 2018-2023 VyOS maintainers and contributors" +msgstr "Copyright (C) 2018-2023 VyOS maintainers and contributors" + +#: ../../copyright.md:3 msgid "Copyright (C) 2018-2024 VyOS maintainers and contributors" msgstr "Copyright (C) 2018-2024 VyOS maintainers and contributors" diff --git a/docs/_locale/de/documentation.pot b/docs/_locale/de/documentation.pot index 45c5de33..27c45a75 100644 --- a/docs/_locale/de/documentation.pot +++ b/docs/_locale/de/documentation.pot @@ -8,27 +8,47 @@ msgstr "" "Language: de\n" "Plural-Forms: nplurals=2; plural=(n==1) ? 0 : 1;\n" -#: ../../documentation.rst:239 +#: ../../documentation.rst:216 msgid "16bit ASN: ``64496 - 64511``" msgstr "16bit ASN: ``64496 - 64511``" -#: ../../documentation.rst:240 +#: ../../documentation.rst:84 +msgid "1. Theoretical information" +msgstr "1. Theoretical information" + +#: ../../documentation.rst:92 +msgid "2. Configuration description" +msgstr "2. Configuration description" + +#: ../../documentation.rst:217 msgid "32bit ASN: ``65536 - 65551``" msgstr "32bit ASN: ``65536 - 65551``" -#: ../../documentation.rst:182 +#: ../../documentation.rst:99 +msgid "3. Configuration examples" +msgstr "3. Configuration examples" + +#: ../../documentation.rst:105 +msgid "4. Known issues" +msgstr "4. Known issues" + +#: ../../documentation.rst:113 +msgid "5. Debugging" +msgstr "5. Debugging" + +#: ../../documentation.rst:159 msgid "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." msgstr "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." -#: ../../documentation.rst:103 +#: ../../documentation.rst:408 msgid "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." msgstr "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." -#: ../../documentation.rst:229 +#: ../../documentation.rst:206 msgid "Address space" msgstr "Address space" -#: ../../documentation.rst:390 +#: ../../documentation.rst:58 msgid "All RST files must follow the same TOC Level syntax and have to start with" msgstr "All RST files must follow the same TOC Level syntax and have to start with" @@ -36,7 +56,7 @@ msgstr "All RST files must follow the same TOC Level syntax and have to start wi msgid "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." msgstr "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." -#: ../../documentation.rst:53 +#: ../../documentation.rst:51 msgid "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." msgstr "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." @@ -48,23 +68,23 @@ msgstr "Anything else" msgid "Anything else that is not a configuration or an operation command has no predefined structure." msgstr "Anything else that is not a configuration or an operation command has no predefined structure." -#: ../../documentation.rst:257 +#: ../../documentation.rst:234 msgid "Autolinter" msgstr "Autolinter" -#: ../../documentation.rst:94 +#: ../../documentation.rst:399 msgid "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." msgstr "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." -#: ../../documentation.rst:123 +#: ../../documentation.rst:428 msgid "Check your configured remote repositories:" msgstr "Check your configured remote repositories:" -#: ../../documentation.rst:78 +#: ../../documentation.rst:383 msgid "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" msgstr "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" -#: ../../documentation.rst:107 +#: ../../documentation.rst:412 msgid "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." msgstr "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." @@ -72,55 +92,67 @@ msgstr "Commit your changes with the message, ``$ git commit -m \"<commit messag msgid "Configuration mode pages" msgstr "Configuration mode pages" -#: ../../documentation.rst:84 +#: ../../documentation.rst:389 msgid "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" msgstr "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" -#: ../../documentation.rst:180 +#: ../../documentation.rst:157 msgid "Cross-References" msgstr "Cross-References" -#: ../../documentation.rst:268 +#: ../../documentation.rst:245 msgid "Custom Sphinx-doc Markup" msgstr "Custom Sphinx-doc Markup" -#: ../../documentation.rst:270 +#: ../../documentation.rst:247 msgid "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." msgstr "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." -#: ../../documentation.rst:45 +#: ../../documentation.rst:94 +msgid "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." +msgstr "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." + +#: ../../documentation.rst:115 +msgid "Described procedures for debugging a service:" +msgstr "Described procedures for debugging a service:" + +#: ../../documentation.rst:43 msgid "Don't forget to update ``index.rst`` when adding a new node." msgstr "Don't forget to update ``index.rst`` when adding a new node." -#: ../../documentation.rst:259 +#: ../../documentation.rst:236 msgid "Each GitHub pull request is automatically linted to check the address space and line length." msgstr "Each GitHub pull request is automatically linted to check the address space and line length." -#: ../../documentation.rst:252 +#: ../../documentation.rst:81 +msgid "Each page must contain the following parts:" +msgstr "Each page must contain the following parts:" + +#: ../../documentation.rst:229 msgid "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." msgstr "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." -#: ../../documentation.rst:292 +#: ../../documentation.rst:269 msgid "For an inline configuration level command, use ``:cfgcmd:``" msgstr "For an inline configuration level command, use ``:cfgcmd:``" -#: ../../documentation.rst:328 +#: ../../documentation.rst:305 msgid "For an inline operational level command, use ``:opcmd:``" msgstr "For an inline operational level command, use ``:opcmd:``" -#: ../../documentation.rst:186 +#: ../../documentation.rst:163 msgid "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." msgstr "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." -#: ../../documentation.rst:405 +#: ../../documentation.rst:70 msgid "For example:" msgstr "For example:" -#: ../../documentation.rst:76 +#: ../../documentation.rst:381 msgid "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" msgstr "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" -#: ../../documentation.rst:58 +#: ../../documentation.rst:363 msgid "Forking Workflow" msgstr "Forking Workflow" @@ -128,6 +160,10 @@ msgstr "Forking Workflow" msgid "Formating and Sphinxmarkup" msgstr "Formating and Sphinxmarkup" +#: ../../documentation.rst:127 +msgid "Formatting and Sphinxmarkup" +msgstr "Formatting and Sphinxmarkup" + #: ../../documentation.rst:432 msgid "General concepts for troubleshooting and detailed process descriptions belong here." msgstr "General concepts for troubleshooting and detailed process descriptions belong here." @@ -140,7 +176,7 @@ msgstr "Guidelines" msgid "If there some troubleshooting guides related to the commands. Explain it in the next optional part." msgstr "If there some troubleshooting guides related to the commands. Explain it in the next optional part." -#: ../../documentation.rst:143 +#: ../../documentation.rst:448 msgid "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" msgstr "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" @@ -152,43 +188,43 @@ msgstr "If you are willing to contribute to our documentation this is the defini msgid "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." msgstr "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." -#: ../../documentation.rst:417 +#: ../../documentation.rst:75 msgid "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." msgstr "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." -#: ../../documentation.rst:50 +#: ../../documentation.rst:48 msgid "Indent with two spaces." msgstr "Indent with two spaces." -#: ../../documentation.rst:81 +#: ../../documentation.rst:386 msgid "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" msgstr "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" -#: ../../documentation.rst:49 +#: ../../documentation.rst:47 msgid "Leave a newline before and after a header." msgstr "Leave a newline before and after a header." -#: ../../documentation.rst:250 +#: ../../documentation.rst:227 msgid "Limit all lines to a maximum of 80 characters." msgstr "Limit all lines to a maximum of 80 characters." -#: ../../documentation.rst:248 +#: ../../documentation.rst:225 msgid "Line length" msgstr "Line length" -#: ../../documentation.rst:87 +#: ../../documentation.rst:392 msgid "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." msgstr "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." -#: ../../documentation.rst:242 +#: ../../documentation.rst:219 msgid "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" msgstr "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" -#: ../../documentation.rst:231 +#: ../../documentation.rst:208 msgid "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" msgstr "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" -#: ../../documentation.rst:118 +#: ../../documentation.rst:423 msgid "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" msgstr "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" @@ -200,39 +236,43 @@ msgstr "Operation mode commands that do not fit in a related configuration mode msgid "Operation mode pages" msgstr "Operation mode pages" -#: ../../documentation.rst:385 +#: ../../documentation.rst:56 msgid "Page content" msgstr "Page content" -#: ../../documentation.rst:244 +#: ../../documentation.rst:221 msgid "Please do not use other public address space." msgstr "Please do not use other public address space." -#: ../../documentation.rst:47 +#: ../../documentation.rst:101 +msgid "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." +msgstr "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." + +#: ../../documentation.rst:45 msgid "Properly quote commands, filenames and brief code snippets with double backticks." msgstr "Properly quote commands, filenames and brief code snippets with double backticks." -#: ../../documentation.rst:112 +#: ../../documentation.rst:417 msgid "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" msgstr "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" -#: ../../documentation.rst:420 +#: ../../documentation.rst:78 msgid "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." msgstr "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." -#: ../../documentation.rst:262 +#: ../../documentation.rst:239 msgid "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." msgstr "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." -#: ../../documentation.rst:147 +#: ../../documentation.rst:124 msgid "Style Guide" msgstr "Style Guide" -#: ../../documentation.rst:114 +#: ../../documentation.rst:419 msgid "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." msgstr "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." -#: ../../documentation.rst:153 +#: ../../documentation.rst:130 msgid "TOC Level" msgstr "TOC Level" @@ -240,7 +280,7 @@ msgstr "TOC Level" msgid "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." msgstr "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." -#: ../../documentation.rst:60 +#: ../../documentation.rst:365 msgid "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." msgstr "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." @@ -248,7 +288,7 @@ msgstr "The Forking Workflow is fundamentally different from other popular Git w msgid "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." msgstr "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." -#: ../../documentation.rst:401 +#: ../../documentation.rst:66 msgid "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." msgstr "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." @@ -260,51 +300,59 @@ msgstr "The documentation has 3 different types of pages. The same kind of pages msgid "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." msgstr "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." -#: ../../documentation.rst:41 +#: ../../documentation.rst:39 msgid "The following is a quick summary of the rules:" msgstr "The following is a quick summary of the rules:" -#: ../../documentation.rst:66 +#: ../../documentation.rst:371 msgid "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." msgstr "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." -#: ../../documentation.rst:199 +#: ../../documentation.rst:176 msgid "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." msgstr "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." +#: ../../documentation.rst:86 +msgid "Theoretical information required for users to understand the next document sections:" +msgstr "Theoretical information required for users to understand the next document sections:" + #: ../../documentation.rst:35 msgid "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." msgstr "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." -#: ../../documentation.rst:299 +#: ../../documentation.rst:107 +msgid "This section must contain a list of:" +msgstr "This section must contain a list of:" + +#: ../../documentation.rst:276 msgid "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." msgstr "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." -#: ../../documentation.rst:337 +#: ../../documentation.rst:314 msgid "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." msgstr "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." -#: ../../documentation.rst:46 +#: ../../documentation.rst:44 msgid "Try not to exceed 80 characters per line, but don't break URLs over this." msgstr "Try not to exceed 80 characters per line, but don't break URLs over this." -#: ../../documentation.rst:241 +#: ../../documentation.rst:218 msgid "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" msgstr "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" -#: ../../documentation.rst:73 +#: ../../documentation.rst:378 msgid "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." msgstr "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." -#: ../../documentation.rst:43 +#: ../../documentation.rst:41 msgid "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." msgstr "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." -#: ../../documentation.rst:48 +#: ../../documentation.rst:46 msgid "Use literal blocks for longer snippets." msgstr "Use literal blocks for longer snippets." -#: ../../documentation.rst:99 +#: ../../documentation.rst:404 msgid "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." msgstr "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." @@ -312,35 +360,39 @@ msgstr "View modified files by calling ``$ git status``. You will get an overvie msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +#: ../../documentation.rst:20 +msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." + #: ../../documentation.rst:9 msgid "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." msgstr "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." -#: ../../documentation.rst:155 +#: ../../documentation.rst:132 msgid "We use the following syntax for Headlines." msgstr "We use the following syntax for Headlines." -#: ../../documentation.rst:277 +#: ../../documentation.rst:254 msgid "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." msgstr "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." -#: ../../documentation.rst:316 +#: ../../documentation.rst:293 msgid "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." msgstr "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." -#: ../../documentation.rst:51 +#: ../../documentation.rst:49 msgid "When in doubt, follow the style of existing documentation." msgstr "When in doubt, follow the style of existing documentation." -#: ../../documentation.rst:375 +#: ../../documentation.rst:352 msgid "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." msgstr "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." -#: ../../documentation.rst:319 +#: ../../documentation.rst:296 msgid "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." -#: ../../documentation.rst:282 +#: ../../documentation.rst:259 msgid "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." @@ -352,66 +404,98 @@ msgstr "Write Documentation" msgid "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." msgstr "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." -#: ../../documentation.rst:133 +#: ../../documentation.rst:29 +msgid "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." +msgstr "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." + +#: ../../documentation.rst:438 msgid "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." msgstr "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." -#: ../../documentation.rst:235 +#: ../../documentation.rst:212 msgid "``192.0.2.0/24``" msgstr "``192.0.2.0/24``" -#: ../../documentation.rst:236 +#: ../../documentation.rst:213 msgid "``198.51.100.0/24``" msgstr "``198.51.100.0/24``" -#: ../../documentation.rst:238 +#: ../../documentation.rst:215 msgid "``2001:db8::/32``" msgstr "``2001:db8::/32``" -#: ../../documentation.rst:237 +#: ../../documentation.rst:214 msgid "``203.0.113.0/24``" msgstr "``203.0.113.0/24``" -#: ../../documentation.rst:194 +#: ../../documentation.rst:171 msgid "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" msgstr "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" -#: ../../documentation.rst:190 +#: ../../documentation.rst:167 msgid "``:ref:`configuration/interfaces/ethernet:vlan``" msgstr "``:ref:`configuration/interfaces/ethernet:vlan``" -#: ../../documentation.rst:407 +#: ../../documentation.rst:72 msgid "``set firewall zone`` is written in ``firewall/zone.rst``" msgstr "``set firewall zone`` is written in ``firewall/zone.rst``" -#: ../../documentation.rst:408 +#: ../../documentation.rst:73 msgid "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" msgstr "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" -#: ../../documentation.rst:275 +#: ../../documentation.rst:88 +msgid "a simple explanation of what is this page about, why or when it is required to be used" +msgstr "a simple explanation of what is this page about, why or when it is required to be used" + +#: ../../documentation.rst:252 msgid "cfgcmd" msgstr "cfgcmd" -#: ../../documentation.rst:335 +#: ../../documentation.rst:312 msgid "cmdinclude" msgstr "cmdinclude" -#: ../../documentation.rst:197 +#: ../../documentation.rst:174 msgid "handle build errors" msgstr "handle build errors" -#: ../../documentation.rst:314 +#: ../../documentation.rst:117 +msgid "how to collect logs or other debugging information (like `show` commands output)" +msgstr "how to collect logs or other debugging information (like `show` commands output)" + +#: ../../documentation.rst:118 +msgid "how to read and what to search for in logs and collected information" +msgstr "how to read and what to search for in logs and collected information" + +#: ../../documentation.rst:109 +msgid "known issues or potential problems for the service or use case" +msgstr "known issues or potential problems for the service or use case" + +#: ../../documentation.rst:291 msgid "opcmd" msgstr "opcmd" -#: ../../documentation.rst:346 +#: ../../documentation.rst:89 +msgid "references to standards, RFCs" +msgstr "references to standards, RFCs" + +#: ../../documentation.rst:323 msgid "the content of interface-address.txt looks like this" msgstr "the content of interface-address.txt looks like this" -#: ../../documentation.rst:192 +#: ../../documentation.rst:169 msgid "to use an alternative hyperlink use it this way:" msgstr "to use an alternative hyperlink use it this way:" -#: ../../documentation.rst:373 +#: ../../documentation.rst:350 msgid "vytask" msgstr "vytask" + +#: ../../documentation.rst:119 +msgid "what are indicators of good and bad states in debugging outputs" +msgstr "what are indicators of good and bad states in debugging outputs" + +#: ../../documentation.rst:110 +msgid "workarounds for known issues (if any exist)" +msgstr "workarounds for known issues (if any exist)" diff --git a/docs/_locale/de/installation.pot b/docs/_locale/de/installation.pot index 6adeb7fe..f4eb678e 100644 --- a/docs/_locale/de/installation.pot +++ b/docs/_locale/de/installation.pot @@ -212,6 +212,10 @@ msgstr "Add one or more routes for networks you want to pass through the VyOS VM msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." +#: ../../installation/cloud/aws.rst:27 +msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." +msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." + #: ../../installation/vyos-on-baremetal.rst:394 msgid "Advanced > Serial Port Console Redirection > Console Redirection Settings:" msgstr "Advanced > Serial Port Console Redirection > Console Redirection Settings:" @@ -465,6 +469,10 @@ msgstr "Clients (where VyOS is to be installed) with a PXE-enabled NIC" msgid "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." msgstr "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +#: ../../installation/cloud/aws.rst:88 +msgid "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +msgstr "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." + #: ../../installation/cloud/aws.rst:82 msgid "CloudWatch SSM Configuration creation" msgstr "CloudWatch SSM Configuration creation" @@ -1303,6 +1311,10 @@ msgstr "Requirements" msgid "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." msgstr "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +#: ../../installation/cloud/aws.rst:69 +msgid "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +msgstr "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." + #: ../../installation/install.rst:74 msgid "Rolling Release" msgstr "Rolling Release" diff --git a/docs/_locale/de/quick-start.pot b/docs/_locale/de/quick-start.pot index 90903260..108f972b 100644 --- a/docs/_locale/de/quick-start.pot +++ b/docs/_locale/de/quick-start.pot @@ -101,6 +101,10 @@ msgid "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAG msgstr "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAGEMENT`` chain when new connections are addressed to port 22 (SSH) on the router itself:" #: ../../quick-start.rst:243 +msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." +msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." + +#: ../../quick-start.rst:243 msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." @@ -292,6 +296,10 @@ msgstr "To make firewall configuration easier, we can create groups of interface msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." +#: ../../quick-start.rst:164 +msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." +msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." + #: ../../quick-start.rst:90 msgid "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" msgstr "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" diff --git a/docs/_locale/en/LC_MESSAGES/automation.mo b/docs/_locale/en/LC_MESSAGES/automation.mo Binary files differindex 49ed194b..a6efd9bd 100644 --- a/docs/_locale/en/LC_MESSAGES/automation.mo +++ b/docs/_locale/en/LC_MESSAGES/automation.mo diff --git a/docs/_locale/en/LC_MESSAGES/cli.mo b/docs/_locale/en/LC_MESSAGES/cli.mo Binary files differindex 43736169..907726f2 100644 --- a/docs/_locale/en/LC_MESSAGES/cli.mo +++ b/docs/_locale/en/LC_MESSAGES/cli.mo diff --git a/docs/_locale/en/LC_MESSAGES/configexamples.mo b/docs/_locale/en/LC_MESSAGES/configexamples.mo Binary files differindex 5b6b8041..a1d1f74d 100644 --- a/docs/_locale/en/LC_MESSAGES/configexamples.mo +++ b/docs/_locale/en/LC_MESSAGES/configexamples.mo diff --git a/docs/_locale/en/LC_MESSAGES/configuration.mo b/docs/_locale/en/LC_MESSAGES/configuration.mo Binary files differindex abedbe89..bab6a1b2 100644 --- a/docs/_locale/en/LC_MESSAGES/configuration.mo +++ b/docs/_locale/en/LC_MESSAGES/configuration.mo diff --git a/docs/_locale/en/LC_MESSAGES/contributing.mo b/docs/_locale/en/LC_MESSAGES/contributing.mo Binary files differindex ef064a92..e4cef782 100644 --- a/docs/_locale/en/LC_MESSAGES/contributing.mo +++ b/docs/_locale/en/LC_MESSAGES/contributing.mo diff --git a/docs/_locale/en/LC_MESSAGES/copyright.mo b/docs/_locale/en/LC_MESSAGES/copyright.mo Binary files differindex b5e3d67d..d6b0d72e 100644 --- a/docs/_locale/en/LC_MESSAGES/copyright.mo +++ b/docs/_locale/en/LC_MESSAGES/copyright.mo diff --git a/docs/_locale/en/LC_MESSAGES/documentation.mo b/docs/_locale/en/LC_MESSAGES/documentation.mo Binary files differindex 5f5250aa..1ced609e 100644 --- a/docs/_locale/en/LC_MESSAGES/documentation.mo +++ b/docs/_locale/en/LC_MESSAGES/documentation.mo diff --git a/docs/_locale/en/LC_MESSAGES/installation.mo b/docs/_locale/en/LC_MESSAGES/installation.mo Binary files differindex 19a1ac80..abb49ad2 100644 --- a/docs/_locale/en/LC_MESSAGES/installation.mo +++ b/docs/_locale/en/LC_MESSAGES/installation.mo diff --git a/docs/_locale/en/LC_MESSAGES/quick-start.mo b/docs/_locale/en/LC_MESSAGES/quick-start.mo Binary files differindex c1b5d942..232f254b 100644 --- a/docs/_locale/en/LC_MESSAGES/quick-start.mo +++ b/docs/_locale/en/LC_MESSAGES/quick-start.mo diff --git a/docs/_locale/es/LC_MESSAGES/automation.mo b/docs/_locale/es/LC_MESSAGES/automation.mo Binary files differindex 3298d9cf..26440999 100644 --- a/docs/_locale/es/LC_MESSAGES/automation.mo +++ b/docs/_locale/es/LC_MESSAGES/automation.mo diff --git a/docs/_locale/es/LC_MESSAGES/cli.mo b/docs/_locale/es/LC_MESSAGES/cli.mo Binary files differindex 8d45db97..6f9a866d 100644 --- a/docs/_locale/es/LC_MESSAGES/cli.mo +++ b/docs/_locale/es/LC_MESSAGES/cli.mo diff --git a/docs/_locale/es/LC_MESSAGES/configexamples.mo b/docs/_locale/es/LC_MESSAGES/configexamples.mo Binary files differindex e22b1e9c..f8b2b3b2 100644 --- a/docs/_locale/es/LC_MESSAGES/configexamples.mo +++ b/docs/_locale/es/LC_MESSAGES/configexamples.mo diff --git a/docs/_locale/es/LC_MESSAGES/configuration.mo b/docs/_locale/es/LC_MESSAGES/configuration.mo Binary files differindex d0658d54..b87b8f13 100644 --- a/docs/_locale/es/LC_MESSAGES/configuration.mo +++ b/docs/_locale/es/LC_MESSAGES/configuration.mo diff --git a/docs/_locale/es/LC_MESSAGES/contributing.mo b/docs/_locale/es/LC_MESSAGES/contributing.mo Binary files differindex 1f87ad10..dbd1a68a 100644 --- a/docs/_locale/es/LC_MESSAGES/contributing.mo +++ b/docs/_locale/es/LC_MESSAGES/contributing.mo diff --git a/docs/_locale/es/LC_MESSAGES/copyright.mo b/docs/_locale/es/LC_MESSAGES/copyright.mo Binary files differindex 262368c4..f0decd2c 100644 --- a/docs/_locale/es/LC_MESSAGES/copyright.mo +++ b/docs/_locale/es/LC_MESSAGES/copyright.mo diff --git a/docs/_locale/es/LC_MESSAGES/documentation.mo b/docs/_locale/es/LC_MESSAGES/documentation.mo Binary files differindex 7c167f24..1aaaddab 100644 --- a/docs/_locale/es/LC_MESSAGES/documentation.mo +++ b/docs/_locale/es/LC_MESSAGES/documentation.mo diff --git a/docs/_locale/es/LC_MESSAGES/installation.mo b/docs/_locale/es/LC_MESSAGES/installation.mo Binary files differindex 1fde49bd..d0b2b61f 100644 --- a/docs/_locale/es/LC_MESSAGES/installation.mo +++ b/docs/_locale/es/LC_MESSAGES/installation.mo diff --git a/docs/_locale/es/LC_MESSAGES/quick-start.mo b/docs/_locale/es/LC_MESSAGES/quick-start.mo Binary files differindex 0a3a4fbb..ddd34e9a 100644 --- a/docs/_locale/es/LC_MESSAGES/quick-start.mo +++ b/docs/_locale/es/LC_MESSAGES/quick-start.mo diff --git a/docs/_locale/es/automation.pot b/docs/_locale/es/automation.pot index af30a70e..db0e2e72 100644 --- a/docs/_locale/es/automation.pot +++ b/docs/_locale/es/automation.pot @@ -8,6 +8,51 @@ msgstr "" "Language: es\n" "Plural-Forms: nplurals=2; plural=(n==1) ? 0 : 1;\n" +#: ../../automation/terraform/index.rst:15 +msgid "# terraformAZ # terraformvSphere # terraformGoogle" +msgstr "# terraformAZ # terraformvSphere # terraformGoogle" + +#: ../../automation/vyos-terraform.rst:707 +msgid "#az login" +msgstr "#az login" + +#: ../../automation/vyos-terraform.rst:261 +#: ../../automation/vyos-terraform.rst:283 +#: ../../automation/vyos-terraform.rst:711 +#: ../../automation/vyos-terraform.rst:731 +#: ../../automation/vyos-terraform.rst:1008 +#: ../../automation/vyos-terraform.rst:1029 +msgid "#cd /your folder" +msgstr "#cd /your folder" + +#: ../../automation/vyos-terraform.rst:287 +#: ../../automation/vyos-terraform.rst:735 +#: ../../automation/vyos-terraform.rst:1033 +msgid "#terraform apply" +msgstr "#terraform apply" + +#: ../../automation/vyos-terraform.rst:263 +#: ../../automation/vyos-terraform.rst:713 +#: ../../automation/vyos-terraform.rst:1010 +msgid "#terraform init" +msgstr "#terraform init" + +#: ../../automation/vyos-terraform.rst:285 +#: ../../automation/vyos-terraform.rst:733 +#: ../../automation/vyos-terraform.rst:1031 +msgid "#terraform plan" +msgstr "#terraform plan" + +#: ../../automation/vyos-terraform.rst:289 +#: ../../automation/vyos-terraform.rst:737 +#: ../../automation/vyos-terraform.rst:1035 +msgid "#yes" +msgstr "#yes" + +#: ../../automation/cloud-init.rst:363 +msgid "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." +msgstr "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." + #: ../../automation/cloud-init.rst:363 msgid "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." msgstr "**NOTA**: tenga cuidado al copiar y pegar comandos anteriores. Es posible que sea necesario corregir las comillas dobles." @@ -32,11 +77,11 @@ msgstr "**datos de usuario**: incluye comandos vyos." msgid "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" msgstr "El archivo **datos de usuario** debe comenzar con ``#cloud-config`` y contiene comandos vyos. Por ejemplo:" -#: ../../automation/vyos-api.rst:322 +#: ../../automation/vyos-api.rst:323 msgid "/config-file" msgstr "/archivo de configuración" -#: ../../automation/vyos-api.rst:265 +#: ../../automation/vyos-api.rst:266 msgid "/configure" msgstr "/configurar" @@ -68,10 +113,239 @@ msgstr "/recuperar" msgid "/show" msgstr "/espectáculo" +#: ../../automation/vyos-terraform.rst:993 +msgid "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" +msgstr "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:61 +msgid "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/vyos-terraform.rst:692 +msgid "1.1 Create an account with Azure" +msgstr "1.1 Create an account with Azure" + +#: ../../automation/vyos-terraform.rst:243 +msgid "1.2 Create a key pair and download your .pem key" +msgstr "1.2 Create a key pair and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:63 +msgid "1.2 Create a key pair_ and download your .pem key" +msgstr "1.2 Create a key pair_ and download your .pem key" + +#: ../../automation/vyos-terraform.rst:245 +msgid "1.3 Create a security group for the new VyOS instance" +msgstr "1.3 Create a security group for the new VyOS instance" + +#: ../../automation/terraform/terraformAWS.rst:70 +msgid "1.3 Create a security group_ for the new VyOS instance and open all traffic" +msgstr "1.3 Create a security group_ for the new VyOS instance and open all traffic" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + +#: ../../automation/terraform/terraformAWS.rst:266 +msgid "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." +msgstr "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." + +#: ../../automation/terraform/terraformvSphere.rst:23 +msgid "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" +msgstr "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:77 +#: ../../automation/terraform/terraformAZ.rst:54 +#: ../../automation/terraform/terraformvSphere.rst:53 +msgid "1 Create an UNIX instance whenever you want (local, cloud, and so on)" +msgstr "1 Create an UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:54 +#: ../../automation/terraform/terraformAZ.rst:26 +#: ../../automation/terraform/terraformvSphere.rst:29 +msgid "1 Create an UNIX or Windows instance" +msgstr "1 Create an UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:29 +msgid "1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/terraform/terraformAZ.rst:21 +msgid "1 Create an account with Azure" +msgstr "1 Create an account with Azure" + +#: ../../automation/terraform/terraformAWS.rst:86 +msgid "2.1 Create a0 UNIX or Windows instance" +msgstr "2.1 Create a0 UNIX or Windows instance" + +#: ../../automation/vyos-terraform.rst:250 +#: ../../automation/vyos-terraform.rst:697 +#: ../../automation/vyos-terraform.rst:998 +msgid "2.1 Create a UNIX or Windows instance" +msgstr "2.1 Create a UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:88 +msgid "2.2 Download and install Terraform" +msgstr "2.2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:90 +msgid "2.3 Create the folder for example /root/awsterraform" +msgstr "2.3 Create the folder for example /root/awsterraform" + +#: ../../automation/vyos-terraform.rst:254 +msgid "2.3 Create the folder for example ../awsvyos/" +msgstr "2.3 Create the folder for example ../awsvyos/" + +#: ../../automation/vyos-terraform.rst:701 +msgid "2.3 Create the folder for example ../azvyos/" +msgstr "2.3 Create the folder for example ../azvyos/" + +#: ../../automation/vyos-terraform.rst:1002 +msgid "2.3 Create the folder for example ../vsphere/" +msgstr "2.3 Create the folder for example ../vsphere/" + +#: ../../automation/vyos-terraform.rst:1004 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project" + +#: ../../automation/vyos-terraform.rst:703 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" + +#: ../../automation/terraform/terraformAWS.rst:96 +msgid "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" +msgstr "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" + +#: ../../automation/vyos-terraform.rst:256 +msgid "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" +msgstr "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" + +#: ../../automation/vyos-terraform.rst:705 +msgid "2.5 Login with Azure using the command" +msgstr "2.5 Login with Azure using the command" + +#: ../../automation/terraform/terraformAWS.rst:98 +msgid "2.5 Type the commands :" +msgstr "2.5 Type the commands :" + +#: ../../automation/terraform/terraformAZ.rst:44 +msgid "2.6 Type the commands :" +msgstr "2.6 Type the commands :" + +#: ../../automation/terraform/terraformAWS.rst:31 +msgid "2 Create a key pair_ and download your .pem key" +msgstr "2 Create a key pair_ and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:79 +#: ../../automation/terraform/terraformAZ.rst:56 +#: ../../automation/terraform/terraformvSphere.rst:55 +msgid "2 Download and install Ansible" +msgstr "2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:56 +#: ../../automation/terraform/terraformAZ.rst:28 +#: ../../automation/terraform/terraformvSphere.rst:31 +msgid "2 Download and install Terraform" +msgstr "2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:270 +msgid "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" +msgstr "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" + +#: ../../automation/vyos-terraform.rst:268 +#: ../../automation/vyos-terraform.rst:718 +#: ../../automation/vyos-terraform.rst:1016 +msgid "3.1 Create a UNIX instance" +msgstr "3.1 Create a UNIX instance" + +#: ../../automation/terraform/terraformAWS.rst:109 +msgid "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" +msgstr "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:111 +msgid "3.2 Download and install Ansible" +msgstr "3.2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:113 +msgid "3.3 Create the folder for example /root/aws/" +msgstr "3.3 Create the folder for example /root/aws/" + +#: ../../automation/vyos-terraform.rst:722 +msgid "3.3 Create the folder for example /root/az/" +msgstr "3.3 Create the folder for example /root/az/" + +#: ../../automation/vyos-terraform.rst:1020 +msgid "3.3 Create the folder for example /root/vsphere/" +msgstr "3.3 Create the folder for example /root/vsphere/" + +#: ../../automation/vyos-terraform.rst:274 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" + +#: ../../automation/vyos-terraform.rst:724 +#: ../../automation/vyos-terraform.rst:1022 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" + +#: ../../automation/terraform/terraformAWS.rst:115 +msgid "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAWS.rst:81 +msgid "3 Create the folder for example /root/aws/" +msgstr "3 Create the folder for example /root/aws/" + +#: ../../automation/terraform/terraformAWS.rst:58 +msgid "3 Create the folder for example /root/awsterraform" +msgstr "3 Create the folder for example /root/awsterraform" + +#: ../../automation/terraform/terraformAZ.rst:58 +msgid "3 Create the folder for example /root/az/" +msgstr "3 Create the folder for example /root/az/" + +#: ../../automation/terraform/terraformAZ.rst:30 +msgid "3 Create the folder for example /root/azvyos/" +msgstr "3 Create the folder for example /root/azvyos/" + +#: ../../automation/terraform/terraformvSphere.rst:33 +msgid "3 Create the folder for example /root/vsphereterraform" +msgstr "3 Create the folder for example /root/vsphereterraform" + +#: ../../automation/terraform/terraformvSphere.rst:57 +msgid "3 Create the folder for example /root/vsphereterraform/" +msgstr "3 Create the folder for example /root/vsphereterraform/" + +#: ../../automation/terraform/terraformAWS.rst:123 +msgid "4.1 Type the commands on your Terrafom instance:" +msgstr "4.1 Type the commands on your Terrafom instance:" + +#: ../../automation/terraform/terraformAWS.rst:83 +msgid "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAZ.rst:60 +msgid "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" +msgstr "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" + +#: ../../automation/terraform/terraformvSphere.rst:59 +msgid "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" +msgstr "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" + #: ../../automation/vyos-api.rst:41 msgid "API Endpoints" msgstr "Puntos finales de la API" +#: ../../automation/terraform/terraformAWS.rst:26 +msgid "AWS" +msgstr "AWS" + +#: ../../automation/vyos-terraform.rst:233 +msgid "AWS_terraform_ansible_single_vyos_instance" +msgstr "AWS_terraform_ansible_single_vyos_instance" + +#: ../../automation/cloud-init.rst:270 +msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." +msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." + #: ../../automation/cloud-init.rst:270 msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." msgstr "Se necesita una imagen qcow de VyOS con opciones de inicialización en la nube. Esto se puede obtener usando `vyos-vm-images`_ repo. Después de clonar el repositorio, edite el archivo **qemu.yml** y comente el rol **download-iso**." @@ -92,18 +366,43 @@ msgstr "No se permite un sÃmbolo de comillas simples dentro de un comando o val msgid "Accept minion key" msgstr "Aceptar clave de minion" +#: ../../automation/terraform/terraformAWS.rst:255 +msgid "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformAZ.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformvSphere.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + #: ../../automation/vyos-api.rst:15 msgid "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." msgstr "Todos los puntos finales solo escuchan solicitudes HTTP POST y la CLAVE API debe establecerse como ``clave`` en los datos del formulario." +#: ../../automation/terraform/terraformAWS.rst:539 +#: ../../automation/terraform/terraformAZ.rst:484 +#: ../../automation/terraform/terraformvSphere.rst:397 +msgid "All files about the article can be found here_" +msgstr "All files about the article can be found here_" + #: ../../automation/cloud-init.rst:115 msgid "All of these can be overridden using the configuration in user-data." msgstr "Todos estos pueden anularse mediante la configuración en los datos de usuario." +#: ../../automation/terraform/terraformAWS.rst:267 +msgid "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + #: ../../automation/cloud-init.rst:256 msgid "Also, this lab considers:" msgstr "Además, este laboratorio considera:" +#: ../../automation/terraform/terraformAWS.rst:74 +#: ../../automation/terraform/terraformAZ.rst:51 +#: ../../automation/terraform/terraformvSphere.rst:50 #: ../../automation/vyos-ansible.rst:6 msgid "Ansible" msgstr "Ansible" @@ -121,6 +420,15 @@ msgstr "En este paso, podemos obtener información del modo operativo de los nod msgid "Authentication" msgstr "Autenticación" +#: ../../automation/terraform/terraformAZ.rst:19 +msgid "Azure" +msgstr "Azur" + +#: ../../automation/vyos-terraform.rst:684 +#: ../../automation/vyos-terraform.rst:985 +msgid "Azure_terraform_ansible_single_vyos_instance" +msgstr "Azure_terraform_ansible_single_vyos_instance" + #: ../../automation/cloud-init.rst:241 msgid "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." msgstr "Antes de comenzar, consulte cloud-init `network-config-docs`_ para saber cómo importar configuraciones de usuario y de red." @@ -186,34 +494,38 @@ msgstr "Configuración" msgid "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" msgstr "Los comandos de configuración se ejecutan como en una sesión de configuración normal. Por ejemplo, si desea deshabilitar un par BGP en la transición VRRP a la copia de seguridad:" -#: ../../automation/vyos-pyvyos.rst:94 +#: ../../automation/vyos-pyvyos.rst:102 msgid "Configure, then Delete Object" msgstr "Configure, then Delete Object" -#: ../../automation/vyos-pyvyos.rst:141 +#: ../../automation/vyos-pyvyos.rst:149 msgid "Configure, then Load File" msgstr "Configure, then Load File" -#: ../../automation/vyos-pyvyos.rst:101 +#: ../../automation/vyos-pyvyos.rst:109 msgid "Configure, then Save" msgstr "Configure, then Save" -#: ../../automation/vyos-pyvyos.rst:108 +#: ../../automation/vyos-pyvyos.rst:116 msgid "Configure, then Save File" msgstr "Configure, then Save File" -#: ../../automation/vyos-pyvyos.rst:68 +#: ../../automation/vyos-pyvyos.rst:76 msgid "Configure, then Set" msgstr "Configure, then Set" -#: ../../automation/vyos-pyvyos.rst:85 +#: ../../automation/vyos-pyvyos.rst:93 msgid "Configure, then Show Object" msgstr "Configure, then Show Object" -#: ../../automation/vyos-pyvyos.rst:77 +#: ../../automation/vyos-pyvyos.rst:85 msgid "Configure, then Show a Single Object Value" msgstr "Configure, then Show a Single Object Value" +#: ../../automation/terraform/index.rst:5 +msgid "Content" +msgstr "Content" + #: ../../automation/vyos-napalm.rst:89 msgid "Content of commands.conf" msgstr "Contenido de comandos.conf" @@ -242,6 +554,30 @@ msgstr "Los scripts personalizados no se ejecutan con privilegios de root (Use s msgid "DHCP on first Ethernet interface if no network configuration is provided." msgstr "DHCP en la primera interfaz Ethernet si no se proporciona ninguna configuración de red." +#: ../../automation/terraform/terraformAWS.rst:6 +msgid "Deploying VyOS in the AWS cloud" +msgstr "Deploying VyOS in the AWS cloud" + +#: ../../automation/terraform/terraformAZ.rst:6 +msgid "Deploying VyOS in the Azure cloud" +msgstr "Deploying VyOS in the Azure cloud" + +#: ../../automation/terraform/terraformvSphere.rst:6 +msgid "Deploying VyOS in the vSphere infrastructure" +msgstr "Deploying VyOS in the vSphere infrastructure" + +#: ../../automation/terraform/terraformAWS.rst:39 +msgid "Deploying vyos in the AWS cloud" +msgstr "Deploying vyos in the AWS cloud" + +#: ../../automation/vyos-terraform.rst:299 +msgid "Deploying vyos in the Azure cloud" +msgstr "Deploying vyos in the Azure cloud" + +#: ../../automation/vyos-terraform.rst:742 +msgid "Deploying vyos in the Vsphere infrastructia" +msgstr "Deploying vyos in the Vsphere infrastructia" + #: ../../automation/vyos-netmiko.rst:12 msgid "Example" msgstr "Ejemplo" @@ -274,11 +610,39 @@ msgstr "Ejecución de secuencias de comandos pre-hooks/post-hooks" msgid "File contents" msgstr "Contenido del archivo" +#: ../../automation/terraform/terraformAWS.rst:476 +msgid "File contents of Ansible for AWS" +msgstr "File contents of Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:426 +msgid "File contents of Ansible for Azure" +msgstr "File contents of Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:338 +msgid "File contents of Ansible for vSphere" +msgstr "File contents of Ansible for vSphere" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "File contents of Terrafom for AWS" +msgstr "File contents of Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:93 +msgid "File contents of Terrafom for Azure" +msgstr "File contents of Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:96 +msgid "File contents of Terrafom for vSphere" +msgstr "File contents of Terrafom for vSphere" + #: ../../automation/cloud-init.rst:284 msgid "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" msgstr "Archivo generado con el comando anterior: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" #: ../../automation/cloud-init.rst:347 +msgid "Finally, file **meta-data** has no content, but it's required." +msgstr "Finally, file **meta-data** has no content, but it's required." + +#: ../../automation/cloud-init.rst:347 msgid "Finaly, file **meta-data** has no content, but it's required." msgstr "Finalmente, el archivo **metadatos** no tiene contenido, pero es obligatorio." @@ -306,7 +670,11 @@ msgstr "Para obtener más información sobre la fuente de datos NoCloud, visite msgid "From cli or GUI, power on VM, and after it boots, verify configuration" msgstr "Desde cli o GUI, encienda la VM y, después de que arranque, verifique la configuración" -#: ../../automation/vyos-pyvyos.rst:123 +#: ../../automation/terraform/terraformvyos.rst:26 +msgid "General commands that we will use for running Terraform scripts" +msgstr "General commands that we will use for running Terraform scripts" + +#: ../../automation/vyos-pyvyos.rst:131 msgid "Generate Object" msgstr "Generate Object" @@ -314,7 +682,7 @@ msgstr "Generate Object" msgid "Generate qcow image" msgstr "Generar imagen qcow" -#: ../../automation/vyos-pyvyos.rst:24 +#: ../../automation/vyos-pyvyos.rst:32 msgid "Getting Started" msgstr "Getting Started" @@ -326,6 +694,22 @@ msgstr "Aquà hay un ejemplo simple:" msgid "Here is an example cloud-config that appends configuration at the time of first boot." msgstr "Aquà hay un ejemplo de configuración en la nube que agrega la configuración en el momento del primer arranque." +#: ../../automation/terraform/terraformAWS.rst:23 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" + +#: ../../automation/terraform/terraformAZ.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" + +#: ../../automation/vyos-terraform.rst:987 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" + +#: ../../automation/terraform/terraformvSphere.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" + #: ../../automation/cloud-init.rst:377 msgid "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." msgstr "Almacenamiento de archivos ISO: el volumen ``local`` se utiliza para el almacenamiento de archivos ``.iso``. En este escenario, el tipo de volumen ``local`` se establece en **directorio**, y se adjunta a ``/var/lib/vz``." @@ -350,7 +734,7 @@ msgstr "Si necesita recopilar información de los comandos de Linux para configu msgid "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." msgstr "Si desea programar las configuraciones en un idioma que no sea bash, puede tener los comandos de salida de su script y luego generarlos en un script bash." -#: ../../automation/vyos-pyvyos.rst:27 +#: ../../automation/vyos-pyvyos.rst:35 msgid "Importing and Disabling Warnings for verify=False" msgstr "Importing and Disabling Warnings for verify=False" @@ -362,6 +746,18 @@ msgstr "En el servidor Proxmox, se utilizarán tres archivos para esta configura msgid "In VyOS, by default, enables only two modules:" msgstr "En VyOS, por defecto, habilita solo dos módulos:" +#: ../../automation/terraform/terraformAWS.rst:17 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." + #: ../../automation/cloud-init.rst:307 msgid "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" msgstr "En esta práctica de laboratorio, todos los archivos se encuentran en ``/tmp/``. Entonces, antes de continuar, pasemos a ese directorio:" @@ -374,7 +770,7 @@ msgstr "En esta práctica de laboratorio, usamos la versión 1.3.0 de VyOS y con msgid "Initial Configuration" msgstr "Configuracion inicial" -#: ../../automation/vyos-pyvyos.rst:47 +#: ../../automation/vyos-pyvyos.rst:55 msgid "Initializing a VyDevice Object" msgstr "Initializing a VyDevice Object" @@ -386,7 +782,7 @@ msgstr "La inyección de datos de configuración no se limita a las plataformas msgid "Install ``napalm-vyos`` module" msgstr "Instalar el módulo ``napalm-vyos''" -#: ../../automation/vyos-pyvyos.rst:15 +#: ../../automation/vyos-pyvyos.rst:23 msgid "Installation" msgstr "Instalación" @@ -398,6 +794,10 @@ msgstr "Es posible configurar VyOS a través del módulo proxy netmiko_. Requier msgid "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." msgstr "Los principales proveedores de la nube ofrecen un medio para proporcionar datos de usuario en el momento del lanzamiento de la instancia. Se puede proporcionar como texto sin formato o como texto codificado en base64, según el proveedor de la nube. Además, se puede comprimir usando gzip, lo que tiene sentido con una larga lista de comandos de configuración, debido al lÃmite estricto de ~16384 bytes para todos los datos del usuario." +#: ../../automation/terraform/terraformAWS.rst:282 +msgid "Make sure that Ansible is pinging from Terrafom." +msgstr "Make sure that Ansible is pinging from Terrafom." + #: ../../automation/cloud-init.rst:20 msgid "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." msgstr "Metadatos: los metadatos provienen de la plataforma en la nube o el hipervisor. En algunas nubes, se implementa como punto final HTTP en ``http://169.254.169.254``." @@ -410,6 +810,10 @@ msgstr "Claves más importantes a tener en cuenta:" msgid "Napalm" msgstr "Napalm" +#: ../../automation/terraform/terraformvyos.rst:13 +msgid "Need to install_ Terraform" +msgstr "Need to install_ Terraform" + #: ../../automation/vyos-netmiko.rst:6 msgid "Netmiko" msgstr "Netmiko" @@ -418,6 +822,10 @@ msgstr "Netmiko" msgid "Netmiko-proxy" msgstr "Netmiko-proxy" +#: ../../automation/terraform/terraformAWS.rst:-1 +msgid "Network Topology Diagram" +msgstr "Diagrama de topologÃa de red" + #: ../../automation/cloud-init.rst:24 msgid "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." msgstr "Configuración de red: esta fuente de configuración informa al sistema sobre la configuración de red, como direcciones IP, rutas, DNS. Disponible solo en varias plataformas de nube y virtualización." @@ -431,6 +839,7 @@ msgid "NoCloud" msgstr "Sin Nube" #: ../../automation/index.rst:6 +#: ../../automation/terraform/index.rst:6 msgid "Nornir" msgstr "brujas" @@ -495,6 +904,18 @@ msgstr "Encendido de VM y verificaciones" msgid "Preconfig on boot" msgstr "Preconfiguración en el arranque" +#: ../../automation/terraform/terraformAWS.rst:21 +msgid "Preparation steps for deploying VyOS on AWS" +msgstr "Preparation steps for deploying VyOS on AWS" + +#: ../../automation/terraform/terraformAZ.rst:14 +msgid "Preparation steps for deploying VyOS on Azure" +msgstr "Preparation steps for deploying VyOS on Azure" + +#: ../../automation/terraform/terraformvSphere.rst:14 +msgid "Preparation steps for deploying VyOS on vSphere" +msgstr "Preparation steps for deploying VyOS on vSphere" + #: ../../automation/cloud-init.rst:296 msgid "Prepare cloud-init files" msgstr "Preparar archivos de inicialización en la nube" @@ -523,10 +944,14 @@ msgstr "Referencias" msgid "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." msgstr "Elimine el cliente dhcp predeterminado en la primera interfaz y cargue otra configuración durante el primer arranque, usando cloud-init." -#: ../../automation/vyos-pyvyos.rst:132 +#: ../../automation/vyos-pyvyos.rst:140 msgid "Reset Object" msgstr "Reset Object" +#: ../../automation/vyos-terraform.rst:22 +msgid "Run Terraform" +msgstr "Run Terraform" + #: ../../automation/vyos-ansible.rst:80 msgid "Run ansible" msgstr "ejecutar ansible" @@ -555,11 +980,11 @@ msgstr "Sal" msgid "Salt master configuration:" msgstr "Configuración maestra de sal:" -#: ../../automation/vyos-api.rst:344 +#: ../../automation/vyos-api.rst:345 msgid "Save a running configuration to a file." msgstr "Guarde una configuración en ejecución en un archivo." -#: ../../automation/vyos-api.rst:326 +#: ../../automation/vyos-api.rst:327 msgid "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." msgstr "Guarde una configuración en ejecución en la configuración de inicio. Cuando no especifica el archivo al guardar, se guarda en ``/config/config.boot``." @@ -571,7 +996,7 @@ msgstr "Guión vyos-napalm.py" msgid "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." msgstr "Los scripts se ejecutan en orden alfabético. Sus nombres deben consistir completamente en letras mayúsculas y minúsculas ASCII, dÃgitos ASCII, guiones bajos ASCII y guiones negativos ASCII. No se permiten otros caracteres." -#: ../../automation/vyos-pyvyos.rst:115 +#: ../../automation/vyos-pyvyos.rst:123 msgid "Show Object" msgstr "Show Object" @@ -579,6 +1004,32 @@ msgstr "Show Object" msgid "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." msgstr "A veces, simplemente no desea ejecutar un montón de comandos de modo operativo a través de SSH en un sistema VyOS remoto." +#: ../../automation/command-scripting.rst:52 +msgid "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." +msgstr "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." + +#: ../../automation/terraform/terraformAWS.rst:537 +msgid "Sourse files for AWS from GIT" +msgstr "Sourse files for AWS from GIT" + +#: ../../automation/terraform/terraformAZ.rst:482 +msgid "Sourse files for Azure from GIT" +msgstr "Sourse files for Azure from GIT" + +#: ../../automation/terraform/terraformvSphere.rst:395 +msgid "Sourse files for vSphere from GIT" +msgstr "Sourse files for vSphere from GIT" + +#: ../../automation/terraform/terraformAWS.rst:88 +#: ../../automation/terraform/terraformAZ.rst:63 +#: ../../automation/terraform/terraformvSphere.rst:62 +msgid "Start" +msgstr "Start" + +#: ../../automation/terraform/terraformAWS.rst:102 +msgid "Start creating an AWS instance and check the result" +msgstr "Start creating an AWS instance and check the result" + #: ../../automation/cloud-init.rst:260 msgid "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." msgstr "Storaged used: volumen local, que está montado en el directorio **/var/lib/vz**, y contiene todo tipo de contenido, incluidos fragmentos." @@ -591,11 +1042,64 @@ msgstr "Estructura de /srv/salt:" msgid "Structure of files" msgstr "Estructura de archivos" +#: ../../automation/vyos-terraform.rst:166 +#: ../../automation/vyos-terraform.rst:624 +msgid "Structure of files Ansible" +msgstr "Structure of files Ansible" + +#: ../../automation/terraform/terraformAWS.rst:463 +msgid "Structure of files Ansible for AWS" +msgstr "Structure of files Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:414 +msgid "Structure of files Ansible for Azure" +msgstr "Structure of files Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:326 +msgid "Structure of files Ansible for vSphere" +msgstr "Structure of files Ansible for vSphere" + +#: ../../automation/vyos-terraform.rst:38 +#: ../../automation/vyos-terraform.rst:302 +#: ../../automation/vyos-terraform.rst:745 +msgid "Structure of files Terrafom" +msgstr "Structure of files Terrafom" + +#: ../../automation/terraform/terraformAWS.rst:285 +msgid "Structure of files Terrafom for AWS" +msgstr "Structure of files Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:83 +msgid "Structure of files Terrafom for Azure" +msgstr "Structure of files Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:84 +msgid "Structure of files Terrafom for vSphere" +msgstr "Structure of files Terrafom for vSphere" + +#: ../../automation/terraform/terraformvyos.rst:15 +msgid "Structure of files in the standard Terraform project:" +msgstr "Structure of files in the standard Terraform project:" + #: ../../automation/cloud-init.rst:107 msgid "System Defaults/Fallbacks" msgstr "Valores predeterminados/alternativos del sistema" -#: ../../automation/vyos-api.rst:301 +#: ../../automation/terraform/terraformAWS.rst:51 +#: ../../automation/terraform/terraformAZ.rst:23 +#: ../../automation/terraform/terraformvSphere.rst:26 +msgid "Terraform" +msgstr "Terraform" + +#: ../../automation/terraform/terraformAWS.rst:302 +msgid "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" +msgstr "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" + +#: ../../automation/terraform/terraformvyos.rst:6 +msgid "Terraform for VyOS" +msgstr "Terraform for VyOS" + +#: ../../automation/vyos-api.rst:302 msgid "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." msgstr "La API envÃa cada solicitud a una sesión y la confirma. Pero algunos de los componentes de VyOS, como los servidores DHCP y PPPoE, IPSec, VXLAN y otros túneles, requieren una configuración completa para la confirmación. El punto final procesará múltiples comandos cuando los pase como una lista al campo ``datos``." @@ -640,7 +1144,7 @@ msgstr "El archivo predeterminado se ve asÃ:" msgid "The easiest way to configure the system via user-data is the Cloud-config syntax described below." msgstr "La forma más fácil de configurar el sistema a través de los datos del usuario es la sintaxis de configuración de la nube que se describe a continuación." -#: ../../automation/vyos-api.rst:324 +#: ../../automation/vyos-api.rst:325 msgid "The endpoint ``/config-file`` is to save or load a configuration." msgstr "El punto final ``/config-file`` es para guardar o cargar una configuración." @@ -676,7 +1180,7 @@ msgstr "Esta sección necesita mejoras, ejemplos y explicaciones." msgid "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." msgstr "Esto dará como resultado el siguiente mensaje de error: ``Establecimiento fallido`` Si esto sucede, se requiere reiniciar para poder editar la configuración manualmente nuevamente." -#: ../../automation/vyos-api.rst:360 +#: ../../automation/vyos-api.rst:361 msgid "To Load a configuration file." msgstr "Para cargar un archivo de configuración." @@ -713,9 +1217,16 @@ msgid "To power off the system use the ``poweroff`` endpoint." msgstr "To power off the system use the ``poweroff`` endpoint." #: ../../automation/cloud-init.rst:223 +#: ../../automation/terraform/terraformAWS.rst:264 msgid "Troubleshooting" msgstr "Solución de problemas" +#: ../../automation/terraform/terraformAWS.rst:91 +#: ../../automation/terraform/terraformAZ.rst:66 +#: ../../automation/terraform/terraformvSphere.rst:65 +msgid "Type the commands on your Terrafom instance:" +msgstr "Type the commands on your Terrafom instance:" + #: ../../automation/command-scripting.rst:39 msgid "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." msgstr "A diferencia de una sesión de configuración normal, todos los comandos operativos deben ir precedidos de ``ejecutar``, incluso si no ha creado una sesión con configure." @@ -728,7 +1239,7 @@ msgstr "Datos del usuario" msgid "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." msgstr "Datos de usuario: los datos de usuario son especificados por el usuario. Esta fuente de configuración ofrece la posibilidad de insertar cualquier comando de configuración CLI en la configuración antes del primer arranque." -#: ../../automation/vyos-pyvyos.rst:35 +#: ../../automation/vyos-pyvyos.rst:43 msgid "Using API Response Class" msgstr "Using API Response Class" @@ -736,6 +1247,10 @@ msgstr "Using API Response Class" msgid "Using PyVyOS" msgstr "Using PyVyOS" +#: ../../automation/vyos-pyvyos.rst:73 +msgid "Using pyvyos" +msgstr "Using pyvyos" + #: ../../automation/cloud-init.rst:373 msgid "VM ID: in this example, VM ID used is 555." msgstr "ID de VM: en este ejemplo, el ID de VM utilizado es 555." @@ -748,6 +1263,10 @@ msgstr "Recursos de VM: estos parámetros se pueden modificar según sea necesar msgid "VM Storage: ``local`` volume is used." msgstr "Almacenamiento de VM: se utiliza el volumen ``local``." +#: ../../automation/vyos-terraform.rst:991 +msgid "Vsphere" +msgstr "Vsphere" + #: ../../automation/vyos-api.rst:7 msgid "VyOS API" msgstr "API de VyOS" @@ -756,6 +1275,10 @@ msgstr "API de VyOS" msgid "VyOS Automation" msgstr "Automatización VyOS" +#: ../../automation/terraform/index.rst:3 +msgid "VyOS Terraform" +msgstr "VyOS Terraform" + #: ../../automation/cloud-init.rst:418 msgid "VyOS `cloud-init-docs`_." msgstr "VyOS `nube-init-docs`_." @@ -784,6 +1307,18 @@ msgstr "VyOS admite la configuración a través de ansible. Necesita instalar el msgid "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." msgstr "VyOS admite la configuración a través de netmiko_. Requiere instalar el módulo ``python3-netmiko``." +#: ../../automation/vyos-terraform.rst:8 +msgid "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" +msgstr "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" + +#: ../../automation/terraform/terraformvyos.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." + +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." + #: ../../automation/command-scripting.rst:8 msgid "VyOS supports executing configuration and operational commands non-interactively from shell scripts." msgstr "VyOS admite la ejecución de comandos operativos y de configuración de forma no interactiva desde scripts de shell." @@ -816,6 +1351,30 @@ msgstr "Volverá:" msgid "With the ``retrieve`` endpoint you get parts or the whole configuration." msgstr "Con el punto final ``retrieve`` obtienes partes o la configuración completa." +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAWS.rst:40 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/vyos-terraform.rst:300 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." + +#: ../../automation/vyos-terraform.rst:743 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." + #: ../../automation/vyos-salt.rst:12 msgid "Without proxy it requires VyOS minion configuration and support op-mode data:" msgstr "Sin proxy, requiere configuración minion de VyOS y admite datos en modo operativo:" @@ -828,11 +1387,15 @@ msgstr "Sin proxy, requiere la configuración de minion de VyOS y admite datos e msgid "You can install PyVyOS using pip:" msgstr "You can install PyVyOS using pip:" -#: ../../automation/vyos-api.rst:267 +#: ../../automation/vyos-pyvyos.rst:25 +msgid "You can install pyvyos using pip:" +msgstr "You can install pyvyos using pip:" + +#: ../../automation/vyos-api.rst:268 msgid "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." msgstr "Puede pasar un comando ``set``, ``delete`` o ``comment`` al extremo ``/configure``." -#: ../../automation/vyos-api.rst:286 +#: ../../automation/vyos-api.rst:287 msgid "``delete`` a single command" msgstr "``borrar`` un solo comando" @@ -840,7 +1403,7 @@ msgstr "``borrar`` un solo comando" msgid "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" msgstr "``seed.iso`` se creó previamente en el directorio ``/tmp/``. Es necesario moverlo a ``/var/lib/vz/template/iso``" -#: ../../automation/vyos-api.rst:270 +#: ../../automation/vyos-api.rst:271 msgid "``set`` a single command" msgstr "``establecer`` un solo comando" @@ -856,10 +1419,29 @@ msgstr "Credenciales ``vyos''/``vyos'' si no hay otras especific msgid "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." msgstr "``write_files``: este módulo permite insertar cualquier archivo en el sistema de archivos antes del primer arranque, por ejemplo, claves de cifrado generadas previamente, certificados o incluso un archivo ``config.boot`` completo. El formato se describe en la documentación de cloudinit `Cloud-init-write_files`_." +#: ../../automation/vyos-pyvyos.rst:12 +msgid "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." +msgstr "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." + +#: ../../automation/vyos-pyvyos.rst:15 +msgid "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." +msgstr "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." + +#: ../../automation/vyos-pyvyos.rst:17 +msgid "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." +msgstr "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." + #: ../../automation/vyos-api.rst:188 msgid "add an image" msgstr "Añadir una imagen" +#: ../../automation/terraform/terraformAWS.rst:560 +msgid "all" +msgstr "todo" + +#: ../../automation/terraform/terraformAWS.rst:478 +#: ../../automation/terraform/terraformAZ.rst:428 +#: ../../automation/terraform/terraformvSphere.rst:340 #: ../../automation/vyos-ansible.rst:26 msgid "ansible.cfg" msgstr "ansible.cfg" @@ -880,6 +1462,12 @@ msgstr "comandos.txt" msgid "delete an image, for example ``1.3-rolling-202006070117``" msgstr "borrar una imagen, por ejemplo ``1.3-rolling-202006070117``" +#: ../../automation/terraform/terraformAWS.rst:528 +#: ../../automation/terraform/terraformAZ.rst:470 +#: ../../automation/terraform/terraformvSphere.rst:381 +msgid "group_vars/all" +msgstr "group_vars/all" + #: ../../automation/vyos-ansible.rst:42 msgid "hosts" msgstr "Hospedadores" @@ -892,18 +1480,78 @@ msgstr "id_rsa_docker.pub. Necesita declarar solo la clave pública exactamente. msgid "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." msgstr "si solo desea el valor de un nodo de varios valores, utilice la operación ``returnValues``." +#: ../../automation/terraform/terraformAWS.rst:495 +#: ../../automation/terraform/terraformAZ.rst:438 +#: ../../automation/terraform/terraformvSphere.rst:350 +msgid "instance.yml" +msgstr "instance.yml" + +#: ../../automation/vyos-terraform.rst:313 +#: ../../automation/vyos-terraform.rst:758 +msgid "main.tf" +msgstr "main.tf" + #: ../../automation/vyos-ansible.rst:56 msgid "main.yml" msgstr "principal.yml" +#: ../../automation/terraform/terraformAWS.rst:488 +msgid "mykey.pem" +msgstr "mykey.pem" + +#: ../../automation/terraform/terraformAWS.rst:85 +msgid "mykey.pem you have to get using step 1.2" +msgstr "mykey.pem you have to get using step 1.2" + +#: ../../automation/vyos-pyvyos.rst:6 +msgid "pyvyos" +msgstr "pyvyos" + +#: ../../automation/vyos-pyvyos.rst:8 +msgid "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." +msgstr "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." + #: ../../automation/vyos-salt.rst:141 msgid "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" msgstr "r11-proxy.sls Incluye parámetros para conectarse a salt-proxy minion" #: ../../automation/index.rst:7 +#: ../../automation/terraform/index.rst:7 msgid "startup scripts" msgstr "guiones de inicio" +#: ../../automation/terraform/terraformAWS.rst:452 +#: ../../automation/terraform/terraformAZ.rst:405 +#: ../../automation/terraform/terraformvSphere.rst:307 +msgid "terraform.tfvars" +msgstr "terraform.tfvars" + #: ../../automation/vyos-salt.rst:131 msgid "top.sls" msgstr "top.sls" + +#: ../../automation/terraform/terraformvSphere.rst:20 +msgid "vSphere" +msgstr "vSphere" + +#: ../../automation/terraform/terraformAWS.rst:415 +#: ../../automation/terraform/terraformAZ.rst:298 +#: ../../automation/terraform/terraformvSphere.rst:239 +msgid "var.tf" +msgstr "var.tf" + +#: ../../automation/vyos-terraform.rst:516 +#: ../../automation/vyos-terraform.rst:899 +msgid "variables.tf" +msgstr "variables.tf" + +#: ../../automation/terraform/terraformAWS.rst:439 +#: ../../automation/terraform/terraformvSphere.rst:223 +msgid "versions.tf" +msgstr "versions.tf" + +#: ../../automation/terraform/terraformAWS.rst:300 +#: ../../automation/terraform/terraformAZ.rst:95 +#: ../../automation/terraform/terraformvSphere.rst:98 +msgid "vyos.tf" +msgstr "vyos.tf" diff --git a/docs/_locale/es/cli.pot b/docs/_locale/es/cli.pot index a8038b51..57494692 100644 --- a/docs/_locale/es/cli.pot +++ b/docs/_locale/es/cli.pot @@ -228,6 +228,10 @@ msgstr "El comando :cfgcmd:`show` dentro del modo de configuración mostrará la msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." msgstr "El comando ``comentario`` le permite insertar un comentario encima del ``<config node> `` sección de configuración. Cuando se muestran, los comentarios se encierran con ``/*`` y ``*/`` como delimitadores de apertura/cierre. Los comentarios deben confirmarse, al igual que otros cambios de configuración." +#: ../../cli.rst:653 +msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." +msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." + #: ../../cli.rst:784 msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." msgstr "El comando :cfgcmd:`compare` le permite comparar diferentes tipos de configuraciones. También le permite comparar diferentes revisiones a través del comando :cfgcmd:`compare NM`, donde N y M son números de revisión. La salida describirá cómo es la configuración N en comparación con M indicando con un signo más (``+``) las partes adicionales que tiene N en comparación con M, e indicando con un signo menos (``-``) las que faltan. las partes N fallan en comparación con M." @@ -321,6 +325,10 @@ msgid "View the current active configuration in readable JSON format." msgstr "Vea la configuración activa actual en formato JSON legible." #: ../../cli.rst:852 +msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." +msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." + +#: ../../cli.rst:852 msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." msgstr "VyOS puede cargar la configuración en una ubicación remota después de cada llamada a :cfgcmd:`commit`. Deberá establecer la ubicación del archivo de confirmación. Se admiten servidores TFTP, FTP, SCP y SFTP. Cada vez que un :cfgcmd:`commit` tiene éxito, el archivo ``config.boot`` se copiará en los destinos definidos. El nombre de archivo utilizado en el host remoto será ``config.boot-hostname.YYYYMMDD_HHMMSS``." @@ -340,6 +348,10 @@ msgstr "VyOS utiliza un archivo de configuración unificado para la configuracià msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." msgstr "¿Qué pasa si estás haciendo algo peligroso? Suponga que desea configurar un firewall y no está seguro de que no haya errores que lo bloqueen del sistema. Puede usar la confirmación confirmada. Si ejecuta el comando ``commit-confirm``, sus cambios se confirmarán, y si no ejecuta el comando ``confirm`` en 10 minutos, su sistema se reiniciará con la revisión de configuración anterior." +#: ../../cli.rst:558 +msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." + #: ../../cli.rst:340 msgid "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." msgstr "Al ingresar al modo de configuración, está navegando dentro de una estructura de árbol, para ingresar al modo de configuración, ingrese el comando :opcmd:`configure` cuando esté en modo operativo." diff --git a/docs/_locale/es/configexamples.pot b/docs/_locale/es/configexamples.pot index 7574e74f..1aa4020f 100644 --- a/docs/_locale/es/configexamples.pot +++ b/docs/_locale/es/configexamples.pot @@ -272,7 +272,7 @@ msgstr "Una breve excursión a los VRF: esta ha sido una de las solicitudes de f msgid "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." msgstr "Un recurso de conexión implementado en Azure que vincula la puerta de enlace de la red virtual de Azure y la puerta de enlace de la red local que representa el dispositivo Vyos." -#: ../../configexamples/index.rst:37 +#: ../../configexamples/index.rst:38 msgid "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." msgstr "Se utilizará un host ``vyos-oobm`` como proxy ssh. Este host solo es necesario para la prueba de laboratorio." @@ -656,6 +656,10 @@ msgstr "Cisco VPC Crossconnect: puertos 39 y 40 enlazados entre cada switch" msgid "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." msgstr "Sujete el MSS de VTI a 1350 para evitar los agujeros negros de PMTU." +#: ../../configexamples/lac-lns.rst:96 +msgid "Client" +msgstr "Client" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:94 msgid "Client configuration" msgstr "Configuración del cliente" @@ -704,7 +708,7 @@ msgstr "Configuración 'dcsp' y modelador usando QoS" msgid "Configuration Blueprints" msgstr "Planos de configuración" -#: ../../configexamples/index.rst:30 +#: ../../configexamples/index.rst:31 msgid "Configuration Blueprints (autotest)" msgstr "Configuración de blueprints (autoprueba)" @@ -717,6 +721,7 @@ msgid "Configuration of basic firewall in one site, in order to:" msgstr "Configuration of basic firewall in one site, in order to:" #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:113 +#: ../../configexamples/lac-lns.rst:29 #: ../../configexamples/pppoe-ipv6-basic.rst:26 msgid "Configurations" msgstr "Configuraciones" @@ -885,7 +890,7 @@ msgstr "Enrutamiento dinámico utilizado entre nodos CE y PE y peering eBGP esta msgid "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." msgstr "Cada interfaz está asignada a una zona. La interfaz puede ser fÃsica o virtual, como túneles (VPN, PPTP, GRE, etc.) y se tratan exactamente de la misma manera." -#: ../../configexamples/index.rst:34 +#: ../../configexamples/index.rst:35 msgid "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." msgstr "Cada laboratorio creará una prueba a partir de un script externo. El contenido de la página se generará, por lo que los cambios no tendrán efecto." @@ -1252,6 +1257,14 @@ msgstr "En este ejemplo, existen dos interfaces LAN en diferentes subredes en lu msgid "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." msgstr "En este ejemplo tenemos 4 zonas. LAN, WAN, DMZ, locales. La zona local es el propio cortafuegos." +#: ../../configexamples/lac-lns.rst:17 +msgid "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." +msgstr "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." + +#: ../../configexamples/lac-lns.rst:98 +msgid "In this lab we use Windows PPPoE client." +msgstr "In this lab we use Windows PPPoE client." + #: ../../configexamples/zone-policy.rst:50 msgid "Inbound WAN connect to DMZ host." msgstr "Conexión WAN entrante al host DMZ." @@ -1345,6 +1358,10 @@ msgstr "Tabla de parámetros de configuración de L3VPN:" msgid "L3VPN for Hub-and-Spoke connectivity with VyOS" msgstr "L3VPN para conectividad Hub-and-Spoke con VyOS" +#: ../../configexamples/lac-lns.rst:32 +msgid "LAC" +msgstr "LAC" + #: ../../configexamples/zone-policy.rst:392 msgid "LAN, WAN, DMZ, local and TUN (tunnel)" msgstr "LAN, WAN, DMZ, local y TUN (túnel)" @@ -1389,6 +1406,10 @@ msgstr "Los hosts LAN y DMZ tienen acceso de salida básico: Web, FTP, SSH." msgid "LAN can access DMZ resources." msgstr "La LAN puede acceder a los recursos de la DMZ." +#: ../../configexamples/lac-lns.rst:72 +msgid "LNS" +msgstr "LNS" + #: ../../configexamples/l3vpn-hub-and-spoke.rst:551 msgid "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" msgstr "Verifiquemos el enrutamiento IPv4 y la información de MPLS en los nodos del proveedor (el mismo procedimiento para todos los nodos P):" @@ -1433,9 +1454,22 @@ msgid "Masquerade Traffic originating from 10.200.201.0/24 that is heading out t msgstr "Tráfico de enmascaramiento que se origina en 10.200.201.0/24 que se dirige hacia la interfaz pública." #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:254 +#: ../../configexamples/lac-lns.rst:106 msgid "Monitoring" msgstr "Supervisión" +#: ../../configexamples/lac-lns.rst:117 +msgid "Monitoring on LAC side" +msgstr "Monitoring on LAC side" + +#: ../../configexamples/lac-lns.rst:108 +msgid "Monitoring on LNS side" +msgstr "Monitoring on LNS side" + +#: ../../configexamples/lac-lns.rst:140 +msgid "Monitoring on RADIUS Server side" +msgstr "Monitoring on RADIUS Server side" + #: ../../configexamples/autotest/tunnelbroker/tunnelbroker.rst:162 msgid "Multiple LAN/DMZ Setup" msgstr "Configuración de múltiples LAN/DMZ" @@ -1456,6 +1490,7 @@ msgstr "IPv4 e IPv6 nativos" msgid "Network Cabling" msgstr "Cableado de red" +#: ../../configexamples/lac-lns.rst:21 #: ../../configexamples/pppoe-ipv6-basic.rst:18 msgid "Network Topology" msgstr "TopologÃa de la red" @@ -1463,6 +1498,7 @@ msgstr "TopologÃa de la red" #: ../../configexamples/ansible.rst:-1 #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:-1 #: ../../configexamples/l3vpn-hub-and-spoke.rst:-1 +#: ../../configexamples/lac-lns.rst:-1 #: ../../configexamples/nmp.rst:-1 #: ../../configexamples/pppoe-ipv6-basic.rst:-1 #: ../../configexamples/qos.rst:-1 @@ -1655,6 +1691,10 @@ msgstr "Configuración básica de PPPoE IPv6 para la red doméstica" msgid "PPPoE Setup" msgstr "Configuración de PPPoE" +#: ../../configexamples/lac-lns.rst:7 +msgid "PPPoE over L2TP" +msgstr "PPPoE over L2TP" + #: ../../configexamples/segment-routing-isis.rst:255 msgid "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" msgstr "Haga ping entre VyOS-P1 / VyOS-P2 para confirmar la accesibilidad:" @@ -2046,7 +2086,7 @@ msgstr "El laboratorio que construà usa un VRF (llamado **mgmt**) para proporci msgid "The lab was built using EVE-NG." msgstr "The lab was built using EVE-NG." -#: ../../configexamples/index.rst:32 +#: ../../configexamples/index.rst:33 msgid "The next pages contains automatic full tested configuration examples." msgstr "Las siguientes páginas contienen ejemplos de configuración probados completamente automáticos." @@ -2054,7 +2094,7 @@ msgstr "Las siguientes páginas contienen ejemplos de configuración probados co msgid "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." msgstr "El ejemplo anterior usó el comando de conmutación por error para enviar tráfico a través de eth1 si falla eth0. En este ejemplo, el orden de las reglas proporciona la funcionalidad de conmutación por error." -#: ../../configexamples/index.rst:40 +#: ../../configexamples/index.rst:41 msgid "The process will do the following steps:" msgstr "El proceso seguirá los siguientes pasos:" @@ -2130,6 +2170,10 @@ msgstr "This configuration example and the requirments consists on:" msgid "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." msgstr "Este documento tiene como objetivo guiarlo a través de la configuración de todo, de modo que pueda reiniciar cualquier máquina y no perder más de unos segundos de conectividad." +#: ../../configexamples/lac-lns.rst:9 +msgid "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." +msgstr "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." + #: ../../configexamples/pppoe-ipv6-basic.rst:9 msgid "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." msgstr "Este documento describe una configuración básica que utiliza PPPoE con DHCPv6-PD + SLAAC para construir una red doméstica tÃpica. El usuario puede seguir los pasos que se describen aquà para configurar rápidamente una red que funcione y usar esto como punto de partida para configurar o ajustar otras configuraciones." @@ -2210,6 +2254,10 @@ msgstr "Esta sección describe los comandos de verificación para los protocolos msgid "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." msgstr "Esta sección proporciona pasos de configuración para establecer VRF en nuestros nodos PE, incluidas las interfaces orientadas a CE, BGP, rd e importación/exportación de destino de ruta en función de los parámetros predefinidos." +#: ../../configexamples/lac-lns.rst:91 +msgid "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." +msgstr "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." + #: ../../configexamples/autotest/Wireguard/Wireguard.rst:10 msgid "This simple structure show how to connect two offices. One remote branch and the central office." msgstr "Esta estructura simple muestra cómo conectar dos oficinas. Una sucursal remota y la oficina central." @@ -2580,6 +2628,10 @@ msgstr "Cuando tenga ambos enrutadores activos, deberÃa poder establecer una co msgid "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" msgstr "Cuando haya habilitado OSPF en ambos enrutadores, deberÃa poder verse con el comando ``show ip ospf neighbour``. El estado debe ser 'Completo' o '2 vÃas'. Si no es asÃ, entonces hay un problema de conectividad de red entre los hosts. Esto suele deberse a problemas de NAT o MTU. No deberÃa ver ninguna ruta nueva (a menos que esta sea la segunda pasada) en la salida de ``show ip route``" +#: ../../configexamples/lac-lns.rst:-1 +msgid "Window PPPoE Client Configuration" +msgstr "Window PPPoE Client Configuration" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:13 msgid "Windows Server 2019 with a running Active Directory" msgstr "Windows Server 2019 con Active Directory en ejecución" @@ -2713,15 +2765,15 @@ msgstr "compute3 - Puerto 11 de cada switch" msgid "compute3 (VMware ESXi 6.5)" msgstr "computar3 (VMware ESXi 6.5)" -#: ../../configexamples/index.rst:43 +#: ../../configexamples/index.rst:44 msgid "configure each host in the lab" msgstr "configurar cada host en el laboratorio" -#: ../../configexamples/index.rst:42 +#: ../../configexamples/index.rst:43 msgid "create the lab on a eve-ng server" msgstr "crear el laboratorio en un servidor eve-ng" -#: ../../configexamples/index.rst:44 +#: ../../configexamples/index.rst:45 msgid "do some defined tests" msgstr "hacer algunas pruebas definidas" @@ -2742,7 +2794,7 @@ msgstr "comunidad extendida y etiqueta remota de destino especÃfico" msgid "first the PCA" msgstr "primero el PCA" -#: ../../configexamples/index.rst:46 +#: ../../configexamples/index.rst:47 msgid "generate the documentation and include files" msgstr "generar la documentación e incluir archivos" @@ -2754,7 +2806,7 @@ msgstr "verde usa la identificación de la tabla de enrutamiento local y VNI 400 msgid "information between PE and CE:" msgstr "información entre PE y CE:" -#: ../../configexamples/index.rst:45 +#: ../../configexamples/index.rst:46 msgid "optional do an upgrade to a higher version and do step 3 again." msgstr "opcional, actualice a una versión superior y vuelva a realizar el paso 3." @@ -2770,7 +2822,7 @@ msgstr "router2 (máquina aleatoria de 1RU con 4 NIC)" msgid "save the output to a file and import it in nearly all openvpn clients." msgstr "guarde el resultado en un archivo e impórtelo en casi todos los clientes de openvpn." -#: ../../configexamples/index.rst:47 +#: ../../configexamples/index.rst:48 msgid "shutdown and destroy the lab, if there is no error" msgstr "apagar y destruir el laboratorio, si no hay ningún error" diff --git a/docs/_locale/es/configuration.pot b/docs/_locale/es/configuration.pot index 91efbcec..f39b21a9 100644 --- a/docs/_locale/es/configuration.pot +++ b/docs/_locale/es/configuration.pot @@ -168,9 +168,9 @@ msgstr "**Documentation under development**" msgid "**Ethernet (protocol, destination address or source address)**" msgstr "**Ethernet (protocolo, dirección de destino o dirección de origen)**" -#: ../../configuration/service/dhcp-server.rst:200 -#: ../../configuration/service/dhcp-server.rst:587 -#: ../../configuration/service/dhcp-server.rst:626 +#: ../../configuration/service/dhcp-server.rst:206 +#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:634 msgid "**Example:**" msgstr "**Ejemplo:**" @@ -269,11 +269,11 @@ msgstr "**Input**: stage where traffic destined for the router itself can be fil msgid "**Interface name**" msgstr "**Nombre de interfaz**" -#: ../../configuration/vpn/site2site_ipsec.rst:303 +#: ../../configuration/vpn/site2site_ipsec.rst:306 msgid "**LEFT**" msgstr "**LEFT**" -#: ../../configuration/vpn/site2site_ipsec.rst:287 +#: ../../configuration/vpn/site2site_ipsec.rst:290 msgid "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" msgstr "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" @@ -309,11 +309,11 @@ msgstr "**CON cheque**" msgid "**Multi-path check**" msgstr "**Comprobación de rutas múltiples**" -#: ../../configuration/protocols/bgp.rst:1193 +#: ../../configuration/protocols/bgp.rst:1215 msgid "**Node1:**" msgstr "**Nodo1:**" -#: ../../configuration/protocols/bgp.rst:1221 +#: ../../configuration/protocols/bgp.rst:1243 msgid "**Node2:**" msgstr "**Nodo2:**" @@ -326,10 +326,10 @@ msgid "**Node 1**" msgstr "**Nodo 1**" #: ../../configuration/protocols/babel.rst:192 -#: ../../configuration/protocols/bgp.rst:1103 -#: ../../configuration/protocols/bgp.rst:1130 -#: ../../configuration/protocols/bgp.rst:1148 -#: ../../configuration/protocols/bgp.rst:1176 +#: ../../configuration/protocols/bgp.rst:1125 +#: ../../configuration/protocols/bgp.rst:1152 +#: ../../configuration/protocols/bgp.rst:1170 +#: ../../configuration/protocols/bgp.rst:1198 #: ../../configuration/protocols/isis.rst:341 #: ../../configuration/protocols/isis.rst:416 #: ../../configuration/protocols/isis.rst:457 @@ -350,10 +350,10 @@ msgid "**Node 2**" msgstr "**Nodo 2**" #: ../../configuration/protocols/babel.rst:202 -#: ../../configuration/protocols/bgp.rst:1114 #: ../../configuration/protocols/bgp.rst:1136 -#: ../../configuration/protocols/bgp.rst:1160 +#: ../../configuration/protocols/bgp.rst:1158 #: ../../configuration/protocols/bgp.rst:1182 +#: ../../configuration/protocols/bgp.rst:1204 #: ../../configuration/protocols/isis.rst:352 #: ../../configuration/protocols/isis.rst:432 #: ../../configuration/protocols/isis.rst:511 @@ -384,6 +384,10 @@ msgid "**Output**: stage where traffic that is originated by the router itself c msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" #: ../../configuration/firewall/index.rst:65 +msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" +msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" + +#: ../../configuration/firewall/index.rst:65 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" @@ -411,7 +415,7 @@ msgstr "**Prerouting**: several actions can be done in this stage, and currently msgid "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" msgstr "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" -#: ../../configuration/service/dhcp-server.rst:391 +#: ../../configuration/service/dhcp-server.rst:397 msgid "**Primary**" msgstr "**Primario**" @@ -481,11 +485,11 @@ msgstr "**Grupos de IP basados en RADIUS (dirección IP enmarcada)**" msgid "**RADIUS sessions management DM/CoA**" msgstr "**Administración de sesiones RADIUS DM/CoA**" -#: ../../configuration/vpn/site2site_ipsec.rst:343 +#: ../../configuration/vpn/site2site_ipsec.rst:346 msgid "**RIGHT**" msgstr "**RIGHT**" -#: ../../configuration/vpn/site2site_ipsec.rst:293 +#: ../../configuration/vpn/site2site_ipsec.rst:296 msgid "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" msgstr "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" @@ -521,15 +525,15 @@ msgstr "**SW1**" msgid "**SW2**" msgstr "**SW2**" -#: ../../configuration/service/dhcp-server.rst:400 +#: ../../configuration/service/dhcp-server.rst:406 msgid "**Secondary**" msgstr "**Secundario**" -#: ../../configuration/vpn/ipsec.rst:261 +#: ../../configuration/vpn/ipsec.rst:265 msgid "**Setting up IPSec**" msgstr "**Configuración de IPSec**" -#: ../../configuration/vpn/ipsec.rst:237 +#: ../../configuration/vpn/ipsec.rst:241 msgid "**Setting up the GRE tunnel**" msgstr "**Configuración del túnel GRE**" @@ -575,11 +579,25 @@ msgstr "**dirección** se puede especificar varias veces, por ejemplo, 192.168.1 msgid "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" msgstr "**dirección** se puede especificar varias veces como dirección IPv4 y/o IPv6, por ejemplo, 192.0.2.1/24 y/o 2001:db8::1/64" +#: ../../configuration/service/pppoe-server.rst:474 +#: ../../configuration/vpn/l2tp.rst:428 +#: ../../configuration/vpn/pptp.rst:352 +#: ../../configuration/vpn/sstp.rst:386 +msgid "**allow** - Negotiate IPv4 only if client requests (Default value)" +msgstr "**allow** - Negotiate IPv4 only if client requests (Default value)" + +#: ../../configuration/service/pppoe-server.rst:349 +#: ../../configuration/vpn/l2tp.rst:293 +#: ../../configuration/vpn/pptp.rst:217 +#: ../../configuration/vpn/sstp.rst:251 +msgid "**allow** - Negotiate IPv6 only if client requests" +msgstr "**allow** - Negotiate IPv6 only if client requests" + #: ../../configuration/container/index.rst:38 msgid "**allow-host-networks** cannot be used with **network**" msgstr "**allow-host-networks** no se puede usar con **red**" -#: ../../configuration/container/index.rst:102 +#: ../../configuration/container/index.rst:107 msgid "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" msgstr "**siempre**: reinicia los contenedores cuando salen, independientemente del estado, reintentando indefinidamente" @@ -595,6 +613,10 @@ msgstr "**aplicación**: analiza los datos de flujo recibidos en el contexto de msgid "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." msgstr "**auto**: determina automáticamente el tipo de interfaz. **cableado**: permite optimizaciones para interfaces cableadas. **inalámbrico**: desactiva una serie de optimizaciones que solo son correctas en las interfaces con cable. La especificación inalámbrica siempre es correcta, pero puede provocar una convergencia más lenta y un tráfico de enrutamiento adicional." +#: ../../configuration/service/ids.rst:90 +msgid "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." +msgstr "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." + #: ../../configuration/protocols/ospf.rst:435 msgid "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." msgstr "**difusión**: distribución de direcciones IP de difusión. **sin transmisión**: distribución de direcciones en topologÃa de redes NBMA. **punto a multipunto**: distribución de direcciones en redes punto a multipunto. **punto a punto**: distribución de direcciones en redes punto a punto." @@ -603,6 +625,13 @@ msgstr "**difusión**: distribución de direcciones IP de difusión. **sin trans msgid "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." msgstr "**difusión**: distribución de direcciones IP de difusión. **punto a punto**: distribución de direcciones en redes punto a punto." +#: ../../configuration/service/pppoe-server.rst:401 +#: ../../configuration/vpn/l2tp.rst:345 +#: ../../configuration/vpn/pptp.rst:269 +#: ../../configuration/vpn/sstp.rst:303 +msgid "**calling-sid** - Calculate interface identifier from calling-station-id." +msgstr "**calling-sid** - Calculate interface identifier from calling-station-id." + #: ../../configuration/protocols/ospf.rst:121 msgid "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." msgstr "**cisco**: un enrutador se considerará como ABR si tiene varios enlaces configurados a las redes en diferentes áreas, una de las cuales es un área de red troncal. Además, el enlace al área de la red troncal debe estar activo (funcionando). **ibm**: idéntico al modelo "cisco", pero en este caso es posible que no esté activo un enlace de área troncal. **estándar**: el enrutador tiene varios enlaces activos a diferentes áreas. **atajo**: idéntico al "estándar", pero en este modelo se permite que un enrutador use una topologÃa de áreas conectadas sin involucrar un área de red troncal para conexiones entre áreas." @@ -619,7 +648,28 @@ msgstr "**predeterminado**: esta área se usará para atajos solo si ABR no tien msgid "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." msgstr "**predeterminado**: habilite el horizonte dividido en las interfaces cableadas y deshabilite el horizonte dividido en las interfaces inalámbricas. **habilitar**: habilitar el horizonte dividido en estas interfaces. **deshabilitar**: deshabilitar el horizonte dividido en estas interfaces." -#: ../../configuration/vpn/sstp.rst:199 +#: ../../configuration/service/pppoe-server.rst:566 +msgid "**deny**: Deny second session authorization." +msgstr "**deny**: Deny second session authorization." + +#: ../../configuration/service/pppoe-server.rst:475 +#: ../../configuration/vpn/l2tp.rst:429 +#: ../../configuration/vpn/pptp.rst:353 +#: ../../configuration/vpn/sstp.rst:387 +msgid "**deny** - Do not negotiate IPv4" +msgstr "**deny** - Do not negotiate IPv4" + +#: ../../configuration/service/pppoe-server.rst:350 +#: ../../configuration/vpn/l2tp.rst:294 +#: ../../configuration/vpn/pptp.rst:218 +#: ../../configuration/vpn/sstp.rst:252 +msgid "**deny** - Do not negotiate IPv6 (default value)" +msgstr "**deny** - Do not negotiate IPv6 (default value)" + +#: ../../configuration/service/pppoe-server.rst:507 +#: ../../configuration/vpn/l2tp.rst:461 +#: ../../configuration/vpn/pptp.rst:385 +#: ../../configuration/vpn/sstp.rst:419 msgid "**deny** - deny mppe" msgstr "**negar** - negar mppe" @@ -635,6 +685,10 @@ msgstr "La dirección de la interfaz **dhcp** es recibida por DHCP desde un serv msgid "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." msgstr "DHCPv6 recibe la dirección de la interfaz **dhcpv6** desde un servidor DHCPv6 en este segmento." +#: ../../configuration/service/pppoe-server.rst:565 +msgid "**disable**: Disables session control." +msgstr "**disable**: Disables session control." + #: ../../configuration/service/dhcp-relay.rst:75 msgid "**discard:** Received packets which already contain relay information will be discarded." msgstr "**descartar:** Se descartarán los paquetes recibidos que ya contengan información de retransmisión." @@ -667,6 +721,17 @@ msgstr "**interfaz de entrada** - aplicable solo a :ref:`destination-nat`. Confi msgid "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." +#: ../../configuration/service/pppoe-server.rst:400 +#: ../../configuration/vpn/l2tp.rst:344 +#: ../../configuration/vpn/pptp.rst:268 +#: ../../configuration/vpn/sstp.rst:302 +msgid "**ipv4-addr** - Calculate interface identifier from IPv4 address." +msgstr "**ipv4-addr** - Calculate interface identifier from IPv4 address." + +#: ../../configuration/service/ipoe-server.rst:91 +msgid "**l2**: It means that clients are on same network where interface is.**(default)**" +msgstr "**l2**: It means that clients are on same network where interface is.**(default)**" + #: ../../configuration/interfaces/bonding.rst:161 msgid "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" msgstr "**capa2**: utiliza XOR de direcciones MAC de hardware y campo de ID de tipo de paquete para generar el hash. la fórmula es" @@ -707,10 +772,18 @@ msgstr "**solo nivel 2**: actúa solo como un enrutador de área (nivel 2)." msgid "**level-2-only** - Level-2 only adjacencies are formed" msgstr "**solo nivel 2**: se forman adyacencias solo de nivel 2" -#: ../../configuration/vpn/sstp.rst:105 +#: ../../configuration/service/ipoe-server.rst:65 +#: ../../configuration/service/pppoe-server.rst:43 +#: ../../configuration/vpn/l2tp.rst:31 +#: ../../configuration/vpn/pptp.rst:32 +#: ../../configuration/vpn/sstp.rst:58 msgid "**local**: All authentication queries are handled locally." msgstr "**local**: Todas las consultas de autenticación se manejan localmente." +#: ../../configuration/service/ipoe-server.rst:93 +msgid "**local**: It means that client are behind some router." +msgstr "**local**: It means that client are behind some router." + #: ../../configuration/interfaces/wireguard.rst:140 msgid "**local side - commands**" msgstr "**lado local - comandos**" @@ -723,27 +796,36 @@ msgstr "**log-fail** En este modo, el recursor intentará validar todos los dato msgid "**narrow** - Use old style of TLVs with narrow metric." msgstr "**estrecho**: use el estilo antiguo de TLV con métrica estrecha." -#: ../../configuration/container/index.rst:119 +#: ../../configuration/container/index.rst:124 msgid "**net-admin**: Network operations (interface, firewall, routing tables)" msgstr "**net-admin**: operaciones de red (interfaz, cortafuegos, tablas de enrutamiento)" -#: ../../configuration/container/index.rst:120 +#: ../../configuration/container/index.rst:125 msgid "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" msgstr "**net-bind-service**: vincula un socket a puertos privilegiados (números de puerto inferiores a 1024)" -#: ../../configuration/container/index.rst:121 +#: ../../configuration/container/index.rst:126 msgid "**net-raw**: Permission to create raw network sockets" msgstr "**net-raw**: permiso para crear sockets de red sin procesar" -#: ../../configuration/container/index.rst:100 +#: ../../configuration/container/index.rst:105 msgid "**no**: Do not restart containers on exit" msgstr "**no**: no reinicie los contenedores al salir" +#: ../../configuration/service/ipoe-server.rst:66 +msgid "**noauth**: Authentication disabled" +msgstr "**noauth**: Authentication disabled" + +#: ../../configuration/service/pppoe-server.rst:44 +#: ../../configuration/vpn/pptp.rst:33 +msgid "**noauth**: Authentication disabled." +msgstr "**noauth**: Authentication disabled." + #: ../../configuration/service/dns.rst:66 msgid "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." msgstr "**apagado** En este modo, no se lleva a cabo ningún procesamiento de DNSSEC. El recursor no establecerá el bit DNSSEC OK (DO) en las consultas salientes e ignorará los bits DO y AD en las consultas." -#: ../../configuration/container/index.rst:101 +#: ../../configuration/container/index.rst:106 msgid "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" msgstr "**en caso de error**: reiniciar los contenedores cuando salen con un código de salida distinto de cero, reintentando indefinidamente (predeterminado)" @@ -755,10 +837,31 @@ msgstr "**interfaz de salida** - aplicable solo a :ref:`source-nat`. Configura l msgid "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." -#: ../../configuration/vpn/sstp.rst:198 +#: ../../configuration/service/pppoe-server.rst:473 +#: ../../configuration/vpn/l2tp.rst:427 +#: ../../configuration/vpn/pptp.rst:351 +#: ../../configuration/vpn/sstp.rst:385 +msgid "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" + +#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/vpn/l2tp.rst:292 +#: ../../configuration/vpn/pptp.rst:216 +#: ../../configuration/vpn/sstp.rst:250 +msgid "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" + +#: ../../configuration/vpn/sstp.rst:204 msgid "**prefer** - ask client for mppe, if it rejects don't fail" msgstr "**preferir** - preguntar al cliente por mppe, si lo rechaza no fallar" +#: ../../configuration/service/pppoe-server.rst:506 +#: ../../configuration/vpn/l2tp.rst:460 +#: ../../configuration/vpn/pptp.rst:384 +#: ../../configuration/vpn/sstp.rst:418 +msgid "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" +msgstr "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" + #: ../../configuration/service/dns.rst:77 msgid "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." msgstr "**proceso** Cuando dnssec está configurado para procesar, el comportamiento es similar a procesar sin validar. Sin embargo, el recursor intentará validar los datos si al menos uno de los bits DO o AD está configurado en la consulta; en ese caso, establecerá el bit AD en la respuesta cuando los datos se validen con éxito, o enviará SERVFAIL cuando la validación resulte falsa." @@ -771,19 +874,55 @@ msgstr "**procesar sin validar** En este modo, el recursor actúa como un servid msgid "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." msgstr "**protocolo**: especifique a qué tipos de protocolos se aplica esta regla de traducción. Solo los paquetes que coinciden con el protocolo especificado reciben NAT. Por defecto, esto se aplica a `todos` los protocolos." -#: ../../configuration/vpn/sstp.rst:103 +#: ../../configuration/service/ipoe-server.rst:63 +#: ../../configuration/service/pppoe-server.rst:41 +#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/vpn/pptp.rst:30 +#: ../../configuration/vpn/sstp.rst:56 msgid "**radius**: All authentication queries are handled by a configured RADIUS server." msgstr "**radius**: Todas las consultas de autenticación son manejadas por un servidor RADIUS configurado." +#: ../../configuration/service/pppoe-server.rst:391 +#: ../../configuration/service/pppoe-server.rst:398 +#: ../../configuration/vpn/l2tp.rst:335 +#: ../../configuration/vpn/l2tp.rst:342 +#: ../../configuration/vpn/pptp.rst:259 +#: ../../configuration/vpn/pptp.rst:266 +#: ../../configuration/vpn/sstp.rst:293 +#: ../../configuration/vpn/sstp.rst:300 +msgid "**random** - Random interface identifier for IPv6" +msgstr "**random** - Random interface identifier for IPv6" + #: ../../configuration/interfaces/wireguard.rst:190 msgid "**remote side - commands**" msgstr "**lado remoto - comandos**" +#: ../../configuration/service/pppoe-server.rst:567 +msgid "**replace**: Terminate first session when second is authorized **(default)**" +msgstr "**replace**: Terminate first session when second is authorized **(default)**" + #: ../../configuration/service/dhcp-relay.rst:81 msgid "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." msgstr "**reemplazar:** la información de retransmisión que ya está presente en un paquete se elimina y se reemplaza con el propio conjunto de información de retransmisión del enrutador." -#: ../../configuration/vpn/sstp.rst:197 +#: ../../configuration/service/pppoe-server.rst:472 +#: ../../configuration/vpn/l2tp.rst:426 +#: ../../configuration/vpn/pptp.rst:350 +#: ../../configuration/vpn/sstp.rst:384 +msgid "**require** - Require IPv4 negotiation" +msgstr "**require** - Require IPv4 negotiation" + +#: ../../configuration/service/pppoe-server.rst:347 +#: ../../configuration/vpn/l2tp.rst:291 +#: ../../configuration/vpn/pptp.rst:215 +#: ../../configuration/vpn/sstp.rst:249 +msgid "**require** - Require IPv6 negotiation" +msgstr "**require** - Require IPv6 negotiation" + +#: ../../configuration/service/pppoe-server.rst:505 +#: ../../configuration/vpn/l2tp.rst:459 +#: ../../configuration/vpn/pptp.rst:383 +#: ../../configuration/vpn/sstp.rst:417 msgid "**require** - ask client for mppe, if it rejects drop connection" msgstr "**requerir**: solicitar al cliente mppe, si rechaza la conexión de caÃda" @@ -791,19 +930,23 @@ msgstr "**requerir**: solicitar al cliente mppe, si rechaza la conexión de caà msgid "**right**" msgstr "**bien**" -#: ../../configuration/container/index.rst:122 +#: ../../configuration/container/index.rst:127 msgid "**setpcap**: Capability sets (from bounded or inherited set)" msgstr "**setpcap**: conjuntos de capacidades (del conjunto acotado o heredado)" +#: ../../configuration/service/ipoe-server.rst:99 +msgid "**shared**: Multiple clients share the same network. **(default)**" +msgstr "**shared**: Multiple clients share the same network. **(default)**" + #: ../../configuration/nat/nat44.rst:195 msgid "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." msgstr "**origen**: especifica a qué paquetes se aplica la regla de traducción de NAT según la dirección IP de origen de los paquetes y/o el puerto de origen. Solo los paquetes coincidentes se consideran para NAT." -#: ../../configuration/container/index.rst:123 +#: ../../configuration/container/index.rst:128 msgid "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" msgstr "**sys-admin**: Operaciones de administración (quotactl, mount, sethostname, setdomainname)" -#: ../../configuration/container/index.rst:124 +#: ../../configuration/container/index.rst:129 msgid "**sys-time**: Permission to set system clock" msgstr "**sys-time**: permiso para configurar el reloj del sistema" @@ -819,10 +962,25 @@ msgstr "**ascendente:** La interfaz de red ascendente es la interfaz de salida q msgid "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." msgstr "**validar** El modo más alto de procesamiento de DNSSEC. En este modo, todas las consultas serán validadas y respondidas con un SERVFAIL en caso de datos falsos, independientemente de la solicitud del cliente." +#: ../../configuration/service/ipoe-server.rst:100 +msgid "**vlan**: One VLAN per client." +msgstr "**vlan**: One VLAN per client." + #: ../../configuration/protocols/isis.rst:102 msgid "**wide** - Use new style of TLVs to carry wider metric." msgstr "**ancho**: use el nuevo estilo de TLV para llevar una métrica más amplia." +#: ../../configuration/service/pppoe-server.rst:392 +#: ../../configuration/service/pppoe-server.rst:399 +#: ../../configuration/vpn/l2tp.rst:336 +#: ../../configuration/vpn/l2tp.rst:343 +#: ../../configuration/vpn/pptp.rst:260 +#: ../../configuration/vpn/pptp.rst:267 +#: ../../configuration/vpn/sstp.rst:294 +#: ../../configuration/vpn/sstp.rst:301 +msgid "**x:x:x:x** - Specify interface identifier for IPv6" +msgstr "**x:x:x:x** - Specify interface identifier for IPv6" + #: ../../configuration/protocols/bgp.rst:143 msgid "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." msgstr "*bgpd* admite la extensión multiprotocolo para BGP. Entonces, si un par remoto admite el protocolo, *bgpd* puede intercambiar información de enrutamiento de IPv6 y/o multidifusión." @@ -887,7 +1045,7 @@ msgstr "0 si no está definido, lo que significa que no se actualiza." msgid "0 if not defined." msgstr "0 si no está definido." -#: ../../configuration/service/dhcp-server.rst:237 +#: ../../configuration/service/dhcp-server.rst:243 #: ../../configuration/system/syslog.rst:114 #: ../../configuration/system/syslog.rst:173 #: ../../configuration/trafficpolicy/index.rst:801 @@ -950,7 +1108,7 @@ msgstr "10 - 10 MBit/s" msgid "11" msgstr "11" -#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:325 msgid "119" msgstr "119" @@ -960,11 +1118,11 @@ msgstr "119" msgid "12" msgstr "12" -#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:330 msgid "121, 249" msgstr "121, 249" -#: ../../configuration/service/dhcp-server.rst:304 +#: ../../configuration/service/dhcp-server.rst:310 #: ../../configuration/system/syslog.rst:138 #: ../../configuration/trafficpolicy/index.rst:870 msgid "13" @@ -976,7 +1134,7 @@ msgstr "13" msgid "14" msgstr "14" -#: ../../configuration/service/dhcp-server.rst:264 +#: ../../configuration/service/dhcp-server.rst:270 #: ../../configuration/system/syslog.rst:142 #: ../../configuration/trafficpolicy/index.rst:866 msgid "15" @@ -1000,7 +1158,7 @@ msgstr "172.16.0.0 a 172.31.255.255 (CIDR: 172.16.0.0/12)" msgid "18" msgstr "18" -#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:275 #: ../../configuration/system/syslog.rst:150 msgid "19" msgstr "19" @@ -1025,7 +1183,7 @@ msgstr "1: Enable DAD (default)" msgid "1 if not defined." msgstr "1 si no está definido." -#: ../../configuration/service/dhcp-server.rst:243 +#: ../../configuration/service/dhcp-server.rst:249 #: ../../configuration/system/syslog.rst:116 #: ../../configuration/system/syslog.rst:178 #: ../../configuration/trafficpolicy/index.rst:799 @@ -1059,7 +1217,7 @@ msgstr "25000 - 25 GBit/s" msgid "2500 - 2.5 GBit/s" msgstr "2500 - 2,5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:329 +#: ../../configuration/service/dhcp-server.rst:335 msgid "252" msgstr "252" @@ -1087,7 +1245,7 @@ msgstr "2. Since this is the first packet, connection status of this connection, msgid "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." msgstr "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." -#: ../../configuration/service/dhcp-server.rst:249 +#: ../../configuration/service/dhcp-server.rst:255 #: ../../configuration/system/syslog.rst:118 #: ../../configuration/system/syslog.rst:181 #: ../../configuration/trafficpolicy/index.rst:797 @@ -1115,7 +1273,7 @@ msgstr "38" msgid "3. Add a full path to the script" msgstr "3. Agregue una ruta completa al script" -#: ../../configuration/service/dhcp-server.rst:254 +#: ../../configuration/service/dhcp-server.rst:260 #: ../../configuration/system/syslog.rst:120 #: ../../configuration/system/syslog.rst:183 #: ../../configuration/trafficpolicy/index.rst:795 @@ -1131,11 +1289,11 @@ msgstr "40000 - 40 GBit/s" msgid "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." msgstr "Los canales de 40 MHz pueden cambiar sus canales primarios y secundarios si es necesario o la creación de un canal de 40 MHz puede rechazarse en función de los BSS superpuestos. Estos cambios se realizan automáticamente cuando hostapd está configurando el canal de 40 MHz." -#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:280 msgid "42" msgstr "42" -#: ../../configuration/service/dhcp-server.rst:279 +#: ../../configuration/service/dhcp-server.rst:285 msgid "44" msgstr "44" @@ -1166,7 +1324,7 @@ msgstr "50000 - 50 GBit/s" msgid "5000 - 5 GBit/s" msgstr "5000 - 5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:284 +#: ../../configuration/service/dhcp-server.rst:290 msgid "54" msgstr "54" @@ -1179,7 +1337,7 @@ msgstr "5. Second packet for this connection is received by the router. Since co msgid "5 if not defined." msgstr "5 si no está definido." -#: ../../configuration/service/dhcp-server.rst:259 +#: ../../configuration/service/dhcp-server.rst:265 #: ../../configuration/system/syslog.rst:124 #: ../../configuration/system/syslog.rst:189 #: ../../configuration/trafficpolicy/index.rst:791 @@ -1187,7 +1345,7 @@ msgstr "5 si no está definido." msgid "6" msgstr "6" -#: ../../configuration/service/dhcp-server.rst:294 +#: ../../configuration/service/dhcp-server.rst:300 msgid "66" msgstr "66" @@ -1195,11 +1353,11 @@ msgstr "66" msgid "66% of traffic is routed to eth0, eth1 gets 33% of traffic." msgstr "El 66% del tráfico se enruta a eth0, eth1 obtiene el 33% del tráfico." -#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:305 msgid "67" msgstr "67" -#: ../../configuration/service/dhcp-server.rst:309 +#: ../../configuration/service/dhcp-server.rst:315 msgid "69" msgstr "69" @@ -1222,7 +1380,7 @@ msgstr "6in4 usa túneles para encapsular el tráfico IPv6 sobre enlaces IPv4 co msgid "7" msgstr "7" -#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:320 msgid "70" msgstr "70" @@ -1299,11 +1457,11 @@ msgstr "<x.x.x.x>-<x.x.x.x> : rango de IP para coincidir." msgid "<x.x.x.x>: IP address to match." msgstr "<x.x.x.x>: dirección IP para hacer coincidir." -#: ../../configuration/pki/index.rst:252 +#: ../../configuration/pki/index.rst:283 msgid "ACME" msgstr "ACME" -#: ../../configuration/pki/index.rst:281 +#: ../../configuration/pki/index.rst:312 msgid "ACME Directory Resource URI." msgstr "ACME Directory Resource URI." @@ -1311,7 +1469,7 @@ msgstr "ACME Directory Resource URI." msgid "API" msgstr "API" -#: ../../configuration/protocols/static.rst:150 +#: ../../configuration/protocols/static.rst:183 msgid "ARP" msgstr "ARP" @@ -1335,7 +1493,7 @@ msgstr "Un *bit* se escribe como **bit**," msgid "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." msgstr "Un enrutador que habla BGP como VyOS puede recuperar información de ROA del "software de usuario de confianza" RPKI (a menudo llamado simplemente "servidor RPKI" o "validador RPKI") mediante el uso del protocolo :abbr:`RTR (RPKI to Router)`. Hay varias implementaciones de código abierto para elegir, como Routinator_ de NLNetLabs (escrito en Rust), GoRTR_ y OctoRPKI_ de Cloudflare (escrito en Go) y RPKI Validator_ de RIPE NCC (escrito en Java). El protocolo RTR se describe en :rfc:`8210`." -#: ../../configuration/protocols/bgp.rst:929 +#: ../../configuration/protocols/bgp.rst:951 msgid "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" msgstr "Una confederación BGP divide nuestro AS en sub-AS para reducir la cantidad de interconexiones IBGP requeridas. Dentro de un sub-AS aún requerimos IBGP de malla completa, pero entre estos sub-AS usamos algo que se parece a EBGP pero se comporta como IBGP (llamado BGP de confederación). El mecanismo de confederación se describe en :rfc:`5065`" @@ -1351,7 +1509,7 @@ msgstr "Un túnel GRE opera en la capa 3 del modelo OSI y está representado por msgid "A Rule-Set can be applied to every interface:" msgstr "Se puede aplicar un conjunto de reglas a cada interfaz:" -#: ../../configuration/service/dhcp-server.rst:561 +#: ../../configuration/service/dhcp-server.rst:567 msgid "A SNTP server address can be specified for DHCPv6 clients." msgstr "Se puede especificar una dirección de servidor SNTP para clientes DHCPv6." @@ -1363,11 +1521,11 @@ msgstr "Se crea un dispositivo VRF con una tabla de rutas asociada. Luego, las i msgid "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." msgstr "Un túnel VyOS GRE puede transportar tráfico IPv4 e IPv6 y también se puede crear sobre IPv4 (gre) o IPv6 (ip6gre)." -#: ../../configuration/service/dns.rst:162 +#: ../../configuration/service/dns.rst:149 msgid "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." msgstr "Se requiere un enrutador VyOS con dos interfaces, eth0 (WAN) y eth1 (LAN), para implementar una configuración de DNS de horizonte dividido para example.com." -#: ../../configuration/service/dhcp-server.rst:533 +#: ../../configuration/service/dhcp-server.rst:539 msgid "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." msgstr "Se puede configurar un dominio :abbr:`NIS (Servicio de información de red)` para que se use con clientes DHCPv6." @@ -1384,6 +1542,10 @@ msgstr "A basic introduction to zone-based firewalls can be found `here <https:/ msgid "A bridge named `br100`" msgstr "Un puente llamado `br100`" +#: ../../configuration/container/index.rst:144 +msgid "A brief description what this network is all about." +msgstr "A brief description what this network is all about." + #: ../../configuration/trafficpolicy/index.rst:147 msgid "A class can have multiple match filters:" msgstr "Una clase puede tener varios filtros de coincidencia:" @@ -1396,7 +1558,11 @@ msgstr "Un ejemplo común es el caso de algunas polÃticas que, para ser efectiv msgid "A complete LDAP auth OpenVPN configuration could look like the following example:" msgstr "Una configuración OpenVPN de autenticación LDAP completa podrÃa parecerse al siguiente ejemplo:" -#: ../../configuration/vpn/sstp.rst:335 +#: ../../configuration/service/ids.rst:84 +msgid "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" +msgstr "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" + +#: ../../configuration/vpn/sstp.rst:508 msgid "A connection attempt will be shown as:" msgstr "Un intento de conexión se mostrará como:" @@ -1420,7 +1586,7 @@ msgstr "Un nombre de dominio es la etiqueta (nombre) asignada a una red informá msgid "A dummy interface for the provider-assigned IP;" msgstr "Una interfaz ficticia para la IP asignada por el proveedor;" -#: ../../configuration/highavailability/index.rst:426 +#: ../../configuration/highavailability/index.rst:436 msgid "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." msgstr "Una marca de firewall ``fwmark`` permite usar múltiples puertos para un servidor virtual de alta disponibilidad. Utiliza el valor fwmark." @@ -1436,11 +1602,11 @@ msgstr "Un genérico `<name> ` que hace referencia a este servicio de sincroniza msgid "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." msgstr "Un nombre de host es la etiqueta (nombre) asignada a un dispositivo de red (un host) en una red y se usa para distinguir un dispositivo de otro en redes especÃficas o en Internet. Por otro lado, este será el nombre que aparecerá en la lÃnea de comandos." -#: ../../configuration/pki/index.rst:189 +#: ../../configuration/pki/index.rst:191 msgid "A human readable description what this CA is about." msgstr "Una descripción legible por humanos de qué se trata esta CA." -#: ../../configuration/pki/index.rst:228 +#: ../../configuration/pki/index.rst:230 msgid "A human readable description what this certificate is about." msgstr "Una descripción legible por humanos de qué se trata este certificado." @@ -1456,7 +1622,7 @@ msgstr "Un dispositivo administrado es un nodo de red que implementa una interfa msgid "A match filter can contain multiple criteria and will match traffic if all those criteria are true." msgstr "Un filtro de coincidencia puede contener múltiples criterios y coincidirá con el tráfico si todos esos criterios son verdaderos." -#: ../../configuration/protocols/bfd.rst:138 +#: ../../configuration/protocols/bfd.rst:145 msgid "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." msgstr "Una ruta estática supervisada condiciona la instalación en la RIB en el estado de ejecución de la sesión BFD: cuando la sesión BFD está activa, la ruta se instala en la RIB, pero cuando la sesión BFD está inactiva, se elimina de la RIB." @@ -1476,7 +1642,7 @@ msgstr "Se puede establecer un lÃmite de tasa de paquetes para que una regla ap msgid "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." msgstr "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." -#: ../../configuration/protocols/bgp.rst:698 +#: ../../configuration/protocols/bgp.rst:720 msgid "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." msgstr "Se impone una penalización de 1000 cada vez que falla la ruta. Cuando las sanciones alcanzan un umbral predefinido (valor de supresión), el enrutador deja de anunciar la ruta." @@ -1488,7 +1654,7 @@ msgstr "Se requiere una interfaz fÃsica para conectar esta instancia de MACsec. msgid "A pool of addresses can be defined by using a hyphen between two IP addresses:" msgstr "Se puede definir un grupo de direcciones usando un guión entre dos direcciones IP:" -#: ../../configuration/firewall/ipv4.rst:485 +#: ../../configuration/firewall/ipv4.rst:508 #: ../../configuration/firewall/ipv6.rst:491 msgid "A port can be set with a port number or a name which is here defined: ``/etc/services``." msgstr "Un puerto se puede configurar con un número de puerto o un nombre que se define aquÃ: ``/etc/services``." @@ -1526,11 +1692,11 @@ msgstr "Un ID de segmento que contiene un prefijo de dirección IP calculado por msgid "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." msgstr "Una estación de envÃo (computadora o conmutador de red) puede estar transmitiendo datos más rápido de lo que el otro extremo del enlace puede aceptarlos. Mediante el control de flujo, la estación receptora puede señalar al remitente solicitando la suspensión de las transmisiones hasta que el receptor se ponga al dÃa." -#: ../../configuration/service/dhcp-server.rst:589 +#: ../../configuration/service/dhcp-server.rst:595 msgid "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" msgstr "Una red compartida llamada ``NET1`` sirve a la subred ``2001:db8::/64``" -#: ../../configuration/protocols/bgp.rst:1146 +#: ../../configuration/protocols/bgp.rst:1168 msgid "A simple BGP configuration via IPv6." msgstr "Una configuración BGP simple a través de IPv6." @@ -1538,7 +1704,7 @@ msgstr "Una configuración BGP simple a través de IPv6." msgid "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." msgstr "Una polÃtica simple de detección temprana aleatoria (RED) comenzarÃa a descartar aleatoriamente paquetes de una cola antes de que alcance su lÃmite de cola, evitando asà la congestión. Eso es bueno para las conexiones TCP, ya que la eliminación gradual de paquetes actúa como una señal para que el remitente disminuya su velocidad de transmisión." -#: ../../configuration/protocols/bgp.rst:1101 +#: ../../configuration/protocols/bgp.rst:1123 msgid "A simple eBGP configuration:" msgstr "Una configuración sencilla de eBGP:" @@ -1602,7 +1768,7 @@ msgstr "Un búfer muy pequeño pronto comenzará a descartar paquetes." msgid "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." msgstr "Una zona debe configurarse antes de que se le asigne una interfaz y una interfaz se puede asignar a una sola zona." -#: ../../configuration/service/dns.rst:397 +#: ../../configuration/service/dns.rst:411 msgid "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." msgstr "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." @@ -1622,6 +1788,21 @@ msgstr "Aceptar conexiones SSH para el ` dado<device> ` en el puerto TCP `<port> msgid "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." msgstr "Acepte solo determinados protocolos: es posible que desee replicar el estado de los flujos en función de su protocolo de capa 4." +#: ../../configuration/service/pppoe-server.rst:384 +#: ../../configuration/vpn/l2tp.rst:328 +#: ../../configuration/vpn/pptp.rst:252 +#: ../../configuration/vpn/sstp.rst:286 +msgid "Accept peer interface identifier. By default is not defined." +msgstr "Accept peer interface identifier. By default is not defined." + +#: ../../configuration/service/ipoe-server.rst:364 +#: ../../configuration/service/pppoe-server.rst:530 +#: ../../configuration/vpn/l2tp.rst:484 +#: ../../configuration/vpn/pptp.rst:408 +#: ../../configuration/vpn/sstp.rst:442 +msgid "Acceptable rate of connections (e.g. 1/min, 60/sec)" +msgstr "Acceptable rate of connections (e.g. 1/min, 60/sec)" + #: ../../configuration/policy/access-list.rst:3 msgid "Access List Policy" msgstr "PolÃtica de lista de acceso" @@ -1665,7 +1846,7 @@ msgstr "Agregue el elemento Power Constraint a los marcos Beacon y Probe Respons msgid "Add a forwarding rule matching UDP port on your internet router." msgstr "Agregue una regla de reenvÃo que coincida con el puerto UDP en su enrutador de Internet." -#: ../../configuration/container/index.rst:113 +#: ../../configuration/container/index.rst:118 msgid "Add a host device to the container." msgstr "Agregue un dispositivo host al contenedor." @@ -1693,11 +1874,11 @@ msgstr "Agregue un nuevo puerto a SSL-ports acl. Puertos incluidos por defecto e msgid "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" msgstr "Agregar nuevo puerto a Safe-ports acl. Puertos incluidos por defecto en Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" -#: ../../configuration/policy/route-map.rst:221 +#: ../../configuration/policy/route-map.rst:224 msgid "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" msgstr "Agregue o reemplace el atributo de comunidad BGP en formato ``<0-65535:0-65535>`` o de una lista de comunidad conocida" -#: ../../configuration/policy/route-map.rst:236 +#: ../../configuration/policy/route-map.rst:239 msgid "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" msgstr "Agregue o reemplace el atributo de comunidad grande BGP en formato ``<0-4294967295:0-4294967295:0-4294967295>``" @@ -1705,11 +1886,11 @@ msgstr "Agregue o reemplace el atributo de comunidad grande BGP en formato ``< msgid "Add policy route matching VLAN source addresses" msgstr "Agregue direcciones de origen de VLAN coincidentes de ruta de polÃtica" -#: ../../configuration/pki/index.rst:217 +#: ../../configuration/pki/index.rst:219 msgid "Add public key portion for the certificate named `name` to the VyOS CLI." msgstr "Agregue una parte de la clave pública para el certificado llamado `nombre` a la CLI de VyOS." -#: ../../configuration/pki/index.rst:193 +#: ../../configuration/pki/index.rst:195 msgid "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." msgstr "Agregue la clave privada de las CA a la CLI de VyOS. Esto nunca debe salir del sistema y solo es necesario si usa VyOS como su generador de certificados como se mencionó anteriormente." @@ -1717,11 +1898,11 @@ msgstr "Agregue la clave privada de las CA a la CLI de VyOS. Esto nunca debe sal msgid "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." msgstr "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." -#: ../../configuration/pki/index.rst:232 +#: ../../configuration/pki/index.rst:234 msgid "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." msgstr "Agregue la parte de la clave privada de este certificado a la CLI. Esto nunca debe salir del sistema, ya que se utiliza para descifrar los datos." -#: ../../configuration/pki/index.rst:174 +#: ../../configuration/pki/index.rst:176 msgid "Add the public CA certificate for the CA named `name` to the VyOS CLI." msgstr "Agregue el certificado de CA público para la CA denominada "nombre" a la CLI de VyOS." @@ -1765,11 +1946,11 @@ msgstr "Familias de direcciones" msgid "Address Groups" msgstr "Grupos de direcciones" -#: ../../configuration/service/dhcp-server.rst:592 +#: ../../configuration/service/dhcp-server.rst:598 msgid "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." msgstr "El grupo de direcciones será ``2001:db8::100`` hasta ``2001:db8::199``." -#: ../../configuration/service/dhcp-server.rst:582 +#: ../../configuration/service/dhcp-server.rst:588 msgid "Address pools" msgstr "Grupos de direcciones" @@ -1777,14 +1958,30 @@ msgstr "Grupos de direcciones" msgid "Address to listen for HTTPS requests" msgstr "Dirección para escuchar solicitudes HTTPS" -#: ../../configuration/container/index.rst:136 +#: ../../configuration/container/index.rst:160 +msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." +msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." + +#: ../../configuration/container/index.rst:141 msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." msgstr "Agrega el registro a la lista de registros de búsqueda no calificados. De forma predeterminada, para cualquier imagen que no incluya el registro en el nombre de la imagen, Vyos utilizará docker.io como registro contenedor." -#: ../../configuration/protocols/bgp.rst:647 +#: ../../configuration/protocols/bgp.rst:669 msgid "Administrative Distance" msgstr "Distancia administrativa" +#: ../../configuration/service/ipoe-server.rst:335 +msgid "Advanced Interface Options" +msgstr "Advanced Interface Options" + +#: ../../configuration/service/ipoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:425 +#: ../../configuration/vpn/l2tp.rst:369 +#: ../../configuration/vpn/pptp.rst:293 +#: ../../configuration/vpn/sstp.rst:327 +msgid "Advanced Options" +msgstr "Advanced Options" + #: ../../configuration/nat/nat44.rst:301 msgid "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." msgstr "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." @@ -1797,7 +1994,11 @@ msgstr "Las ventajas de OpenVPN son:" msgid "Advertise DNS server per https://tools.ietf.org/html/rfc6106" msgstr "Anuncie el servidor DNS por https://tools.ietf.org/html/rfc6106" -#: ../../configuration/service/router-advert.rst:53 +#: ../../configuration/service/router-advert.rst:78 +msgid "Advertising a NAT64 Prefix" +msgstr "Advertising a NAT64 Prefix" + +#: ../../configuration/service/router-advert.rst:54 msgid "Advertising a Prefix" msgstr "Publicidad de un prefijo" @@ -1805,7 +2006,7 @@ msgstr "Publicidad de un prefijo" msgid "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" msgstr "Después de confirmar, las contraseñas de texto sin formato se cifrarán y almacenarán en su configuración. La configuración de CLI resultante se verá asÃ:" -#: ../../configuration/vrf/index.rst:325 +#: ../../configuration/vrf/index.rst:344 msgid "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." msgstr "Después de confirmar la configuración, podemos verificar que todas las rutas filtradas estén instaladas e intentar hacer ping ICMP a la PC1 desde la PC3." @@ -1813,10 +2014,18 @@ msgstr "Después de confirmar la configuración, podemos verificar que todas las msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." -#: ../../configuration/pki/index.rst:212 +#: ../../configuration/vpn/ipsec.rst:418 +msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." +msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." + +#: ../../configuration/pki/index.rst:214 msgid "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." msgstr "Después de haber importado los certificados de CA, ahora podemos importar y agregar certificados utilizados por los servicios en este enrutador." +#: ../../configuration/vpn/ipsec.rst:399 +msgid "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." +msgstr "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." + #: ../../configuration/service/snmp.rst:39 msgid "Agent - software which runs on managed devices" msgstr "Agente: software que se ejecuta en dispositivos administrados" @@ -1825,7 +2034,7 @@ msgstr "Agente: software que se ejecuta en dispositivos administrados" msgid "Alert" msgstr "Alerta" -#: ../../configuration/highavailability/index.rst:346 +#: ../../configuration/highavailability/index.rst:356 msgid "Algorithm" msgstr "Algoritmo" @@ -1833,7 +2042,7 @@ msgstr "Algoritmo" msgid "Aliases" msgstr "Alias" -#: ../../configuration/service/dns.rst:167 +#: ../../configuration/service/dns.rst:154 msgid "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" msgstr "Todas las solicitudes de DNS para ejemplo.com deben reenviarse a un servidor DNS en 192.0.2.254 y 2001:db8:cafe::1" @@ -1861,7 +2070,7 @@ msgstr "Todas las interfaces utilizadas para el relé DHCP deben configurarse. E msgid "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." msgstr "Todos los elementos de un grupo de sincronización deben configurarse de manera similar. Si un grupo de VRRP se configura con un retraso o una prioridad de prioridad diferente, se producirÃa un ciclo de transición sin fin." -#: ../../configuration/service/dns.rst:169 +#: ../../configuration/service/dns.rst:156 msgid "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" msgstr "Todas las demás solicitudes de DNS se reenviarán a un conjunto diferente de servidores DNS en 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff y 2001:db8::2:ffff" @@ -1897,7 +2106,11 @@ msgstr "Se permite todo el tráfico hacia y desde una interfaz dentro de una zon msgid "All tunnel sessions can be checked via:" msgstr "Todas las sesiones de túnel se pueden comprobar a través de:" -#: ../../configuration/vpn/l2tp.rst:209 +#: ../../configuration/service/ipoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:193 +#: ../../configuration/vpn/l2tp.rst:236 +#: ../../configuration/vpn/pptp.rst:176 +#: ../../configuration/vpn/sstp.rst:209 msgid "Allocation clients ip addresses by RADIUS" msgstr "Asignación de direcciones IP de clientes por RADIUS" @@ -1913,7 +2126,7 @@ msgstr "Permita el acceso a los sitios de un dominio sin recuperarlos de la memo msgid "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." msgstr "Permita que bgp negocie la capacidad de próximo salto extendido con su par. Si está interconectando una dirección local de enlace IPv6, esta capacidad se activa automáticamente. Si está interconectando una dirección global IPv6, al activar este comando permitirá que BGP instale rutas IPv4 con nexthops IPv6 si no tiene IPv4 configurado en las interfaces." -#: ../../configuration/service/dns.rst:359 +#: ../../configuration/service/dns.rst:362 msgid "Allow explicit IPv6 address for the interface." msgstr "Permita una dirección IPv6 explÃcita para la interfaz." @@ -1933,7 +2146,7 @@ msgstr "Permitir que este par BFD no se conecte directamente" msgid "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." msgstr "Valores permitidos para indicadores TCP: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` Al especificar más de una bandera, las banderas deben estar separadas por comas. El ``!`` niega el protocolo seleccionado." -#: ../../configuration/firewall/ipv4.rst:812 +#: ../../configuration/firewall/ipv4.rst:835 #: ../../configuration/firewall/ipv6.rst:821 #: ../../configuration/system/conntrack.rst:199 msgid "Allowed values fpr TCP flags: ``ack``, ``cwr``, ``ecn``, ``fin``, ``psh``, ``rst``, ``syn`` and ``urg``. Multiple values are supported, and for inverted selection use ``not``, as shown in the example." @@ -1947,11 +2160,11 @@ msgstr "Permite que las ID de VLAN especÃficas pasen a través de la interfaz d msgid "Allows to define URL path matching rules for a specific service." msgstr "Permite definir reglas de coincidencia de ruta de URL para un servicio especÃfico." -#: ../../configuration/protocols/static.rst:69 +#: ../../configuration/protocols/static.rst:92 msgid "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Le permite configurar la interfaz de siguiente salto para una ruta estática IPv4 basada en interfaz. `<interface> ` será la interfaz de siguiente salto donde se enruta el tráfico para el ` dado<subnet> `." -#: ../../configuration/protocols/static.rst:89 +#: ../../configuration/protocols/static.rst:112 msgid "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Le permite configurar la interfaz de siguiente salto para una ruta estática IPv6 basada en interfaz. `<interface> ` será la interfaz de siguiente salto donde se enruta el tráfico para el ` dado<subnet> `." @@ -1977,11 +2190,11 @@ msgstr "Also, for those who haven't updated to newer version, legacy documentati msgid "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." msgstr "Además, en :ref:`destination-nat`, se admite la redirección a localhost. La declaración de redirección es una forma especial de dnat que siempre traduce la dirección de destino a la del host local." -#: ../../configuration/protocols/static.rst:138 +#: ../../configuration/protocols/static.rst:171 msgid "Alternate Routing Tables" msgstr "Tablas de enrutamiento alternativas" -#: ../../configuration/protocols/static.rst:142 +#: ../../configuration/protocols/static.rst:175 msgid "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." msgstr "Las tablas de enrutamiento alternativas se utilizan con el enrutamiento basado en polÃticas utilizando :ref:`vrf`." @@ -2037,7 +2250,7 @@ msgstr "Un agente es un módulo de software de administración de red que reside msgid "An alternate command could be \"mpls-te on\" (Traffic Engineering)" msgstr "Un comando alternativo podrÃa ser "mpls-te on" (IngenierÃa de tráfico)" -#: ../../configuration/firewall/ipv4.rst:373 +#: ../../configuration/firewall/ipv4.rst:396 msgid "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." msgstr "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." @@ -2062,7 +2275,7 @@ msgstr "Puede encontrar una introducción básica a los cortafuegos basados en z #: ../../configuration/interfaces/tunnel.rst:71 #: ../../configuration/interfaces/tunnel.rst:93 #: ../../configuration/interfaces/tunnel.rst:194 -#: ../../configuration/system/login.rst:195 +#: ../../configuration/system/login.rst:199 msgid "An example:" msgstr "Un ejemplo:" @@ -2074,7 +2287,7 @@ msgstr "Un ejemplo de una configuración que envÃa métricas de ``telegraf`` a msgid "An example of creating a VLAN-aware bridge is as follows:" msgstr "Un ejemplo de creación de un puente compatible con VLAN es el siguiente:" -#: ../../configuration/system/login.rst:149 +#: ../../configuration/system/login.rst:153 msgid "An example of key generation:" msgstr "Un ejemplo de generación de claves:" @@ -2102,6 +2315,10 @@ msgstr "And base chain for traffic generated by the router is ``set firewall ipv msgid "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" msgstr "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" +#: ../../configuration/service/ids.rst:138 +msgid "And content of the script:" +msgstr "And content of the script:" + #: ../../configuration/policy/route.rst:76 msgid "And for ipv6:" msgstr "Y para ipv6:" @@ -2114,7 +2331,7 @@ msgstr "And next, some configuration example where groups are used:" msgid "And op-mode commands:" msgstr "And op-mode commands:" -#: ../../configuration/system/ip.rst:84 +#: ../../configuration/system/ip.rst:97 msgid "And the different IPv4 **reset** commands available:" msgstr "Y los diferentes comandos IPv4 **reset** disponibles:" @@ -2131,6 +2348,10 @@ msgstr "Otro término que se usa a menudo para DNAT es **NAT 1 a 1**. Para una c msgid "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." msgstr "Otra cosa a tener en cuenta con LDP es que, al igual que BGP, es un protocolo que se ejecuta sobre TCP. Sin embargo, no tiene la capacidad de hacer algo como una capacidad de actualización como la capacidad de actualización de ruta de BGP. Por lo tanto, es posible que deba restablecer el vecino para que funcione un cambio de capacidad o un cambio de configuración." +#: ../../configuration/vpn/ipsec.rst:549 +msgid "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/vrf/index.rst:52 #: ../../configuration/vrf/index.rst:62 msgid "Apply a route-map filter to routes for the specified protocol." @@ -2221,11 +2442,15 @@ msgstr "Como resultado, el procesamiento de cada paquete se vuelve más eficient msgid "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." msgstr "Como alternativa a la aplicación directa de polÃticas a una interfaz, se puede crear un firewall basado en zonas para simplificar la configuración cuando varias interfaces pertenecen a la misma zona de seguridad. En lugar de aplicar conjuntos de reglas a las interfaces, se aplican a pares de zona de origen y zona de destino." +#: ../../configuration/vpn/ipsec.rst:523 +msgid "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." +msgstr "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." + #: ../../configuration/firewall/flowtables.rst:109 msgid "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." msgstr "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." -#: ../../configuration/system/option.rst:80 +#: ../../configuration/system/option.rst:110 msgid "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." msgstr "A medida que más y más enrutadores se ejecutan en hipervisores, especialmente con un :abbr:`NOS (sistema operativo de red)` como VyOS, tiene cada vez menos sentido usar enlaces de recursos estáticos como ``smp-affinity`` como está presente en VyOS 1.2 y anteriores para anclar ciertos controladores de interrupción a CPU especÃficas." @@ -2265,7 +2490,7 @@ msgstr "As the example image below shows, the device was configured with rules b msgid "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." msgstr "Como su nombre lo indica, es IPv4 encapsulado en IPv6, tan simple como eso." -#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/l2tp.rst:86 msgid "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" msgstr "Además de lo siguiente para permitir NAT-transversal (cuando el cliente VPN detecta NAT, ESP se encapsula en UDP para NAT-transversal):" @@ -2301,7 +2526,7 @@ msgstr "Asignar `<member> `interfaz para puente`<interface> `. Un asistente de f msgid "Assign a specific backend to a rule" msgstr "Asignar un backend especÃfico a una regla" -#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:98 msgid "Assign interface identified by `<interface>` to VRF named `<name>`." msgstr "Asignar interfaz identificada por `<interface> ` a VRF llamado `<name> `." @@ -2309,7 +2534,10 @@ msgstr "Asignar interfaz identificada por `<interface> ` a VRF llamado `<name> ` msgid "Assign member interfaces to PortChannel" msgstr "Asignar interfaces de miembros a PortChannel" -#: ../../configuration/vpn/sstp.rst:80 +#: ../../configuration/service/pppoe-server.rst:437 +#: ../../configuration/vpn/l2tp.rst:381 +#: ../../configuration/vpn/pptp.rst:305 +#: ../../configuration/vpn/sstp.rst:339 msgid "Assign static IP address to `<user>` account." msgstr "Asigne una dirección IP estática a `<user> ` cuenta." @@ -2317,7 +2545,7 @@ msgstr "Asigne una dirección IP estática a `<user> ` cuenta." msgid "Assign the IP address to this machine for `<time>` seconds." msgstr "Asigne la dirección IP a esta máquina para `<time> ` segundos." -#: ../../configuration/system/login.rst:62 +#: ../../configuration/system/login.rst:66 msgid "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." msgstr "Asigne la parte de la clave pública SSH `<key> ` identificado por clave `<identifier> ` al usuario local `<username> `." @@ -2401,6 +2629,14 @@ msgstr "Adjunta la red definida por el usuario a un contenedor. Solo se debe esp msgid "Authentication" msgstr "Autenticación" +#: ../../configuration/service/ipoe-server.rst:310 +#: ../../configuration/service/pppoe-server.rst:428 +#: ../../configuration/vpn/l2tp.rst:372 +#: ../../configuration/vpn/pptp.rst:296 +#: ../../configuration/vpn/sstp.rst:330 +msgid "Authentication Advanced Options" +msgstr "Authentication Advanced Options" + #: ../../configuration/interfaces/ethernet.rst:99 msgid "Authentication (EAPoL)" msgstr "Autenticación (EAPoL)" @@ -2437,11 +2673,11 @@ msgstr "Autenticación: para verificar que el mensaje proviene de una fuente vá msgid "Authorization token" msgstr "token de autorización" -#: ../../configuration/service/pppoe-server.rst:159 +#: ../../configuration/service/pppoe-server.rst:228 msgid "Automatic VLAN Creation" msgstr "Creación automática de VLAN" -#: ../../configuration/service/ipoe-server.rst:96 +#: ../../configuration/service/ipoe-server.rst:97 msgid "Automatic VLAN creation" msgstr "Creación automática de VLAN" @@ -2469,7 +2705,7 @@ msgstr "Explorador de datos de Azure" msgid "BFD" msgstr "BFD" -#: ../../configuration/protocols/bfd.rst:136 +#: ../../configuration/protocols/bfd.rst:143 msgid "BFD Static Route Monitoring" msgstr "Monitoreo de rutas estáticas BFD" @@ -2505,7 +2741,7 @@ msgstr "Ejemplo BGP" msgid "BGP Router Configuration" msgstr "Configuración del enrutador BGP" -#: ../../configuration/protocols/bgp.rst:888 +#: ../../configuration/protocols/bgp.rst:910 msgid "BGP Scaling Configuration" msgstr "Configuración de escalado de BGP" @@ -2517,7 +2753,7 @@ msgstr "Atributo del agregador BGP: Número AS o dirección IP de una agregació msgid "BGP as-path list to match." msgstr "BGP como lista de ruta para que coincida." -#: ../../configuration/policy/route-map.rst:216 +#: ../../configuration/policy/route-map.rst:219 msgid "BGP atomic aggregate attribute." msgstr "Atributo agregado atómico BGP." @@ -2533,11 +2769,11 @@ msgstr "Comunidad extendida BGP para que coincida." msgid "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" msgstr "Los roles de BGP se definen en RFC :rfc:`9234` y proporcionan una manera fácil de agregar prevención, detección y mitigación de fugas de ruta. El valor del rol local se negocia con la nueva capacidad del rol BGP que tiene una verificación integrada del valor correspondiente. En caso de discrepancia, se enviarÃa la nueva Notificación de discrepancia de roles OPEN <2, 11>. Los pares de roles correctos son:" -#: ../../configuration/protocols/bgp.rst:890 +#: ../../configuration/protocols/bgp.rst:912 msgid "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." msgstr "Los enrutadores BGP conectados dentro del mismo AS a través de BGP pertenecen a una sesión BGP interna o IBGP. Para evitar bucles en la tabla de enrutamiento, el hablante de IBGP no anuncia rutas aprendidas por IBGP a otro hablante de IBGP (mecanismo Split Horizon). Como tal, IBGP requiere una malla completa de todos los pares. Para redes grandes, esto rápidamente se vuelve inescalable." -#: ../../configuration/vrf/index.rst:413 +#: ../../configuration/vrf/index.rst:432 msgid "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." msgstr "Las rutas BGP pueden filtrarse (es decir, copiarse) entre una RIB VRF de unidifusión y la RIB SAFI de VPN de la VRF predeterminada para su uso en L3VPN basadas en MPLS. Las rutas de unidifusión también pueden filtrarse entre cualquier VRF (incluida la RIB de unidifusión de la instancia de BGP predeterminada). También está disponible una sintaxis de acceso directo para especificar fugas de un VRF a otro VRF utilizando la VPN RIB de la instancia predeterminada como intermediario. Una aplicación común de la función VRF-VRF es conectar el dominio de enrutamiento privado de un cliente al servicio VPN de un proveedor. La fuga se configura desde el punto de vista de un VRF individual: la importación se refiere a las rutas filtradas de VPN a un VRF de unidifusión, mientras que la exportación se refiere a las rutas filtradas de un VRF de unidifusión a VPN." @@ -2569,18 +2805,16 @@ msgstr "Reglas de equilibrio" msgid "Balancing based on domain name" msgstr "Equilibrio basado en el nombre de dominio" -#: ../../configuration/service/ipoe-server.rst:122 -#: ../../configuration/service/pppoe-server.rst:182 -#: ../../configuration/vpn/l2tp.rst:113 +#: ../../configuration/service/pppoe-server.rst:251 msgid "Bandwidth Shaping" msgstr "Conformación de ancho de banda" -#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/ipoe-server.rst:129 #: ../../configuration/vpn/l2tp.rst:118 msgid "Bandwidth Shaping for local users" msgstr "Conformación de ancho de banda para usuarios locales" -#: ../../configuration/service/pppoe-server.rst:184 +#: ../../configuration/service/pppoe-server.rst:253 msgid "Bandwidth rate limits can be set for local users or RADIUS based attributes." msgstr "Los lÃmites de tasa de ancho de banda se pueden establecer para usuarios locales o atributos basados en RADIUS." @@ -2588,7 +2822,7 @@ msgstr "Los lÃmites de tasa de ancho de banda se pueden establecer para usuario msgid "Bandwidth rate limits can be set for local users or via RADIUS based attributes." msgstr "Los lÃmites de velocidad de ancho de banda se pueden establecer para usuarios locales o mediante atributos basados en RADIUS." -#: ../../configuration/service/ipoe-server.rst:124 +#: ../../configuration/service/ipoe-server.rst:125 msgid "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." msgstr "Los lÃmites de tasa de ancho de banda se pueden establecer para usuarios locales dentro de la configuración o mediante atributos basados en RADIUS." @@ -2648,7 +2882,7 @@ msgstr "Antes de habilitar cualquier descarga de segmentación de hardware, se r msgid "Before you are able to apply a rule-set to a zone you have to create the zones first." msgstr "Antes de poder aplicar un conjunto de reglas a una zona, primero debe crear las zonas." -#: ../../configuration/vpn/site2site_ipsec.rst:422 +#: ../../configuration/vpn/site2site_ipsec.rst:425 msgid "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." msgstr "El siguiente diagrama de flujo podrÃa ser una referencia rápida para la combinación de acción de cierre, según cómo esté configurado el par." @@ -2672,6 +2906,10 @@ msgstr "NAT bidireccional" msgid "Binary value" msgstr "valor binario" +#: ../../configuration/container/index.rst:153 +msgid "Bind container network to a given VRF instance." +msgstr "Bind container network to a given VRF instance." + #: ../../configuration/protocols/bfd.rst:39 msgid "Bind listener to specific interface/address, mandatory for IPv6" msgstr "Vincular el oyente a una interfaz/dirección especÃfica, obligatorio para IPv6" @@ -2680,7 +2918,7 @@ msgstr "Vincular el oyente a una interfaz/dirección especÃfica, obligatorio pa msgid "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." msgstr "Vincula eth1.241 y vxlan241 entre sà al convertirlos en interfaces miembro del mismo puente." -#: ../../configuration/protocols/static.rst:108 +#: ../../configuration/protocols/static.rst:142 msgid "Blackhole" msgstr "Agujero negro" @@ -2708,11 +2946,11 @@ msgstr "Agregación de bonos/enlaces" msgid "Bond options" msgstr "Opciones de bonos" -#: ../../configuration/service/dhcp-server.rst:306 +#: ../../configuration/service/dhcp-server.rst:312 msgid "Boot image length in 512-octet blocks" msgstr "Longitud de la imagen de arranque en bloques de 512 octetos" -#: ../../configuration/service/dhcp-server.rst:301 +#: ../../configuration/service/dhcp-server.rst:307 msgid "Bootstrap file name" msgstr "Nombre de archivo de arranque" @@ -2761,6 +2999,14 @@ msgstr "Bridge responde en la dirección IP 192.0.2.1/24 y 2001:db8::ffff/64" msgid "Bridge maximum aging `<time>` in seconds (default: 20)." msgstr "Envejecimiento máximo del puente `<time> ` en segundos (predeterminado: 20)." +#: ../../configuration/service/ipoe-server.rst:360 +#: ../../configuration/service/pppoe-server.rst:526 +#: ../../configuration/vpn/l2tp.rst:480 +#: ../../configuration/vpn/pptp.rst:404 +#: ../../configuration/vpn/sstp.rst:438 +msgid "Burst count" +msgstr "Burst count" + #: ../../configuration/interfaces/pppoe.rst:41 msgid "Business Users" msgstr "Usuarios comerciales" @@ -2777,11 +3023,11 @@ msgstr "De forma predeterminada, FRR mostrará la interconexión con una capacid msgid "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." msgstr "De forma predeterminada, VyOS no anuncia una ruta predeterminada (0.0.0.0/0) incluso si está en la tabla de enrutamiento. Cuando desee anunciar rutas predeterminadas al par, use este comando. Usando el argumento opcional :cfgcmd:`route-map`, puede inyectar la ruta predeterminada a un vecino dado solo si se cumplen las condiciones en el mapa de ruta." -#: ../../configuration/system/login.rst:126 +#: ../../configuration/system/login.rst:130 msgid "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." msgstr "De forma predeterminada, la aplicación móvil genera un nuevo token cada 30 segundos. Para compensar el posible desfase temporal entre el cliente y el servidor, se permite un token adicional antes y después de la hora actual. Esto permite un sesgo de tiempo de hasta 30 segundos entre el servidor de autenticación y el cliente." -#: ../../configuration/service/dns.rst:393 +#: ../../configuration/service/dns.rst:401 msgid "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." msgstr "De manera predeterminada, ddclient_ actualizará un registro dns dinámico usando la dirección IP directamente adjunta a la interfaz. Si su instancia de VyOS está detrás de NAT, su registro se actualizará para apuntar a su IP interna." @@ -2794,6 +3040,10 @@ msgstr "De manera predeterminada, habilitar RPKI no cambia la selección de la m msgid "By default, it supports both planned and unplanned outages." msgstr "De forma predeterminada, admite interrupciones planificadas y no planificadas." +#: ../../configuration/protocols/bgp.rst:661 +msgid "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." +msgstr "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." + #: ../../configuration/service/https.rst:45 msgid "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." msgstr "De forma predeterminada, nginx expone la API local en todos los servidores virtuales. Use esto para restringir nginx a uno o más hosts virtuales." @@ -2839,7 +3089,7 @@ msgstr "Mediante el uso de interfaces Pseudo-Ethernet, habrá menos sobrecarga d msgid "Bypassing the webproxy" msgstr "Omitir el webproxy" -#: ../../configuration/pki/index.rst:170 +#: ../../configuration/pki/index.rst:172 msgid "CA (Certificate Authority)" msgstr "CA (autoridad de certificación)" @@ -2860,20 +3110,20 @@ msgstr "Negociación de capacidad" msgid "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." msgstr "Ciertos proveedores usan transmisiones para identificar su equipo dentro de un segmento de Ethernet. Desafortunadamente, si divide su red con varias VLAN, pierde la capacidad de identificar su equipo." -#: ../../configuration/pki/index.rst:33 +#: ../../configuration/pki/index.rst:35 msgid "Certificate Authority (CA)" msgstr "Autoridad de certificación (CA)" -#: ../../configuration/pki/index.rst:185 +#: ../../configuration/pki/index.rst:187 msgid "Certificate revocation list in PEM format." msgstr "Lista de revocación de certificados en formato PEM." -#: ../../configuration/pki/index.rst:63 +#: ../../configuration/pki/index.rst:65 #: ../../configuration/vpn/sstp.rst:27 msgid "Certificates" msgstr "Certificados" -#: ../../configuration/system/option.rst:66 +#: ../../configuration/system/option.rst:96 msgid "Change system keyboard layout to given language." msgstr "Cambie el diseño del teclado del sistema al idioma dado." @@ -2889,7 +3139,7 @@ msgstr "Los cambios en las polÃticas de BGP requieren que se borre la sesión d msgid "Changes to the NAT system only affect newly established connections. Already established connections are not affected." msgstr "Los cambios en el sistema NAT solo afectan a las conexiones recién establecidas. Las conexiones ya establecidas no se ven afectadas." -#: ../../configuration/system/option.rst:70 +#: ../../configuration/system/option.rst:100 msgid "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." msgstr "Cambiar el mapa de teclas solo tiene un efecto en la consola del sistema, el uso de SSH o el acceso remoto en serie al dispositivo no se ve afectado ya que el diseño del teclado aquà corresponde a su sistema de acceso." @@ -2909,11 +3159,11 @@ msgstr "Compruebe si el dispositivo Intel® QAT está activo y listo para hacer msgid "Check status" msgstr "Comprobar estado" -#: ../../configuration/system/ipv6.rst:64 +#: ../../configuration/system/ipv6.rst:77 msgid "Check the many parameters available for the `show ipv6 route` command:" msgstr "Verifique los muchos parámetros disponibles para el comando `show ipv6 route`:" -#: ../../configuration/service/pppoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:315 msgid "Checking connections" msgstr "Comprobación de conexiones" @@ -2945,11 +3195,11 @@ msgstr "trato de clase" msgid "Classes" msgstr "Clases" -#: ../../configuration/service/dhcp-server.rst:326 +#: ../../configuration/service/dhcp-server.rst:332 msgid "Classless static route" msgstr "Ruta estática sin clase" -#: ../../configuration/policy/route-map.rst:269 +#: ../../configuration/policy/route-map.rst:272 msgid "Clear all BGP extcommunities." msgstr "Borre todas las comunidades externas de BGP." @@ -2973,7 +3223,15 @@ msgstr "Autenticación del cliente" msgid "Client Configuration" msgstr "Client Configuration" -#: ../../configuration/vpn/sstp.rst:289 +#: ../../configuration/service/ipoe-server.rst:328 +#: ../../configuration/service/pppoe-server.rst:446 +#: ../../configuration/vpn/l2tp.rst:400 +#: ../../configuration/vpn/pptp.rst:324 +#: ../../configuration/vpn/sstp.rst:358 +msgid "Client IP Pool Advanced Options" +msgstr "Client IP Pool Advanced Options" + +#: ../../configuration/vpn/sstp.rst:358 msgid "Client IP addresses will be provided from pool `192.0.2.0/25`" msgstr "Las direcciones IP de los clientes se proporcionarán desde el grupo `192.0.2.0/25`" @@ -2981,15 +3239,15 @@ msgstr "Las direcciones IP de los clientes se proporcionarán desde el grupo `19 msgid "Client Side" msgstr "Lado del cliente" -#: ../../configuration/service/ipoe-server.rst:184 +#: ../../configuration/service/ipoe-server.rst:186 msgid "Client configuration" msgstr "Configuración del cliente" -#: ../../configuration/service/dhcp-server.rst:266 +#: ../../configuration/service/dhcp-server.rst:272 msgid "Client domain name" msgstr "nombre de dominio del cliente" -#: ../../configuration/service/dhcp-server.rst:321 +#: ../../configuration/service/dhcp-server.rst:327 msgid "Client domain search" msgstr "Búsqueda de dominio de cliente" @@ -3001,7 +3259,7 @@ msgstr "El aislamiento del cliente se puede utilizar para evitar puentes de tram msgid "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" msgstr "Los clientes se identifican por el campo CN de sus certificados x.509, en este ejemplo el CN es ``client0``:" -#: ../../configuration/service/dhcp-server.rst:514 +#: ../../configuration/service/dhcp-server.rst:520 msgid "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." msgstr "Los clientes que reciben mensajes publicitarios de varios servidores eligen el servidor con el valor de preferencia más alto. El rango para este valor es ``0...255``." @@ -3019,11 +3277,11 @@ msgstr "La finalización del comando se puede utilizar para enumerar las zonas h msgid "Command for disabling a rule but keep it in the configuration." msgstr "Command for disabling a rule but keep it in the configuration." -#: ../../configuration/vrf/index.rst:128 +#: ../../configuration/vrf/index.rst:147 msgid "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." msgstr "El comando probablemente deberÃa extenderse para enumerar también las interfaces reales asignadas a este VRF para obtener una mejor visión general." -#: ../../configuration/firewall/ipv4.rst:1179 +#: ../../configuration/firewall/ipv4.rst:1202 #: ../../configuration/firewall/ipv6.rst:1195 msgid "Command used to update GeoIP database and firewall sets." msgstr "Comando utilizado para actualizar la base de datos GeoIP y los conjuntos de firewall." @@ -3032,7 +3290,7 @@ msgstr "Comando utilizado para actualizar la base de datos GeoIP y los conjuntos msgid "Commands" msgstr "Commands" -#: ../../configuration/service/dhcp-server.rst:379 +#: ../../configuration/service/dhcp-server.rst:385 msgid "Common configuration, valid for both primary and secondary node." msgstr "Configuración común, válida tanto para el nodo primario como para el secundario." @@ -3059,7 +3317,7 @@ msgstr "Configuración de interfaz común" msgid "Common parameters" msgstr "Parámetros comunes" -#: ../../configuration/protocols/bgp.rst:927 +#: ../../configuration/protocols/bgp.rst:949 msgid "Confederation Configuration" msgstr "Configuración de Confederación" @@ -3098,7 +3356,7 @@ msgstr "Confidencialidad: cifrado de paquetes para evitar la intromisión de una #: ../../configuration/policy/local-route.rst:9 #: ../../configuration/policy/prefix-list.rst:16 #: ../../configuration/policy/route-map.rst:10 -#: ../../configuration/protocols/bfd.rst:143 +#: ../../configuration/protocols/bfd.rst:150 #: ../../configuration/protocols/bgp.rst:164 #: ../../configuration/protocols/igmp-proxy.rst:14 #: ../../configuration/protocols/isis.rst:28 @@ -3111,15 +3369,15 @@ msgstr "Confidencialidad: cifrado de paquetes para evitar la intromisión de una #: ../../configuration/service/dhcp-relay.rst:19 #: ../../configuration/service/dhcp-relay.rst:137 #: ../../configuration/service/dhcp-server.rst:22 -#: ../../configuration/service/dhcp-server.rst:510 +#: ../../configuration/service/dhcp-server.rst:516 #: ../../configuration/service/dns.rst:8 -#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:214 #: ../../configuration/service/https.rst:14 -#: ../../configuration/service/ipoe-server.rst:28 +#: ../../configuration/service/ids.rst:20 #: ../../configuration/service/lldp.rst:36 #: ../../configuration/service/mdns.rst:19 #: ../../configuration/service/ntp.rst:40 -#: ../../configuration/service/pppoe-server.rst:17 +#: ../../configuration/service/router-advert.rst:28 #: ../../configuration/service/salt-minion.rst:25 #: ../../configuration/service/ssh.rst:36 #: ../../configuration/service/tftp-server.rst:14 @@ -3127,18 +3385,18 @@ msgstr "Confidencialidad: cifrado de paquetes para evitar la intromisión de una #: ../../configuration/system/default-route.rst:12 #: ../../configuration/system/flow-accounting.rst:43 #: ../../configuration/system/lcd.rst:17 -#: ../../configuration/system/login.rst:241 -#: ../../configuration/system/login.rst:310 +#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:314 #: ../../configuration/system/sflow.rst:12 #: ../../configuration/system/updates.rst:8 #: ../../configuration/vpn/dmvpn.rst:38 #: ../../configuration/vpn/dmvpn.rst:182 #: ../../configuration/vpn/openconnect.rst:21 -#: ../../configuration/vpn/sstp.rst:65 +#: ../../configuration/vpn/sstp.rst:40 #: ../../configuration/vrf/index.rst:16 -#: ../../configuration/vrf/index.rst:253 -#: ../../configuration/vrf/index.rst:288 -#: ../../configuration/vrf/index.rst:436 +#: ../../configuration/vrf/index.rst:272 +#: ../../configuration/vrf/index.rst:307 +#: ../../configuration/vrf/index.rst:455 msgid "Configuration" msgstr "Configuración" @@ -3148,8 +3406,8 @@ msgstr "Configuración" #: ../../configuration/protocols/pim6.rst:78 #: ../../configuration/protocols/rip.rst:239 #: ../../configuration/protocols/segment-routing.rst:187 -#: ../../configuration/system/login.rst:279 -#: ../../configuration/system/login.rst:350 +#: ../../configuration/system/login.rst:283 +#: ../../configuration/system/login.rst:354 msgid "Configuration Example" msgstr "Ejemplo de configuración" @@ -3171,7 +3429,7 @@ msgstr "Opciones de configuración" msgid "Configuration commands covered in this section:" msgstr "Configuration commands covered in this section:" -#: ../../configuration/vpn/ipsec.rst:284 +#: ../../configuration/vpn/ipsec.rst:288 msgid "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" msgstr "Los comandos de configuración para la clave privada y pública se mostrarán en la pantalla que primero debe configurarse en el enrutador. Tenga en cuenta el comando con la clave pública (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Luego haga lo mismo en el enrutador opuesto:" @@ -3183,7 +3441,7 @@ msgstr "Se mostrarán los comandos de configuración. Tenga en cuenta el comando msgid "Configuration example:" msgstr "Configuration example:" -#: ../../configuration/vrf/index.rst:430 +#: ../../configuration/vrf/index.rst:449 msgid "Configuration for these exported routes must, at a minimum, specify these two parameters." msgstr "La configuración de estas rutas exportadas debe, como mÃnimo, especificar estos dos parámetros." @@ -3191,15 +3449,15 @@ msgstr "La configuración de estas rutas exportadas debe, como mÃnimo, especifi msgid "Configuration of :ref:`routing-static`" msgstr "Configuración de :ref:`routing-static`" -#: ../../configuration/service/dhcp-server.rst:371 +#: ../../configuration/service/dhcp-server.rst:377 msgid "Configuration of a DHCP failover pair" msgstr "Configuración de un par de conmutación por error DHCP" -#: ../../configuration/vrf/index.rst:438 +#: ../../configuration/vrf/index.rst:457 msgid "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." msgstr "La configuración de la fuga de rutas entre una RIB VRF de unidifusión y la RIB SAFI de VPN de la VRF predeterminada se logra a través de comandos en el contexto de una familia de direcciones VRF." -#: ../../configuration/protocols/static.rst:166 +#: ../../configuration/protocols/static.rst:199 #: ../../configuration/system/conntrack.rst:12 msgid "Configure" msgstr "Configurar" @@ -3208,11 +3466,11 @@ msgstr "Configurar" msgid "Configure BFD" msgstr "Configurar BFD" -#: ../../configuration/service/dns.rst:258 +#: ../../configuration/service/dns.rst:245 msgid "Configure DNS `<record>` which should be updated. This can be set multiple times." msgstr "Configurar DNS `<record> ` que debe ser actualizado. Esto se puede configurar varias veces." -#: ../../configuration/service/dns.rst:253 +#: ../../configuration/service/dns.rst:241 msgid "Configure DNS `<zone>` to be updated." msgstr "Configurar DNS `<zone> ` para ser actualizado." @@ -3230,15 +3488,27 @@ msgstr "Configure el reinicio elegante :rfc:`3623` soporte auxiliar. De forma pr msgid "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." msgstr "Configure el reinicio elegante :rfc:`3623` soporte de reinicio. Cuando está habilitado, el perÃodo de gracia predeterminado es de 120 segundos." +#: ../../configuration/service/ids.rst:69 +msgid "Configure ICMP threshold parameters." +msgstr "Configure ICMP threshold parameters." + #: ../../configuration/service/dhcp-relay.rst:40 msgid "Configure IP address of the DHCP `<server>` which will handle the relayed packets." msgstr "Configurar la dirección IP del DHCP `<server> ` que manejará los paquetes retransmitidos." -#: ../../configuration/vpn/sstp.rst:214 +#: ../../configuration/service/ipoe-server.rst:162 +#: ../../configuration/service/pppoe-server.rst:124 +#: ../../configuration/vpn/l2tp.rst:167 +#: ../../configuration/vpn/pptp.rst:107 +#: ../../configuration/vpn/sstp.rst:140 msgid "Configure RADIUS `<server>` and its required port for authentication requests." msgstr "Configurar RADIO `<server> ` y su puerto requerido para las solicitudes de autenticación." -#: ../../configuration/vpn/sstp.rst:218 +#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/pppoe-server.rst:90 +#: ../../configuration/vpn/l2tp.rst:133 +#: ../../configuration/vpn/pptp.rst:73 +#: ../../configuration/vpn/sstp.rst:106 msgid "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." msgstr "Configurar RADIO `<server> ` y su requerido compartido `<secret> ` para comunicarse con el servidor RADIUS." @@ -3246,23 +3516,39 @@ msgstr "Configurar RADIO `<server> ` y su requerido compartido `<secret> ` para msgid "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." msgstr "Configure la regla SNAT (40) solo para paquetes NAT con una dirección de destino de 192.0.2.1." +#: ../../configuration/service/ids.rst:74 +msgid "Configure TCP threshold parameters" +msgstr "Configure TCP threshold parameters" + +#: ../../configuration/service/ids.rst:79 +msgid "Configure UDP threshold parameters" +msgstr "Configure UDP threshold parameters" + #: ../../_include/interface-mtu.txt:4 msgid "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." msgstr "Configure :abbr:`MTU (Unidad máxima de transmisión)` en ` dado<interface> `. Es el tamaño (en bytes) de la trama Ethernet más grande enviada en este enlace." -#: ../../configuration/system/login.rst:375 +#: ../../configuration/system/login.rst:379 msgid "Configure `<message>` which is shown after user has logged in to the system." msgstr "Configurar `<message> ` que se muestra después de que el usuario haya iniciado sesión en el sistema." -#: ../../configuration/system/login.rst:370 +#: ../../configuration/system/login.rst:374 msgid "Configure `<message>` which is shown during SSH connect and before a user is logged in." msgstr "Configurar `<message> ` que se muestra durante la conexión SSH y antes de que un usuario inicie sesión." -#: ../../configuration/service/dns.rst:341 +#: ../../configuration/service/dns.rst:346 +msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:355 msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." msgstr "Configurar `<password> ` utilizado al autenticar la solicitud de actualización para el servicio DynDNS identificado por `<service> `." -#: ../../configuration/service/dns.rst:334 +#: ../../configuration/service/dns.rst:341 +msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:348 msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." msgstr "Configurar `<username> ` utilizado al autenticar la solicitud de actualización para el servicio DynDNS identificado por `<service> `. Para Namecheap, configure el<domain> desea actualizar." @@ -3274,13 +3560,13 @@ msgstr "Configure a URL that contains information about images." msgid "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." msgstr "Configure una dirección de agente de sFlow. Puede ser una dirección IPv4 o IPv6, pero debe establecer el mismo protocolo que se usa para las direcciones del recopilador sFlow. De manera predeterminada, se usa el id del enrutador del protocolo BGP o OSPF, o la dirección IP principal de la primera interfaz." -#: ../../configuration/protocols/bfd.rst:154 -#: ../../configuration/protocols/bfd.rst:167 +#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:174 msgid "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." msgstr "Configurar una ruta estática para<subnet> usando la puerta de enlace<address> , use la dirección de origen para identificar al par cuando se trata de una sesión de varios saltos y la dirección de la puerta de enlace como dirección de destino del par BFD." -#: ../../configuration/protocols/bfd.rst:148 -#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:155 +#: ../../configuration/protocols/bfd.rst:168 msgid "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." msgstr "Configurar una ruta estática para<subnet> usando la puerta de enlace<address> y use la dirección de la puerta de enlace como dirección de destino del par BFD." @@ -3304,6 +3590,10 @@ msgstr "Configure la dirección IP del agente asociada con esta interfaz." msgid "Configure aggregation delay timer interval." msgstr "Configure el intervalo del temporizador de retraso de agregación." +#: ../../configuration/service/ids.rst:24 +msgid "Configure alert script that will be executed when an attack is detected." +msgstr "Configure alert script that will be executed when an attack is detected." + #: ../../configuration/vpn/openconnect.rst:285 msgid "Configure an accounting server and enable accounting with:" msgstr "Configure un servidor de contabilidad y habilite la contabilidad con:" @@ -3328,6 +3618,10 @@ msgstr "Configurar back-end `<name> ` modo TCP o HTTP" msgid "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" msgstr "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" +#: ../../configuration/service/ids.rst:33 +msgid "Configure direction for processing traffic." +msgstr "Configure direction for processing traffic." + #: ../../configuration/service/console-server.rst:49 msgid "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." msgstr "Configure uno o dos bits de parada. Esto por defecto es un bit de parada si se deja sin configurar." @@ -3336,6 +3630,14 @@ msgstr "Configure uno o dos bits de parada. Esto por defecto es un bit de parada msgid "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." msgstr "Configure siete u ocho bits de datos. Esto tiene un valor predeterminado de ocho bits de datos si no se configura." +#: ../../configuration/service/ids.rst:64 +msgid "Configure general threshold parameters." +msgstr "Configure general threshold parameters." + +#: ../../configuration/service/ids.rst:28 +msgid "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." +msgstr "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." + #: ../../configuration/interfaces/bridge.rst:46 msgid "Configure individual bridge port `<priority>`." msgstr "Configurar puerto de puente individual `<priority> `." @@ -3353,6 +3655,14 @@ msgstr "Configure el comportamiento del host/enrutador especÃfico de la interfa msgid "Configure interface `<interface>` with one or more interface addresses." msgstr "Configurar interfaz `<interface> ` con una o más direcciones de interfaz." +#: ../../configuration/service/ids.rst:42 +msgid "Configure listen interface for mirroring traffic." +msgstr "Configure listen interface for mirroring traffic." + +#: ../../configuration/service/ids.rst:55 +msgid "Configure local IPv4 address to listen for sflow." +msgstr "Configure local IPv4 address to listen for sflow." + #: ../../configuration/service/snmp.rst:148 msgid "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" msgstr "Configure un nuevo usuario SNMP llamado "vyos" con la contraseña "vyos12345678"" @@ -3369,7 +3679,7 @@ msgstr "Configurar siguiente salto `<address> ` para una ruta estática IPv4. Se msgid "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." msgstr "Configurar siguiente salto `<address> ` para una ruta estática IPv6. Se pueden crear múltiples rutas estáticas." -#: ../../configuration/system/option.rst:95 +#: ../../configuration/system/option.rst:125 msgid "Configure one of the predefined system performance profiles." msgstr "Configure uno de los perfiles de rendimiento del sistema predefinidos." @@ -3381,7 +3691,7 @@ msgstr "Configure uno o más atributos para el servidor NTP dado." msgid "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." msgstr "Configure uno o más servidores para la sincronización. El nombre del servidor puede ser una dirección IP o :abbr:`FQDN (Nombre de dominio completo)`." -#: ../../configuration/service/dns.rst:264 +#: ../../configuration/service/dns.rst:249 msgid "Configure optional TTL value on the given resource record. This defaults to 600 seconds." msgstr "Configure el valor TTL opcional en el registro de recursos dado. Esto por defecto es de 600 segundos." @@ -3405,6 +3715,10 @@ msgstr "Configure la duplicación de puertos para el tráfico saliente de la &qu msgid "Configure port number of remote VXLAN endpoint." msgstr "Configure el número de puerto del extremo VXLAN remoto." +#: ../../configuration/service/ids.rst:59 +msgid "Configure port number to be used for sflow conection. Default port is 6343." +msgstr "Configure port number to be used for sflow conection. Default port is 6343." + #: ../../configuration/system/syslog.rst:73 msgid "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." msgstr "Configure el protocolo utilizado para la comunicación con el host de syslog remoto. Esto puede ser UDP o TCP." @@ -3429,7 +3743,7 @@ msgstr "Configurar servicio `<name> ` modo TCP o HTTP" msgid "Configure service `<name>` to use the backend <name>" msgstr "Configurar servicio `<name> ` para usar el backend<name>" -#: ../../configuration/system/login.rst:394 +#: ../../configuration/system/login.rst:398 msgid "Configure session timeout after which the user will be logged out." msgstr "Configure el tiempo de espera de la sesión después del cual se cerrará la sesión del usuario." @@ -3445,7 +3759,7 @@ msgstr "Configure the A-side router for NPTv6 using the prefixes above:" msgid "Configure the B-side router for NPTv6 using the prefixes above:" msgstr "Configure the B-side router for NPTv6 using the prefixes above:" -#: ../../configuration/service/dns.rst:247 +#: ../../configuration/service/dns.rst:236 msgid "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." msgstr "Configurar el DNS `<server> ` IP/FQDN utilizado al actualizar esta asignación dinámica." @@ -3457,11 +3771,11 @@ msgstr "Configure la dirección de escucha IPv4 o IPv6 del servidor TFTP. Se pue msgid "Configure the connection tracking protocol helper modules. All modules are enable by default." msgstr "Configure los módulos auxiliares del protocolo de seguimiento de conexión. Todos los módulos están habilitados por defecto." -#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:256 msgid "Configure the discrete port under which the RADIUS server can be reached." msgstr "Configure el puerto discreto bajo el cual se puede acceder al servidor RADIUS." -#: ../../configuration/system/login.rst:321 +#: ../../configuration/system/login.rst:325 msgid "Configure the discrete port under which the TACACS server can be reached." msgstr "Configure el puerto discreto bajo el cual se puede acceder al servidor TACACS." @@ -3469,6 +3783,10 @@ msgstr "Configure el puerto discreto bajo el cual se puede acceder al servidor T msgid "Configure the load-balancing reverse-proxy service for HTTP." msgstr "Configure el servicio de proxy inverso de equilibrio de carga para HTTP." +#: ../../configuration/service/ids.rst:46 +msgid "Configure traffic capture mode." +msgstr "Configure traffic capture mode." + #: ../../_include/interface-mac.txt:4 msgid "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." msgstr "Configure la dirección :abbr:`MAC (Control de acceso a medios)` definida por el usuario en `<interface> `." @@ -3489,10 +3807,54 @@ msgstr "Valor configurado" msgid "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." msgstr "Configura el altavoz BGP para que solo acepte conexiones entrantes, pero no inicie conexiones salientes con el par o grupo de pares." +#: ../../configuration/service/ipoe-server.rst:27 +msgid "Configuring IPoE Server" +msgstr "Configuring IPoE Server" + +#: ../../configuration/vpn/l2tp.rst:57 +msgid "Configuring IPsec" +msgstr "Configuring IPsec" + +#: ../../configuration/vpn/l2tp.rst:12 +msgid "Configuring L2TP Server" +msgstr "Configuring L2TP Server" + +#: ../../configuration/vpn/l2tp.rst:270 +msgid "Configuring LNS (L2TP Network Server)" +msgstr "Configuring LNS (L2TP Network Server)" + +#: ../../configuration/service/pppoe-server.rst:18 +msgid "Configuring PPPoE Server" +msgstr "Configuring PPPoE Server" + +#: ../../configuration/vpn/pptp.rst:13 +msgid "Configuring PPTP Server" +msgstr "Configuring PPTP Server" + #: ../../configuration/vpn/openconnect.rst:279 msgid "Configuring RADIUS accounting" msgstr "Configuración de la contabilidad de RADIUS" +#: ../../configuration/service/ipoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:76 +#: ../../configuration/vpn/l2tp.rst:119 +#: ../../configuration/vpn/pptp.rst:59 +#: ../../configuration/vpn/sstp.rst:92 +msgid "Configuring RADIUS authentication" +msgstr "Configuring RADIUS authentication" + +#: ../../configuration/vpn/sstp.rst:24 +msgid "Configuring SSTP Server" +msgstr "Configuring SSTP Server" + +#: ../../configuration/vpn/sstp.rst:476 +msgid "Configuring SSTP client" +msgstr "Configuring SSTP client" + +#: ../../configuration/vpn/ipsec.rst:494 +msgid "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." +msgstr "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." + #: ../../configuration/service/tftp-server.rst:39 msgid "Configuring a listen-address is essential for the service to work." msgstr "La configuración de una dirección de escucha es esencial para que el servicio funcione." @@ -3502,11 +3864,15 @@ msgstr "La configuración de una dirección de escucha es esencial para que el s msgid "Connect/Disconnect" msgstr "Conectar/Desconectar" -#: ../../configuration/vpn/sstp.rst:155 +#: ../../configuration/service/ipoe-server.rst:376 +#: ../../configuration/service/pppoe-server.rst:546 +#: ../../configuration/vpn/l2tp.rst:500 +#: ../../configuration/vpn/pptp.rst:424 +#: ../../configuration/vpn/sstp.rst:458 msgid "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." msgstr "El cliente conectado debe usar `<address> ` como su servidor DNS. Este comando acepta direcciones IPv4 e IPv6. Se pueden configurar hasta dos servidores de nombres para IPv4, hasta tres para IPv6." -#: ../../configuration/protocols/rpki.rst:129 +#: ../../configuration/protocols/rpki.rst:143 msgid "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." msgstr "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." @@ -3542,7 +3908,7 @@ msgstr "Consola" msgid "Console Server" msgstr "Servidor de consola" -#: ../../configuration/container/index.rst:106 +#: ../../configuration/container/index.rst:111 msgid "Constrain the memory available to the container." msgstr "Restringe la memoria disponible para el contenedor." @@ -3550,6 +3916,14 @@ msgstr "Restringe la memoria disponible para el contenedor." msgid "Container" msgstr "Envase" +#: ../../configuration/container/index.rst:136 +msgid "Container Networks" +msgstr "Container Networks" + +#: ../../configuration/container/index.rst:156 +msgid "Container Registry" +msgstr "Container Registry" + #: ../../configuration/system/conntrack.rst:65 msgid "Contrack Timeouts" msgstr "Contrack Timeouts" @@ -3590,7 +3964,10 @@ msgstr "Cree un rango de direcciones DHCP con una identificación de rango de `< msgid "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" msgstr "Cree un registro DNS por arrendamiento de cliente, agregando clientes al archivo /etc/hosts. La entrada tendrá formato: `<shared-network-name> _<hostname> .<domain-name> `" -#: ../../configuration/vpn/sstp.rst:70 +#: ../../configuration/service/pppoe-server.rst:49 +#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/pptp.rst:38 +#: ../../configuration/vpn/sstp.rst:63 msgid "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." msgstr "Crear `<user> ` para la autenticación local en este sistema. La contraseña de los usuarios se establecerá en `<pass> `." @@ -3606,6 +3983,10 @@ msgstr "Cree un archivo llamado ``VyOS-1.3.6.1.4.1.44641.ConfigMgmt-Commands`` u msgid "Create a load balancing rule, it can be a number between 1 and 9999:" msgstr "Cree una regla de equilibrio de carga, puede ser un número entre 1 y 9999:" +#: ../../configuration/service/dhcp-server.rst:189 +msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." +msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." + #: ../../configuration/service/dhcp-server.rst:183 msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." msgstr "Cree una nueva asignación estática de DHCP llamada `<description> ` que es válido para el host identificado por su MAC `<address> `." @@ -3614,31 +3995,31 @@ msgstr "Cree una nueva asignación estática de DHCP llamada `<description> ` qu msgid "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." msgstr "Cree una nueva interfaz VLAN en la interfaz `<interface> ` utilizando el número de VLAN proporcionado a través de `<vlan-id> `." -#: ../../configuration/pki/index.rst:40 -#: ../../configuration/pki/index.rst:45 +#: ../../configuration/pki/index.rst:42 +#: ../../configuration/pki/index.rst:47 msgid "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." msgstr "Cree una nueva :abbr:`CA (Autoridad de certificación)` y genere la clave pública y privada de las CA en la consola." -#: ../../configuration/pki/index.rst:67 -#: ../../configuration/pki/index.rst:71 +#: ../../configuration/pki/index.rst:69 +#: ../../configuration/pki/index.rst:73 msgid "Create a new public/private keypair and output the certificate on the console." msgstr "Cree un nuevo par de claves pública/privada y emita el certificado en la consola." -#: ../../configuration/pki/index.rst:89 -#: ../../configuration/pki/index.rst:94 +#: ../../configuration/pki/index.rst:91 +#: ../../configuration/pki/index.rst:96 msgid "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." msgstr "Cree un nuevo par de claves pública/privada que esté firmada por la CA a la que hace referencia `ca-name`. A continuación, el certificado firmado se envÃa a la consola." -#: ../../configuration/pki/index.rst:77 -#: ../../configuration/pki/index.rst:82 +#: ../../configuration/pki/index.rst:79 +#: ../../configuration/pki/index.rst:84 msgid "Create a new self-signed certificate. The public/private is then shown on the console." msgstr "Cree un nuevo certificado autofirmado. A continuación, se muestra el público/privado en la consola." -#: ../../configuration/pki/index.rst:52 +#: ../../configuration/pki/index.rst:54 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." msgstr "Cree un nuevo subordinado :abbr:`CA (autoridad de certificación)` y fÃrmelo con la clave privada a la que hace referencia `ca-name`." -#: ../../configuration/pki/index.rst:57 +#: ../../configuration/pki/index.rst:59 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." msgstr "Cree un nuevo subordinado :abbr:`CA (autoridad de certificación)` y fÃrmelo con la clave privada a la que hace referencia `nombre`." @@ -3686,10 +4067,15 @@ msgstr "Crear llamado `<alias> ` para la asignación estática configurada para msgid "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." msgstr "Crea una nueva instancia VRF con `<name> `. El nombre se utiliza al colocar interfaces individuales en el VRF." -#: ../../configuration/service/dns.rst:234 +#: ../../configuration/service/dns.rst:248 msgid "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." msgstr "Cree una nueva configuración de actualización de DNS :rfc:`2136` que actualizará la dirección IP asignada a `<interface> ` en el servicio que configuró en `<service-name> `." +#: ../../configuration/service/dns.rst:221 +#: ../../configuration/service/dns.rst:326 +msgid "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +msgstr "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." + #: ../../configuration/system/login.rst:21 msgid "Create new system user with username `<name>` and real-name specified by `<string>`." msgstr "Crear nuevo usuario del sistema con nombre de usuario `<name> ` y nombre real especificado por `<string> `." @@ -3698,10 +4084,14 @@ msgstr "Crear nuevo usuario del sistema con nombre de usuario `<name> ` y nombre msgid "Create service `<name>` to listen on <port>" msgstr "Crear servicio `<name> ` para escuchar<port>" -#: ../../configuration/container/index.rst:132 +#: ../../configuration/container/index.rst:140 msgid "Creates a named container network" msgstr "Crea una red de contenedores con nombre" +#: ../../configuration/service/ipoe-server.rst:55 +msgid "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" +msgstr "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" + #: ../../configuration/vpn/dmvpn.rst:83 msgid "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." msgstr "Crea una asignación de pares estática de la dirección del protocolo a la dirección :abbr:`NBMA (red de acceso múltiple sin transmisión)`." @@ -3722,6 +4112,10 @@ msgstr "Creación de una polÃtica de tráfico" msgid "Creating rules for using flow tables:" msgstr "Creating rules for using flow tables:" +#: ../../configuration/container/index.rst:173 +msgid "Credentials can be defined here and will only be used when adding a container image to the system." +msgstr "Credentials can be defined here and will only be used when adding a container image to the system." + #: ../../configuration/system/syslog.rst:178 msgid "Critical" msgstr "crÃtico" @@ -3754,7 +4148,7 @@ msgstr "LÃmite de saltos en curso" msgid "Currently does not do much as caching is not implemented." msgstr "Actualmente no hace mucho ya que el almacenamiento en caché no está implementado." -#: ../../configuration/vrf/index.rst:86 +#: ../../configuration/vrf/index.rst:105 msgid "Currently dynamic routing is supported for the following protocols:" msgstr "Actualmente, el enrutamiento dinámico es compatible con los siguientes protocolos:" @@ -3778,7 +4172,7 @@ msgstr "Custom firewall chains can be created, with commands ``set firewall ipv4 msgid "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." msgstr "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." -#: ../../configuration/highavailability/index.rst:373 +#: ../../configuration/highavailability/index.rst:383 msgid "Custom health-check script allows checking real-server availability" msgstr "El script de verificación de estado personalizado permite verificar la disponibilidad del servidor real" @@ -3794,6 +4188,10 @@ msgstr "DCO se puede habilitar tanto para túneles nuevos como existentes. VyOS msgid "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." msgstr "La compatibilidad con DCO es una opción por túnel y no se habilita automáticamente de forma predeterminada para túneles nuevos o actualizados. Los túneles existentes seguirán funcionando como hasta ahora." +#: ../../configuration/service/ids.rst:5 +msgid "DDoS Protection" +msgstr "DDoS Protection" + #: ../../configuration/service/dhcp-relay.rst:5 msgid "DHCP Relay" msgstr "Retransmisión DHCP" @@ -3802,15 +4200,15 @@ msgstr "Retransmisión DHCP" msgid "DHCP Server" msgstr "servidor DHCP" -#: ../../configuration/service/dhcp-server.rst:351 +#: ../../configuration/service/dhcp-server.rst:357 msgid "DHCP failover parameters" msgstr "Parámetros de conmutación por error de DHCP" -#: ../../configuration/service/dhcp-server.rst:341 +#: ../../configuration/service/dhcp-server.rst:347 msgid "DHCP lease range" msgstr "Rango de concesión de DHCP" -#: ../../configuration/service/dhcp-server.rst:377 +#: ../../configuration/service/dhcp-server.rst:383 msgid "DHCP range spans from `192.168.189.10` - `192.168.189.250`" msgstr "El rango de DHCP abarca desde `192.168.189.10` - `192.168.189.250`" @@ -3822,7 +4220,7 @@ msgstr "Ejemplo de retransmisión DHCP" msgid "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." msgstr "El servidor DHCP está ubicado en la dirección IPv4 10.0.1.4 en ``eth2``." -#: ../../configuration/service/dhcp-server.rst:584 +#: ../../configuration/service/dhcp-server.rst:590 msgid "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." msgstr "Los grupos de direcciones DHCPv6 deben configurarse para que el sistema actúe como un servidor DHCPv6. El siguiente ejemplo describe un escenario común." @@ -3887,11 +4285,11 @@ msgstr "servidores de nombres DNS" msgid "DNS search list to advertise" msgstr "Lista de búsqueda de DNS para anunciar" -#: ../../configuration/service/dhcp-server.rst:261 +#: ../../configuration/service/dhcp-server.rst:267 msgid "DNS server IPv4 address" msgstr "Dirección IPv4 del servidor DNS" -#: ../../configuration/service/dhcp-server.rst:591 +#: ../../configuration/service/dhcp-server.rst:597 msgid "DNS server is located at ``2001:db8::ffff``" msgstr "El servidor DNS está ubicado en ``2001:db8::ffff``" @@ -3903,7 +4301,7 @@ msgstr "Valores DSCP según :rfc:`2474` y :rfc:`4595`:" msgid "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" msgstr "Modo DSSS/CCK en 40 MHz, esto establece ``[DSSS_CCK-40]``" -#: ../../configuration/firewall/ipv4.rst:444 +#: ../../configuration/firewall/ipv4.rst:467 #: ../../configuration/firewall/ipv6.rst:451 msgid "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." msgstr "Los datos son proporcionados por DB-IP.com bajo licencia CC-BY-4.0. Se requiere atribución, permite la redistribución para que podamos incluir una base de datos en imágenes (~3 MB comprimidos). Incluye secuencia de comandos cron (invocable manualmente por geoip de actualización de modo operativo) para mantener la base de datos y las reglas actualizadas." @@ -3940,15 +4338,18 @@ msgstr "Puerta de enlace/ruta predeterminada" msgid "Default Router Preference" msgstr "Preferencia de enrutador predeterminado" -#: ../../configuration/vpn/sstp.rst:201 +#: ../../configuration/service/pppoe-server.rst:509 +#: ../../configuration/vpn/l2tp.rst:463 +#: ../../configuration/vpn/pptp.rst:387 +#: ../../configuration/vpn/sstp.rst:421 msgid "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." msgstr "Comportamiento predeterminado: no le pida al cliente mppe, pero permÃtalo si el cliente lo desea. Tenga en cuenta que RADIUS puede anular esta opción mediante el atributo MS-MPPE-Encryption-Policy." -#: ../../configuration/service/dhcp-server.rst:374 +#: ../../configuration/service/dhcp-server.rst:380 msgid "Default gateway and DNS server is at `192.0.2.254`" msgstr "La puerta de enlace predeterminada y el servidor DNS están en `192.0.2.254`" -#: ../../configuration/container/index.rst:108 +#: ../../configuration/container/index.rst:113 msgid "Default is 512 MB. Use 0 MB for unlimited memory." msgstr "El valor predeterminado es 512 MB. Use 0 MB para memoria ilimitada." @@ -3976,7 +4377,7 @@ msgstr "El valor predeterminado es 'uid'" msgid "Defaults to 225.0.0.50." msgstr "El valor predeterminado es 225.0.0.50." -#: ../../configuration/system/option.rst:68 +#: ../../configuration/system/option.rst:98 msgid "Defaults to ``us``." msgstr "El valor predeterminado es ``nosotros``." @@ -3988,6 +4389,10 @@ msgstr "Definir tiempos de espera de conexión" msgid "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." msgstr "Defina la dirección de administración IPv4/IPv6 transmitida a través de LLDP. Se pueden definir varias direcciones. Solo se transmitirán las direcciones conectadas al sistema." +#: ../../configuration/container/index.rst:148 +msgid "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." +msgstr "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." + #: ../../configuration/firewall/groups.rst:52 msgid "Define a IPv4 or IPv6 Network group." msgstr "Defina un grupo de red IPv4 o IPv6." @@ -4040,6 +4445,10 @@ msgstr "Defina diferentes modos para enviar respuestas en respuesta a las solici msgid "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." msgstr "Defina diferentes niveles de restricción para anunciar la dirección IP de origen local de los paquetes IP en las solicitudes ARP enviadas en la interfaz." +#: ../../configuration/service/ntp.rst:88 +msgid "Define how to handle leaf-seonds." +msgstr "Define how to handle leaf-seonds." + #: ../../configuration/firewall/flowtables.rst:71 msgid "Define interfaces to be used in the flowtable." msgstr "Define interfaces to be used in the flowtable." @@ -4080,7 +4489,7 @@ msgstr "Defina la zona como una zona local. Una zona local no tiene interfaces y msgid "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." msgstr "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." -#: ../../configuration/protocols/rpki.rst:114 +#: ../../configuration/protocols/rpki.rst:128 msgid "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." msgstr "Definió el IPv4, IPv6 o FQDN y el número de puerto de la instancia de almacenamiento en caché RPKI de almacenamiento en caché que se utiliza." @@ -4092,26 +4501,47 @@ msgstr "Define fuentes alternativas para multidifusión y datos IGMP. La direcci msgid "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." msgstr "Define un prefijo de red fuera de NBMA para el cual la interfaz GRE actuará como puerta de enlace. Esta es una alternativa a la definición de interfaces locales con indicador de destino de acceso directo." -#: ../../configuration/protocols/static.rst:120 -#: ../../configuration/protocols/static.rst:133 +#: ../../configuration/protocols/static.rst:154 +#: ../../configuration/protocols/static.rst:167 msgid "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Define la distancia del agujero negro para esta ruta, las rutas con menor distancia administrativa se eligen antes que las de mayor distancia." +#: ../../configuration/service/pppoe-server.rst:496 +#: ../../configuration/vpn/l2tp.rst:450 +#: ../../configuration/vpn/pptp.rst:374 +#: ../../configuration/vpn/sstp.rst:408 +msgid "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." +msgstr "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." + #: ../../configuration/protocols/static.rst:34 #: ../../configuration/protocols/static.rst:54 -#: ../../configuration/protocols/static.rst:81 -#: ../../configuration/protocols/static.rst:101 +#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:124 msgid "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Define la distancia del siguiente salto para esta ruta, las rutas con menor distancia administrativa se eligen antes que aquellas con mayor distancia." +#: ../../configuration/service/pppoe-server.rst:515 +#: ../../configuration/vpn/l2tp.rst:469 +#: ../../configuration/vpn/pptp.rst:393 +#: ../../configuration/vpn/sstp.rst:427 +msgid "Defines preferred MRU. By default is not defined." +msgstr "Defines preferred MRU. By default is not defined." + #: ../../configuration/protocols/failover.rst:31 msgid "Defines protocols for checking ARP, ICMP, TCP" msgstr "Define protocolos para verificar ARP, ICMP, TCP" -#: ../../configuration/vpn/sstp.rst:178 +#: ../../configuration/vpn/sstp.rst:184 msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." msgstr "Define el máximo `<number> ` de solicitudes de eco no respondidas. Al llegar al valor `<number> `, la sesión se reiniciará." +#: ../../configuration/service/pppoe-server.rst:479 +#: ../../configuration/vpn/l2tp.rst:433 +#: ../../configuration/vpn/pptp.rst:357 +#: ../../configuration/vpn/sstp.rst:391 +msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." +msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." + #: ../../configuration/system/console.rst:21 msgid "Defines the specified device as a system console. Available console devices can be (see completion helper):" msgstr "Define el dispositivo especificado como una consola del sistema. Los dispositivos de consola disponibles pueden ser (consulte el asistente de finalización):" @@ -4120,15 +4550,15 @@ msgstr "Define el dispositivo especificado como una consola del sistema. Los dis msgid "Defining Peers" msgstr "Definición de compañeros" -#: ../../configuration/service/dhcp-server.rst:579 +#: ../../configuration/service/dhcp-server.rst:585 msgid "Delegate prefixes from the range indicated by the start and stop qualifier." msgstr "Prefijos delegados del rango indicado por el calificador de inicio y fin." -#: ../../configuration/policy/route-map.rst:231 +#: ../../configuration/policy/route-map.rst:234 msgid "Delete BGP communities matching the community-list." msgstr "Elimine las comunidades BGP que coincidan con la lista de comunidades." -#: ../../configuration/policy/route-map.rst:246 +#: ../../configuration/policy/route-map.rst:249 msgid "Delete BGP communities matching the large-community-list." msgstr "Elimine las comunidades BGP que coincidan con la lista de comunidades grandes." @@ -4136,11 +4566,15 @@ msgstr "Elimine las comunidades BGP que coincidan con la lista de comunidades gr msgid "Delete Logs" msgstr "Eliminar registros" -#: ../../configuration/policy/route-map.rst:226 +#: ../../configuration/container/index.rst:211 +msgid "Delete a particular container image based on it's image ID. You can also delete all container images at once." +msgstr "Delete a particular container image based on it's image ID. You can also delete all container images at once." + +#: ../../configuration/policy/route-map.rst:229 msgid "Delete all BGP communities" msgstr "Eliminar todas las comunidades BGP" -#: ../../configuration/policy/route-map.rst:241 +#: ../../configuration/policy/route-map.rst:244 msgid "Delete all BGP large-communities" msgstr "Eliminar todas las comunidades grandes de BGP" @@ -4205,15 +4639,37 @@ msgstr "Los dispositivos que evalúan si una dirección IPv4 es pública deben a msgid "Different NAT Types" msgstr "Diferentes tipos de NAT" -#: ../../configuration/pki/index.rst:100 +#: ../../configuration/pki/index.rst:102 msgid "Diffie-Hellman parameters" msgstr "Parámetros de Diffie-Hellman" +#: ../../configuration/service/ids.rst:93 +msgid "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." +msgstr "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." + +#: ../../configuration/system/option.rst:46 +msgid "Disable CPU power saving mechanisms also known as C states." +msgstr "Disable CPU power saving mechanisms also known as C states." + +#: ../../configuration/service/pppoe-server.rst:457 +#: ../../configuration/vpn/l2tp.rst:411 +#: ../../configuration/vpn/pptp.rst:335 +#: ../../configuration/vpn/sstp.rst:369 +msgid "Disable Compression Control Protocol (CCP). CCP is enabled by default." +msgstr "Disable Compression Control Protocol (CCP). CCP is enabled by default." + #: ../../configuration/protocols/pim6.rst:37 msgid "Disable MLD reports and query on the interface." msgstr "Disable MLD reports and query on the interface." -#: ../../configuration/vpn/sstp.rst:75 +#: ../../configuration/system/login.rst:39 +msgid "Disable (lock) account. User will not be able to log in." +msgstr "Disable (lock) account. User will not be able to log in." + +#: ../../configuration/service/pppoe-server.rst:432 +#: ../../configuration/vpn/l2tp.rst:376 +#: ../../configuration/vpn/pptp.rst:300 +#: ../../configuration/vpn/sstp.rst:334 msgid "Disable `<user>` account." msgstr "Deshabilitar `<user> ` cuenta." @@ -4221,11 +4677,23 @@ msgstr "Deshabilitar `<user> ` cuenta." msgid "Disable a BFD peer" msgstr "Deshabilitar un compañero BFD" -#: ../../configuration/container/index.rst:128 +#: ../../configuration/container/index.rst:133 msgid "Disable a container." msgstr "Deshabilitar un contenedor." -#: ../../configuration/firewall/ipv4.rst:930 +#: ../../configuration/container/index.rst:166 +msgid "Disable a given container registry" +msgstr "Disable a given container registry" + +#: ../../configuration/system/option.rst:35 +msgid "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." +msgstr "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." + +#: ../../configuration/service/conntrack-sync.rst:103 +msgid "Disable connection logging via Syslog." +msgstr "Disable connection logging via Syslog." + +#: ../../configuration/firewall/ipv4.rst:953 #: ../../configuration/firewall/ipv6.rst:939 msgid "Disable conntrack loose track option" msgstr "Disable conntrack loose track option" @@ -4242,7 +4710,7 @@ msgstr "Deshabilite el servicio de retransmisión dhcpv6." msgid "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." msgstr "Deshabilitar dado `<interface> `. Se colocará en estado administrativamente inactivo (``A/D``)." -#: ../../configuration/protocols/bgp.rst:616 +#: ../../configuration/protocols/bgp.rst:628 msgid "Disable immediate session reset if peer's connected link goes down." msgstr "Deshabilite el restablecimiento inmediato de la sesión si el enlace conectado del compañero se cae." @@ -4286,11 +4754,11 @@ msgstr "Deshabilitado de forma predeterminada: no se ha cargado ningún módulo msgid "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." msgstr "Deshabilita el almacenamiento en caché de la información de pares de los paquetes de respuesta de resolución NHRP reenviados. Esto se puede usar para reducir el consumo de memoria en grandes subredes NBMA." -#: ../../configuration/protocols/static.rst:76 +#: ../../configuration/protocols/static.rst:99 msgid "Disables interface-based IPv4 static route." msgstr "Deshabilita la ruta estática IPv4 basada en la interfaz." -#: ../../configuration/protocols/static.rst:96 +#: ../../configuration/protocols/static.rst:119 msgid "Disables interface-based IPv6 static route." msgstr "Deshabilita la ruta estática IPv6 basada en la interfaz." @@ -4306,7 +4774,7 @@ msgstr "Deshabilita el filtrado web sin descartar la configuración." msgid "Disables web proxy transparent mode at a listening address." msgstr "Deshabilita el modo transparente de proxy web en una dirección de escucha." -#: ../../configuration/service/router-advert.rst:73 +#: ../../configuration/service/router-advert.rst:99 msgid "Disabling Advertisements" msgstr "Deshabilitar anuncios" @@ -4326,11 +4794,11 @@ msgstr "Las desventajas son:" msgid "Disassociate stations based on excessive transmission failures or other indications of connection loss." msgstr "Desasocie las estaciones en función de fallas de transmisión excesivas u otras indicaciones de pérdida de conexión." -#: ../../configuration/vrf/index.rst:142 +#: ../../configuration/vrf/index.rst:161 msgid "Display IPv4 routing table for VRF identified by `<name>`." msgstr "Muestra la tabla de enrutamiento IPv4 para VRF identificado por `<name> `." -#: ../../configuration/vrf/index.rst:161 +#: ../../configuration/vrf/index.rst:180 msgid "Display IPv6 routing table for VRF identified by `<name>`." msgstr "Muestra la tabla de enrutamiento IPv6 para VRF identificado por `<name> `." @@ -4338,7 +4806,7 @@ msgstr "Muestra la tabla de enrutamiento IPv6 para VRF identificado por `<name> msgid "Display Logs" msgstr "Mostrar registros" -#: ../../configuration/system/login.rst:188 +#: ../../configuration/system/login.rst:192 msgid "Display OTP key for user" msgstr "Mostrar clave OTP para el usuario" @@ -4346,11 +4814,11 @@ msgstr "Mostrar clave OTP para el usuario" msgid "Display all authorization attempts of the specified image" msgstr "Mostrar todos los intentos de autorización de la imagen especificada" -#: ../../configuration/protocols/static.rst:200 +#: ../../configuration/protocols/static.rst:233 msgid "Display all known ARP table entries on a given interface only (`eth1`):" msgstr "Mostrar todas las entradas de la tabla ARP conocidas solo en una interfaz dada (`eth1`):" -#: ../../configuration/protocols/static.rst:188 +#: ../../configuration/protocols/static.rst:221 msgid "Display all known ARP table entries spanning across all interfaces" msgstr "Muestra todas las entradas de la tabla ARP conocidas que abarcan todas las interfaces" @@ -4382,7 +4850,7 @@ msgstr "Muestra información sobre todos los vecinos descubiertos a través de L msgid "Displays queue information for a PPPoE interface." msgstr "Muestra información de la cola para una interfaz PPPoE." -#: ../../configuration/vrf/index.rst:213 +#: ../../configuration/vrf/index.rst:232 msgid "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." msgstr "Muestra los paquetes de ruta llevados a un host de red utilizando una instancia de VRF identificada por `<name> `. Cuando se utiliza la opción IPv4 o IPv6, muestra los paquetes de ruta llevados a la familia de direcciones IP de los hosts dados. Esta opción es útil cuando el host se especifica como un nombre de host en lugar de una dirección IP." @@ -4390,14 +4858,28 @@ msgstr "Muestra los paquetes de ruta llevados a un host de red utilizando una in msgid "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." msgstr "*No* edite manualmente `/etc/hosts`. Este archivo se regenerará automáticamente al arrancar según la configuración de esta sección, lo que significa que perderá todas las ediciones manuales. En su lugar, configure las asignaciones de host estático de la siguiente manera." +#: ../../configuration/system/ip.rst:55 +#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:85 +msgid "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + +#: ../../configuration/system/ipv6.rst:51 +msgid "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + #: ../../_include/interface-ipv6.txt:37 msgid "Do not assign a link-local IPv6 address to this interface." msgstr "No asigne una dirección IPv6 de enlace local a esta interfaz." -#: ../../configuration/trafficpolicy/index.rst:1208 +#: ../../configuration/trafficpolicy/index.rst:1210 msgid "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." msgstr "No configure IFB como primer paso. Primero cree todo lo demás de su polÃtica de tráfico y luego puede configurar IFB. De lo contrario, es posible que obtenga el error ``RTNETLINK respuesta: el archivo existe``, que se puede resolver con ``sudo ip link delete ifb0``." +#: ../../configuration/protocols/bgp.rst:609 +msgid "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." +msgstr "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." + #: ../../configuration/service/dns.rst:103 msgid "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." msgstr "No use el archivo ``/etc/hosts`` local en la resolución de nombres. El servidor DHCP de VyOS utilizará este archivo para agregar resolutores a las direcciones asignadas." @@ -4426,7 +4908,7 @@ msgstr "Nombre(s) de dominio para los cuales obtener el certificado" msgid "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." msgstr "Los nombres de dominio pueden incluir letras, números, guiones y puntos con una longitud máxima de 253 caracteres." -#: ../../configuration/pki/index.rst:259 +#: ../../configuration/pki/index.rst:290 msgid "Domain names to apply, multiple domain-names can be specified." msgstr "Domain names to apply, multiple domain-names can be specified." @@ -4435,19 +4917,19 @@ msgstr "Domain names to apply, multiple domain-names can be specified." msgid "Domain search order" msgstr "Orden de búsqueda de dominio" -#: ../../configuration/pki/index.rst:25 +#: ../../configuration/pki/index.rst:27 msgid "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" msgstr "No tenga miedo de que necesite volver a hacer su configuración. La transformación clave está a cargo, como siempre, de nuestros scripts de migración, por lo que esta será una transición sin problemas para usted." -#: ../../configuration/protocols/bgp.rst:1172 +#: ../../configuration/protocols/bgp.rst:1194 msgid "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "No olvide, el CIDR declarado en la declaración de red **DEBE existir en su tabla de enrutamiento (dinámica o estática), la mejor manera de asegurarse de que sea cierto es creando una ruta estática:**" -#: ../../configuration/protocols/bgp.rst:1126 +#: ../../configuration/protocols/bgp.rst:1148 msgid "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "No olvide que el CIDR declarado en la declaración de red DEBE **existir en su tabla de enrutamiento (dinámico o estático), la mejor manera de asegurarse de que sea cierto es creando una ruta estática:**" -#: ../../configuration/vpn/site2site_ipsec.rst:299 +#: ../../configuration/vpn/site2site_ipsec.rst:302 msgid "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." msgstr "No se confunda con la subred del túnel /31 utilizada. :rfc:`3021` le brinda información adicional para usar subredes /31 en enlaces punto a punto." @@ -4459,10 +4941,17 @@ msgstr "Descargar/Actualizar lista negra completa" msgid "Download/Update partial blacklist." msgstr "Descargar/Actualizar lista negra parcial." -#: ../../configuration/vpn/sstp.rst:85 +#: ../../configuration/service/pppoe-server.rst:262 +#: ../../configuration/vpn/l2tp.rst:386 +#: ../../configuration/vpn/pptp.rst:310 +#: ../../configuration/vpn/sstp.rst:344 msgid "Download bandwidth limit in kbit/s for `<user>`." msgstr "LÃmite de ancho de banda de descarga en kbit/s para `<user> `." +#: ../../configuration/service/ipoe-server.rst:320 +msgid "Download bandwidth limit in kbit/s for user on interface `<interface>`." +msgstr "Download bandwidth limit in kbit/s for user on interface `<interface>`." + #: ../../configuration/policy/route-map.rst:202 msgid "Drop AS-NUMBER from the BGP AS path." msgstr "Suelte AS-NUMBER de la ruta BGP AS." @@ -4479,7 +4968,7 @@ msgstr "Tasa de abandono" msgid "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" msgstr "Los paquetes descartados informados en el canal DROPMON Netlink por el kernel de Linux se exportan a través de la extensión estándar sFlow v5 para informar paquetes descartados" -#: ../../configuration/service/pppoe-server.rst:367 +#: ../../configuration/service/pppoe-server.rst:625 msgid "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" msgstr "Aprovisionamiento de doble pila IPv4/IPv6 con delegación de prefijo" @@ -4495,19 +4984,23 @@ msgstr "Interfaz ficticia" msgid "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." msgstr "Las interfaces ficticias se pueden usar como interfaces que siempre permanecen activas (de la misma manera que los bucles invertidos en Cisco IOS) o con fines de prueba." -#: ../../configuration/vrf/index.rst:193 +#: ../../configuration/vrf/index.rst:212 msgid "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." msgstr "Los paquetes duplicados no se incluyen en el cálculo de pérdida de paquetes, aunque el tiempo de ida y vuelta de estos paquetes se usa para calcular los números de tiempo de ida y vuelta mÃnimo/promedio/máximo." -#: ../../configuration/pki/index.rst:285 +#: ../../configuration/pki/index.rst:316 msgid "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" msgstr "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" +#: ../../configuration/vpn/ipsec.rst:568 +msgid "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." +msgstr "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." + #: ../../configuration/service/ssh.rst:113 msgid "Dynamic-protection" msgstr "Protección dinámica" -#: ../../configuration/service/dns.rst:212 +#: ../../configuration/service/dns.rst:199 msgid "Dynamic DNS" msgstr "DNS Dinámico" @@ -4519,11 +5012,11 @@ msgstr "EAPoL viene con una opción de identificación. Usamos automáticamente msgid "ESP Phase:" msgstr "Fase ESP:" -#: ../../configuration/vpn/ipsec.rst:111 +#: ../../configuration/vpn/ipsec.rst:113 msgid "ESP (Encapsulating Security Payload) Attributes" msgstr "Atributos de ESP (Carga útil de seguridad encapsulada)" -#: ../../configuration/vpn/ipsec.rst:112 +#: ../../configuration/vpn/ipsec.rst:115 msgid "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" msgstr "ESP se utiliza para proporcionar confidencialidad, autenticación de origen de datos, integridad sin conexión, un servicio anti-reproducción (una forma de integridad de secuencia parcial) y confidencialidad de flujo de tráfico limitado. https://datatracker.ietf.org/doc/html/rfc4303" @@ -4587,7 +5080,7 @@ msgstr "Habilita la extensión del protocolo genérico (VXLAN-GPE). Actualmente, msgid "Email address to associate with certificate" msgstr "Dirección de correo electrónico para asociar con el certificado" -#: ../../configuration/pki/index.rst:265 +#: ../../configuration/pki/index.rst:296 msgid "Email used for registration and recovery contact." msgstr "Email used for registration and recovery contact." @@ -4599,35 +5092,35 @@ msgstr "Incrustar una polÃtica en otra" msgid "Emergency" msgstr "Emergencia" -#: ../../configuration/protocols/bfd.rst:89 +#: ../../configuration/protocols/bfd.rst:96 msgid "Enable BFD for ISIS on an interface" msgstr "Habilite BFD para ISIS en una interfaz" -#: ../../configuration/protocols/bfd.rst:77 +#: ../../configuration/protocols/bfd.rst:84 msgid "Enable BFD for OSPF on an interface" msgstr "Habilite BFD para OSPF en una interfaz" -#: ../../configuration/protocols/bfd.rst:81 +#: ../../configuration/protocols/bfd.rst:88 msgid "Enable BFD for OSPFv3 on an interface" msgstr "Habilite BFD para OSPFv3 en una interfaz" -#: ../../configuration/protocols/bfd.rst:61 +#: ../../configuration/protocols/bfd.rst:68 msgid "Enable BFD in BGP" msgstr "Habilitar BFD en BGP" -#: ../../configuration/protocols/bfd.rst:85 +#: ../../configuration/protocols/bfd.rst:92 msgid "Enable BFD in ISIS" msgstr "Habilitar BFD en ISIS" -#: ../../configuration/protocols/bfd.rst:73 +#: ../../configuration/protocols/bfd.rst:80 msgid "Enable BFD in OSPF" msgstr "Habilitar BFD en OSPF" -#: ../../configuration/protocols/bfd.rst:69 +#: ../../configuration/protocols/bfd.rst:76 msgid "Enable BFD on a BGP peer group" msgstr "Habilitar BFD en un grupo de pares BGP" -#: ../../configuration/protocols/bfd.rst:65 +#: ../../configuration/protocols/bfd.rst:72 msgid "Enable BFD on a single BGP neighbor" msgstr "Habilite BFD en un único vecino BGP" @@ -4651,7 +5144,7 @@ msgstr "Habilite el buscador IGMP y MLD." msgid "Enable IGMP and MLD snooping." msgstr "Habilite la indagación IGMP y MLD." -#: ../../configuration/service/dhcp-server.rst:271 +#: ../../configuration/service/dhcp-server.rst:277 msgid "Enable IP forwarding on client" msgstr "Habilitar el reenvÃo de IP en el cliente" @@ -4705,7 +5198,7 @@ msgstr "Habilite OSPF con enrutamiento de segmentos (experimental):" msgid "Enable OSPF with route redistribution of the loopback and default originate:" msgstr "Habilite OSPF con la redistribución de rutas del loopback y el origen predeterminado:" -#: ../../configuration/system/login.rst:103 +#: ../../configuration/system/login.rst:107 msgid "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." msgstr "Habilite OTP 2FA para el usuario `nombre de usuario` con la configuración predeterminada, utilizando la clave 2FA/MFA codificada en BASE32 especificada por `<key> `." @@ -4713,6 +5206,18 @@ msgstr "Habilite OTP 2FA para el usuario `nombre de usuario` con la configuracià msgid "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." msgstr "Habilite la función de descarga del canal de datos OpenVPN cargando el módulo del kernel apropiado." +#: ../../configuration/service/router-advert.rst:82 +msgid "Enable PREF64 option as outlined in :rfc:`8781`." +msgstr "Enable PREF64 option as outlined in :rfc:`8781`." + +#: ../../configuration/service/ipoe-server.rst:386 +#: ../../configuration/service/pppoe-server.rst:575 +#: ../../configuration/vpn/l2tp.rst:510 +#: ../../configuration/vpn/pptp.rst:434 +#: ../../configuration/vpn/sstp.rst:468 +msgid "Enable SNMP" +msgstr "Enable SNMP" + #: ../../configuration/service/lldp.rst:59 msgid "Enable SNMP queries of the LLDP database" msgstr "Habilitar consultas SNMP de la base de datos LLDP" @@ -4833,15 +5338,19 @@ msgstr "Las conexiones PPPoE bajo demanda habilitadas abren el enlace solo cuand msgid "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." msgstr "Habilita la autenticación estilo Cisco en paquetes NHRP. Esto incrusta la contraseña secreta de texto sin formato en los paquetes NHRP salientes. Los paquetes NHRP entrantes en esta interfaz se descartan a menos que esté presente la contraseña secreta. La longitud máxima del secreto es de 8 caracteres." -#: ../../configuration/vrf/index.rst:461 +#: ../../configuration/vrf/index.rst:480 msgid "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." msgstr "Permite adjuntar una etiqueta MPLS a una ruta exportada desde el VRF de unidifusión actual a VPN. Si el valor especificado es automático, el valor de la etiqueta se asigna automáticamente desde un grupo mantenido." -#: ../../configuration/vpn/sstp.rst:277 +#: ../../configuration/service/ipoe-server.rst:220 +#: ../../configuration/service/pppoe-server.rst:182 +#: ../../configuration/vpn/l2tp.rst:225 +#: ../../configuration/vpn/pptp.rst:165 +#: ../../configuration/vpn/sstp.rst:198 msgid "Enables bandwidth shaping via RADIUS." msgstr "Habilita la configuración del ancho de banda a través de RADIUS." -#: ../../configuration/vrf/index.rst:483 +#: ../../configuration/vrf/index.rst:502 msgid "Enables import or export of routes between the current unicast VRF and VPN." msgstr "Habilita la importación o exportación de rutas entre el VRF de unidifusión actual y la VPN." @@ -4853,6 +5362,10 @@ msgstr "Enables the Generic Protocol extension (VXLAN-GPE). Currently, this is o msgid "Enables the echo transmission mode" msgstr "Habilita el modo de transmisión de eco" +#: ../../configuration/system/option.rst:27 +msgid "Enables the root partition auto-extension and resizes to the maximum available space on system boot." +msgstr "Enables the root partition auto-extension and resizes to the maximum available space on system boot." + #: ../../configuration/service/router-advert.rst:27 msgid "Enabling Advertisments" msgstr "Habilitación de anuncios" @@ -4877,7 +5390,7 @@ msgstr "Hacer cumplir la verificación de ruta estricta" msgid "Enslave `<member>` interface to bond `<interface>`." msgstr "Esclavizar `<member> `interfaz para enlazar`<interface> `." -#: ../../configuration/protocols/bgp.rst:764 +#: ../../configuration/protocols/bgp.rst:786 msgid "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." msgstr "Asegúrese de que al comparar rutas donde ambas son iguales en la mayorÃa de las métricas, incluidas las preferencias locales, la longitud de AS_PATH, el costo de IGP, MED, el empate se rompe en función de la ID del enrutador." @@ -4945,11 +5458,11 @@ msgstr "Cada regla NAT tiene un comando de traducción definido. La dirección d msgid "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" msgstr "Cada regla SNAT66 tiene definido un comando de traducción. El prefijo definido para la traducción es el prefijo que se usa cuando se reemplaza la información de la dirección en un paquete.ã€" -#: ../../configuration/system/login.rst:47 +#: ../../configuration/system/login.rst:51 msgid "Every SSH key comes in three parts:" msgstr "Cada clave SSH viene en tres partes:" -#: ../../configuration/system/login.rst:68 +#: ../../configuration/system/login.rst:72 msgid "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" msgstr "Cada parte de la clave pública SSH a la que hace referencia `<identifier> ` requiere la configuración de `<type> ` de la clave pública utilizada. Este tipo puede ser cualquiera de:" @@ -4965,12 +5478,16 @@ msgstr "Cada interfaz Ethernet virtual se comporta como una interfaz Ethernet re msgid "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." msgstr "Cada conexión WWAN requiere un :abbr:`APN (Nombre de punto de acceso)` que utiliza el cliente para conectarse a la red del ISP. Este es un parámetro obligatorio. Póngase en contacto con su proveedor de servicios para obtener el APN correcto." +#: ../../configuration/vpn/ipsec.rst:439 +msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." +msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:98 msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." #: ../../configuration/firewall/bridge.rst:321 -#: ../../configuration/highavailability/index.rst:397 +#: ../../configuration/highavailability/index.rst:407 #: ../../configuration/interfaces/bonding.rst:291 #: ../../configuration/interfaces/l2tpv3.rst:86 #: ../../configuration/interfaces/pppoe.rst:323 @@ -4980,23 +5497,24 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/protocols/failover.rst:63 #: ../../configuration/protocols/igmp-proxy.rst:61 #: ../../configuration/protocols/pim.rst:217 -#: ../../configuration/protocols/rpki.rst:156 +#: ../../configuration/protocols/rpki.rst:166 #: ../../configuration/service/broadcast-relay.rst:55 -#: ../../configuration/service/conntrack-sync.rst:186 +#: ../../configuration/service/conntrack-sync.rst:190 #: ../../configuration/service/dhcp-relay.rst:85 #: ../../configuration/service/dhcp-relay.rst:174 -#: ../../configuration/service/dhcp-server.rst:362 -#: ../../configuration/service/dns.rst:160 -#: ../../configuration/service/dns.rst:276 +#: ../../configuration/service/dhcp-server.rst:368 +#: ../../configuration/service/dns.rst:147 +#: ../../configuration/service/dns.rst:260 #: ../../configuration/service/eventhandler.rst:83 -#: ../../configuration/service/ipoe-server.rst:150 +#: ../../configuration/service/ids.rst:82 #: ../../configuration/service/mdns.rst:50 #: ../../configuration/service/monitoring.rst:134 +#: ../../configuration/service/router-advert.rst:108 #: ../../configuration/service/snmp.rst:94 #: ../../configuration/service/snmp.rst:145 #: ../../configuration/service/tftp-server.rst:47 #: ../../configuration/system/acceleration.rst:58 -#: ../../configuration/system/login.rst:397 +#: ../../configuration/system/login.rst:401 #: ../../configuration/system/name-server.rst:28 #: ../../configuration/system/name-server.rst:63 #: ../../configuration/system/sflow.rst:49 @@ -5005,9 +5523,8 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/trafficpolicy/index.rst:1122 #: ../../configuration/vpn/dmvpn.rst:161 #: ../../configuration/vpn/openconnect.rst:97 -#: ../../configuration/vpn/sstp.rst:286 -#: ../../configuration/vrf/index.rst:99 -#: ../../configuration/vrf/index.rst:232 +#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:251 msgid "Example" msgstr "Ejemplo" @@ -5028,16 +5545,18 @@ msgstr "Ejemplo, desde el comando de envÃo del servidor de radio para desconect #: ../../configuration/nat/nat44.rst:425 #: ../../configuration/nat/nat66.rst:78 #: ../../configuration/nat/nat66.rst:96 -#: ../../configuration/protocols/static.rst:174 -#: ../../configuration/service/dns.rst:363 +#: ../../configuration/protocols/static.rst:67 +#: ../../configuration/protocols/static.rst:135 +#: ../../configuration/protocols/static.rst:207 +#: ../../configuration/service/dns.rst:366 #: ../../configuration/service/monitoring.rst:69 #: ../../configuration/service/monitoring.rst:98 #: ../../configuration/service/ssh.rst:165 #: ../../configuration/service/ssh.rst:200 #: ../../configuration/system/flow-accounting.rst:164 -#: ../../configuration/vpn/l2tp.rst:41 -#: ../../configuration/vpn/site2site_ipsec.rst:162 -#: ../../configuration/vpn/site2site_ipsec.rst:273 +#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:276 #: ../../_include/interface-address-with-dhcp.txt:22 #: ../../_include/interface-address.txt:9 #: ../../_include/interface-description.txt:7 @@ -5121,13 +5640,12 @@ msgstr "Ejemplo: establezca el puerto miembro `eth0` para que sea VLAN 2 nativo" msgid "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." msgstr "Ejemplo: para agregar se establece en ``vyos.net`` y la URL recibida es ``www/foo.html``, el sistema usará la URL final generada de ``www.vyos.net/foo. html``." -#: ../../configuration/container/index.rst:177 +#: ../../configuration/container/index.rst:216 #: ../../configuration/service/https.rst:77 -#: ../../configuration/service/router-advert.rst:80 msgid "Example Configuration" msgstr "Configuración de ejemplo" -#: ../../configuration/service/dns.rst:378 +#: ../../configuration/service/dns.rst:384 msgid "Example IPv6 only:" msgstr "Ejemplo de solo IPv6:" @@ -5135,7 +5653,7 @@ msgstr "Ejemplo de solo IPv6:" msgid "Example Network" msgstr "Red de ejemplo" -#: ../../configuration/firewall/ipv4.rst:1130 +#: ../../configuration/firewall/ipv4.rst:1153 #: ../../configuration/firewall/ipv6.rst:1153 msgid "Example Partial Config" msgstr "Ejemplo de configuración parcial" @@ -5156,7 +5674,7 @@ msgstr "Ejemplo para configurar una VPN L2TP simple sobre IPsec para acceso remo msgid "Example of redirection:" msgstr "Ejemplo de redirección:" -#: ../../configuration/firewall/ipv4.rst:925 +#: ../../configuration/firewall/ipv4.rst:948 #: ../../configuration/firewall/ipv6.rst:934 msgid "Example synproxy" msgstr "Example synproxy" @@ -5167,16 +5685,16 @@ msgstr "Example synproxy" #: ../../configuration/interfaces/wireless.rst:541 #: ../../configuration/loadbalancing/reverse-proxy.rst:187 #: ../../configuration/policy/index.rst:46 -#: ../../configuration/protocols/bgp.rst:1096 +#: ../../configuration/protocols/bgp.rst:1118 #: ../../configuration/protocols/isis.rst:336 #: ../../configuration/protocols/ospf.rst:834 -#: ../../configuration/service/pppoe-server.rst:343 +#: ../../configuration/service/pppoe-server.rst:601 #: ../../configuration/service/webproxy.rst:419 msgid "Examples" msgstr "Ejemplos" #: ../../configuration/nat/nat44.rst:154 -#: ../../configuration/vpn/site2site_ipsec.rst:157 +#: ../../configuration/vpn/site2site_ipsec.rst:160 msgid "Examples:" msgstr "Ejemplos:" @@ -5224,6 +5742,10 @@ msgstr "El servidor DHCPv6 externo está en 2001:db8::4" msgid "External Route Summarisation" msgstr "Resumen de ruta externa" +#: ../../configuration/service/ids.rst:101 +msgid "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" +msgstr "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" + #: ../../configuration/trafficpolicy/index.rst:441 msgid "FQ-CoDel" msgstr "FQ-CoDel" @@ -5275,7 +5797,7 @@ msgstr "Código de instalación" #: ../../configuration/loadbalancing/wan.rst:218 #: ../../configuration/protocols/failover.rst:3 #: ../../configuration/service/dhcp-server.rst:136 -#: ../../configuration/service/dhcp-server.rst:369 +#: ../../configuration/service/dhcp-server.rst:375 msgid "Failover" msgstr "conmutación por error" @@ -5303,6 +5825,14 @@ msgstr "Fair Queue es una polÃtica sin configuración (que conserva el trabajo) msgid "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." msgstr "Fair Queue es un programador de conservación de trabajo que programa la transmisión de paquetes en función de los flujos, es decir, equilibra el tráfico distribuyéndolo a través de diferentes subcolas para garantizar la equidad de modo que cada flujo pueda enviar datos a su vez, evitando cualquier uno solo de ahogar al resto." +#: ../../configuration/service/ids.rst:9 +msgid "FastNetMon" +msgstr "FastNetMon" + +#: ../../configuration/service/ids.rst:11 +msgid "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." +msgstr "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." + #: ../../configuration/protocols/rpki.rst:78 msgid "Features of the Current Implementation" msgstr "CaracterÃsticas de la implementación actual" @@ -5311,11 +5841,15 @@ msgstr "CaracterÃsticas de la implementación actual" msgid "Field" msgstr "Campo" -#: ../../configuration/service/dns.rst:241 +#: ../../configuration/service/dns.rst:231 +msgid "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." +msgstr "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." + +#: ../../configuration/service/dns.rst:255 msgid "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." msgstr "Archivo identificado por `<keyfile> ` que contiene la clave RNDC secreta compartida con el servidor DNS remoto." -#: ../../configuration/service/pppoe-server.rst:228 +#: ../../configuration/service/pppoe-server.rst:302 msgid "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" msgstr "Filter-Id=2000/3000 (significa tasa de flujo descendente de 2000 Kbit y tasa de flujo ascendente de 3000 Kbit)" @@ -5404,7 +5938,7 @@ msgstr "Firewall groups represent collections of IP addresses, networks, ports, msgid "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." msgstr "Los grupos de firewall representan colecciones de direcciones IP, redes, puertos, direcciones mac o dominios. Una vez creado, un grupo puede ser referenciado por reglas de ruta de polÃtica, nat y firewall como un comparador de origen o de destino. Los miembros se pueden agregar o eliminar de un grupo sin cambios o la necesidad de volver a cargar las reglas de firewall individuales." -#: ../../configuration/highavailability/index.rst:381 +#: ../../configuration/highavailability/index.rst:391 msgid "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" msgstr "Marca de cortafuegos. Es posible equilibrar la carga del tráfico en función del valor ``fwmark``" @@ -5428,7 +5962,7 @@ msgstr "actualización de firmware" msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." msgstr "Primero, en ambos enrutadores ejecute el comando operativo "generar instalación de par de claves pki<key-pair nam> >". Puede elegir una longitud diferente a 2048, por supuesto." -#: ../../configuration/vpn/ipsec.rst:267 +#: ../../configuration/vpn/ipsec.rst:271 msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." msgstr "Primero, en ambos enrutadores ejecute el comando operativo "generar instalación de par de claves pki<key-pair name> ". Puede elegir una longitud diferente a 2048, por supuesto." @@ -5544,15 +6078,15 @@ msgstr "Para hash:" msgid "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." msgstr "Para que IS-IS top funcione correctamente, se debe hacer el equivalente a un Router ID en CLNS. Este ID de enrutador se denomina :abbr:`NET (TÃtulo de entidad de red)`. Esto debe ser único para todos y cada uno de los enrutadores que operan en IS-IS. Tampoco debe duplicarse, de lo contrario, los mismos problemas que ocurren dentro de OSPF ocurrirán dentro de IS-IS cuando se trata de dicha duplicación." -#: ../../configuration/policy/route-map.rst:311 +#: ../../configuration/policy/route-map.rst:314 msgid "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." msgstr "Para los mapas de rutas entrantes e importados, si recibimos una dirección v6 global y v6 LL para la ruta, entonces preferimos usar la dirección global como el siguiente salto." -#: ../../configuration/service/pppoe-server.rst:188 +#: ../../configuration/service/pppoe-server.rst:257 msgid "For Local Users" msgstr "Para usuarios locales" -#: ../../configuration/service/pppoe-server.rst:223 +#: ../../configuration/service/pppoe-server.rst:297 msgid "For RADIUS users" msgstr "Para usuarios de RADIUS" @@ -5592,7 +6126,7 @@ msgstr "Para una red doméstica simple que utiliza solo el equipo del ISP, esto msgid "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." msgstr "Para protocolos sin conexión como ICMP y UDP, un flujo se considera completo una vez que no aparecen más paquetes para este flujo después del tiempo de espera configurable." -#: ../../configuration/system/login.rst:132 +#: ../../configuration/system/login.rst:136 msgid "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." msgstr "Por ejemplo, si se experimentan problemas con la sincronización horaria deficiente, la ventana se puede aumentar desde su tamaño predeterminado de 3 códigos permitidos (un código anterior, el código actual, el código siguiente) a 17 códigos permitidos (los 8 códigos anteriores, el código actual código, y los 8 códigos siguientes). Esto permitirá un sesgo de tiempo de hasta 4 minutos entre el cliente y el servidor." @@ -5618,7 +6152,7 @@ msgstr "Para paquetes TCP o UDP fragmentados y todo el resto del tráfico de pro msgid "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" msgstr "Para generar una clave OTP en VyOS, puede usar el comando CLI (modo operativo):" -#: ../../configuration/protocols/bgp.rst:823 +#: ../../configuration/protocols/bgp.rst:845 msgid "For inbound updates the order of preference is:" msgstr "Para las actualizaciones entrantes, el orden de preferencia es:" @@ -5642,7 +6176,11 @@ msgstr "For latest releases, refer the `firewall (interface-groups) <https://doc msgid "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." msgstr "Para obtener más información sobre cómo funciona el cambio de etiquetas MPLS, visite `Wikipedia (MPLS)`_." -#: ../../configuration/service/pppoe-server.rst:299 +#: ../../configuration/protocols/bfd.rst:61 +msgid "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." +msgstr "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." + +#: ../../configuration/service/pppoe-server.rst:307 msgid "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." msgstr "Para el mantenimiento de la red, es una buena idea dirigir a los usuarios a un servidor de respaldo para que el servidor principal pueda quedar fuera de servicio de manera segura. Es posible cambiar su servidor PPPoE al modo de mantenimiento donde mantiene las conexiones ya establecidas, pero rechaza nuevos intentos de conexión." @@ -5650,7 +6188,7 @@ msgstr "Para el mantenimiento de la red, es una buena idea dirigir a los usuario msgid "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." msgstr "Para una escalabilidad óptima, no se debe usar Multicast en absoluto, sino usar BGP para señalar todos los dispositivos conectados entre hojas. Desafortunadamente, VyOS aún no es compatible con esto." -#: ../../configuration/protocols/bgp.rst:829 +#: ../../configuration/protocols/bgp.rst:851 msgid "For outbound updates the order of preference is:" msgstr "Para las actualizaciones salientes, el orden de preferencia es:" @@ -5695,7 +6233,7 @@ msgstr "Para el usuario promedio, una consola en serie no tiene ninguna ventaja msgid "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." msgstr "Para el tráfico de entrada de una interfaz, solo hay una polÃtica que puede aplicar directamente, una polÃtica **Limitadora**. No puede aplicar una polÃtica de configuración directamente al tráfico de entrada de ninguna interfaz porque la configuración solo funciona para el tráfico saliente." -#: ../../configuration/container/index.rst:179 +#: ../../configuration/container/index.rst:218 msgid "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." msgstr "En aras de la demostración, `ejemplo #1 en la documentación oficial<https://www.zabbix.com/documentation/current/manual/installation/containers> `_ a la sintaxis declarativa de la CLI de VyOS." @@ -5737,7 +6275,7 @@ msgstr "Formalmente, un enlace virtual parece una red punto a punto que conecta msgid "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." msgstr "ReenvÃe las consultas DNS entrantes a los servidores DNS configurados en los nodos ``system name-server``." -#: ../../configuration/highavailability/index.rst:362 +#: ../../configuration/highavailability/index.rst:372 msgid "Forward method" msgstr "Método de reenvÃo" @@ -5765,7 +6303,7 @@ msgstr "Desde una perspectiva de seguridad, no se recomienda permitir que un ter msgid "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" msgstr "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" -#: ../../configuration/highavailability/index.rst:380 +#: ../../configuration/highavailability/index.rst:390 msgid "Fwmark" msgstr "Fwmark" @@ -5806,6 +6344,11 @@ msgstr "GRE a menudo se ve como una solución única para todos cuando se trata msgid "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." msgstr "Genere un nuevo secreto compartido de OpenVPN. El secreto generado es la salida a la consola." +#: ../../configuration/pki/index.rst:123 +#: ../../configuration/pki/index.rst:128 +msgid "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." +msgstr "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." + #: ../../configuration/protocols/isis.rst:25 #: ../../configuration/protocols/ospf.rst:25 #: ../../configuration/protocols/ospf.rst:1081 @@ -5835,18 +6378,18 @@ msgstr "Genere la clave CAK :abbr:`MKA (protocolo de acuerdo de clave MACsec)`." msgid "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." msgstr "Genere :abbr:`MKA (Protocolo de acuerdo de clave MACsec)` Clave CAK de 128 o 256 bits." -#: ../../configuration/pki/index.rst:153 -#: ../../configuration/pki/index.rst:157 +#: ../../configuration/pki/index.rst:155 +#: ../../configuration/pki/index.rst:159 msgid "Generate a WireGuard pre-shared secret used for peers to communicate." msgstr "Genere un secreto precompartido de WireGuard que se utiliza para que los pares se comuniquen." -#: ../../configuration/pki/index.rst:136 -#: ../../configuration/pki/index.rst:141 +#: ../../configuration/pki/index.rst:138 +#: ../../configuration/pki/index.rst:143 msgid "Generate a new WireGuard public/private key portion and output the result to the console." msgstr "Genere una nueva porción de clave pública/privada de WireGuard y envÃe el resultado a la consola." -#: ../../configuration/pki/index.rst:104 -#: ../../configuration/pki/index.rst:111 +#: ../../configuration/pki/index.rst:106 +#: ../../configuration/pki/index.rst:113 msgid "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." msgstr "Genere un nuevo conjunto de parámetros :abbr:`DH (Diffie-Hellman)`. La CLI solicita el tamaño de la clave y el valor predeterminado es 2048 bits." @@ -5898,6 +6441,14 @@ msgstr "Dado el siguiente ejemplo, tenemos un enrutador VyOS que actúa como ser msgid "Gloabal" msgstr "global" +#: ../../configuration/service/ipoe-server.rst:352 +#: ../../configuration/service/pppoe-server.rst:518 +#: ../../configuration/vpn/l2tp.rst:472 +#: ../../configuration/vpn/pptp.rst:396 +#: ../../configuration/vpn/sstp.rst:430 +msgid "Global Advanced options" +msgstr "Global Advanced options" + #: ../../configuration/firewall/general.rst:84 msgid "Global Options" msgstr "Global Options" @@ -5956,7 +6507,7 @@ msgstr "Servicios basados en HTTP" msgid "HTTP basic authentication username" msgstr "Nombre de usuario de autenticación básica HTTP" -#: ../../configuration/system/option.rst:27 +#: ../../configuration/system/option.rst:57 msgid "HTTP client" msgstr "cliente HTTP" @@ -5968,7 +6519,7 @@ msgstr "Capacidades HT (alto rendimiento) (802.11n)" msgid "Hairpin NAT/NAT Reflection" msgstr "Horquilla NAT/NAT Reflexión" -#: ../../configuration/service/dhcp-server.rst:573 +#: ../../configuration/service/dhcp-server.rst:579 msgid "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." msgstr "Reparta prefijos de tamaño `<length> ` a los clientes en la subred `<prefix> ` cuando solicitan delegación de prefijo." @@ -5980,7 +6531,7 @@ msgstr "Manipulación y seguimiento" msgid "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." msgstr "Tener control sobre la coincidencia del tráfico de estado NO VÃLIDO, por ejemplo, la capacidad de registrar de forma selectiva, es una herramienta importante de solución de problemas para observar el comportamiento del protocolo roto. Por esta razón, VyOS no elimina globalmente el tráfico de estado no válido, sino que permite que el operador determine cómo se maneja el tráfico." -#: ../../configuration/highavailability/index.rst:372 +#: ../../configuration/highavailability/index.rst:382 msgid "Health-check" msgstr "Chequeo de salud" @@ -6024,7 +6575,7 @@ msgstr "Aquà hay un segundo ejemplo de un túnel de doble pila sobre IPv6 entre msgid "Here is an example :abbr:`NET (Network Entity Title)` value:" msgstr "Aquà hay un ejemplo de valor :abbr:`NET (TÃtulo de entidad de red)`:" -#: ../../configuration/protocols/rpki.rst:167 +#: ../../configuration/protocols/rpki.rst:177 msgid "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." msgstr "Aquà hay un mapa de ruta de ejemplo para aplicar a las rutas aprendidas en la importación. En este filtro, rechazamos los prefijos con el estado "no válido" y establecemos una "preferencia local" más alta si el prefijo es RPKI "válido" en lugar de simplemente "no encontrado"." @@ -6074,7 +6625,7 @@ msgstr "Información del anfitrión" msgid "Host name" msgstr "Nombre de anfitrión" -#: ../../configuration/service/dhcp-server.rst:630 +#: ../../configuration/service/dhcp-server.rst:638 msgid "Host specific mapping shall be named ``client1``" msgstr "El mapeo especÃfico del host se llamará ``client1``" @@ -6094,7 +6645,7 @@ msgstr "Cómo configurar el controlador de eventos" msgid "How to make it work" msgstr "Cómo hacer que funcione" -#: ../../configuration/vpn/ipsec.rst:263 +#: ../../configuration/vpn/ipsec.rst:267 msgid "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." msgstr "Sin embargo, ahora necesita hacer que IPsec funcione con una dirección dinámica en un lado. La parte complicada es que la autenticación secreta precompartida no funciona con direcciones dinámicas, por lo que tendremos que usar claves RSA." @@ -6158,14 +6709,18 @@ msgstr "Atributos de IKE (intercambio de claves de Internet)" msgid "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" msgstr "IKE realiza la autenticación mutua entre dos partes y establece una asociación de seguridad (SA) de IKE que incluye información secreta compartida que se puede usar para establecer de manera eficiente las SA para encapsular la carga útil de seguridad (ESP) o el encabezado de autenticación (AH) y un conjunto de algoritmos criptográficos para ser utilizados por las SA para proteger el tráfico que transportan. https://datatracker.ietf.org/doc/html/rfc5996" -#: ../../configuration/vpn/site2site_ipsec.rst:160 +#: ../../configuration/vpn/site2site_ipsec.rst:163 msgid "IKEv1" msgstr "IKEv1" -#: ../../configuration/vpn/site2site_ipsec.rst:271 +#: ../../configuration/vpn/site2site_ipsec.rst:274 msgid "IKEv2" msgstr "IKEv2" +#: ../../configuration/vpn/ipsec.rst:372 +msgid "IKEv2 IPSec road-warriors remote-access VPN" +msgstr "IKEv2 IPSec road-warriors remote-access VPN" + #: ../../configuration/system/ip.rst:3 msgid "IP" msgstr "IP" @@ -6198,11 +6753,11 @@ msgstr "Grupos IPSec IKE y ESP;" msgid "IPSec IKEv2 Remote Access VPN" msgstr "IPSec IKEv2 Remote Access VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN" msgstr "IPSec IKEv2 sitio a sitio VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" msgstr "IPSec IKEv2 site2site VPN (fuente ./draw.io/vpn_s2s_ikev2.drawio)" @@ -6218,7 +6773,7 @@ msgstr "Túneles VPN IPSec." msgid "IP address" msgstr "dirección IP" -#: ../../configuration/service/dhcp-server.rst:202 +#: ../../configuration/service/dhcp-server.rst:208 msgid "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" msgstr "La dirección IP ``192.168.1.100`` se asignará estáticamente al cliente llamado ``client1``" @@ -6227,19 +6782,19 @@ msgstr "La dirección IP ``192.168.1.100`` se asignará estáticamente al client msgid "IP address ``192.168.2.1/24``" msgstr "Dirección IP ``192.168.2.1/24``" -#: ../../configuration/service/dhcp-server.rst:286 +#: ../../configuration/service/dhcp-server.rst:292 msgid "IP address for DHCP server identifier" msgstr "Dirección IP para el identificador del servidor DHCP" -#: ../../configuration/service/dhcp-server.rst:276 +#: ../../configuration/service/dhcp-server.rst:282 msgid "IP address of NTP server" msgstr "Dirección IP del servidor NTP" -#: ../../configuration/service/dhcp-server.rst:316 +#: ../../configuration/service/dhcp-server.rst:322 msgid "IP address of POP3 server" msgstr "Dirección IP del servidor POP3" -#: ../../configuration/service/dhcp-server.rst:311 +#: ../../configuration/service/dhcp-server.rst:317 msgid "IP address of SMTP server" msgstr "Dirección IP del servidor SMTP" @@ -6255,7 +6810,7 @@ msgstr "Dirección IP de la ruta para hacer coincidir, según la lista de prefij msgid "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." msgstr "Dirección IP de la ruta para hacer coincidir, según la longitud de prefijo especificada. Tenga en cuenta que esto solo se puede usar para rutas del kernel. No aplique a las rutas de los protocolos de enrutamiento dinámico (por ejemplo, BGP, RIP, OSFP), ya que esto puede conducir a resultados inesperados." -#: ../../configuration/service/dhcp-server.rst:346 +#: ../../configuration/service/dhcp-server.rst:352 msgid "IP address to exclude from DHCP lease range" msgstr "Dirección IP para excluir del rango de concesión de DHCP" @@ -6295,7 +6850,7 @@ msgstr "Siguiente salto de IP de ruta para coincidir, según el tipo." msgid "IP precedence as defined in :rfc:`791`:" msgstr "Precedencia de IP como se define en :rfc:`791`:" -#: ../../configuration/vpn/l2tp.rst:33 +#: ../../configuration/vpn/l2tp.rst:83 msgid "IP protocol number 50 (ESP)" msgstr "Número de protocolo IP 50 (ESP)" @@ -6307,19 +6862,19 @@ msgstr "Origen de la ruta IP de la ruta para hacer coincidir, según la lista de msgid "IP route source of route to match, based on prefix-list." msgstr "Origen de la ruta IP de la ruta para hacer coincidir, según la lista de prefijos." -#: ../../configuration/service/ipoe-server.rst:7 +#: ../../configuration/service/ipoe-server.rst:5 msgid "IPoE Server" msgstr "Servidor IPoE" -#: ../../configuration/service/ipoe-server.rst:30 +#: ../../configuration/service/ipoe-server.rst:29 msgid "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." msgstr "IPoE se puede configurar en diferentes interfaces, dependerá de cada situación especÃfica qué interfaz proporcionará IPoE a los clientes. La dirección mac del cliente y la interfaz de entrada se utilizan como parámetro de control para autenticar a un cliente." -#: ../../configuration/service/ipoe-server.rst:13 +#: ../../configuration/service/ipoe-server.rst:11 msgid "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." msgstr "IPoE es un método para entregar una carga útil de IP a través de una red de acceso basada en Ethernet o una red de acceso que usa Ethernet con puente sobre el modo de transferencia asÃncrono (ATM) sin usar PPPoE. Encapsula directamente los datagramas IP en tramas Ethernet, utilizando el encapsulado estándar :rfc:`894`." -#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:153 msgid "IPoE server will listen on interfaces eth1.50 and eth1.51" msgstr "El servidor IPoE escuchará en las interfaces eth1.50 y eth1.51" @@ -6327,11 +6882,11 @@ msgstr "El servidor IPoE escuchará en las interfaces eth1.50 y eth1.51" msgid "IPsec" msgstr "IPsec" -#: ../../configuration/vpn/ipsec.rst:172 +#: ../../configuration/vpn/ipsec.rst:176 msgid "IPsec policy matching GRE" msgstr "PolÃtica IPsec que coincide con GRE" -#: ../../configuration/service/pppoe-server.rst:346 +#: ../../configuration/service/pppoe-server.rst:604 msgid "IPv4" msgstr "IPv4" @@ -6343,11 +6898,11 @@ msgstr "Dirección remota IPv4/IPv6 del túnel VXLAN. Alternativa a la multidifu msgid "IPv4 Firewall Configuration" msgstr "IPv4 Firewall Configuration" -#: ../../configuration/service/dhcp-server.rst:291 +#: ../../configuration/service/dhcp-server.rst:297 msgid "IPv4 address of next bootstrap server" msgstr "Dirección IPv4 del próximo servidor de arranque" -#: ../../configuration/service/dhcp-server.rst:251 +#: ../../configuration/service/dhcp-server.rst:257 msgid "IPv4 address of router on the client's subnet" msgstr "Dirección IPv4 del enrutador en la subred del cliente" @@ -6355,7 +6910,7 @@ msgstr "Dirección IPv4 del enrutador en la subred del cliente" msgid "IPv4 or IPv6 source address of NetFlow packets" msgstr "Dirección de origen IPv4 o IPv6 de los paquetes NetFlow" -#: ../../configuration/protocols/bgp.rst:1099 +#: ../../configuration/protocols/bgp.rst:1121 msgid "IPv4 peering" msgstr "emparejamiento IPv4" @@ -6376,8 +6931,12 @@ msgid "IPv4 server" msgstr "servidor IPv4" #: ../../configuration/interfaces/pppoe.rst:244 -#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/service/ipoe-server.rst:256 +#: ../../configuration/service/pppoe-server.rst:341 #: ../../configuration/system/ipv6.rst:3 +#: ../../configuration/vpn/l2tp.rst:286 +#: ../../configuration/vpn/pptp.rst:210 +#: ../../configuration/vpn/sstp.rst:244 msgid "IPv6" msgstr "IPv6" @@ -6385,6 +6944,13 @@ msgstr "IPv6" msgid "IPv6 Access List" msgstr "Lista de acceso IPv6" +#: ../../configuration/service/pppoe-server.rst:381 +#: ../../configuration/vpn/l2tp.rst:325 +#: ../../configuration/vpn/pptp.rst:249 +#: ../../configuration/vpn/sstp.rst:283 +msgid "IPv6 Advanced Options" +msgstr "IPv6 Advanced Options" + #: ../../configuration/interfaces/pppoe.rst:379 msgid "IPv6 DHCPv6-PD Example" msgstr "Ejemplo de IPv6 DHCPv6-PD" @@ -6417,7 +6983,7 @@ msgstr "IPv6 SLAAC e IA-PD" msgid "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" msgstr "Los filtros IPv6 TCP solo coincidirán con paquetes IPv6 sin extensión de encabezado, consulte https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" -#: ../../configuration/service/dhcp-server.rst:628 +#: ../../configuration/service/dhcp-server.rst:636 msgid "IPv6 address ``2001:db8::101`` shall be statically mapped" msgstr "La dirección IPv6 ``2001:db8::101`` se mapeará estáticamente" @@ -6434,10 +7000,18 @@ msgid "IPv6 address of route to match, based on specified prefix-length. Note th msgstr "Dirección IPv6 de la ruta para hacer coincidir, según la longitud de prefijo especificada. Tenga en cuenta que esto solo se puede usar para rutas del kernel. No aplique a las rutas de los protocolos de enrutamiento dinámico (por ejemplo, BGP, RIP, OSFP), ya que esto puede conducir a resultados inesperados." #: ../../configuration/service/pppoe-server.rst:270 +msgid "IPv6 client's prefix" +msgstr "IPv6 client's prefix" + +#: ../../configuration/service/pppoe-server.rst:270 msgid "IPv6 client's prefix assignment" msgstr "Asignación de prefijo del cliente IPv6" -#: ../../configuration/protocols/bgp.rst:1144 +#: ../../configuration/service/pppoe-server.rst:295 +msgid "IPv6 default client's pool assignment" +msgstr "IPv6 default client's pool assignment" + +#: ../../configuration/protocols/bgp.rst:1166 msgid "IPv6 peering" msgstr "emparejamiento IPv6" @@ -6445,7 +7019,7 @@ msgstr "emparejamiento IPv6" msgid "IPv6 prefix." msgstr "Prefijo IPv6." -#: ../../configuration/service/dhcp-server.rst:629 +#: ../../configuration/service/dhcp-server.rst:637 msgid "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" msgstr "El prefijo IPv6 ``2001:db8:0:101::/64`` se mapeará estáticamente" @@ -6457,7 +7031,7 @@ msgstr "retransmisión IPv6" msgid "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." msgstr "Origen de la ruta IPv6: bgp, conectado, eigrp, isis, kernel, nhrp, ospfv3, ripng, estático." -#: ../../configuration/service/dhcp-server.rst:502 +#: ../../configuration/service/dhcp-server.rst:508 msgid "IPv6 server" msgstr "servidor IPv6" @@ -6477,7 +7051,7 @@ msgstr "Configuración global IS-IS" msgid "IS-IS SR Configuration" msgstr "Configuración IS-IS SR" -#: ../../configuration/service/dhcp-server.rst:233 +#: ../../configuration/service/dhcp-server.rst:239 msgid "ISC-DHCP Option name" msgstr "Nombre de la opción ISC-DHCP" @@ -6493,7 +7067,7 @@ msgstr "Si **umbral máximo** está configurado pero **umbral mÃnimo no lo està msgid "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." msgstr "Si el monitoreo ARP se usa en un modo compatible con etherchannel (modos round-robin y xor-hash), el conmutador debe configurarse en un modo que distribuya los paquetes de manera uniforme en todos los enlaces. Si el conmutador está configurado para distribuir los paquetes de forma XOR, todas las respuestas de los objetivos ARP se recibirán en el mismo enlace, lo que podrÃa causar que los otros miembros del equipo fallen." -#: ../../configuration/pki/index.rst:249 +#: ../../configuration/pki/index.rst:251 msgid "If CA is present, this certificate will be included in generated CRLs" msgstr "Si CA está presente, este certificado se incluirá en las CRL generadas" @@ -6517,7 +7091,11 @@ msgstr "Si se establece :cfgcmd:`strict`, la sesión de BGP no se establecerá h msgid "If ``alias`` is set, it can be used instead of the device when connecting." msgstr "Si se establece ``alias``, se puede usar en lugar del dispositivo cuando se conecta." -#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/policy/route-map.rst:204 +msgid "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." +msgstr "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." + +#: ../../configuration/vpn/l2tp.rst:79 msgid "If a local firewall policy is in place on your external interface you will need to allow the ports below:" msgstr "Si existe una polÃtica de firewall local en su interfaz externa, deberá permitir los siguientes puertos:" @@ -6530,7 +7108,7 @@ msgstr "Si no se especifica un registro, Docker.io se usará como registro de co msgid "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." msgstr "Si se escucha una respuesta, se abandona la concesión y el servidor no responde al cliente. La concesión permanecerá abandonada durante un mÃnimo de segundos de tiempo de abandono de la concesión (el valor predeterminado es 24 horas)." -#: ../../configuration/protocols/bgp.rst:771 +#: ../../configuration/protocols/bgp.rst:793 msgid "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." msgstr "Si una ruta tiene un atributo ORIGINATOR_ID porque se ha reflejado, se utilizará ese ORIGINATOR_ID. De lo contrario, se utilizará la ID del enrutador del par del que se recibió la ruta." @@ -6660,11 +7238,46 @@ msgstr "Si el AS-Path para la ruta solo tiene ASN privados, los ASN privados se msgid "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." msgstr "Si la máscara de prefijo IP está presente, indica a opennhrp que use este par como servidor de siguiente salto cuando envÃe solicitudes de resolución que coincidan con esta subred." +#: ../../configuration/service/ipoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:205 +#: ../../configuration/vpn/l2tp.rst:248 +#: ../../configuration/vpn/pptp.rst:188 +#: ../../configuration/vpn/sstp.rst:221 +msgid "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:233 +#: ../../configuration/service/pppoe-server.rst:195 +#: ../../configuration/vpn/l2tp.rst:238 +#: ../../configuration/vpn/pptp.rst:178 +#: ../../configuration/vpn/sstp.rst:211 +msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." +msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." + #: ../../configuration/vpn/l2tp.rst:211 msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." msgstr "Si el servidor RADIUS envÃa el atributo ``Framed-IP-Address``, esta dirección IP se asignará al cliente y se ignorará la opción ip-pool dentro de la configuración de la CLI." -#: ../../configuration/vpn/l2tp.rst:218 +#: ../../configuration/service/ipoe-server.rst:237 +#: ../../configuration/service/pppoe-server.rst:199 +#: ../../configuration/vpn/l2tp.rst:242 +#: ../../configuration/vpn/pptp.rst:182 +#: ../../configuration/vpn/sstp.rst:215 +msgid "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:240 +#: ../../configuration/service/pppoe-server.rst:202 +#: ../../configuration/vpn/l2tp.rst:245 +#: ../../configuration/vpn/pptp.rst:185 +#: ../../configuration/vpn/sstp.rst:218 +msgid "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." + +#: ../../configuration/service/pppoe-server.rst:219 +#: ../../configuration/vpn/l2tp.rst:262 +#: ../../configuration/vpn/pptp.rst:202 +#: ../../configuration/vpn/sstp.rst:235 msgid "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." msgstr "Si el servidor RADIUS usa el atributo ``NAS-Port-Id``, se cambiará el nombre de los túneles ppp." @@ -6688,6 +7301,10 @@ msgstr "Si el tamaño actual de la cola es mayor que **lÃmite de cola**, los pa msgid "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" msgstr "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +#: ../../configuration/firewall/index.rst:83 +msgid "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +msgstr "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" + #: ../../configuration/firewall/index.rst:26 msgid "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" msgstr "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" @@ -6705,7 +7322,7 @@ msgstr "Si el par mapeado estáticamente ejecuta Cisco IOS, especifique la palab msgid "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." msgstr "Si el sistema detecta un dispositivo inalámbrico no configurado, se agregará automáticamente al árbol de configuración, especificando cualquier configuración detectada (por ejemplo, su dirección MAC) y configurado para ejecutarse en modo de monitor." -#: ../../configuration/service/conntrack-sync.rst:126 +#: ../../configuration/service/conntrack-sync.rst:130 msgid "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" msgstr "Si la tabla está vacÃa y tiene un mensaje de advertencia, significa que conntrack no está habilitado. Para habilitar conntrack, simplemente cree una NAT o una regla de firewall. :cfgcmd:`establecer la acción establecida de la polÃtica de estado del cortafuegos aceptar`" @@ -6713,7 +7330,7 @@ msgstr "Si la tabla está vacÃa y tiene un mensaje de advertencia, significa qu msgid "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." msgstr "Si no hay direcciones libres pero hay direcciones IP abandonadas, el servidor DHCP intentará reclamar una dirección IP abandonada independientemente del valor del tiempo de concesión de abandono." -#: ../../configuration/vpn/site2site_ipsec.rst:241 +#: ../../configuration/vpn/site2site_ipsec.rst:244 msgid "If there is SNAT rules on eth1, need to add exclude rule" msgstr "Si hay reglas SNAT en eth1, debe agregar una regla de exclusión" @@ -6726,14 +7343,21 @@ msgstr "Si este comando se invoca desde el modo de configuración con el prefijo msgid "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." msgstr "Si esto está configurado, el agente de retransmisión insertará la ID de la interfaz. Esta opción se establece automáticamente si se utilizan más de una interfaz de escucha." -#: ../../configuration/protocols/bgp.rst:768 +#: ../../configuration/protocols/bgp.rst:790 msgid "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." msgstr "Si esta opción está habilitada, se omite la verificación ya seleccionada, donde se prefieren las rutas eBGP ya seleccionadas." -#: ../../configuration/vpn/sstp.rst:183 +#: ../../configuration/vpn/sstp.rst:189 msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." msgstr "Si se especifica esta opción y es mayor que 0, el módulo PPP enviará pings LCP de la solicitud de eco cada `<interval> ` segundos." +#: ../../configuration/service/pppoe-server.rst:484 +#: ../../configuration/vpn/l2tp.rst:438 +#: ../../configuration/vpn/pptp.rst:362 +#: ../../configuration/vpn/sstp.rst:396 +msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." +msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." + #: ../../_include/interface-ip.txt:75 msgid "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." msgstr "Si esta opción no está configurada (predeterminada), los paquetes de difusión entrantes dirigidos por IP no se reenviarán." @@ -6750,11 +7374,11 @@ msgstr "Si no se establece este parámetro, el tiempo de espera predeterminado e msgid "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." msgstr "Si este parámetro no se establece o es 0, un enlace bajo demanda no se desactivará cuando esté inactivo y después del establecimiento inicial de la conexión. Se mantendrá para siempre." -#: ../../configuration/system/login.rst:270 +#: ../../configuration/system/login.rst:274 msgid "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "Si no se establece, las conexiones entrantes al servidor RADIUS utilizarán la dirección de interfaz más cercana que apunta hacia el servidor, lo que lo hace propenso a errores, por ejemplo, en redes OSPF cuando falla un enlace y se toma una ruta de respaldo." -#: ../../configuration/system/login.rst:339 +#: ../../configuration/system/login.rst:343 msgid "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "Si no se establece, las conexiones entrantes al servidor TACACS utilizarán la dirección de interfaz más cercana que apunta hacia el servidor, lo que lo hace propenso a errores, por ejemplo, en redes OSPF cuando falla un enlace y se toma una ruta de respaldo." @@ -6786,10 +7410,17 @@ msgstr "Si usted es responsable de las direcciones globales asignadas a su red, msgid "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." msgstr "Si está utilizando FQ-CoDel integrado en Shaper_ y tiene velocidades elevadas (100 Mbit y más), puede considerar aumentar `quantum` a 8000 o más para que el planificador ahorre CPU." -#: ../../configuration/vpn/l2tp.rst:165 +#: ../../configuration/service/ipoe-server.rst:146 +#: ../../configuration/service/pppoe-server.rst:108 +#: ../../configuration/vpn/l2tp.rst:151 msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." msgstr "Si usa OSPF como IGP, siempre se usa la interfaz más cercana conectada al servidor RADIUS. Con VyOS 1.2, puede vincular todas las solicitudes RADIUS salientes a una única IP de origen, por ejemplo, la interfaz de bucle invertido." +#: ../../configuration/vpn/pptp.rst:91 +#: ../../configuration/vpn/sstp.rst:124 +msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." + #: ../../configuration/interfaces/openvpn.rst:306 msgid "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." msgstr "Si cambia los algoritmos de cifrado y hash predeterminados, asegúrese de que los extremos local y remoto tengan configuraciones coincidentes; de lo contrario, el túnel no aparecerá." @@ -6813,6 +7444,10 @@ msgstr "Si habilita esto, probablemente querrá establecer el factor de diversid msgid "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." msgstr "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." +#: ../../configuration/vpn/ipsec.rst:483 +msgid "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." +msgstr "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." + #: ../../configuration/interfaces/bonding.rst:312 msgid "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." msgstr "Si ejecuta esto en un entorno virtual como EVE-NG, debe asegurarse de que su NIC de VyOS esté configurada para usar el controlador e1000. Usar el controlador predeterminado ``virtio-net-pci`` o ``vmxnet3`` no funcionará. Los mensajes ICMP no se procesarán correctamente. Son visibles en el cable virtual, pero no llegarán completamente a la pila de redes." @@ -6849,10 +7484,26 @@ msgstr "Si solo desea verificar si la cuenta de usuario está habilitada y puede msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." msgstr "Si establece un atributo RADIUS personalizado, debe definirlo en ambos diccionarios en el servidor y el cliente RADIUS, que es el enrutador vyos en nuestro ejemplo." +#: ../../configuration/service/ipoe-server.rst:215 +#: ../../configuration/service/pppoe-server.rst:177 +#: ../../configuration/vpn/l2tp.rst:220 +#: ../../configuration/vpn/pptp.rst:160 +#: ../../configuration/vpn/sstp.rst:193 +msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." +msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." + #: ../../configuration/system/console.rst:41 msgid "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." msgstr "Si usa convertidores de USB a serie para conectarse a su dispositivo VyOS, tenga en cuenta que la mayorÃa de ellos usan emulación de software sin control de flujo. Esto significa que debe comenzar con una velocidad de transmisión común (probablemente 9600 baudios) ya que, de lo contrario, probablemente no pueda conectarse al dispositivo utilizando velocidades de transmisión de alta velocidad, ya que su convertidor en serie simplemente no puede procesar esta velocidad de datos." +#: ../../configuration/vpn/sstp.rst:482 +msgid "If you use a self-signed certificate, do not forget to install CA on the client side." +msgstr "If you use a self-signed certificate, do not forget to install CA on the client side." + +#: ../../configuration/vpn/ipsec.rst:538 +msgid "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." +msgstr "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." + #: ../../configuration/system/flow-accounting.rst:140 msgid "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." msgstr "Si desea cambiar el número máximo de flujos, que se rastrean simultáneamente, puede hacerlo con este comando (predeterminado 8192)." @@ -6861,7 +7512,7 @@ msgstr "Si desea cambiar el número máximo de flujos, que se rastrean simultán msgid "If you want to disable a rule but let it in the configuration." msgstr "Si desea deshabilitar una regla pero dejarla en la configuración." -#: ../../configuration/system/login.rst:294 +#: ../../configuration/system/login.rst:298 msgid "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." msgstr "Si desea que los usuarios administradores se autentiquen a través de RADIUS, es esencial que envÃe el atributo ``Cisco-AV-Pair shell:priv-lvl=15``. Sin el atributo, solo obtendrá usuarios del sistema normales y sin privilegios." @@ -6873,7 +7524,7 @@ msgstr "Si desea utilizar las listas negras existentes, primero debe crear/desca msgid "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." msgstr "Si desea que su enrutador reenvÃe las solicitudes DHCP a un servidor DHCP externo, puede configurar el sistema para que actúe como un agente de retransmisión DHCP. El agente de retransmisión DHCP funciona con direcciones IPv4 e IPv6." -#: ../../configuration/protocols/bgp.rst:760 +#: ../../configuration/protocols/bgp.rst:782 msgid "Ignore AS_PATH length when selecting a route" msgstr "Ignorar la longitud de AS_PATH al seleccionar una ruta" @@ -6885,7 +7536,7 @@ msgstr "Ignorar las fallas de la interfaz principal de VRRP" msgid "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" msgstr "Afortunadamente, la imagen se tomó prestada de https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG, que está bajo la licencia de documentación libre GNU" -#: ../../configuration/vpn/site2site_ipsec.rst:279 +#: ../../configuration/vpn/site2site_ipsec.rst:282 msgid "Imagine the following topology" msgstr "Imagine la siguiente topologÃa" @@ -6893,11 +7544,35 @@ msgstr "Imagine la siguiente topologÃa" msgid "Immediate" msgstr "Inmediato" +#: ../../configuration/pki/index.rst:254 +msgid "Import files to PKI format" +msgstr "Import files to PKI format" + +#: ../../configuration/pki/index.rst:265 +msgid "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." +msgstr "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." + +#: ../../configuration/pki/index.rst:280 +msgid "Import the OpenVPN shared secret stored in file to the VyOS CLI." +msgstr "Import the OpenVPN shared secret stored in file to the VyOS CLI." + +#: ../../configuration/pki/index.rst:271 +msgid "Import the certificate from the file to VyOS CLI." +msgstr "Import the certificate from the file to VyOS CLI." + +#: ../../configuration/pki/index.rst:275 +msgid "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." +msgstr "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." + +#: ../../configuration/pki/index.rst:261 +msgid "Import the public CA certificate from the defined file to VyOS CLI." +msgstr "Import the public CA certificate from the defined file to VyOS CLI." + #: ../../configuration/protocols/rpki.rst:46 msgid "Imported prefixes during the validation may have values:" msgstr "Los prefijos importados durante la validación pueden tener valores:" -#: ../../configuration/protocols/static.rst:158 +#: ../../configuration/protocols/static.rst:191 msgid "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." msgstr "En las redes del Protocolo de Internet versión 6 (IPv6), la funcionalidad de ARP la proporciona el Protocolo de descubrimiento de vecinos (NDP)." @@ -6905,7 +7580,7 @@ msgstr "En las redes del Protocolo de Internet versión 6 (IPv6), la funcionalid msgid "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." msgstr "En Priority Queue no definimos clases con un número de identificación de clase sin sentido, sino con un número de prioridad de clase (1-7). Cuanto menor sea el número, mayor es la prioridad." -#: ../../configuration/vpn/ipsec.rst:117 +#: ../../configuration/vpn/ipsec.rst:120 msgid "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." msgstr "En VyOS, los atributos ESP se especifican a través de grupos ESP. Se pueden especificar varias propuestas en un solo grupo." @@ -6945,7 +7620,7 @@ msgstr "En pocas palabras, la implementación actual proporciona las siguientes msgid "In addition, you can specify many other parameters to get BGP information:" msgstr "Además, puede especificar muchos otros parámetros para obtener información de BGP:" -#: ../../configuration/system/login.rst:301 +#: ../../configuration/system/login.rst:305 msgid "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." msgstr "Además de :abbr:`RADIUS (Servicio de usuario de marcación de autenticación remota)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` también se puede encontrar en implementaciones grandes." @@ -6953,12 +7628,16 @@ msgstr "Además de :abbr:`RADIUS (Servicio de usuario de marcación de autentica msgid "In addition to displaying flow accounting information locally, one can also exported them to a collection server." msgstr "Además de mostrar la información de contabilidad de flujo localmente, también se puede exportar a un servidor de recopilación." -#: ../../configuration/pki/index.rst:144 -#: ../../configuration/pki/index.rst:159 +#: ../../configuration/pki/index.rst:146 +#: ../../configuration/pki/index.rst:161 #: ../../configuration/pki/pki_cli_import_help.txt:1 msgid "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." msgstr "Además del comando anterior, la salida está en un formato que se puede usar para importar directamente la clave a la CLI de VyOS simplemente copiando y pegando la salida del modo de operación al modo de configuración." +#: ../../configuration/interfaces/pppoe.rst:388 +msgid "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." +msgstr "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." + #: ../../configuration/service/broadcast-relay.rst:48 msgid "In addition you can also disable the whole service without the need to remove it from the current configuration." msgstr "Además también puedes deshabilitar todo el servicio sin necesidad de eliminarlo de la configuración actual." @@ -7003,7 +7682,7 @@ msgstr "In firewall bridge rules, the action can be:" msgid "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." msgstr "En general, el protocolo OSPF requiere un área de red troncal (área 0) para ser coherente y estar completamente conectado. Es decir, cualquier enrutador de área de red troncal debe tener una ruta a cualquier otro enrutador de área de red troncal. Además, cada ABR debe tener un enlace al área de red troncal. Sin embargo, no siempre es posible tener un enlace fÃsico a un área de red troncal. En este caso entre dos ABR (uno de ellos tiene enlace al área de backbone) en el área (no área stub) se organiza un enlace virtual." -#: ../../configuration/system/login.rst:236 +#: ../../configuration/system/login.rst:240 msgid "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." msgstr "En implementaciones grandes, no es razonable configurar cada usuario individualmente en cada sistema. VyOS admite el uso de servidores :abbr:`RADIUS (Remote Authentication Dial-In User Service)` como backend para la autenticación de usuarios." @@ -7023,7 +7702,7 @@ msgstr "Para que el sistema use y complete nombres de host no calificados, se pu msgid "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." msgstr "Para permitir que LDP en el enrutador local intercambie anuncios de etiquetas con otros enrutadores, se establecerá una sesión TCP entre los enrutadores detectados automáticamente y asignados estáticamente. LDP intentará establecer una sesión TCP con la **dirección de transporte** de otros enrutadores. Por lo tanto, para que LDP funcione correctamente, asegúrese de que la dirección de transporte se muestre en la tabla de enrutamiento y esté accesible para el tráfico en todo momento." -#: ../../configuration/protocols/bgp.rst:820 +#: ../../configuration/protocols/bgp.rst:842 msgid "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." msgstr "Para controlar y modificar la información de enrutamiento que se intercambia entre pares, puede usar el mapa de rutas, la lista de filtros, la lista de prefijos, la lista de distribución." @@ -7039,7 +7718,7 @@ msgstr "Para que VyOS Traffic Control funcione, debe seguir 2 pasos:" msgid "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." msgstr "Para tener control total y hacer uso de múltiples direcciones IP públicas estáticas, su VyOS deberá iniciar la conexión PPPoE y controlarla. Para que este método funcione, tendrá que descubrir cómo hacer que su módem/enrutador DSL cambie a un modo puente para que solo actúe como un dispositivo transceptor DSL para conectarse entre el enlace Ethernet de su VyOS y el cable del teléfono. Una vez que su transceptor DSL esté en modo puente, no deberÃa obtener ninguna dirección IP. Asegúrese de conectarse al puerto Ethernet 1 si su transceptor DSL tiene un interruptor, ya que algunos de ellos solo funcionan de esta manera." -#: ../../configuration/service/dhcp-server.rst:623 +#: ../../configuration/service/dhcp-server.rst:631 msgid "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." msgstr "Para asignar direcciones IPv6 especÃficas a hosts especÃficos, se pueden crear asignaciones estáticas. El siguiente ejemplo explica el proceso." @@ -7079,6 +7758,10 @@ msgstr "En nuestro ejemplo, usamos el nombre de clave ``openvpn-1`` al que harem msgid "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" msgstr "En nuestro ejemplo, reenviaremos el tráfico del servidor web a un servidor web interno en 192.168.0.100. El tráfico HTTP utiliza el protocolo TCP en el puerto 80. Para conocer otros números de puerto comunes, consulte: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" +#: ../../configuration/vpn/ipsec.rst:411 +msgid "In our example the certificate name is called vyos:" +msgstr "In our example the certificate name is called vyos:" + #: ../../configuration/trafficpolicy/index.rst:906 msgid "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." msgstr "En principio, los valores deben ser :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." @@ -7123,7 +7806,11 @@ msgstr "En el caso de que desee aplicar algún tipo de **modelado** a su tráfic msgid "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." msgstr "En el comando anterior establecemos el tipo de polÃtica con la que vamos a trabajar y el nombre que elegimos para ella; una clase (para que podamos diferenciar algo de tráfico) y un número identificable para esa clase; luego configuramos una regla de coincidencia (o filtro) y un nombre para ella." -#: ../../configuration/service/pppoe-server.rst:259 +#: ../../configuration/vpn/ipsec.rst:564 +msgid "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." +msgstr "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." + +#: ../../configuration/service/pppoe-server.rst:333 msgid "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." msgstr "En el ejemplo anterior, las primeras 499 sesiones se conectan sin demora. Los paquetes PADO se retrasarán 50 ms para la conexión de 500 a 999, este truco permite que otros servidores PPPoE envÃen PADO más rápido y los clientes se conectarán a otros servidores. El último comando dice que este servidor PPPoE puede servir solo a 3000 clientes." @@ -7131,7 +7818,7 @@ msgstr "En el ejemplo anterior, las primeras 499 sesiones se conectan sin demora msgid "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" msgstr "En el ejemplo utilizado para la configuración de inicio rápido anterior, demostramos la siguiente configuración:" -#: ../../configuration/system/login.rst:399 +#: ../../configuration/system/login.rst:403 msgid "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." msgstr "En el siguiente ejemplo, tanto `User1` como `User2` podrán acceder a VyOS mediante SSH como usuario ``vyos`` utilizando sus propias claves. El 'Usuario 1' está restringido para que solo pueda conectarse desde una única dirección IP. Además, si se desea iniciar sesión con contraseña para el usuario ``vyos``, se requiere un código de clave 2FA/MFA además de la contraseña." @@ -7151,7 +7838,7 @@ msgstr "En el siguiente ejemplo podemos ver una configuración básica de multid msgid "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." msgstr "En el futuro se espera que este sea un protocolo muy útil (aunque hay `otras propuestas`_)." -#: ../../configuration/highavailability/index.rst:400 +#: ../../configuration/highavailability/index.rst:410 msgid "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" msgstr "En el siguiente ejemplo todo el tráfico destinado a ``203.0.113.1`` y puerto ``8280`` protocolo TCP se equilibra entre 2 servidores reales ``192.0.2.11`` y ``192.0.2.12`` al puerto ``80 ``" @@ -7175,7 +7862,7 @@ msgstr "En este ejemplo, usamos **masquerade** como dirección de traducción en msgid "In this example, we will be using the example Quick Start configuration above as a starting point." msgstr "En este ejemplo, utilizaremos el ejemplo de configuración de inicio rápido anterior como punto de partida." -#: ../../configuration/highavailability/index.rst:430 +#: ../../configuration/highavailability/index.rst:440 msgid "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." msgstr "En este ejemplo todo el tráfico destinado a los puertos "80, 2222, 8888" protocolo TCP marca al fwmark "111" y balanceado entre 2 servidores reales. Se requiere el puerto "0" si se utilizan múltiples puertos." @@ -7191,7 +7878,7 @@ msgstr "En este ejemplo, usaremos el caso más complicado: una configuración en msgid "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." msgstr "En este método, el módem/enrutador DSL se conecta al ISP por usted con sus credenciales preprogramadas en el dispositivo. Esto le da una dirección :rfc:`1918`, como ``192.168.1.0/24`` por defecto." -#: ../../configuration/service/dns.rst:165 +#: ../../configuration/service/dns.rst:152 msgid "In this scenario:" msgstr "En este escenario:" @@ -7319,6 +8006,10 @@ msgstr "Intel® QAT" msgid "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" msgstr "Interconecte el VRF global con vrf "rojo" usando el par veth10 <-> veth 11" +#: ../../configuration/service/ids.rst:96 +msgid "Interface **eth0** used to connect to upstream." +msgstr "Interface **eth0** used to connect to upstream." + #: ../../configuration/protocols/isis.rst:146 #: ../../configuration/protocols/ospf.rst:356 #: ../../configuration/protocols/ospf.rst:1139 @@ -7329,7 +8020,7 @@ msgstr "Configuración de la interfaz" msgid "Interface Groups" msgstr "Interface Groups" -#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:87 msgid "Interface Routes" msgstr "Rutas de interfaz" @@ -7367,7 +8058,7 @@ msgid "Interface weight" msgstr "Peso de la interfaz" #: ../../configuration/interfaces/index.rst:3 -#: ../../configuration/vrf/index.rst:71 +#: ../../configuration/vrf/index.rst:90 msgid "Interfaces" msgstr "Interfaces" @@ -7388,10 +8079,18 @@ msgstr "Interfaces que participan en el proceso de retransmisión DHCP. Si se ut msgid "Interfaces whose DHCP client nameservers to forward requests to." msgstr "Interfaces a cuyos servidores de nombres de cliente DHCP se reenvÃan las solicitudes." +#: ../../configuration/service/ids.rst:105 +msgid "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." +msgstr "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." + #: ../../configuration/system/flow-accounting.rst:70 msgid "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" msgstr "Internamente, en los procesos de contabilidad de flujo existe un búfer para el intercambio de datos entre el proceso central y los complementos (cada destino de exportación es un complemento separado). Si tiene altos niveles de tráfico o notó algunos problemas con los registros perdidos o si detiene la exportación, puede intentar aumentar el tamaño del búfer predeterminado (10 MiB) con el siguiente comando:" +#: ../../configuration/vpn/ipsec.rst:374 +msgid "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." +msgstr "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:6 msgid "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." msgstr "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." @@ -7412,7 +8111,7 @@ msgstr "Intervalo en milisegundos" msgid "Interval in minutes between updates (default: 60)" msgstr "Intervalo en minutos entre actualizaciones (predeterminado: 60)" -#: ../../configuration/protocols/bgp.rst:906 +#: ../../configuration/protocols/bgp.rst:928 msgid "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." msgstr "La introducción de reflectores de ruta elimina la necesidad de la malla completa. Cuando configura un reflector de ruta, debe decirle al enrutador si el otro enrutador IBGP es un cliente o no. Un cliente es un enrutador IBGP al que el reflector de ruta "reflejará" las rutas, el no cliente es solo un vecino IBGP normal. El mecanismo de los reflectores de ruta se describe en :rfc:`4456` y se actualiza en :rfc:`7606`." @@ -7432,11 +8131,11 @@ msgstr "Es más lento que IPsec debido a la mayor sobrecarga del protocolo y al msgid "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" msgstr "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" -#: ../../configuration/system/option.rst:111 +#: ../../configuration/system/option.rst:141 msgid "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." msgstr "Deshabilita las páginas grandes transparentes y el equilibrio NUMA automático. También utiliza cpupower para establecer el regulador cpufreq de rendimiento y solicita un valor de cpu_dma_latency de 1. También establece los tiempos de busy_read y busy_poll en 50 us, y tcp_fastopen en 3." -#: ../../configuration/system/option.rst:102 +#: ../../configuration/system/option.rst:132 msgid "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." msgstr "Habilita páginas grandes transparentes y utiliza cpupower para configurar el regulador cpufreq de rendimiento. También establece ``kernel.sched_min_granularity_ns`` en 10 uss, ``kernel.sched_wakeup_granularity_ns`` en 15 uss y ``vm.dirty_ratio`` en 40%." @@ -7457,11 +8156,11 @@ msgstr "Ayuda pensar en la sintaxis como: (ver más abajo). El 'conjunto de msgid "It is compatible with Cisco (R) AnyConnect (R) clients." msgstr "Es compatible con clientes Cisco (R) AnyConnect (R)." -#: ../../configuration/service/dhcp-server.rst:590 +#: ../../configuration/service/dhcp-server.rst:596 msgid "It is connected to ``eth1``" msgstr "Está conectado a ``eth1``" -#: ../../configuration/system/login.rst:42 +#: ../../configuration/system/login.rst:46 msgid "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." msgstr "Se recomienda encarecidamente utilizar la autenticación de clave SSH. De forma predeterminada, solo hay un usuario (``vyos``), y puede asignar cualquier número de claves a ese usuario. Puede generar una clave ssh con el comando ``ssh-keygen`` en su máquina local, que (de forma predeterminada) la guardará como ``~/.ssh/id_rsa.pub``." @@ -7477,11 +8176,11 @@ msgstr "It is important to note that when creating firewall rules, the DNAT tran msgid "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." msgstr "Es importante tener en cuenta que al crear reglas de firewall, la traducción de DNAT se produce **antes** de que el tráfico atraviese el firewall. En otras palabras, la dirección de destino ya se tradujo a 192.168.0.100." -#: ../../configuration/vrf/index.rst:505 +#: ../../configuration/vrf/index.rst:524 msgid "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." msgstr "No es suficiente configurar solo un L3VPN VRF, sino que también se deben mantener los L3VPN VRF. Para el mantenimiento de L3VPN VRF, se implementan los siguientes comandos operativos." -#: ../../configuration/vrf/index.rst:113 +#: ../../configuration/vrf/index.rst:132 msgid "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." msgstr "No es suficiente configurar solo un VRF, sino que también se deben mantener los VRF. Para el mantenimiento de VRF, se aplican los siguientes comandos operativos." @@ -7489,14 +8188,19 @@ msgstr "No es suficiente configurar solo un VRF, sino que también se deben mant msgid "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" msgstr "No es válido usar la opción `vif 1` para puentes que reconocen VLAN porque los puentes que reconocen VLAN asumen que todos los paquetes sin etiqueta pertenecen al miembro VLAN 1 predeterminado y que la ID de VLAN de la interfaz principal del puente siempre es 1" -#: ../../configuration/system/login.rst:93 +#: ../../configuration/system/login.rst:97 msgid "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." msgstr "Es posible mejorar la seguridad de la autenticación mediante el uso de la función :abbr:`2FA (Autenticación de dos factores)`/:abbr:`MFA (Autenticación de múltiples factores)` junto con :abbr:`OTP (One-Time-Pad) ` en VyOS. :abbr:`2FA (autenticación de dos factores)`/:abbr:`MFA (autenticación de múltiples factores)` se configura de forma independiente para cada usuario. Si se configura una clave OTP para un usuario, 2FA/MFA se habilita automáticamente para ese usuario en particular. Si un usuario no tiene una clave OTP configurada, no hay verificación 2FA/MFA para ese usuario." -#: ../../configuration/vrf/index.rst:496 +#: ../../configuration/vrf/index.rst:515 msgid "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." msgstr "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." +#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:132 +msgid "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." +msgstr "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." + #: ../../configuration/service/conntrack-sync.rst:30 msgid "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" msgstr "Es posible usar Multicast o Unicast para sincronizar el tráfico de seguimiento. La mayorÃa de los ejemplos a continuación muestran multidifusión, pero la unidifusión se puede especificar usando el teclado "peer" después de la interfaz especÃfica, como en el siguiente ejemplo:" @@ -7517,7 +8221,7 @@ msgstr "Utiliza un modelo estocástico para clasificar los paquetes entrantes en msgid "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." msgstr "Se combinará con el prefijo delegado y el sla-id para formar una dirección de interfaz completa. El valor predeterminado es utilizar la dirección EUI-64 de la interfaz." -#: ../../configuration/vrf/index.rst:220 +#: ../../configuration/vrf/index.rst:239 msgid "Join a given VRF. This will open a new subshell within the specified VRF." msgstr "Únete a un VRF dado. Esto abrirá una nueva subcapa dentro del VRF especificado." @@ -7529,15 +8233,19 @@ msgstr "Salta a una regla diferente en este mapa de ruta en un partido." msgid "Juniper EX Switch" msgstr "Interruptor Juniper EX" +#: ../../configuration/system/option.rst:31 +msgid "Kernel" +msgstr "Núcleo" + #: ../../configuration/system/syslog.rst:112 msgid "Kernel messages" msgstr "Mensajes del núcleo" -#: ../../configuration/system/login.rst:40 +#: ../../configuration/system/login.rst:44 msgid "Key Based Authentication" msgstr "Autenticación basada en clave" -#: ../../configuration/pki/index.rst:30 +#: ../../configuration/pki/index.rst:32 msgid "Key Generation" msgstr "Generación de claves" @@ -7545,7 +8253,7 @@ msgstr "Generación de claves" msgid "Key Management" msgstr "Gestión de claves" -#: ../../configuration/vpn/site2site_ipsec.rst:383 +#: ../../configuration/vpn/site2site_ipsec.rst:386 msgid "Key Parameters:" msgstr "Parámetros clave:" @@ -7557,11 +8265,15 @@ msgstr "Puntos clave:" msgid "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." msgstr "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." -#: ../../configuration/pki/index.rst:167 +#: ../../configuration/vpn/ipsec.rst:381 +msgid "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." +msgstr "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." + +#: ../../configuration/pki/index.rst:169 msgid "Key usage (CLI)" msgstr "Uso de claves (CLI)" -#: ../../configuration/system/option.rst:58 +#: ../../configuration/system/option.rst:88 msgid "Keyboard Layout" msgstr "Diseño del teclado" @@ -7574,7 +8286,7 @@ msgstr "pares de llaves" msgid "Keyword" msgstr "Palabra clave" -#: ../../configuration/vpn/l2tp.rst:4 +#: ../../configuration/vpn/l2tp.rst:5 msgid "L2TP" msgstr "L2TP" @@ -7606,7 +8318,7 @@ msgstr "L2TPv3 se describe en :rfc:`3931`." msgid "L2TPv3 options" msgstr "Opciones L2TPv3" -#: ../../configuration/vrf/index.rst:399 +#: ../../configuration/vrf/index.rst:418 msgid "L3VPN VRFs" msgstr "L3VPN VRF" @@ -7635,7 +8347,7 @@ msgstr "LLDP realiza funciones similares a varios protocolos propietarios, como msgid "LNS (L2TP Network Server)" msgstr "LNS (servidor de red L2TP)" -#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/l2tp.rst:272 msgid "LNS are often used to connect to a LAC (L2TP Access Concentrator)." msgstr "Los LNS se utilizan a menudo para conectarse a un LAC (concentrador de acceso L2TP)." @@ -7647,11 +8359,11 @@ msgstr "Protocolo de distribución de etiquetas" msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." msgstr "Layer 2 Tunneling Protocol Version 3 es un estándar IETF relacionado con L2TP que se puede utilizar como un protocolo alternativo a :ref:`mpls` para la encapsulación del tráfico de comunicaciones multiprotocolo de Capa 2 a través de redes IP. Al igual que L2TP, L2TPv3 proporciona un servicio de pseudocable, pero está escalado para adaptarse a los requisitos del operador." -#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:599 msgid "Lease time will be left at the default value which is 24 hours" msgstr "El tiempo de concesión se dejará en el valor predeterminado, que es de 24 horas." -#: ../../configuration/service/dhcp-server.rst:336 +#: ../../configuration/service/dhcp-server.rst:342 msgid "Lease timeout in seconds (default: 86400)" msgstr "Tiempo de espera de arrendamiento en segundos (predeterminado: 86400)" @@ -7699,15 +8411,19 @@ msgstr "Vida útil en dÃas; el valor predeterminado es 365" msgid "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" msgstr "La vida útil se reduce según la cantidad de segundos desde el último RA; utilÃcelo junto con un prefijo DHCPv6-PD" +#: ../../configuration/vpn/ipsec.rst:535 +msgid "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." +msgstr "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." + #: ../../configuration/loadbalancing/reverse-proxy.rst:162 msgid "Limit allowed cipher algorithms used during SSL/TLS handshake" msgstr "Limite los algoritmos de cifrado permitidos utilizados durante el protocolo de enlace SSL/TLS" -#: ../../configuration/system/login.rst:112 +#: ../../configuration/system/login.rst:116 msgid "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." msgstr "Limite los inicios de sesión a `<limit> ` por cada ``rate-time`` segundos. El lÃmite de frecuencia debe estar entre 1 y 10 intentos." -#: ../../configuration/system/login.rst:118 +#: ../../configuration/system/login.rst:122 msgid "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." msgstr "Limite los inicios de sesión a ``rate-limit`` intentos por cada `<seconds> `. El tiempo de tasa debe estar entre 15 y 600 segundos." @@ -7723,7 +8439,7 @@ msgstr "limitador" msgid "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." msgstr "Limiter es una de esas polÃticas que usa clases_ (Ingress qdisc es en realidad una polÃtica sin clases, pero los filtros funcionan en ella)." -#: ../../configuration/system/login.rst:381 +#: ../../configuration/system/login.rst:385 msgid "Limits" msgstr "LÃmites" @@ -7767,7 +8483,7 @@ msgstr "Lista de algoritmos admitidos: ``diffie-hellman-group1-sha1``, ``diffie- msgid "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" msgstr "Lista de cifrados compatibles: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr`` ``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" -#: ../../configuration/policy/route-map.rst:362 +#: ../../configuration/policy/route-map.rst:365 msgid "List of well-known communities" msgstr "Lista de comunidades conocidas" @@ -7775,7 +8491,7 @@ msgstr "Lista de comunidades conocidas" msgid "Listen for DHCP requests on interface ``eth1``." msgstr "Escuche las solicitudes de DHCP en la interfaz ``eth1``." -#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:137 msgid "Lists VRFs that have been created" msgstr "Enumera los VRF que se han creado" @@ -7787,7 +8503,7 @@ msgstr "Balanceo de carga" msgid "Load-balancing algorithms to be used for distributind requests among the vailable servers" msgstr "Algoritmos de equilibrio de carga que se utilizarán para distribuir solicitudes entre los servidores disponibles" -#: ../../configuration/highavailability/index.rst:347 +#: ../../configuration/highavailability/index.rst:357 msgid "Load-balancing schedule algorithm:" msgstr "Algoritmo de programación de equilibrio de carga:" @@ -7795,11 +8511,11 @@ msgstr "Algoritmo de programación de equilibrio de carga:" msgid "Load Balance" msgstr "Load Balance" -#: ../../configuration/service/pppoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:317 msgid "Load Balancing" msgstr "Balanceo de carga" -#: ../../configuration/system/login.rst:422 +#: ../../configuration/system/login.rst:426 msgid "Load the container image in op-mode." msgstr "Cargue la imagen del contenedor en modo operativo." @@ -7848,11 +8564,11 @@ msgstr "Cuenta de usuario local" msgid "Local path that includes the known hosts file." msgstr "Ruta local que incluye el archivo de hosts conocidos." -#: ../../configuration/protocols/rpki.rst:145 +#: ../../configuration/protocols/rpki.rst:155 msgid "Local path that includes the private key file of the router." msgstr "Ruta local que incluye el archivo de clave privada del enrutador." -#: ../../configuration/protocols/rpki.rst:149 +#: ../../configuration/protocols/rpki.rst:159 msgid "Local path that includes the public key file of the router." msgstr "Ruta local que incluye el archivo de clave pública del enrutador." @@ -7864,7 +8580,7 @@ msgstr "Ruta local" msgid "Locally connect to serial port identified by `<device>`." msgstr "Conéctese localmente al puerto serie identificado por `<device> `." -#: ../../configuration/policy/route-map.rst:273 +#: ../../configuration/policy/route-map.rst:276 msgid "Locally significant administrative distance." msgstr "Distancia administrativa localmente significativa." @@ -7918,11 +8634,11 @@ msgstr "El inicio de sesión en un host remoto deja intacta la configuración de msgid "Login/User Management" msgstr "Inicio de sesión/Administración de usuarios" -#: ../../configuration/system/login.rst:363 +#: ../../configuration/system/login.rst:367 msgid "Login Banner" msgstr "Bandera de inicio de sesión" -#: ../../configuration/system/login.rst:383 +#: ../../configuration/system/login.rst:387 msgid "Login limits" msgstr "LÃmites de inicio de sesión" @@ -7981,7 +8697,7 @@ msgstr "Opciones MACsec" msgid "MDI power" msgstr "Potencia MDI" -#: ../../configuration/system/login.rst:91 +#: ../../configuration/system/login.rst:95 msgid "MFA/2FA authentication using OTP (one time passwords)" msgstr "Autenticación MFA/2FA usando OTP (contraseñas de un solo uso)" @@ -8024,11 +8740,11 @@ msgstr "Main structure VyOS firewall cli is shown next:" msgid "Main structure is shown next:" msgstr "Main structure is shown next:" -#: ../../configuration/service/pppoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:303 msgid "Maintenance mode" msgstr "Modo de mantenimiento" -#: ../../configuration/service/conntrack-sync.rst:107 +#: ../../configuration/service/conntrack-sync.rst:111 msgid "Make sure conntrack is enabled by running and show connection tracking table." msgstr "Asegúrese de que conntrack esté habilitado al ejecutar y mostrar la tabla de seguimiento de conexiones." @@ -8048,7 +8764,7 @@ msgstr "Configuraciones obligatorias" msgid "Manual Neighbor Configuration" msgstr "Configuración manual de vecinos" -#: ../../configuration/pki/index.rst:336 +#: ../../configuration/pki/index.rst:367 msgid "Manually trigger certificate renewal. This will be done twice a day." msgstr "Manually trigger certificate renewal. This will be done twice a day." @@ -8056,15 +8772,19 @@ msgstr "Manually trigger certificate renewal. This will be done twice a day." msgid "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." msgstr "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." -#: ../../configuration/vpn/sstp.rst:223 +#: ../../configuration/service/ipoe-server.rst:166 +#: ../../configuration/service/pppoe-server.rst:128 +#: ../../configuration/vpn/l2tp.rst:171 +#: ../../configuration/vpn/pptp.rst:111 +#: ../../configuration/vpn/sstp.rst:144 msgid "Mark RADIUS server as offline for this given `<time>` in seconds." msgstr "Marque el servidor RADIUS como fuera de lÃnea para este `<time> ` en segundos." -#: ../../configuration/pki/index.rst:206 +#: ../../configuration/pki/index.rst:208 msgid "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." msgstr "Marque la clave privada de las CA como protegida con contraseña. Se le pide al usuario la contraseña cuando se hace referencia a la clave." -#: ../../configuration/pki/index.rst:244 +#: ../../configuration/pki/index.rst:246 msgid "Mark the private key as password protected. User is asked for the password when the key is referenced." msgstr "Marque la clave privada como protegida con contraseña. Se le pide al usuario la contraseña cuando se hace referencia a la clave." @@ -8076,7 +8796,7 @@ msgstr "Haga coincidir grandes comunidades BGP." msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." msgstr "Haga coincidir las direcciones IP en función de su geolocalización. Más información: `coincidencia geoip<https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching> `_." -#: ../../configuration/firewall/ipv4.rst:440 +#: ../../configuration/firewall/ipv4.rst:463 #: ../../configuration/firewall/ipv6.rst:447 msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." @@ -8089,17 +8809,21 @@ msgstr "Coincide con el resultado de la validación de RPKI." msgid "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." msgstr "Coincidir con un criterio de protocolo. Un número de protocolo o un nombre que se define en: ``/etc/protocols``. Los nombres especiales son ``all`` para todos los protocolos y ``tcp_udp`` para paquetes basados en tcp y udp. El ``!`` niega el protocolo seleccionado." -#: ../../configuration/firewall/ipv4.rst:773 +#: ../../configuration/firewall/ipv4.rst:796 #: ../../configuration/firewall/ipv6.rst:783 msgid "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." msgstr "Coincidir con un criterio de protocolo. Un número de protocolo o un nombre que se define aquÃ: ``/etc/protocols``. Los nombres especiales son ``all`` para todos los protocolos y ``tcp_udp`` para paquetes basados en tcp y udp. El ``!`` niega el protocolo seleccionado." -#: ../../configuration/firewall/ipv4.rst:831 +#: ../../configuration/firewall/ipv4.rst:854 #: ../../configuration/firewall/ipv6.rst:840 msgid "Match against the state of a packet." msgstr "Comparar con el estado de un paquete." -#: ../../configuration/firewall/ipv4.rst:620 +#: ../../configuration/firewall/ipv4.rst:336 +msgid "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." +msgstr "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." + +#: ../../configuration/firewall/ipv4.rst:643 #: ../../configuration/firewall/ipv6.rst:630 msgid "Match based on dscp value." msgstr "Coincidencia basada en el valor de dscp." @@ -8108,16 +8832,16 @@ msgstr "Coincidencia basada en el valor de dscp." msgid "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." msgstr "Coincidencia basada en criterios de valor de dscp. Se admiten múltiples valores de 0 a 63 y rangos." -#: ../../configuration/firewall/ipv4.rst:631 +#: ../../configuration/firewall/ipv4.rst:654 #: ../../configuration/firewall/ipv6.rst:641 msgid "Match based on fragment criteria." msgstr "Coincidencia basada en criterios de fragmentos." -#: ../../configuration/firewall/ipv4.rst:642 +#: ../../configuration/firewall/ipv4.rst:665 msgid "Match based on icmp code and type." msgstr "Match based on icmp code and type." -#: ../../configuration/firewall/ipv4.rst:653 +#: ../../configuration/firewall/ipv4.rst:676 msgid "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." msgstr "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." @@ -8147,18 +8871,18 @@ msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:239 -#: ../../configuration/firewall/ipv4.rst:663 +#: ../../configuration/firewall/ipv4.rst:686 #: ../../configuration/firewall/ipv6.rst:673 msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:248 -#: ../../configuration/firewall/ipv4.rst:674 +#: ../../configuration/firewall/ipv4.rst:697 #: ../../configuration/firewall/ipv6.rst:684 msgid "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:707 +#: ../../configuration/firewall/ipv4.rst:730 #: ../../configuration/firewall/ipv6.rst:717 msgid "Match based on ipsec criteria." msgstr "Coincidencia basada en criterios de ipsec." @@ -8168,35 +8892,35 @@ msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:256 -#: ../../configuration/firewall/ipv4.rst:684 +#: ../../configuration/firewall/ipv4.rst:707 #: ../../configuration/firewall/ipv6.rst:694 msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:265 -#: ../../configuration/firewall/ipv4.rst:695 +#: ../../configuration/firewall/ipv4.rst:718 #: ../../configuration/firewall/ipv6.rst:705 msgid "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:750 +#: ../../configuration/firewall/ipv4.rst:773 #: ../../configuration/firewall/ipv6.rst:760 #: ../../configuration/policy/route.rst:176 msgid "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." msgstr "Coincidencia basada en criterios de longitud de paquete. Se admiten varios valores de 1 a 65535 y rangos." -#: ../../configuration/firewall/ipv4.rst:762 +#: ../../configuration/firewall/ipv4.rst:785 #: ../../configuration/firewall/ipv6.rst:772 #: ../../configuration/policy/route.rst:184 msgid "Match based on packet type criteria." msgstr "Coincidencia basada en criterios de tipo de paquete." -#: ../../configuration/firewall/ipv4.rst:729 +#: ../../configuration/firewall/ipv4.rst:752 #: ../../configuration/firewall/ipv6.rst:739 msgid "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" msgstr "Coincidencia basada en la tasa promedio máxima, especificada como **entero/unidad**. Por ejemplo **5/minutos**" -#: ../../configuration/firewall/ipv4.rst:718 +#: ../../configuration/firewall/ipv4.rst:741 #: ../../configuration/firewall/ipv6.rst:728 msgid "Match based on the maximum number of packets to allow in excess of rate." msgstr "Coincidencia basada en el número máximo de paquetes que se permiten por encima de la tasa." @@ -8209,7 +8933,7 @@ msgstr "Match based on vlan ID. Range is also supported." msgid "Match based on vlan priority(pcp). Range is also supported." msgstr "Match based on vlan priority(pcp). Range is also supported." -#: ../../configuration/firewall/ipv4.rst:801 +#: ../../configuration/firewall/ipv4.rst:824 #: ../../configuration/firewall/ipv6.rst:810 msgid "Match bases on recently seen sources." msgstr "Coincide con las bases de las fuentes vistas recientemente." @@ -8224,7 +8948,7 @@ msgstr "Criterios de coincidencia basados en la marca de conexión." msgid "Match criteria based on nat connection status." msgstr "Criterios de coincidencia basados en el estado de la conexión nacional." -#: ../../configuration/firewall/ipv4.rst:345 +#: ../../configuration/firewall/ipv4.rst:368 #: ../../configuration/firewall/ipv6.rst:345 msgid "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." msgstr "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." @@ -8237,6 +8961,14 @@ msgstr "Match criteria based on source and/or destination mac-address." msgid "Match domain name" msgstr "Coincidencia de nombre de dominio" +#: ../../configuration/service/ipoe-server.rst:382 +#: ../../configuration/service/pppoe-server.rst:571 +#: ../../configuration/vpn/l2tp.rst:506 +#: ../../configuration/vpn/pptp.rst:430 +#: ../../configuration/vpn/sstp.rst:464 +msgid "Match firewall mark value" +msgstr "Match firewall mark value" + #: ../../configuration/firewall/ipv6.rst:894 #: ../../configuration/policy/route.rst:234 msgid "Match hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." @@ -8250,12 +8982,12 @@ msgstr "Coincide con la preferencia local." msgid "Match route metric." msgstr "Coincidir con la métrica de la ruta." -#: ../../configuration/firewall/ipv4.rst:885 +#: ../../configuration/firewall/ipv4.rst:908 #: ../../configuration/policy/route.rst:229 msgid "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." msgstr "Igualar el tiempo de vida del parámetro, donde 'eq' significa 'igual'; 'gt' significa 'mayor que' y 'lt' significa 'menor que'." -#: ../../configuration/firewall/ipv4.rst:906 +#: ../../configuration/firewall/ipv4.rst:929 #: ../../configuration/firewall/ipv6.rst:915 msgid "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." msgstr "Coincidencia cuando se ve la cantidad de conexiones 'recuento' dentro de 'tiempo'. Estos criterios coincidentes se pueden utilizar para bloquear los intentos de fuerza bruta." @@ -8275,11 +9007,24 @@ msgstr "Tráfico coincidente" msgid "Maximum A-MSDU length 3839 (default) or 7935 octets" msgstr "Longitud máxima de A-MSDU 3839 (predeterminado) o 7935 octetos" +#: ../../configuration/vpn/l2tp.rst:492 +#: ../../configuration/vpn/pptp.rst:416 +msgid "Maximum Transmission Unit (MTU) (default: **1436**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1436**)" + +#: ../../configuration/service/pppoe-server.rst:538 +msgid "Maximum Transmission Unit (MTU) (default: **1492**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1492**)" + +#: ../../configuration/vpn/sstp.rst:450 +msgid "Maximum Transmission Unit (MTU) (default: **1500**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1500**)" + #: ../../configuration/service/dns.rst:108 msgid "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." msgstr "Número máximo de entradas de caché de DNS. 1 millón por núcleo de CPU generalmente será suficiente para la mayorÃa de las instalaciones." -#: ../../configuration/vpn/sstp.rst:159 +#: ../../configuration/vpn/sstp.rst:165 msgid "Maximum number of IPv4 nameservers" msgstr "Número máximo de servidores de nombres IPv4" @@ -8287,6 +9032,14 @@ msgstr "Número máximo de servidores de nombres IPv4" msgid "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." msgstr "Número máximo de procesos de autenticación para generar. Si comienza con muy pocos Squid, tendrá que esperar a que procesen una acumulación de verificaciones de credenciales, lo que lo ralentizará. Cuando las verificaciones de contraseña se realizan a través de una red (lenta), es probable que necesite muchos procesos de autenticación." +#: ../../configuration/service/ipoe-server.rst:372 +#: ../../configuration/service/pppoe-server.rst:542 +#: ../../configuration/vpn/l2tp.rst:496 +#: ../../configuration/vpn/pptp.rst:420 +#: ../../configuration/vpn/sstp.rst:454 +msgid "Maximum number of concurrent session start attempts" +msgstr "Maximum number of concurrent session start attempts" + #: ../../configuration/interfaces/wireless.rst:77 msgid "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." msgstr "Número máximo de estaciones permitidas en la tabla de estaciones. Las nuevas estaciones serán rechazadas una vez que la tabla de estaciones esté llena. IEEE 802.11 tiene un lÃmite de 2007 ID de asociación diferentes, por lo que este número no debe ser mayor." @@ -8295,7 +9048,11 @@ msgstr "Número máximo de estaciones permitidas en la tabla de estaciones. Las msgid "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." msgstr "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." -#: ../../configuration/vpn/sstp.rst:250 +#: ../../configuration/service/ipoe-server.rst:190 +#: ../../configuration/service/pppoe-server.rst:152 +#: ../../configuration/vpn/l2tp.rst:195 +#: ../../configuration/vpn/pptp.rst:135 +#: ../../configuration/vpn/sstp.rst:168 msgid "Maximum number of tries to send Access-Request/Accounting-Request queries" msgstr "Número máximo de intentos para enviar consultas de Solicitud de acceso/Solicitud de contabilidad" @@ -8323,6 +9080,10 @@ msgstr "Mensajes generados internamente por syslogd" msgid "Metris version, the default is ``2``" msgstr "Versión Metris, el valor predeterminado es ``2``" +#: ../../configuration/vpn/ipsec.rst:510 +msgid "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/service/router-advert.rst:1 msgid "Min and max intervals between unsolicited multicast RAs" msgstr "Intervalos mÃnimos y máximos entre RA de multidifusión no solicitados" @@ -8351,7 +9112,12 @@ msgstr "Modify the time that pim will register suppress a FHR will send register msgid "Monitor, the system passively monitors any kind of wireless traffic" msgstr "Monitor, el sistema monitorea pasivamente cualquier tipo de tráfico inalámbrico" +#: ../../configuration/service/ipoe-server.rst:390 #: ../../configuration/service/monitoring.rst:2 +#: ../../configuration/service/pppoe-server.rst:583 +#: ../../configuration/vpn/l2tp.rst:518 +#: ../../configuration/vpn/pptp.rst:442 +#: ../../configuration/vpn/sstp.rst:538 msgid "Monitoring" msgstr "Supervisión" @@ -8371,7 +9137,7 @@ msgstr "Most operating systems include native client support for IPsec IKEv2 VPN msgid "Mount a volume into the container" msgstr "Montar un volumen en el contenedor." -#: ../../configuration/service/dhcp-server.rst:235 +#: ../../configuration/service/dhcp-server.rst:241 msgid "Multi" msgstr "Multi" @@ -8383,7 +9149,7 @@ msgstr "El servidor multicliente es el modo OpenVPN más popular en los enrutado msgid "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." msgstr "multihogar. En un entorno de red de alojamiento múltiple, el dispositivo NAT66 se conecta a una red interna y se conecta simultáneamente a diferentes redes externas. La traducción de direcciones se puede configurar en cada interfaz del lado de la red externa del dispositivo NAT66 para convertir la misma dirección de red interna en diferentes direcciones de red externa y realizar la asignación de la misma dirección interna a varias direcciones externas." -#: ../../configuration/service/dhcp-server.rst:359 +#: ../../configuration/service/dhcp-server.rst:365 msgid "Multi: can be specified multiple times." msgstr "Multi: se puede especificar varias veces." @@ -8428,7 +9194,7 @@ msgstr "Multicast receivers will talk MLD to their local router, so, besides hav msgid "Multiple DNS servers can be defined." msgstr "Se pueden definir varios servidores DNS." -#: ../../configuration/protocols/rpki.rst:121 +#: ../../configuration/protocols/rpki.rst:135 msgid "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." msgstr "Se pueden proporcionar múltiples instancias de almacenamiento en caché de RPKI y necesitan una preferencia en la que se utilizan sus conjuntos de resultados." @@ -8460,16 +9226,16 @@ msgstr "Se pueden especificar varias interfaces." msgid "Multiple networks/client IP addresses can be configured." msgstr "Se pueden configurar múltiples redes/direcciones IP de clientes." -#: ../../configuration/system/login.rst:248 -#: ../../configuration/system/login.rst:317 +#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:321 msgid "Multiple servers can be specified." msgstr "Se pueden especificar varios servidores." -#: ../../configuration/service/dns.rst:374 +#: ../../configuration/service/dns.rst:380 msgid "Multiple services can be used per interface. Just specify as many services per interface as you like!" msgstr "Se pueden utilizar múltiples servicios por interfaz. ¡Simplemente especifique tantos servicios por interfaz como desee!" -#: ../../configuration/firewall/ipv4.rst:494 +#: ../../configuration/firewall/ipv4.rst:517 #: ../../configuration/firewall/ipv6.rst:500 msgid "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" msgstr "Se pueden especificar varios puertos de origen como una lista separada por comas. La lista completa también se puede "negar" usando ``!``. Por ejemplo:" @@ -8487,22 +9253,22 @@ msgstr "Varios usuarios pueden conectarse al mismo dispositivo serie, pero solo msgid "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." msgstr "Las extensiones multiprotocolo permiten que BGP transporte información de enrutamiento para múltiples protocolos de capa de red. BGP admite un identificador de familia de direcciones (AFI) para IPv4 e IPv6." -#: ../../configuration/service/dhcp-server.rst:241 #: ../../configuration/service/dhcp-server.rst:247 -#: ../../configuration/service/dhcp-server.rst:252 -#: ../../configuration/service/dhcp-server.rst:272 -#: ../../configuration/service/dhcp-server.rst:287 -#: ../../configuration/service/dhcp-server.rst:292 -#: ../../configuration/service/dhcp-server.rst:297 -#: ../../configuration/service/dhcp-server.rst:302 -#: ../../configuration/service/dhcp-server.rst:307 -#: ../../configuration/service/dhcp-server.rst:327 -#: ../../configuration/service/dhcp-server.rst:332 -#: ../../configuration/service/dhcp-server.rst:337 +#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:293 +#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:308 +#: ../../configuration/service/dhcp-server.rst:313 +#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:338 +#: ../../configuration/service/dhcp-server.rst:343 msgid "N" msgstr "norte" -#: ../../configuration/highavailability/index.rst:363 +#: ../../configuration/highavailability/index.rst:373 #: ../../configuration/nat/index.rst:5 msgid "NAT" msgstr "NAT" @@ -8523,6 +9289,10 @@ msgstr "NAT64" msgid "NAT64 client configuration:" msgstr "NAT64 client configuration:" +#: ../../configuration/service/router-advert.rst:84 +msgid "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." +msgstr "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." + #: ../../configuration/nat/nat64.rst:44 msgid "NAT64 server configuration:" msgstr "NAT64 server configuration:" @@ -8587,7 +9357,15 @@ msgstr "NTP proporciona una advertencia de cualquier ajuste de segundo bisiesto msgid "Name Server" msgstr "Nombre del servidor" -#: ../../configuration/service/dhcp-server.rst:356 +#: ../../configuration/vpn/sstp.rst:84 +msgid "Name of installed certificate authority certificate." +msgstr "Name of installed certificate authority certificate." + +#: ../../configuration/vpn/sstp.rst:88 +msgid "Name of installed server certificate." +msgstr "Name of installed server certificate." + +#: ../../configuration/service/dhcp-server.rst:362 msgid "Name of static mapping" msgstr "Nombre del mapeo estático" @@ -8595,11 +9373,11 @@ msgstr "Nombre del mapeo estático" msgid "Name of the single table Only if set group-metrics single-table." msgstr "Nombre de la tabla única Solo si se establece una tabla única de métricas de grupo." -#: ../../configuration/service/dhcp-server.rst:296 +#: ../../configuration/service/dhcp-server.rst:302 msgid "Name or IPv4 address of TFTP server" msgstr "Nombre o dirección IPv4 del servidor TFTP" -#: ../../configuration/service/dhcp-server.rst:281 +#: ../../configuration/service/dhcp-server.rst:287 msgid "NetBIOS over TCP/IP name server" msgstr "Servidor de nombres NetBIOS sobre TCP/IP" @@ -8677,6 +9455,10 @@ msgstr "Estación de administración de red (NMS): software que se ejecuta en el msgid "Network news subsystem" msgstr "Subsistema de noticias de la red" +#: ../../configuration/service/ids.rst:87 +msgid "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" +msgstr "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" + #: ../../configuration/service/monitoring.rst:47 msgid "Networks allowed to query this server" msgstr "Redes permitidas para consultar este servidor" @@ -8693,11 +9475,11 @@ msgstr "Interfaz de siguiente salto para la ruta" msgid "Next it is necessary to configure 2FA for OpenConnect:" msgstr "A continuación es necesario configurar 2FA para OpenConnect:" -#: ../../configuration/policy/route-map.rst:279 +#: ../../configuration/policy/route-map.rst:282 msgid "Nexthop IP address." msgstr "Dirección IP de NextHop." -#: ../../configuration/policy/route-map.rst:298 +#: ../../configuration/policy/route-map.rst:301 msgid "Nexthop IPv6 address." msgstr "Dirección IPv6 del próximo salto." @@ -8705,6 +9487,18 @@ msgstr "Dirección IPv6 del próximo salto." msgid "Nexthop IPv6 address to match." msgstr "Dirección IPv6 de Nexthop para que coincida." +#: ../../configuration/system/ip.rst:47 +#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/vrf/index.rst:71 +msgid "Nexthop Tracking" +msgstr "Nexthop Tracking" + +#: ../../configuration/system/ip.rst:49 +#: ../../configuration/system/ipv6.rst:45 +#: ../../configuration/vrf/index.rst:73 +msgid "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." +msgstr "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." + #: ../../configuration/protocols/rpki.rst:59 msgid "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" msgstr "No existe ROA que cubra ese prefijo. Desafortunadamente, este es el caso de aproximadamente el 80% de los prefijos IPv4 que se anunciaron en :abbr:`DFZ (zona libre por defecto)` a principios de 2020." @@ -8713,7 +9507,7 @@ msgstr "No existe ROA que cubra ese prefijo. Desafortunadamente, este es el caso msgid "No VLAN tagging required by your ISP." msgstr "Su ISP no requiere etiquetado de VLAN." -#: ../../configuration/protocols/bgp.rst:707 +#: ../../configuration/protocols/bgp.rst:729 msgid "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." msgstr "Ninguna ruta se suprime indefinidamente. Maximum-suppress-time define el tiempo máximo que se puede suprimir una ruta antes de que se vuelva a anunciar." @@ -8753,7 +9547,7 @@ msgstr "Note: certificate names don't matter, we use 'openvpn-local' and 'openvp msgid "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." msgstr "Tenga en cuenta que la eliminación del archivo de registro no impide que el sistema registre eventos. Si usa este comando mientras el sistema está registrando eventos, los eventos de registro antiguos se eliminarán, pero los eventos posteriores a la operación de eliminación se registrarán en el archivo nuevo. Para eliminar el archivo por completo, primero elimine el registro en el archivo usando el comando system syslog :ref:`custom-file` y luego elimine el archivo." -#: ../../configuration/vpn/ipsec.rst:294 +#: ../../configuration/vpn/ipsec.rst:298 #: ../../configuration/vpn/rsa-keys.rst:35 msgid "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." msgstr "Tenga en cuenta el comando con la clave pública (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." @@ -8762,11 +9556,11 @@ msgstr "Tenga en cuenta el comando con la clave pública (set pki key-pair ipsec msgid "Notice" msgstr "Aviso" -#: ../../configuration/service/conntrack-sync.rst:194 +#: ../../configuration/service/conntrack-sync.rst:198 msgid "Now configure conntrack-sync service on ``router1`` **and** ``router2``" msgstr "Ahora configure el servicio conntrack-sync en ``router1`` **y** ``router2``" -#: ../../configuration/vpn/ipsec.rst:297 +#: ../../configuration/vpn/ipsec.rst:301 msgid "Now the noted public keys should be entered on the opposite routers." msgstr "Ahora las claves públicas anotadas deben ingresarse en los enrutadores opuestos." @@ -8786,7 +9580,7 @@ msgstr "Ahora al conectarse al usuario primero se le pedirá la contraseña y lu msgid "Now you are ready to setup IPsec. The key points:" msgstr "Ahora está listo para configurar IPsec. Los puntos clave:" -#: ../../configuration/vpn/ipsec.rst:311 +#: ../../configuration/vpn/ipsec.rst:315 msgid "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." msgstr "Ahora está listo para configurar IPsec. Deberá usar una identificación en lugar de una dirección para el compañero." @@ -8794,6 +9588,10 @@ msgstr "Ahora está listo para configurar IPsec. Deberá usar una identificació msgid "Number of antennas on this card" msgstr "Número de antenas en esta tarjeta" +#: ../../configuration/service/dns.rst:166 +msgid "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." +msgstr "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." + #: ../../configuration/system/syslog.rst:231 msgid "Number of lines to be displayed, default 10" msgstr "Número de lÃneas que se mostrarán, por defecto 10" @@ -8822,7 +9620,7 @@ msgstr "OSPFv2 (IPv4)" msgid "OSPFv3 (IPv6)" msgstr "OSPFv3 (IPv6)" -#: ../../configuration/system/login.rst:141 +#: ../../configuration/system/login.rst:145 msgid "OTP-key generation" msgstr "Generación de claves OTP" @@ -8830,7 +9628,7 @@ msgstr "Generación de claves OTP" msgid "Offloading" msgstr "Descarga" -#: ../../configuration/service/dhcp-server.rst:245 +#: ../../configuration/service/dhcp-server.rst:251 msgid "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" msgstr "Desplazamiento de la subred del cliente en segundos desde el tiempo universal coordinado (UTC)" @@ -8842,7 +9640,7 @@ msgstr "A menudo necesitamos integrar una polÃtica en otra. Es posible hacerlo msgid "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." msgstr "A menudo, también tendrá que configurar su tráfico *predeterminado* de la misma manera que lo hace con una clase. *Predeterminado* puede considerarse una clase ya que se comporta asÃ. Contiene todo el tráfico que no coincide con ninguna de las clases definidas, por lo que es como una clase abierta, una clase sin filtros coincidentes." -#: ../../configuration/service/conntrack-sync.rst:211 +#: ../../configuration/service/conntrack-sync.rst:215 msgid "On active router run:" msgstr "En el enrutador activo, ejecute:" @@ -8858,7 +9656,7 @@ msgstr "En velocidades bajas (por debajo de 40 Mbit), es posible que desee ajust msgid "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." msgstr "En la mayorÃa de los escenarios, no es necesario cambiar parámetros especÃficos y basta con usar la configuración predeterminada. Pero hay casos en los que se necesita una configuración adicional." -#: ../../configuration/service/conntrack-sync.rst:242 +#: ../../configuration/service/conntrack-sync.rst:246 msgid "On standby router run:" msgstr "En el enrutador en espera, ejecute:" @@ -8866,34 +9664,34 @@ msgstr "En el enrutador en espera, ejecute:" msgid "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." msgstr "En sistemas con múltiples enlaces ascendentes y rutas redundantes, es una buena idea usar una dirección dedicada para la gestión y los protocolos de enrutamiento dinámico. Sin embargo, asignar esa dirección a un enlace fÃsico es arriesgado: si ese enlace se cae, esa dirección se volverá inaccesible. Una solución común es asignar la dirección de administración a un bucle invertido o una interfaz ficticia y anunciar esa dirección a través de todos los enlaces fÃsicos, de modo que sea accesible a través de cualquiera de ellos. Dado que en los sistemas basados en Linux, solo puede haber una interfaz de bucle invertido, es mejor usar una interfaz ficticia para ese propósito, ya que se pueden agregar, eliminar y activar y desactivar de forma independiente." -#: ../../configuration/vpn/ipsec.rst:181 -#: ../../configuration/vpn/ipsec.rst:239 -#: ../../configuration/vpn/ipsec.rst:299 +#: ../../configuration/vpn/ipsec.rst:185 +#: ../../configuration/vpn/ipsec.rst:243 +#: ../../configuration/vpn/ipsec.rst:303 #: ../../configuration/vpn/rsa-keys.rst:40 msgid "On the LEFT:" msgstr "A la izquierda:" -#: ../../configuration/vpn/ipsec.rst:314 +#: ../../configuration/vpn/ipsec.rst:318 #: ../../configuration/vpn/rsa-keys.rst:59 msgid "On the LEFT (static address):" msgstr "A la IZQUIERDA (dirección estática):" -#: ../../configuration/vpn/ipsec.rst:221 +#: ../../configuration/vpn/ipsec.rst:225 msgid "On the RIGHT, setup by analogy and swap local and remote addresses." msgstr "A la DERECHA, configure por analogÃa e intercambie direcciones locales y remotas." -#: ../../configuration/vpn/ipsec.rst:250 -#: ../../configuration/vpn/ipsec.rst:305 +#: ../../configuration/vpn/ipsec.rst:254 +#: ../../configuration/vpn/ipsec.rst:309 #: ../../configuration/vpn/rsa-keys.rst:46 msgid "On the RIGHT:" msgstr "A la derecha:" -#: ../../configuration/vpn/ipsec.rst:339 +#: ../../configuration/vpn/ipsec.rst:343 #: ../../configuration/vpn/rsa-keys.rst:84 msgid "On the RIGHT (dynamic address):" msgstr "A la DERECHA (dirección dinámica):" -#: ../../configuration/service/conntrack-sync.rst:207 +#: ../../configuration/service/conntrack-sync.rst:211 msgid "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" msgstr "En el enrutador activo, debe tener información en el caché interno de conntrack-sync. El mismo número de conexiones activas actuales debe mostrarse en el caché externo del enrutador en espera" @@ -8921,7 +9719,7 @@ msgstr "Una vez que una clase tiene un filtro configurado, también tendrás que msgid "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." msgstr "Una vez que se ha encontrado un vecino, la entrada se considera válida al menos durante este tiempo especÃfico. La validez de una entrada se extenderá si recibe comentarios positivos de los protocolos de nivel superior." -#: ../../configuration/protocols/bgp.rst:702 +#: ../../configuration/protocols/bgp.rst:724 msgid "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." msgstr "Una vez que se impone una penalización a una ruta, la penalización se reduce a la mitad cada vez que transcurre una cantidad de tiempo predefinida (tiempo de vida media). Cuando las penalizaciones acumuladas caen por debajo de un umbral predefinido (valor de reutilización), la ruta se desactiva y se vuelve a agregar a la tabla de enrutamiento BGP." @@ -8957,6 +9755,10 @@ msgstr "Una vez que se establecen las reglas de coincidencia para una clase, pue msgid "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." msgstr "Una vez que el usuario está conectado, la sesión del usuario utiliza los lÃmites establecidos y se puede mostrar a través de 'mostrar sesiones del servidor pppoe'." +#: ../../configuration/service/pppoe-server.rst:285 +msgid "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." +msgstr "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." + #: ../../configuration/vpn/openconnect.rst:257 msgid "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." msgstr "Una vez que haya realizado los cambios anteriores, puede crear un archivo de configuración en el directorio /config/auth/ocserv/config-per-user que coincida con el nombre de usuario de un usuario que haya creado, por ejemplo, "tst". Ahora, al iniciar sesión con el usuario "tst", se cargarán las opciones de configuración que configuró en este archivo." @@ -8965,11 +9767,11 @@ msgstr "Una vez que haya realizado los cambios anteriores, puede crear un archiv msgid "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." msgstr "Una vez que tenga un dispositivo Ethernet conectado, es decir, `eth0`, puede configurarlo para abrir la sesión PPPoE para usted y su transceptor DSL (módem/enrutador) simplemente actúa para traducir sus mensajes de una manera que vDSL/aDSL entienda." -#: ../../configuration/vpn/sstp.rst:307 +#: ../../configuration/vpn/sstp.rst:478 msgid "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." msgstr "Una vez que haya configurado su servidor SSTP, llega el momento de realizar algunas pruebas básicas. El cliente de Linux utilizado para las pruebas se llama sstpc_. sstpc_ requiere un archivo de configuración/par de PPP." -#: ../../configuration/protocols/rpki.rst:183 +#: ../../configuration/protocols/rpki.rst:193 msgid "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." msgstr "Una vez que sus enrutadores estén configurados para rechazar prefijos no válidos para RPKI, puede probar si la configuración funciona correctamente utilizando la herramienta experimental `RIPE Labs RPKI Test`_." @@ -9001,7 +9803,7 @@ msgstr "Solo se admite VRRP. Opción requerida." msgid "Only allow certain IP addresses or prefixes to access the https webserver." msgstr "Only allow certain IP addresses or prefixes to access the https webserver." -#: ../../configuration/firewall/ipv4.rst:459 +#: ../../configuration/firewall/ipv4.rst:482 #: ../../configuration/firewall/ipv6.rst:466 msgid "Only in the source criteria, you can specify a mac-address." msgstr "Solo en los criterios de origen, puede especificar una dirección MAC." @@ -9022,7 +9824,7 @@ msgstr "Solo solicite una dirección del servidor PPPoE pero no instale ninguna msgid "Only request an address from the SSTP server but do not install any default route." msgstr "Solo solicite una dirección del servidor SSTP pero no instale ninguna ruta predeterminada." -#: ../../configuration/system/login.rst:51 +#: ../../configuration/system/login.rst:55 msgid "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." msgstr "Solo se utiliza el tipo (``ssh-rsa``) y la clave (``AAAB3N...``). Tenga en cuenta que la clave generalmente tendrá varios cientos de caracteres y deberá copiarla y pegarla. Algunos emuladores de terminal pueden dividir esto accidentalmente en varias lÃneas. Ojo cuando lo pegues que solo pega como una sola lÃnea. La tercera parte es simplemente un identificador y es para su propia referencia." @@ -9030,7 +9832,7 @@ msgstr "Solo se utiliza el tipo (``ssh-rsa``) y la clave (``AAAB3N...``). Tenga msgid "Only works with a VXLAN device with external flag set." msgstr "Only works with a VXLAN device with external flag set." -#: ../../configuration/highavailability/index.rst:457 +#: ../../configuration/highavailability/index.rst:467 msgid "Op-mode check virtual-server status" msgstr "Comprobar el estado del servidor virtual en modo operativo" @@ -9055,7 +9857,7 @@ msgid "OpenConnect supports a subset of it's configuration options to be applied msgstr "OpenConnect admite un subconjunto de sus opciones de configuración que se aplicarán por usuario/grupo, para fines de configuración nos referimos a esta funcionalidad como "Configuración basada en identidad". El siguiente `Manual del servidor OpenConnect <https://ocserv.gitlab.io/www/manual.html#:~:text=Configuration%20files%20that% 20will%20be%20applied%20per%20user%20connection%20or%0A%23%20per%20group> `_ describe el conjunto de opciones de configuración que están permitidas. Esto se puede aprovechar para aplicar diferentes conjuntos de configuraciones a diferentes usuarios o grupos de usuarios." #: ../../configuration/interfaces/openvpn.rst:7 -#: ../../configuration/pki/index.rst:117 +#: ../../configuration/pki/index.rst:119 msgid "OpenVPN" msgstr "OpenVPN" @@ -9105,23 +9907,23 @@ msgstr "Modos de funcionamiento" #: ../../configuration/interfaces/virtual-ethernet.rst:55 #: ../../configuration/interfaces/wireless.rst:416 #: ../../configuration/interfaces/wwan.rst:79 -#: ../../configuration/pki/index.rst:290 +#: ../../configuration/pki/index.rst:321 #: ../../configuration/protocols/igmp-proxy.rst:73 -#: ../../configuration/protocols/static.rst:183 -#: ../../configuration/service/conntrack-sync.rst:103 +#: ../../configuration/protocols/static.rst:216 +#: ../../configuration/service/conntrack-sync.rst:107 #: ../../configuration/service/console-server.rst:76 #: ../../configuration/service/dhcp-relay.rst:124 #: ../../configuration/service/dhcp-relay.rst:201 -#: ../../configuration/service/dns.rst:195 +#: ../../configuration/service/dns.rst:182 #: ../../configuration/service/lldp.rst:71 #: ../../configuration/service/mdns.rst:79 #: ../../configuration/service/ssh.rst:145 #: ../../configuration/service/webproxy.rst:330 #: ../../configuration/system/default-route.rst:25 #: ../../configuration/system/flow-accounting.rst:175 -#: ../../configuration/vrf/index.rst:111 -#: ../../configuration/vrf/index.rst:323 -#: ../../configuration/vrf/index.rst:503 +#: ../../configuration/vrf/index.rst:130 +#: ../../configuration/vrf/index.rst:342 +#: ../../configuration/vrf/index.rst:522 msgid "Operation" msgstr "Operación" @@ -9131,17 +9933,17 @@ msgid "Operation-mode" msgstr "Operation-mode" #: ../../configuration/firewall/bridge.rst:284 -#: ../../configuration/firewall/ipv4.rst:954 +#: ../../configuration/firewall/ipv4.rst:977 #: ../../configuration/firewall/ipv6.rst:962 msgid "Operation-mode Firewall" msgstr "Cortafuegos en modo operativo" -#: ../../configuration/container/index.rst:143 +#: ../../configuration/container/index.rst:179 msgid "Operation Commands" msgstr "Comandos de operación" -#: ../../configuration/service/dhcp-server.rst:412 -#: ../../configuration/service/dhcp-server.rst:664 +#: ../../configuration/service/dhcp-server.rst:418 +#: ../../configuration/service/dhcp-server.rst:672 #: ../../configuration/system/acceleration.rst:42 msgid "Operation Mode" msgstr "Modo de operación" @@ -9151,12 +9953,12 @@ msgid "Operation mode of wireless radio." msgstr "Modo de funcionamiento de la radio inalámbrica." #: ../../configuration/interfaces/wireguard.rst:338 -#: ../../configuration/protocols/bfd.rst:94 -#: ../../configuration/protocols/bfd.rst:175 +#: ../../configuration/protocols/bfd.rst:101 +#: ../../configuration/protocols/bfd.rst:182 msgid "Operational Commands" msgstr "Comandos operativos" -#: ../../configuration/protocols/bgp.rst:950 +#: ../../configuration/protocols/bgp.rst:972 #: ../../configuration/protocols/mpls.rst:218 #: ../../configuration/protocols/ospf.rst:609 #: ../../configuration/protocols/ospf.rst:1268 @@ -9164,8 +9966,8 @@ msgstr "Comandos operativos" msgid "Operational Mode Commands" msgstr "Comandos de modo operativo" -#: ../../configuration/system/ip.rst:47 -#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/system/ip.rst:60 +#: ../../configuration/system/ipv6.rst:56 msgid "Operational commands" msgstr "Comandos operativos" @@ -9177,11 +9979,11 @@ msgstr "Opción" msgid "Option 43 for UniFI" msgstr "Opción 43 para UniFI" -#: ../../configuration/service/dhcp-server.rst:234 +#: ../../configuration/service/dhcp-server.rst:240 msgid "Option description" msgstr "Descripción de la opción" -#: ../../configuration/service/dhcp-server.rst:232 +#: ../../configuration/service/dhcp-server.rst:238 msgid "Option number" msgstr "Número de opción" @@ -9211,7 +10013,7 @@ msgstr "Opcional" msgid "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." msgstr "Opcional, si desea habilitar las cargas, de lo contrario, el servidor TFTP actuará como un servidor de solo lectura." -#: ../../configuration/system/login.rst:107 +#: ../../configuration/system/login.rst:111 msgid "Optional/default settings" msgstr "Configuraciones opcionales/predeterminadas" @@ -9231,12 +10033,11 @@ msgstr "Opcionalmente, establezca una dirección IPv4 o IPv6 estática especÃfi #: ../../configuration/interfaces/openvpn.rst:631 #: ../../configuration/service/dhcp-relay.rst:53 #: ../../configuration/service/dhcp-relay.rst:160 -#: ../../configuration/service/dhcp-server.rst:224 -#: ../../configuration/vpn/sstp.rst:230 +#: ../../configuration/service/dhcp-server.rst:230 msgid "Options" msgstr "Opciones" -#: ../../configuration/vpn/ipsec.rst:159 +#: ../../configuration/vpn/ipsec.rst:162 msgid "Options (Global IPsec settings) Attributes" msgstr "Opciones (Configuración IPsec global) Atributos" @@ -9256,7 +10057,7 @@ msgstr "O prefijos **binarios**." msgid "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." msgstr "Genere un LSA AS-Externo (tipo 5) que describa una ruta predeterminada en todas las áreas con capacidad de enrutamiento externo, de la métrica y el tipo de métrica especificados. Si se proporciona la palabra clave :cfgcmd:`always`, siempre se anuncia el valor predeterminado, incluso cuando no hay un valor predeterminado presente en la tabla de enrutamiento. El argumento :cfgcmd:`route-map` especifica anunciar la ruta predeterminada si se cumple el mapa de ruta." -#: ../../configuration/service/pppoe-server.rst:238 +#: ../../configuration/service/pppoe-server.rst:312 msgid "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." msgstr "Se pueden usar otros atributos, pero deben estar en uno de los diccionarios en */usr/share/accel-ppp/radius*." @@ -9325,15 +10126,15 @@ msgstr "Resumen de grupos definidos. Verá el tipo, los miembros y dónde se usa msgid "PBR multiple uplinks" msgstr "Enlaces ascendentes múltiples PBR" -#: ../../configuration/vrf/index.rst:244 +#: ../../configuration/vrf/index.rst:263 msgid "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" msgstr "PC1 está en el VRF ``predeterminado`` y actúa como, por ejemplo, un "servidor de archivos"" -#: ../../configuration/vrf/index.rst:245 +#: ../../configuration/vrf/index.rst:264 msgid "PC2 is in VRF ``blue`` which is the development department" msgstr "PC2 está en VRF ``azul`` que es el departamento de desarrollo" -#: ../../configuration/vrf/index.rst:246 +#: ../../configuration/vrf/index.rst:265 msgid "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." msgstr "PC3 y PC4 están conectados a un dispositivo puente en el enrutador ``R1`` que está en VRF ``rojo``. Digamos que este es el departamento de recursos humanos." @@ -9369,7 +10170,7 @@ msgstr "PIM – Protocol Independent Multicast" msgid "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." msgstr "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." -#: ../../configuration/pki/index.rst:7 +#: ../../configuration/pki/index.rst:9 msgid "PKI" msgstr "PKI" @@ -9377,7 +10178,14 @@ msgstr "PKI" msgid "PPDU" msgstr "PPDU" -#: ../../configuration/vpn/sstp.rst:174 +#: ../../configuration/service/pppoe-server.rst:453 +#: ../../configuration/vpn/l2tp.rst:407 +#: ../../configuration/vpn/pptp.rst:331 +#: ../../configuration/vpn/sstp.rst:365 +msgid "PPP Advanced Options" +msgstr "PPP Advanced Options" + +#: ../../configuration/vpn/sstp.rst:180 msgid "PPP Settings" msgstr "Configuración de APP" @@ -9393,7 +10201,7 @@ msgstr "Servidor PPPoE" msgid "PPPoE options" msgstr "Opciones de PPPoE" -#: ../../configuration/vpn/pptp.rst:4 +#: ../../configuration/vpn/pptp.rst:5 msgid "PPTP-Server" msgstr "Servidor PPTP" @@ -9409,11 +10217,11 @@ msgstr "Es posible que las redes particularmente grandes deseen ejecutar su prop msgid "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." msgstr "Ruta `<cost> ` valor para el protocolo de árbol de expansión. Cada interfaz en un puente podrÃa tener una velocidad diferente y este valor se usa para decidir qué enlace usar. Las interfaces más rápidas deberÃan tener costos más bajos." -#: ../../configuration/vpn/sstp.rst:166 +#: ../../configuration/vpn/sstp.rst:172 msgid "Path to `<file>` pointing to the certificate authority certificate." msgstr "Ruta a `<file> ` apuntando al certificado de la autoridad certificadora." -#: ../../configuration/vpn/sstp.rst:170 +#: ../../configuration/vpn/sstp.rst:176 msgid "Path to `<file>` pointing to the servers certificate (public portion)." msgstr "Ruta a `<file> ` apuntando al certificado del servidor (parte pública)." @@ -9457,11 +10265,11 @@ msgstr "Por defecto, VyOSs tiene habilitado un registro de syslog mÃnimo que se msgid "Per default every packet is sampled (that is, the sampling rate is 1)." msgstr "De forma predeterminada, se muestrean todos los paquetes (es decir, la tasa de muestreo es 1)." -#: ../../configuration/service/pppoe-server.rst:323 +#: ../../configuration/service/pppoe-server.rst:556 msgid "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." msgstr "De manera predeterminada, la sesión de usuario se reemplaza si una segunda solicitud de autenticación tiene éxito. Dichas solicitudes de sesión se pueden denegar o permitir por completo, lo que permitirÃa múltiples sesiones para un usuario en el último caso. Si se deniega, la segunda sesión se rechaza incluso si la autenticación tiene éxito, el usuario debe finalizar su primera sesión y luego puede volver a autenticarse." -#: ../../configuration/system/option.rst:78 +#: ../../configuration/system/option.rst:108 msgid "Performance" msgstr "Rendimiento" @@ -9469,11 +10277,11 @@ msgstr "Rendimiento" msgid "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." msgstr "Periódicamente, el puente raÃz y los puentes designados envÃan un paquete de saludo. Los paquetes de saludo se utilizan para comunicar información sobre la topologÃa en toda la red de área local con puente." -#: ../../configuration/vrf/index.rst:197 +#: ../../configuration/vrf/index.rst:216 msgid "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." msgstr "El comando ping se puede interrumpir en cualquier momento usando ``<Ctrl> +c``. A continuación se muestra una breve estadÃstica." -#: ../../configuration/vrf/index.rst:183 +#: ../../configuration/vrf/index.rst:202 msgid "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." msgstr "Ping utiliza el datagrama ECHO_REQUEST obligatorio del protocolo ICMP para obtener un ICMP ECHO_RESPONSE de un host o puerta de enlace. Los datagramas ECHO_REQUEST (pings) tendrán un encabezado IP e ICMP, seguido de "struct timeval" y un número arbitrario de bytes de relleno utilizados para completar el paquete." @@ -9497,7 +10305,7 @@ msgstr "Please, refer to appropiate section for more information about firewall msgid "Please, refer to appropriate section for more information about firewall configuration:" msgstr "Please, refer to appropriate section for more information about firewall configuration:" -#: ../../configuration/service/ipoe-server.rst:23 +#: ../../configuration/service/ipoe-server.rst:21 msgid "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." msgstr "Tenga en cuenta que, debido a un error ascendente, los cambios/confirmaciones de configuración reiniciarán el demonio ppp y restablecerán las sesiones IPoE existentes para que entren en vigencia." @@ -9513,7 +10321,7 @@ msgstr "Consulte la documentación de :ref:`ipsec` para ver las opciones individ msgid "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." msgstr "Consulte la documentación de :ref:`tunnel-interface` para conocer las opciones individuales relacionadas con los túneles." -#: ../../configuration/service/dhcp-server.rst:364 +#: ../../configuration/service/dhcp-server.rst:370 msgid "Please see the :ref:`dhcp-dns-quick-start` configuration." msgstr "Consulte la configuración de :ref:`dhcp-dns-quick-start`." @@ -9571,7 +10379,11 @@ msgstr "Grupos de puertos" msgid "Port Mirror (SPAN)" msgstr "Espejo de puerto (SPAN)" -#: ../../configuration/vpn/sstp.rst:242 +#: ../../configuration/service/ipoe-server.rst:182 +#: ../../configuration/service/pppoe-server.rst:144 +#: ../../configuration/vpn/l2tp.rst:187 +#: ../../configuration/vpn/pptp.rst:127 +#: ../../configuration/vpn/sstp.rst:160 msgid "Port for Dynamic Authorization Extension server (DM/CoA)" msgstr "Puerto para servidor de extensión de autorización dinámica (DM/CoA)" @@ -9656,7 +10468,7 @@ msgstr "Preferencia asociada con el enrutador predeterminado" msgid "Prefix Conversion" msgstr "Conversión de prefijo" -#: ../../configuration/service/dhcp-server.rst:564 +#: ../../configuration/service/dhcp-server.rst:570 msgid "Prefix Delegation" msgstr "Prefijo Delegación" @@ -9696,11 +10508,11 @@ msgstr "Prefijo para emparejar contra." msgid "Prefixes" msgstr "prefijos" -#: ../../configuration/policy/route-map.rst:212 +#: ../../configuration/policy/route-map.rst:215 msgid "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." msgstr "Anteponga el último número de AS existente (el ASN más a la izquierda) a AS_PATH." -#: ../../configuration/policy/route-map.rst:207 +#: ../../configuration/policy/route-map.rst:210 msgid "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." msgstr "Anteponga la cadena dada de números AS al AS_PATH del NLRI de la ruta BGP." @@ -9708,11 +10520,11 @@ msgstr "Anteponga la cadena dada de números AS al AS_PATH del NLRI de la ruta B msgid "Principle of SNMP Communication" msgstr "Principio de comunicación SNMP" -#: ../../configuration/vrf/index.rst:532 +#: ../../configuration/vrf/index.rst:551 msgid "Print a summary of neighbor connections for the specified AFI/SAFI combination." msgstr "Imprima un resumen de las conexiones vecinas para la combinación AFI/SAFI especificada." -#: ../../configuration/vrf/index.rst:511 +#: ../../configuration/vrf/index.rst:530 msgid "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." msgstr "Imprime rutas IPV4 o IPV6 activas anunciadas a través de VPN SAFI." @@ -9733,6 +10545,10 @@ msgstr "Priority Queue, como otras polÃticas sin configuración, solo es útil msgid "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." msgstr "Arp de proxy de VLAN privada. Básicamente, permita que el proxy arp responda a la misma interfaz (desde la cual se recibió la solicitud/solicitud de ARP)." +#: ../../configuration/vpn/ipsec.rst:544 +msgid "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." +msgstr "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." + #: ../../configuration/service/monitoring.rst:38 msgid "Prometheus-client" msgstr "Prometheus-cliente" @@ -9841,7 +10657,7 @@ msgstr "Opciones de pseudo Ethernet/MACVLAN" msgid "Publish a port for the container." msgstr "Publique un puerto para el contenedor." -#: ../../configuration/container/index.rst:147 +#: ../../configuration/container/index.rst:183 msgid "Pull a new image for container" msgstr "Obtener una nueva imagen para el contenedor" @@ -9875,7 +10691,7 @@ msgstr "R1:" msgid "R1 has 192.0.2.1/24 & 2001:db8::1/64" msgstr "R1 tiene 192.0.2.1/24 y 2001:db8::1/64" -#: ../../configuration/vrf/index.rst:248 +#: ../../configuration/vrf/index.rst:267 msgid "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" msgstr "R1 se administra a través de una red fuera de banda que reside en VRF ``mgmt``" @@ -9887,12 +10703,11 @@ msgstr "R2:" msgid "R2 has 192.0.2.2/24 & 2001:db8::2/64" msgstr "R2 tiene 192.0.2.2/24 y 2001:db8::2/64" -#: ../../configuration/system/login.rst:234 -#: ../../configuration/vpn/sstp.rst:207 +#: ../../configuration/system/login.rst:238 msgid "RADIUS" msgstr "Radio" -#: ../../configuration/service/ipoe-server.rst:111 +#: ../../configuration/service/ipoe-server.rst:112 msgid "RADIUS Setup" msgstr "Configuración de RADIO" @@ -9900,6 +10715,14 @@ msgstr "Configuración de RADIO" msgid "RADIUS advanced features" msgstr "Funciones avanzadas de RADIUS" +#: ../../configuration/service/ipoe-server.rst:158 +#: ../../configuration/service/pppoe-server.rst:120 +#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/vpn/pptp.rst:103 +#: ../../configuration/vpn/sstp.rst:136 +msgid "RADIUS advanced options" +msgstr "RADIUS advanced options" + #: ../../configuration/vpn/l2tp.rst:139 msgid "RADIUS authentication" msgstr "autenticación RADIUS" @@ -9916,11 +10739,15 @@ msgstr "RADIUS proporciona las direcciones IP del ejemplo anterior a través de msgid "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" msgstr "Servidor RADIUS en ``192.168.3.10`` con secreto compartido ``VyOSPassword``" -#: ../../configuration/system/login.rst:266 +#: ../../configuration/system/login.rst:270 msgid "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." msgstr "Los servidores RADIUS podrÃan fortalecerse al permitir que solo se conecten ciertas direcciones IP. A partir de esto, se puede configurar la dirección de origen de cada consulta RADIUS." -#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/service/ipoe-server.rst:144 +#: ../../configuration/service/pppoe-server.rst:106 +#: ../../configuration/vpn/l2tp.rst:149 +#: ../../configuration/vpn/pptp.rst:89 +#: ../../configuration/vpn/sstp.rst:122 msgid "RADIUS source address" msgstr "dirección de origen RADIUS" @@ -9928,7 +10755,7 @@ msgstr "dirección de origen RADIUS" msgid "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." msgstr "RFC 3768 define una dirección MAC virtual para cada enrutador virtual VRRP. Esta dirección MAC del enrutador virtual se utilizará como fuente en todos los mensajes VRRP periódicos enviados por el nodo activo. Cuando se establece la opción de compatibilidad con rfc3768, se crea una nueva interfaz VRRP, a la que se asignan automáticamente la dirección MAC y la dirección IP virtual." -#: ../../configuration/service/dhcp-server.rst:256 +#: ../../configuration/service/dhcp-server.rst:262 msgid "RFC 868 time server IPv4 address" msgstr "Dirección IPv4 del servidor horario RFC 868" @@ -9970,8 +10797,8 @@ msgstr "Random-Detect podrÃa ser útil para el tráfico pesado. Un uso de este #: ../../configuration/protocols/static.rst:37 #: ../../configuration/protocols/static.rst:57 -#: ../../configuration/protocols/static.rst:84 -#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:107 +#: ../../configuration/protocols/static.rst:127 msgid "Range is 1 to 255, default is 1." msgstr "El rango es de 1 a 255, el valor predeterminado es 1." @@ -10016,15 +10843,15 @@ msgstr "Se volvió a generar la porción de clave pública/privada que SSH usa p msgid "Reachable Time" msgstr "Tiempo alcanzable" -#: ../../configuration/highavailability/index.rst:388 +#: ../../configuration/highavailability/index.rst:398 msgid "Real server" msgstr "servidor real" -#: ../../configuration/highavailability/index.rst:389 +#: ../../configuration/highavailability/index.rst:399 msgid "Real server IP address and port" msgstr "Puerto y dirección IP del servidor real" -#: ../../configuration/highavailability/index.rst:404 +#: ../../configuration/highavailability/index.rst:414 msgid "Real server is auto-excluded if port check with this server fail." msgstr "El servidor real se excluye automáticamente si falla la verificación del puerto con este servidor." @@ -10032,7 +10859,11 @@ msgstr "El servidor real se excluye automáticamente si falla la verificación d msgid "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." msgstr "Recibir tráfico de conexiones creadas por el servidor también está equilibrado. Cuando el sistema local envÃa una solicitud de ARP, el controlador de vinculación copia y guarda la información de IP del par del paquete ARP. Cuando llega la respuesta ARP del par, se recupera su dirección de hardware y el controlador de enlace inicia una respuesta ARP para este par asignándola a uno de los esclavos en el enlace. Un resultado problemático de usar la negociación ARP para equilibrar es que cada vez que se transmite una solicitud ARP, se usa la dirección de hardware del enlace. Por lo tanto, los pares aprenden la dirección de hardware del enlace y el equilibrio del tráfico de recepción colapsa al esclavo actual. Esto se maneja mediante el envÃo de actualizaciones (Respuestas ARP) a todos los pares con su dirección de hardware asignada individualmente, de modo que el tráfico se redistribuya. El tráfico de recepción también se redistribuye cuando se agrega un nuevo esclavo al enlace y cuando se reactiva un esclavo inactivo. La carga de recepción se distribuye secuencialmente (todo el mundo) entre el grupo de esclavos de mayor velocidad en el enlace." -#: ../../configuration/vpn/l2tp.rst:205 +#: ../../configuration/service/ipoe-server.rst:227 +#: ../../configuration/service/pppoe-server.rst:189 +#: ../../configuration/vpn/l2tp.rst:232 +#: ../../configuration/vpn/pptp.rst:172 +#: ../../configuration/vpn/sstp.rst:205 msgid "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." msgstr "Los atributos de RADIUS recibidos tienen una prioridad más alta que los parámetros definidos en la configuración de la CLI; consulte la explicación a continuación." @@ -10068,7 +10899,7 @@ msgstr "Configuración de redistribución" msgid "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." msgstr "Redundancia y carga compartida. Hay varios dispositivos NAT66 en el borde de una red IPv6 a otra red IPv6. La ruta a través del dispositivo NAT66 a otra red IPv6 forma una ruta equivalente y el tráfico se puede compartir en carga en estos dispositivos NAT66. En este caso, puede configurar las mismas reglas de traducción de direcciones de origen en estos dispositivos NAT66, de modo que cualquier dispositivo NAT66 pueda manejar el tráfico IPv6 entre diferentes sitios." -#: ../../configuration/service/dns.rst:278 +#: ../../configuration/service/dns.rst:262 msgid "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" msgstr "Registre el registro DNS ``example.vyos.io`` en el servidor DNS ``ns1.vyos.io``" @@ -10159,7 +10990,10 @@ msgstr "Puerto remoto" msgid "Remote transmission interval will be multiplied by this value" msgstr "El intervalo de transmisión remota se multiplicará por este valor" -#: ../../configuration/vpn/l2tp.rst:216 +#: ../../configuration/service/pppoe-server.rst:217 +#: ../../configuration/vpn/l2tp.rst:260 +#: ../../configuration/vpn/pptp.rst:200 +#: ../../configuration/vpn/sstp.rst:233 msgid "Renaming clients interfaces by RADIUS" msgstr "Cambio de nombre de las interfaces de los clientes por RADIUS" @@ -10179,7 +11013,10 @@ msgstr "Solicite solo una dirección temporal y no forme una asociación IA_NA ( msgid "Requests are forwarded through ``eth2`` as the `upstream interface`" msgstr "Las solicitudes se reenvÃan a través de ``eth2`` como la `interfaz ascendente`" -#: ../../configuration/vpn/sstp.rst:95 +#: ../../configuration/service/pppoe-server.rst:442 +#: ../../configuration/vpn/l2tp.rst:396 +#: ../../configuration/vpn/pptp.rst:320 +#: ../../configuration/vpn/sstp.rst:354 msgid "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." msgstr "Requiera que el par se autentique usando uno de los siguientes protocolos: pap, chap, mschap, mschap-v2." @@ -10191,12 +11028,12 @@ msgstr "Requisitos" msgid "Requirements:" msgstr "Requisitos:" -#: ../../configuration/firewall/ipv4.rst:926 +#: ../../configuration/firewall/ipv4.rst:949 #: ../../configuration/firewall/ipv6.rst:935 msgid "Requirements to enable synproxy:" msgstr "Requirements to enable synproxy:" -#: ../../configuration/protocols/bgp.rst:1064 +#: ../../configuration/protocols/bgp.rst:1086 #: ../../configuration/protocols/mpls.rst:248 msgid "Reset" msgstr "Reiniciar" @@ -10205,11 +11042,11 @@ msgstr "Reiniciar" msgid "Reset OpenVPN" msgstr "Restablecer OpenVPN" -#: ../../configuration/system/ipv6.rst:150 +#: ../../configuration/system/ipv6.rst:163 msgid "Reset commands" msgstr "Restablecer comandos" -#: ../../configuration/service/dns.rst:199 +#: ../../configuration/service/dns.rst:186 msgid "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." msgstr "Restablece la base de datos de caché de reenvÃo de DNS local. Puede restablecer la memoria caché para todas las entradas o solo para las entradas de un dominio especÃfico." @@ -10225,7 +11062,7 @@ msgstr "Reinicie el servicio de retransmisión DHCP" msgid "Restart DHCPv6 relay agent immediately." msgstr "Reinicie el agente de retransmisión DHCPv6 inmediatamente." -#: ../../configuration/container/index.rst:167 +#: ../../configuration/container/index.rst:203 msgid "Restart a given container" msgstr "Reiniciar un contenedor dado" @@ -10233,7 +11070,7 @@ msgstr "Reiniciar un contenedor dado" msgid "Restart mDNS repeater service." msgstr "Restart mDNS repeater service." -#: ../../configuration/service/dhcp-server.rst:428 +#: ../../configuration/service/dhcp-server.rst:434 msgid "Restart the DHCP server" msgstr "Reinicie el servidor DHCP" @@ -10245,7 +11082,7 @@ msgstr "Reinicie el proceso de proxy IGMP." msgid "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." msgstr "Reinicie el proceso del demonio SSH, la sesión actual no se ve afectada, solo se reinicia el demonio en segundo plano." -#: ../../configuration/service/dns.rst:204 +#: ../../configuration/service/dns.rst:191 msgid "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." msgstr "Reinicia el proceso de recurso de DNS. Esto también invalida el caché de reenvÃo de DNS local." @@ -10263,11 +11100,11 @@ msgstr "Resultados en:" msgid "Retransmit Timer" msgstr "Temporizador de retransmisión" -#: ../../configuration/service/conntrack-sync.rst:140 +#: ../../configuration/service/conntrack-sync.rst:144 msgid "Retrieve current statistics of connection tracking subsystem." msgstr "Recuperar estadÃsticas actuales del subsistema de seguimiento de conexiones." -#: ../../configuration/service/conntrack-sync.rst:173 +#: ../../configuration/service/conntrack-sync.rst:177 msgid "Retrieve current status of connection tracking subsystem." msgstr "Recuperar el estado actual del subsistema de seguimiento de conexiones." @@ -10287,15 +11124,15 @@ msgstr "ronda robin" msgid "Route Aggregation Configuration" msgstr "Configuración de agregación de rutas" -#: ../../configuration/protocols/bgp.rst:682 +#: ../../configuration/protocols/bgp.rst:704 msgid "Route Dampening" msgstr "Amortiguación de ruta" -#: ../../configuration/protocols/bgp.rst:1189 +#: ../../configuration/protocols/bgp.rst:1211 msgid "Route Filtering" msgstr "Filtrado de rutas" -#: ../../configuration/protocols/bgp.rst:818 +#: ../../configuration/protocols/bgp.rst:840 msgid "Route Filtering Configuration" msgstr "Configuración de filtrado de rutas" @@ -10311,7 +11148,7 @@ msgstr "PolÃtica de mapa de ruta" msgid "Route Redistribution" msgstr "Redistribución de rutas" -#: ../../configuration/protocols/bgp.rst:904 +#: ../../configuration/protocols/bgp.rst:926 msgid "Route Reflector Configuration" msgstr "Configuración del reflector de ruta" @@ -10319,7 +11156,7 @@ msgstr "Configuración del reflector de ruta" msgid "Route Selection" msgstr "Selección de ruta" -#: ../../configuration/protocols/bgp.rst:737 +#: ../../configuration/protocols/bgp.rst:759 msgid "Route Selection Configuration" msgstr "Configuración de selección de ruta" @@ -10327,11 +11164,11 @@ msgstr "Configuración de selección de ruta" msgid "Route and Route6 Policy" msgstr "PolÃtica de rutas y rutas6" -#: ../../configuration/protocols/bgp.rst:690 +#: ../../configuration/protocols/bgp.rst:712 msgid "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." msgstr "La amortiguación de ruta que se describe en :rfc:`2439` le permite identificar rutas que fallan y regresan repetidamente. Si la amortiguación de ruta está habilitada, una ruta inestable acumula penalizaciones cada vez que la ruta falla y regresa. Si las penalizaciones acumuladas superan un umbral, la ruta ya no se anuncia. Esta es la supresión de ruta. Las rutas que han sido suprimidas se vuelven a ingresar en la tabla de enrutamiento solo cuando el monto de su penalización cae por debajo de un umbral." -#: ../../configuration/protocols/bgp.rst:1191 +#: ../../configuration/protocols/bgp.rst:1213 msgid "Route filter can be applied using a route-map:" msgstr "El filtro de ruta se puede aplicar usando un mapa de ruta:" @@ -10363,7 +11200,7 @@ msgstr "Vida útil del enrutador" msgid "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." msgstr "El enrutador recibe solicitudes de clientes DHCP en ``eth1`` y las retransmite al servidor en 10.0.1.4 en ``eth2``." -#: ../../configuration/vrf/index.rst:425 +#: ../../configuration/vrf/index.rst:444 msgid "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" msgstr "Las rutas exportadas desde un VRF de unidifusión a la VPN RIB deben aumentarse con dos parámetros:" @@ -10375,7 +11212,7 @@ msgstr "Rutas en el Nodo 2:" msgid "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." msgstr "Las rutas que se envÃan desde el proveedor, rs-server o el rol local del par (o si las recibe el cliente, rs-client o el rol local del par) se marcarán con un nuevo atributo Solo para el cliente (OTC)." -#: ../../configuration/protocols/bgp.rst:662 +#: ../../configuration/protocols/bgp.rst:684 #: ../../configuration/protocols/ospf.rst:92 #: ../../configuration/protocols/rip.rst:64 #: ../../configuration/protocols/static.rst:39 @@ -10391,7 +11228,7 @@ msgstr "Las rutas con este atributo solo se pueden enviar a su vecino si su func msgid "Routine" msgstr "Rutina" -#: ../../configuration/vrf/index.rst:82 +#: ../../configuration/vrf/index.rst:101 msgid "Routing" msgstr "Enrutamiento" @@ -10404,7 +11241,7 @@ msgid "Rule-Sets" msgstr "Conjuntos de reglas" #: ../../configuration/firewall/bridge.rst:287 -#: ../../configuration/firewall/ipv4.rst:957 +#: ../../configuration/firewall/ipv4.rst:980 #: ../../configuration/firewall/ipv6.rst:965 msgid "Rule-set overview" msgstr "Descripción general del conjunto de reglas" @@ -10447,7 +11284,7 @@ msgstr "Las reglas permiten controlar y enrutar el tráfico entrante a un backen msgid "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." msgstr "Se crearán reglas para :ref:`source-nat` y :ref:`destination-nat`." -#: ../../configuration/service/dns.rst:391 +#: ../../configuration/service/dns.rst:399 msgid "Running Behind NAT" msgstr "Correr detrás de NAT" @@ -10511,7 +11348,7 @@ msgstr "SNMPv3 (versión 3 del protocolo SNMP) introdujo una gran cantidad de nu msgid "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." msgstr "La duplicación del puerto SPAN puede copiar el tráfico entrante/saliente de la interfaz a la interfaz especificada; normalmente la interfaz se puede conectar a algún equipo especial, como un sistema de control de comportamiento, un sistema de detección de intrusiones y un recolector de tráfico, y puede copiar todo el tráfico relacionado desde este puerto. El beneficio de duplicar el tráfico es que la aplicación está aislada del tráfico de origen y, por lo tanto, el procesamiento de la aplicación no afecta el tráfico ni el rendimiento del sistema." -#: ../../configuration/protocols/rpki.rst:127 +#: ../../configuration/protocols/rpki.rst:141 #: ../../configuration/service/ssh.rst:5 msgid "SSH" msgstr "SSH" @@ -10520,11 +11357,11 @@ msgstr "SSH" msgid "SSH :ref:`ssh_key_based_authentication`" msgstr "SSH :ref:`ssh_key_based_authentication`" -#: ../../configuration/system/login.rst:57 +#: ../../configuration/system/login.rst:61 msgid "SSH :ref:`ssh_operation`" msgstr "SSH :ref:`operación_ssh`" -#: ../../configuration/system/option.rst:44 +#: ../../configuration/system/option.rst:74 msgid "SSH client" msgstr "cliente SSH" @@ -10532,7 +11369,7 @@ msgstr "cliente SSH" msgid "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." msgstr "SSH proporciona un canal seguro a través de una red no segura en una arquitectura cliente-servidor, conectando una aplicación de cliente SSH con un servidor SSH. Las aplicaciones comunes incluyen inicio de sesión de lÃnea de comandos remotos y ejecución de comandos remotos, pero cualquier servicio de red puede protegerse con SSH. La especificación del protocolo distingue entre dos versiones principales, denominadas SSH-1 y SSH-2." -#: ../../configuration/protocols/rpki.rst:137 +#: ../../configuration/protocols/rpki.rst:151 msgid "SSH username to establish an SSH connection to the cache server." msgstr "Nombre de usuario SSH para establecer una conexión SSH con el servidor de caché." @@ -10545,7 +11382,6 @@ msgid "SSID to be used in IEEE 802.11 management frames" msgstr "SSID que se utilizará en tramas de administración IEEE 802.11" #: ../../configuration/vpn/openconnect.rst:24 -#: ../../configuration/vpn/sstp.rst:162 msgid "SSL Certificates" msgstr "Certificados SSL" @@ -10609,7 +11445,44 @@ msgstr "El escaneo no es compatible con todos los controladores inalámbricos y msgid "Script execution" msgstr "Ejecución de guiones" +#: ../../configuration/service/ipoe-server.rst:299 +#: ../../configuration/service/pppoe-server.rst:417 +#: ../../configuration/vpn/l2tp.rst:361 +#: ../../configuration/vpn/pptp.rst:285 +#: ../../configuration/vpn/sstp.rst:319 +msgid "Script to run before session interface comes up" +msgstr "Script to run before session interface comes up" + +#: ../../configuration/service/ipoe-server.rst:291 +#: ../../configuration/service/pppoe-server.rst:409 +#: ../../configuration/vpn/l2tp.rst:353 +#: ../../configuration/vpn/pptp.rst:277 +#: ../../configuration/vpn/sstp.rst:311 +msgid "Script to run when session interface changed by RADIUS CoA handling" +msgstr "Script to run when session interface changed by RADIUS CoA handling" + +#: ../../configuration/service/ipoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:413 +#: ../../configuration/vpn/l2tp.rst:357 +#: ../../configuration/vpn/pptp.rst:281 +#: ../../configuration/vpn/sstp.rst:315 +msgid "Script to run when session interface going to terminate" +msgstr "Script to run when session interface going to terminate" + +#: ../../configuration/service/ipoe-server.rst:303 +#: ../../configuration/service/pppoe-server.rst:421 +#: ../../configuration/vpn/l2tp.rst:365 +#: ../../configuration/vpn/pptp.rst:289 +#: ../../configuration/vpn/sstp.rst:323 +msgid "Script to run when session interface is completely configured and started" +msgstr "Script to run when session interface is completely configured and started" + #: ../../configuration/highavailability/index.rst:299 +#: ../../configuration/service/ipoe-server.rst:287 +#: ../../configuration/service/pppoe-server.rst:405 +#: ../../configuration/vpn/l2tp.rst:349 +#: ../../configuration/vpn/pptp.rst:273 +#: ../../configuration/vpn/sstp.rst:307 msgid "Scripting" msgstr "secuencias de comandos" @@ -10617,7 +11490,11 @@ msgstr "secuencias de comandos" msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." -#: ../../configuration/vpn/sstp.rst:246 +#: ../../configuration/service/ipoe-server.rst:186 +#: ../../configuration/service/pppoe-server.rst:148 +#: ../../configuration/vpn/l2tp.rst:191 +#: ../../configuration/vpn/pptp.rst:131 +#: ../../configuration/vpn/sstp.rst:164 msgid "Secret for Dynamic Authorization Extension server (DM/CoA)" msgstr "Secreto para el servidor de extensión de autorización dinámica (DM/CoA)" @@ -10634,7 +11511,7 @@ msgstr "Mensajes de seguridad/autenticación" msgid "See :rfc:`7761#section-4.1` for details." msgstr "See :rfc:`7761#section-4.1` for details." -#: ../../configuration/system/ip.rst:52 +#: ../../configuration/system/ip.rst:65 msgid "See below the different parameters available for the IPv4 **show** command:" msgstr "Vea a continuación los diferentes parámetros disponibles para el comando IPv4 **show**:" @@ -10670,7 +11547,7 @@ msgstr "Select TLS version used." msgid "Select cipher suite used for cryptographic operations. This setting is mandatory." msgstr "Seleccione el conjunto de cifrado utilizado para operaciones criptográficas. Esta configuración es obligatoria." -#: ../../configuration/vrf/index.rst:468 +#: ../../configuration/vrf/index.rst:487 msgid "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." msgstr "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." @@ -10694,6 +11571,10 @@ msgstr "EnvÃe todas las consultas DNS al servidor DNS IPv4/IPv6 especificado en msgid "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." msgstr "EnvÃe SSID vacÃo en balizas e ignore los marcos de solicitud de sondeo que no especifican el SSID completo, es decir, requieren que las estaciones conozcan el SSID." +#: ../../configuration/vpn/l2tp.rst:276 +msgid "Sent to the client (LAC) in the Host-Name attribute" +msgstr "Sent to the client (LAC) in the Host-Name attribute" + #: ../../configuration/system/console.rst:5 msgid "Serial Console" msgstr "Consola serie" @@ -10703,7 +11584,6 @@ msgid "Serial interfaces can be any interface which is directly connected to the msgstr "Las interfaces seriales pueden ser cualquier interfaz que esté directamente conectada a la CPU o al conjunto de chips (principalmente conocida como interfaz ttyS en Linux) o cualquier otro convertidor USB a serial (chips basados en Prolific PL2303 o FTDI FT232/FT4232)." #: ../../configuration/interfaces/openvpn.rst:325 -#: ../../configuration/vpn/sstp.rst:210 msgid "Server" msgstr "Servidor" @@ -10711,7 +11591,7 @@ msgstr "Servidor" msgid "Server:" msgstr "Servidor:" -#: ../../configuration/pki/index.rst:210 +#: ../../configuration/pki/index.rst:212 msgid "Server Certificate" msgstr "Certificado de servidor" @@ -10723,7 +11603,7 @@ msgstr "Configuración del servidor" msgid "Server Side" msgstr "Lado del servidor" -#: ../../configuration/service/ipoe-server.rst:156 +#: ../../configuration/service/ipoe-server.rst:157 msgid "Server configuration" msgstr "Configuración del servidor" @@ -10748,19 +11628,19 @@ msgstr "Establecer la dirección IPv4 o la dirección IPv6 del par BFD" msgid "Set BGP community-list to exactly match." msgstr "Configure la lista de la comunidad BGP para que coincida exactamente." -#: ../../configuration/policy/route-map.rst:318 +#: ../../configuration/policy/route-map.rst:321 msgid "Set BGP local preference attribute." msgstr "Establezca el atributo de preferencia local de BGP." -#: ../../configuration/policy/route-map.rst:336 +#: ../../configuration/policy/route-map.rst:339 msgid "Set BGP origin code." msgstr "Establezca el código de origen BGP." -#: ../../configuration/policy/route-map.rst:341 +#: ../../configuration/policy/route-map.rst:344 msgid "Set BGP originator ID attribute." msgstr "Establezca el atributo de ID del originador de BGP." -#: ../../configuration/policy/route-map.rst:359 +#: ../../configuration/policy/route-map.rst:362 msgid "Set BGP weight attribute" msgstr "Establecer atributo de peso BGP" @@ -10776,7 +11656,7 @@ msgstr "Establezca los criterios de coincidencia de entrada de IPSec, donde:" msgid "Set IP fragment match, where:" msgstr "Establecer coincidencia de fragmentos de IP, donde:" -#: ../../configuration/policy/route-map.rst:331 +#: ../../configuration/policy/route-map.rst:334 msgid "Set OSPF external metric-type." msgstr "Establezca el tipo de métrica externa de OSPF." @@ -10796,12 +11676,12 @@ msgstr "Establezca la regla SNAT 30 para que solo lleguen paquetes NAT de la red msgid "Set SSL certeficate <name> for service <name>" msgstr "Establecer certificado SSL<name> para servicio<name>" -#: ../../configuration/firewall/ipv4.rst:918 +#: ../../configuration/firewall/ipv4.rst:941 #: ../../configuration/firewall/ipv6.rst:927 msgid "Set TCP-MSS (maximum segment size) for the connection" msgstr "Set TCP-MSS (maximum segment size) for the connection" -#: ../../configuration/service/dns.rst:280 +#: ../../configuration/service/dns.rst:264 msgid "Set TTL to 300 seconds" msgstr "Establecer TTL a 300 segundos" @@ -10825,7 +11705,7 @@ msgstr "Establezca un destino y/o un puerto de origen. Entrada aceptada:" msgid "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." msgstr "Establezca un alias descriptivo y legible por humanos para esta conexión. El alias se utiliza, por ejemplo, con el comando :opcmd:`show interfaces` o herramientas de supervisión basadas en SNMP." -#: ../../configuration/system/login.rst:387 +#: ../../configuration/system/login.rst:391 msgid "Set a limit on the maximum number of concurrent logged-in users on the system." msgstr "Establezca un lÃmite en el número máximo de usuarios conectados simultáneamente en el sistema." @@ -10864,11 +11744,16 @@ msgstr "Establezca la acción a realizar en las entradas que coincidan con esta msgid "Set an API-KEY is the minimal configuration to get a working API Endpoint." msgstr "Establecer una API-KEY es la configuración mÃnima para obtener un punto final de API que funcione." -#: ../../configuration/vpn/sstp.rst:100 +#: ../../configuration/service/ipoe-server.rst:60 +#: ../../configuration/service/ipoe-server.rst:88 +#: ../../configuration/service/pppoe-server.rst:38 +#: ../../configuration/vpn/l2tp.rst:26 +#: ../../configuration/vpn/pptp.rst:27 +#: ../../configuration/vpn/sstp.rst:53 msgid "Set authentication backend. The configured authentication backend is used for all queries." msgstr "Establecer backend de autenticación. El backend de autenticación configurado se utiliza para todas las consultas." -#: ../../configuration/container/index.rst:117 +#: ../../configuration/container/index.rst:122 msgid "Set container capabilities or permissions." msgstr "Establecer capacidades o permisos de contenedor." @@ -10880,6 +11765,19 @@ msgstr "Establezca la demora entre los mensajes ARP gratuitos enviados en una in msgid "Set delay for second set of gratuitous ARPs after transition to MASTER." msgstr "Establezca la demora para el segundo conjunto de ARP gratuitos después de la transición a MAESTRO." +#: ../../configuration/service/ipoe-server.rst:356 +#: ../../configuration/service/pppoe-server.rst:522 +#: ../../configuration/vpn/l2tp.rst:476 +#: ../../configuration/vpn/pptp.rst:400 +#: ../../configuration/vpn/sstp.rst:434 +msgid "Set description." +msgstr "Set description." + +#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:332 +msgid "Set description `<text>` for dynamic DNS service being configured." +msgstr "Set description `<text>` for dynamic DNS service being configured." + #: ../../configuration/policy/as-path-list.rst:21 msgid "Set description for as-path-list policy." msgstr "Establezca la descripción de la polÃtica como lista de rutas." @@ -10956,7 +11854,7 @@ msgstr "Configure eth1 para que sea la interfaz de escucha para el relé DHCPv6. msgid "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." msgstr "Establezca el tiempo de ejecución en el formato común cron_time. Un cron`<spec> ` de ``30 */6 * * *`` ejecutarÃa `<task> ` en el minuto 30 después de cada 6 horas." -#: ../../configuration/policy/route-map.rst:251 +#: ../../configuration/policy/route-map.rst:254 msgid "Set extcommunity bandwidth" msgstr "Establecer el ancho de banda de la comunidad externa" @@ -11025,6 +11923,10 @@ msgstr "Establezca el número máximo de paquetes en exceso de la tasa." msgid "Set minimum time interval for refreshing gratuitous ARPs while MASTER." msgstr "Establezca un intervalo de tiempo mÃnimo para actualizar ARP gratuitos mientras es MAESTRO." +#: ../../configuration/vpn/l2tp.rst:72 +msgid "Set mode for IPsec authentication between VyOS and L2TP clients." +msgstr "Set mode for IPsec authentication between VyOS and L2TP clients." + #: ../../configuration/highavailability/index.rst:285 msgid "Set number of gratuitous ARP messages to send at a time after transition to MASTER." msgstr "Establezca el número de mensajes ARP gratuitos para enviar a la vez después de la transición a MAESTRO." @@ -11055,7 +11957,11 @@ msgstr "Establecer modificaciones de paquetes: punto de código de servicios dif msgid "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." msgstr "Establezca parámetros para hacer coincidir las fuentes vistas recientemente. Esta coincidencia podrÃa usarse viendo el conteo (la dirección de origen se vio más de <1-255> veces) y/o el tiempo (la dirección de origen se vio en los últimos <0-4294967295> segundos)." -#: ../../configuration/policy/route-map.rst:350 +#: ../../configuration/vpn/l2tp.rst:76 +msgid "Set predefined shared secret phrase." +msgstr "Set predefined shared secret phrase." + +#: ../../configuration/policy/route-map.rst:353 msgid "Set prefixes to table." msgstr "Establecer prefijos en la tabla." @@ -11063,7 +11969,7 @@ msgstr "Establecer prefijos en la tabla." msgid "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." msgstr "Configure el proxy para todas las conexiones iniciadas por VyOS, incluidos HTTP, HTTPS y FTP (ftp anónimo)." -#: ../../configuration/policy/route-map.rst:260 +#: ../../configuration/policy/route-map.rst:263 msgid "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Establezca el valor objetivo de la ruta en formato ``<0-65535:0-4294967295>`` o ``<IP:0-65535> ``." @@ -11080,7 +11986,7 @@ msgstr "Establezca la acción de la regla para descartar." msgid "Set service to bind on IP address, by default listen on any IPv4 and IPv6" msgstr "Configure el servicio para que se vincule a la dirección IP, por defecto escuche en cualquier IPv4 e IPv6" -#: ../../configuration/policy/route-map.rst:265 +#: ../../configuration/policy/route-map.rst:268 msgid "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Establezca el valor del sitio de origen en formato ``<0-65535:0-4294967295>`` o ``<IP:0-65535> ``." @@ -11096,7 +12002,7 @@ msgstr "Establezca alguna métrica para las rutas aprendidas de un vecino en par msgid "Set source-address to your local IP (LAN)." msgstr "Establezca la dirección de origen en su IP local (LAN)." -#: ../../configuration/policy/route-map.rst:346 +#: ../../configuration/policy/route-map.rst:349 msgid "Set source IP/IPv6 address for route." msgstr "Configure la dirección IP/IPv6 de origen para la ruta." @@ -11105,7 +12011,7 @@ msgstr "Configure la dirección IP/IPv6 de origen para la ruta." msgid "Set source address or prefix to match." msgstr "Establezca la dirección de origen o el prefijo para que coincida." -#: ../../configuration/policy/route-map.rst:354 +#: ../../configuration/policy/route-map.rst:357 msgid "Set tag value for routing protocol." msgstr "Establezca el valor de la etiqueta para el protocolo de enrutamiento." @@ -11113,8 +12019,8 @@ msgstr "Establezca el valor de la etiqueta para el protocolo de enrutamiento." msgid "Set the \"recursion desired\" bit in requests to the upstream nameserver." msgstr "Establezca el bit "recursividad deseada" en las solicitudes al servidor de nombres ascendente." -#: ../../configuration/policy/route-map.rst:290 -#: ../../configuration/policy/route-map.rst:303 +#: ../../configuration/policy/route-map.rst:293 +#: ../../configuration/policy/route-map.rst:306 msgid "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." msgstr "Establezca la dirección BGP nexthop en la dirección del par. Para un mapa de ruta entrante, esto significa que se usa la dirección IP de nuestro compañero. Para un mapa de ruta saliente, esto significa que nuestra dirección IP se usa para establecer el emparejamiento con nuestro vecino." @@ -11175,6 +12081,10 @@ msgstr "Establezca el bloque local de enrutamiento de segmentos, es decir, el ra msgid "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." msgstr "Establezca el bloque local de enrutamiento de segmento, es decir, el rango de etiqueta bajo utilizado por MPLS para almacenar la etiqueta en la FIB de MPLS para el SID de prefijo. Tenga en cuenta que el tamaño del bloque no puede exceder 65535.Bloque local de enrutamiento de segmento, el comando negativo siempre desarma ambos." +#: ../../configuration/container/index.rst:99 +msgid "Set the User ID or Group ID of the container" +msgstr "Set the User ID or Group ID of the container" + #: ../../configuration/protocols/pim.rst:147 msgid "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." msgstr "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." @@ -11259,7 +12169,7 @@ msgstr "Establezca el nombre del par de claves del cliente x509 utilizado para a msgid "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" msgstr "Establezca el indicador de ID de VLAN nativa de la interfaz. Cuando un paquete de datos sin una etiqueta VLAN ingresa al puerto, el paquete de datos se verá obligado a agregar una etiqueta de una identificación de VLAN especÃfica. Cuando la bandera de identificación de vlan fluye, la etiqueta de la identificación de vlan se eliminará" -#: ../../configuration/policy/route-map.rst:284 +#: ../../configuration/policy/route-map.rst:287 msgid "Set the next-hop as unchanged. Pass through the route-map without changing its value" msgstr "Establece el siguiente salto como sin cambios. Pase por el mapa de ruta sin cambiar su valor" @@ -11271,7 +12181,15 @@ msgstr "Establezca el número máximo de intentos de retransmisión de TCP." msgid "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." msgstr "Establezca la cantidad de fallas de verificación de estado antes de que una interfaz se marque como no disponible, el rango de número es 1 a 10, predeterminado 1. O establezca la cantidad de verificaciones de estado exitosas antes de que una interfaz se vuelva a agregar al grupo de interfaces, el rango de número es 1 a 10, por defecto 1." -#: ../../configuration/system/login.rst:84 +#: ../../configuration/protocols/rpki.rst:121 +msgid "Set the number of seconds the router waits until retrying to connect to the cache server." +msgstr "Set the number of seconds the router waits until retrying to connect to the cache server." + +#: ../../configuration/protocols/rpki.rst:114 +msgid "Set the number of seconds the router waits until the router expires the cache." +msgstr "Set the number of seconds the router waits until the router expires the cache." + +#: ../../configuration/system/login.rst:88 msgid "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." msgstr "Configure las opciones para esta clave pública. Consulte la página de manual de ssh ``authorized_keys`` para obtener detalles sobre lo que puede especificar aquÃ. Para colocar un carácter ``"`` en el campo de opciones, use ``"``, por ejemplo ``from="10.0.0.0/24"`` para restringir desde dónde se puede conectar el usuario cuando usa esta tecla." @@ -11291,11 +12209,11 @@ msgstr "Set the peer's key used to receive (RX) traffic" msgid "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." msgstr "Establezca el id. de sesión del par, que es un valor entero de 32 bits asignado a la sesión por el par. El valor utilizado debe coincidir con el valor de session_id que se utiliza en el par." -#: ../../configuration/container/index.rst:98 +#: ../../configuration/container/index.rst:103 msgid "Set the restart behavior of the container." msgstr "Establezca el comportamiento de reinicio del contenedor." -#: ../../configuration/policy/route-map.rst:323 +#: ../../configuration/policy/route-map.rst:326 msgid "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." msgstr "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." @@ -11328,12 +12246,12 @@ msgstr "Establezca el tiempo de espera en segundos para un protocolo o estado en msgid "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." msgstr "Establezca la identificación del túnel, que es un valor entero de 32 bits. Identifica de forma exclusiva el túnel en el que se creará la sesión." -#: ../../configuration/firewall/ipv4.rst:922 +#: ../../configuration/firewall/ipv4.rst:945 #: ../../configuration/firewall/ipv6.rst:931 msgid "Set the window scale factor for TCP window scaling" msgstr "Set the window scale factor for TCP window scaling" -#: ../../configuration/system/login.rst:124 +#: ../../configuration/system/login.rst:128 msgid "Set window of concurrently valid codes." msgstr "Establecer ventana de códigos válidos concurrentemente." @@ -11357,7 +12275,7 @@ msgstr "Establece la identificación única para esta interfaz vxlan. No estoy s msgid "Setting VRRP group priority" msgstr "Configuración de la prioridad del grupo VRRP" -#: ../../configuration/service/dhcp-server.rst:231 +#: ../../configuration/service/dhcp-server.rst:237 msgid "Setting name" msgstr "Nombre del ajuste" @@ -11389,7 +12307,12 @@ msgstr "Setting up certificates:" msgid "Setting up tunnel:" msgstr "Setting up tunnel:" -#: ../../configuration/service/dhcp-server.rst:373 +#: ../../configuration/system/option.rst:42 +#: ../../configuration/system/option.rst:53 +msgid "Setting will only become active with the next reboot!" +msgstr "Setting will only become active with the next reboot!" + +#: ../../configuration/service/dhcp-server.rst:379 msgid "Setup DHCP failover for network 192.0.2.0/24" msgstr "Configurar la conmutación por error de DHCP para la red 192.0.2.0/24" @@ -11397,15 +12320,19 @@ msgstr "Configurar la conmutación por error de DHCP para la red 192.0.2.0/24" msgid "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." msgstr "Configure la contraseña cifrada para el nombre de usuario dado. Esto es útil para transferir una contraseña cifrada de un sistema a otro." -#: ../../configuration/system/login.rst:262 +#: ../../configuration/system/login.rst:266 msgid "Setup the `<timeout>` in seconds when querying the RADIUS server." msgstr "Configure el `<timeout> ` en segundos al consultar el servidor RADIUS." -#: ../../configuration/system/login.rst:331 +#: ../../configuration/system/login.rst:335 msgid "Setup the `<timeout>` in seconds when querying the TACACS server." msgstr "Configure el `<timeout> ` en segundos al consultar el servidor TACACS." -#: ../../configuration/service/dns.rst:327 +#: ../../configuration/service/dns.rst:336 +msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." +msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:341 msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." @@ -11413,11 +12340,11 @@ msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS p msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." msgstr "Configure el nombre de host DNS dinámico `<hostname> ` asociado con el proveedor DynDNS identificado por `<service> ` cuando la dirección IP en la interfaz `<interface> ` cambios." -#: ../../configuration/system/option.rst:31 +#: ../../configuration/system/option.rst:61 msgid "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." msgstr "Varios comandos utilizan cURL para iniciar transferencias. Configure la dirección IPv4/IPv6 de origen local utilizada para todas las operaciones de cURL." -#: ../../configuration/system/option.rst:36 +#: ../../configuration/system/option.rst:66 msgid "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." msgstr "Varios comandos utilizan curl para iniciar transferencias. Configure la interfaz de origen local utilizada para todas las operaciones CURL." @@ -11445,25 +12372,25 @@ msgstr "Capacidades GI cortas para 20 y 40 MHz" msgid "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." msgstr "Se puede permitir que las ráfagas cortas excedan el lÃmite. En la creación, el tráfico de Rate-Control se almacena con tokens que corresponden a la cantidad de tráfico que se puede explotar de una sola vez. Los tokens llegan a un ritmo constante, hasta que el balde está lleno." -#: ../../configuration/vrf/index.rst:488 +#: ../../configuration/vrf/index.rst:507 msgid "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." msgstr "Sintaxis de acceso directo para especificar la fuga automática de vrf VRFNAME al VRF actual utilizando la VPN RIB como intermediario. El RD y el RT se derivan automáticamente y no deben especificarse explÃcitamente para los VRF de origen o de destino." -#: ../../configuration/protocols/bgp.rst:953 +#: ../../configuration/protocols/bgp.rst:975 #: ../../configuration/protocols/mpls.rst:225 msgid "Show" msgstr "Espectáculo" -#: ../../configuration/service/dhcp-server.rst:416 +#: ../../configuration/service/dhcp-server.rst:422 msgid "Show DHCP server daemon log file" msgstr "Mostrar el archivo de registro del demonio del servidor DHCP" -#: ../../configuration/service/dhcp-server.rst:668 +#: ../../configuration/service/dhcp-server.rst:676 msgid "Show DHCPv6 server daemon log file" msgstr "Mostrar el archivo de registro del demonio del servidor DHCPv6" #: ../../configuration/firewall/bridge.rst:306 -#: ../../configuration/firewall/ipv4.rst:1115 +#: ../../configuration/firewall/ipv4.rst:1138 #: ../../configuration/firewall/ipv6.rst:1138 msgid "Show Firewall log" msgstr "Mostrar registro de cortafuegos" @@ -11528,23 +12455,23 @@ msgstr "Mostrar modelo de módulo WWAN." msgid "Show WWAN module signal strength." msgstr "Muestra la intensidad de la señal del módulo WWAN." -#: ../../configuration/container/index.rst:163 +#: ../../configuration/container/index.rst:199 msgid "Show a list available container networks" msgstr "Mostrar una lista de redes de contenedores disponibles" -#: ../../configuration/pki/index.rst:297 +#: ../../configuration/pki/index.rst:328 msgid "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." msgstr "Muestra una lista de los certificados :abbr:`CA (Autoridad de certificación)` instalados." -#: ../../configuration/pki/index.rst:332 +#: ../../configuration/pki/index.rst:363 msgid "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." msgstr "Muestra una lista de las :abbr:`CRL (Lista de revocación de certificados)` instaladas." -#: ../../configuration/pki/index.rst:315 +#: ../../configuration/pki/index.rst:346 msgid "Show a list of installed certificates" msgstr "Mostrar una lista de certificados instalados" -#: ../../configuration/protocols/bfd.rst:98 +#: ../../configuration/protocols/bfd.rst:105 msgid "Show all BFD peers" msgstr "Mostrar todos los compañeros de BFD" @@ -11572,7 +12499,7 @@ msgstr "Mostrar puente `<name> ` mdb muestra la tabla actual de miembros del gru msgid "Show brief interface information." msgstr "Muestra información breve de la interfaz." -#: ../../configuration/system/ipv6.rst:46 +#: ../../configuration/system/ipv6.rst:59 msgid "Show commands" msgstr "Mostrar comandos" @@ -11584,11 +12511,11 @@ msgstr "Muestra los puertos seriales configurados y su respectiva configuración msgid "Show connection data of load balanced traffic:" msgstr "Mostrar datos de conexión del tráfico con equilibrio de carga:" -#: ../../configuration/service/conntrack-sync.rst:132 +#: ../../configuration/service/conntrack-sync.rst:136 msgid "Show connection syncing external cache entries" msgstr "Mostrar conexión sincronizando entradas de caché externas" -#: ../../configuration/service/conntrack-sync.rst:136 +#: ../../configuration/service/conntrack-sync.rst:140 msgid "Show connection syncing internal cache entries" msgstr "Mostrar conexión sincronizando entradas de caché interna" @@ -11654,44 +12581,44 @@ msgstr "Show list of IPs currently blocked by SSH dynamic-protection." msgid "Show logs for mDNS repeater service." msgstr "Show logs for mDNS repeater service." -#: ../../configuration/container/index.rst:159 +#: ../../configuration/container/index.rst:195 msgid "Show logs from a given container" msgstr "Mostrar registros de un contenedor dado" -#: ../../configuration/service/dhcp-server.rst:420 +#: ../../configuration/service/dhcp-server.rst:426 msgid "Show logs from all DHCP client processes." msgstr "Muestra los registros de todos los procesos del cliente DHCP." -#: ../../configuration/service/dhcp-server.rst:672 +#: ../../configuration/service/dhcp-server.rst:680 msgid "Show logs from all DHCPv6 client processes." msgstr "Muestra registros de todos los procesos de cliente DHCPv6." -#: ../../configuration/service/dhcp-server.rst:424 +#: ../../configuration/service/dhcp-server.rst:430 msgid "Show logs from specific `interface` DHCP client process." msgstr "Muestra los registros del proceso de cliente DHCP de `interfaz` especÃfico." -#: ../../configuration/service/dhcp-server.rst:676 +#: ../../configuration/service/dhcp-server.rst:684 msgid "Show logs from specific `interface` DHCPv6 client process." msgstr "Muestra los registros del proceso de cliente DHCPv6 de `interfaz` especÃfico." -#: ../../configuration/pki/index.rst:311 +#: ../../configuration/pki/index.rst:342 msgid "Show only information for specified Certificate Authority." msgstr "Mostrar solo información para la autoridad de certificación especificada." -#: ../../configuration/pki/index.rst:328 +#: ../../configuration/pki/index.rst:359 msgid "Show only information for specified certificate." msgstr "Mostrar solo información para el certificado especificado." -#: ../../configuration/service/dhcp-server.rst:478 -#: ../../configuration/service/dhcp-server.rst:699 +#: ../../configuration/service/dhcp-server.rst:484 +#: ../../configuration/service/dhcp-server.rst:707 msgid "Show only leases in the specified pool." msgstr "Mostrar solo arrendamientos en el grupo especificado." -#: ../../configuration/service/dhcp-server.rst:708 +#: ../../configuration/service/dhcp-server.rst:716 msgid "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" msgstr "Mostrar solo arrendamientos con el estado especificado. Estados posibles: abandonado, activo, todo, copia de seguridad, caducado, libre, liberado, restablecer (predeterminado = activo)" -#: ../../configuration/service/dhcp-server.rst:496 +#: ../../configuration/service/dhcp-server.rst:502 msgid "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" msgstr "Mostrar solo arrendamientos con el estado especificado. Estados posibles: todo, activo, libre, caducado, liberado, abandonado, restablecer, copia de seguridad (predeterminado = activo)" @@ -11703,23 +12630,23 @@ msgstr "Muestra la entrada de la tabla de enrutamiento para la ruta predetermina msgid "Show specific MACsec interface information" msgstr "Mostrar información especÃfica de la interfaz MACsec" -#: ../../configuration/vpn/site2site_ipsec.rst:221 +#: ../../configuration/vpn/site2site_ipsec.rst:224 msgid "Show status of new setup:" msgstr "Mostrar el estado de la nueva configuración:" -#: ../../configuration/service/dhcp-server.rst:447 +#: ../../configuration/service/dhcp-server.rst:453 msgid "Show statuses of all active leases:" msgstr "Mostrar estados de todas las concesiones activas:" -#: ../../configuration/service/dhcp-server.rst:465 +#: ../../configuration/service/dhcp-server.rst:471 msgid "Show statuses of all active leases granted by local (this server) or remote (failover server):" msgstr "Show statuses of all active leases granted by local (this server) or remote (failover server):" -#: ../../configuration/service/dhcp-server.rst:432 +#: ../../configuration/service/dhcp-server.rst:438 msgid "Show the DHCP server statistics:" msgstr "Mostrar las estadÃsticas del servidor DHCP:" -#: ../../configuration/service/dhcp-server.rst:443 +#: ../../configuration/service/dhcp-server.rst:449 msgid "Show the DHCP server statistics for the specified pool." msgstr "Muestra las estadÃsticas del servidor DHCP para el grupo especificado." @@ -11731,11 +12658,11 @@ msgstr "Muestra el registro del servidor de la consola." msgid "Show the full config uploaded to the QAT device." msgstr "Muestra la configuración completa cargada en el dispositivo QAT." -#: ../../configuration/container/index.rst:151 +#: ../../configuration/container/index.rst:187 msgid "Show the list of all active containers." msgstr "Muestra la lista de todos los contenedores activos." -#: ../../configuration/container/index.rst:155 +#: ../../configuration/container/index.rst:191 msgid "Show the local container images." msgstr "Muestra las imágenes del contenedor local." @@ -11747,7 +12674,7 @@ msgstr "Muestra los registros de un conjunto de reglas especÃfico." msgid "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." -#: ../../configuration/firewall/ipv4.rst:1125 +#: ../../configuration/firewall/ipv4.rst:1148 msgid "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." @@ -11764,11 +12691,11 @@ msgstr "mostrar la ruta" msgid "Show transceiver information from plugin modules, e.g SFP+, QSFP" msgstr "Mostrar información del transceptor de los módulos de complemento, por ejemplo, SFP+, QSFP" -#: ../../configuration/protocols/bfd.rst:179 +#: ../../configuration/protocols/bfd.rst:186 msgid "Showing BFD monitored static routes" msgstr "Mostrando rutas estáticas monitoreadas por BFD" -#: ../../configuration/service/dhcp-server.rst:684 +#: ../../configuration/service/dhcp-server.rst:692 msgid "Shows status of all assigned leases:" msgstr "Muestra el estado de todos los arrendamientos asignados:" @@ -11796,7 +12723,7 @@ msgstr "Tarjeta miniPCIe (LTE) Sierra Wireless AirPrime MC7455" msgid "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" msgstr "Sierra Wireless AirPrime MC7710 tarjeta miniPCIe (LTE)" -#: ../../configuration/vpn/site2site_ipsec.rst:427 +#: ../../configuration/vpn/site2site_ipsec.rst:430 msgid "Similar combinations are applicable for the dead-peer-detection." msgstr "Se aplican combinaciones similares para la detección de pares muertos." @@ -11828,6 +12755,14 @@ msgstr "Dado que se trata de una configuración de oficinas centrales y sucursal msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." msgstr "Dado que el servidor RADIUS serÃa un único punto de falla, se pueden configurar varios servidores RADIUS y se utilizarán posteriormente." +#: ../../configuration/service/ipoe-server.rst:131 +#: ../../configuration/service/pppoe-server.rst:93 +#: ../../configuration/vpn/l2tp.rst:136 +#: ../../configuration/vpn/pptp.rst:76 +#: ../../configuration/vpn/sstp.rst:109 +msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" +msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" + #: ../../configuration/service/mdns.rst:13 msgid "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Dado que el protocolo mDNS envÃa los registros AA en el propio paquete, el repetidor no necesita falsificar la dirección de origen. En cambio, la dirección de origen es la de la interfaz que repite el paquete." @@ -11836,6 +12771,10 @@ msgstr "Dado que el protocolo mDNS envÃa los registros AA en el propio paquete, msgid "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." +#: ../../configuration/service/ids.rst:98 +msgid "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" +msgstr "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" + #: ../../configuration/interfaces/vxlan.rst:157 msgid "Single VXLAN device (SVD)" msgstr "Single VXLAN device (SVD)" @@ -11857,7 +12796,7 @@ msgstr "El modo sitio a sitio es compatible con x.509 pero no lo requiere y tamb msgid "Site to Site VPN" msgstr "VPN de sitio a sitio" -#: ../../configuration/pki/index.rst:275 +#: ../../configuration/pki/index.rst:306 msgid "Size of the RSA key." msgstr "Size of the RSA key." @@ -11865,6 +12804,10 @@ msgstr "Size of the RSA key." msgid "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." msgstr "La selección de esclavos para el tráfico saliente se realiza de acuerdo con la polÃtica hash de transmisión, que se puede cambiar de la polÃtica XOR simple predeterminada a través de la opción :cfgcmd:`hash-policy`, documentada a continuación." +#: ../../configuration/service/ids.rst:110 +msgid "So, firewall configuration needed for this setup:" +msgstr "So, firewall configuration needed for this setup:" + #: ../../configuration/nat/nat44.rst:554 msgid "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." msgstr "Entonces, en nuestra polÃtica de firewall, queremos permitir el tráfico que ingresa en la interfaz externa, con destino al puerto TCP 80 y la dirección IP de 192.168.0.100." @@ -11885,7 +12828,14 @@ msgstr "Algunos ISP por defecto solo delegan un prefijo /64. Para solicitar un t msgid "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." msgstr "Algunos entornos de TI requieren el uso de un proxy para conectarse a Internet. Sin esta configuración, las actualizaciones de VyOS no podrÃan instalarse directamente mediante el comando :opcmd:`add system image` (:ref:`update_vyos`)." -#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/service/ipoe-server.rst:140 +#: ../../configuration/service/pppoe-server.rst:102 +#: ../../configuration/vpn/pptp.rst:85 +#: ../../configuration/vpn/sstp.rst:118 +msgid "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." +msgstr "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." + +#: ../../configuration/vpn/l2tp.rst:145 msgid "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." msgstr "Algunos servidores RADIUS_ utilizan una lista de control de acceso que permite o deniega consultas, asegúrese de agregar su enrutador VyOS a la lista de clientes permitidos." @@ -11893,6 +12843,10 @@ msgstr "Algunos servidores RADIUS_ utilizan una lista de control de acceso que p msgid "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." msgstr "Algunos proveedores de servicios de aplicaciones (ASP) operan una puerta de enlace VPN para proporcionar acceso a sus recursos internos y requieren que una organización de conexión traduzca todo el tráfico a la red del proveedor de servicios a una dirección de origen proporcionada por el ASP." +#: ../../configuration/container/index.rst:171 +msgid "Some container registries require credentials to be used." +msgstr "Some container registries require credentials to be used." + #: ../../configuration/firewall/general-legacy.rst:38 msgid "Some firewall settings are global and have an affect on the whole system." msgstr "Algunas configuraciones de firewall son globales y tienen un efecto en todo el sistema." @@ -11933,11 +12887,11 @@ msgstr "Algunos usuarios tienden a conectar sus dispositivos móviles mediante W msgid "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." msgstr "A veces, las lÃneas de opción en la configuración de OpenVPN generada requieren comillas. Esto se hace a través de un truco en nuestro generador de configuración. Puede pasar comillas usando la instrucción ``"``." -#: ../../configuration/service/dhcp-server.rst:703 +#: ../../configuration/service/dhcp-server.rst:711 msgid "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" msgstr "Ordene la salida por la clave especificada. Claves posibles: expira, iaid_duid, ip, last_comm, pool, restante, estado, tipo (predeterminado = ip)" -#: ../../configuration/service/dhcp-server.rst:491 +#: ../../configuration/service/dhcp-server.rst:497 msgid "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" msgstr "Ordene la salida por la clave especificada. Claves posibles: ip, dirección_de_hardware, estado, inicio, fin, restante, grupo, nombre de host (predeterminado = ip)" @@ -11949,7 +12903,16 @@ msgstr "Dirección de la fuente" msgid "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." msgstr "Dirección IP de origen utilizada para la capa subyacente de VXLAN. Esto es obligatorio cuando se usa VXLAN a través de L2VPN/EVPN." -#: ../../configuration/vpn/sstp.rst:268 +#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:208 +#: ../../configuration/service/pppoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:170 +#: ../../configuration/vpn/l2tp.rst:157 +#: ../../configuration/vpn/l2tp.rst:213 +#: ../../configuration/vpn/pptp.rst:97 +#: ../../configuration/vpn/pptp.rst:153 +#: ../../configuration/vpn/sstp.rst:130 +#: ../../configuration/vpn/sstp.rst:186 msgid "Source IPv4 address used in all RADIUS server queires." msgstr "Dirección IPv4 de origen utilizada en todas las consultas del servidor RADIUS." @@ -11961,11 +12924,11 @@ msgstr "Reglas NAT de origen" msgid "Source Prefix" msgstr "Prefijo de origen" -#: ../../configuration/system/login.rst:276 +#: ../../configuration/system/login.rst:280 msgid "Source all connections to the RADIUS servers from given VRF `<name>`." msgstr "Fuente todas las conexiones a los servidores RADIUS de VRF dado `<name> `." -#: ../../configuration/system/login.rst:345 +#: ../../configuration/system/login.rst:349 msgid "Source all connections to the TACACS servers from given VRF `<name>`." msgstr "Fuente todas las conexiones a los servidores TACACS de VRF dado `<name> `." @@ -11973,7 +12936,7 @@ msgstr "Fuente todas las conexiones a los servidores TACACS de VRF dado `<name> msgid "Source protocol to match." msgstr "Protocolo de origen para que coincida." -#: ../../configuration/vpn/ipsec.rst:225 +#: ../../configuration/vpn/ipsec.rst:229 msgid "Source tunnel from dummy interface" msgstr "Source tunnel from dummy interface" @@ -12001,15 +12964,48 @@ msgstr "Configuración de ahorro de energÃa de multiplexación espacial (SMPS)" msgid "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." msgstr "Especificar nhs hace que todos los paquetes de multidifusión se repitan en cada próximo salto configurado estáticamente." -#: ../../configuration/vpn/sstp.rst:238 +#: ../../configuration/service/ipoe-server.rst:178 +#: ../../configuration/service/pppoe-server.rst:140 +#: ../../configuration/vpn/l2tp.rst:183 +#: ../../configuration/vpn/pptp.rst:123 +#: ../../configuration/vpn/sstp.rst:156 msgid "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" msgstr "Especifica la dirección IP para el servidor de extensión de autorización dinámica (DM/CoA)" -#: ../../configuration/vpn/sstp.rst:194 +#: ../../configuration/service/pppoe-server.rst:470 +#: ../../configuration/vpn/l2tp.rst:424 +#: ../../configuration/vpn/pptp.rst:348 +#: ../../configuration/vpn/sstp.rst:382 +msgid "Specifies IPv4 negotiation preference." +msgstr "Specifies IPv4 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:345 +#: ../../configuration/vpn/l2tp.rst:289 +#: ../../configuration/vpn/pptp.rst:213 +#: ../../configuration/vpn/sstp.rst:247 +msgid "Specifies IPv6 negotiation preference." +msgstr "Specifies IPv6 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:552 +msgid "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" +msgstr "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" + +#: ../../configuration/service/pppoe-server.rst:502 +#: ../../configuration/vpn/l2tp.rst:456 +#: ../../configuration/vpn/pptp.rst:380 +#: ../../configuration/vpn/sstp.rst:414 +msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." +msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." + +#: ../../configuration/vpn/sstp.rst:200 msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." msgstr "Especifica la preferencia de negociación :abbr:`MPPE (Microsoft Point-to-Point Encryption)`." -#: ../../configuration/vrf/index.rst:477 +#: ../../configuration/service/ipoe-server.rst:81 +msgid "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." +msgstr "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." + +#: ../../configuration/vrf/index.rst:496 msgid "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." msgstr "Especifica un mapa de ruta opcional que se aplicará a las rutas importadas o exportadas entre el VRF de unidifusión actual y la VPN." @@ -12017,6 +13013,13 @@ msgstr "Especifica un mapa de ruta opcional que se aplicará a las rutas importa msgid "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." msgstr "Especifica una red ascendente `<interface> ` del que responde `<server> ` y otros agentes de relevo serán aceptados." +#: ../../configuration/service/pppoe-server.rst:388 +#: ../../configuration/vpn/l2tp.rst:332 +#: ../../configuration/vpn/pptp.rst:256 +#: ../../configuration/vpn/sstp.rst:290 +msgid "Specifies fixed or random interface identifier for IPv6. By default is fixed." +msgstr "Specifies fixed or random interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:173 msgid "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." msgstr "Especifica durante cuánto tiempo squid asume que un par de nombre de usuario:contraseña validado externamente es válido; en otras palabras, con qué frecuencia se llama al programa auxiliar para ese usuario. Configure este valor bajo para forzar la revalidación con contraseñas de corta duración." @@ -12025,15 +13028,36 @@ msgstr "Especifica durante cuánto tiempo squid asume que un par de nombre de us msgid "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." msgstr "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." +#: ../../configuration/service/pppoe-server.rst:462 +#: ../../configuration/vpn/l2tp.rst:416 +#: ../../configuration/vpn/pptp.rst:340 +#: ../../configuration/vpn/sstp.rst:374 +msgid "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." +msgstr "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." + #: ../../configuration/interfaces/bonding.rst:40 msgid "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" msgstr "Especifica una de las polÃticas de vinculación. El valor predeterminado es 802.3ad. Los valores posibles son:" +#: ../../configuration/service/pppoe-server.rst:396 +#: ../../configuration/vpn/l2tp.rst:340 +#: ../../configuration/vpn/pptp.rst:264 +#: ../../configuration/vpn/sstp.rst:298 +msgid "Specifies peer interface identifier for IPv6. By default is fixed." +msgstr "Specifies peer interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:81 msgid "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." msgstr "Especifica la dirección de escucha del servicio proxy. La dirección de escucha es la dirección IP en la que el servicio de proxy web escucha las solicitudes de los clientes." -#: ../../configuration/vpn/sstp.rst:110 +#: ../../configuration/service/ipoe-server.rst:348 +msgid "Specifies relay agent IP addre" +msgstr "Specifies relay agent IP addre" + +#: ../../configuration/service/pppoe-server.rst:70 +#: ../../configuration/vpn/l2tp.rst:52 +#: ../../configuration/vpn/pptp.rst:54 +#: ../../configuration/vpn/sstp.rst:79 msgid "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." msgstr "Especifica un solo `<gateway> ` Dirección IP que se usará como dirección local de las interfaces PPP." @@ -12057,7 +13081,7 @@ msgstr "Especifica los algoritmos :abbr:`MAC (Código de autenticación de mensa msgid "Specifies the base DN under which the users are located." msgstr "Especifica el DN base bajo el cual se ubican los usuarios." -#: ../../configuration/service/dhcp-server.rst:239 +#: ../../configuration/service/dhcp-server.rst:245 msgid "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." msgstr "Especifica la máscara de subred de los clientes según RFC 950. Si no se establece, se utiliza la declaración de subred." @@ -12094,22 +13118,33 @@ msgstr "Especifica el puerto `<port> ` en el que escuchará el puerto SSTP (pred msgid "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." msgstr "Especifica el ámbito de protección (también conocido como nombre de dominio) que se debe informar al cliente para el esquema de autenticación. Por lo general, es parte del texto que el usuario verá cuando se le solicite su nombre de usuario y contraseña." -#: ../../configuration/vrf/index.rst:452 +#: ../../configuration/vrf/index.rst:471 msgid "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." msgstr "Especifica la lista de destino de ruta que se adjuntará a una ruta (exportación) o la lista de destino de ruta para comparar (importar) al exportar/importar entre el VRF de unidifusión actual y VPN. RTLIST es una lista separada por espacios de ruta- objetivos, que son valores de comunidad extendida de BGP, tal como se describe en Atributo de comunidades extendidas." -#: ../../configuration/vrf/index.rst:445 +#: ../../configuration/vrf/index.rst:464 msgid "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." msgstr "Especifica el distintivo de ruta que se agregará a una ruta exportada desde el VRF de unidifusión actual a VPN." -#: ../../configuration/vpn/sstp.rst:281 +#: ../../configuration/service/ipoe-server.rst:224 +#: ../../configuration/service/pppoe-server.rst:186 +#: ../../configuration/vpn/l2tp.rst:229 +#: ../../configuration/vpn/pptp.rst:169 +#: ../../configuration/vpn/sstp.rst:202 msgid "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." msgstr "Especifica el diccionario del proveedor, el diccionario debe estar en /usr/share/accel-ppp/radius." -#: ../../configuration/vpn/sstp.rst:188 +#: ../../configuration/vpn/sstp.rst:194 msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." msgstr "Especifica el tiempo de espera en segundos para esperar cualquier actividad del compañero. Si se especifica esta opción, se activa la función de eco lcp adaptativo y no se utiliza "lcp-echo-failure"." +#: ../../configuration/service/pppoe-server.rst:490 +#: ../../configuration/vpn/l2tp.rst:444 +#: ../../configuration/vpn/pptp.rst:368 +#: ../../configuration/vpn/sstp.rst:402 +msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." +msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." + #: ../../configuration/interfaces/vxlan.rst:77 msgid "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." msgstr "Especifica si se debe utilizar un plano de control externo (por ejemplo, BGP L2VPN/EVPN) o el FDB interno." @@ -12122,28 +13157,47 @@ msgstr "Specifies whether the VXLAN device is capable of vni filtering." msgid "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." msgstr "Especifica si este enrutador de borde NSSA traducirá incondicionalmente LSA de tipo 7 a LSA de tipo 5. Cuando el rol es Siempre, los LSA de tipo 7 se traducen a LSA de tipo 5 independientemente del estado del traductor de otros enrutadores de borde NSSA. Cuando el rol es Candidato, este enrutador participa en la elección del traductor para determinar si realizará las tareas de traducción. Cuando el rol es Nunca, este enrutador nunca traducirá LSA de tipo 7 a LSA de tipo 5." -#: ../../configuration/vpn/sstp.rst:272 +#: ../../configuration/service/ipoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:217 +#: ../../configuration/vpn/pptp.rst:157 +#: ../../configuration/vpn/sstp.rst:190 msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." msgstr "Especifica qué atributo del servidor RADIUS contiene la información de lÃmite de velocidad. El atributo predeterminado es `Filter-Id`." +#: ../../configuration/service/pppoe-server.rst:174 +msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." +msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." + +#: ../../configuration/service/ipoe-server.rst:344 +msgid "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." +msgstr "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." + #: ../../configuration/service/ssh.rst:45 msgid "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." msgstr "Especifique la dirección de escucha IPv4/IPv6 del servidor SSH. Se pueden definir varias direcciones." -#: ../../configuration/firewall/ipv4.rst:401 +#: ../../configuration/service/ids.rst:51 +msgid "Specify IPv4 and/or IPv6 networks that should be protected/monitored." +msgstr "Specify IPv4 and/or IPv6 networks that should be protected/monitored." + +#: ../../configuration/service/ids.rst:38 +msgid "Specify IPv4 and/or IPv6 networks which are going to be excluded." +msgstr "Specify IPv4 and/or IPv6 networks which are going to be excluded." + +#: ../../configuration/firewall/ipv4.rst:424 #: ../../configuration/firewall/ipv6.rst:408 msgid "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." msgstr "Especifique un nombre de dominio completo como comparador de origen/destino. Asegúrese de que el enrutador pueda resolver dicha consulta DNS." -#: ../../configuration/service/dhcp-server.rst:550 +#: ../../configuration/service/dhcp-server.rst:556 msgid "Specify a NIS+ server address for DHCPv6 clients." msgstr "Especifique una dirección de servidor NIS+ para clientes DHCPv6." -#: ../../configuration/service/dhcp-server.rst:545 +#: ../../configuration/service/dhcp-server.rst:551 msgid "Specify a NIS server address for DHCPv6 clients." msgstr "Especifique una dirección de servidor NIS para clientes DHCPv6." -#: ../../configuration/service/dhcp-server.rst:555 +#: ../../configuration/service/dhcp-server.rst:561 msgid "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." msgstr "Especifique un servidor :abbr:`SIP (protocolo de inicio de sesión)` por dirección IPv6 de nombre de dominio completo para todos los clientes DHCPv6." @@ -12167,6 +13221,14 @@ msgstr "Especifique un AS alternativo para este proceso BGP al interactuar con e msgid "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." msgstr "Especifique un puerto TCP alternativo en el que escuche el servidor ldap si no es el puerto LDAP predeterminado 389." +#: ../../configuration/service/dns.rst:254 +msgid "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." +msgstr "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." + +#: ../../configuration/service/ipoe-server.rst:339 +msgid "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" +msgstr "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" + #: ../../configuration/service/ntp.rst:84 #: ../../configuration/service/ssh.rst:110 #: ../../configuration/system/syslog.rst:79 @@ -12181,11 +13243,11 @@ msgstr "Especifique nexthop en la ruta al destino, ``ipv4-address`` se puede est msgid "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." msgstr "Especifique una ruta estática en la tabla de enrutamiento enviando todo el tráfico no local a la dirección nexthop `<address> `." -#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:249 msgid "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." msgstr "Especifique la IP `<address> ` del usuario del servidor RADIUS con el secreto previamente compartido dado en `<secret> `." -#: ../../configuration/system/login.rst:314 +#: ../../configuration/system/login.rst:318 msgid "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." msgstr "Especifique la IP `<address> ` del usuario del servidor TACACS con el secreto previamente compartido dado en `<secret> `." @@ -12225,7 +13287,7 @@ msgstr "Especificar los sistemas `<timezone> ` como la Región/Ubicación que me msgid "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" msgstr "Especifique el intervalo de tiempo cuando `<task> ` debe ejecutarse. El intervalo se especifica como número con uno de los siguientes sufijos:" -#: ../../configuration/service/dns.rst:269 +#: ../../configuration/service/dns.rst:283 msgid "Specify timeout / update interval to check if IP address changed." msgstr "Specify timeout / update interval to check if IP address changed." @@ -12233,6 +13295,10 @@ msgstr "Specify timeout / update interval to check if IP address changed." msgid "Specify timeout interval for keepalive message in seconds." msgstr "Especifique el intervalo de tiempo de espera para el mensaje de actividad en segundos." +#: ../../configuration/service/ipoe-server.rst:97 +msgid "Specify where interface is shared by multiple users or it is vlan-per-user." +msgstr "Specify where interface is shared by multiple users or it is vlan-per-user." + #: ../../configuration/interfaces/vxlan.rst:191 msgid "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." msgstr "Spine1 es un enrutador Cisco IOS que ejecuta la versión 15.4, Leaf2 y Leaf3 son cada uno un enrutador VyOS que ejecuta 1.2." @@ -12285,7 +13351,7 @@ msgstr "A partir de VyOS 1.2, se proporciona una funcionalidad de repetidor :abb msgid "Static" msgstr "Estático" -#: ../../configuration/service/dhcp-server.rst:189 +#: ../../configuration/service/dhcp-server.rst:195 msgid "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." msgstr "Dirección IP DHCP estática asignada al host identificado por `<description> `. La dirección IP debe estar dentro de `<subnet> ` que está definido pero puede estar fuera del rango dinámico creado con :cfgcmd:`set service dhcp-server shared-network-name<name> subred<subnet> rango<n> `. Si no se especifica una dirección IP, se utiliza una IP del grupo dinámico." @@ -12314,12 +13380,12 @@ msgid "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured man msgstr "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured manually on each device wishing to use MACsec. Keys must be set statically on all devices for traffic to flow properly. Key rotation is dependent on the administrator updating all keys manually across connected devices. Static SAK mode can not be used with MKA." #: ../../configuration/service/dhcp-server.rst:174 -#: ../../configuration/service/dhcp-server.rst:621 +#: ../../configuration/service/dhcp-server.rst:629 msgid "Static mappings" msgstr "Mapeos estáticos" -#: ../../configuration/service/dhcp-server.rst:460 -#: ../../configuration/service/dhcp-server.rst:694 +#: ../../configuration/service/dhcp-server.rst:466 +#: ../../configuration/service/dhcp-server.rst:702 msgid "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." msgstr "Las asignaciones estáticas no se muestran. Para mostrar todos los estados, utilice ``show dhcp server leases state all``." @@ -12384,7 +13450,7 @@ msgstr "Las versiones compatibles de RIP son:" msgid "Supports as HELPER for configured grace period." msgstr "Se admite como AYUDANTE durante el perÃodo de gracia configurado." -#: ../../configuration/vpn/ipsec.rst:178 +#: ../../configuration/vpn/ipsec.rst:182 msgid "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" msgstr "Suponga que el enrutador IZQUIERDO tiene la dirección externa 192.0.2.10 en su interfaz eth0 y el enrutador DERECHO es 203.0.113.45" @@ -12404,17 +13470,17 @@ msgstr "Synamic instruye a reenviar a todos los compañeros con los que tenemos msgid "Sync groups" msgstr "Sincronizar grupos" -#: ../../configuration/firewall/ipv4.rst:911 +#: ../../configuration/firewall/ipv4.rst:934 #: ../../configuration/firewall/ipv6.rst:920 msgid "Synproxy" msgstr "Synproxy" -#: ../../configuration/firewall/ipv4.rst:912 +#: ../../configuration/firewall/ipv4.rst:935 #: ../../configuration/firewall/ipv6.rst:921 msgid "Synproxy connections" msgstr "Synproxy connections" -#: ../../configuration/firewall/ipv4.rst:929 +#: ../../configuration/firewall/ipv4.rst:952 #: ../../configuration/firewall/ipv6.rst:938 msgid "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" msgstr "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" @@ -12484,23 +13550,23 @@ msgstr "Identificador del sistema: ``1921.6800.1002``: para los identificadores msgid "System is unusable - a panic condition" msgstr "El sistema no se puede usar: una condición de pánico" -#: ../../configuration/system/login.rst:299 +#: ../../configuration/system/login.rst:303 msgid "TACACS+" msgstr "TACACS+" -#: ../../configuration/system/login.rst:418 +#: ../../configuration/system/login.rst:422 msgid "TACACS Example" msgstr "Ejemplo de TACACS" -#: ../../configuration/system/login.rst:305 +#: ../../configuration/system/login.rst:309 msgid "TACACS is defined in :rfc:`8907`." msgstr "TACACS se define en :rfc:`8907`." -#: ../../configuration/system/login.rst:335 +#: ../../configuration/system/login.rst:339 msgid "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." msgstr "Los servidores TACACS podrÃan fortalecerse al permitir que solo se conecten ciertas direcciones IP. A partir de esto se puede configurar la dirección de origen de cada consulta TACACS." -#: ../../configuration/protocols/static.rst:140 +#: ../../configuration/protocols/static.rst:173 #: ../../configuration/system/flow-accounting.rst:83 msgid "TBD" msgstr "Por determinar" @@ -12553,15 +13619,19 @@ msgstr "Indicar a los hosts que utilicen el protocolo administrado (con estado) msgid "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" msgstr "Indicar a los hosts que utilicen el protocolo con estado administrado (es decir, DHCP) para la configuración automática" -#: ../../configuration/vpn/sstp.rst:227 +#: ../../configuration/service/ipoe-server.rst:170 +#: ../../configuration/service/pppoe-server.rst:132 +#: ../../configuration/vpn/l2tp.rst:175 +#: ../../configuration/vpn/pptp.rst:115 +#: ../../configuration/vpn/sstp.rst:148 msgid "Temporary disable this RADIUS server." msgstr "Deshabilite temporalmente este servidor RADIUS." -#: ../../configuration/system/login.rst:258 +#: ../../configuration/system/login.rst:262 msgid "Temporary disable this RADIUS server. It won't be queried." msgstr "Deshabilite temporalmente este servidor RADIUS. No será consultado." -#: ../../configuration/system/login.rst:327 +#: ../../configuration/system/login.rst:331 msgid "Temporary disable this TACACS server. It won't be queried." msgstr "Deshabilite temporalmente este servidor TACACS. No será consultado." @@ -12589,7 +13659,7 @@ msgstr "Pruebe la desconexión dada la interfaz orientada a la conexión. `<inte msgid "Test from the IPv6 only client:" msgstr "Test from the IPv6 only client:" -#: ../../configuration/vpn/sstp.rst:305 +#: ../../configuration/vpn/sstp.rst:374 msgid "Testing SSTP" msgstr "Prueba de SSTP" @@ -12621,7 +13691,7 @@ msgstr "El ASP ha documentado sus requisitos de IPSec:" msgid "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." msgstr "El enrutador BGP puede conectarse a uno o más servidores de caché RPKI para recibir el prefijo validado para las asignaciones AS de origen. La conmutación por error avanzada se puede implementar mediante sockets de servidor con diferentes valores de preferencia." -#: ../../configuration/vrf/index.rst:94 +#: ../../configuration/vrf/index.rst:113 msgid "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." msgstr "La configuración de CLI es la misma que se menciona en los artÃculos anteriores. La única diferencia es que cada protocolo de enrutamiento utilizado debe tener el prefijo `vrf name<name> `comando." @@ -12661,7 +13731,7 @@ msgstr "La tarjeta Intel AX200 no funciona de fábrica en modo AP, consulte http msgid "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." msgstr "El OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, una vez llamado, contendrá la salida de la extensión." -#: ../../configuration/vpn/pptp.rst:6 +#: ../../configuration/vpn/pptp.rst:7 msgid "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." msgstr "El Protocolo de tunelización punto a punto (PPTP_) se implementó en VyOS solo para compatibilidad con versiones anteriores. PPTP tiene muchos problemas de seguridad bien conocidos y debe usar una de las muchas otras implementaciones nuevas de VPN." @@ -12701,19 +13771,19 @@ msgstr "La especificación VXLAN fue creada originalmente por VMware, Arista Net msgid "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." msgstr "El reenviador DNS de VyOS no requiere un servidor DNS ascendente. Puede servir como un servidor DNS recursivo completo, pero también puede reenviar consultas a servidores DNS ascendentes configurables. Al no configurar ningún servidor DNS ascendente, también evita que el proveedor de su servidor DNS ascendente lo rastree." -#: ../../configuration/service/dns.rst:173 +#: ../../configuration/service/dns.rst:160 msgid "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" msgstr "El reenviador de DNS de VyOS solo aceptará solicitudes de búsqueda de las subredes LAN: 192.168.1.0/24 y 2001:db8::/64" -#: ../../configuration/service/dns.rst:171 +#: ../../configuration/service/dns.rst:158 msgid "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" msgstr "El reenviador de DNS de VyOS solo escuchará solicitudes en las direcciones de interfaz eth1 (LAN): 192.168.1.254 para IPv4 y 2001:db8::ffff para IPv6" -#: ../../configuration/service/dns.rst:175 +#: ../../configuration/service/dns.rst:162 msgid "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." msgstr "El reenviador de DNS de VyOS pasará búsquedas inversas para las zonas 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa al servidor ascendente." -#: ../../configuration/pki/index.rst:254 +#: ../../configuration/pki/index.rst:285 msgid "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." msgstr "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." @@ -12770,7 +13840,11 @@ msgstr "El servicio ``https`` escucha en el puerto 443 con el backend `bk-defaul msgid "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." msgstr "La directiva ``persistent-tunnel`` nos permitirá configurar atributos relacionados con el túnel, como la polÃtica de firewall, como lo harÃamos en cualquier interfaz de red normal." -#: ../../configuration/vpn/l2tp.rst:176 +#: ../../configuration/service/ipoe-server.rst:154 +#: ../../configuration/service/pppoe-server.rst:116 +#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/vpn/pptp.rst:99 +#: ../../configuration/vpn/sstp.rst:132 msgid "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." msgstr "La ``dirección de origen`` debe configurarse en una de las interfaces de VyOS. La mejor práctica serÃa una interfaz de bucle invertido o ficticia." @@ -12787,11 +13861,11 @@ msgstr "El directorio anterior y la configuración predeterminada deben ser un d msgid "The action can be :" msgstr "The action can be :" -#: ../../configuration/pki/index.rst:271 +#: ../../configuration/pki/index.rst:302 msgid "The address the server listens to during http-01 challenge" msgstr "The address the server listens to during http-01 challenge" -#: ../../configuration/protocols/bgp.rst:775 +#: ../../configuration/protocols/bgp.rst:797 msgid "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." msgstr "La ventaja de esto es que la selección de ruta (en este punto) será más determinista. La desventaja es que algunos o incluso un enrutador de ID más bajo pueden atraer todo el tráfico a rutas iguales debido a esta verificación. Puede aumentar la posibilidad de oscilación MED o IGP, a menos que se hayan tomado otras medidas para evitarlas. El comportamiento exacto será sensible al iBGP y la topologÃa de reflexión." @@ -12803,7 +13877,7 @@ msgstr "El bloque de direcciones asignado es 100.64.0.0/10." msgid "The amount of Duplicate Address Detection probes to send." msgstr "The amount of Duplicate Address Detection probes to send." -#: ../../configuration/protocols/bgp.rst:835 +#: ../../configuration/protocols/bgp.rst:857 msgid "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." msgstr "Los atributos :cfgcmd:`prefix-list` y :cfgcmd:`distribute-list` se excluyen mutuamente, y solo se puede aplicar un comando (distribute-list o prefix-list) a cada dirección de entrada o salida para un vecino en particular." @@ -12823,11 +13897,15 @@ msgstr "La interfaz de vinculación proporciona un método para agregar múltipl msgid "The case of ingress shaping" msgstr "El caso de la conformación de ingreso" -#: ../../configuration/service/pppoe-server.rst:385 +#: ../../configuration/service/pppoe-server.rst:644 +msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." +msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." + +#: ../../configuration/service/pppoe-server.rst:644 msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." msgstr "El cliente, una vez autenticado con éxito, recibirá una dirección IPv4 y una dirección IPv6 /64 para terminar el extremo pppoe en el lado del cliente y una subred /56 para uso interno del cliente." -#: ../../configuration/service/ipoe-server.rst:90 +#: ../../configuration/service/ipoe-server.rst:91 msgid "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." msgstr "Los clientes :abbr:`CPE (Customer Premises Equipment)` ahora pueden comunicarse a través de IPv4 o IPv6. Todos los dispositivos detrás de ``2001:db8::a00:27ff:fe2f:d806/64`` pueden usar direcciones de ``2001:db8:1::/56`` y pueden comunicarse globalmente sin necesidad de reglas NAT." @@ -12839,7 +13917,7 @@ msgstr "El comando :opcmd:`show interfaces wireguard wg01 public-key` mostrará msgid "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." msgstr "El comando también genera una configuración recortada que se puede copiar/pegar en la CLI de VyOS si es necesario. El `` suministrado<name> `` en la CLI se convertirá en el nombre del par en el fragmento." -#: ../../configuration/service/pppoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:305 msgid "The command below enables it, assuming the RADIUS connection has been setup and is working." msgstr "El siguiente comando lo habilita, suponiendo que la conexión RADIUS se haya configurado y esté funcionando." @@ -12855,9 +13933,9 @@ msgstr "El comando pon TESTUNNEL establece el túnel PPTP al sistema remoto." msgid "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" msgstr "Las computadoras en una red interna pueden usar cualquiera de las direcciones reservadas por la :abbr:`IANA (Autoridad de Números Asignados en Internet)` para direccionamiento privado (ver :rfc:`1918`). Estas direcciones IP reservadas no están en uso en Internet, por lo que una máquina externa no las enrutará directamente. Las siguientes direcciones están reservadas para uso privado:" -#: ../../configuration/service/dhcp-server.rst:210 -#: ../../configuration/service/dhcp-server.rst:601 -#: ../../configuration/service/dhcp-server.rst:644 +#: ../../configuration/service/dhcp-server.rst:216 +#: ../../configuration/service/dhcp-server.rst:608 +#: ../../configuration/service/dhcp-server.rst:652 msgid "The configuration will look as follows:" msgstr "La configuración se verá de la siguiente manera:" @@ -12881,6 +13959,10 @@ msgstr "La tabla de seguimiento de conexiones contiene una entrada para cada con msgid "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" msgstr "El atributo actual 'Filter-Id' se usa de forma predeterminada y se puede configurar dentro de RADIUS:" +#: ../../configuration/service/pppoe-server.rst:299 +msgid "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" +msgstr "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" + #: ../../configuration/service/ntp.rst:29 msgid "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." msgstr "El protocolo actual es la versión 4 (NTPv4), que es un estándar propuesto como se documenta en :rfc:`5905`. Es retrocompatible con la versión 3, especificada en :rfc:`1305`." @@ -12905,7 +13987,7 @@ msgstr "El nombre de host predeterminado utilizado es `vyos`." msgid "The default is 1492." msgstr "The default is 1492." -#: ../../configuration/service/dhcp-server.rst:526 +#: ../../configuration/service/dhcp-server.rst:532 msgid "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." msgstr "El tiempo de concesión predeterminado para las concesiones de DHCPv6 es de 24 horas. Esto se puede cambiar proporcionando un ``tiempo predeterminado``, ``tiempo máximo`` y ``tiempo mÃnimo``. Todos los valores deben proporcionarse en segundos." @@ -12937,6 +14019,14 @@ msgstr "The default value is 3." msgid "The default value is 3 packets." msgstr "The default value is 3 packets." +#: ../../configuration/protocols/rpki.rst:124 +msgid "The default value is 600 seconds." +msgstr "The default value is 600 seconds." + +#: ../../configuration/protocols/rpki.rst:117 +msgid "The default value is 7200 seconds." +msgstr "The default value is 7200 seconds." + #: ../../configuration/service/dhcp-server.rst:99 msgid "The default value is 86400 seconds which corresponds to one day." msgstr "El valor predeterminado es 86400 segundos que corresponde a un dÃa." @@ -12987,15 +14077,19 @@ msgstr "El proxy Squid incorporado puede usar LDAP para autenticar a los usuario msgid "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." msgstr "El ejemplo anterior usa 192.0.2.2 como dirección IP externa. Un LAC normalmente requiere una contraseña de autenticación, que se establece en la configuración de ejemplo en ``lns shared-secret 'secret'``. Esta configuración requiere que se deshabilite el Protocolo de control de compresión (CCP), el comando ``set vpn l2tp remote-access ccp-disable`` lo logra." -#: ../../configuration/service/pppoe-server.rst:369 +#: ../../configuration/service/pppoe-server.rst:627 +msgid "The example below covers a dual-stack configuration." +msgstr "The example below covers a dual-stack configuration." + +#: ../../configuration/service/pppoe-server.rst:627 msgid "The example below covers a dual-stack configuration via pppoe-server." msgstr "El siguiente ejemplo cubre una configuración de doble pila a través del servidor pppoe." -#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/service/pppoe-server.rst:606 msgid "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." msgstr "El siguiente ejemplo usa ACN como nombre de concentrador de acceso, asigna una dirección del grupo 10.1.1.100-111, termina en el extremo local 10.1.1.1 y atiende solicitudes solo en eth1." -#: ../../configuration/service/ipoe-server.rst:35 +#: ../../configuration/service/ipoe-server.rst:34 msgid "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." msgstr "La configuración de ejemplo a continuación asignará una IP al cliente en la interfaz entrante eth2 con la dirección mac del cliente 08:00:27:2f:d8:06. Se ignorarán otras solicitudes de detección de DHCP, a menos que el mac del cliente se haya habilitado en la configuración." @@ -13023,7 +14117,7 @@ msgstr "El motor reserva la primera IP en la red del contenedor y no se puede us msgid "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." msgstr "La primera dirección del parámetro ``client-subnet``, se utilizará como puerta de enlace predeterminada. Las sesiones conectadas se pueden verificar a través del comando ``show ipoe-server sessions``." -#: ../../configuration/vpn/ipsec.rst:174 +#: ../../configuration/vpn/ipsec.rst:178 msgid "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." msgstr "La primera y posiblemente más limpia opción es hacer que su polÃtica IPsec coincida con los paquetes GRE entre las direcciones externas de sus enrutadores. Esta es la mejor opción si ambos enrutadores tienen direcciones externas estáticas." @@ -13039,14 +14133,18 @@ msgstr "The first ip address is the RP's address and the second value is the mat msgid "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." msgstr "La primera solicitud de registro se envÃa a la dirección de transmisión del protocolo y la dirección del protocolo real del servidor se detecta dinámicamente a partir de la primera respuesta de registro." -#: ../../configuration/vpn/sstp.rst:311 +#: ../../configuration/vpn/sstp.rst:484 msgid "The following PPP configuration tests MSCHAP-v2:" msgstr "La siguiente configuración de PPP prueba MSCHAP-v2:" -#: ../../configuration/system/login.rst:143 +#: ../../configuration/system/login.rst:147 msgid "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" msgstr "El siguiente comando se puede usar para generar la clave OTP, asà como los comandos CLI para configurarlos:" +#: ../../configuration/protocols/bgp.rst:664 +msgid "The following command uses the explicit-null label value for all the BGP instances." +msgstr "The following command uses the explicit-null label value for all the BGP instances." + #: ../../configuration/interfaces/openvpn.rst:708 msgid "The following commands let you check tunnel status." msgstr "Los siguientes comandos le permiten verificar el estado del túnel." @@ -13059,7 +14157,7 @@ msgstr "Los siguientes comandos le permiten restablecer OpenVPN." msgid "The following commands translate to \"--net host\" when the container is created" msgstr "Los siguientes comandos se traducen a "--net host" cuando se crea el contenedor" -#: ../../configuration/vrf/index.rst:101 +#: ../../configuration/vrf/index.rst:120 msgid "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" msgstr "Se requerirÃan los siguientes comandos para establecer opciones para un protocolo de enrutamiento dinámico dado dentro de un vrf dado:" @@ -13083,6 +14181,10 @@ msgstr "La siguiente configuración de proxy inverso termina SSL." msgid "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." msgstr "La siguiente configuración asignará un prefijo /64 de una delegación /56 a eth0. La dirección IPv6 asignada a eth0 será<prefix> ::ffff/64. Si no conoce el tamaño del prefijo que se le delegó, comience con sla-len 0." +#: ../../configuration/interfaces/pppoe.rst:383 +msgid "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." +msgstr "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." + #: ../../configuration/policy/examples.rst:155 msgid "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." msgstr "El siguiente ejemplo permite que VyOS use :abbr:`PBR (enrutamiento basado en polÃticas)` para el tráfico, que se originó en el propio enrutador. Esa solución para múltiples ISP y enrutadores VyOS responderá desde la misma interfaz en la que se recibió el paquete. Además, se utiliza, si queremos que un túnel VPN sea a través de un proveedor y el segundo a través de otro." @@ -13095,7 +14197,7 @@ msgstr "El siguiente ejemplo crea un WAP. Al configurar múltiples interfaces WA msgid "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." msgstr "El siguiente ejemplo se basa en una tarjeta miniPCIe Sierra Wireless MC7710 (solo el factor de forma en realidad ejecuta UBS) y Deutsche Telekom como ISP. La tarjeta se ensambla en un :ref:`pc-engines-apu4`." -#: ../../configuration/vrf/index.rst:237 +#: ../../configuration/vrf/index.rst:256 msgid "The following example topology was built using EVE-NG." msgstr "La siguiente topologÃa de ejemplo se creó utilizando EVE-NG." @@ -13140,7 +14242,7 @@ msgstr "El tiempo de retardo de reenvÃo es el tiempo que se pasa en cada uno de msgid "The generated configuration will look like:" msgstr "La configuración generada se verá asÃ:" -#: ../../configuration/pki/index.rst:107 +#: ../../configuration/pki/index.rst:109 msgid "The generated parameters are then output to the console." msgstr "Los parámetros generados luego se envÃan a la consola." @@ -13168,7 +14270,7 @@ msgstr "El nombre de host puede tener hasta 63 caracteres. Un nombre de host deb msgid "The hostname or IP address of the master" msgstr "El nombre de host o la dirección IP del maestro" -#: ../../configuration/service/dhcp-server.rst:632 +#: ../../configuration/service/dhcp-server.rst:640 msgid "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." msgstr "El identificador es el DUID del dispositivo: lista hexadecimal separada por dos puntos (como se usa en la opción dhcpv6.client-id de isc-dhcp). Si el dispositivo ya tiene una concesión dinámica del servidor DHCPv6, su DUID se puede encontrar con ``show service dhcpv6 server leases``. El DUID comienza en el 5.° octeto (después de los 4.° dos puntos) de IAID_DUID." @@ -13212,7 +14314,7 @@ msgstr "The legacy and zone-based firewall configuration options is not longer s msgid "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." msgstr "El limitador realiza una vigilancia de entrada básica de los flujos de tráfico. Se pueden definir múltiples clases de tráfico y se pueden aplicar lÃmites de tráfico a cada clase. Aunque el vigilante utiliza internamente un mecanismo de cubeta de fichas, no tiene la capacidad de retrasar un paquete como lo hace un mecanismo de modelado. El tráfico que excede los lÃmites de ancho de banda definidos se elimina directamente. También se puede configurar una ráfaga máxima permitida." -#: ../../configuration/policy/route-map.rst:255 +#: ../../configuration/policy/route-map.rst:258 msgid "The link bandwidth extended community is encoded as non-transitive" msgstr "La comunidad ampliada del ancho de banda del enlace se codifica como no transitiva" @@ -13240,6 +14342,10 @@ msgstr "The main points regarding this packet flow and terminology used in VyOS msgid "The main structure VyOS firewall cli is shown next:" msgstr "The main structure VyOS firewall cli is shown next:" +#: ../../configuration/firewall/index.rst:92 +msgid "The main structure of the VyOS firewall CLI is shown next:" +msgstr "The main structure of the VyOS firewall CLI is shown next:" + #: ../../configuration/interfaces/bonding.rst:271 msgid "The maximum number of targets that can be specified is 16. The default value is no IP address." msgstr "El número máximo de destinos que se pueden especificar es 16. El valor predeterminado es ninguna dirección IP." @@ -13272,11 +14378,15 @@ msgstr "El grupo de multidifusión utilizado por todas las hojas para esta exten msgid "The name of the service can be different, in this example it is only for convenience." msgstr "El nombre del servicio puede ser diferente, en este ejemplo es solo por conveniencia." +#: ../../configuration/service/dns.rst:171 +msgid "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." +msgstr "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." + #: ../../configuration/service/dhcp-server.rst:13 msgid "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." msgstr "La topologÃa de red se declara mediante el nombre de red compartida y las declaraciones de subred. El servicio DHCP puede servir a múltiples redes compartidas, y cada red compartida tiene 1 o más subredes. Cada subred debe estar presente en una interfaz. Se puede declarar un rango dentro de una subred para definir un conjunto de direcciones dinámicas. Se pueden definir múltiples rangos y pueden contener huecos. Las asignaciones estáticas se pueden configurar para asignar direcciones "estáticas" a los clientes en función de su dirección MAC." -#: ../../configuration/service/conntrack-sync.rst:188 +#: ../../configuration/service/conntrack-sync.rst:192 msgid "The next example is a simple configuration of conntrack-sync." msgstr "El siguiente ejemplo es una configuración simple de conntrack-sync." @@ -13324,7 +14434,7 @@ msgstr "La interfaz saliente para realizar la traducción en" msgid "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." msgstr "El nombre del compañero debe ser alfanumérico y puede tener un guión o un guión bajo como caracteres especiales. Es puramente informativo." -#: ../../configuration/vpn/ipsec.rst:235 +#: ../../configuration/vpn/ipsec.rst:239 msgid "The peer names RIGHT and LEFT are used as informational text." msgstr "Los nombres de pares DERECHO e IZQUIERDO se utilizan como texto informativo." @@ -13332,7 +14442,7 @@ msgstr "Los nombres de pares DERECHO e IZQUIERDO se utilizan como texto informat msgid "The peer with lower priority will become the key server and start distributing SAKs." msgstr "El par con menor prioridad se convertirá en el servidor de claves y comenzará a distribuir SAK." -#: ../../configuration/vrf/index.rst:181 +#: ../../configuration/vrf/index.rst:200 msgid "The ping command is used to test whether a network host is reachable or not." msgstr "El comando ping se usa para probar si un host de red es accesible o no." @@ -13352,7 +14462,7 @@ msgstr "El prefijo y el ASN que lo originaron coinciden con un ROA firmado. Esto msgid "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." msgstr "El prefijo o la longitud del prefijo y el ASN que lo originó no coincide con ningún ROA existente. Esto podrÃa ser el resultado de un secuestro de prefijo, o simplemente una configuración incorrecta, pero probablemente deberÃa tratarse como anuncios de ruta no confiables." -#: ../../configuration/service/dhcp-server.rst:375 +#: ../../configuration/service/dhcp-server.rst:381 msgid "The primary DHCP server uses address `192.168.189.252`" msgstr "El servidor DHCP primario usa la dirección `192.168.189.252`" @@ -13368,11 +14478,11 @@ msgstr "La opción principal solo es válida para el modo de copia de seguridad msgid "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." msgstr "La prioridad debe ser un número entero de 1 a 255. Un valor de prioridad más alto aumenta la precedencia del enrutador en las elecciones de maestro." -#: ../../configuration/service/dhcp-server.rst:539 +#: ../../configuration/service/dhcp-server.rst:545 msgid "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" msgstr "El procedimiento para especificar un dominio :abbr:`NIS+ (Network Information Service Plus)` es similar al del dominio NIS:" -#: ../../configuration/vrf/index.rst:222 +#: ../../configuration/vrf/index.rst:241 msgid "The prompt is adjusted to reflect this change in both config and op-mode." msgstr "El indicador se ajusta para reflejar este cambio tanto en la configuración como en el modo operativo." @@ -13400,7 +14510,7 @@ msgstr "La dirección IP pública del lado local de la VPN será 198.51.100.10." msgid "The public IP address of the remote side of the VPN will be 203.0.113.11." msgstr "La dirección IP pública del lado remoto de la VPN será 203.0.113.11." -#: ../../configuration/service/ipoe-server.rst:130 +#: ../../configuration/service/ipoe-server.rst:131 #: ../../configuration/vpn/l2tp.rst:120 msgid "The rate-limit is set in kbit/sec." msgstr "El lÃmite de velocidad se establece en kbit/seg." @@ -13421,6 +14531,10 @@ msgstr "El sitio remoto tendrá una subred de 10.1.0.0/16." msgid "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." msgstr "El usuario remoto usará el cliente openconnect para conectarse al enrutador y recibirá una dirección IP de un grupo VPN, lo que le permitirá acceso total a la red." +#: ../../configuration/service/dns.rst:161 +msgid "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." +msgstr "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." + #: ../../configuration/interfaces/openvpn.rst:458 msgid "The required config file may look like this:" msgstr "El archivo de configuración requerido puede verse asÃ:" @@ -13465,7 +14579,7 @@ msgstr "La contabilidad de sFlow basada en hsflowd https://sflow.net/" msgid "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." msgstr "Las mismas opciones de configuración se aplican cuando la configuración basada en identidad está configurada en modo de grupo, excepto que el modo de grupo solo se puede usar con la autenticación RADIUS." -#: ../../configuration/vpn/ipsec.rst:227 +#: ../../configuration/vpn/ipsec.rst:231 msgid "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." msgstr "Sin embargo, el esquema anterior no funciona cuando uno de los enrutadores tiene una dirección externa dinámica. La solución alternativa clásica para esto es configurar una dirección en una interfaz de bucle invertido y usarla como dirección de origen para el túnel GRE, luego configurar una polÃtica IPsec para que coincida con esas direcciones de bucle invertido." @@ -13473,7 +14587,7 @@ msgstr "Sin embargo, el esquema anterior no funciona cuando uno de los enrutador msgid "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." msgstr "El filtro de búsqueda puede contener hasta 15 ocurrencias de %s que serán reemplazadas por el nombre de usuario, como en "uid=%s" para los directorios :rfc:`2037`. Para obtener una descripción detallada de la sintaxis del filtro de búsqueda LDAP, consulte :rfc:`2254`." -#: ../../configuration/service/dhcp-server.rst:376 +#: ../../configuration/service/dhcp-server.rst:382 msgid "The secondary DHCP server uses address `192.168.189.253`" msgstr "El servidor DHCP secundario usa la dirección `192.168.189.253`" @@ -13533,11 +14647,14 @@ msgstr "El tipo puede ser el siguiente: asbr-summary, external, network, nssa-ex msgid "The ultimate goal of classifying traffic is to give each class a different treatment." msgstr "El objetivo final de clasificar el tráfico es dar a cada clase un tratamiento diferente." -#: ../../configuration/service/ipoe-server.rst:18 +#: ../../configuration/service/ipoe-server.rst:16 msgid "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." msgstr "El uso de IPoE soluciona la desventaja de que PPP no es adecuado para la entrega de multidifusión a múltiples usuarios. Por lo general, IPoE utiliza el Protocolo de configuración dinámica de host y el Protocolo de autenticación extensible para brindar la misma funcionalidad que PPPoE, pero de una manera menos robusta." -#: ../../configuration/vpn/l2tp.rst:221 +#: ../../configuration/service/pppoe-server.rst:222 +#: ../../configuration/vpn/l2tp.rst:265 +#: ../../configuration/vpn/pptp.rst:205 +#: ../../configuration/vpn/sstp.rst:238 msgid "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." msgstr "El valor del atributo ``NAS-Port-Id`` debe tener menos de 16 caracteres; de lo contrario, no se cambiará el nombre de la interfaz." @@ -13549,7 +14666,11 @@ msgstr "La opción ID de clase de proveedor se puede utilizar para solicitar una msgid "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." msgstr "Los dispositivos veth son dispositivos Ethernet virtuales. Pueden actuar como túneles entre espacios de nombres de red para crear un puente a un dispositivo de red fÃsico en otro espacio de nombres o VRF, pero también se pueden usar como dispositivos de red independientes." -#: ../../configuration/system/login.rst:138 +#: ../../configuration/service/router-advert.rst:86 +msgid "The well known NAT64 prefix is ``64:ff9b::/96``" +msgstr "The well known NAT64 prefix is ``64:ff9b::/96``" + +#: ../../configuration/system/login.rst:142 msgid "The window size must be between 1 and 21." msgstr "El tamaño de la ventana debe estar entre 1 y 21." @@ -13557,6 +14678,10 @@ msgstr "El tamaño de la ventana debe estar entre 1 y 21." msgid "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." msgstr "El cliente inalámbrico (solicitante) se autentica contra el servidor RADIUS (servidor de autenticación) utilizando un método :abbr:`EAP (Protocolo de autenticación extensible)` configurado en el servidor RADIUS. La función WAP (también conocida como autenticador) es enviar todos los mensajes de autenticación entre el solicitante y el servidor de autenticación configurado, por lo que el servidor RADIUS es responsable de autenticar a los usuarios." +#: ../../configuration/service/ids.rst:125 +msgid "Then, FastNetMon configuration:" +msgstr "Then, FastNetMon configuration:" + #: ../../configuration/nat/nat44.rst:621 msgid "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." msgstr "Luego, se crea una regla SNAT correspondiente al tráfico saliente NAT para la IP interna a una IP externa reservada. Esto dedica una dirección IP externa a una dirección IP interna y es útil para protocolos que no tienen la noción de puertos, como GRE." @@ -13596,7 +14721,7 @@ msgstr "There are a lot of matching criteria against which the packet can be tes msgid "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." msgstr "Hay muchas opciones de criterios coincidentes disponibles, tanto para ``policy route`` como para ``policy route6``. Estas opciones se enumeran en esta sección." -#: ../../configuration/system/ipv6.rst:92 +#: ../../configuration/system/ipv6.rst:105 msgid "There are different parameters for getting prefix-list information:" msgstr "Hay diferentes parámetros para obtener información de la lista de prefijos:" @@ -13612,7 +14737,7 @@ msgstr "Hay muchos parámetros que podrá usar para hacer coincidir el tráfico msgid "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" msgstr "Hay varias versiones disponibles para los datos de NetFlow. el `<version> El ` utilizado en los datos de flujo exportados se puede configurar aquÃ. Se admiten las siguientes versiones:" -#: ../../configuration/service/ipoe-server.rst:153 +#: ../../configuration/service/ipoe-server.rst:154 msgid "There are rate-limited and non rate-limited users (MACs)" msgstr "Hay usuarios con y sin lÃmite de velocidad (MAC)" @@ -13628,7 +14753,7 @@ msgstr "Hay tres modos de operación para una interfaz inalámbrica:" msgid "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" msgstr "Hay dos tipos de administradores de red que se ocupan de BGP, los que han creado un incidente y/o interrupción internacional y los que mienten." -#: ../../configuration/protocols/bgp.rst:896 +#: ../../configuration/protocols/bgp.rst:918 msgid "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" msgstr "Hay dos formas que nos ayudan a mitigar el requisito de malla completa de BGP en una red:" @@ -13757,7 +14882,7 @@ msgstr "Este comando permite emparejamientos entre pares eBGP conectados directa msgid "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." msgstr "Este comando permite que se establezcan sesiones con vecinos eBGP cuando están a varios saltos de distancia. Cuando el vecino no está conectado directamente y esta perilla no está habilitada, la sesión no se establecerá. El rango de número de saltos es de 1 a 255. Este comando es mutuamente excluyente con :cfgcmd:`ttl-security hops`." -#: ../../configuration/protocols/bgp.rst:812 +#: ../../configuration/protocols/bgp.rst:834 msgid "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." msgstr "Este comando permite que el enrutador prefiera la ruta al prefijo especificado aprendido a través de IGP a través del enlace de puerta trasera en lugar de una ruta al mismo prefijo aprendido a través de EBGP." @@ -13814,19 +14939,19 @@ msgstr "Este comando le permite seleccionar un concentrador de acceso especÃfic msgid "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." msgstr "Este comando aplica el mapa de ruta para desactivar de forma selectiva los prefijos suprimidos por el resumen." -#: ../../configuration/protocols/bgp.rst:867 +#: ../../configuration/protocols/bgp.rst:889 msgid "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." msgstr "Este comando aplica los filtros de la lista de acceso de ruta AS nombrados en<name> al vecino BGP especificado para restringir la información de enrutamiento que BGP aprende y/o anuncia. Los argumentos :cfgcmd:`export` y :cfgcmd:`import` especifican la dirección en la que se aplica la lista de acceso de ruta AS." -#: ../../configuration/protocols/bgp.rst:843 +#: ../../configuration/protocols/bgp.rst:865 msgid "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." msgstr "Este comando aplica los filtros de la lista de acceso nombrados en<number> al vecino BGP especificado para restringir la información de enrutamiento que BGP aprende y/o anuncia. Los argumentos :cfgcmd:`export` y :cfgcmd:`import` especifican la dirección en la que se aplican las listas de acceso." -#: ../../configuration/protocols/bgp.rst:851 +#: ../../configuration/protocols/bgp.rst:873 msgid "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." msgstr "Este comando aplica los filtros de lista prfefix nombrados en<name> al vecino BGP especificado para restringir la información de enrutamiento que BGP aprende y/o anuncia. Los argumentos :cfgcmd:`export` y :cfgcmd:`import` especifican la dirección en la que se aplica la lista de prefijos." -#: ../../configuration/protocols/bgp.rst:859 +#: ../../configuration/protocols/bgp.rst:881 msgid "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." msgstr "Este comando aplica el mapa de ruta nombrado en<name> al vecino BGP especificado para controlar y modificar la información de enrutamiento que se intercambia entre pares. Los argumentos :cfgcmd:`export` y :cfgcmd:`import` especifican la dirección en la que se aplica el mapa de ruta." @@ -13854,7 +14979,7 @@ msgstr "Este comando se puede usar para filtrar la ruta RIP usando listas de pre msgid "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." msgstr "Este comando se puede usar con el comando anterior para establecer la distancia RIP predeterminada en el valor especificado cuando la dirección IP de origen de la ruta coincide con el prefijo especificado y la lista de acceso especificada." -#: ../../configuration/protocols/bgp.rst:652 +#: ../../configuration/protocols/bgp.rst:674 msgid "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." msgstr "Este comando cambia el valor de distancia de BGP. Los argumentos son los valores de distancia para rutas externas, rutas internas y rutas locales respectivamente. El rango de distancia es de 1 a 255." @@ -13878,7 +15003,7 @@ msgstr "Este comando cambia el valor de distancia de OSPFv3 globalmente. El rang msgid "This command change the distance value of RIP. The distance range is 1 to 255." msgstr "Este comando cambia el valor de distancia de RIP. El rango de distancia es de 1 a 255." -#: ../../configuration/protocols/bgp.rst:638 +#: ../../configuration/protocols/bgp.rst:650 msgid "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." msgstr "Este comando cambia el comportamiento de eBGP de FRR. De manera predeterminada, FRR habilita la funcionalidad :rfc:`8212` que afecta la forma en que se anuncian las rutas eBGP, es decir, no se anuncian rutas en las sesiones de eBGP sin algún tipo de polÃtica/mapa de ruta de salida en su lugar. En VyOS, sin embargo, tenemos esta función RFC deshabilitada de forma predeterminada para que podamos preservar la compatibilidad con versiones anteriores de VyOS. Con esta opción se puede habilitar la funcionalidad :rfc:`8212` para operar." @@ -13954,23 +15079,23 @@ msgstr "Este comando define los parámetros coincidentes para la regla de la lis msgid "This command defines the IS-IS router behavior:" msgstr "Este comando define el comportamiento del enrutador IS-IS:" -#: ../../configuration/protocols/bgp.rst:720 +#: ../../configuration/protocols/bgp.rst:742 msgid "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." msgstr "Este comando define el importe de la penalización acumulada en el que se vuelve a anunciar la ruta. El rango de penalización es de 1 a 20000." -#: ../../configuration/protocols/bgp.rst:726 +#: ../../configuration/protocols/bgp.rst:748 msgid "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." msgstr "Este comando define la cantidad de penalización acumulada en la que se suprime la ruta. El rango de penalización es de 1 a 20000." -#: ../../configuration/protocols/bgp.rst:713 +#: ../../configuration/protocols/bgp.rst:735 msgid "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." msgstr "Este comando define la cantidad de tiempo en minutos después de la cual una penalización se reduce a la mitad. El rango del temporizador es de 10 a 45 minutos." -#: ../../configuration/protocols/bgp.rst:595 +#: ../../configuration/protocols/bgp.rst:601 msgid "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." msgstr "Este comando define el número máximo de rutas paralelas que puede soportar el BGP. Para que BGP utilice la segunda ruta, los siguientes atributos deben coincidir: peso, preferencia local, ruta AS (tanto el número AS como la longitud de la ruta AS), código de origen, MED, métrica IGP. Además, la dirección del siguiente salto para cada ruta debe ser diferente." -#: ../../configuration/protocols/bgp.rst:732 +#: ../../configuration/protocols/bgp.rst:754 msgid "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." msgstr "Este comando define el tiempo máximo en minutos que se suprime una ruta. El rango del temporizador es de 1 a 255 minutos." @@ -13997,7 +15122,7 @@ msgstr "Este comando deshabilita la verificación del valor de MTU en los paquet msgid "This command disables it." msgstr "Este comando lo desactiva." -#: ../../configuration/protocols/bgp.rst:607 +#: ../../configuration/protocols/bgp.rst:619 msgid "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." msgstr "Este comando deshabilita la reflexión de ruta entre clientes de reflectores de ruta. De forma predeterminada, no se requiere que los clientes de un reflector de ruta estén completamente mallados y las rutas de un cliente se reflejan a otros clientes. Sin embargo, si los clientes están completamente en malla, no se requiere la reflexión de ruta. En este caso, use el comando :cfgcmd:`no-client-to-client-reflection` para deshabilitar la reflexión de cliente a cliente." @@ -14009,23 +15134,23 @@ msgstr "Este comando deshabilita el horizonte dividido en la interfaz. De forma msgid "This command disables the load sharing across multiple LFA backups." msgstr "This command disables the load sharing across multiple LFA backups." -#: ../../configuration/protocols/bgp.rst:1009 +#: ../../configuration/protocols/bgp.rst:1031 msgid "This command displays BGP dampened routes." msgstr "Este comando muestra las rutas amortiguadas de BGP." -#: ../../configuration/protocols/bgp.rst:1032 +#: ../../configuration/protocols/bgp.rst:1054 msgid "This command displays BGP received-routes that are accepted after filtering." msgstr "Este comando muestra las rutas recibidas de BGP que se aceptan después del filtrado." -#: ../../configuration/protocols/bgp.rst:1022 +#: ../../configuration/protocols/bgp.rst:1044 msgid "This command displays BGP routes advertised to a neighbor." msgstr "Este comando muestra las rutas BGP anunciadas a un vecino." -#: ../../configuration/protocols/bgp.rst:1017 +#: ../../configuration/protocols/bgp.rst:1039 msgid "This command displays BGP routes allowed by the specified AS Path access list." msgstr "Este comando muestra las rutas BGP permitidas por la lista de acceso de AS Path especificada." -#: ../../configuration/protocols/bgp.rst:1026 +#: ../../configuration/protocols/bgp.rst:1048 msgid "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." msgstr "Este comando muestra las rutas BGP que se originan en el vecino BGP especificado antes de que se aplique la polÃtica de entrada. Para usar este comando, la reconfiguración suave entrante debe estar habilitada." @@ -14052,11 +15177,11 @@ msgstr "Este comando muestra una tabla de resumen con el contenido de una base d msgid "This command displays a table of paths to area boundary and autonomous system boundary routers." msgstr "Este comando muestra una tabla de rutas a los enrutadores de lÃmite de área y de sistema autónomo." -#: ../../configuration/protocols/bgp.rst:957 +#: ../../configuration/protocols/bgp.rst:979 msgid "This command displays all entries in BGP routing table." msgstr "Este comando muestra todas las entradas en la tabla de enrutamiento BGP." -#: ../../configuration/protocols/bgp.rst:1036 +#: ../../configuration/protocols/bgp.rst:1058 msgid "This command displays dampened routes received from BGP neighbor." msgstr "Este comando muestra las rutas amortiguadas recibidas del vecino BGP." @@ -14064,27 +15189,27 @@ msgstr "Este comando muestra las rutas amortiguadas recibidas del vecino BGP." msgid "This command displays external information redistributed into OSPFv3" msgstr "Este comando muestra información externa redistribuida en OSPFv3" -#: ../../configuration/protocols/bgp.rst:1040 +#: ../../configuration/protocols/bgp.rst:1062 msgid "This command displays information about BGP routes whose AS path matches the specified regular expression." msgstr "Este comando muestra información sobre rutas BGP cuya ruta AS coincide con la expresión regular especificada." -#: ../../configuration/protocols/bgp.rst:1013 +#: ../../configuration/protocols/bgp.rst:1035 msgid "This command displays information about flapping BGP routes." msgstr "Este comando muestra información sobre las rutas BGP fluctuantes." -#: ../../configuration/protocols/bgp.rst:977 +#: ../../configuration/protocols/bgp.rst:999 msgid "This command displays information about the particular entry in the BGP routing table." msgstr "Este comando muestra información sobre la entrada particular en la tabla de enrutamiento BGP." -#: ../../configuration/protocols/bgp.rst:1004 +#: ../../configuration/protocols/bgp.rst:1026 msgid "This command displays routes that are permitted by the BGP community list." msgstr "Este comando muestra las rutas permitidas por la lista de la comunidad BGP." -#: ../../configuration/protocols/bgp.rst:997 +#: ../../configuration/protocols/bgp.rst:1019 msgid "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." msgstr "Este comando muestra rutas que pertenecen a comunidades BGP especÃficas. El valor válido es un número de comunidad en el rango de 1 a 4294967200, o AA:NN (sistema autónomo-número de comunidad/número de 2 bytes), sin exportación, como local o sin publicidad." -#: ../../configuration/protocols/bgp.rst:993 +#: ../../configuration/protocols/bgp.rst:1015 msgid "This command displays routes with classless interdomain routing (CIDR)." msgstr "Este comando muestra rutas con enrutamiento entre dominios sin clases (CIDR)." @@ -14126,7 +15251,7 @@ msgstr "Este comando muestra el estado de los vecinos." msgid "This command displays the neighbors status for a neighbor on the specified interface." msgstr "Este comando muestra el estado de los vecinos de un vecino en la interfaz especificada." -#: ../../configuration/protocols/bgp.rst:1045 +#: ../../configuration/protocols/bgp.rst:1067 msgid "This command displays the status of all BGP connections." msgstr "Este comando muestra el estado de todas las conexiones BGP." @@ -14134,7 +15259,7 @@ msgstr "Este comando muestra el estado de todas las conexiones BGP." msgid "This command enable/disables summarisation for the configured address range." msgstr "Este comando habilita/deshabilita el resumen para el rango de direcciones configurado." -#: ../../configuration/protocols/bgp.rst:603 +#: ../../configuration/protocols/bgp.rst:615 msgid "This command enable logging neighbor up/down changes and reset reason." msgstr "Este comando permite registrar los cambios de vecinos arriba/abajo y restablecer el motivo." @@ -14174,7 +15299,7 @@ msgstr "Este comando permite enviar marcas de tiempo con cada mensaje Hello e IH msgid "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." msgstr "Este comando habilita la compatibilidad con TLV de nombre de host dinámico. Asignación dinámica de nombres de host determinada como se describe en :rfc:`2763`, Mecanismo de intercambio de nombres de host dinámicos para IS-IS." -#: ../../configuration/protocols/bgp.rst:875 +#: ../../configuration/protocols/bgp.rst:897 msgid "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." msgstr "Este comando habilita la capacidad ORF (descrita en :rfc:`5291`) en el enrutador local y habilita el anuncio de la capacidad ORF al par BGP especificado. La palabra clave :cfgcmd:`receive` configura un enrutador para anunciar capacidades de recepción ORF. La palabra clave :cfgcmd:`send` configura un enrutador para anunciar capacidades de envÃo de ORF. Para anunciar un filtro de un remitente, debe crear una lista de prefijos de IP para el par BGP especificado aplicado en la desviación entrante." @@ -14198,7 +15323,7 @@ msgstr "Este comando genera una ruta predeterminada en el RIP." msgid "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "Este comando brinda una breve descripción general del estado de una interfaz inalámbrica especÃfica. El identificador de la interfaz inalámbrica puede oscilar entre wlan0 y wlan999." -#: ../../configuration/protocols/bgp.rst:632 +#: ../../configuration/protocols/bgp.rst:644 msgid "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." msgstr "Este comando va de la mano con el comando listen range para limitar la cantidad de vecinos BGP que pueden conectarse al enrutador local. El rango lÃmite es de 1 a 5000." @@ -14241,7 +15366,7 @@ msgstr "Este comando se utiliza para anunciar redes IPv4 o IPv6." msgid "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." msgstr "Este comando se utiliza para recuperar información sobre WAP dentro del alcance de su interfaz inalámbrica. Este comando es útil en interfaces inalámbricas configuradas en modo estación." -#: ../../configuration/protocols/bgp.rst:620 +#: ../../configuration/protocols/bgp.rst:632 msgid "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." msgstr "Este comando es útil si se desea aflojar el requisito de que BGP tenga vecinos estrictamente definidos. EspecÃficamente, lo que está permitido es que el enrutador local escuche un rango de direcciones IPv4 o IPv6 definidas por un prefijo y acepte mensajes abiertos de BGP. Cuando una conexión TCP (y, posteriormente, un mensaje abierto BGP) dentro de este rango intenta conectarse al enrutador local, el enrutador local responderá y se conectará con los parámetros definidos dentro del grupo de pares. Se debe definir un grupo de pares para cada rango que se enumera. Si no se define ningún grupo de pares, un error le impedirá confirmar la configuración." @@ -14253,15 +15378,15 @@ msgstr "Este comando modifica el valor de la métrica predeterminada (conteo de msgid "This command override AS number of the originating router with the local AS number." msgstr "Este comando anula el número de AS del enrutador de origen con el número de AS local." -#: ../../configuration/protocols/bgp.rst:885 +#: ../../configuration/protocols/bgp.rst:907 msgid "This command prevents from sending back prefixes learned from the neighbor." msgstr "Este comando evita que se devuelvan los prefijos aprendidos del vecino." -#: ../../configuration/protocols/bgp.rst:804 +#: ../../configuration/protocols/bgp.rst:826 msgid "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." msgstr "Este comando permite comparar diferentes valores MED que anuncian los vecinos en el mismo AS para la selección de rutas. Cuando este comando está habilitado, las rutas de un mismo sistema autónomo se agrupan y se comparan las mejores entradas de cada grupo." -#: ../../configuration/protocols/bgp.rst:741 +#: ../../configuration/protocols/bgp.rst:763 msgid "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." msgstr "Este comando permite comparar los MED en las rutas, incluso cuando se recibieron de diferentes ASes vecinos. Establecer esta opción hace que el orden de preferencia de las rutas sea más definido y deberÃa eliminar las oscilaciones inducidas por MED." @@ -14297,19 +15422,19 @@ msgstr "Este comando redistribuye la información de enrutamiento desde el orige msgid "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." msgstr "Este comando elimina el ASN privado de las rutas que se anuncian al par configurado. Elimina solo los ASN privados en las rutas anunciadas a los pares EBGP." -#: ../../configuration/protocols/bgp.rst:1068 +#: ../../configuration/protocols/bgp.rst:1090 msgid "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "Este comando restablece las conexiones BGP a la dirección IP vecina especificada. Con el argumento :cfgcmd:`soft`, este comando inicia un restablecimiento parcial. Si no especifica las opciones :cfgcmd:`in` o :cfgcmd:`out`, se activan la reconfiguración suave tanto de entrada como de salida." -#: ../../configuration/protocols/bgp.rst:1088 +#: ../../configuration/protocols/bgp.rst:1110 msgid "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "Este comando restablece las conexiones BGP al grupo de pares especificado. Con el argumento :cfgcmd:`soft`, este comando inicia un restablecimiento parcial. Si no especifica las opciones :cfgcmd:`in` o :cfgcmd:`out`, se activan la reconfiguración suave tanto de entrada como de salida." -#: ../../configuration/protocols/bgp.rst:1075 +#: ../../configuration/protocols/bgp.rst:1097 msgid "This command resets all BGP connections of given router." msgstr "Este comando restablece todas las conexiones BGP del enrutador dado." -#: ../../configuration/protocols/bgp.rst:1084 +#: ../../configuration/protocols/bgp.rst:1106 msgid "This command resets all external BGP peers of given router." msgstr "Este comando restablece todos los pares BGP externos del enrutador dado." @@ -14389,7 +15514,7 @@ msgstr "Este comando establece el número de segundos para el valor del temporiz msgid "This command sets old-style (ISO 10589) or new style packet formats:" msgstr "Este comando establece formatos de paquetes de estilo antiguo (ISO 10589) o de estilo nuevo:" -#: ../../configuration/protocols/bgp.rst:944 +#: ../../configuration/protocols/bgp.rst:966 msgid "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." msgstr "Este comando establece otras confederaciones<nsubasn> como miembros del sistema autónomo especificado por :cfgcmd:`identificador de confederación<asn> `." @@ -14401,7 +15526,7 @@ msgstr "Este comando establece un bit de sobrecarga para evitar cualquier tráfi msgid "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." msgstr "Este comando establece la prioridad de la interfaz para la elección de :abbr:`DIS (Sistema intermedio designado)`. El rango de prioridad es de 0 a 127." -#: ../../configuration/protocols/bgp.rst:659 +#: ../../configuration/protocols/bgp.rst:681 msgid "This command sets the administrative distance for a particular route. The distance range is 1 to 255." msgstr "Este comando establece la distancia administrativa para una ruta en particular. El rango de distancia es de 1 a 255." @@ -14461,7 +15586,7 @@ msgstr "Este comando NO debe configurarse normalmente." msgid "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "Este comando muestra tanto el estado como las estadÃsticas de la interfaz inalámbrica especificada. El identificador de la interfaz inalámbrica puede oscilar entre wlan0 y wlan999." -#: ../../configuration/protocols/bgp.rst:938 +#: ../../configuration/protocols/bgp.rst:960 msgid "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." msgstr "Este comando especifica un identificador de confederación BGP.<asn> es el número del sistema autónomo que incluye internamente múltiples sistemas subautónomos (una confederación)." @@ -14517,11 +15642,11 @@ msgstr "Este comando especifica los atributos que se mantendrán sin cambios par msgid "This command specifies circuit type for interface:" msgstr "Este comando especifica el tipo de circuito para la interfaz:" -#: ../../configuration/protocols/bgp.rst:920 +#: ../../configuration/protocols/bgp.rst:942 msgid "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." msgstr "Este comando especifica el ID de clúster que identifica una colección de reflectores de ruta y sus clientes, y los reflectores de ruta lo utilizan para evitar bucles. De forma predeterminada, la identificación del clúster se establece en el valor de identificación del enrutador BGP, pero se puede establecer en un valor arbitrario de 32 bits." -#: ../../configuration/protocols/bgp.rst:671 +#: ../../configuration/protocols/bgp.rst:693 msgid "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." msgstr "Este comando especifica el tiempo de espera en segundos. El rango del temporizador es de 4 a 65535. El valor predeterminado es 180 segundos. Si establece el valor en 0, VyOS no retendrá las rutas." @@ -14530,7 +15655,7 @@ msgstr "Este comando especifica el tiempo de espera en segundos. El rango del te msgid "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." msgstr "Este comando especifica la interfaz como pasiva. La interfaz pasiva anuncia su dirección, pero no ejecuta el protocolo OSPF (no se forman adyacencias y no se generan paquetes de saludo)." -#: ../../configuration/protocols/bgp.rst:677 +#: ../../configuration/protocols/bgp.rst:699 msgid "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." msgstr "Este comando especifica el tiempo de actividad en segundos. El temporizador puede oscilar entre 4 y 65535. El valor predeterminado es 60 segundos." @@ -14558,15 +15683,15 @@ msgstr "Este comando especifica el tipo de métrica para las rutas redistribuida msgid "This command specifies network type to Point-to-Point. The default network type is broadcast." msgstr "Este comando especifica el tipo de red Punto a punto. El tipo de red predeterminado es de difusión." -#: ../../configuration/protocols/bgp.rst:784 +#: ../../configuration/protocols/bgp.rst:806 msgid "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." msgstr "Este comando especifica que BGP considera el MED al comparar rutas originadas en diferentes sub-AS dentro de la confederación a la que pertenece este hablante de BGP. El estado predeterminado, donde no se considera el atributo MED." -#: ../../configuration/protocols/bgp.rst:754 +#: ../../configuration/protocols/bgp.rst:776 msgid "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." msgstr "Este comando especifica que el proceso de decisión de BGP debe considerar caminos de igual longitud AS_PATH candidatos para el cálculo de caminos múltiples. Sin la perilla, el AS_PATH completo debe coincidir para el cálculo de rutas múltiples." -#: ../../configuration/protocols/bgp.rst:791 +#: ../../configuration/protocols/bgp.rst:813 msgid "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." msgstr "Este comando especifica que una ruta con MED siempre se considera mejor que una ruta sin MED al hacer que el atributo MED faltante tenga un valor de infinito. El estado predeterminado, donde se considera que el atributo MED faltante tiene un valor de cero." @@ -14582,7 +15707,7 @@ msgstr "Este comando especifica que se debe usar autenticación de contraseña s msgid "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." msgstr "Este comando especifica que el atributo de comunidad no debe enviarse en actualizaciones de ruta a un par. Por defecto se envÃa el atributo de comunidad." -#: ../../configuration/protocols/bgp.rst:748 +#: ../../configuration/protocols/bgp.rst:770 msgid "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." msgstr "Este comando especifica que la longitud de los conjuntos y secuencias de rutas de la confederación debe tenerse en cuenta durante el proceso de decisión de la mejor ruta de BGP." @@ -14622,7 +15747,7 @@ msgstr "Este comando especifica el costo de recepción base para esta interfaz. msgid "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." msgstr "Este comando especifica el factor de caÃda para el promedio móvil exponencial de muestras RTT, en unidades de 1/256. Los valores más altos descartan las muestras antiguas más rápido. El valor predeterminado es 42." -#: ../../configuration/protocols/bgp.rst:799 +#: ../../configuration/protocols/bgp.rst:821 msgid "This command specifies the default local preference value. The local preference range is 0 to 4294967295." msgstr "Este comando especifica el valor de preferencia local predeterminado. El rango de preferencia local es de 0 a 4294967295." @@ -14634,7 +15759,7 @@ msgstr "Este comando especifica el valor de métrica predeterminado de las rutas msgid "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." msgstr "Este comando especifica el temporizador de recolección de basura. Al expirar el temporizador de recolección de elementos no utilizados, la ruta finalmente se elimina de la tabla de enrutamiento. El intervalo de tiempo es de 5 a 2147483647. El valor predeterminado es de 120 segundos." -#: ../../configuration/protocols/bgp.rst:916 +#: ../../configuration/protocols/bgp.rst:938 msgid "This command specifies the given neighbor as route reflector client." msgstr "Este comando especifica al vecino dado como cliente reflector de ruta." @@ -14658,7 +15783,7 @@ msgstr "Este comando especifica el RTT mÃnimo, en milisegundos, a partir del cu msgid "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." msgstr "Este comando especifica el intervalo mÃnimo de anuncio de ruta para el par. El valor del intervalo es de 0 a 600 segundos, siendo el intervalo de publicidad predeterminado 0." -#: ../../configuration/protocols/bgp.rst:589 +#: ../../configuration/protocols/bgp.rst:595 msgid "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." msgstr "Este comando especifica el ID del enrutador. Si no se especifica la ID del enrutador, utilizará la dirección IP de interfaz más alta." @@ -14714,7 +15839,7 @@ msgstr "Este comando resume las rutas dentro del área desde el área especifica msgid "This command to ensure not advertise the summary lsa for the matched external LSAs." msgstr "Este comando garantiza que no se anuncie el lsa resumido para los LSA externos coincidentes." -#: ../../configuration/protocols/bgp.rst:1079 +#: ../../configuration/protocols/bgp.rst:1101 msgid "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." msgstr "Este comando se usa para borrar la información de atenuación de la ruta BGP y para desactivar las rutas suprimidas." @@ -14763,7 +15888,7 @@ msgstr "Este comando generará una ruta predeterminada en la base de datos L2." msgid "This command will give an overview of a rule in a single rule-set" msgstr "Este comando brindará una descripción general de una regla en un solo conjunto de reglas" -#: ../../configuration/firewall/ipv4.rst:1091 +#: ../../configuration/firewall/ipv4.rst:1114 msgid "This command will give an overview of a rule in a single rule-set, plus information for default action." msgstr "This command will give an overview of a rule in a single rule-set, plus information for default action." @@ -14771,7 +15896,7 @@ msgstr "This command will give an overview of a rule in a single rule-set, plus msgid "This command will give an overview of a rule in a single rule-set." msgstr "Este comando le dará una descripción general de una regla en un solo conjunto de reglas." -#: ../../configuration/firewall/ipv4.rst:1072 +#: ../../configuration/firewall/ipv4.rst:1095 #: ../../configuration/firewall/ipv6.rst:1088 msgid "This command will give an overview of a single rule-set." msgstr "Este comando le dará una visión general de un solo conjunto de reglas." @@ -14805,7 +15930,7 @@ msgid "This configuration modifies the behavior of the network statement. If you msgstr "Esta configuración modifica el comportamiento de la sentencia de red. Si tiene esto configurado, la red subyacente debe existir en la tabla de enrutamiento." #: ../../configuration/service/dhcp-server.rst:76 -#: ../../configuration/service/dhcp-server.rst:520 +#: ../../configuration/service/dhcp-server.rst:526 msgid "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." msgstr "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." @@ -14825,7 +15950,7 @@ msgstr "Esto crea una polÃtica de ruta denominada FILTRO-WEB con una regla para msgid "This defaults to 10000." msgstr "Esto por defecto es 10000." -#: ../../configuration/system/login.rst:254 +#: ../../configuration/system/login.rst:258 msgid "This defaults to 1812." msgstr "Esto por defecto es 1812." @@ -14833,7 +15958,7 @@ msgstr "Esto por defecto es 1812." msgid "This defaults to 2007." msgstr "Esto por defecto es 2007." -#: ../../configuration/service/dns.rst:271 +#: ../../configuration/service/dns.rst:285 msgid "This defaults to 300 seconds." msgstr "This defaults to 300 seconds." @@ -14841,7 +15966,7 @@ msgstr "This defaults to 300 seconds." msgid "This defaults to 30 seconds." msgstr "Esto por defecto es de 30 segundos." -#: ../../configuration/system/login.rst:323 +#: ../../configuration/system/login.rst:327 msgid "This defaults to 49." msgstr "Esto por defecto es 49." @@ -14857,7 +15982,7 @@ msgstr "Esto por defecto es UDP" msgid "This defaults to both 1.2 and 1.3." msgstr "This defaults to both 1.2 and 1.3." -#: ../../configuration/pki/index.rst:283 +#: ../../configuration/pki/index.rst:314 msgid "This defaults to https://acme-v02.api.letsencrypt.org/directory" msgstr "This defaults to https://acme-v02.api.letsencrypt.org/directory" @@ -14893,15 +16018,27 @@ msgstr "Esto establece nuestra regla Port Forward, pero si creamos una polÃtica msgid "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." msgstr "Este ejemplo muestra cómo apuntar una abrazadera MSS (en nuestro ejemplo a 1360 bytes) a una IP de destino especÃfica." +#: ../../configuration/vpn/ipsec.rst:392 +msgid "This example uses CACert as certificate authority." +msgstr "This example uses CACert as certificate authority." + +#: ../../configuration/vpn/ipsec.rst:386 +msgid "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." +msgstr "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." + +#: ../../configuration/protocols/bfd.rst:64 +msgid "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." +msgstr "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." + #: ../../configuration/protocols/ospf.rst:476 msgid "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." msgstr "Esta caracterÃstica resume los LSA externos originados (Tipo 5 y Tipo 7). La ruta resumida se originará en nombre de todos los LSA externos coincidentes." -#: ../../configuration/service/dns.rst:404 +#: ../../configuration/service/dns.rst:418 msgid "This functionality is controlled by adding the following configuration:" msgstr "This functionality is controlled by adding the following configuration:" -#: ../../configuration/firewall/ipv4.rst:376 +#: ../../configuration/firewall/ipv4.rst:399 #: ../../configuration/firewall/ipv6.rst:378 msgid "This functions for both individual addresses and address groups." msgstr "Esto funciona tanto para direcciones individuales como para grupos de direcciones." @@ -14946,13 +16083,13 @@ msgstr "Este es un comando obligatorio. Establece la expresión regular para que msgid "This is a mandatory command. Sets the full path to the script. The script file must be executable." msgstr "Este es un comando obligatorio. Establece la ruta completa al script. El archivo de script debe ser ejecutable." -#: ../../configuration/pki/index.rst:261 -#: ../../configuration/pki/index.rst:267 +#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:298 msgid "This is a mandatory option" msgstr "This is a mandatory option" -#: ../../configuration/protocols/rpki.rst:117 -#: ../../configuration/protocols/rpki.rst:124 +#: ../../configuration/protocols/rpki.rst:131 +#: ../../configuration/protocols/rpki.rst:138 msgid "This is a mandatory setting." msgstr "Esta es una configuración obligatoria." @@ -15019,7 +16156,7 @@ msgstr "Este es el modelo de LCD utilizado en su sistema." msgid "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." msgstr "Este es el parámetro de configuración para toda la definición de red compartida. Todas las subredes heredarán este elemento de configuración si no se especifica localmente." -#: ../../configuration/service/dhcp-server.rst:197 +#: ../../configuration/service/dhcp-server.rst:203 msgid "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." msgstr "Este es el equivalente del bloque host en dhcpd.conf de isc-dhcpd." @@ -15031,7 +16168,7 @@ msgstr "Este es el nombre de la interfaz fÃsica utilizada para conectarse a su msgid "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" msgstr "Esta es la polÃtica que requiere los menores recursos para la misma cantidad de tráfico. Pero ** muy probablemente no lo necesite ya que no puede obtener mucho de él. A veces se usa solo para habilitar el registro.**" -#: ../../configuration/service/dhcp-server.rst:195 +#: ../../configuration/service/dhcp-server.rst:201 msgid "This is useful, for example, in combination with hostfile update." msgstr "Esto es útil, por ejemplo, en combinación con la actualización del archivo de host." @@ -15088,7 +16225,7 @@ msgstr "This option is used by some DHCP clients as a way for users to specify i msgid "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." msgstr "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." -#: ../../configuration/system/login.rst:390 +#: ../../configuration/system/login.rst:394 msgid "This option must be used with ``timeout`` option." msgstr "Esta opción debe usarse con la opción ``timeout``." @@ -15101,7 +16238,7 @@ msgstr "Esta opción solo afecta al modo 802.3ad." msgid "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." msgstr "Esta opción especifica un retraso en segundos antes de que se inicien las instancias de vrrp después de que se inicia keepalived." -#: ../../configuration/pki/index.rst:277 +#: ../../configuration/pki/index.rst:308 msgid "This options defaults to 2048" msgstr "This options defaults to 2048" @@ -15219,11 +16356,19 @@ msgstr "Esta es la cola más simple posible que puede aplicar a su tráfico. El msgid "This topology was built using GNS3." msgstr "Esta topologÃa se construyó utilizando GNS3." +#: ../../configuration/system/option.rst:38 +msgid "This will add the following option to the Kernel commandline:" +msgstr "This will add the following option to the Kernel commandline:" + +#: ../../configuration/system/option.rst:48 +msgid "This will add the following two options to the Kernel commandline:" +msgstr "This will add the following two options to the Kernel commandline:" + #: ../../configuration/interfaces/ethernet.rst:9 msgid "This will be the most widely used interface on a router carrying traffic to the real world." msgstr "Esta será la interfaz más utilizada en un enrutador que lleve tráfico al mundo real." -#: ../../configuration/protocols/static.rst:171 +#: ../../configuration/protocols/static.rst:204 msgid "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." msgstr "Esto configurará una entrada ARP estática siempre resolviendo `<address> ` a `<mac> ` para la interfaz `<interface> `." @@ -15239,7 +16384,7 @@ msgstr "Esto generará la siguiente entrada de configuración ddclient_:" msgid "This will show you a basic firewall overview" msgstr "Esto le mostrará una descripción general básica del firewall" -#: ../../configuration/firewall/ipv4.rst:961 +#: ../../configuration/firewall/ipv4.rst:984 msgid "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" msgstr "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" @@ -15255,12 +16400,12 @@ msgstr "This will show you a basic summary of zones configuration." msgid "This will show you a rule-set statistic since the last boot." msgstr "Esto le mostrará una estadÃstica de conjunto de reglas desde el último arranque." -#: ../../configuration/firewall/ipv4.rst:1112 +#: ../../configuration/firewall/ipv4.rst:1135 #: ../../configuration/firewall/ipv6.rst:1135 msgid "This will show you a statistic of all rule-sets since the last boot." msgstr "Esto le mostrará una estadÃstica de todos los conjuntos de reglas desde el último arranque." -#: ../../configuration/firewall/ipv4.rst:1016 +#: ../../configuration/firewall/ipv4.rst:1039 #: ../../configuration/firewall/ipv6.rst:1032 msgid "This will show you a summary of rule-sets and groups" msgstr "Esto le mostrará un resumen de conjuntos de reglas y grupos." @@ -15301,29 +16446,49 @@ msgstr "Tiempo en segundos que el prefijo seguirá siendo preferido (por defecto msgid "Time in seconds that the prefix will remain valid (default: 30 days)" msgstr "Tiempo en segundos que el prefijo seguirá siendo válido (predeterminado: 30 dÃas)" +#: ../../configuration/service/router-advert.rst:1 +msgid "Time in seconds that the prefix will remain valid (default: 65528 seconds)" +msgstr "Time in seconds that the prefix will remain valid (default: 65528 seconds)" + #: ../../configuration/service/webproxy.rst:177 msgid "Time is in minutes and defaults to 60." msgstr "El tiempo es en minutos y el valor predeterminado es 60." -#: ../../configuration/firewall/ipv4.rst:874 +#: ../../configuration/firewall/ipv4.rst:897 #: ../../configuration/firewall/ipv6.rst:883 #: ../../configuration/policy/route.rst:225 msgid "Time to match the defined rule." msgstr "Tiempo para hacer coincidir la regla definida." +#: ../../configuration/service/ipoe-server.rst:368 +#: ../../configuration/service/pppoe-server.rst:534 +#: ../../configuration/vpn/l2tp.rst:488 +#: ../../configuration/vpn/pptp.rst:412 +#: ../../configuration/vpn/sstp.rst:446 +msgid "Timeout in seconds" +msgstr "Timeout in seconds" + #: ../../configuration/protocols/failover.rst:24 msgid "Timeout in seconds between health target checks." msgstr "Tiempo de espera en segundos entre comprobaciones de objetivos de estado." -#: ../../configuration/vpn/sstp.rst:234 +#: ../../configuration/service/ipoe-server.rst:174 +#: ../../configuration/service/pppoe-server.rst:136 +#: ../../configuration/vpn/l2tp.rst:179 +#: ../../configuration/vpn/pptp.rst:119 +#: ../../configuration/vpn/sstp.rst:152 msgid "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" msgstr "Tiempo de espera para esperar la respuesta de los paquetes de actualización provisional. (predeterminado 3 segundos)" -#: ../../configuration/vpn/sstp.rst:254 +#: ../../configuration/service/ipoe-server.rst:194 +#: ../../configuration/service/pppoe-server.rst:156 +#: ../../configuration/vpn/l2tp.rst:199 +#: ../../configuration/vpn/pptp.rst:139 +#: ../../configuration/vpn/sstp.rst:172 msgid "Timeout to wait response from server (seconds)" msgstr "Tiempo de espera para esperar la respuesta del servidor (segundos)" -#: ../../configuration/protocols/bgp.rst:667 +#: ../../configuration/protocols/bgp.rst:689 #: ../../configuration/protocols/isis.rst:257 msgid "Timers" msgstr "Temporizadores" @@ -15332,7 +16497,7 @@ msgstr "Temporizadores" msgid "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" msgstr "Para activar el puente compatible con VLAN, debe activar esta configuración para usar la configuración de VLAN para el puente" -#: ../../configuration/vpn/l2tp.rst:58 +#: ../../configuration/vpn/l2tp.rst:108 msgid "To allow VPN-clients access via your external address, a NAT rule is required:" msgstr "Para permitir el acceso de clientes VPN a través de su dirección externa, se requiere una regla NAT:" @@ -15344,7 +16509,7 @@ msgstr "To allow listing additional custom domain, for example ``openthread.thre msgid "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" msgstr "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" -#: ../../configuration/vpn/site2site_ipsec.rst:257 +#: ../../configuration/vpn/site2site_ipsec.rst:260 msgid "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" msgstr "Para permitir que el tráfico pase a los clientes, debe agregar las siguientes reglas. (si usó la configuración predeterminada en la parte superior de esta página)" @@ -15442,11 +16607,11 @@ msgstr "Para configurar syslog, debe cambiar al modo de configuración." msgid "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." msgstr "Para configurar su pantalla LCD, primero debe identificar el hardware utilizado y la conectividad de la pantalla con su sistema. Puede ser cualquier puerto serie (`ttySxx`) o serie a través de USB o incluso interfaces de puerto paralelo antiguas." -#: ../../configuration/service/ipoe-server.rst:98 +#: ../../configuration/service/ipoe-server.rst:99 msgid "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." msgstr "Para crear VLAN por usuario durante el tiempo de ejecución, se requieren las siguientes configuraciones por interfaz. El ID de VLAN y el rango de VLAN pueden estar presentes en la configuración al mismo tiempo." -#: ../../configuration/system/login.rst:377 +#: ../../configuration/system/login.rst:381 msgid "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." msgstr "Para crear una nueva lÃnea en su mensaje de inicio de sesión, debe escapar del carácter de nueva lÃnea usando ``\\\\n``." @@ -15462,11 +16627,11 @@ msgstr "Para crear la tabla de enrutamiento 100 y agregar una nueva puerta de en msgid "To define a zone setup either one with interfaces or a local zone." msgstr "Para definir una configuración de zona, ya sea una con interfaces o una zona local." -#: ../../configuration/service/router-advert.rst:75 +#: ../../configuration/service/router-advert.rst:101 msgid "To disable advertisements without deleting the configuration:" msgstr "Para deshabilitar los anuncios sin borrar la configuración:" -#: ../../configuration/system/login.rst:190 +#: ../../configuration/system/login.rst:194 msgid "To display the configured OTP user key, use the command:" msgstr "Para mostrar la clave de usuario OTP configurada, use el comando:" @@ -15483,7 +16648,11 @@ msgstr "Para habilitar/deshabilitar el soporte auxiliar para un vecino especÃfi msgid "To enable MLD reports and query on interfaces `eth0` and `eth1`:" msgstr "To enable MLD reports and query on interfaces `eth0` and `eth1`:" -#: ../../configuration/vpn/l2tp.rst:141 +#: ../../configuration/service/ipoe-server.rst:116 +#: ../../configuration/service/pppoe-server.rst:78 +#: ../../configuration/vpn/l2tp.rst:121 +#: ../../configuration/vpn/pptp.rst:61 +#: ../../configuration/vpn/sstp.rst:94 msgid "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." msgstr "Para habilitar la autenticación basada en RADIUS, el modo de autenticación debe cambiarse dentro de la configuración. Las configuraciones anteriores, como los usuarios locales, todavÃa existen dentro de la configuración, sin embargo, no se usan si el modo se ha cambiado de local a radio. Una vez que vuelva a ser local, volverá a utilizar todas las cuentas locales." @@ -15511,6 +16680,10 @@ msgstr "To enable the HTTP security headers in the configuration file, use the c msgid "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" msgstr "Para excluir el tráfico del equilibrio de carga, el tráfico que coincida con una regla de exclusión no se equilibra, sino que se enruta a través de la tabla de enrutamiento del sistema:" +#: ../../configuration/vpn/l2tp.rst:282 +msgid "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." +msgstr "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." + #: ../../configuration/service/snmp.rst:216 msgid "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." msgstr "Para ampliar la funcionalidad del agente SNMP, se pueden ejecutar secuencias de comandos personalizadas cada vez que se llama al agente. Esto se puede lograr usando ``comandos de extensión arbitrarios``. El primer paso es crear un script funcional, por supuesto, luego subirlo a su instancia de VyOS mediante el comando ``scp your_script.sh vyos@your_router:/config/user-data``. Una vez que se carga el script, debe configurarse mediante el siguiente comando." @@ -15527,11 +16700,15 @@ msgstr "Para generar la CA, la clave privada del servidor y los certificados, se msgid "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." msgstr "Para que funcione como un punto de acceso con esta configuración, deberá configurar un servidor DHCP para que funcione con esa red. Por supuesto, también puede unir la interfaz inalámbrica con cualquier puente configurado (:ref:`bridge-interface`) en el sistema." -#: ../../configuration/service/dhcp-server.rst:566 +#: ../../configuration/service/dhcp-server.rst:572 msgid "To hand out individual prefixes to your clients the following configuration is used:" msgstr "Para repartir prefijos individuales a sus clientes se utiliza la siguiente configuración:" -#: ../../configuration/highavailability/index.rst:336 +#: ../../configuration/vpn/ipsec.rst:405 +msgid "To import it from the filesystem use:" +msgstr "To import it from the filesystem use:" + +#: ../../configuration/highavailability/index.rst:346 msgid "To know more about scripting, check the :ref:`command-scripting` section." msgstr "Para saber más acerca de las secuencias de comandos, consulte la sección :ref:`command-scripting`." @@ -15539,7 +16716,7 @@ msgstr "Para saber más acerca de las secuencias de comandos, consulte la seccià msgid "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" msgstr "Para escuchar los paquetes mDNS `eth0` y `eth1` y también repetir los paquetes recibidos en `eth0` a `eth1` (y viceversa), utilice los siguientes comandos:" -#: ../../configuration/protocols/static.rst:161 +#: ../../configuration/protocols/static.rst:194 msgid "To manipulate or display ARP_ table entries, the following commands are implemented." msgstr "Para manipular o mostrar las entradas de la tabla ARP_, se implementan los siguientes comandos." @@ -15552,7 +16729,7 @@ msgstr "Para realizar un apagado ordenado, se debe emitir el comando de nivel EX msgid "To request a /56 prefix from your ISP use:" msgstr "Para solicitar un prefijo /56 de su ISP, use:" -#: ../../configuration/service/dhcp-server.rst:680 +#: ../../configuration/service/dhcp-server.rst:688 msgid "To restart the DHCPv6 server" msgstr "Para reiniciar el servidor DHCPv6" @@ -15568,7 +16745,7 @@ msgstr "Para configurar una regla NAT de destino, debemos recopilar:" msgid "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" msgstr "Para actualizar el firmware, VyOS también envÃa el binario `qmi-firmware-update`. Para actualizar el firmware de, por ejemplo, un módulo Sierra Wireless MC7710 al firmware provisto en el archivo ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use el siguiente comando:" -#: ../../configuration/service/ipoe-server.rst:113 +#: ../../configuration/service/ipoe-server.rst:114 msgid "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." msgstr "Para usar un servidor RADIUS para la autenticación y la configuración del ancho de banda, se puede usar la siguiente configuración de ejemplo." @@ -15596,6 +16773,10 @@ msgstr "TopologÃa:" msgid "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" msgstr "TopologÃa: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" +#: ../../configuration/service/ipoe-server.rst:433 +msgid "Toubleshooting" +msgstr "Toubleshooting" + #: ../../configuration/highavailability/index.rst:171 msgid "Track" msgstr "Pista" @@ -15644,7 +16825,7 @@ msgstr "Traffic from multicast sources will go to the Rendezvous Point, and rece msgid "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." msgstr "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." -#: ../../configuration/firewall/ipv4.rst:928 +#: ../../configuration/firewall/ipv4.rst:951 #: ../../configuration/firewall/ipv6.rst:937 msgid "Traffic must be symmetric" msgstr "Traffic must be symmetric" @@ -15653,11 +16834,11 @@ msgstr "Traffic must be symmetric" msgid "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" msgstr "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" -#: ../../configuration/highavailability/index.rst:322 +#: ../../configuration/highavailability/index.rst:332 msgid "Transition scripts" msgstr "Guiones de transición" -#: ../../configuration/highavailability/index.rst:324 +#: ../../configuration/highavailability/index.rst:334 msgid "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" msgstr "Los scripts de transición pueden ayudarlo a implementar varias correcciones, como iniciar y detener servicios, o incluso modificar la configuración de VyOS en la transición de VRRP. Esta configuración hará que el proceso VRRP ejecute ``/config/scripts/vrrp-fail.sh`` con el argumento ``Foo`` cuando falla VRRP, y ``/config/scripts/vrrp-master.sh`` cuando el enrutador se convierte en el maestro:" @@ -15667,6 +16848,8 @@ msgstr "Proxy transparente" #: ../../configuration/interfaces/openvpn.rst:701 #: ../../configuration/interfaces/tunnel.rst:227 +#: ../../configuration/vpn/pptp.rst:484 +#: ../../configuration/vpn/sstp.rst:580 msgid "Troubleshooting" msgstr "Solución de problemas" @@ -15682,6 +16865,10 @@ msgstr "Túnel" msgid "Tunnel keys" msgstr "llaves de tunel" +#: ../../configuration/vpn/l2tp.rst:280 +msgid "Tunnel password used to authenticate the client (LAC)" +msgstr "Tunnel password used to authenticate the client (LAC)" + #: ../../configuration/loadbalancing/wan.rst:257 msgid "Two environment variables are available:" msgstr "Hay dos variables de entorno disponibles:" @@ -15714,15 +16901,15 @@ msgstr "Retransmisión de difusión UDP" msgid "UDP mode works better with NAT:" msgstr "El modo UDP funciona mejor con NAT:" -#: ../../configuration/vpn/l2tp.rst:34 +#: ../../configuration/vpn/l2tp.rst:84 msgid "UDP port 1701 for IPsec" msgstr "Puerto UDP 1701 para IPsec" -#: ../../configuration/vpn/l2tp.rst:39 +#: ../../configuration/vpn/l2tp.rst:89 msgid "UDP port 4500 (NAT-T)" msgstr "Puerto UDP 4500 (NAT-T)" -#: ../../configuration/vpn/l2tp.rst:32 +#: ../../configuration/vpn/l2tp.rst:82 msgid "UDP port 500 (IKE)" msgstr "Puerto UDP 500 (IKE)" @@ -15778,11 +16965,11 @@ msgstr "Se pueden configurar hasta siete colas -definidas como clases_ con difer msgid "Update" msgstr "Actualizar" -#: ../../configuration/container/index.rst:171 +#: ../../configuration/container/index.rst:207 msgid "Update container image" msgstr "Actualizar la imagen del contenedor" -#: ../../configuration/firewall/ipv4.rst:1175 +#: ../../configuration/firewall/ipv4.rst:1198 #: ../../configuration/firewall/ipv6.rst:1191 msgid "Update geoip database" msgstr "Actualizar base de datos geoip" @@ -15795,10 +16982,17 @@ msgstr "Updates" msgid "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." msgstr "Las actualizaciones de los servidores de caché RPKI se aplican directamente y la selección de ruta se actualiza en consecuencia. (La reconfiguración suave debe estar habilitada para que esto funcione)." -#: ../../configuration/vpn/sstp.rst:90 +#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/vpn/l2tp.rst:391 +#: ../../configuration/vpn/pptp.rst:315 +#: ../../configuration/vpn/sstp.rst:349 msgid "Upload bandwidth limit in kbit/s for `<user>`." msgstr "Sube el lÃmite de ancho de banda en kbit/s para `<user> `." +#: ../../configuration/service/ipoe-server.rst:325 +msgid "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." +msgstr "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." + #: ../../configuration/loadbalancing/wan.rst:209 msgid "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" msgstr "Tras la recepción de un paquete entrante, cuando se envÃa una respuesta, es posible que desee asegurarse de que sale de la misma interfaz que el de entrada. Esto se puede lograr habilitando conexiones pegajosas en el balanceo de carga:" @@ -15816,7 +17010,7 @@ msgstr "Usar el protocolo 802.11n" msgid "Use CA certificate from PKI subsystem" msgstr "Use CA certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:365 +#: ../../configuration/service/dns.rst:379 msgid "Use DynDNS as your preferred provider:" msgstr "Utilice DynDNS como su proveedor preferido:" @@ -15848,27 +17042,27 @@ msgstr "Use `eliminar módulos de seguimiento del sistema` para desactivar todos msgid "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." msgstr "Utilice una conexión LDAP persistente. Normalmente, la conexión LDAP solo se abre mientras se valida un nombre de usuario para preservar los recursos en el servidor LDAP. Esta opción hace que la conexión LDAP se mantenga abierta, lo que permite reutilizarla para posteriores validaciones de usuarios." -#: ../../configuration/firewall/ipv4.rst:515 +#: ../../configuration/firewall/ipv4.rst:538 #: ../../configuration/firewall/ipv6.rst:525 msgid "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." msgstr "Utilice un grupo de direcciones especÃfico. Anteponga el carácter ``!`` para los criterios de coincidencia invertidos." -#: ../../configuration/firewall/ipv4.rst:578 +#: ../../configuration/firewall/ipv4.rst:601 #: ../../configuration/firewall/ipv6.rst:588 msgid "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." msgstr "Utilice un grupo de dominio especÃfico. Anteponga el carácter ``!`` para los criterios de coincidencia invertidos." -#: ../../configuration/firewall/ipv4.rst:599 +#: ../../configuration/firewall/ipv4.rst:622 #: ../../configuration/firewall/ipv6.rst:609 msgid "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." msgstr "Utilice un grupo Mac especÃfico. Anteponga el carácter ``!`` para los criterios de coincidencia invertidos." -#: ../../configuration/firewall/ipv4.rst:536 +#: ../../configuration/firewall/ipv4.rst:559 #: ../../configuration/firewall/ipv6.rst:546 msgid "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." msgstr "Utilice un grupo de red especÃfico. Anteponga el carácter ``!`` para los criterios de coincidencia invertidos." -#: ../../configuration/firewall/ipv4.rst:557 +#: ../../configuration/firewall/ipv4.rst:580 #: ../../configuration/firewall/ipv6.rst:567 msgid "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." msgstr "Utilice un grupo de puertos especÃfico. Anteponga el carácter ``!`` para los criterios de coincidencia invertidos." @@ -15885,7 +17079,7 @@ msgstr "Utilice un certificado autofirmado generado automáticamente" msgid "Use any local address, configured on any interface if this is not set." msgstr "Use cualquier dirección local, configurada en cualquier interfaz si no está configurada." -#: ../../configuration/service/dns.rst:279 +#: ../../configuration/service/dns.rst:263 msgid "Use auth key file at ``/config/auth/my.key``" msgstr "Use el archivo de clave de autenticación en ``/config/auth/my.key``" @@ -15893,10 +17087,14 @@ msgstr "Use el archivo de clave de autenticación en ``/config/auth/my.key``" msgid "Use certificate from PKI subsystem" msgstr "Use certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:408 +#: ../../configuration/service/dns.rst:410 msgid "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." msgstr "Usar configurado `<url> ` para determinar su dirección IP. ddclient_ cargará `<url> ` e intenta extraer su dirección IP de la respuesta." +#: ../../configuration/service/dns.rst:368 +msgid "Use deSEC (dedyn.io) as your preferred provider:" +msgstr "Use deSEC (dedyn.io) as your preferred provider:" + #: ../../configuration/firewall/general-legacy.rst:478 msgid "Use inverse-match to match anything except the given country-codes." msgstr "Use la coincidencia inversa para hacer coincidir cualquier cosa excepto los códigos de paÃs dados." @@ -15905,7 +17103,7 @@ msgstr "Use la coincidencia inversa para hacer coincidir cualquier cosa excepto msgid "Use local socket for API" msgstr "Usar socket local para API" -#: ../../configuration/vpn/sstp.rst:288 +#: ../../configuration/vpn/sstp.rst:357 msgid "Use local user `foo` with password `bar`" msgstr "Use el usuario local `foo` con la contraseña `bar`" @@ -15913,7 +17111,7 @@ msgstr "Use el usuario local `foo` con la contraseña `bar`" msgid "Use tab completion to get a list of categories." msgstr "Utilice la función de completar con tabulación para obtener una lista de categorÃas." -#: ../../configuration/system/option.rst:53 +#: ../../configuration/system/option.rst:83 msgid "Use the address of the specified interface on the local machine as the source address of the connection." msgstr "Utilice la dirección de la interfaz especificada en la máquina local como la dirección de origen de la conexión." @@ -15925,7 +17123,7 @@ msgstr "Utilice la siguiente topologÃa para crear una red aislada basada en nat msgid "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." msgstr "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." -#: ../../configuration/system/option.rst:48 +#: ../../configuration/system/option.rst:78 msgid "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." msgstr "Utilice la dirección especificada en la máquina local como la dirección de origen de la conexión. Solo es útil en sistemas con más de una dirección." @@ -15957,10 +17155,26 @@ msgstr "Use este comando PIM para modificar el valor de tiempo de espera (31-600 msgid "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Utilice este comando para configurar el grupo de direcciones IPv6 desde el cual un cliente PPPoE obtendrá un prefijo IPv6 de su longitud definida (máscara) para terminar el extremo PPPoE a su lado. La longitud de la máscara se puede configurar de 48 a 128 bits, el valor predeterminado es 64." -#: ../../configuration/vpn/sstp.rst:137 +#: ../../configuration/service/ipoe-server.rst:261 +msgid "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/service/pppoe-server.rst:355 +msgid "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/pptp.rst:223 +msgid "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/sstp.rst:257 msgid "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Utilice este comando para configurar el grupo de direcciones IPv6 desde el cual un cliente SSTP obtendrá un prefijo IPv6 de su longitud definida (máscara) para terminar el punto final SSTP en su lado. La longitud de la máscara se puede configurar de 48 a 128 bits, el valor predeterminado es 64." +#: ../../configuration/vpn/l2tp.rst:299 +msgid "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + #: ../../configuration/service/pppoe-server.rst:93 msgid "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." msgstr "Utilice este comando para cada grupo de direcciones IP de cliente que desee definir. Las direcciones de este grupo se proporcionarán a los clientes PPPoE. Debe utilizar la notación CIDR." @@ -16005,7 +17219,7 @@ msgstr "Utilice este comando para verificar el estado del túnel para las interf msgid "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." msgstr "Utilice este comando para verificar el estado del túnel para las interfaces de sitio a sitio de OpenVPN." -#: ../../configuration/system/ipv6.rst:154 +#: ../../configuration/system/ipv6.rst:167 msgid "Use this command to clear Border Gateway Protocol statistics or status." msgstr "Utilice este comando para borrar las estadÃsticas o el estado del protocolo de puerta de enlace fronteriza." @@ -16013,16 +17227,32 @@ msgstr "Utilice este comando para borrar las estadÃsticas o el estado del proto msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Utilice este comando para configurar la delegación de prefijos de DHCPv6 (RFC3633). Tendrá que configurar su grupo de IPv6 y la longitud del prefijo de delegación. Desde el conjunto de IPv6 definido, distribuirá redes de la longitud definida (prefijo de delegación). La longitud del prefijo de delegación se puede establecer entre 32 y 64 bits." -#: ../../configuration/vpn/sstp.rst:146 +#: ../../configuration/service/ipoe-server.rst:269 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/service/pppoe-server.rst:363 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/pptp.rst:231 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/sstp.rst:265 msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Utilice este comando para configurar la delegación de prefijos de DHCPv6 (RFC3633) en SSTP. Tendrá que configurar su grupo de IPv6 y la longitud del prefijo de delegación. Desde el conjunto de IPv6 definido, distribuirá redes de la longitud definida (prefijo de delegación). La longitud del prefijo de delegación se puede establecer entre 32 y 64 bits." +#: ../../configuration/vpn/l2tp.rst:307 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + #: ../../configuration/service/pppoe-server.rst:120 msgid "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." msgstr "Utilice este comando para configurar Extensiones de autorización dinámicas para RADIUS para que pueda desconectar sesiones de forma remota y cambiar algunos parámetros de autenticación." -#: ../../configuration/protocols/static.rst:112 -#: ../../configuration/protocols/static.rst:125 +#: ../../configuration/protocols/static.rst:146 +#: ../../configuration/protocols/static.rst:159 msgid "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." msgstr "Utilice este comando para configurar una ruta de "agujero negro" en el enrutador. Una ruta de agujero negro es una ruta para la cual el sistema descarta silenciosamente los paquetes que coinciden. Esto evita que las redes filtren interfaces públicas, pero no evita que se utilicen como una ruta más especÃfica dentro de su red." @@ -16226,6 +17456,10 @@ msgstr "Utilice este comando para controlar la cantidad máxima de rutas de igua msgid "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." msgstr "Utilice este comando para crear una polÃtica Fair-Queue y asÃgnele un nombre. Se basa en Stochastic Fairness Queuing y se puede aplicar al tráfico saliente." +#: ../../configuration/vpn/l2tp.rst:68 +msgid "Use this command to define IPsec interface." +msgstr "Use this command to define IPsec interface." + #: ../../configuration/trafficpolicy/index.rst:425 msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." msgstr "Utilice este comando para definir una polÃtica de Fair-Queue, basada en Stochastic Fairness Queueing, y establezca la cantidad máxima de paquetes permitidos para esperar en la cola. Cualquier otro paquete será descartado." @@ -16234,8 +17468,19 @@ msgstr "Utilice este comando para definir una polÃtica de Fair-Queue, basada en msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." msgstr "Utilice este comando para definir una polÃtica de Fair-Queue, basada en Stochastic Fairness Queueing, y establezca la cantidad de segundos en los que ocurrirá una nueva perturbación del algoritmo de cola (máximo 4294967295)." -#: ../../configuration/service/pppoe-server.rst:81 -#: ../../configuration/vpn/sstp.rst:132 +#: ../../configuration/service/ipoe-server.rst:277 +#: ../../configuration/service/pppoe-server.rst:371 +#: ../../configuration/vpn/l2tp.rst:315 +#: ../../configuration/vpn/pptp.rst:239 +#: ../../configuration/vpn/sstp.rst:273 +msgid "Use this command to define default IPv6 address pool name." +msgstr "Use this command to define default IPv6 address pool name." + +#: ../../configuration/service/ipoe-server.rst:77 +#: ../../configuration/service/pppoe-server.rst:61 +#: ../../configuration/vpn/l2tp.rst:48 +#: ../../configuration/vpn/pptp.rst:50 +#: ../../configuration/vpn/sstp.rst:75 msgid "Use this command to define default address pool name." msgstr "Use this command to define default address pool name." @@ -16255,15 +17500,31 @@ msgstr "Utilice este comando para definir en la interfaz seleccionada si elige l msgid "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +#: ../../configuration/service/ipoe-server.rst:70 +msgid "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + #: ../../configuration/service/pppoe-server.rst:73 msgid "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." msgstr "Utilice este comando para definir la primera dirección IP de un conjunto de direcciones que se proporcionarán a los clientes PPPoE. Debe estar dentro de una subred /24." -#: ../../configuration/vpn/sstp.rst:121 +#: ../../configuration/vpn/pptp.rst:43 +msgid "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/vpn/sstp.rst:68 msgid "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." -#: ../../configuration/service/pppoe-server.rst:42 +#: ../../configuration/vpn/l2tp.rst:41 +msgid "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:54 +msgid "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:65 msgid "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." msgstr "Utilice este comando para definir la interfaz que utilizará el servidor PPPoE para escuchar a los clientes PPPoE." @@ -16283,8 +17544,11 @@ msgstr "Utilice este comando para definir el número máximo de entradas que se msgid "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." msgstr "Utilice este comando para definir el número máximo de entradas que se mantendrán en la caché de vecinos (1024, 2048, 4096, 8192, 16384, 32768)." -#: ../../configuration/service/pppoe-server.rst:77 -#: ../../configuration/vpn/sstp.rst:128 +#: ../../configuration/service/ipoe-server.rst:332 +#: ../../configuration/service/pppoe-server.rst:450 +#: ../../configuration/vpn/l2tp.rst:404 +#: ../../configuration/vpn/pptp.rst:328 +#: ../../configuration/vpn/sstp.rst:362 msgid "Use this command to define the next address pool name." msgstr "Use this command to define the next address pool name." @@ -16352,7 +17616,7 @@ msgstr "Use this command to enable PIMv6 in the selected interface so that it ca msgid "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." msgstr "Utilice este comando para habilitar la adquisición de direcciones IPv6 mediante la configuración automática sin estado (SLAAC)." -#: ../../configuration/service/pppoe-server.rst:236 +#: ../../configuration/service/pppoe-server.rst:310 msgid "Use this command to enable bandwidth shaping via RADIUS." msgstr "Utilice este comando para habilitar la configuración del ancho de banda a través de RADIUS." @@ -16364,7 +17628,7 @@ msgstr "Utilice este comando para habilitar el Protocolo de resolución de direc msgid "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." msgstr "Utilice este comando para habilitar sesiones LDP dirigidas al enrutador local. El enrutador entonces responderá a cualquier sesión que intente conectarse a él que no sea un tipo de conexión TCP de enlace local." -#: ../../configuration/service/pppoe-server.rst:249 +#: ../../configuration/service/pppoe-server.rst:323 msgid "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." msgstr "Use este comando para habilitar el retraso de los paquetes PADO (Oferta de descubrimiento activo PPPoE), que se puede usar como un mecanismo de equilibrio de sesión con otros servidores PPPoE." @@ -16386,7 +17650,7 @@ msgstr "Use this command to enable the logging of the default action on custom c msgid "Use this command to enable the logging of the default action on the specified chain." msgstr "Use this command to enable the logging of the default action on the specified chain." -#: ../../configuration/system/ipv6.rst:165 +#: ../../configuration/system/ipv6.rst:178 msgid "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." msgstr "Utilice este comando para vaciar la caché de rutas IPv6 del kernel. Se puede agregar una dirección para vaciarla solo para esa ruta." @@ -16394,11 +17658,11 @@ msgstr "Utilice este comando para vaciar la caché de rutas IPv6 del kernel. Se msgid "Use this command to get an overview of a zone." msgstr "Utilice este comando para obtener una descripción general de una zona." -#: ../../configuration/system/ipv6.rst:120 +#: ../../configuration/system/ipv6.rst:133 msgid "Use this command to get information about OSPFv3." msgstr "Utilice este comando para obtener información sobre OSPFv3." -#: ../../configuration/system/ipv6.rst:142 +#: ../../configuration/system/ipv6.rst:155 msgid "Use this command to get information about the RIPNG protocol" msgstr "Use este comando para obtener información sobre el protocolo RIPNG" @@ -16410,10 +17674,22 @@ msgstr "Utilice este comando para indicarle al sistema que establezca una conexi msgid "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." msgstr "Utilice este comando para vincular la conexión PPPoE a una interfaz fÃsica. Cada conexión PPPoE debe establecerse a través de una interfaz fÃsica. Las interfaces pueden ser interfaces Ethernet normales, VIF o interfaces/VIF de vinculación." -#: ../../configuration/service/pppoe-server.rst:311 +#: ../../configuration/service/ipoe-server.rst:394 +msgid "Use this command to locally check the active sessions in the IPoE server." +msgstr "Use this command to locally check the active sessions in the IPoE server." + +#: ../../configuration/service/pppoe-server.rst:587 msgid "Use this command to locally check the active sessions in the PPPoE server." msgstr "Utilice este comando para verificar localmente las sesiones activas en el servidor PPPoE." +#: ../../configuration/vpn/pptp.rst:446 +msgid "Use this command to locally check the active sessions in the PPTP server." +msgstr "Use this command to locally check the active sessions in the PPTP server." + +#: ../../configuration/vpn/sstp.rst:542 +msgid "Use this command to locally check the active sessions in the SSTP server." +msgstr "Use this command to locally check the active sessions in the SSTP server." + #: ../../configuration/protocols/igmp.rst:104 msgid "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." msgstr "Use este comando para configurar manualmente un punto de encuentro para PIM para que los mensajes de unión se puedan enviar allÃ. Establezca la dirección del punto Rendevouz y el prefijo correspondiente de los rangos de grupo cubiertos. Estos valores deben compartirse con todos los enrutadores que participan en la red PIM." @@ -16427,7 +17703,7 @@ msgstr "Utilice este comando para no instalar servidores de nombres DNS anunciad msgid "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." msgstr "Utilice este comando para preferir IPv4 para la conexión de transporte de pares TCP para LDP cuando las direcciones LDP IPv4 e IPv6 están configuradas en la misma interfaz." -#: ../../configuration/system/ipv6.rst:160 +#: ../../configuration/system/ipv6.rst:173 msgid "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." msgstr "Utilice este comando para restablecer la memoria caché del Protocolo de descubrimiento de vecinos IPv6 para una dirección o interfaz." @@ -16467,7 +17743,7 @@ msgstr "Use este comando para ver la información de saludo de descubrimiento" msgid "Use this command to see the Label Information Base." msgstr "Utilice este comando para ver la Base de información de etiquetas." -#: ../../configuration/service/pppoe-server.rst:26 +#: ../../configuration/service/pppoe-server.rst:33 msgid "Use this command to set a name for this PPPoE-server access concentrator." msgstr "Utilice este comando para establecer un nombre para este concentrador de acceso al servidor PPPoE." @@ -16511,31 +17787,31 @@ msgstr "Utilice este comando para configurar el nombre de usuario para autentica msgid "Use this command to show IPv6 Border Gateway Protocol information." msgstr "Utilice este comando para mostrar la información del protocolo de puerta de enlace de borde IPv6." -#: ../../configuration/system/ipv6.rst:50 +#: ../../configuration/system/ipv6.rst:63 msgid "Use this command to show IPv6 Neighbor Discovery Protocol information." msgstr "Utilice este comando para mostrar la información del Protocolo de detección de vecinos IPv6." -#: ../../configuration/system/ipv6.rst:58 +#: ../../configuration/system/ipv6.rst:71 msgid "Use this command to show IPv6 forwarding status." msgstr "Utilice este comando para mostrar el estado de reenvÃo de IPv6." -#: ../../configuration/system/ipv6.rst:54 +#: ../../configuration/system/ipv6.rst:67 msgid "Use this command to show IPv6 multicast group membership." msgstr "Utilice este comando para mostrar la pertenencia al grupo de multidifusión IPv6." -#: ../../configuration/system/ipv6.rst:62 +#: ../../configuration/system/ipv6.rst:75 msgid "Use this command to show IPv6 routes." msgstr "Utilice este comando para mostrar rutas IPv6." -#: ../../configuration/system/ipv6.rst:105 +#: ../../configuration/system/ipv6.rst:118 msgid "Use this command to show all IPv6 access lists" msgstr "Use este comando para mostrar todas las listas de acceso de IPv6" -#: ../../configuration/system/ipv6.rst:90 +#: ../../configuration/system/ipv6.rst:103 msgid "Use this command to show all IPv6 prefix lists" msgstr "Use este comando para mostrar todas las listas de prefijos de IPv6" -#: ../../configuration/system/ipv6.rst:146 +#: ../../configuration/system/ipv6.rst:159 msgid "Use this command to show the status of the RIPNG protocol" msgstr "Use este comando para mostrar el estado del protocolo RIPNG" @@ -16595,6 +17871,14 @@ msgstr "Se utiliza para bloquear dominios especÃficos por parte del Proxy. Espe msgid "User-level messages" msgstr "Mensajes a nivel de usuario" +#: ../../configuration/service/ipoe-server.rst:250 +#: ../../configuration/service/pppoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:255 +#: ../../configuration/vpn/pptp.rst:195 +#: ../../configuration/vpn/sstp.rst:228 +msgid "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." +msgstr "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." + #: ../../configuration/policy/examples.rst:18 msgid "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." msgstr "Usando 'reconfiguración suave' obtenemos la actualización de la polÃtica sin rebotar al vecino." @@ -16603,11 +17887,11 @@ msgstr "Usando 'reconfiguración suave' obtenemos la actualización de l msgid "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." msgstr "Usar **openvpn-option -renega-sec** puede ser complicado. Esta opción se utiliza para renegociar el canal de datos después de n segundos. Cuando se usa tanto en el servidor como en el cliente, el valor más bajo activará la renegociación. Si lo establece en 0 en un lado de la conexión (para deshabilitarlo), el valor elegido en el otro lado determinará cuándo ocurrirá la renegociación." -#: ../../configuration/protocols/bgp.rst:900 +#: ../../configuration/protocols/bgp.rst:922 msgid "Using BGP confederation" msgstr "Uso de la confederación BGP" -#: ../../configuration/protocols/bgp.rst:899 +#: ../../configuration/protocols/bgp.rst:921 msgid "Using BGP route-reflectors" msgstr "Uso de reflectores de ruta BGP" @@ -16615,6 +17899,10 @@ msgstr "Uso de reflectores de ruta BGP" msgid "Using VLAN aware Bridge" msgstr "Uso de puente con reconocimiento de VLAN" +#: ../../configuration/vpn/sstp.rst:29 +msgid "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" +msgstr "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" + #: ../../configuration/interfaces/bridge.rst:266 msgid "Using the operation mode command to view Bridge Information" msgstr "Uso del comando de modo de operación para ver la información del puente" @@ -16652,6 +17940,10 @@ msgstr "Frecuencia central del canal operativo VHT - frecuencia central 2 (para msgid "VLAN" msgstr "VLAN" +#: ../../configuration/service/pppoe-server.rst:232 +msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." +msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." + #: ../../configuration/service/pppoe-server.rst:163 msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." msgstr "Accel-ppp puede crear VLAN sobre la marcha mediante el uso de un módulo Kernel llamado `vlan_mon`, que supervisa las VLAN entrantes y crea la VLAN necesaria si es necesario y está permitido. VyOS admite el uso de ID de VLAN o rangos completos, ambos valores se pueden definir al mismo tiempo para una interfaz." @@ -16668,6 +17960,10 @@ msgstr "Ejemplo de VLAN" msgid "VLAN Options" msgstr "Opciones de VLAN" +#: ../../configuration/service/ipoe-server.rst:315 +msgid "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" +msgstr "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" + #: ../../configuration/service/lldp.rst:28 msgid "VLAN name" msgstr "nombre de VLAN" @@ -16688,32 +17984,32 @@ msgstr "Los clientes VPN solicitarán parámetros de configuración, opcionalmen msgid "VRF" msgstr "VRF" -#: ../../configuration/vrf/index.rst:411 +#: ../../configuration/vrf/index.rst:430 msgid "VRF Route Leaking" msgstr "Fuga de ruta VRF" -#: ../../configuration/vrf/index.rst:283 +#: ../../configuration/vrf/index.rst:302 msgid "VRF and NAT" msgstr "VRF and NAT" -#: ../../configuration/vrf/index.rst:380 +#: ../../configuration/vrf/index.rst:399 msgid "VRF blue routing table" msgstr "Tabla de enrutamiento azul VRF" -#: ../../configuration/vrf/index.rst:347 +#: ../../configuration/vrf/index.rst:366 msgid "VRF default routing table" msgstr "Tabla de enrutamiento por defecto de VRF" -#: ../../configuration/vrf/index.rst:363 +#: ../../configuration/vrf/index.rst:382 msgid "VRF red routing table" msgstr "Tabla de enrutamiento rojo VRF" -#: ../../configuration/vrf/index.rst:235 -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:254 +#: ../../configuration/vrf/index.rst:261 msgid "VRF route leaking" msgstr "Fuga de ruta VRF" -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:261 msgid "VRF topology example" msgstr "Ejemplo de topologÃa VRF" @@ -16769,11 +18065,19 @@ msgstr "Los valores válidos son 0..255." msgid "Value" msgstr "Valor" -#: ../../configuration/vpn/sstp.rst:263 +#: ../../configuration/service/ipoe-server.rst:203 +#: ../../configuration/service/pppoe-server.rst:165 +#: ../../configuration/vpn/l2tp.rst:208 +#: ../../configuration/vpn/pptp.rst:148 +#: ../../configuration/vpn/sstp.rst:181 msgid "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." msgstr "Valor para enviar al servidor RADIUS en el atributo NAS-IP-Address y para que coincida con las solicitudes de DM/CoA. También el servidor DM/CoA se vinculará a esa dirección." -#: ../../configuration/vpn/sstp.rst:258 +#: ../../configuration/service/ipoe-server.rst:198 +#: ../../configuration/service/pppoe-server.rst:160 +#: ../../configuration/vpn/l2tp.rst:203 +#: ../../configuration/vpn/pptp.rst:143 +#: ../../configuration/vpn/sstp.rst:176 msgid "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." msgstr "Valor para enviar al servidor RADIUS en el atributo NAS-Identifier y para que coincida con las solicitudes de DM/CoA." @@ -16795,11 +18099,11 @@ msgstr "Verify that connections are hitting the rule on both sides:" msgid "Version" msgstr "Versión" -#: ../../configuration/highavailability/index.rst:339 +#: ../../configuration/highavailability/index.rst:349 msgid "Virtual-server" msgstr "Servidor virtual" -#: ../../configuration/highavailability/index.rst:398 +#: ../../configuration/highavailability/index.rst:408 msgid "Virtual-server can be configured with VRRP virtual address or without VRRP." msgstr "El servidor virtual se puede configurar con dirección virtual VRRP o sin VRRP." @@ -16807,7 +18111,7 @@ msgstr "El servidor virtual se puede configurar con dirección virtual VRRP o si msgid "Virtual Ethernet" msgstr "Ethernet virtuales" -#: ../../configuration/highavailability/index.rst:342 +#: ../../configuration/highavailability/index.rst:352 msgid "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." msgstr "El servidor virtual permite equilibrar la carga del destino del tráfico virtual-address:port entre varios servidores reales." @@ -16823,11 +18127,11 @@ msgstr "VyOS 1.1 admite el inicio de sesión como usuario ``root``. Esto se elim msgid "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." msgstr "VyOS 1.3 (equuleus) es compatible con DHCPv6-PD (:rfc:`3633`). La delegación de prefijos de DHCPv6 es compatible con la mayorÃa de los ISP que proporcionan IPv6 nativo para consumidores en redes fijas." -#: ../../configuration/vrf/index.rst:84 +#: ../../configuration/vrf/index.rst:103 msgid "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." msgstr "VyOS 1.4 (sagitta) introdujo soporte de enrutamiento dinámico para VRF." -#: ../../configuration/pki/index.rst:9 +#: ../../configuration/pki/index.rst:11 msgid "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." msgstr "VyOS 1.4 cambió la forma en que se almacenan las claves de cifrado o los certificados en el sistema. En la era anterior a VyOS 1.4, los certificados se almacenaban en /config y cada servicio hacÃa referencia a un archivo. Eso hizo que copiar una configuración en ejecución del sistema A al sistema B fuera un poco más difÃcil, ya que tenÃa que copiar los archivos y sus permisos a mano." @@ -16839,7 +18143,7 @@ msgstr "VyOS 1.4 usa chrony en lugar de ntpd (consulte :vytask:`T3008`), que ya msgid "VyOS Arista EOS setup" msgstr "Configuración de VyOS Arista EOS" -#: ../../configuration/vpn/ipsec.rst:120 +#: ../../configuration/vpn/ipsec.rst:123 msgid "VyOS ESP group has the next options:" msgstr "El grupo VyOS ESP tiene las siguientes opciones:" @@ -16883,10 +18187,14 @@ msgstr "VyOS SNMP admite tanto IPv4 como IPv6." msgid "VyOS also comes with a build in SSTP server, see :ref:`sstp`." msgstr "VyOS también viene con un servidor SSTP integrado, consulte :ref:`sstp`." -#: ../../configuration/service/dhcp-server.rst:504 +#: ../../configuration/service/dhcp-server.rst:510 msgid "VyOS also provides DHCPv6 server functionality which is described in this section." msgstr "VyOS también proporciona la funcionalidad del servidor DHCPv6 que se describe en esta sección." +#: ../../configuration/vpn/ipsec.rst:474 +msgid "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." +msgstr "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:127 msgid "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." msgstr "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." @@ -16928,7 +18236,11 @@ msgstr "VyOS facilita la multidifusión IP al admitir **Modo disperso PIM**, **I msgid "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." msgstr "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." -#: ../../configuration/service/dns.rst:214 +#: ../../configuration/service/ids.rst:17 +msgid "VyOS includes the FastNetMon Community Edition." +msgstr "VyOS includes the FastNetMon Community Edition." + +#: ../../configuration/service/dns.rst:201 msgid "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." msgstr "VyOS puede actualizar un registro DNS remoto cuando una interfaz obtiene una nueva dirección IP. Para hacerlo, VyOS incluye ddclient_, un script de Perl escrito para este único propósito." @@ -16952,15 +18264,15 @@ msgstr "VyOS hace uso de Linux `netfilter<https://netfilter.org/> `_ para el fil msgid "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" msgstr "VyOS hace uso de :abbr:`FRR (Free Range Routing)` y nos gustarÃa agradecerles por su esfuerzo." -#: ../../configuration/pki/index.rst:21 +#: ../../configuration/pki/index.rst:23 msgid "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." msgstr "VyOS ahora no solo puede administrar certificados emitidos por autoridades de certificación de terceros, sino que también puede actuar como una CA por sà solo. Puede crear su propia CA raÃz y firmar claves con ella haciendo uso de algunos comandos simples de modo operativo." -#: ../../configuration/pki/index.rst:35 +#: ../../configuration/pki/index.rst:37 msgid "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." msgstr "VyOS ahora también tiene la capacidad de crear CA, claves, Diffie-Hellman y otros pares de claves desde un comando de nivel operativo de fácil acceso." -#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:323 msgid "VyOS operational mode commands are not only available for generating keys but also to display them." msgstr "Los comandos del modo operativo VyOS no solo están disponibles para generar claves, sino también para mostrarlas." @@ -17000,6 +18312,10 @@ msgstr "VyOS proporciona algunos comandos operativos en OpenVPN." msgid "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." msgstr "VyOS proporciona soporte para conmutación por error de DHCP. La conmutación por error de DHCP debe configurarse explÃcitamente mediante las siguientes declaraciones." +#: ../../configuration/pki/index.rst:255 +msgid "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." +msgstr "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." + #: ../../configuration/loadbalancing/reverse-proxy.rst:8 msgid "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." msgstr "El proxy inverso de VyOS es un equilibrador y servidor proxy que proporciona alta disponibilidad, equilibrio de carga y proxy para aplicaciones basadas en TCP (nivel 4) y HTTP (nivel 7)." @@ -17020,6 +18336,10 @@ msgstr "VyOS supports both MLD version 1 and version 2 (which allows source-spec msgid "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." msgstr "VyOS admite la contabilidad de flujo para el tráfico IPv4 e IPv6. El sistema actúa como un exportador de flujo y puede usarlo con cualquier colector compatible." +#: ../../configuration/vpn/ipsec.rst:452 +msgid "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." +msgstr "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." + #: ../../configuration/system/updates.rst:5 msgid "VyOS supports online checking for updates" msgstr "VyOS supports online checking for updates" @@ -17060,11 +18380,11 @@ msgstr "VyOS usa la opción `mirror` para configurar la duplicación de puertos. msgid "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utiliza `accel-ppp`_ para proporcionar la funcionalidad del servidor PPPoE. Se puede utilizar con autenticación local o un servidor RADIUS conectado." -#: ../../configuration/service/ipoe-server.rst:9 +#: ../../configuration/service/ipoe-server.rst:7 msgid "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." msgstr "VyOS utiliza `accel-ppp`_ para proporcionar la funcionalidad del servidor :abbr:`IPoE (Protocolo de Internet sobre Ethernet). Se puede usar con autenticación local (dirección mac) o un servidor RADIUS conectado." -#: ../../configuration/vpn/l2tp.rst:6 +#: ../../configuration/vpn/l2tp.rst:7 msgid "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utiliza accel-ppp_ para proporcionar la funcionalidad del servidor L2TP. Se puede utilizar con autenticación local o un servidor RADIUS conectado." @@ -17076,7 +18396,7 @@ msgstr "VyOS utiliza accel-ppp_ para proporcionar la funcionalidad del servidor msgid "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." msgstr "El Equilibrio de carga WAN no debe usarse cuando se usa/necesita el protocolo de enrutamiento dinámico. Esta caracterÃstica crea tablas de enrutamiento personalizadas y reglas de firewall, lo que hace que su uso sea incompatible con los protocolos de enrutamiento." -#: ../../configuration/vpn/site2site_ipsec.rst:164 +#: ../../configuration/vpn/site2site_ipsec.rst:167 msgid "WAN interface on `eth1`" msgstr "Interfaz WAN en `eth1`" @@ -17117,7 +18437,7 @@ msgstr "We'll configure OpenVPN using self-signed certificates, and then discuss msgid "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." msgstr "Usaremos los grupos IKE y ESP creados anteriormente para esta VPN. Debido a que necesitamos acceso a 2 subredes diferentes en el lado lejano, necesitaremos dos túneles diferentes. Si cambió los nombres del grupo ESP y del grupo IKE en el paso anterior, asegúrese de usar los nombres correctos aquà también." -#: ../../configuration/vpn/ipsec.rst:232 +#: ../../configuration/vpn/ipsec.rst:236 msgid "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." msgstr "Suponemos que el enrutador IZQUIERDO tiene una dirección estática 192.0.2.10 en eth0 y el enrutador DERECHO tiene una dirección dinámica en eth0." @@ -17129,11 +18449,15 @@ msgstr "No podemos admitir todas las pantallas desde el principio. Si falta su t msgid "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." msgstr "También podemos crear los certificados usando Cerbort, que es un cliente fácil de usar que obtiene un certificado de Let's Encrypt, una autoridad de certificación abierta lanzada por EFF, Mozilla y otros, y lo implementa en un servidor web." -#: ../../configuration/protocols/rpki.rst:158 +#: ../../configuration/protocols/rpki.rst:168 msgid "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" msgstr "Podemos construir mapas de ruta para importar basados en estos estados. Aquà hay una configuración simple de RPKI, donde `routinator` es el servidor de "caché" de validación de RPKI con ip `192.0.2.1`:" -#: ../../configuration/protocols/bgp.rst:1249 +#: ../../configuration/vpn/ipsec.rst:456 +msgid "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." +msgstr "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." + +#: ../../configuration/protocols/bgp.rst:1271 msgid "We could expand on this and also deny link local and multicast in the rule 20 action deny." msgstr "PodrÃamos ampliar esto y también denegar enlace local y multidifusión en la acción denegar de la regla 20." @@ -17145,6 +18469,10 @@ msgstr "No tenemos nodos CLI para cada opción de OpenVPN. Si falta una opción, msgid "We don't recomend to use arguments. Using environments is more preffereble." msgstr "No recomendamos usar argumentos. El uso de entornos es más preferible." +#: ../../configuration/vpn/ipsec.rst:506 +msgid "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." +msgstr "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." + #: ../../configuration/interfaces/wireguard.rst:148 msgid "We listen on port 51820" msgstr "Escuchamos en el puerto 51820" @@ -17153,7 +18481,7 @@ msgstr "Escuchamos en el puerto 51820" msgid "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" msgstr "Necesitamos generar el certificado que autentica a los usuarios que intentan acceder al recurso de red a través de los túneles SSL VPN. Los siguientes comandos crearán certificados autofirmados y se almacenarán en la configuración:" -#: ../../configuration/system/option.rst:85 +#: ../../configuration/system/option.rst:115 msgid "We now utilize `tuned` for dynamic resource balancing based on profiles." msgstr "Ahora utilizamos `tuned` para el equilibrio dinámico de recursos basado en perfiles." @@ -17169,7 +18497,7 @@ msgstr "Solo necesitamos un solo paso para esta interfaz:" msgid "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" msgstr "Enrutamos todo el tráfico de la red 192.168.2.0/24 a la interfaz `wg01`" -#: ../../configuration/system/login.rst:420 +#: ../../configuration/system/login.rst:424 msgid "We use a vontainer providing the TACACS serve rin this example." msgstr "Usamos un contenedor que proporciona el servicio TACACS en este ejemplo." @@ -17177,7 +18505,7 @@ msgstr "Usamos un contenedor que proporciona el servicio TACACS en este ejemplo. msgid "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." msgstr "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." -#: ../../configuration/service/dhcp-server.rst:331 +#: ../../configuration/service/dhcp-server.rst:337 msgid "Web Proxy Autodiscovery (WPAD) URL" msgstr "URL de detección automática de proxy web (WPAD)" @@ -17201,15 +18529,19 @@ msgstr "Cuando LDP esté funcionando, podrá ver la información de la etiqueta msgid "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." msgstr "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." -#: ../../configuration/vrf/index.rst:73 +#: ../../configuration/vrf/index.rst:92 msgid "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." msgstr "Cuando se utilizan VRF, no solo es obligatorio crear un VRF, sino que también es necesario asignar el VRF a una interfaz." -#: ../../configuration/service/dns.rst:354 +#: ../../configuration/service/dns.rst:351 +msgid "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." +msgstr "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." + +#: ../../configuration/service/dns.rst:357 msgid "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." msgstr "Cuando se utiliza un proveedor DynDNS ``personalizado``, el `<server> ` Debe especificarse a dónde se envÃan las solicitudes de actualización." -#: ../../configuration/service/dns.rst:347 +#: ../../configuration/service/dns.rst:361 msgid "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." msgstr "Cuando se utiliza un proveedor DynDNS ``personalizado``, el protocolo utilizado para comunicarse con el proveedor debe especificarse en ``<protocol> `. Consulte el asistente de finalización incorporado para conocer los protocolos disponibles." @@ -17225,7 +18557,11 @@ msgstr "Cuando se vuelve a conectar un enlace o un nuevo esclavo se une al enlac msgid "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." msgstr "Cuando se va a enviar un paquete, tendrá que pasar por esa cola, por lo que el paquete se colocará al final de la misma. Cuando el paquete lo atraviese por completo, se eliminará de la cola, vaciando su lugar en la cola y, finalmente, se entregará a la NIC para que se envÃe realmente." -#: ../../configuration/protocols/bgp.rst:684 +#: ../../configuration/protocols/bgp.rst:589 +msgid "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." +msgstr "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." + +#: ../../configuration/protocols/bgp.rst:706 msgid "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." msgstr "Cuando falla una ruta, se envÃa una actualización de enrutamiento para retirar la ruta de las tablas de enrutamiento de la red. Cuando se vuelve a habilitar la ruta, también se anuncia el cambio en la disponibilidad. Una ruta que falla y regresa continuamente requiere una gran cantidad de tráfico de red para actualizar la red sobre el estado de la ruta." @@ -17237,7 +18573,7 @@ msgstr "Al agregar la función de intercambio de información de enrutamiento IP msgid "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." msgstr "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." -#: ../../configuration/service/pppoe-server.rst:169 +#: ../../configuration/service/pppoe-server.rst:238 msgid "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." msgstr "Cuando está configurado, PPPoE creará las VLAN necesarias cuando sea necesario. Una vez que se haya cancelado la sesión del usuario y ya no se necesite la VLAN, VyOS la eliminará nuevamente." @@ -17271,17 +18607,21 @@ msgstr "Al eliminar la cola, cada depósito de hash con datos se consulta de for msgid "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." msgstr "Cuando diseñe su conjunto de reglas NAT, deje algo de espacio entre las reglas consecutivas para una extensión posterior. Su conjunto de reglas podrÃa comenzar con los números 10, 20, 30. De este modo, más tarde puede ampliar el conjunto de reglas y colocar nuevas reglas entre las existentes." -#: ../../configuration/vrf/index.rst:188 +#: ../../configuration/vrf/index.rst:207 msgid "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." msgstr "Al realizar el aislamiento de fallas con ping, primero debe ejecutarlo en el host local para verificar que la interfaz de red local esté activa y funcionando. Luego, continúe con los hosts y las puertas de enlace más adelante en el camino hacia su destino. Se calculan el tiempo de ida y vuelta y las estadÃsticas de pérdida de paquetes." -#: ../../configuration/pki/index.rst:176 -#: ../../configuration/pki/index.rst:219 +#: ../../configuration/vpn/ipsec.rst:529 +msgid "When first connecting to the new VPN the user is prompted to enter proper credentials." +msgstr "When first connecting to the new VPN the user is prompted to enter proper credentials." + +#: ../../configuration/pki/index.rst:178 +#: ../../configuration/pki/index.rst:221 msgid "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "Al cargar el certificado, debe eliminar manualmente las etiquetas ``-----BEGIN CERTIFICATE-----`` y ``-----END CERTIFICATE-----``. Además, el certificado/clave debe presentarse en una sola lÃnea sin saltos de lÃnea (``\\n``), esto se puede hacer usando el siguiente comando de shell:" -#: ../../configuration/pki/index.rst:197 -#: ../../configuration/pki/index.rst:235 +#: ../../configuration/pki/index.rst:199 +#: ../../configuration/pki/index.rst:237 msgid "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "Al cargar el certificado, debe quitar manualmente las etiquetas ``-----BEGIN KEY-----`` y ``-----END KEY-----``. Además, el certificado/clave debe presentarse en una sola lÃnea sin saltos de lÃnea (``\\n``), esto se puede hacer usando el siguiente comando de shell:" @@ -17325,7 +18665,7 @@ msgstr "Cuando se configura, la interfaz está habilitada para "marcar bajo msgid "When specified, this should be the only keyword for the interface." msgstr "Cuando se especifica, esta debe ser la única palabra clave para la interfaz." -#: ../../configuration/system/option.rst:60 +#: ../../configuration/system/option.rst:90 msgid "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." msgstr "Al iniciar un sistema VyOS en vivo (el CD de instalación), el diseño del teclado configurado se establece de forma predeterminada en EE. UU. Como esto puede no ser adecuado para todos los casos de uso, puede ajustar el diseño del teclado usado en la consola del sistema." @@ -17334,7 +18674,7 @@ msgstr "Al iniciar un sistema VyOS en vivo (el CD de instalación), el diseño d msgid "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." msgstr "Cuando el servidor DHCP está considerando asignar dinámicamente una dirección IP a un cliente, primero envÃa una solicitud de eco ICMP (un ping) a la dirección asignada. Espera un segundo y, si no se escucha ninguna respuesta de eco ICMP, asigna la dirección." -#: ../../configuration/vpn/site2site_ipsec.rst:416 +#: ../../configuration/vpn/site2site_ipsec.rst:419 msgid "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." msgstr "Cuando la opción de acción de cierre se establece en los pares, el tipo de conexión de cada par debe considerarse cuidadosamente. Por ejemplo, si la opción está configurada en ambos pares, ambos intentarán iniciar y mantener abiertas varias copias de cada SA secundario. Esto podrÃa conducir a la inestabilidad del dispositivo o la utilización de la CPU/memoria." @@ -17346,6 +18686,10 @@ msgstr "Cuando se establece el comando anterior, VyOS responderá a todas las so msgid "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." msgstr "Cuando se establece el comando anterior, VyOS no responderá ninguna solicitud de eco ICMP dirigida a sà mismo, sin importar de dónde provenga o si se aplican reglas más especÃficas para aceptarlas." +#: ../../configuration/highavailability/index.rst:321 +msgid "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" +msgstr "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" + #: ../../_include/interface-address-with-dhcp.txt:14 msgid "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" msgstr "Cuando se utiliza DHCP para recuperar la dirección IPv4 y si se necesitan personalizaciones locales, deberÃan ser posibles mediante los ganchos de entrada y salida proporcionados. Los directorios de enlace son:" @@ -17366,6 +18710,10 @@ msgstr "Cuando se usa NAT para una gran cantidad de sistemas host, se recomienda msgid "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." msgstr "Cuando se utiliza SSH, el archivo de hosts conocidos, el archivo de clave privada y el archivo de clave pública son opciones obligatorias." +#: ../../configuration/protocols/rpki.rst:161 +msgid "When using SSH, private-key-file and public-key-file are mandatory options." +msgstr "When using SSH, private-key-file and public-key-file are mandatory options." + #: ../../configuration/vpn/openconnect.rst:222 msgid "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" msgstr "Cuando utilice una contraseña de un solo uso basada en el tiempo (TOTP) (OTP HOTP-time), asegúrese de que la hora en el servidor y el generador de tokens OTP estén sincronizados por NTP." @@ -17450,12 +18798,23 @@ msgstr "Se registrarán solo los paquetes/flujos en la dirección **entrante** e msgid "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" msgstr "Caerá `<shared-network-name> _` del registro DNS del cliente, usando solo el nombre de declaración de host y el dominio: `<hostname> .<domain-name> `" +#: ../../configuration/vpn/ipsec.rst:501 +msgid "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." +msgstr "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." + +#: ../../configuration/service/pppoe-server.rst:579 +#: ../../configuration/vpn/l2tp.rst:514 +#: ../../configuration/vpn/pptp.rst:438 +#: ../../configuration/vpn/sstp.rst:472 +msgid "Windows Internet Name Service (WINS) servers propagated to client" +msgstr "Windows Internet Name Service (WINS) servers propagated to client" + #: ../../configuration/vpn/remoteaccess_ipsec.rst:147 msgid "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." msgstr "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." #: ../../configuration/interfaces/wireguard.rst:7 -#: ../../configuration/pki/index.rst:132 +#: ../../configuration/pki/index.rst:134 msgid "WireGuard" msgstr "Guardia de alambre" @@ -17524,17 +18883,17 @@ msgstr "Con este comando, puede especificar cómo debe coincidir la ruta de URL msgid "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." msgstr "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." -#: ../../configuration/service/dhcp-server.rst:257 -#: ../../configuration/service/dhcp-server.rst:262 -#: ../../configuration/service/dhcp-server.rst:267 -#: ../../configuration/service/dhcp-server.rst:277 -#: ../../configuration/service/dhcp-server.rst:282 -#: ../../configuration/service/dhcp-server.rst:312 -#: ../../configuration/service/dhcp-server.rst:317 -#: ../../configuration/service/dhcp-server.rst:322 -#: ../../configuration/service/dhcp-server.rst:342 -#: ../../configuration/service/dhcp-server.rst:347 -#: ../../configuration/service/dhcp-server.rst:357 +#: ../../configuration/service/dhcp-server.rst:263 +#: ../../configuration/service/dhcp-server.rst:268 +#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:318 +#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:363 msgid "Y" msgstr "y" @@ -17542,7 +18901,7 @@ msgstr "y" msgid "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." msgstr "Siempre aplica un conjunto de reglas a una zona desde otra zona, se recomienda crear un conjunto de reglas para cada par de zonas." -#: ../../configuration/system/login.rst:365 +#: ../../configuration/system/login.rst:369 msgid "You are able to set post-login or pre-login banner messages to display certain information for this system." msgstr "Puede configurar mensajes de banner posteriores o previos al inicio de sesión para mostrar cierta información para este sistema." @@ -17562,7 +18921,11 @@ msgstr "También puede definir valores de tiempo de espera personalizados para a msgid "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" msgstr "También puede mantener actualizadas diferentes zonas DNS. Simplemente cree un nuevo nodo de configuración: `` establezca la interfaz dinámica de dns del servicio<interface> rfc2136<other-service-name> ``" -#: ../../configuration/system/ipv6.rst:107 +#: ../../configuration/service/router-advert.rst:58 +msgid "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." +msgstr "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." + +#: ../../configuration/system/ipv6.rst:120 msgid "You can also specify which IPv6 access-list should be shown:" msgstr "También puede especificar qué lista de acceso de IPv6 se debe mostrar:" @@ -17578,7 +18941,7 @@ msgstr "También puede usar otros atributos para identificar al cliente para la msgid "You can also write a description for a filter:" msgstr "También puede escribir una descripción para un filtro:" -#: ../../configuration/system/login.rst:78 +#: ../../configuration/system/login.rst:82 msgid "You can assign multiple keys to the same user by using a unique identifier per SSH key." msgstr "Puede asignar varias claves al mismo usuario utilizando un identificador único por clave SSH." @@ -17614,7 +18977,7 @@ msgstr "Puede crear múltiples interfaces VLAN en una interfaz fÃsica. El rango msgid "You can disable a VRRP group with ``disable`` option:" msgstr "Puede deshabilitar un grupo VRRP con la opción ``deshabilitar``:" -#: ../../configuration/system/ipv6.rst:122 +#: ../../configuration/system/ipv6.rst:135 msgid "You can get more specific OSPFv3 information by using the parameters shown below:" msgstr "Puede obtener información OSPFv3 más especÃfica utilizando los parámetros que se muestran a continuación:" @@ -17626,11 +18989,11 @@ msgstr "No puede asignar la misma declaración de ips permitidas a varios pares msgid "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" msgstr "No puede ejecutar esto en una configuración VRRP, si se lanzan múltiples repetidores mDNS en una subred, experimentará la muerte de la tormenta de paquetes mDNS." -#: ../../configuration/vpn/sstp.rst:332 +#: ../../configuration/vpn/sstp.rst:505 msgid "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." msgstr "Ahora puede "marcar" al interlocutor con el siguiente comando: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." -#: ../../configuration/system/login.rst:443 +#: ../../configuration/system/login.rst:447 msgid "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." msgstr "Ahora puede usar SSH en su sistema usando admin/admin como un usuario predeterminado suministrado desde el contenedor ``lfkeitel/tacacs_plus:latest``." @@ -17718,6 +19081,10 @@ msgstr "También necesitará la clave pública de su par, asà como la(s) red(es msgid "Your ISPs modem is connected to port ``eth0`` of your VyOS box." msgstr "El módem de su ISP está conectado al puerto ``eth0`` de su caja VyOS." +#: ../../configuration/service/router-advert.rst:110 +msgid "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" +msgstr "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" + #: ../../configuration/system/ip.rst:31 #: ../../configuration/system/ipv6.rst:27 #: ../../configuration/vrf/index.rst:44 @@ -17758,7 +19125,7 @@ msgstr "(Esto puede ser útil cuando un servicio al que se llama tiene muchas di msgid ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." msgstr ":abbr:`AFI (identificador de autoridad de la familia de direcciones)` - ``49`` El valor 49 de AFI es lo que IS-IS usa para el direccionamiento privado." -#: ../../configuration/protocols/static.rst:152 +#: ../../configuration/protocols/static.rst:185 msgid ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." msgstr ":abbr:`ARP (Protocolo de resolución de direcciones)` es un protocolo de comunicación que se utiliza para descubrir la dirección de la capa de enlace, como una dirección MAC, asociada con una dirección de capa de Internet determinada, normalmente una dirección IPv4. Este mapeo es una función crÃtica en el conjunto de protocolos de Internet. ARP fue definido en 1982 por :rfc:`826`, que es el estándar de Internet STD 37." @@ -17818,7 +19185,7 @@ msgstr ":abbr:`IPSec (IP Security)`: demasiados RFC para enumerar, pero comience msgid ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." msgstr ":abbr:`IS-IS (Sistema intermedio a sistema intermedio)` es un protocolo de puerta de enlace interior (IGP) de estado de enlace que se describe en ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS ejecuta el algoritmo de ruta más corta primero (SPF) de Dijkstra para crear una base de datos de la topologÃa de la red y, a partir de esa base de datos, determinar la mejor ruta (es decir, el costo más bajo) a un destino. Los sistemas intermedios (el nombre de los enrutadores) intercambian información de topologÃa con sus vecinos conectados directamente. IS-IS se ejecuta directamente en la capa de enlace de datos (Capa 2). Las direcciones IS-IS se denominan :abbr:`NET (TÃtulos de entidad de red)` y pueden tener de 8 a 20 bytes de largo, pero generalmente tienen 10 bytes de largo. La base de datos en árbol que se crea con IS-IS es similar a la que se crea con OSPF en que las rutas elegidas deben ser similares. Las comparaciones con OSPF son inevitables y, a menudo, son razonables con respecto a la forma en que una red responderá con IGP." -#: ../../configuration/vrf/index.rst:401 +#: ../../configuration/vrf/index.rst:420 msgid ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." msgstr ":abbr:`L3VPN VRF (redes privadas virtuales de capa 3)` bgpd es compatible con IPv4 RFC 4364 e IPv6 RFC 4659. Las rutas L3VPN y sus etiquetas VRF MPLS asociadas se pueden distribuir a los vecinos VPN SAFI de forma predeterminada, es decir, no VRF , instancia de BGP. Las etiquetas VRF MPLS se alcanzan mediante etiquetas MPLS centrales que se distribuyen mediante unidifusión etiquetada LDP o BGP. bgpd también es compatible con la fuga de rutas entre VRF." @@ -18010,43 +19377,43 @@ msgstr ":última corrección:2021-07-12" msgid ":opcmd:`generate pki wireguard key-pair`." msgstr ":opcmd:`generar par de claves pki wireguard`." -#: ../../configuration/vrf/index.rst:88 +#: ../../configuration/vrf/index.rst:107 msgid ":ref:`routing-bgp`" msgstr ":ref:`enrutamiento-bgp`" -#: ../../configuration/vrf/index.rst:104 +#: ../../configuration/vrf/index.rst:123 msgid ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" msgstr ":ref:`routing-bgp`: ``establecer nombre vrf<name> protocolos bgp ...``" -#: ../../configuration/vrf/index.rst:89 +#: ../../configuration/vrf/index.rst:108 msgid ":ref:`routing-isis`" msgstr ":ref:`enrutamiento-isis`" -#: ../../configuration/vrf/index.rst:105 +#: ../../configuration/vrf/index.rst:124 msgid ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" msgstr ":ref:`routing-isis`: ``establecer nombre vrf<name> protocolos isis ...``" -#: ../../configuration/vrf/index.rst:90 +#: ../../configuration/vrf/index.rst:109 msgid ":ref:`routing-ospf`" msgstr ":ref:`enrutamiento-ospf`" -#: ../../configuration/vrf/index.rst:106 +#: ../../configuration/vrf/index.rst:125 msgid ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" msgstr ":ref:`routing-ospf`: ``establecer nombre vrf<name> protocolos ospf ...``" -#: ../../configuration/vrf/index.rst:91 +#: ../../configuration/vrf/index.rst:110 msgid ":ref:`routing-ospfv3`" msgstr ":ref:`enrutamiento-ospfv3`" -#: ../../configuration/vrf/index.rst:107 +#: ../../configuration/vrf/index.rst:126 msgid ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" msgstr ":ref:`routing-ospfv3`: ``establecer nombre vrf<name> protocolos ospfv3 ...``" -#: ../../configuration/vrf/index.rst:92 +#: ../../configuration/vrf/index.rst:111 msgid ":ref:`routing-static`" msgstr ":ref:`enrutamiento-estático`" -#: ../../configuration/vrf/index.rst:108 +#: ../../configuration/vrf/index.rst:127 msgid ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgstr ":ref:`routing-static`: ``establecer nombre vrf<name> protocolos estáticos ...``" @@ -18054,7 +19421,7 @@ msgstr ":ref:`routing-static`: ``establecer nombre vrf<name> protocolos estátic msgid ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." msgstr ":rfc:`2131` estados: El cliente PUEDE optar por proporcionar explÃcitamente el identificador a través de la opción 'identificador de cliente'. Si el cliente proporciona un 'identificador de cliente', el cliente DEBE usar el mismo 'identificador de cliente' en todos los mensajes subsiguientes, y el servidor DEBE usar ese identificador para identificar al cliente." -#: ../../configuration/service/dns.rst:230 +#: ../../configuration/service/dns.rst:217 msgid ":rfc:`2136` Based" msgstr ":rfc:`2136` Basado" @@ -18062,7 +19429,7 @@ msgstr ":rfc:`2136` Basado" msgid ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." msgstr ":rfc:`2328`, el sucesor de :rfc:`1583`, sugiere de acuerdo con la sección G.2 (cambios) en la sección 16.4.1 un cambio en el algoritmo de preferencia de ruta que evita posibles bucles de enrutamiento que eran posibles en el antiguo versión de OSPFv2. Más especÃficamente, exige que las rutas entre áreas y la ruta troncal dentro del área ahora tengan la misma preferencia, pero aún se prefieran a las rutas externas." -#: ../../configuration/pki/index.rst:15 +#: ../../configuration/pki/index.rst:17 msgid ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." msgstr ":vytask:`T3642` describe un nuevo subsistema CLI que sirve como "almacén de certificados" para todos los servicios que requieren cualquier tipo de clave(s) de cifrado. En resumen, los certificados públicos y privados ahora se almacenan en formato PKCS#8 en la CLI de VyOS normal. Las claves ahora pueden agregarse, editarse y eliminarse mediante los comandos regulares de la CLI establecer/editar/eliminar." @@ -18086,19 +19453,19 @@ msgstr "`4. Añadir parámetros opcionales`_" msgid "`<name>` must be identical on both sides!" msgstr "`<name> ` debe ser idéntico en ambos lados!" -#: ../../configuration/pki/index.rst:202 +#: ../../configuration/pki/index.rst:204 msgid "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" msgstr "``$ cola -n +2 ca.clave | cabeza -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:181 +#: ../../configuration/pki/index.rst:183 msgid "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ cola -n +2 ca.pem | cabeza -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:240 +#: ../../configuration/pki/index.rst:242 msgid "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" msgstr "``$ cola -n +2 clave.cert | cabeza -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:224 +#: ../../configuration/pki/index.rst:226 msgid "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ cola -n +2 cert.pem | cabeza -n -1 | tr -d '\\n'``" @@ -18202,7 +19569,7 @@ msgstr "``802.3ad`` - Agregación de enlaces dinámicos IEEE 802.3ad. Crea grupo msgid "``9600`` - 9600 bps" msgstr "``9600`` - 9600 bps" -#: ../../configuration/vpn/ipsec.rst:149 +#: ../../configuration/vpn/ipsec.rst:152 msgid "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgstr "``< dh-group >`` define un grupo Diffie-Hellman para PFS;" @@ -18210,6 +19577,14 @@ msgstr "``< dh-group >`` define un grupo Diffie-Hellman para PFS;" msgid "``Known limitations:``" msgstr "``Limitaciones conocidas:``" +#: ../../configuration/service/ipoe-server.rst:247 +#: ../../configuration/service/pppoe-server.rst:209 +#: ../../configuration/vpn/l2tp.rst:252 +#: ../../configuration/vpn/pptp.rst:192 +#: ../../configuration/vpn/sstp.rst:225 +msgid "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." +msgstr "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." + #: ../../configuration/loadbalancing/wan.rst:259 msgid "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" msgstr "``WLB_INTERFACE_NAME=[interfacename]``: Interfaz a monitorear" @@ -18226,11 +19601,11 @@ msgstr "``a`` - 802.11a - 54 Mbits/seg" msgid "``ac`` - 802.11ac - 1300 Mbits/sec" msgstr "``ac`` - 802.11ac - 1300 Mbits/seg" -#: ../../configuration/policy/route-map.rst:375 +#: ../../configuration/policy/route-map.rst:378 msgid "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" msgstr "``accept-own-nexthop`` - Las comunidades conocidas valoran accept-own-nexthop 0xFFFF0008" -#: ../../configuration/policy/route-map.rst:368 +#: ../../configuration/policy/route-map.rst:371 msgid "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" msgstr "``accept-own`` - Valor de comunidades conocidas ACCEPT_OWN 0xFFFF0001" @@ -18256,7 +19631,7 @@ msgstr "``active-backup`` - PolÃtica de copia de seguridad activa: solo un escl msgid "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." msgstr "``equilibrio de carga adaptativo`` - Equilibrio de carga adaptativo: incluye equilibrio de carga de transmisión y equilibrio de carga de recepción para el tráfico IPV4, y no requiere ningún soporte de conmutador especial. El equilibrio de carga de recepción se logra mediante la negociación ARP. El controlador de vinculación intercepta las respuestas ARP enviadas por el sistema local al salir y sobrescribe la dirección de hardware de origen con la dirección de hardware única de uno de los esclavos en el vÃnculo, de modo que diferentes pares usen diferentes direcciones de hardware para el servidor." -#: ../../configuration/vpn/ipsec.rst:96 +#: ../../configuration/vpn/ipsec.rst:98 msgid "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" msgstr "Uso ``agresivo`` Modo agresivo para intercambios de claves en el protocolo IKEv1 El modo agresivo es mucho más inseguro en comparación con el modo principal;" @@ -18268,11 +19643,15 @@ msgstr "``todas disponibles`` todas las direcciones de destino de verificación msgid "``any-available`` any of the checking target addresses must be available to pass this check" msgstr "``cualquiera disponible`` cualquiera de las direcciones de destino de verificación debe estar disponible para pasar esta verificación" -#: ../../configuration/vpn/site2site_ipsec.rst:385 +#: ../../configuration/vpn/site2site_ipsec.rst:388 msgid "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." msgstr "``authentication local-id/remote-id``: la identificación de IKE se utiliza para la validación de los dispositivos del mismo nivel de VPN durante la negociación de IKE. Si no configura la identidad local/remota, el dispositivo utiliza la dirección IPv4 o IPv6 que corresponde al par local/remoto de forma predeterminada. En ciertas configuraciones de red (como la interfaz ipsec con dirección dinámica o detrás de NAT), la ID de IKE recibida del par no coincide con la puerta de enlace IKE configurada en el dispositivo. Esto puede conducir a una falla de validación de Fase 1. Por lo tanto, asegúrese de configurar la identificación local/remota explÃcitamente y asegúrese de que la identificación IKE sea la misma que la identidad remota configurada en el dispositivo par." #: ../../configuration/vpn/site2site_ipsec.rst:18 +msgid "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" +msgstr "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" + +#: ../../configuration/vpn/site2site_ipsec.rst:18 msgid "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" msgstr "``autenticación``: configure la autenticación entre VyOS y un par remoto. Subopciones:" @@ -18292,11 +19671,11 @@ msgstr "``begin`` Coincide con el comienzo de la ruta de la URL" msgid "``bgp`` - Border Gateway Protocol (BGP)" msgstr "``bgp`` - Protocolo de puerta de enlace fronteriza (BGP)" -#: ../../configuration/vpn/site2site_ipsec.rst:147 +#: ../../configuration/vpn/site2site_ipsec.rst:150 msgid "``bind`` - select a VTI interface to bind to this peer;" msgstr "``bind``: seleccione una interfaz VTI para vincular a este par;" -#: ../../configuration/policy/route-map.rst:376 +#: ../../configuration/policy/route-map.rst:379 msgid "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" msgstr "``blackhole`` - Las comunidades conocidas valoran BLACKHOLE 0xFFFF029A" @@ -18312,6 +19691,10 @@ msgstr "``ráfaga``: Número de paquetes permitidos para sobrepasar el lÃmite d msgid "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" msgstr "``ca-cert-file`` - Archivo de certificado de CA. Uso para autenticar pares remotos;" +#: ../../configuration/vpn/site2site_ipsec.rst:61 +msgid "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" +msgstr "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" + #: ../../configuration/service/lldp.rst:65 msgid "``cdp`` - Listen for CDP for Cisco routers/switches" msgstr "``cdp`` - Escuche CDP para enrutadores/conmutadores Cisco" @@ -18320,6 +19703,14 @@ msgstr "``cdp`` - Escuche CDP para enrutadores/conmutadores Cisco" msgid "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" msgstr "``cert-file``: archivo de certificado, que se usará para autenticar el enrutador local en el par remoto;" +#: ../../configuration/vpn/site2site_ipsec.rst:64 +msgid "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" +msgstr "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" + +#: ../../configuration/vpn/ipsec.rst:66 +msgid "``clear`` closes the CHILD_SA and does not take further action (default);" +msgstr "``clear`` closes the CHILD_SA and does not take further action (default);" + #: ../../configuration/vpn/ipsec.rst:65 msgid "``clear`` set action to clear;" msgstr "``borrar`` establece la acción para borrar;" @@ -18328,11 +19719,15 @@ msgstr "``borrar`` establece la acción para borrar;" msgid "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." msgstr "``cierre-acción = ninguno | claro | espera | restart`` - define la acción a tomar si el par remoto cierra inesperadamente un CHILD_SA (ver arriba para el significado de los valores). No se debe usar una acción de cierre si el par usa reautenticación o identificadores únicos." +#: ../../configuration/vpn/site2site_ipsec.rst:414 +msgid "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +msgstr "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." + #: ../../configuration/vpn/ipsec.rst:47 msgid "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" msgstr "``close-action`` define la acción a realizar si el par remoto cierra inesperadamente un CHILD_SA:" -#: ../../configuration/vpn/ipsec.rst:122 +#: ../../configuration/vpn/ipsec.rst:125 msgid "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." msgstr "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." @@ -18344,7 +19739,7 @@ msgstr "``compresión`` si se propone la compresión de contenido IPComp en la c msgid "``connected`` - Connected routes (directly attached subnet or host)" msgstr "``conectado`` - Rutas conectadas (subred o host conectado directamente)" -#: ../../configuration/vpn/site2site_ipsec.rst:72 +#: ../../configuration/vpn/site2site_ipsec.rst:69 msgid "``connection-type`` - how to handle this connection process. Possible variants:" msgstr "``tipo de conexión``: cómo manejar este proceso de conexión. Posibles variantes:" @@ -18366,39 +19761,43 @@ msgstr "``d`` - Intervalo de ejecución en dÃas" msgid "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." msgstr "``acción de detección de pares muertos = borrar | espera | reiniciar``: los mensajes de notificación R_U_THERE (IKEv1) o los mensajes INFORMATIVOS vacÃos (IKEv2) se envÃan periódicamente para verificar la actividad del par IPsec. Los valores borrar, mantener y reiniciar activan DPD y determinan la acción a realizar en un tiempo de espera. Con ``clear`` la conexión se cierra sin que se realicen más acciones. ``hold`` instala una polÃtica de captura, que capturará el tráfico coincidente e intentará renegociar la conexión a pedido. ``reiniciar`` activará inmediatamente un intento de renegociar la conexión." +#: ../../configuration/vpn/site2site_ipsec.rst:403 +msgid "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +msgstr "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." + #: ../../configuration/vpn/ipsec.rst:56 msgid "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" msgstr "``dead-peer-detection`` controla el uso del protocolo Dead Peer Detection (DPD, RFC 3706) donde los mensajes de notificación R_U_THERE (IKEv1) o mensajes INFORMATIVOS vacÃos (IKEv2) se envÃan periódicamente para verificar la vivacidad del IPsec par:" -#: ../../configuration/vpn/site2site_ipsec.rst:88 +#: ../../configuration/vpn/site2site_ipsec.rst:85 msgid "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" msgstr "``default-esp-group``: grupo ESP que se utilizará de forma predeterminada para el cifrado de tráfico. Puede ser sobrescrito por configuraciones individuales para enlace de interfaz de túnel o VTI;" -#: ../../configuration/vpn/site2site_ipsec.rst:92 +#: ../../configuration/vpn/site2site_ipsec.rst:89 msgid "``description`` - description for this peer;" msgstr "``description`` - descripción de este par;" -#: ../../configuration/vpn/ipsec.rst:101 +#: ../../configuration/vpn/ipsec.rst:103 msgid "``dh-group`` dh-group;" msgstr "``grupo-dh'' grupo-dh;" -#: ../../configuration/vpn/site2site_ipsec.rst:23 +#: ../../configuration/vpn/site2site_ipsec.rst:24 msgid "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" msgstr "``dhcp-interface`` - ID para la autenticación generada dinámicamente desde la dirección DHCP;" -#: ../../configuration/vpn/site2site_ipsec.rst:94 +#: ../../configuration/vpn/site2site_ipsec.rst:91 msgid "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" msgstr "``dhcp-interface``: use una dirección IP, recibida de DHCP para la conexión IPSec con este par, en lugar de ``local-address``;" -#: ../../configuration/vpn/ipsec.rst:88 +#: ../../configuration/vpn/ipsec.rst:90 msgid "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." msgstr "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." -#: ../../configuration/vpn/site2site_ipsec.rst:396 +#: ../../configuration/vpn/site2site_ipsec.rst:399 msgid "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." msgstr "``disable-route-autoinstall``: esta opción, cuando se configura, deshabilita las rutas instaladas en la tabla predeterminada 220 para ipsec de sitio a sitio. Se utiliza sobre todo con la configuración de VTI." -#: ../../configuration/vpn/ipsec.rst:162 +#: ../../configuration/vpn/ipsec.rst:166 msgid "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" msgstr "``disable-route-autoinstall`` No instala automáticamente rutas a redes remotas;" @@ -18406,7 +19805,7 @@ msgstr "``disable-route-autoinstall`` No instala automáticamente rutas a redes msgid "``disable`` - disable this tunnel;" msgstr "``disable`` - deshabilita este túnel;" -#: ../../configuration/vpn/ipsec.rst:147 +#: ../../configuration/vpn/ipsec.rst:150 msgid "``disable`` Disable PFS;" msgstr "``deshabilitar`` Deshabilitar PFS;" @@ -18424,15 +19823,15 @@ msgstr "``deshabilitar`` deshabilitar MOBIKE;" msgid "``drop``: drop the packet." msgstr "``drop``: drop the packet." -#: ../../configuration/system/login.rst:71 +#: ../../configuration/system/login.rst:75 msgid "``ecdsa-sha2-nistp256``" msgstr "``ecdsa-sha2-nistp256``" -#: ../../configuration/system/login.rst:72 +#: ../../configuration/system/login.rst:76 msgid "``ecdsa-sha2-nistp384``" msgstr "``ecdsa-sha2-nistp384``" -#: ../../configuration/system/login.rst:73 +#: ../../configuration/system/login.rst:77 msgid "``ecdsa-sha2-nistp521``" msgstr "``ecdsa-sha2-nistp521``" @@ -18440,7 +19839,7 @@ msgstr "``ecdsa-sha2-nistp521``" msgid "``edp`` - Listen for EDP for Extreme routers/switches" msgstr "``edp`` - Escuche EDP para enrutadores/conmutadores extremos" -#: ../../configuration/vpn/ipsec.rst:145 +#: ../../configuration/vpn/ipsec.rst:148 msgid "``enable`` Inherit Diffie-Hellman group from IKE group (default);" msgstr "``habilitar`` Hereda el grupo Diffie-Hellman del grupo IKE (predeterminado);" @@ -18452,11 +19851,11 @@ msgstr "``habilitar`` habilitar la compresión IPComp;" msgid "``enable`` enable MOBIKE (default for IKEv2);" msgstr "``habilitar`` habilitar MOBIKE (predeterminado para IKEv2);" -#: ../../configuration/vpn/ipsec.rst:103 +#: ../../configuration/vpn/ipsec.rst:105 msgid "``encryption`` encryption algorithm;" msgstr "Algoritmo de cifrado ``encryption``;" -#: ../../configuration/vpn/ipsec.rst:153 +#: ../../configuration/vpn/ipsec.rst:156 msgid "``encryption`` encryption algorithm (default 128 bit AES-CBC);" msgstr "Algoritmo de cifrado ``encryption`` (AES-CBC predeterminado de 128 bits);" @@ -18468,7 +19867,7 @@ msgstr "``end`` Coincide con el final de la ruta de la URL." msgid "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" msgstr "``esp-group`` - define el grupo ESP para cifrar el tráfico, definido por este túnel;" -#: ../../configuration/vpn/site2site_ipsec.rst:149 +#: ../../configuration/vpn/site2site_ipsec.rst:152 msgid "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." msgstr "``esp-group``: define el grupo ESP para encriptar el tráfico, pasa esta interfaz VTI." @@ -18488,11 +19887,11 @@ msgstr "``archivo`` - ruta al archivo clave;" msgid "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Permitir carga útil de ID de proveedor de FlexVPN (solo IKEv2). EnvÃe la carga útil del ID del proveedor de Cisco FlexVPN (solo IKEv2), que se requiere para que los dispositivos de la marca Cisco permitan negociar un selector de tráfico local (desde el punto de vista de strongSwan) que no es la dirección IP virtual asignada si dicha dirección es solicitada por Cisne fuerte. El envÃo del Id. de proveedor de Cisco FlexVPN evita que el par limite el selector de tráfico local del iniciador y le permite, por ejemplo, negociar un TS de 0.0.0.0/0 == 0.0.0.0/0 en su lugar. Esto se probó con una plantilla de Cisco de "modo túnel ipsec ipv4", pero también deberÃa funcionar para la encapsulación GRE;" -#: ../../configuration/vpn/ipsec.rst:164 +#: ../../configuration/vpn/ipsec.rst:168 msgid "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/site2site_ipsec.rst:97 +#: ../../configuration/vpn/site2site_ipsec.rst:94 msgid "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" msgstr "``force-udp-encapsulation`` - fuerza la encapsulación de ESP en datagramas UDP. Útil en caso de que entre el lado local y el remoto haya un cortafuegos o NAT, que no permite pasar paquetes ESP sin formato entre ellos;" @@ -18500,7 +19899,7 @@ msgstr "``force-udp-encapsulation`` - fuerza la encapsulación de ESP en datagra msgid "``g`` - 802.11g - 54 Mbits/sec (default)" msgstr "``g`` - 802.11g - 54 Mbits/seg (predeterminado)" -#: ../../configuration/policy/route-map.rst:367 +#: ../../configuration/policy/route-map.rst:370 msgid "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" msgstr "``graceful-shutdown`` - Comunidades conocidas valoran GRACEFUL_SHUTDOWN 0xFFFF0000" @@ -18508,11 +19907,11 @@ msgstr "``graceful-shutdown`` - Comunidades conocidas valoran GRACEFUL_SHUTDOWN msgid "``h`` - Execution interval in hours" msgstr "``h`` - Intervalo de ejecución en horas" -#: ../../configuration/vpn/ipsec.rst:105 +#: ../../configuration/vpn/ipsec.rst:107 msgid "``hash`` hash algorithm." msgstr "Algoritmo hash ``hash``." -#: ../../configuration/vpn/ipsec.rst:155 +#: ../../configuration/vpn/ipsec.rst:158 msgid "``hash`` hash algorithm (default sha1)." msgstr "Algoritmo hash ``hash`` (sha1 por defecto)." @@ -18536,23 +19935,23 @@ msgstr "``ht40-`` - Tanto 20 MHz como 40 MHz con canal secundario debajo del can msgid "``hvc0`` - Xen console" msgstr "``hvc0`` - Consola Xen" -#: ../../configuration/vpn/site2site_ipsec.rst:25 +#: ../../configuration/vpn/site2site_ipsec.rst:26 msgid "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" msgstr "``id`` - ID estáticos para la autenticación. En general dirección local y remota``<x.x.x.x> ``, ``<h:h:h:h:h:h:h:h> `` o ``%cualquiera``;" -#: ../../configuration/vpn/site2site_ipsec.rst:101 +#: ../../configuration/vpn/site2site_ipsec.rst:98 msgid "``ike-group`` - IKE group to use for key exchanges;" msgstr "``ike-group`` - Grupo IKE para usar en intercambios de claves;" -#: ../../configuration/vpn/ipsec.rst:82 +#: ../../configuration/vpn/ipsec.rst:84 msgid "``ikev1`` use IKEv1 for Key Exchange;" msgstr "``ikev1`` utiliza IKEv1 para el intercambio de claves;" -#: ../../configuration/vpn/site2site_ipsec.rst:103 +#: ../../configuration/vpn/site2site_ipsec.rst:100 msgid "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" msgstr "``ikev2-reauth``: vuelve a autenticar a un par remoto durante el proceso de cambio de clave. Solo se puede usar con IKEv2. Cree un nuevo IKE_SA desde cero e intente recrear todas las IPsec SA;" -#: ../../configuration/vpn/ipsec.rst:73 +#: ../../configuration/vpn/ipsec.rst:75 msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." @@ -18560,7 +19959,7 @@ msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticat msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" msgstr "``ikev2-reauth`` si el cambio de clave de un IKE_SA también deberÃa volver a autenticar al par. En IKEv1, la reautenticación siempre se realiza:" -#: ../../configuration/vpn/ipsec.rst:84 +#: ../../configuration/vpn/ipsec.rst:86 msgid "``ikev2`` use IKEv2 for Key Exchange;" msgstr "``ikev2`` utiliza IKEv2 para el intercambio de claves;" @@ -18568,23 +19967,27 @@ msgstr "``ikev2`` utiliza IKEv2 para el intercambio de claves;" msgid "``in``: Ruleset for forwarded packets on an inbound interface" msgstr "``in``: conjunto de reglas para paquetes reenviados en una interfaz de entrada" -#: ../../configuration/vpn/site2site_ipsec.rst:75 +#: ../../configuration/vpn/site2site_ipsec.rst:72 msgid "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" msgstr "``iniciar``: realiza la conexión inicial con el par remoto inmediatamente después de la configuración y después del arranque. En este modo, la conexión no se reiniciará en caso de desconexión, por lo tanto, debe usarse solo junto con DPD u otros métodos de seguimiento de sesión;" -#: ../../configuration/vpn/ipsec.rst:166 +#: ../../configuration/system/option.rst:50 +msgid "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" +msgstr "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" + +#: ../../configuration/vpn/ipsec.rst:170 msgid "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" msgstr "``interfaz`` Nombre de interfaz a utilizar. El nombre de la interfaz en la que se deben instalar las direcciones IP virtuales. Si no se especifica, las direcciones se instalarán en la interfaz de salida;" -#: ../../configuration/pki/index.rst:148 +#: ../../configuration/pki/index.rst:150 msgid "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." msgstr "``interfaz`` se usa para que el comando VyOS CLI identifique la interfaz de WireGuard donde se usará esta clave privada." -#: ../../configuration/policy/route-map.rst:366 +#: ../../configuration/policy/route-map.rst:369 msgid "``internet`` - Well-known communities value 0" msgstr "``internet`` - Comunidades conocidas valor 0" -#: ../../configuration/vpn/ipsec.rst:69 +#: ../../configuration/vpn/ipsec.rst:71 msgid "``interval`` keep-alive interval in seconds <2-86400> (default 30);" msgstr "``interval`` intervalo de actividad en segundos <2-86400> (predeterminado 30);" @@ -18602,7 +20005,7 @@ msgstr "``jump``: jump to another custom chain." msgid "``kernel`` - Kernel routes" msgstr "``kernel`` - Rutas del núcleo" -#: ../../configuration/vpn/ipsec.rst:78 +#: ../../configuration/vpn/ipsec.rst:80 msgid "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" msgstr "``intercambio de claves`` qué protocolo debe usarse para inicializar la conexión. Si no se establece, ambos protocolos se manejan y las conexiones usarán IKEv2 al iniciarse, pero aceptarán cualquier versión de protocolo al responder:" @@ -18610,7 +20013,7 @@ msgstr "``intercambio de claves`` qué protocolo debe usarse para inicializar la msgid "``key`` - a private key, which will be used for authenticating local router on remote peer:" msgstr "``clave``: una clave privada, que se utilizará para autenticar el enrutador local en el par remoto:" -#: ../../configuration/system/option.rst:107 +#: ../../configuration/system/option.rst:137 msgid "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." msgstr "``latency``: un perfil de servidor centrado en reducir la latencia de la red. Este perfil favorece el rendimiento sobre el ahorro de energÃa configurando ``intel_pstate`` y ``min_perf_pct=100``." @@ -18622,19 +20025,19 @@ msgstr "``least-connection`` Distributes requests to the server with the fewest msgid "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" msgstr "``least-connection`` Distribuye las solicitudes al servidor con la menor cantidad de conexiones activas" -#: ../../configuration/vpn/ipsec.rst:125 +#: ../../configuration/vpn/ipsec.rst:128 msgid "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" msgstr "``life-bytes`` ESP vida en bytes <1024-26843545600000>. Número de bytes transmitidos a través de IPsec SA antes de que caduque;" -#: ../../configuration/vpn/ipsec.rst:128 +#: ../../configuration/vpn/ipsec.rst:131 msgid "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" msgstr "``life-packets`` ESP vida en paquetes <1000-26843545600000>. Número de paquetes transmitidos a través de IPsec SA antes de que caduque;" -#: ../../configuration/vpn/ipsec.rst:131 +#: ../../configuration/vpn/ipsec.rst:134 msgid "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" msgstr "Vida útil de ESP ``lifetime`` en segundos <30-86400> (predeterminado 3600). Cuánto tiempo debe durar una instancia particular de una conexión (un conjunto de claves de encriptación/autenticación para paquetes de usuario), desde la negociación exitosa hasta el vencimiento;" -#: ../../configuration/vpn/ipsec.rst:86 +#: ../../configuration/vpn/ipsec.rst:88 msgid "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" @@ -18642,22 +20045,26 @@ msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgid "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" msgstr "Vida útil de ``lifetime`` IKE en segundos <30-86400> (predeterminado 28800);" -#: ../../configuration/policy/route-map.rst:373 +#: ../../configuration/policy/route-map.rst:376 msgid "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" msgstr "``llgr-stale`` - Comunidades conocidas valoran LLGR_STALE 0xFFFF0006" -#: ../../configuration/vpn/site2site_ipsec.rst:107 +#: ../../configuration/vpn/site2site_ipsec.rst:104 msgid "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" msgstr "``local-address``: dirección IP local para la conexión IPSec con este par. Si se define ``cualquiera``, entonces se usará una dirección IP que se configuró en la interfaz con la ruta predeterminada;" -#: ../../configuration/policy/route-map.rst:363 +#: ../../configuration/policy/route-map.rst:366 msgid "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" msgstr "``local-as`` - Comunidades conocidas valoran NO_EXPORT_SUBCONFED 0xFFFFFF03" -#: ../../configuration/vpn/site2site_ipsec.rst:31 +#: ../../configuration/vpn/site2site_ipsec.rst:32 msgid "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" msgstr "``local-id`` - ID para el enrutador VyOS local. Si se define, durante la autenticación se enviará al par remoto;" +#: ../../configuration/vpn/site2site_ipsec.rst:50 +msgid "``local-key`` - name of PKI key-pair with local private key" +msgstr "``local-key`` - name of PKI key-pair with local private key" + #: ../../configuration/firewall/general-legacy.rst:753 msgid "``local``: Ruleset for packets destined for this router" msgstr "``local``: conjunto de reglas para paquetes destinados a este enrutador" @@ -18674,7 +20081,7 @@ msgstr "``m`` - Intervalo de ejecución en minutos" msgid "``main`` Routing table used by VyOS and other interfaces not participating in PBR" msgstr "Tabla de enrutamiento ``principal`` utilizada por VyOS y otras interfaces que no participan en PBR" -#: ../../configuration/vpn/ipsec.rst:93 +#: ../../configuration/vpn/ipsec.rst:95 msgid "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" msgstr "``main`` utiliza el modo principal para intercambios de claves en el protocolo IKEv1 (predeterminado recomendado);" @@ -18682,19 +20089,23 @@ msgstr "``main`` utiliza el modo principal para intercambios de claves en el pro msgid "``message``: Full message that has triggered the script." msgstr "``mensaje``: Mensaje completo que ha disparado el script." +#: ../../configuration/system/option.rst:40 +msgid "``mitigations=off``" +msgstr "``mitigations=off``" + #: ../../configuration/vpn/ipsec.rst:92 msgid "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" msgstr "``mobike`` habilita el soporte de MOBIKE. MOBIKE solo está disponible para IKEv2:" -#: ../../configuration/vpn/site2site_ipsec.rst:35 +#: ../../configuration/vpn/site2site_ipsec.rst:36 msgid "``mode`` - mode for authentication between VyOS and remote peer:" msgstr "``mode`` - modo de autenticación entre VyOS y el par remoto:" -#: ../../configuration/vpn/ipsec.rst:91 +#: ../../configuration/vpn/ipsec.rst:93 msgid "``mode`` IKEv1 Phase 1 Mode Selection:" msgstr "``modo`` IKEv1 Selección de modo de fase 1:" -#: ../../configuration/vpn/ipsec.rst:136 +#: ../../configuration/vpn/ipsec.rst:139 msgid "``mode`` the type of the connection:" msgstr "``modo`` el tipo de conexión:" @@ -18758,19 +20169,19 @@ msgstr "``net.ipv6.conf.all.accept_redirects``" msgid "``net.ipv6.conf.all.accept_source_route``" msgstr "``net.ipv6.conf.all.accept_source_route``" -#: ../../configuration/policy/route-map.rst:364 +#: ../../configuration/policy/route-map.rst:367 msgid "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" msgstr "``no-advertise`` - Comunidades conocidas valoran NO_ADVERTISE 0xFFFFFF02" -#: ../../configuration/policy/route-map.rst:365 +#: ../../configuration/policy/route-map.rst:368 msgid "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" msgstr "``no-export`` - Comunidades conocidas valoran NO_EXPORT 0xFFFFFF01" -#: ../../configuration/policy/route-map.rst:374 +#: ../../configuration/policy/route-map.rst:377 msgid "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" msgstr "``no-llgr`` - Comunidades conocidas valoran NO_LLGR 0xFFFF0007" -#: ../../configuration/policy/route-map.rst:377 +#: ../../configuration/policy/route-map.rst:380 msgid "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" msgstr "``no-peer`` - Las comunidades conocidas valoran NOPEER 0xFFFFFF04" @@ -18782,7 +20193,7 @@ msgstr "``no`` deshabilita la reautenticación del host remoto durante un cambio msgid "``none`` - Execution interval in minutes" msgstr "``none`` - Intervalo de ejecución en minutos" -#: ../../configuration/vpn/site2site_ipsec.rst:85 +#: ../../configuration/vpn/site2site_ipsec.rst:82 msgid "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." msgstr "``none``: carga solo la conexión, que luego puede iniciarse manualmente o usarse como una configuración de respuesta." @@ -18798,7 +20209,7 @@ msgstr "``noselect`` marca el servidor como no utilizado, excepto para fines de msgid "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" msgstr "``nts`` habilita Network Time Security (NTS) para el servidor como se especifica en :rfc:`8915`" -#: ../../configuration/vpn/ipsec.rst:160 +#: ../../configuration/vpn/ipsec.rst:164 msgid "``options``" msgstr "``opciones``" @@ -18814,11 +20225,19 @@ msgstr "``ospfv3`` - Abrir primero la ruta más corta (IPv6) (OSPFv3)" msgid "``out``: Ruleset for forwarded packets on an outbound interface" msgstr "``out``: conjunto de reglas para paquetes reenviados en una interfaz de salida" +#: ../../configuration/vpn/site2site_ipsec.rst:54 +msgid "``passphrase`` - local private key passphrase" +msgstr "``passphrase`` - local private key passphrase" + +#: ../../configuration/vpn/site2site_ipsec.rst:67 +msgid "``passphrase`` - private key passphrase, if needed." +msgstr "``passphrase`` - private key passphrase, if needed." + #: ../../configuration/vpn/site2site_ipsec.rst:70 msgid "``password`` - passphrase private key, if needed." msgstr "``contraseña``: clave privada de frase de contraseña, si es necesario." -#: ../../configuration/pki/index.rst:163 +#: ../../configuration/pki/index.rst:165 msgid "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." msgstr "``peer`` se usa para que el comando VyOS CLI identifique el par de WireGuard donde se usará este secreto." @@ -18826,7 +20245,7 @@ msgstr "``peer`` se usa para que el comando VyOS CLI identifique el par de WireG msgid "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." msgstr "``perÃodo``: Ventana de tiempo para el cálculo de la tasa. Valores posibles: ``segundo`` (un segundo), ``minuto`` (un minuto), ``hora`` (una hora). El valor predeterminado es ``segundo``." -#: ../../configuration/vpn/ipsec.rst:142 +#: ../../configuration/vpn/ipsec.rst:145 msgid "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" msgstr "``pfs`` si se desea Perfect Forward Secrecy de claves en el canal de codificación de la conexión y define un grupo Diffie-Hellman para PFS:" @@ -18835,11 +20254,11 @@ msgid "``pool`` mobilizes persistent client mode association with a number of re msgstr "``pool`` moviliza la asociación del modo de cliente persistente con varios servidores remotos." #: ../../configuration/vpn/site2site_ipsec.rst:126 -#: ../../configuration/vpn/site2site_ipsec.rst:136 +#: ../../configuration/vpn/site2site_ipsec.rst:139 msgid "``port`` - define port. Have effect only when used together with ``prefix``;" msgstr "``puerto`` - define puerto. Tiene efecto solo cuando se usa junto con ``prefijo``;" -#: ../../configuration/vpn/site2site_ipsec.rst:37 +#: ../../configuration/vpn/site2site_ipsec.rst:38 msgid "``pre-shared-secret`` - use predefined shared secret phrase;" msgstr "``pre-shared-secret``: utiliza una frase secreta compartida predefinida;" @@ -18851,27 +20270,35 @@ msgstr "``prefer`` marca el servidor como preferido. En igualdad de condiciones, msgid "``prefix`` - IP network at local side." msgstr "``prefijo`` - Red IP en el lado local." -#: ../../configuration/vpn/site2site_ipsec.rst:138 +#: ../../configuration/vpn/site2site_ipsec.rst:141 msgid "``prefix`` - IP network at remote side." msgstr "``prefijo`` - Red IP en el lado remoto." -#: ../../configuration/vpn/ipsec.rst:107 +#: ../../configuration/vpn/ipsec.rst:109 msgid "``prf`` pseudo-random function." msgstr "Función pseudoaleatoria ``prf``." -#: ../../configuration/vpn/ipsec.rst:151 +#: ../../configuration/vpn/site2site_ipsec.rst:130 +msgid "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" +msgstr "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" + +#: ../../configuration/system/option.rst:51 +msgid "``processor.max_cstate=1`` Limit processor to maximum C-state 1" +msgstr "``processor.max_cstate=1`` Limit processor to maximum C-state 1" + +#: ../../configuration/vpn/ipsec.rst:154 msgid "``proposal`` ESP-group proposal with number <1-65535>:" msgstr "``Propuesta`` Propuesta del grupo ESP con número <1-65535>:" -#: ../../configuration/vpn/ipsec.rst:99 +#: ../../configuration/vpn/ipsec.rst:101 msgid "``proposal`` the list of proposals and their parameters:" msgstr "``propuesta`` la lista de propuestas y sus parámetros:" -#: ../../configuration/vpn/site2site_ipsec.rst:130 +#: ../../configuration/vpn/site2site_ipsec.rst:133 msgid "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" msgstr "``protocolo``: defina el protocolo para el tráfico de coincidencias, que debe cifrarse y enviarse a este par;" -#: ../../configuration/vpn/site2site_ipsec.rst:21 +#: ../../configuration/vpn/site2site_ipsec.rst:22 msgid "``psk`` - Preshared secret key name:" msgstr "``psk`` - Nombre de la clave secreta precompartida:" @@ -18890,7 +20317,7 @@ msgstr "``tasa``: Número de paquetes. Predeterminado 5." msgid "``reject``: reject the packet." msgstr "``reject``: reject the packet." -#: ../../configuration/vpn/site2site_ipsec.rst:111 +#: ../../configuration/vpn/site2site_ipsec.rst:108 msgid "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." msgstr "``remote-address``: dirección IP remota o nombre de host para la conexión IPSec. La dirección IPv4 o IPv6 se usa cuando un par tiene una dirección IP estática pública. El nombre de host es un nombre DNS que podrÃa usarse cuando un par tiene una dirección IP pública y un nombre DNS, pero una dirección IP podrÃa cambiarse de vez en cuando." @@ -18898,10 +20325,18 @@ msgstr "``remote-address``: dirección IP remota o nombre de host para la conexi msgid "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" msgstr "``remote-id``: defina una ID para el par remoto, en lugar de usar el nombre o la dirección del par. Útil en caso de que el par remoto esté detrás de NAT o si se usa el ``modo x509``;" -#: ../../configuration/vpn/site2site_ipsec.rst:133 +#: ../../configuration/vpn/site2site_ipsec.rst:52 +msgid "``remote-key`` - name of PKI key-pair with remote public key" +msgstr "``remote-key`` - name of PKI key-pair with remote public key" + +#: ../../configuration/vpn/site2site_ipsec.rst:136 msgid "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" msgstr "``remote``: defina el destino remoto para el tráfico de coincidencias, que debe cifrarse y enviarse a este par:" +#: ../../configuration/vpn/site2site_ipsec.rst:113 +msgid "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" +msgstr "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" + #: ../../configuration/loadbalancing/reverse-proxy.rst:64 msgid "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgstr "``req-ssl-sni`` Coincidencia de solicitud de indicación de nombre de servidor SSL (SNI)" @@ -18910,10 +20345,14 @@ msgstr "``req-ssl-sni`` Coincidencia de solicitud de indicación de nombre de se msgid "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" msgstr "``resp-time``: el tiempo máximo de respuesta para ping en segundos. Rango 1...30, predeterminado 5" -#: ../../configuration/vpn/site2site_ipsec.rst:80 +#: ../../configuration/vpn/site2site_ipsec.rst:77 msgid "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." msgstr "``responder``: no intenta iniciar una conexión con un compañero remoto. En este modo, la sesión de IPSec se establecerá solo después de que la inicie un par remoto. PodrÃa ser útil cuando no hay conectividad directa con el par debido a un firewall o NAT en el medio del lado local y remoto." +#: ../../configuration/vpn/ipsec.rst:68 +msgid "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" +msgstr "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" + #: ../../configuration/vpn/ipsec.rst:54 #: ../../configuration/vpn/ipsec.rst:67 msgid "``restart`` set action to restart;" @@ -18941,19 +20380,19 @@ msgstr "``round-robin`` - PolÃtica de round-robin: transmite paquetes en orden msgid "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" msgstr "``round-robin`` Distribuye solicitudes de manera circular, enviando secuencialmente cada solicitud al siguiente servidor en lÃnea" -#: ../../configuration/policy/route-map.rst:369 +#: ../../configuration/policy/route-map.rst:372 msgid "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" msgstr "``route-filter-translated-v4`` - Comunidades conocidas valoran ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" -#: ../../configuration/policy/route-map.rst:371 +#: ../../configuration/policy/route-map.rst:374 msgid "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" msgstr "``route-filter-translated-v6`` - Comunidades conocidas valoran ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" -#: ../../configuration/policy/route-map.rst:370 +#: ../../configuration/policy/route-map.rst:373 msgid "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" msgstr "``route-filter-v4`` - Comunidades conocidas valoran ROUTE_FILTER_v4 0xFFFF0003" -#: ../../configuration/policy/route-map.rst:372 +#: ../../configuration/policy/route-map.rst:375 msgid "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" msgstr "``route-filter-v6`` - Comunidades conocidas valoran ROUTE_FILTER_v6 0xFFFF0005" @@ -18961,11 +20400,19 @@ msgstr "``route-filter-v6`` - Comunidades conocidas valoran ROUTE_FILTER_v6 0xFF msgid "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa-key-name``: clave RSA compartida para la autenticación. La clave debe definirse en la sección ``set vpn rsa-keys``;" +#: ../../configuration/vpn/site2site_ipsec.rst:48 +msgid "``rsa`` - options for RSA authentication mode:" +msgstr "``rsa`` - options for RSA authentication mode:" + +#: ../../configuration/vpn/site2site_ipsec.rst:40 +msgid "``rsa`` - use simple shared RSA key." +msgstr "``rsa`` - use simple shared RSA key." + #: ../../configuration/vpn/site2site_ipsec.rst:39 msgid "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa``: use una clave RSA compartida simple. La clave debe definirse en la sección ``set vpn rsa-keys``;" -#: ../../configuration/vpn/site2site_ipsec.rst:27 +#: ../../configuration/vpn/site2site_ipsec.rst:28 msgid "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" msgstr "``secret`` - secreto compartido predefinido. Se usa si está configurado el modo ``pre-shared-secret``;" @@ -18978,10 +20425,13 @@ msgid "``set firewall ipv4 forward filter ...``." msgstr "``set firewall ipv4 forward filter ...``." #: ../../configuration/firewall/index.rst:54 -#: ../../configuration/firewall/index.rst:72 msgid "``set firewall ipv4 input filter ...``." msgstr "``set firewall ipv4 input filter ...``." +#: ../../configuration/firewall/index.rst:72 +msgid "``set firewall ipv4 output filter ...``." +msgstr "``set firewall ipv4 output filter ...``." + #: ../../configuration/firewall/index.rst:63 msgid "``set firewall ipv6 forward filter ...``." msgstr "``set firewall ipv6 forward filter ...``." @@ -19010,19 +20460,19 @@ msgstr "``sonmp`` - Escuche SONMP para enrutadores/conmutadores de Nortel" msgid "``source-address`` Distributes requests based on the source IP address of the client" msgstr "``source-address`` Distribuye las solicitudes en función de la dirección IP de origen del cliente" -#: ../../configuration/system/login.rst:74 +#: ../../configuration/system/login.rst:78 msgid "``ssh-dss``" msgstr "``ssh-dss``" -#: ../../configuration/system/login.rst:75 +#: ../../configuration/system/login.rst:79 msgid "``ssh-ed25519``" msgstr "``ssh-ed25519``" -#: ../../configuration/system/login.rst:49 +#: ../../configuration/system/login.rst:53 msgid "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" msgstr "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB usuario@host.ejemplo.com``" -#: ../../configuration/system/login.rst:76 +#: ../../configuration/system/login.rst:80 msgid "``ssh-rsa``" msgstr "``ssh-rsa''" @@ -19034,6 +20484,10 @@ msgstr "``ssl-fc-sni-end`` SSL frontend coincide con el final de la conexión No msgid "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" msgstr "``ssl-fc-sni`` Conexión de frontend SSL Nombre del servidor Coincidencia de indicación" +#: ../../configuration/vpn/ipsec.rst:54 +msgid "``start`` tries to immediately re-create the CHILD_SA;" +msgstr "``start`` tries to immediately re-create the CHILD_SA;" + #: ../../configuration/policy/route-map.rst:173 msgid "``static`` - Statically configured routes" msgstr "``static`` - Rutas configuradas estáticamente" @@ -19083,11 +20537,11 @@ msgstr "``test-script``: un script definido por el usuario debe devolver 0 para msgid "``threshold``: ``below`` or ``above`` the specified rate limit." msgstr "``umbral``: ``por debajo`` o ``por encima`` del lÃmite de velocidad especificado." -#: ../../configuration/system/option.rst:97 +#: ../../configuration/system/option.rst:127 msgid "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." msgstr "``rendimiento``: un perfil de servidor centrado en mejorar el rendimiento de la red. Este perfil favorece el rendimiento sobre el ahorro de energÃa configurando ``intel_pstate`` y ``max_perf_pct=100`` y aumentando los tamaños de búfer de red del núcleo." -#: ../../configuration/vpn/ipsec.rst:71 +#: ../../configuration/vpn/ipsec.rst:73 msgid "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" msgstr "``timeout`` tiempo de espera de actividad en segundos <2-86400> (predeterminado 120) solo IKEv1" @@ -19095,10 +20549,18 @@ msgstr "``timeout`` tiempo de espera de actividad en segundos <2-86400> (p msgid "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." msgstr "``transmit-load-balance`` - Equilibrio de carga de transmisión adaptable: vinculación de canales que no requiere ningún soporte de conmutador especial." -#: ../../configuration/vpn/ipsec.rst:140 +#: ../../configuration/vpn/ipsec.rst:143 msgid "``transport`` transport mode;" msgstr "``transporte`` modo de transporte;" +#: ../../configuration/vpn/ipsec.rst:63 +msgid "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" +msgstr "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" + +#: ../../configuration/vpn/ipsec.rst:52 +msgid "``trap`` installs a trap policy for the CHILD_SA;" +msgstr "``trap`` installs a trap policy for the CHILD_SA;" + #: ../../configuration/loadbalancing/wan.rst:179 msgid "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" msgstr "``ttl-limit``: Para la prueba de lÃmite UDP TTL, se debe especificar el lÃmite de conteo de saltos. El lÃmite debe ser más corto que la longitud de la ruta, se necesita un mensaje de tiempo caducado de ICMP para que se devuelva para una prueba exitosa. predeterminado 1" @@ -19115,7 +20577,7 @@ msgstr "``ttyUSBX`` - Nombre del dispositivo serie USB" msgid "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" msgstr "``tunnel``: defina los criterios para que el tráfico coincida con el cifrado y envÃelo a un par:" -#: ../../configuration/vpn/ipsec.rst:138 +#: ../../configuration/vpn/ipsec.rst:141 msgid "``tunnel`` tunnel mode (default);" msgstr "modo túnel ``tunnel`` (predeterminado);" @@ -19123,11 +20585,11 @@ msgstr "modo túnel ``tunnel`` (predeterminado);" msgid "``type``: Specify the type of test. type can be ping, ttl or a user defined script" msgstr "``tipo``: Especifique el tipo de prueba. el tipo puede ser ping, ttl o un script definido por el usuario" -#: ../../configuration/vpn/site2site_ipsec.rst:51 +#: ../../configuration/vpn/site2site_ipsec.rst:56 msgid "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" msgstr "``use-x509-id``: use la identificación local del certificado x509. No se puede usar cuando se define ``id``;" -#: ../../configuration/vpn/site2site_ipsec.rst:152 +#: ../../configuration/vpn/site2site_ipsec.rst:155 msgid "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." msgstr "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." @@ -19135,7 +20597,7 @@ msgstr "``virtual-address`` - Defines a virtual IP address which is requested by msgid "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." msgstr "``virtual-ip`` Permitir la instalación de direcciones IP virtuales. Lista separada por comas de direcciones IP virtuales para solicitar en cargas útiles de configuración IKEv2 o configuración de modo IKEv1. Las direcciones comodÃn 0.0.0.0 y :: solicitan una dirección arbitraria, se pueden definir direcciones especÃficas. Sin embargo, el respondedor puede devolver una dirección diferente o ninguna." -#: ../../configuration/vpn/ipsec.rst:168 +#: ../../configuration/vpn/ipsec.rst:172 msgid "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." @@ -19143,11 +20605,11 @@ msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated l msgid "``vnc`` - Virtual Network Control (VNC)" msgstr "``vnc`` - Control de red virtual (VNC)" -#: ../../configuration/vpn/site2site_ipsec.rst:140 +#: ../../configuration/vpn/site2site_ipsec.rst:143 msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" msgstr "``vti``: utiliza una interfaz VTI para el cifrado del tráfico. Cualquier tráfico que se envÃe a la interfaz VTI se cifrará y se enviará a este par. El uso de VTI hace que la configuración de IPSec sea mucho más flexible y fácil en situaciones complejas, y permite agregar/eliminar dinámicamente redes remotas, accesibles a través de un par, ya que en este modo el enrutador no necesita crear SA/polÃtica adicional para cada red remota:" -#: ../../configuration/vpn/site2site_ipsec.rst:54 +#: ../../configuration/vpn/site2site_ipsec.rst:59 msgid "``x509`` - options for x509 authentication mode:" msgstr "``x509`` - opciones para el modo de autenticación x509:" @@ -19163,10 +20625,26 @@ msgstr "``xor-hash`` - PolÃtica XOR: transmisión basada en la polÃtica hash d msgid "``yes`` enable remote host re-authentication during an IKE rekey;" msgstr "``yes`` habilita la reautenticación del host remoto durante un cambio de clave IKE;" -#: ../../configuration/system/option.rst:39 +#: ../../configuration/service/ntp.rst:90 +msgid "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." +msgstr "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." + +#: ../../configuration/service/ntp.rst:94 +msgid "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." +msgstr "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." + +#: ../../configuration/system/option.rst:69 msgid "`source-address` and `source-interface` can not be used at the same time." msgstr "`source-address` y `source-interface` no se pueden usar al mismo tiempo." +#: ../../configuration/service/ntp.rst:102 +msgid "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." +msgstr "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." + +#: ../../configuration/service/ntp.rst:107 +msgid "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" +msgstr "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" + #: ../../configuration/protocols/rpki.rst:12 msgid "`tweet by EvilMog`_, 2020-02-21" msgstr "`tweet de EvilMog`_, 2020-02-21" @@ -19194,7 +20672,7 @@ msgstr "Alerta" msgid "all" msgstr "todo" -#: ../../configuration/vrf/index.rst:428 +#: ../../configuration/vrf/index.rst:447 msgid "an RD / RTLIST" msgstr "un RD / RTLIST" @@ -19234,23 +20712,23 @@ msgstr "bgpd" msgid "bonding" msgstr "unión" -#: ../../configuration/service/dhcp-server.rst:305 +#: ../../configuration/service/dhcp-server.rst:311 msgid "boot-size" msgstr "tamaño de bota" -#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:304 msgid "bootfile-name" msgstr "bootfile-name" -#: ../../configuration/service/dhcp-server.rst:300 +#: ../../configuration/service/dhcp-server.rst:306 msgid "bootfile-name, filename" msgstr "bootfile-name, nombre de archivo" -#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:294 msgid "bootfile-server" msgstr "servidor de archivos de arranque" -#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:309 msgid "bootfile-size" msgstr "tamaño del archivo de arranque" @@ -19258,7 +20736,7 @@ msgstr "tamaño del archivo de arranque" msgid "bridge" msgstr "Puente" -#: ../../configuration/service/dhcp-server.rst:236 +#: ../../configuration/service/dhcp-server.rst:242 msgid "client-prefix-length" msgstr "cliente-prefijo-longitud" @@ -19286,15 +20764,19 @@ msgstr "cron" msgid "daemon" msgstr "demonio" -#: ../../configuration/service/dns.rst:384 +#: ../../configuration/service/dns.rst:405 msgid "ddclient_ has another way to determine the WAN IP address. This is controlled by:" msgstr "ddclient_ tiene otra forma de determinar la dirección IP de WAN. Esto es controlado por:" -#: ../../configuration/service/dns.rst:218 +#: ../../configuration/service/dns.rst:232 msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." msgstr "ddclient_ utiliza dos métodos para actualizar un registro DNS. El primero enviará actualizaciones directamente al demonio DNS, de conformidad con :rfc:`2136`. El segundo implica un servicio de terceros, como DynDNS.com o cualquier otro sitio web similar. Este método utiliza solicitudes HTTP para transmitir la nueva dirección IP. Puede configurar ambos en VyOS." -#: ../../configuration/service/dns.rst:413 +#: ../../configuration/service/dns.rst:205 +msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." +msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." + +#: ../../configuration/service/dns.rst:415 msgid "ddclient_ will skip any address located before the string set in `<pattern>`." msgstr "ddclient_ omitirá cualquier dirección ubicada antes de la cadena establecida en `<pattern> `." @@ -19306,7 +20788,7 @@ msgstr "Depurar" msgid "decrement-lifetime" msgstr "decremento-vida útil" -#: ../../configuration/service/dhcp-server.rst:335 +#: ../../configuration/service/dhcp-server.rst:341 msgid "default-lease-time, max-lease-time" msgstr "tiempo de arrendamiento predeterminado, tiempo de arrendamiento máximo" @@ -19318,7 +20800,7 @@ msgstr "vida útil predeterminada" msgid "default-preference" msgstr "preferencia predeterminada" -#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:254 msgid "default-router" msgstr "enrutador predeterminado" @@ -19330,15 +20812,15 @@ msgstr "umbral mÃnimo predeterminado" msgid "deprecate-prefix" msgstr "prefijo obsoleto" -#: ../../configuration/highavailability/index.rst:354 +#: ../../configuration/highavailability/index.rst:364 msgid "destination-hashing" msgstr "hash de destino" -#: ../../configuration/service/dhcp-server.rst:285 +#: ../../configuration/service/dhcp-server.rst:291 msgid "dhcp-server-identifier" msgstr "dhcp-servidor-identificador" -#: ../../configuration/highavailability/index.rst:364 +#: ../../configuration/highavailability/index.rst:374 msgid "direct" msgstr "Directo" @@ -19356,17 +20838,17 @@ msgstr "deshabilitar: sin validación de fuente" msgid "dnssl" msgstr "DNSSL" -#: ../../configuration/service/dhcp-server.rst:263 -#: ../../configuration/service/dhcp-server.rst:265 +#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:271 msgid "domain-name" msgstr "nombre de dominio" -#: ../../configuration/service/dhcp-server.rst:260 +#: ../../configuration/service/dhcp-server.rst:266 msgid "domain-name-servers" msgstr "servidores de nombres de dominio" -#: ../../configuration/service/dhcp-server.rst:318 -#: ../../configuration/service/dhcp-server.rst:320 +#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:326 msgid "domain-search" msgstr "búsqueda de dominio" @@ -19402,11 +20884,11 @@ msgstr "ethernet" msgid "exact-match: exact match of the network prefixes." msgstr "coincidencia exacta: coincidencia exacta de los prefijos de red." -#: ../../configuration/service/dhcp-server.rst:343 +#: ../../configuration/service/dhcp-server.rst:349 msgid "exclude" msgstr "Excluir" -#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:354 msgid "failover" msgstr "conmutación por error" @@ -19418,8 +20900,8 @@ msgstr "rápido: solicite al socio que transmita LACPDU cada 1 segundo" msgid "file <file name>" msgstr "archivo<file name>" -#: ../../configuration/protocols/bgp.rst:826 -#: ../../configuration/protocols/bgp.rst:832 +#: ../../configuration/protocols/bgp.rst:848 +#: ../../configuration/protocols/bgp.rst:854 msgid "filter-list" msgstr "lista de filtros" @@ -19431,6 +20913,10 @@ msgstr "ftp" msgid "full - always use full-duplex" msgstr "completo: utilice siempre dúplex completo" +#: ../../configuration/service/router-advert.rst:16 +msgid "geneve" +msgstr "geneve" + #: ../../configuration/interfaces/ethernet.rst:32 msgid "half - always use half-duplex" msgstr "medio - siempre use medio dúplex" @@ -19443,7 +20929,7 @@ msgstr "lÃmite de salto" msgid "host: single host IP address to match." msgstr "host: dirección IP de host único para hacer coincidir." -#: ../../configuration/system/option.rst:89 +#: ../../configuration/system/option.rst:119 msgid "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" msgstr "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" @@ -19475,8 +20961,8 @@ msgstr "INVÃLIDO" msgid "inverse-match: network/netmask to match (requires network be defined)." msgstr "coincidencia inversa: red/máscara de red para coincidir (requiere que se defina la red)." -#: ../../configuration/service/dhcp-server.rst:268 -#: ../../configuration/service/dhcp-server.rst:270 +#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:276 msgid "ip-forwarding" msgstr "reenvÃo de ip" @@ -19496,7 +20982,7 @@ msgstr "no aumenta la tasa de interrupción del dispositivo de hardware (aunque msgid "kern" msgstr "núcleo" -#: ../../configuration/service/router-advert.rst:16 +#: ../../configuration/service/router-advert.rst:17 msgid "l2tpv3" msgstr "L2TPv3" @@ -19504,27 +20990,27 @@ msgstr "L2TPv3" msgid "ldpd" msgstr "ldpd" -#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:339 msgid "lease" msgstr "Alquiler" -#: ../../configuration/highavailability/index.rst:351 +#: ../../configuration/highavailability/index.rst:361 msgid "least-connection" msgstr "mÃnima conexión" -#: ../../configuration/vpn/site2site_ipsec.rst:275 +#: ../../configuration/vpn/site2site_ipsec.rst:278 msgid "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" msgstr "izquierda local_ip: 192.168.0.10 # VPN Gateway, detrás del dispositivo NAT" -#: ../../configuration/vpn/site2site_ipsec.rst:167 +#: ../../configuration/vpn/site2site_ipsec.rst:170 msgid "left local_ip: `198.51.100.3` # server side WAN IP" msgstr "left local_ip: `198.51.100.3` # IP WAN del lado del servidor" -#: ../../configuration/vpn/site2site_ipsec.rst:276 +#: ../../configuration/vpn/site2site_ipsec.rst:279 msgid "left public_ip:172.18.201.10" msgstr "izquierda public_ip:172.18.201.10" -#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:168 msgid "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" msgstr "subred izquierda: `192.168.0.0/24` site1, lado del servidor (es decir, localidad, en realidad no hay roles de cliente o servidor)" @@ -19592,7 +21078,7 @@ msgstr "uso local 5 (local5)" msgid "local use 7 (local7)" msgstr "uso local 7 (local7)" -#: ../../configuration/highavailability/index.rst:355 +#: ../../configuration/highavailability/index.rst:365 msgid "locality-based-least-connection" msgstr "conexión mÃnima basada en la localidad" @@ -19666,12 +21152,12 @@ msgstr "más información relacionada con IGP - :ref:`routing-isis`" msgid "more information related IGP - :ref:`routing-ospf`" msgstr "más información relacionada con IGP - :ref:`routing-ospf`" -#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:264 #: ../../configuration/service/router-advert.rst:1 msgid "name-server" msgstr "nombre del servidor" -#: ../../configuration/service/dhcp-server.rst:280 +#: ../../configuration/service/dhcp-server.rst:286 msgid "netbios-name-servers" msgstr "servidores de nombres netbios" @@ -19687,7 +21173,7 @@ msgstr "red: red/máscara de red para hacer coincidir (requiere que se defina la msgid "news" msgstr "Novedades" -#: ../../configuration/service/dhcp-server.rst:290 +#: ../../configuration/service/dhcp-server.rst:296 msgid "next-server" msgstr "próximo servidor" @@ -19711,11 +21197,11 @@ msgstr "Aviso" msgid "ntp" msgstr "NTP" -#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:279 msgid "ntp-server" msgstr "servidor ntp" -#: ../../configuration/service/dhcp-server.rst:275 +#: ../../configuration/service/dhcp-server.rst:281 msgid "ntp-servers" msgstr "servidores ntp" @@ -19723,7 +21209,7 @@ msgstr "servidores ntp" msgid "one rule with a LAN (inbound-interface) and the WAN (interface)." msgstr "una regla con una LAN (interfaz de entrada) y la WAN (interfaz)." -#: ../../configuration/service/router-advert.rst:17 +#: ../../configuration/service/router-advert.rst:18 msgid "openvpn" msgstr "OpenVPN" @@ -19763,8 +21249,8 @@ msgstr "polÃtica extcommunity-list" msgid "policy large-community-list" msgstr "polÃtica lista-comunidad-grande" -#: ../../configuration/service/dhcp-server.rst:313 -#: ../../configuration/service/dhcp-server.rst:315 +#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:321 msgid "pop-server" msgstr "servidor pop" @@ -19772,17 +21258,17 @@ msgstr "servidor pop" msgid "preferred-lifetime" msgstr "preferido de por vida" -#: ../../configuration/protocols/bgp.rst:827 -#: ../../configuration/protocols/bgp.rst:831 +#: ../../configuration/protocols/bgp.rst:849 +#: ../../configuration/protocols/bgp.rst:853 msgid "prefix-list, distribute-list" msgstr "lista de prefijos, lista de distribución" -#: ../../configuration/service/router-advert.rst:18 +#: ../../configuration/service/router-advert.rst:19 msgid "pseudo-ethernet" msgstr "pseudo-ethernet" -#: ../../configuration/service/dhcp-server.rst:338 -#: ../../configuration/service/dhcp-server.rst:340 +#: ../../configuration/service/dhcp-server.rst:344 +#: ../../configuration/service/dhcp-server.rst:346 msgid "range" msgstr "Distancia" @@ -19790,7 +21276,7 @@ msgstr "Distancia" msgid "reachable-time" msgstr "tiempo alcanzable" -#: ../../configuration/system/ip.rst:82 +#: ../../configuration/system/ip.rst:95 msgid "reset commands" msgstr "Restablecer comandos" @@ -19798,7 +21284,7 @@ msgstr "Restablecer comandos" msgid "retrans-timer" msgstr "retrans-temporizador" -#: ../../configuration/service/dhcp-server.rst:325 +#: ../../configuration/service/dhcp-server.rst:331 msgid "rfc3442-static-route, windows-static-route" msgstr "rfc3442-ruta-estática, ruta-estática-windows" @@ -19806,15 +21292,15 @@ msgstr "rfc3442-ruta-estática, ruta-estática-windows" msgid "rfc3768-compatibility" msgstr "compatibilidad con rfc3768" -#: ../../configuration/vpn/site2site_ipsec.rst:277 +#: ../../configuration/vpn/site2site_ipsec.rst:280 msgid "right local_ip: 172.18.202.10 # right side WAN IP" msgstr "right local_ip: 172.18.202.10 # IP WAN del lado derecho" -#: ../../configuration/vpn/site2site_ipsec.rst:169 +#: ../../configuration/vpn/site2site_ipsec.rst:172 msgid "right local_ip: `203.0.113.2` # remote office side WAN IP" msgstr "right local_ip: `203.0.113.2` # IP WAN del lado de la oficina remota" -#: ../../configuration/vpn/site2site_ipsec.rst:168 +#: ../../configuration/vpn/site2site_ipsec.rst:171 msgid "right subnet: `10.0.0.0/24` site2,remote office side" msgstr "subred derecha: `10.0.0.0/24` site2, lado de la oficina remota" @@ -19822,16 +21308,16 @@ msgstr "subred derecha: `10.0.0.0/24` site2, lado de la oficina remota" msgid "ripd" msgstr "ripd" -#: ../../configuration/highavailability/index.rst:349 +#: ../../configuration/highavailability/index.rst:359 msgid "round-robin" msgstr "todos contra todos" -#: ../../configuration/protocols/bgp.rst:825 -#: ../../configuration/protocols/bgp.rst:833 +#: ../../configuration/protocols/bgp.rst:847 +#: ../../configuration/protocols/bgp.rst:855 msgid "route-map" msgstr "mapa de ruta" -#: ../../configuration/service/dhcp-server.rst:250 +#: ../../configuration/service/dhcp-server.rst:256 msgid "routers" msgstr "enrutadores" @@ -19848,7 +21334,7 @@ msgstr "sFlow es una tecnologÃa que permite monitorear el tráfico de la red me msgid "security" msgstr "Seguridad" -#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:289 msgid "server-identifier" msgstr "identificador de servidor" @@ -19865,11 +21351,11 @@ msgstr "establecer una dirección de destino y/o de origen. Entrada aceptada:" msgid "sha256 Hashes" msgstr "sha256 hash" -#: ../../configuration/system/ip.rst:50 +#: ../../configuration/system/ip.rst:63 msgid "show commands" msgstr "Mostrar comandos" -#: ../../configuration/service/dhcp-server.rst:289 +#: ../../configuration/service/dhcp-server.rst:295 msgid "siaddr" msgstr "ver" @@ -19877,8 +21363,8 @@ msgstr "ver" msgid "slow: Request partner to transmit LACPDUs every 30 seconds" msgstr "lento: solicite al socio que transmita LACPDU cada 30 segundos" -#: ../../configuration/service/dhcp-server.rst:308 -#: ../../configuration/service/dhcp-server.rst:310 +#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:316 msgid "smtp-server" msgstr "servidor SMTP" @@ -19886,7 +21372,7 @@ msgstr "servidor SMTP" msgid "software filters can easily be added to hash over new protocols," msgstr "Los filtros de software se pueden agregar fácilmente al hash sobre nuevos protocolos," -#: ../../configuration/highavailability/index.rst:353 +#: ../../configuration/highavailability/index.rst:363 msgid "source-hashing" msgstr "fuente-hashing" @@ -19898,11 +21384,11 @@ msgstr "habla01-habla04" msgid "spoke05" msgstr "habló05" -#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:359 msgid "static-mapping" msgstr "mapeo estático" -#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:329 msgid "static-route" msgstr "ruta estática" @@ -19912,7 +21398,7 @@ msgstr "ruta estática" msgid "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." msgstr "estricto: cada paquete entrante se prueba con la FIB y si la interfaz no es la mejor ruta inversa, la verificación del paquete fallará. Por defecto, los paquetes fallidos se descartan." -#: ../../configuration/service/dhcp-server.rst:238 +#: ../../configuration/service/dhcp-server.rst:244 msgid "subnet-mask" msgstr "máscara de subred" @@ -19928,8 +21414,8 @@ msgstr "cola" msgid "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." msgstr "tc_ es una poderosa herramienta para el control de tráfico que se encuentra en el kernel de Linux. Sin embargo, su configuración a menudo se considera una tarea engorrosa. Afortunadamente, VyOS facilita el trabajo a través de su CLI, mientras usa ``tc`` como backend." -#: ../../configuration/service/dhcp-server.rst:293 -#: ../../configuration/service/dhcp-server.rst:295 +#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:301 msgid "tftp-server-name" msgstr "nombre-servidor-tftp" @@ -19938,21 +21424,21 @@ msgstr "nombre-servidor-tftp" msgid "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." msgstr "esta opción permite configurar prefix-sid en SR. El 'no-php-flag' significa que NO hay aparición de penúltimo salto que permite que el nodo SR solicite a su vecino que no haga estallar la etiqueta. El indicador 'explÃcito-nulo' permite que el nodo SR solicite a su vecino que envÃe un paquete IP con la etiqueta EXPLÃCITO-NULO. La opción 'n-flag-clear' se puede usar para borrar explÃcitamente el indicador de nodo que está configurado de forma predeterminada para los SID de prefijo asociados a las direcciones de bucle invertido. Esta opción es necesaria para configurar Anycast-SID." -#: ../../configuration/service/dhcp-server.rst:242 -#: ../../configuration/service/dhcp-server.rst:244 +#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:250 msgid "time-offset" msgstr "desplazamiento de tiempo" -#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:259 msgid "time-server" msgstr "contemporizador" -#: ../../configuration/service/dhcp-server.rst:255 +#: ../../configuration/service/dhcp-server.rst:261 msgid "time-servers" msgstr "servidores de tiempo" -#: ../../configuration/highavailability/index.rst:365 -#: ../../configuration/service/router-advert.rst:19 +#: ../../configuration/highavailability/index.rst:375 +#: ../../configuration/service/router-advert.rst:20 msgid "tunnel" msgstr "Túnel" @@ -19984,7 +21470,7 @@ msgstr "vida útil válida" msgid "veth interfaces need to be created in pairs - it's called the peer name" msgstr "Las interfaces veth deben crearse en pares: se llama el nombre del par" -#: ../../configuration/service/router-advert.rst:20 +#: ../../configuration/service/router-advert.rst:21 msgid "vxlan" msgstr "VXLAN" @@ -19996,11 +21482,11 @@ msgstr "Advertencia" msgid "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." msgstr "describimos la configuración SR ISIS / SR OSPF usando 2 conectados con ellos para compartir información de etiquetas." -#: ../../configuration/highavailability/index.rst:352 +#: ../../configuration/highavailability/index.rst:362 msgid "weighted-least-connection" msgstr "conexión ponderada mÃnima" -#: ../../configuration/highavailability/index.rst:350 +#: ../../configuration/highavailability/index.rst:360 msgid "weighted-round-robin" msgstr "round-robin ponderado" @@ -20008,15 +21494,15 @@ msgstr "round-robin ponderado" msgid "while a *byte* is written as a single **b**." msgstr "mientras que un *byte* se escribe como una sola **b**." -#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:284 msgid "wins-server" msgstr "gana-servidor" -#: ../../configuration/service/router-advert.rst:21 +#: ../../configuration/service/router-advert.rst:22 msgid "wireguard" msgstr "Guardia de alambre" -#: ../../configuration/service/router-advert.rst:22 +#: ../../configuration/service/router-advert.rst:23 msgid "wireless" msgstr "inalámbrico" @@ -20024,15 +21510,15 @@ msgstr "inalámbrico" msgid "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." msgstr "con :cfgcmd:`establecer la aceleración del sistema qat` en ambos sistemas aumenta el ancho de banda." -#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:334 msgid "wpad-url" msgstr "wpad-url" -#: ../../configuration/service/dhcp-server.rst:330 +#: ../../configuration/service/dhcp-server.rst:336 msgid "wpad-url, wpad-url code 252 = text" msgstr "wpad-url, wpad-url código 252 = texto" -#: ../../configuration/service/router-advert.rst:23 +#: ../../configuration/service/router-advert.rst:24 msgid "wwan" msgstr "WWAN" diff --git a/docs/_locale/es/contributing.pot b/docs/_locale/es/contributing.pot index 07b516ff..cbea3424 100644 --- a/docs/_locale/es/contributing.pot +++ b/docs/_locale/es/contributing.pot @@ -207,6 +207,10 @@ msgstr "Malo: radio (a menos que se trate de la distancia entre el centro de un msgid "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." msgstr "Ser valiente y ejecutar los últimos lanzamientos continuos a veces desencadenará errores debido a los casos de esquina que pasamos por alto en nuestro diseño. Esos errores deben archivarse a través de Phabricator_ pero puede ayudarnos a reducir el problema. Inicie sesión en su sistema VyOS y cambie al modo de configuración escribiendo ``configure``. Ahora vuelva a cargar su configuración de arranque simplemente escribiendo ``cargar`` seguido de retorno." +#: ../../contributing/debugging.rst:160 +msgid "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +msgstr "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." + #: ../../contributing/debugging.rst:170 msgid "Boot Timing" msgstr "Temporización de arranque" @@ -884,6 +888,10 @@ msgid "Our StrongSWAN build differs from the upstream:" msgstr "Nuestra construcción StrongSWAN difiere de la anterior:" #: ../../contributing/testing.rst:20 +msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." +msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." + +#: ../../contributing/testing.rst:20 msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." msgstr "Nuestro sistema `VyOS CI`_ se basa en Jenkins y crea todos nuestros paquetes necesarios para VyOS 1.2 a 1.4. Además de la compilación del paquete, existe el trabajo vyos-build que compila y prueba la imagen ISO de VyOS que se publica después de una prueba de manejo exitosa." @@ -924,6 +932,10 @@ msgstr "EnvÃe sus parches utilizando la conocida solicitud de extracción de Gi msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." msgstr "Utilice la siguiente plantilla como un buen punto de partida cuando desarrolle nuevos módulos o incluso reescriba un montón de código en el nuevo estilo de interfaz XML/Pyhon." +#: ../../contributing/development.rst:254 +msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." +msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." + #: ../../contributing/testing.rst:104 msgid "Port description" msgstr "Descripción del puerto" @@ -1017,6 +1029,10 @@ msgstr "Smoketests ejecuta comandos predefinidos de la CLI de VyOS y verifica si msgid "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." msgstr "Entonces, si planea crear su propia imagen ISO personalizada y no quiere utilizar nuestras pruebas de humo, asegúrese de tener instalado el paquete `vyos-1x-smoketest`." +#: ../../contributing/testing.rst:45 +msgid "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +msgstr "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." + #: ../../contributing/build-vyos.rst:202 msgid "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." msgstr "Algunos paquetes de VyOS (a saber, vyos-1x) vienen con pruebas de tiempo de compilación que verifican que algunas de las llamadas de la biblioteca interna funcionan como se esperaba. Estas pruebas se realizan a través del módulo Unittest de Python. Si desea compilar el paquete ``vyos-1x`` (que es nuestro paquete de desarrollo principal), debe iniciar su contenedor Docker con el siguiente argumento: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0 ``, de lo contrario esas pruebas fallarán." @@ -1198,6 +1214,10 @@ msgid "The package ends up in deb_dist dir." msgstr "El paquete termina en el directorio deb_dist." #: ../../contributing/debugging.rst:148 +msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" +msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" + +#: ../../contributing/debugging.rst:148 msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" msgstr "La razón es que el backend de migración de configuración se reescribe y usa una nueva forma de "cadena mágica" que se aplica a pedido cuando se ejecuta la migración de configuración real en el arranque. Cuando no ejecuta migradores individuales para realizar pruebas, debe convertir la "cadena mágica" por su cuenta:" @@ -1314,10 +1334,18 @@ msgid "To debug issues in priorities or to see what's going on in the background msgstr "Para depurar problemas en las prioridades o para ver lo que sucede en segundo plano, puede usar el script ``/opt/vyatta/sbin/priority.pl`` que enumera el orden de ejecución de los scripts." #: ../../contributing/build-vyos.rst:373 +msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" +msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" + +#: ../../contributing/build-vyos.rst:373 msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" msgstr "Para depurar el proceso de compilación y obtener información adicional sobre cuál podrÃa ser la causa principal, debe usar `chroot` para cambiar al directorio de compilación. Esto se explica en el siguiente procedimiento paso a paso:" #: ../../contributing/debugging.rst:182 +msgid "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" +msgstr "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" + +#: ../../contributing/debugging.rst:182 msgid "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" msgstr "Para habilitar la representación gráfica del tiempo de arranque, cambie la lÃnea de comandos del Kernel y agregue la siguiente cadena: ``init=/usr/lib/systemd/systemd-bootchart``" @@ -1409,6 +1437,10 @@ msgstr "Plataformas de virtualización" msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." msgstr "VyOS CLI tiene que ver con las prioridades. Cada nodo CLI tiene un archivo ``node.def`` correspondiente y posiblemente un script adjunto que se ejecuta cuando el nodo está presente. Los nodos pueden tener una prioridad, y en el arranque del sistema, o cualquier otro "commit" a la configuración, todos los scripts se ejecutan de menor a mayor prioridad. Esto es bueno ya que da un comportamiento determinista." +#: ../../contributing/debugging.rst:190 +msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." +msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." + #: ../../contributing/build-vyos.rst:168 msgid "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." msgstr "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." @@ -1485,6 +1517,10 @@ msgstr "Cuando pueda verificar que en realidad se trata de un error, dedique alg msgid "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." msgstr "Cuando está trabajando en la configuración de la interfaz y tampoco quiere probar si las pruebas de humo pasan, normalmente perderÃa la conexión SSH remota a su :abbr:`DUT (Dispositivo bajo prueba)`. Para manejar este problema, algunas de las pruebas basadas en interfaz se pueden llamar con una variable de entorno de antemano para limitar la cantidad de interfaces utilizadas en la prueba. De forma predeterminada, se utilizan todas las interfaces, por ejemplo, todas las interfaces Ethernet." +#: ../../contributing/testing.rst:109 +msgid "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +msgstr "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." + #: ../../contributing/issues-features.rst:21 msgid "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." msgstr "Cuando crea que ha encontrado un error, siempre es una buena idea verificar el problema antes de abrir una solicitud de error." @@ -1550,6 +1586,10 @@ msgstr "Tiene sus propios paquetes `*.deb` de kernel personalizados en la carpet msgid "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." msgstr "Ahora deberÃa ver un seguimiento de Python que nos ayudará a manejar el problema, adjúntelo a la tarea Phabricator_." +#: ../../contributing/debugging.rst:166 +msgid "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +msgstr "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." + #: ../../contributing/development.rst:146 msgid "You then can proceed with cloning your fork or add a new remote to your local repository:" msgstr "Luego puede continuar con la clonación de su bifurcación o agregar un nuevo control remoto a su repositorio local:" @@ -1666,6 +1706,10 @@ msgstr "cometer:expresión:" msgid "contine execution using ``cont``" msgstr "contiene ejecución usando ``cont''" +#: ../../contributing/debugging.rst:128 +msgid "continue execution using ``cont``" +msgstr "continue execution using ``cont``" + #: ../../contributing/development.rst:675 msgid "default:" msgstr "por defecto:" diff --git a/docs/_locale/es/copyright.pot b/docs/_locale/es/copyright.pot index c7befa5e..59ccc312 100644 --- a/docs/_locale/es/copyright.pot +++ b/docs/_locale/es/copyright.pot @@ -13,8 +13,12 @@ msgid "Copyright Notice" msgstr "Aviso de copyright" #: ../../copyright.md:3 +msgid "Copyright (C) 2018-2023 VyOS maintainers and contributors" +msgstr "Copyright (C) 2018-2023 Mantenedores y colaboradores de VyOS" + +#: ../../copyright.md:3 msgid "Copyright (C) 2018-2024 VyOS maintainers and contributors" -msgstr "Copyright (C) 2018-2024 Mantenedores y colaboradores de VyOS" +msgstr "Copyright (C) 2018-2024 VyOS maintainers and contributors" #: ../../copyright.md:9 msgid "Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one." diff --git a/docs/_locale/es/documentation.pot b/docs/_locale/es/documentation.pot index 57889977..5f3845c2 100644 --- a/docs/_locale/es/documentation.pot +++ b/docs/_locale/es/documentation.pot @@ -8,27 +8,47 @@ msgstr "" "Language: es\n" "Plural-Forms: nplurals=2; plural=(n==1) ? 0 : 1;\n" -#: ../../documentation.rst:239 +#: ../../documentation.rst:216 msgid "16bit ASN: ``64496 - 64511``" msgstr "ASN de 16 bits: ``64496 - 64511``" -#: ../../documentation.rst:240 +#: ../../documentation.rst:84 +msgid "1. Theoretical information" +msgstr "1. Theoretical information" + +#: ../../documentation.rst:92 +msgid "2. Configuration description" +msgstr "2. Configuration description" + +#: ../../documentation.rst:217 msgid "32bit ASN: ``65536 - 65551``" msgstr "ASN de 32 bits: ``65536 - 65551``" -#: ../../documentation.rst:182 +#: ../../documentation.rst:99 +msgid "3. Configuration examples" +msgstr "3. Configuration examples" + +#: ../../documentation.rst:105 +msgid "4. Known issues" +msgstr "4. Known issues" + +#: ../../documentation.rst:113 +msgid "5. Debugging" +msgstr "5. Debugging" + +#: ../../documentation.rst:159 msgid "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." msgstr "Se utilizará un complemento para generar una etiqueta de referencia para cada titular. Para hacer referencia a una página o una sección en la documentación, use el comando ``:ref:``." -#: ../../documentation.rst:103 +#: ../../documentation.rst:408 msgid "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." msgstr "Agregue archivos modificados al Ãndice de Git ``$ git add path/to/filename`` o agregue todos los archivos no preparados ``$ git add .``. Todos los archivos agregados al Ãndice de Git serán parte de usted después de la confirmación de Git." -#: ../../documentation.rst:229 +#: ../../documentation.rst:206 msgid "Address space" msgstr "Espacio de dirección" -#: ../../documentation.rst:390 +#: ../../documentation.rst:58 msgid "All RST files must follow the same TOC Level syntax and have to start with" msgstr "Todos los archivos RST deben seguir la misma sintaxis de nivel de TOC y deben comenzar con" @@ -36,7 +56,7 @@ msgstr "Todos los archivos RST deben seguir la misma sintaxis de nivel de TOC y msgid "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." msgstr "Sigue una sección opcional. Algunos comandos tienen requisitos como hardware compatible (por ejemplo, Wifi) o algunos comandos que debe configurar antes. Por ejemplo, se recomienda establecer un mapa de ruta antes de configurar BGP." -#: ../../documentation.rst:53 +#: ../../documentation.rst:51 msgid "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." msgstr "Y por último, recuerda que los archivos reStructuredText no son exclusivamente para generar HTML y PDF. Deben ser legibles por humanos y fáciles de leer desde una consola." @@ -48,23 +68,23 @@ msgstr "Algo más" msgid "Anything else that is not a configuration or an operation command has no predefined structure." msgstr "Cualquier otra cosa que no sea una configuración o un comando de operación no tiene una estructura predefinida." -#: ../../documentation.rst:257 +#: ../../documentation.rst:234 msgid "Autolinter" msgstr "Filtro automático" -#: ../../documentation.rst:94 +#: ../../documentation.rst:399 msgid "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." msgstr "Verifique sus cambios creando localmente la documentación ``$ make livehtml``. Sphinx construirá los archivos html en la carpeta ``docs/_build``. Le proporcionamos un contenedor Docker para una experiencia de usuario fácil de usar. Consulta el archivo README.md_ de este repositorio." -#: ../../documentation.rst:123 +#: ../../documentation.rst:428 msgid "Check your configured remote repositories:" msgstr "Verifique sus repositorios remotos configurados:" -#: ../../documentation.rst:78 +#: ../../documentation.rst:383 msgid "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" msgstr "Clone fork a la máquina local, luego cambie a ese directorio ``$ cd vyos-documentation``" -#: ../../documentation.rst:107 +#: ../../documentation.rst:412 msgid "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." msgstr "Confirma tus cambios con el mensaje ``$ git commit -m "<commit message> "`` o use ``$ git commit -v`` para iniciar su editor configurado. Puede escribir un mensaje de confirmación. Nuevamente, siéntase cómodo sin reglas (:ref:`prepare_commit`)." @@ -72,55 +92,67 @@ msgstr "Confirma tus cambios con el mensaje ``$ git commit -m "<commit mess msgid "Configuration mode pages" msgstr "Páginas del modo de configuración" -#: ../../documentation.rst:84 +#: ../../documentation.rst:389 msgid "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" msgstr "Crea una nueva rama para tu trabajo, usa un nombre descriptivo de tu trabajo: ``$ git checkout -b<branch-name> ``" -#: ../../documentation.rst:180 +#: ../../documentation.rst:157 msgid "Cross-References" msgstr "Referencias cruzadas" -#: ../../documentation.rst:268 +#: ../../documentation.rst:245 msgid "Custom Sphinx-doc Markup" msgstr "Marcado personalizado de Sphinx-doc" -#: ../../documentation.rst:270 +#: ../../documentation.rst:247 msgid "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." msgstr "Se han desarrollado comandos personalizados para escribir la documentación. Siéntase cómodo con esos comandos, ya que esto facilita la forma en que representamos la documentación." -#: ../../documentation.rst:45 +#: ../../documentation.rst:94 +msgid "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." +msgstr "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." + +#: ../../documentation.rst:115 +msgid "Described procedures for debugging a service:" +msgstr "Described procedures for debugging a service:" + +#: ../../documentation.rst:43 msgid "Don't forget to update ``index.rst`` when adding a new node." msgstr "No olvide actualizar ``index.rst`` al agregar un nuevo nodo." -#: ../../documentation.rst:259 +#: ../../documentation.rst:236 msgid "Each GitHub pull request is automatically linted to check the address space and line length." msgstr "Cada solicitud de extracción de GitHub se filtra automáticamente para verificar el espacio de direcciones y la longitud de la lÃnea." -#: ../../documentation.rst:252 +#: ../../documentation.rst:81 +msgid "Each page must contain the following parts:" +msgstr "Each page must contain the following parts:" + +#: ../../documentation.rst:229 msgid "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." msgstr "Excepto en ``.. code-block::`` porque usa la etiqueta html ``<pre> `` y presenta el mismo formato de lÃnea del primer archivo de origen." -#: ../../documentation.rst:292 +#: ../../documentation.rst:269 msgid "For an inline configuration level command, use ``:cfgcmd:``" msgstr "Para un comando de nivel de configuración en lÃnea, use ``:cfgcmd:``" -#: ../../documentation.rst:328 +#: ../../documentation.rst:305 msgid "For an inline operational level command, use ``:opcmd:``" msgstr "Para un comando de nivel operativo en lÃnea, use ``:opcmd:``" -#: ../../documentation.rst:186 +#: ../../documentation.rst:163 msgid "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." msgstr "Por ejemplo, desea hacer referencia al tÃtulo **VLAN** en la página **ethernet.rst**. El complemento genera la etiqueta en función del tÃtulo y la ruta del archivo." -#: ../../documentation.rst:405 +#: ../../documentation.rst:70 msgid "For example:" msgstr "Por ejemplo:" -#: ../../documentation.rst:76 +#: ../../documentation.rst:381 msgid "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" msgstr "Fork este proyecto en GitHub https://github.com/vyos/vyos-documentation/fork" -#: ../../documentation.rst:58 +#: ../../documentation.rst:363 msgid "Forking Workflow" msgstr "Flujo de trabajo de bifurcación" @@ -128,6 +160,10 @@ msgstr "Flujo de trabajo de bifurcación" msgid "Formating and Sphinxmarkup" msgstr "Formateo y Sphinxmarkup" +#: ../../documentation.rst:127 +msgid "Formatting and Sphinxmarkup" +msgstr "Formatting and Sphinxmarkup" + #: ../../documentation.rst:432 msgid "General concepts for troubleshooting and detailed process descriptions belong here." msgstr "Los conceptos generales para la solución de problemas y las descripciones detalladas del proceso pertenecen aquÃ." @@ -140,7 +176,7 @@ msgstr "Pautas" msgid "If there some troubleshooting guides related to the commands. Explain it in the next optional part." msgstr "Si hay algunas guÃas de solución de problemas relacionadas con los comandos. ExplÃcalo en la siguiente parte opcional." -#: ../../documentation.rst:143 +#: ../../documentation.rst:448 msgid "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" msgstr "Si también desea actualizar su bifurcación en GitHub, use lo siguiente: ``$ git push origin master``" @@ -152,43 +188,43 @@ msgstr "Si está dispuesto a contribuir con nuestra documentación, esta es la g msgid "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." msgstr "A diferencia de enviar parches de código, no es necesario que abra una tarea Phabricator_ antes de enviar una solicitud de extracción a la documentación." -#: ../../documentation.rst:417 +#: ../../documentation.rst:75 msgid "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." msgstr "En la parte de configuración de la página, se deben documentar todas las opciones de configuración posibles. Utilice ``.. cfgcmd::`` descrito anteriormente." -#: ../../documentation.rst:50 +#: ../../documentation.rst:48 msgid "Indent with two spaces." msgstr "SangrÃa con dos espacios." -#: ../../documentation.rst:81 +#: ../../documentation.rst:386 msgid "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" msgstr "Instale los requisitos ``$ pip install -r requirements.txt`` (o algo similar)" -#: ../../documentation.rst:49 +#: ../../documentation.rst:47 msgid "Leave a newline before and after a header." msgstr "Deje una nueva lÃnea antes y después de un encabezado." -#: ../../documentation.rst:250 +#: ../../documentation.rst:227 msgid "Limit all lines to a maximum of 80 characters." msgstr "Limite todas las lÃneas a un máximo de 80 caracteres." -#: ../../documentation.rst:248 +#: ../../documentation.rst:225 msgid "Line length" msgstr "Longitud de la lÃnea" -#: ../../documentation.rst:87 +#: ../../documentation.rst:392 msgid "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." msgstr "Realice todos sus cambios; tenga en cuenta nuestras reglas de confirmación (:ref:`prepare_commit`). Esto se aplica principalmente a los mensajes de confirmación adecuados que describen su cambio (cómo y por qué). Consulte la documentación de Sphinx-doc_ o reStructuredText_ si no está familiarizado con él. Esto se utiliza para escribir nuestros documentos. Se pueden obtener directivas adicionales sobre cómo escribir en RST en reStructuredTextDirectives_." -#: ../../documentation.rst:242 +#: ../../documentation.rst:219 msgid "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" msgstr "Direcciones MAC de multidifusión: ``90-10-00`` a ``90-10-FF``" -#: ../../documentation.rst:231 +#: ../../documentation.rst:208 msgid "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" msgstr "Tenga en cuenta los siguientes RFC (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` y :rfc:`7042`), que describen las direcciones IP públicas reservadas y los números de sistema autónomo para la documentación:" -#: ../../documentation.rst:118 +#: ../../documentation.rst:423 msgid "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" msgstr "Una vez que se hayan aprobado las solicitudes de extracción, es posible que también desee actualizar localmente su repositorio bifurcado. Primero tendrás que agregar un segundo control remoto llamado `upstream` que apunta a nuestro repositorio principal. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" @@ -200,39 +236,43 @@ msgstr "Los comandos del modo de operación que no encajan en un comando del mod msgid "Operation mode pages" msgstr "Páginas del modo de funcionamiento" -#: ../../documentation.rst:385 +#: ../../documentation.rst:56 msgid "Page content" msgstr "Contenido de página" -#: ../../documentation.rst:244 +#: ../../documentation.rst:221 msgid "Please do not use other public address space." msgstr "Por favor, no utilice otro espacio de megafonÃa pública." -#: ../../documentation.rst:47 +#: ../../documentation.rst:101 +msgid "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." +msgstr "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." + +#: ../../documentation.rst:45 msgid "Properly quote commands, filenames and brief code snippets with double backticks." msgstr "Cita correctamente comandos, nombres de archivos y breves fragmentos de código con doble tilde." -#: ../../documentation.rst:112 +#: ../../documentation.rst:417 msgid "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" msgstr "EnvÃa confirmaciones a tu proyecto de GitHub: ``$ git push -u origin<branch-name> ``" -#: ../../documentation.rst:420 +#: ../../documentation.rst:78 msgid "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." msgstr "El comando de operación relacionado debe documentarse en la siguiente parte del artÃculo. Utilice ``::opcmd..`` para estos comandos." -#: ../../documentation.rst:262 +#: ../../documentation.rst:239 msgid "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." msgstr "A veces es necesario proporcionar direcciones IP reales como en los :ref:`ejemplos`. Para esto, utilice la sintaxis de comentarios de sphinx ``.. stop_vyoslinter`` para detener el linter y ``.. start_vyoslinter`` para comenzar." -#: ../../documentation.rst:147 +#: ../../documentation.rst:124 msgid "Style Guide" msgstr "GuÃa de estilo" -#: ../../documentation.rst:114 +#: ../../documentation.rst:419 msgid "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." msgstr "Enviar solicitud de extracción. En GitHub, visite el repositorio principal y deberÃa ver un banner que sugiere realizar una solicitud de extracción. Rellena el formulario y describe lo que haces." -#: ../../documentation.rst:153 +#: ../../documentation.rst:130 msgid "TOC Level" msgstr "Nivel de COT" @@ -240,7 +280,7 @@ msgstr "Nivel de COT" msgid "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." msgstr "Eche un vistazo a la página :doc:`/documentation` para obtener una explicación compleja del proceso de documentación." -#: ../../documentation.rst:60 +#: ../../documentation.rst:365 msgid "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." msgstr "El flujo de trabajo de bifurcación es fundamentalmente diferente de otros flujos de trabajo populares de Git. En lugar de usar un único repositorio del lado del servidor para que actúe como base de código "central", le da a cada desarrollador su propio repositorio del lado del servidor. Esto significa que cada colaborador no tiene uno, sino dos repositorios Git: uno local privado y uno público del lado del servidor." @@ -248,7 +288,7 @@ msgstr "El flujo de trabajo de bifurcación es fundamentalmente diferente de otr msgid "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." msgstr "El artÃculo comienza con una breve introducción sobre el comando o la tecnologÃa. Incluya algunos enlaces útiles o información básica." -#: ../../documentation.rst:401 +#: ../../documentation.rst:66 msgid "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." msgstr "La carpeta del modo de configuración y los artÃculos cubren el nivel especÃfico de los comandos. El nivel exacto depende del comando. Esto deberÃa proporcionar estabilidad a las URL utilizadas en el foro o publicación de blog." @@ -260,51 +300,59 @@ msgstr "La documentación tiene 3 tipos diferentes de páginas. El mismo tipo de msgid "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." msgstr "La fuente de documentación se mantiene en el repositorio de Git en https://github.com/vyos/vyos-documentation y puede seguir las instrucciones en README.md_ para compilar y probar sus cambios." -#: ../../documentation.rst:41 +#: ../../documentation.rst:39 msgid "The following is a quick summary of the rules:" msgstr "El siguiente es un breve resumen de las reglas:" -#: ../../documentation.rst:66 +#: ../../documentation.rst:371 msgid "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." msgstr "La principal ventaja del flujo de trabajo de bifurcación es que las contribuciones se pueden integrar sin la necesidad de que todos presionen a un solo repositorio central. Los desarrolladores ingresan a sus propios repositorios del lado del servidor, y solo el mantenedor del proyecto puede ingresar al repositorio oficial. Esto permite que el mantenedor acepte compromisos de cualquier desarrollador sin darles acceso de escritura a la base de código oficial." -#: ../../documentation.rst:199 +#: ../../documentation.rst:176 msgid "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." msgstr "El complemento advertirá en la compilación si un tÃtulo tiene un nombre duplicado en el mismo documento. Para evitar esta advertencia, debe colocar un enlace personalizado en la parte superior del tÃtulo." +#: ../../documentation.rst:86 +msgid "Theoretical information required for users to understand the next document sections:" +msgstr "Theoretical information required for users to understand the next document sections:" + #: ../../documentation.rst:35 msgid "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." msgstr "Hay algunas cosas a tener en cuenta al contribuir con la documentación, en aras de la coherencia y la legibilidad." -#: ../../documentation.rst:299 +#: ../../documentation.rst:107 +msgid "This section must contain a list of:" +msgstr "This section must contain a list of:" + +#: ../../documentation.rst:276 msgid "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." msgstr "Para extraer un valor predeterminado de las definiciones XML, agregue una directiva ``:defaultvalue:`` a ``.. cfgcmd::``. Para tener esta función localmente, el submódulo vyos-1x debe inicializarse antes. Tenga en cuenta que no debe actualizar el submódulo en su PR." -#: ../../documentation.rst:337 +#: ../../documentation.rst:314 msgid "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." msgstr "Para minimizar la redundancia, existe una directiva de inclusión especial. Incluye un archivo txt y reemplaza ``{{ var0 }}`` - ``{{ var9 }}`` con el valor correcto." -#: ../../documentation.rst:46 +#: ../../documentation.rst:44 msgid "Try not to exceed 80 characters per line, but don't break URLs over this." msgstr "Trate de no exceder los 80 caracteres por lÃnea, pero no rompa las URL por esto." -#: ../../documentation.rst:241 +#: ../../documentation.rst:218 msgid "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" msgstr "Direcciones MAC de unidifusión: ``00-53-00`` a ``00-53-FF``" -#: ../../documentation.rst:73 +#: ../../documentation.rst:378 msgid "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." msgstr "Las actualizaciones de nuestra documentación deben enviarse mediante una solicitud de extracción de GitHub. Esto requiere que ya tengas una cuenta de GitHub." -#: ../../documentation.rst:43 +#: ../../documentation.rst:41 msgid "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." msgstr "Usa inglés americano en todo momento. Siempre es una buena idea pasar el texto por un corrector gramatical y ortográfico, como `Grammarly`_." -#: ../../documentation.rst:48 +#: ../../documentation.rst:46 msgid "Use literal blocks for longer snippets." msgstr "Use bloques literales para fragmentos más largos." -#: ../../documentation.rst:99 +#: ../../documentation.rst:404 msgid "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." msgstr "Vea los archivos modificados llamando a ``$ git status``. Obtendrá una descripción general de todos los archivos modificados por usted. Puede agregar archivos individuales al Ãndice de Git en el siguiente paso." @@ -312,35 +360,39 @@ msgstr "Vea los archivos modificados llamando a ``$ git status``. Obtendrá una msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." msgstr "La documentación de VyOS está escrita en reStructuredText y generada para leer las páginas de Docs con Sphinx, según la tradición de Python, asà como archivos PDF para uso sin conexión a través de LaTeX. Damos la bienvenida a todo tipo de contribuciones a la documentación. No solo nuevas adiciones sino también correcciones a la documentación existente." +#: ../../documentation.rst:20 +msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." + #: ../../documentation.rst:9 msgid "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." msgstr "Alentamos a todos los usuarios de VyOS a que nos ayuden a mejorar nuestra documentación, ya que tenemos un déficit como la mayorÃa de los proyectos de software. Esto no solo te ayuda a ti cuando lees, sino también a todos los demás." -#: ../../documentation.rst:155 +#: ../../documentation.rst:132 msgid "We use the following syntax for Headlines." msgstr "Usamos la siguiente sintaxis para Titulares." -#: ../../documentation.rst:277 +#: ../../documentation.rst:254 msgid "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." msgstr "Al documentar los comandos CLI, use la directiva ``.. cfgcmd::`` para todos los comandos del modo de configuración. Se debe agregar una explicación del comando descrito debajo de esta declaración. Reemplace todos los contenidos variables con<value> o algo similar." -#: ../../documentation.rst:316 +#: ../../documentation.rst:293 msgid "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." msgstr "Al documentar los comandos de nivel operativo, utilice la directiva ``.. opcmd::``. Se debe agregar una explicación del comando descrito debajo de esta declaración." -#: ../../documentation.rst:51 +#: ../../documentation.rst:49 msgid "When in doubt, follow the style of existing documentation." msgstr "En caso de duda, siga el estilo de la documentación existente." -#: ../../documentation.rst:375 +#: ../../documentation.rst:352 msgid "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." msgstr "Cuando se hace referencia a las tareas de VyOS Phabricator, hay un comando de Sphinx Markup personalizado llamado ``vytask`` que se convierte automáticamente en una URL de Phabricator adecuada. Esto se usa mucho en la sección :ref:`release-notes`." -#: ../../documentation.rst:319 +#: ../../documentation.rst:296 msgid "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "Con esos comandos personalizados, es posible representarlos de una manera más descriptiva en el manual HTML/PDF resultante." -#: ../../documentation.rst:282 +#: ../../documentation.rst:259 msgid "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "Con esos comandos personalizados, será posible representarlos de una manera más descriptiva en el manual HTML/PDF resultante." @@ -352,66 +404,98 @@ msgstr "Escribir documentación" msgid "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." msgstr "Puede instalar Sphinx (y TeX Live para la salida en PDF) y compilar la documentación localmente, o usar Dockerfile_ para compilarla en un contenedor." -#: ../../documentation.rst:133 +#: ../../documentation.rst:29 +msgid "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." +msgstr "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." + +#: ../../documentation.rst:438 msgid "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." msgstr "Tu repositorio remoto en Github se llama ``origin``, mientras que el repositorio original que has bifurcado se llama ``upstream``. Ahora puede actualizar localmente su repositorio bifurcado." -#: ../../documentation.rst:235 +#: ../../documentation.rst:212 msgid "``192.0.2.0/24``" msgstr "``192.0.2.0/24``" -#: ../../documentation.rst:236 +#: ../../documentation.rst:213 msgid "``198.51.100.0/24``" msgstr "``198.51.100.0/24``" -#: ../../documentation.rst:238 +#: ../../documentation.rst:215 msgid "``2001:db8::/32``" msgstr "``2001:db8::/32``" -#: ../../documentation.rst:237 +#: ../../documentation.rst:214 msgid "``203.0.113.0/24``" msgstr "``203.0.113.0/24``" -#: ../../documentation.rst:194 +#: ../../documentation.rst:171 msgid "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" msgstr "``:ref:`Revisar VLAN<configuration/interfaces/ethernet:vlan> ``" -#: ../../documentation.rst:190 +#: ../../documentation.rst:167 msgid "``:ref:`configuration/interfaces/ethernet:vlan``" msgstr "``:ref:`configuración/interfaces/ethernet:vlan``" -#: ../../documentation.rst:407 +#: ../../documentation.rst:72 msgid "``set firewall zone`` is written in ``firewall/zone.rst``" msgstr "``establecer zona de firewall`` está escrito en ``firewall/zone.rst``" -#: ../../documentation.rst:408 +#: ../../documentation.rst:73 msgid "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" msgstr "``establecer interfaces ethernet`` está escrito en ``interfaces/ethernet.rst``" -#: ../../documentation.rst:275 +#: ../../documentation.rst:88 +msgid "a simple explanation of what is this page about, why or when it is required to be used" +msgstr "a simple explanation of what is this page about, why or when it is required to be used" + +#: ../../documentation.rst:252 msgid "cfgcmd" msgstr "cfgcmd" -#: ../../documentation.rst:335 +#: ../../documentation.rst:312 msgid "cmdinclude" msgstr "cmincluir" -#: ../../documentation.rst:197 +#: ../../documentation.rst:174 msgid "handle build errors" msgstr "manejar errores de compilación" -#: ../../documentation.rst:314 +#: ../../documentation.rst:117 +msgid "how to collect logs or other debugging information (like `show` commands output)" +msgstr "how to collect logs or other debugging information (like `show` commands output)" + +#: ../../documentation.rst:118 +msgid "how to read and what to search for in logs and collected information" +msgstr "how to read and what to search for in logs and collected information" + +#: ../../documentation.rst:109 +msgid "known issues or potential problems for the service or use case" +msgstr "known issues or potential problems for the service or use case" + +#: ../../documentation.rst:291 msgid "opcmd" msgstr "opcmd" -#: ../../documentation.rst:346 +#: ../../documentation.rst:89 +msgid "references to standards, RFCs" +msgstr "references to standards, RFCs" + +#: ../../documentation.rst:323 msgid "the content of interface-address.txt looks like this" msgstr "el contenido de interface-address.txt se ve asÃ" -#: ../../documentation.rst:192 +#: ../../documentation.rst:169 msgid "to use an alternative hyperlink use it this way:" msgstr "para usar un hipervÃnculo alternativo, úselo de esta manera:" -#: ../../documentation.rst:373 +#: ../../documentation.rst:350 msgid "vytask" msgstr "vytarea" + +#: ../../documentation.rst:119 +msgid "what are indicators of good and bad states in debugging outputs" +msgstr "what are indicators of good and bad states in debugging outputs" + +#: ../../documentation.rst:110 +msgid "workarounds for known issues (if any exist)" +msgstr "workarounds for known issues (if any exist)" diff --git a/docs/_locale/es/installation.pot b/docs/_locale/es/installation.pot index 8d2d1d2d..d77d4e6e 100644 --- a/docs/_locale/es/installation.pot +++ b/docs/_locale/es/installation.pot @@ -212,6 +212,10 @@ msgstr "Agregue una o más rutas para las redes que desea pasar a través de la msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." msgstr "Almacenamiento adicional. Puede eliminar el almacenamiento adicional ``/dev/sdb``. El primer dispositivo raÃz será ``/dev/xvda``. Puedes mantener este paso." +#: ../../installation/cloud/aws.rst:27 +msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." +msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." + #: ../../installation/vyos-on-baremetal.rst:394 msgid "Advanced > Serial Port Console Redirection > Console Redirection Settings:" msgstr "Avanzado > Redirección de consola de puerto serie > Configuración de redirección de consola:" @@ -465,6 +469,10 @@ msgstr "Clientes (donde se instalará VyOS) con una NIC habilitada para PXE" msgid "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." msgstr "CloudWatchAgentServerRole es demasiado permisivo y debe usarse para la creación e implementación de una configuración única. Es por eso que después de completar el paso n.º 3, se recomienda encarecidamente reemplazar la función CloudWatchAgentAdminRole de la instancia con CloudWatchAgentServerRole." +#: ../../installation/cloud/aws.rst:88 +msgid "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +msgstr "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." + #: ../../installation/cloud/aws.rst:82 msgid "CloudWatch SSM Configuration creation" msgstr "Creación de la configuración de CloudWatch SSM" @@ -1303,6 +1311,10 @@ msgstr "Requisitos" msgid "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." msgstr "Recupere una configuración existente del agente de CloudWatch del almacén de parámetros :abbr:`SSM (Administrador de sistemas)`." +#: ../../installation/cloud/aws.rst:69 +msgid "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +msgstr "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." + #: ../../installation/install.rst:74 msgid "Rolling Release" msgstr "Liberación rodante" diff --git a/docs/_locale/es/quick-start.pot b/docs/_locale/es/quick-start.pot index 1b96a369..9d700757 100644 --- a/docs/_locale/es/quick-start.pot +++ b/docs/_locale/es/quick-start.pot @@ -101,6 +101,10 @@ msgid "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAG msgstr "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAGEMENT`` chain when new connections are addressed to port 22 (SSH) on the router itself:" #: ../../quick-start.rst:243 +msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." +msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." + +#: ../../quick-start.rst:243 msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." @@ -292,6 +296,10 @@ msgstr "To make firewall configuration easier, we can create groups of interface msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." +#: ../../quick-start.rst:164 +msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." +msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." + #: ../../quick-start.rst:90 msgid "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" msgstr "VyOS servirá como un recurso de DNS completo, reemplazando la necesidad de utilizar Google, Cloudflare u otros servidores DNS públicos (lo cual es bueno para la privacidad)" diff --git a/docs/_locale/ja/LC_MESSAGES/automation.mo b/docs/_locale/ja/LC_MESSAGES/automation.mo Binary files differindex 65013926..bfc42ddd 100644 --- a/docs/_locale/ja/LC_MESSAGES/automation.mo +++ b/docs/_locale/ja/LC_MESSAGES/automation.mo diff --git a/docs/_locale/ja/LC_MESSAGES/cli.mo b/docs/_locale/ja/LC_MESSAGES/cli.mo Binary files differindex 778da5ed..13bdb5b1 100644 --- a/docs/_locale/ja/LC_MESSAGES/cli.mo +++ b/docs/_locale/ja/LC_MESSAGES/cli.mo diff --git a/docs/_locale/ja/LC_MESSAGES/configexamples.mo b/docs/_locale/ja/LC_MESSAGES/configexamples.mo Binary files differindex 195ef913..e8a681c2 100644 --- a/docs/_locale/ja/LC_MESSAGES/configexamples.mo +++ b/docs/_locale/ja/LC_MESSAGES/configexamples.mo diff --git a/docs/_locale/ja/LC_MESSAGES/configuration.mo b/docs/_locale/ja/LC_MESSAGES/configuration.mo Binary files differindex 34b220ee..c6be3854 100644 --- a/docs/_locale/ja/LC_MESSAGES/configuration.mo +++ b/docs/_locale/ja/LC_MESSAGES/configuration.mo diff --git a/docs/_locale/ja/LC_MESSAGES/contributing.mo b/docs/_locale/ja/LC_MESSAGES/contributing.mo Binary files differindex aa7a51ea..eda663e7 100644 --- a/docs/_locale/ja/LC_MESSAGES/contributing.mo +++ b/docs/_locale/ja/LC_MESSAGES/contributing.mo diff --git a/docs/_locale/ja/LC_MESSAGES/copyright.mo b/docs/_locale/ja/LC_MESSAGES/copyright.mo Binary files differindex fe27b843..f66932e4 100644 --- a/docs/_locale/ja/LC_MESSAGES/copyright.mo +++ b/docs/_locale/ja/LC_MESSAGES/copyright.mo diff --git a/docs/_locale/ja/LC_MESSAGES/documentation.mo b/docs/_locale/ja/LC_MESSAGES/documentation.mo Binary files differindex 9de91eff..0379e81a 100644 --- a/docs/_locale/ja/LC_MESSAGES/documentation.mo +++ b/docs/_locale/ja/LC_MESSAGES/documentation.mo diff --git a/docs/_locale/ja/LC_MESSAGES/installation.mo b/docs/_locale/ja/LC_MESSAGES/installation.mo Binary files differindex ba53282d..e1550d51 100644 --- a/docs/_locale/ja/LC_MESSAGES/installation.mo +++ b/docs/_locale/ja/LC_MESSAGES/installation.mo diff --git a/docs/_locale/ja/LC_MESSAGES/quick-start.mo b/docs/_locale/ja/LC_MESSAGES/quick-start.mo Binary files differindex ce5e4e11..8ef16a91 100644 --- a/docs/_locale/ja/LC_MESSAGES/quick-start.mo +++ b/docs/_locale/ja/LC_MESSAGES/quick-start.mo diff --git a/docs/_locale/ja/automation.pot b/docs/_locale/ja/automation.pot index 027ac9ff..c6ec841f 100644 --- a/docs/_locale/ja/automation.pot +++ b/docs/_locale/ja/automation.pot @@ -8,6 +8,51 @@ msgstr "" "Language: ja\n" "Plural-Forms: nplurals=1; plural=0;\n" +#: ../../automation/terraform/index.rst:15 +msgid "# terraformAZ # terraformvSphere # terraformGoogle" +msgstr "# terraformAZ # terraformvSphere # terraformGoogle" + +#: ../../automation/vyos-terraform.rst:707 +msgid "#az login" +msgstr "#az login" + +#: ../../automation/vyos-terraform.rst:261 +#: ../../automation/vyos-terraform.rst:283 +#: ../../automation/vyos-terraform.rst:711 +#: ../../automation/vyos-terraform.rst:731 +#: ../../automation/vyos-terraform.rst:1008 +#: ../../automation/vyos-terraform.rst:1029 +msgid "#cd /your folder" +msgstr "#cd /your folder" + +#: ../../automation/vyos-terraform.rst:287 +#: ../../automation/vyos-terraform.rst:735 +#: ../../automation/vyos-terraform.rst:1033 +msgid "#terraform apply" +msgstr "#terraform apply" + +#: ../../automation/vyos-terraform.rst:263 +#: ../../automation/vyos-terraform.rst:713 +#: ../../automation/vyos-terraform.rst:1010 +msgid "#terraform init" +msgstr "#terraform init" + +#: ../../automation/vyos-terraform.rst:285 +#: ../../automation/vyos-terraform.rst:733 +#: ../../automation/vyos-terraform.rst:1031 +msgid "#terraform plan" +msgstr "#terraform plan" + +#: ../../automation/vyos-terraform.rst:289 +#: ../../automation/vyos-terraform.rst:737 +#: ../../automation/vyos-terraform.rst:1035 +msgid "#yes" +msgstr "#yes" + +#: ../../automation/cloud-init.rst:363 +msgid "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." +msgstr "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." + #: ../../automation/cloud-init.rst:363 msgid "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." msgstr "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." @@ -32,11 +77,11 @@ msgstr "**user-data**: includes vyos-commands." msgid "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" msgstr "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" -#: ../../automation/vyos-api.rst:322 +#: ../../automation/vyos-api.rst:323 msgid "/config-file" msgstr "/config-file" -#: ../../automation/vyos-api.rst:265 +#: ../../automation/vyos-api.rst:266 msgid "/configure" msgstr "/configure" @@ -68,10 +113,239 @@ msgstr "/retrieve" msgid "/show" msgstr "/show" +#: ../../automation/vyos-terraform.rst:993 +msgid "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" +msgstr "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:61 +msgid "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/vyos-terraform.rst:692 +msgid "1.1 Create an account with Azure" +msgstr "1.1 Create an account with Azure" + +#: ../../automation/vyos-terraform.rst:243 +msgid "1.2 Create a key pair and download your .pem key" +msgstr "1.2 Create a key pair and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:63 +msgid "1.2 Create a key pair_ and download your .pem key" +msgstr "1.2 Create a key pair_ and download your .pem key" + +#: ../../automation/vyos-terraform.rst:245 +msgid "1.3 Create a security group for the new VyOS instance" +msgstr "1.3 Create a security group for the new VyOS instance" + +#: ../../automation/terraform/terraformAWS.rst:70 +msgid "1.3 Create a security group_ for the new VyOS instance and open all traffic" +msgstr "1.3 Create a security group_ for the new VyOS instance and open all traffic" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + +#: ../../automation/terraform/terraformAWS.rst:266 +msgid "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." +msgstr "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." + +#: ../../automation/terraform/terraformvSphere.rst:23 +msgid "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" +msgstr "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:77 +#: ../../automation/terraform/terraformAZ.rst:54 +#: ../../automation/terraform/terraformvSphere.rst:53 +msgid "1 Create an UNIX instance whenever you want (local, cloud, and so on)" +msgstr "1 Create an UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:54 +#: ../../automation/terraform/terraformAZ.rst:26 +#: ../../automation/terraform/terraformvSphere.rst:29 +msgid "1 Create an UNIX or Windows instance" +msgstr "1 Create an UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:29 +msgid "1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/terraform/terraformAZ.rst:21 +msgid "1 Create an account with Azure" +msgstr "1 Create an account with Azure" + +#: ../../automation/terraform/terraformAWS.rst:86 +msgid "2.1 Create a0 UNIX or Windows instance" +msgstr "2.1 Create a0 UNIX or Windows instance" + +#: ../../automation/vyos-terraform.rst:250 +#: ../../automation/vyos-terraform.rst:697 +#: ../../automation/vyos-terraform.rst:998 +msgid "2.1 Create a UNIX or Windows instance" +msgstr "2.1 Create a UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:88 +msgid "2.2 Download and install Terraform" +msgstr "2.2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:90 +msgid "2.3 Create the folder for example /root/awsterraform" +msgstr "2.3 Create the folder for example /root/awsterraform" + +#: ../../automation/vyos-terraform.rst:254 +msgid "2.3 Create the folder for example ../awsvyos/" +msgstr "2.3 Create the folder for example ../awsvyos/" + +#: ../../automation/vyos-terraform.rst:701 +msgid "2.3 Create the folder for example ../azvyos/" +msgstr "2.3 Create the folder for example ../azvyos/" + +#: ../../automation/vyos-terraform.rst:1002 +msgid "2.3 Create the folder for example ../vsphere/" +msgstr "2.3 Create the folder for example ../vsphere/" + +#: ../../automation/vyos-terraform.rst:1004 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project" + +#: ../../automation/vyos-terraform.rst:703 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" + +#: ../../automation/terraform/terraformAWS.rst:96 +msgid "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" +msgstr "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" + +#: ../../automation/vyos-terraform.rst:256 +msgid "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" +msgstr "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" + +#: ../../automation/vyos-terraform.rst:705 +msgid "2.5 Login with Azure using the command" +msgstr "2.5 Login with Azure using the command" + +#: ../../automation/terraform/terraformAWS.rst:98 +msgid "2.5 Type the commands :" +msgstr "2.5 Type the commands :" + +#: ../../automation/terraform/terraformAZ.rst:44 +msgid "2.6 Type the commands :" +msgstr "2.6 Type the commands :" + +#: ../../automation/terraform/terraformAWS.rst:31 +msgid "2 Create a key pair_ and download your .pem key" +msgstr "2 Create a key pair_ and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:79 +#: ../../automation/terraform/terraformAZ.rst:56 +#: ../../automation/terraform/terraformvSphere.rst:55 +msgid "2 Download and install Ansible" +msgstr "2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:56 +#: ../../automation/terraform/terraformAZ.rst:28 +#: ../../automation/terraform/terraformvSphere.rst:31 +msgid "2 Download and install Terraform" +msgstr "2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:270 +msgid "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" +msgstr "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" + +#: ../../automation/vyos-terraform.rst:268 +#: ../../automation/vyos-terraform.rst:718 +#: ../../automation/vyos-terraform.rst:1016 +msgid "3.1 Create a UNIX instance" +msgstr "3.1 Create a UNIX instance" + +#: ../../automation/terraform/terraformAWS.rst:109 +msgid "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" +msgstr "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:111 +msgid "3.2 Download and install Ansible" +msgstr "3.2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:113 +msgid "3.3 Create the folder for example /root/aws/" +msgstr "3.3 Create the folder for example /root/aws/" + +#: ../../automation/vyos-terraform.rst:722 +msgid "3.3 Create the folder for example /root/az/" +msgstr "3.3 Create the folder for example /root/az/" + +#: ../../automation/vyos-terraform.rst:1020 +msgid "3.3 Create the folder for example /root/vsphere/" +msgstr "3.3 Create the folder for example /root/vsphere/" + +#: ../../automation/vyos-terraform.rst:274 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" + +#: ../../automation/vyos-terraform.rst:724 +#: ../../automation/vyos-terraform.rst:1022 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" + +#: ../../automation/terraform/terraformAWS.rst:115 +msgid "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAWS.rst:81 +msgid "3 Create the folder for example /root/aws/" +msgstr "3 Create the folder for example /root/aws/" + +#: ../../automation/terraform/terraformAWS.rst:58 +msgid "3 Create the folder for example /root/awsterraform" +msgstr "3 Create the folder for example /root/awsterraform" + +#: ../../automation/terraform/terraformAZ.rst:58 +msgid "3 Create the folder for example /root/az/" +msgstr "3 Create the folder for example /root/az/" + +#: ../../automation/terraform/terraformAZ.rst:30 +msgid "3 Create the folder for example /root/azvyos/" +msgstr "3 Create the folder for example /root/azvyos/" + +#: ../../automation/terraform/terraformvSphere.rst:33 +msgid "3 Create the folder for example /root/vsphereterraform" +msgstr "3 Create the folder for example /root/vsphereterraform" + +#: ../../automation/terraform/terraformvSphere.rst:57 +msgid "3 Create the folder for example /root/vsphereterraform/" +msgstr "3 Create the folder for example /root/vsphereterraform/" + +#: ../../automation/terraform/terraformAWS.rst:123 +msgid "4.1 Type the commands on your Terrafom instance:" +msgstr "4.1 Type the commands on your Terrafom instance:" + +#: ../../automation/terraform/terraformAWS.rst:83 +msgid "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAZ.rst:60 +msgid "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" +msgstr "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" + +#: ../../automation/terraform/terraformvSphere.rst:59 +msgid "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" +msgstr "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" + #: ../../automation/vyos-api.rst:41 msgid "API Endpoints" msgstr "API Endpoints" +#: ../../automation/terraform/terraformAWS.rst:26 +msgid "AWS" +msgstr "AWS" + +#: ../../automation/vyos-terraform.rst:233 +msgid "AWS_terraform_ansible_single_vyos_instance" +msgstr "AWS_terraform_ansible_single_vyos_instance" + +#: ../../automation/cloud-init.rst:270 +msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." +msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." + #: ../../automation/cloud-init.rst:270 msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." @@ -92,18 +366,43 @@ msgstr "A single-quote symbol is not allowed inside command or value." msgid "Accept minion key" msgstr "Accept minion key" +#: ../../automation/terraform/terraformAWS.rst:255 +msgid "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformAZ.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformvSphere.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + #: ../../automation/vyos-api.rst:15 msgid "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." msgstr "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." +#: ../../automation/terraform/terraformAWS.rst:539 +#: ../../automation/terraform/terraformAZ.rst:484 +#: ../../automation/terraform/terraformvSphere.rst:397 +msgid "All files about the article can be found here_" +msgstr "All files about the article can be found here_" + #: ../../automation/cloud-init.rst:115 msgid "All of these can be overridden using the configuration in user-data." msgstr "All of these can be overridden using the configuration in user-data." +#: ../../automation/terraform/terraformAWS.rst:267 +msgid "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + #: ../../automation/cloud-init.rst:256 msgid "Also, this lab considers:" msgstr "Also, this lab considers:" +#: ../../automation/terraform/terraformAWS.rst:74 +#: ../../automation/terraform/terraformAZ.rst:51 +#: ../../automation/terraform/terraformvSphere.rst:50 #: ../../automation/vyos-ansible.rst:6 msgid "Ansible" msgstr "Ansible" @@ -121,6 +420,15 @@ msgstr "At this step we can get some op-mode information from VyOS nodes:" msgid "Authentication" msgstr "Authentication" +#: ../../automation/terraform/terraformAZ.rst:19 +msgid "Azure" +msgstr "Azure" + +#: ../../automation/vyos-terraform.rst:684 +#: ../../automation/vyos-terraform.rst:985 +msgid "Azure_terraform_ansible_single_vyos_instance" +msgstr "Azure_terraform_ansible_single_vyos_instance" + #: ../../automation/cloud-init.rst:241 msgid "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." msgstr "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." @@ -186,34 +494,38 @@ msgstr "Configuration" msgid "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" msgstr "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" -#: ../../automation/vyos-pyvyos.rst:94 +#: ../../automation/vyos-pyvyos.rst:102 msgid "Configure, then Delete Object" msgstr "Configure, then Delete Object" -#: ../../automation/vyos-pyvyos.rst:141 +#: ../../automation/vyos-pyvyos.rst:149 msgid "Configure, then Load File" msgstr "Configure, then Load File" -#: ../../automation/vyos-pyvyos.rst:101 +#: ../../automation/vyos-pyvyos.rst:109 msgid "Configure, then Save" msgstr "Configure, then Save" -#: ../../automation/vyos-pyvyos.rst:108 +#: ../../automation/vyos-pyvyos.rst:116 msgid "Configure, then Save File" msgstr "Configure, then Save File" -#: ../../automation/vyos-pyvyos.rst:68 +#: ../../automation/vyos-pyvyos.rst:76 msgid "Configure, then Set" msgstr "Configure, then Set" -#: ../../automation/vyos-pyvyos.rst:85 +#: ../../automation/vyos-pyvyos.rst:93 msgid "Configure, then Show Object" msgstr "Configure, then Show Object" -#: ../../automation/vyos-pyvyos.rst:77 +#: ../../automation/vyos-pyvyos.rst:85 msgid "Configure, then Show a Single Object Value" msgstr "Configure, then Show a Single Object Value" +#: ../../automation/terraform/index.rst:5 +msgid "Content" +msgstr "Content" + #: ../../automation/vyos-napalm.rst:89 msgid "Content of commands.conf" msgstr "Content of commands.conf" @@ -242,6 +554,30 @@ msgstr "Custom scripts are not executed with root privileges (Use sudo inside if msgid "DHCP on first Ethernet interface if no network configuration is provided." msgstr "DHCP on first Ethernet interface if no network configuration is provided." +#: ../../automation/terraform/terraformAWS.rst:6 +msgid "Deploying VyOS in the AWS cloud" +msgstr "Deploying VyOS in the AWS cloud" + +#: ../../automation/terraform/terraformAZ.rst:6 +msgid "Deploying VyOS in the Azure cloud" +msgstr "Deploying VyOS in the Azure cloud" + +#: ../../automation/terraform/terraformvSphere.rst:6 +msgid "Deploying VyOS in the vSphere infrastructure" +msgstr "Deploying VyOS in the vSphere infrastructure" + +#: ../../automation/terraform/terraformAWS.rst:39 +msgid "Deploying vyos in the AWS cloud" +msgstr "Deploying vyos in the AWS cloud" + +#: ../../automation/vyos-terraform.rst:299 +msgid "Deploying vyos in the Azure cloud" +msgstr "Deploying vyos in the Azure cloud" + +#: ../../automation/vyos-terraform.rst:742 +msgid "Deploying vyos in the Vsphere infrastructia" +msgstr "Deploying vyos in the Vsphere infrastructia" + #: ../../automation/vyos-netmiko.rst:12 msgid "Example" msgstr "Example" @@ -274,11 +610,39 @@ msgstr "Executing pre-hooks/post-hooks Scripts" msgid "File contents" msgstr "File contents" +#: ../../automation/terraform/terraformAWS.rst:476 +msgid "File contents of Ansible for AWS" +msgstr "File contents of Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:426 +msgid "File contents of Ansible for Azure" +msgstr "File contents of Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:338 +msgid "File contents of Ansible for vSphere" +msgstr "File contents of Ansible for vSphere" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "File contents of Terrafom for AWS" +msgstr "File contents of Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:93 +msgid "File contents of Terrafom for Azure" +msgstr "File contents of Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:96 +msgid "File contents of Terrafom for vSphere" +msgstr "File contents of Terrafom for vSphere" + #: ../../automation/cloud-init.rst:284 msgid "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" msgstr "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" #: ../../automation/cloud-init.rst:347 +msgid "Finally, file **meta-data** has no content, but it's required." +msgstr "Finally, file **meta-data** has no content, but it's required." + +#: ../../automation/cloud-init.rst:347 msgid "Finaly, file **meta-data** has no content, but it's required." msgstr "Finaly, file **meta-data** has no content, but it's required." @@ -306,7 +670,11 @@ msgstr "For more information on the NoCloud data source, visit its `page <https: msgid "From cli or GUI, power on VM, and after it boots, verify configuration" msgstr "From cli or GUI, power on VM, and after it boots, verify configuration" -#: ../../automation/vyos-pyvyos.rst:123 +#: ../../automation/terraform/terraformvyos.rst:26 +msgid "General commands that we will use for running Terraform scripts" +msgstr "General commands that we will use for running Terraform scripts" + +#: ../../automation/vyos-pyvyos.rst:131 msgid "Generate Object" msgstr "Generate Object" @@ -314,7 +682,7 @@ msgstr "Generate Object" msgid "Generate qcow image" msgstr "Generate qcow image" -#: ../../automation/vyos-pyvyos.rst:24 +#: ../../automation/vyos-pyvyos.rst:32 msgid "Getting Started" msgstr "Getting Started" @@ -326,6 +694,22 @@ msgstr "Here is a simple example:" msgid "Here is an example cloud-config that appends configuration at the time of first boot." msgstr "Here is an example cloud-config that appends configuration at the time of first boot." +#: ../../automation/terraform/terraformAWS.rst:23 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" + +#: ../../automation/terraform/terraformAZ.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" + +#: ../../automation/vyos-terraform.rst:987 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" + +#: ../../automation/terraform/terraformvSphere.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" + #: ../../automation/cloud-init.rst:377 msgid "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." msgstr "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." @@ -350,7 +734,7 @@ msgstr "If you need to gather information from linux commands to configure VyOS, msgid "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." msgstr "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." -#: ../../automation/vyos-pyvyos.rst:27 +#: ../../automation/vyos-pyvyos.rst:35 msgid "Importing and Disabling Warnings for verify=False" msgstr "Importing and Disabling Warnings for verify=False" @@ -362,6 +746,18 @@ msgstr "In Proxmox server three files are going to be used for this setup:" msgid "In VyOS, by default, enables only two modules:" msgstr "In VyOS, by default, enables only two modules:" +#: ../../automation/terraform/terraformAWS.rst:17 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." + #: ../../automation/cloud-init.rst:307 msgid "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" msgstr "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" @@ -374,7 +770,7 @@ msgstr "In this lab, we are using 1.3.0 VyOS version and setting a disk of 10G. msgid "Initial Configuration" msgstr "Initial Configuration" -#: ../../automation/vyos-pyvyos.rst:47 +#: ../../automation/vyos-pyvyos.rst:55 msgid "Initializing a VyDevice Object" msgstr "Initializing a VyDevice Object" @@ -386,7 +782,7 @@ msgstr "Injecting configuration data is not limited to cloud platforms. Users ca msgid "Install ``napalm-vyos`` module" msgstr "Install ``napalm-vyos`` module" -#: ../../automation/vyos-pyvyos.rst:15 +#: ../../automation/vyos-pyvyos.rst:23 msgid "Installation" msgstr "Installation" @@ -398,6 +794,10 @@ msgstr "It is possible to configure VyOS via netmiko_ proxy module. It requires msgid "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." msgstr "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." +#: ../../automation/terraform/terraformAWS.rst:282 +msgid "Make sure that Ansible is pinging from Terrafom." +msgstr "Make sure that Ansible is pinging from Terrafom." + #: ../../automation/cloud-init.rst:20 msgid "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." msgstr "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." @@ -410,6 +810,10 @@ msgstr "Most important keys that needs to be considered:" msgid "Napalm" msgstr "Napalm" +#: ../../automation/terraform/terraformvyos.rst:13 +msgid "Need to install_ Terraform" +msgstr "Need to install_ Terraform" + #: ../../automation/vyos-netmiko.rst:6 msgid "Netmiko" msgstr "Netmiko" @@ -418,6 +822,10 @@ msgstr "Netmiko" msgid "Netmiko-proxy" msgstr "Netmiko-proxy" +#: ../../automation/terraform/terraformAWS.rst:-1 +msgid "Network Topology Diagram" +msgstr "Network Topology Diagram" + #: ../../automation/cloud-init.rst:24 msgid "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." msgstr "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." @@ -431,6 +839,7 @@ msgid "NoCloud" msgstr "NoCloud" #: ../../automation/index.rst:6 +#: ../../automation/terraform/index.rst:6 msgid "Nornir" msgstr "Nornir" @@ -495,6 +904,18 @@ msgstr "Power on VM and verifications" msgid "Preconfig on boot" msgstr "Preconfig on boot" +#: ../../automation/terraform/terraformAWS.rst:21 +msgid "Preparation steps for deploying VyOS on AWS" +msgstr "Preparation steps for deploying VyOS on AWS" + +#: ../../automation/terraform/terraformAZ.rst:14 +msgid "Preparation steps for deploying VyOS on Azure" +msgstr "Preparation steps for deploying VyOS on Azure" + +#: ../../automation/terraform/terraformvSphere.rst:14 +msgid "Preparation steps for deploying VyOS on vSphere" +msgstr "Preparation steps for deploying VyOS on vSphere" + #: ../../automation/cloud-init.rst:296 msgid "Prepare cloud-init files" msgstr "Prepare cloud-init files" @@ -523,10 +944,14 @@ msgstr "References" msgid "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." msgstr "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." -#: ../../automation/vyos-pyvyos.rst:132 +#: ../../automation/vyos-pyvyos.rst:140 msgid "Reset Object" msgstr "Reset Object" +#: ../../automation/vyos-terraform.rst:22 +msgid "Run Terraform" +msgstr "Run Terraform" + #: ../../automation/vyos-ansible.rst:80 msgid "Run ansible" msgstr "Run ansible" @@ -555,11 +980,11 @@ msgstr "Salt" msgid "Salt master configuration:" msgstr "Salt master configuration:" -#: ../../automation/vyos-api.rst:344 +#: ../../automation/vyos-api.rst:345 msgid "Save a running configuration to a file." msgstr "Save a running configuration to a file." -#: ../../automation/vyos-api.rst:326 +#: ../../automation/vyos-api.rst:327 msgid "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." msgstr "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." @@ -571,7 +996,7 @@ msgstr "Script vyos-napalm.py" msgid "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." msgstr "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." -#: ../../automation/vyos-pyvyos.rst:115 +#: ../../automation/vyos-pyvyos.rst:123 msgid "Show Object" msgstr "Show Object" @@ -579,6 +1004,32 @@ msgstr "Show Object" msgid "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." msgstr "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." +#: ../../automation/command-scripting.rst:52 +msgid "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." +msgstr "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." + +#: ../../automation/terraform/terraformAWS.rst:537 +msgid "Sourse files for AWS from GIT" +msgstr "Sourse files for AWS from GIT" + +#: ../../automation/terraform/terraformAZ.rst:482 +msgid "Sourse files for Azure from GIT" +msgstr "Sourse files for Azure from GIT" + +#: ../../automation/terraform/terraformvSphere.rst:395 +msgid "Sourse files for vSphere from GIT" +msgstr "Sourse files for vSphere from GIT" + +#: ../../automation/terraform/terraformAWS.rst:88 +#: ../../automation/terraform/terraformAZ.rst:63 +#: ../../automation/terraform/terraformvSphere.rst:62 +msgid "Start" +msgstr "Start" + +#: ../../automation/terraform/terraformAWS.rst:102 +msgid "Start creating an AWS instance and check the result" +msgstr "Start creating an AWS instance and check the result" + #: ../../automation/cloud-init.rst:260 msgid "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." msgstr "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." @@ -591,11 +1042,64 @@ msgstr "Structure of /srv/salt:" msgid "Structure of files" msgstr "Structure of files" +#: ../../automation/vyos-terraform.rst:166 +#: ../../automation/vyos-terraform.rst:624 +msgid "Structure of files Ansible" +msgstr "Structure of files Ansible" + +#: ../../automation/terraform/terraformAWS.rst:463 +msgid "Structure of files Ansible for AWS" +msgstr "Structure of files Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:414 +msgid "Structure of files Ansible for Azure" +msgstr "Structure of files Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:326 +msgid "Structure of files Ansible for vSphere" +msgstr "Structure of files Ansible for vSphere" + +#: ../../automation/vyos-terraform.rst:38 +#: ../../automation/vyos-terraform.rst:302 +#: ../../automation/vyos-terraform.rst:745 +msgid "Structure of files Terrafom" +msgstr "Structure of files Terrafom" + +#: ../../automation/terraform/terraformAWS.rst:285 +msgid "Structure of files Terrafom for AWS" +msgstr "Structure of files Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:83 +msgid "Structure of files Terrafom for Azure" +msgstr "Structure of files Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:84 +msgid "Structure of files Terrafom for vSphere" +msgstr "Structure of files Terrafom for vSphere" + +#: ../../automation/terraform/terraformvyos.rst:15 +msgid "Structure of files in the standard Terraform project:" +msgstr "Structure of files in the standard Terraform project:" + #: ../../automation/cloud-init.rst:107 msgid "System Defaults/Fallbacks" msgstr "System Defaults/Fallbacks" -#: ../../automation/vyos-api.rst:301 +#: ../../automation/terraform/terraformAWS.rst:51 +#: ../../automation/terraform/terraformAZ.rst:23 +#: ../../automation/terraform/terraformvSphere.rst:26 +msgid "Terraform" +msgstr "Terraform" + +#: ../../automation/terraform/terraformAWS.rst:302 +msgid "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" +msgstr "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" + +#: ../../automation/terraform/terraformvyos.rst:6 +msgid "Terraform for VyOS" +msgstr "Terraform for VyOS" + +#: ../../automation/vyos-api.rst:302 msgid "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." msgstr "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." @@ -640,7 +1144,7 @@ msgstr "The default file looks like this:" msgid "The easiest way to configure the system via user-data is the Cloud-config syntax described below." msgstr "The easiest way to configure the system via user-data is the Cloud-config syntax described below." -#: ../../automation/vyos-api.rst:324 +#: ../../automation/vyos-api.rst:325 msgid "The endpoint ``/config-file`` is to save or load a configuration." msgstr "The endpoint ``/config-file`` is to save or load a configuration." @@ -676,7 +1180,7 @@ msgstr "This section needs improvements, examples and explanations." msgid "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." msgstr "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." -#: ../../automation/vyos-api.rst:360 +#: ../../automation/vyos-api.rst:361 msgid "To Load a configuration file." msgstr "To Load a configuration file." @@ -713,9 +1217,16 @@ msgid "To power off the system use the ``poweroff`` endpoint." msgstr "To power off the system use the ``poweroff`` endpoint." #: ../../automation/cloud-init.rst:223 +#: ../../automation/terraform/terraformAWS.rst:264 msgid "Troubleshooting" msgstr "Troubleshooting" +#: ../../automation/terraform/terraformAWS.rst:91 +#: ../../automation/terraform/terraformAZ.rst:66 +#: ../../automation/terraform/terraformvSphere.rst:65 +msgid "Type the commands on your Terrafom instance:" +msgstr "Type the commands on your Terrafom instance:" + #: ../../automation/command-scripting.rst:39 msgid "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." msgstr "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." @@ -728,7 +1239,7 @@ msgstr "User-data" msgid "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." msgstr "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." -#: ../../automation/vyos-pyvyos.rst:35 +#: ../../automation/vyos-pyvyos.rst:43 msgid "Using API Response Class" msgstr "Using API Response Class" @@ -736,6 +1247,10 @@ msgstr "Using API Response Class" msgid "Using PyVyOS" msgstr "Using PyVyOS" +#: ../../automation/vyos-pyvyos.rst:73 +msgid "Using pyvyos" +msgstr "Using pyvyos" + #: ../../automation/cloud-init.rst:373 msgid "VM ID: in this example, VM ID used is 555." msgstr "VM ID: in this example, VM ID used is 555." @@ -748,6 +1263,10 @@ msgstr "VM Resources: these parameters can be modified as needed." msgid "VM Storage: ``local`` volume is used." msgstr "VM Storage: ``local`` volume is used." +#: ../../automation/vyos-terraform.rst:991 +msgid "Vsphere" +msgstr "Vsphere" + #: ../../automation/vyos-api.rst:7 msgid "VyOS API" msgstr "VyOS API" @@ -756,6 +1275,10 @@ msgstr "VyOS API" msgid "VyOS Automation" msgstr "VyOS Automation" +#: ../../automation/terraform/index.rst:3 +msgid "VyOS Terraform" +msgstr "VyOS Terraform" + #: ../../automation/cloud-init.rst:418 msgid "VyOS `cloud-init-docs`_." msgstr "VyOS `cloud-init-docs`_." @@ -784,6 +1307,18 @@ msgstr "VyOS supports configuration via ansible. Need to install ``ansible`` and msgid "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." msgstr "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." +#: ../../automation/vyos-terraform.rst:8 +msgid "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" +msgstr "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" + +#: ../../automation/terraform/terraformvyos.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." + +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." + #: ../../automation/command-scripting.rst:8 msgid "VyOS supports executing configuration and operational commands non-interactively from shell scripts." msgstr "VyOS supports executing configuration and operational commands non-interactively from shell scripts." @@ -816,6 +1351,30 @@ msgstr "Will return:" msgid "With the ``retrieve`` endpoint you get parts or the whole configuration." msgstr "With the ``retrieve`` endpoint you get parts or the whole configuration." +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAWS.rst:40 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/vyos-terraform.rst:300 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." + +#: ../../automation/vyos-terraform.rst:743 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." + #: ../../automation/vyos-salt.rst:12 msgid "Without proxy it requires VyOS minion configuration and support op-mode data:" msgstr "Without proxy it requires VyOS minion configuration and support op-mode data:" @@ -828,11 +1387,15 @@ msgstr "Without proxy it requires VyOS minion configuration and supports op-mode msgid "You can install PyVyOS using pip:" msgstr "You can install PyVyOS using pip:" -#: ../../automation/vyos-api.rst:267 +#: ../../automation/vyos-pyvyos.rst:25 +msgid "You can install pyvyos using pip:" +msgstr "You can install pyvyos using pip:" + +#: ../../automation/vyos-api.rst:268 msgid "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." msgstr "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." -#: ../../automation/vyos-api.rst:286 +#: ../../automation/vyos-api.rst:287 msgid "``delete`` a single command" msgstr "``delete`` a single command" @@ -840,7 +1403,7 @@ msgstr "``delete`` a single command" msgid "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" msgstr "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" -#: ../../automation/vyos-api.rst:270 +#: ../../automation/vyos-api.rst:271 msgid "``set`` a single command" msgstr "``set`` a single command" @@ -856,10 +1419,29 @@ msgstr "``vyos``/``vyos`` credentials if no others specified by data source." msgid "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." msgstr "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." +#: ../../automation/vyos-pyvyos.rst:12 +msgid "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." +msgstr "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." + +#: ../../automation/vyos-pyvyos.rst:15 +msgid "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." +msgstr "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." + +#: ../../automation/vyos-pyvyos.rst:17 +msgid "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." +msgstr "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." + #: ../../automation/vyos-api.rst:188 msgid "add an image" msgstr "add an image" +#: ../../automation/terraform/terraformAWS.rst:560 +msgid "all" +msgstr "all" + +#: ../../automation/terraform/terraformAWS.rst:478 +#: ../../automation/terraform/terraformAZ.rst:428 +#: ../../automation/terraform/terraformvSphere.rst:340 #: ../../automation/vyos-ansible.rst:26 msgid "ansible.cfg" msgstr "ansible.cfg" @@ -880,6 +1462,12 @@ msgstr "commands.txt" msgid "delete an image, for example ``1.3-rolling-202006070117``" msgstr "delete an image, for example ``1.3-rolling-202006070117``" +#: ../../automation/terraform/terraformAWS.rst:528 +#: ../../automation/terraform/terraformAZ.rst:470 +#: ../../automation/terraform/terraformvSphere.rst:381 +msgid "group_vars/all" +msgstr "group_vars/all" + #: ../../automation/vyos-ansible.rst:42 msgid "hosts" msgstr "hosts" @@ -892,18 +1480,78 @@ msgstr "id_rsa_docker.pub. Needs to declare only public key exactly." msgid "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." msgstr "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." +#: ../../automation/terraform/terraformAWS.rst:495 +#: ../../automation/terraform/terraformAZ.rst:438 +#: ../../automation/terraform/terraformvSphere.rst:350 +msgid "instance.yml" +msgstr "instance.yml" + +#: ../../automation/vyos-terraform.rst:313 +#: ../../automation/vyos-terraform.rst:758 +msgid "main.tf" +msgstr "main.tf" + #: ../../automation/vyos-ansible.rst:56 msgid "main.yml" msgstr "main.yml" +#: ../../automation/terraform/terraformAWS.rst:488 +msgid "mykey.pem" +msgstr "mykey.pem" + +#: ../../automation/terraform/terraformAWS.rst:85 +msgid "mykey.pem you have to get using step 1.2" +msgstr "mykey.pem you have to get using step 1.2" + +#: ../../automation/vyos-pyvyos.rst:6 +msgid "pyvyos" +msgstr "pyvyos" + +#: ../../automation/vyos-pyvyos.rst:8 +msgid "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." +msgstr "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." + #: ../../automation/vyos-salt.rst:141 msgid "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" msgstr "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" #: ../../automation/index.rst:7 +#: ../../automation/terraform/index.rst:7 msgid "startup scripts" msgstr "startup scripts" +#: ../../automation/terraform/terraformAWS.rst:452 +#: ../../automation/terraform/terraformAZ.rst:405 +#: ../../automation/terraform/terraformvSphere.rst:307 +msgid "terraform.tfvars" +msgstr "terraform.tfvars" + #: ../../automation/vyos-salt.rst:131 msgid "top.sls" msgstr "top.sls" + +#: ../../automation/terraform/terraformvSphere.rst:20 +msgid "vSphere" +msgstr "vSphere" + +#: ../../automation/terraform/terraformAWS.rst:415 +#: ../../automation/terraform/terraformAZ.rst:298 +#: ../../automation/terraform/terraformvSphere.rst:239 +msgid "var.tf" +msgstr "var.tf" + +#: ../../automation/vyos-terraform.rst:516 +#: ../../automation/vyos-terraform.rst:899 +msgid "variables.tf" +msgstr "variables.tf" + +#: ../../automation/terraform/terraformAWS.rst:439 +#: ../../automation/terraform/terraformvSphere.rst:223 +msgid "versions.tf" +msgstr "versions.tf" + +#: ../../automation/terraform/terraformAWS.rst:300 +#: ../../automation/terraform/terraformAZ.rst:95 +#: ../../automation/terraform/terraformvSphere.rst:98 +msgid "vyos.tf" +msgstr "vyos.tf" diff --git a/docs/_locale/ja/cli.pot b/docs/_locale/ja/cli.pot index 09dede28..5c4bfdac 100644 --- a/docs/_locale/ja/cli.pot +++ b/docs/_locale/ja/cli.pot @@ -228,6 +228,10 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." +#: ../../cli.rst:653 +msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." +msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." + #: ../../cli.rst:784 msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." @@ -321,6 +325,10 @@ msgid "View the current active configuration in readable JSON format." msgstr "View the current active configuration in readable JSON format." #: ../../cli.rst:852 +msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." +msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." + +#: ../../cli.rst:852 msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." @@ -340,6 +348,10 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +#: ../../cli.rst:558 +msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." + #: ../../cli.rst:340 msgid "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." msgstr "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." diff --git a/docs/_locale/ja/configexamples.pot b/docs/_locale/ja/configexamples.pot index f577a4de..5d62c8dc 100644 --- a/docs/_locale/ja/configexamples.pot +++ b/docs/_locale/ja/configexamples.pot @@ -272,7 +272,7 @@ msgstr "A brief excursion into VRFs: This has been one of the longest-standing f msgid "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." msgstr "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." -#: ../../configexamples/index.rst:37 +#: ../../configexamples/index.rst:38 msgid "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." msgstr "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." @@ -656,6 +656,10 @@ msgstr "Cisco VPC Crossconnect - Ports 39 and 40 bonded between each switch" msgid "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." msgstr "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." +#: ../../configexamples/lac-lns.rst:96 +msgid "Client" +msgstr "Client" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:94 msgid "Client configuration" msgstr "Client configuration" @@ -704,7 +708,7 @@ msgstr "Configuration 'dcsp' and shaper using QoS" msgid "Configuration Blueprints" msgstr "Configuration Blueprints" -#: ../../configexamples/index.rst:30 +#: ../../configexamples/index.rst:31 msgid "Configuration Blueprints (autotest)" msgstr "Configuration Blueprints (autotest)" @@ -717,6 +721,7 @@ msgid "Configuration of basic firewall in one site, in order to:" msgstr "Configuration of basic firewall in one site, in order to:" #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:113 +#: ../../configexamples/lac-lns.rst:29 #: ../../configexamples/pppoe-ipv6-basic.rst:26 msgid "Configurations" msgstr "Configurations" @@ -885,7 +890,7 @@ msgstr "Dynamic routing used between CE and PE nodes and eBGP peering establishe msgid "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." msgstr "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." -#: ../../configexamples/index.rst:34 +#: ../../configexamples/index.rst:35 msgid "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." msgstr "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." @@ -1252,6 +1257,14 @@ msgstr "In this example two LAN interfaces exist in different subnets instead of msgid "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." msgstr "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." +#: ../../configexamples/lac-lns.rst:17 +msgid "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." +msgstr "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." + +#: ../../configexamples/lac-lns.rst:98 +msgid "In this lab we use Windows PPPoE client." +msgstr "In this lab we use Windows PPPoE client." + #: ../../configexamples/zone-policy.rst:50 msgid "Inbound WAN connect to DMZ host." msgstr "Inbound WAN connect to DMZ host." @@ -1345,6 +1358,10 @@ msgstr "L3VPN configuration parameters table:" msgid "L3VPN for Hub-and-Spoke connectivity with VyOS" msgstr "L3VPN for Hub-and-Spoke connectivity with VyOS" +#: ../../configexamples/lac-lns.rst:32 +msgid "LAC" +msgstr "LAC" + #: ../../configexamples/zone-policy.rst:392 msgid "LAN, WAN, DMZ, local and TUN (tunnel)" msgstr "LAN, WAN, DMZ, local and TUN (tunnel)" @@ -1389,6 +1406,10 @@ msgstr "LAN and DMZ hosts have basic outbound access: Web, FTP, SSH." msgid "LAN can access DMZ resources." msgstr "LAN can access DMZ resources." +#: ../../configexamples/lac-lns.rst:72 +msgid "LNS" +msgstr "LNS" + #: ../../configexamples/l3vpn-hub-and-spoke.rst:551 msgid "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" msgstr "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" @@ -1433,9 +1454,22 @@ msgid "Masquerade Traffic originating from 10.200.201.0/24 that is heading out t msgstr "Masquerade Traffic originating from 10.200.201.0/24 that is heading out the public interface." #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:254 +#: ../../configexamples/lac-lns.rst:106 msgid "Monitoring" msgstr "Monitoring" +#: ../../configexamples/lac-lns.rst:117 +msgid "Monitoring on LAC side" +msgstr "Monitoring on LAC side" + +#: ../../configexamples/lac-lns.rst:108 +msgid "Monitoring on LNS side" +msgstr "Monitoring on LNS side" + +#: ../../configexamples/lac-lns.rst:140 +msgid "Monitoring on RADIUS Server side" +msgstr "Monitoring on RADIUS Server side" + #: ../../configexamples/autotest/tunnelbroker/tunnelbroker.rst:162 msgid "Multiple LAN/DMZ Setup" msgstr "Multiple LAN/DMZ Setup" @@ -1456,6 +1490,7 @@ msgstr "Native IPv4 and IPv6" msgid "Network Cabling" msgstr "Network Cabling" +#: ../../configexamples/lac-lns.rst:21 #: ../../configexamples/pppoe-ipv6-basic.rst:18 msgid "Network Topology" msgstr "Network Topology" @@ -1463,6 +1498,7 @@ msgstr "Network Topology" #: ../../configexamples/ansible.rst:-1 #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:-1 #: ../../configexamples/l3vpn-hub-and-spoke.rst:-1 +#: ../../configexamples/lac-lns.rst:-1 #: ../../configexamples/nmp.rst:-1 #: ../../configexamples/pppoe-ipv6-basic.rst:-1 #: ../../configexamples/qos.rst:-1 @@ -1655,6 +1691,10 @@ msgstr "PPPoE IPv6 Basic Setup for Home Network" msgid "PPPoE Setup" msgstr "PPPoE Setup" +#: ../../configexamples/lac-lns.rst:7 +msgid "PPPoE over L2TP" +msgstr "PPPoE over L2TP" + #: ../../configexamples/segment-routing-isis.rst:255 msgid "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" msgstr "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" @@ -2046,7 +2086,7 @@ msgstr "The lab I built is using a VRF (called **mgmt**) to provide out-of-band msgid "The lab was built using EVE-NG." msgstr "The lab was built using EVE-NG." -#: ../../configexamples/index.rst:32 +#: ../../configexamples/index.rst:33 msgid "The next pages contains automatic full tested configuration examples." msgstr "The next pages contains automatic full tested configuration examples." @@ -2054,7 +2094,7 @@ msgstr "The next pages contains automatic full tested configuration examples." msgid "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." msgstr "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." -#: ../../configexamples/index.rst:40 +#: ../../configexamples/index.rst:41 msgid "The process will do the following steps:" msgstr "The process will do the following steps:" @@ -2130,6 +2170,10 @@ msgstr "This configuration example and the requirments consists on:" msgid "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." msgstr "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." +#: ../../configexamples/lac-lns.rst:9 +msgid "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." +msgstr "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." + #: ../../configexamples/pppoe-ipv6-basic.rst:9 msgid "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." msgstr "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." @@ -2210,6 +2254,10 @@ msgstr "This section describes verification commands for MPLS/BGP/LDP protocols msgid "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." msgstr "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." +#: ../../configexamples/lac-lns.rst:91 +msgid "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." +msgstr "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." + #: ../../configexamples/autotest/Wireguard/Wireguard.rst:10 msgid "This simple structure show how to connect two offices. One remote branch and the central office." msgstr "This simple structure show how to connect two offices. One remote branch and the central office." @@ -2580,6 +2628,10 @@ msgstr "When you have both routers up, you should be able to establish a connect msgid "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" msgstr "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" +#: ../../configexamples/lac-lns.rst:-1 +msgid "Window PPPoE Client Configuration" +msgstr "Window PPPoE Client Configuration" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:13 msgid "Windows Server 2019 with a running Active Directory" msgstr "Windows Server 2019 with a running Active Directory" @@ -2713,15 +2765,15 @@ msgstr "compute3 - Port 11 of each switch" msgid "compute3 (VMware ESXi 6.5)" msgstr "compute3 (VMware ESXi 6.5)" -#: ../../configexamples/index.rst:43 +#: ../../configexamples/index.rst:44 msgid "configure each host in the lab" msgstr "configure each host in the lab" -#: ../../configexamples/index.rst:42 +#: ../../configexamples/index.rst:43 msgid "create the lab on a eve-ng server" msgstr "create the lab on a eve-ng server" -#: ../../configexamples/index.rst:44 +#: ../../configexamples/index.rst:45 msgid "do some defined tests" msgstr "do some defined tests" @@ -2742,7 +2794,7 @@ msgstr "extended community and remote label of specific destination" msgid "first the PCA" msgstr "first the PCA" -#: ../../configexamples/index.rst:46 +#: ../../configexamples/index.rst:47 msgid "generate the documentation and include files" msgstr "generate the documentation and include files" @@ -2754,7 +2806,7 @@ msgstr "green uses local routing table id and VNI 4000" msgid "information between PE and CE:" msgstr "information between PE and CE:" -#: ../../configexamples/index.rst:45 +#: ../../configexamples/index.rst:46 msgid "optional do an upgrade to a higher version and do step 3 again." msgstr "optional do an upgrade to a higher version and do step 3 again." @@ -2770,7 +2822,7 @@ msgstr "router2 (Random 1RU machine with 4 NICs)" msgid "save the output to a file and import it in nearly all openvpn clients." msgstr "save the output to a file and import it in nearly all openvpn clients." -#: ../../configexamples/index.rst:47 +#: ../../configexamples/index.rst:48 msgid "shutdown and destroy the lab, if there is no error" msgstr "shutdown and destroy the lab, if there is no error" diff --git a/docs/_locale/ja/configuration.pot b/docs/_locale/ja/configuration.pot index cf365560..16e47454 100644 --- a/docs/_locale/ja/configuration.pot +++ b/docs/_locale/ja/configuration.pot @@ -168,9 +168,9 @@ msgstr "**Documentation under development**" msgid "**Ethernet (protocol, destination address or source address)**" msgstr "**Ethernet (protocol, destination address or source address)**" -#: ../../configuration/service/dhcp-server.rst:200 -#: ../../configuration/service/dhcp-server.rst:587 -#: ../../configuration/service/dhcp-server.rst:626 +#: ../../configuration/service/dhcp-server.rst:206 +#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:634 msgid "**Example:**" msgstr "**Example:**" @@ -269,11 +269,11 @@ msgstr "**Input**: stage where traffic destined for the router itself can be fil msgid "**Interface name**" msgstr "**Interface name**" -#: ../../configuration/vpn/site2site_ipsec.rst:303 +#: ../../configuration/vpn/site2site_ipsec.rst:306 msgid "**LEFT**" msgstr "**LEFT**" -#: ../../configuration/vpn/site2site_ipsec.rst:287 +#: ../../configuration/vpn/site2site_ipsec.rst:290 msgid "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" msgstr "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" @@ -309,11 +309,11 @@ msgstr "**MED check**" msgid "**Multi-path check**" msgstr "**Multi-path check**" -#: ../../configuration/protocols/bgp.rst:1193 +#: ../../configuration/protocols/bgp.rst:1215 msgid "**Node1:**" msgstr "**Node1:**" -#: ../../configuration/protocols/bgp.rst:1221 +#: ../../configuration/protocols/bgp.rst:1243 msgid "**Node2:**" msgstr "**Node2:**" @@ -326,10 +326,10 @@ msgid "**Node 1**" msgstr "**Node 1**" #: ../../configuration/protocols/babel.rst:192 -#: ../../configuration/protocols/bgp.rst:1103 -#: ../../configuration/protocols/bgp.rst:1130 -#: ../../configuration/protocols/bgp.rst:1148 -#: ../../configuration/protocols/bgp.rst:1176 +#: ../../configuration/protocols/bgp.rst:1125 +#: ../../configuration/protocols/bgp.rst:1152 +#: ../../configuration/protocols/bgp.rst:1170 +#: ../../configuration/protocols/bgp.rst:1198 #: ../../configuration/protocols/isis.rst:341 #: ../../configuration/protocols/isis.rst:416 #: ../../configuration/protocols/isis.rst:457 @@ -350,10 +350,10 @@ msgid "**Node 2**" msgstr "**Node 2**" #: ../../configuration/protocols/babel.rst:202 -#: ../../configuration/protocols/bgp.rst:1114 #: ../../configuration/protocols/bgp.rst:1136 -#: ../../configuration/protocols/bgp.rst:1160 +#: ../../configuration/protocols/bgp.rst:1158 #: ../../configuration/protocols/bgp.rst:1182 +#: ../../configuration/protocols/bgp.rst:1204 #: ../../configuration/protocols/isis.rst:352 #: ../../configuration/protocols/isis.rst:432 #: ../../configuration/protocols/isis.rst:511 @@ -384,6 +384,10 @@ msgid "**Output**: stage where traffic that is originated by the router itself c msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" #: ../../configuration/firewall/index.rst:65 +msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" +msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" + +#: ../../configuration/firewall/index.rst:65 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" @@ -411,7 +415,7 @@ msgstr "**Prerouting**: several actions can be done in this stage, and currently msgid "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" msgstr "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" -#: ../../configuration/service/dhcp-server.rst:391 +#: ../../configuration/service/dhcp-server.rst:397 msgid "**Primary**" msgstr "**Primary**" @@ -481,11 +485,11 @@ msgstr "**RADIUS based IP pools (Framed-IP-Address)**" msgid "**RADIUS sessions management DM/CoA**" msgstr "**RADIUS sessions management DM/CoA**" -#: ../../configuration/vpn/site2site_ipsec.rst:343 +#: ../../configuration/vpn/site2site_ipsec.rst:346 msgid "**RIGHT**" msgstr "**RIGHT**" -#: ../../configuration/vpn/site2site_ipsec.rst:293 +#: ../../configuration/vpn/site2site_ipsec.rst:296 msgid "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" msgstr "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" @@ -521,15 +525,15 @@ msgstr "**SW1**" msgid "**SW2**" msgstr "**SW2**" -#: ../../configuration/service/dhcp-server.rst:400 +#: ../../configuration/service/dhcp-server.rst:406 msgid "**Secondary**" msgstr "**Secondary**" -#: ../../configuration/vpn/ipsec.rst:261 +#: ../../configuration/vpn/ipsec.rst:265 msgid "**Setting up IPSec**" msgstr "**Setting up IPSec**" -#: ../../configuration/vpn/ipsec.rst:237 +#: ../../configuration/vpn/ipsec.rst:241 msgid "**Setting up the GRE tunnel**" msgstr "**Setting up the GRE tunnel**" @@ -575,11 +579,25 @@ msgstr "**address** can be specified multiple times, e.g. 192.168.100.1 and/or 1 msgid "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" msgstr "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" +#: ../../configuration/service/pppoe-server.rst:474 +#: ../../configuration/vpn/l2tp.rst:428 +#: ../../configuration/vpn/pptp.rst:352 +#: ../../configuration/vpn/sstp.rst:386 +msgid "**allow** - Negotiate IPv4 only if client requests (Default value)" +msgstr "**allow** - Negotiate IPv4 only if client requests (Default value)" + +#: ../../configuration/service/pppoe-server.rst:349 +#: ../../configuration/vpn/l2tp.rst:293 +#: ../../configuration/vpn/pptp.rst:217 +#: ../../configuration/vpn/sstp.rst:251 +msgid "**allow** - Negotiate IPv6 only if client requests" +msgstr "**allow** - Negotiate IPv6 only if client requests" + #: ../../configuration/container/index.rst:38 msgid "**allow-host-networks** cannot be used with **network**" msgstr "**allow-host-networks** cannot be used with **network**" -#: ../../configuration/container/index.rst:102 +#: ../../configuration/container/index.rst:107 msgid "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" msgstr "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" @@ -595,6 +613,10 @@ msgstr "**application**: analyzes received flow data in the context of intrusion msgid "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." msgstr "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." +#: ../../configuration/service/ids.rst:90 +msgid "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." +msgstr "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." + #: ../../configuration/protocols/ospf.rst:435 msgid "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." @@ -603,6 +625,13 @@ msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** msgid "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." +#: ../../configuration/service/pppoe-server.rst:401 +#: ../../configuration/vpn/l2tp.rst:345 +#: ../../configuration/vpn/pptp.rst:269 +#: ../../configuration/vpn/sstp.rst:303 +msgid "**calling-sid** - Calculate interface identifier from calling-station-id." +msgstr "**calling-sid** - Calculate interface identifier from calling-station-id." + #: ../../configuration/protocols/ospf.rst:121 msgid "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." msgstr "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." @@ -619,7 +648,28 @@ msgstr "**default** – this area will be used for shortcutting only if ABR doe msgid "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." msgstr "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." -#: ../../configuration/vpn/sstp.rst:199 +#: ../../configuration/service/pppoe-server.rst:566 +msgid "**deny**: Deny second session authorization." +msgstr "**deny**: Deny second session authorization." + +#: ../../configuration/service/pppoe-server.rst:475 +#: ../../configuration/vpn/l2tp.rst:429 +#: ../../configuration/vpn/pptp.rst:353 +#: ../../configuration/vpn/sstp.rst:387 +msgid "**deny** - Do not negotiate IPv4" +msgstr "**deny** - Do not negotiate IPv4" + +#: ../../configuration/service/pppoe-server.rst:350 +#: ../../configuration/vpn/l2tp.rst:294 +#: ../../configuration/vpn/pptp.rst:218 +#: ../../configuration/vpn/sstp.rst:252 +msgid "**deny** - Do not negotiate IPv6 (default value)" +msgstr "**deny** - Do not negotiate IPv6 (default value)" + +#: ../../configuration/service/pppoe-server.rst:507 +#: ../../configuration/vpn/l2tp.rst:461 +#: ../../configuration/vpn/pptp.rst:385 +#: ../../configuration/vpn/sstp.rst:419 msgid "**deny** - deny mppe" msgstr "**deny** - deny mppe" @@ -635,6 +685,10 @@ msgstr "**dhcp** interface address is received by DHCP from a DHCP server on thi msgid "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." msgstr "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." +#: ../../configuration/service/pppoe-server.rst:565 +msgid "**disable**: Disables session control." +msgstr "**disable**: Disables session control." + #: ../../configuration/service/dhcp-relay.rst:75 msgid "**discard:** Received packets which already contain relay information will be discarded." msgstr "**discard:** Received packets which already contain relay information will be discarded." @@ -667,6 +721,17 @@ msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It co msgid "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." +#: ../../configuration/service/pppoe-server.rst:400 +#: ../../configuration/vpn/l2tp.rst:344 +#: ../../configuration/vpn/pptp.rst:268 +#: ../../configuration/vpn/sstp.rst:302 +msgid "**ipv4-addr** - Calculate interface identifier from IPv4 address." +msgstr "**ipv4-addr** - Calculate interface identifier from IPv4 address." + +#: ../../configuration/service/ipoe-server.rst:91 +msgid "**l2**: It means that clients are on same network where interface is.**(default)**" +msgstr "**l2**: It means that clients are on same network where interface is.**(default)**" + #: ../../configuration/interfaces/bonding.rst:161 msgid "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" msgstr "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" @@ -707,10 +772,18 @@ msgstr "**level-2-only** - Act as an area (Level 2) router only." msgid "**level-2-only** - Level-2 only adjacencies are formed" msgstr "**level-2-only** - Level-2 only adjacencies are formed" -#: ../../configuration/vpn/sstp.rst:105 +#: ../../configuration/service/ipoe-server.rst:65 +#: ../../configuration/service/pppoe-server.rst:43 +#: ../../configuration/vpn/l2tp.rst:31 +#: ../../configuration/vpn/pptp.rst:32 +#: ../../configuration/vpn/sstp.rst:58 msgid "**local**: All authentication queries are handled locally." msgstr "**local**: All authentication queries are handled locally." +#: ../../configuration/service/ipoe-server.rst:93 +msgid "**local**: It means that client are behind some router." +msgstr "**local**: It means that client are behind some router." + #: ../../configuration/interfaces/wireguard.rst:140 msgid "**local side - commands**" msgstr "**local side - commands**" @@ -723,27 +796,36 @@ msgstr "**log-fail** In this mode, the recursor will attempt to validate all dat msgid "**narrow** - Use old style of TLVs with narrow metric." msgstr "**narrow** - Use old style of TLVs with narrow metric." -#: ../../configuration/container/index.rst:119 +#: ../../configuration/container/index.rst:124 msgid "**net-admin**: Network operations (interface, firewall, routing tables)" msgstr "**net-admin**: Network operations (interface, firewall, routing tables)" -#: ../../configuration/container/index.rst:120 +#: ../../configuration/container/index.rst:125 msgid "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" msgstr "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" -#: ../../configuration/container/index.rst:121 +#: ../../configuration/container/index.rst:126 msgid "**net-raw**: Permission to create raw network sockets" msgstr "**net-raw**: Permission to create raw network sockets" -#: ../../configuration/container/index.rst:100 +#: ../../configuration/container/index.rst:105 msgid "**no**: Do not restart containers on exit" msgstr "**no**: Do not restart containers on exit" +#: ../../configuration/service/ipoe-server.rst:66 +msgid "**noauth**: Authentication disabled" +msgstr "**noauth**: Authentication disabled" + +#: ../../configuration/service/pppoe-server.rst:44 +#: ../../configuration/vpn/pptp.rst:33 +msgid "**noauth**: Authentication disabled." +msgstr "**noauth**: Authentication disabled." + #: ../../configuration/service/dns.rst:66 msgid "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." msgstr "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." -#: ../../configuration/container/index.rst:101 +#: ../../configuration/container/index.rst:106 msgid "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" msgstr "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" @@ -755,10 +837,31 @@ msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It config msgid "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." -#: ../../configuration/vpn/sstp.rst:198 +#: ../../configuration/service/pppoe-server.rst:473 +#: ../../configuration/vpn/l2tp.rst:427 +#: ../../configuration/vpn/pptp.rst:351 +#: ../../configuration/vpn/sstp.rst:385 +msgid "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" + +#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/vpn/l2tp.rst:292 +#: ../../configuration/vpn/pptp.rst:216 +#: ../../configuration/vpn/sstp.rst:250 +msgid "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" + +#: ../../configuration/vpn/sstp.rst:204 msgid "**prefer** - ask client for mppe, if it rejects don't fail" msgstr "**prefer** - ask client for mppe, if it rejects don't fail" +#: ../../configuration/service/pppoe-server.rst:506 +#: ../../configuration/vpn/l2tp.rst:460 +#: ../../configuration/vpn/pptp.rst:384 +#: ../../configuration/vpn/sstp.rst:418 +msgid "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" +msgstr "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" + #: ../../configuration/service/dns.rst:77 msgid "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." msgstr "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." @@ -771,19 +874,55 @@ msgstr "**process-no-validate** In this mode the recursor acts as a \"security a msgid "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." msgstr "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." -#: ../../configuration/vpn/sstp.rst:103 +#: ../../configuration/service/ipoe-server.rst:63 +#: ../../configuration/service/pppoe-server.rst:41 +#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/vpn/pptp.rst:30 +#: ../../configuration/vpn/sstp.rst:56 msgid "**radius**: All authentication queries are handled by a configured RADIUS server." msgstr "**radius**: All authentication queries are handled by a configured RADIUS server." +#: ../../configuration/service/pppoe-server.rst:391 +#: ../../configuration/service/pppoe-server.rst:398 +#: ../../configuration/vpn/l2tp.rst:335 +#: ../../configuration/vpn/l2tp.rst:342 +#: ../../configuration/vpn/pptp.rst:259 +#: ../../configuration/vpn/pptp.rst:266 +#: ../../configuration/vpn/sstp.rst:293 +#: ../../configuration/vpn/sstp.rst:300 +msgid "**random** - Random interface identifier for IPv6" +msgstr "**random** - Random interface identifier for IPv6" + #: ../../configuration/interfaces/wireguard.rst:190 msgid "**remote side - commands**" msgstr "**remote side - commands**" +#: ../../configuration/service/pppoe-server.rst:567 +msgid "**replace**: Terminate first session when second is authorized **(default)**" +msgstr "**replace**: Terminate first session when second is authorized **(default)**" + #: ../../configuration/service/dhcp-relay.rst:81 msgid "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." msgstr "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." -#: ../../configuration/vpn/sstp.rst:197 +#: ../../configuration/service/pppoe-server.rst:472 +#: ../../configuration/vpn/l2tp.rst:426 +#: ../../configuration/vpn/pptp.rst:350 +#: ../../configuration/vpn/sstp.rst:384 +msgid "**require** - Require IPv4 negotiation" +msgstr "**require** - Require IPv4 negotiation" + +#: ../../configuration/service/pppoe-server.rst:347 +#: ../../configuration/vpn/l2tp.rst:291 +#: ../../configuration/vpn/pptp.rst:215 +#: ../../configuration/vpn/sstp.rst:249 +msgid "**require** - Require IPv6 negotiation" +msgstr "**require** - Require IPv6 negotiation" + +#: ../../configuration/service/pppoe-server.rst:505 +#: ../../configuration/vpn/l2tp.rst:459 +#: ../../configuration/vpn/pptp.rst:383 +#: ../../configuration/vpn/sstp.rst:417 msgid "**require** - ask client for mppe, if it rejects drop connection" msgstr "**require** - ask client for mppe, if it rejects drop connection" @@ -791,19 +930,23 @@ msgstr "**require** - ask client for mppe, if it rejects drop connection" msgid "**right**" msgstr "**right**" -#: ../../configuration/container/index.rst:122 +#: ../../configuration/container/index.rst:127 msgid "**setpcap**: Capability sets (from bounded or inherited set)" msgstr "**setpcap**: Capability sets (from bounded or inherited set)" +#: ../../configuration/service/ipoe-server.rst:99 +msgid "**shared**: Multiple clients share the same network. **(default)**" +msgstr "**shared**: Multiple clients share the same network. **(default)**" + #: ../../configuration/nat/nat44.rst:195 msgid "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." msgstr "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." -#: ../../configuration/container/index.rst:123 +#: ../../configuration/container/index.rst:128 msgid "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" msgstr "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" -#: ../../configuration/container/index.rst:124 +#: ../../configuration/container/index.rst:129 msgid "**sys-time**: Permission to set system clock" msgstr "**sys-time**: Permission to set system clock" @@ -819,10 +962,25 @@ msgstr "**upstream:** The upstream network interface is the outgoing interface w msgid "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." msgstr "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." +#: ../../configuration/service/ipoe-server.rst:100 +msgid "**vlan**: One VLAN per client." +msgstr "**vlan**: One VLAN per client." + #: ../../configuration/protocols/isis.rst:102 msgid "**wide** - Use new style of TLVs to carry wider metric." msgstr "**wide** - Use new style of TLVs to carry wider metric." +#: ../../configuration/service/pppoe-server.rst:392 +#: ../../configuration/service/pppoe-server.rst:399 +#: ../../configuration/vpn/l2tp.rst:336 +#: ../../configuration/vpn/l2tp.rst:343 +#: ../../configuration/vpn/pptp.rst:260 +#: ../../configuration/vpn/pptp.rst:267 +#: ../../configuration/vpn/sstp.rst:294 +#: ../../configuration/vpn/sstp.rst:301 +msgid "**x:x:x:x** - Specify interface identifier for IPv6" +msgstr "**x:x:x:x** - Specify interface identifier for IPv6" + #: ../../configuration/protocols/bgp.rst:143 msgid "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." msgstr "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." @@ -887,7 +1045,7 @@ msgstr "0 if not defined, which means no refreshing." msgid "0 if not defined." msgstr "0 if not defined." -#: ../../configuration/service/dhcp-server.rst:237 +#: ../../configuration/service/dhcp-server.rst:243 #: ../../configuration/system/syslog.rst:114 #: ../../configuration/system/syslog.rst:173 #: ../../configuration/trafficpolicy/index.rst:801 @@ -950,7 +1108,7 @@ msgstr "10 - 10 MBit/s" msgid "11" msgstr "11" -#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:325 msgid "119" msgstr "119" @@ -960,11 +1118,11 @@ msgstr "119" msgid "12" msgstr "12" -#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:330 msgid "121, 249" msgstr "121, 249" -#: ../../configuration/service/dhcp-server.rst:304 +#: ../../configuration/service/dhcp-server.rst:310 #: ../../configuration/system/syslog.rst:138 #: ../../configuration/trafficpolicy/index.rst:870 msgid "13" @@ -976,7 +1134,7 @@ msgstr "13" msgid "14" msgstr "14" -#: ../../configuration/service/dhcp-server.rst:264 +#: ../../configuration/service/dhcp-server.rst:270 #: ../../configuration/system/syslog.rst:142 #: ../../configuration/trafficpolicy/index.rst:866 msgid "15" @@ -1000,7 +1158,7 @@ msgstr "172.16.0.0 to 172.31.255.255 (CIDR: 172.16.0.0/12)" msgid "18" msgstr "18" -#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:275 #: ../../configuration/system/syslog.rst:150 msgid "19" msgstr "19" @@ -1025,7 +1183,7 @@ msgstr "1: Enable DAD (default)" msgid "1 if not defined." msgstr "1 if not defined." -#: ../../configuration/service/dhcp-server.rst:243 +#: ../../configuration/service/dhcp-server.rst:249 #: ../../configuration/system/syslog.rst:116 #: ../../configuration/system/syslog.rst:178 #: ../../configuration/trafficpolicy/index.rst:799 @@ -1059,7 +1217,7 @@ msgstr "25000 - 25 GBit/s" msgid "2500 - 2.5 GBit/s" msgstr "2500 - 2.5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:329 +#: ../../configuration/service/dhcp-server.rst:335 msgid "252" msgstr "252" @@ -1087,7 +1245,7 @@ msgstr "2. Since this is the first packet, connection status of this connection, msgid "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." msgstr "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." -#: ../../configuration/service/dhcp-server.rst:249 +#: ../../configuration/service/dhcp-server.rst:255 #: ../../configuration/system/syslog.rst:118 #: ../../configuration/system/syslog.rst:181 #: ../../configuration/trafficpolicy/index.rst:797 @@ -1115,7 +1273,7 @@ msgstr "38" msgid "3. Add a full path to the script" msgstr "3. Add a full path to the script" -#: ../../configuration/service/dhcp-server.rst:254 +#: ../../configuration/service/dhcp-server.rst:260 #: ../../configuration/system/syslog.rst:120 #: ../../configuration/system/syslog.rst:183 #: ../../configuration/trafficpolicy/index.rst:795 @@ -1131,11 +1289,11 @@ msgstr "40000 - 40 GBit/s" msgid "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." msgstr "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." -#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:280 msgid "42" msgstr "42" -#: ../../configuration/service/dhcp-server.rst:279 +#: ../../configuration/service/dhcp-server.rst:285 msgid "44" msgstr "44" @@ -1166,7 +1324,7 @@ msgstr "50000 - 50 GBit/s" msgid "5000 - 5 GBit/s" msgstr "5000 - 5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:284 +#: ../../configuration/service/dhcp-server.rst:290 msgid "54" msgstr "54" @@ -1179,7 +1337,7 @@ msgstr "5. Second packet for this connection is received by the router. Since co msgid "5 if not defined." msgstr "5 if not defined." -#: ../../configuration/service/dhcp-server.rst:259 +#: ../../configuration/service/dhcp-server.rst:265 #: ../../configuration/system/syslog.rst:124 #: ../../configuration/system/syslog.rst:189 #: ../../configuration/trafficpolicy/index.rst:791 @@ -1187,7 +1345,7 @@ msgstr "5 if not defined." msgid "6" msgstr "6" -#: ../../configuration/service/dhcp-server.rst:294 +#: ../../configuration/service/dhcp-server.rst:300 msgid "66" msgstr "66" @@ -1195,11 +1353,11 @@ msgstr "66" msgid "66% of traffic is routed to eth0, eth1 gets 33% of traffic." msgstr "66% of traffic is routed to eth0, eth1 gets 33% of traffic." -#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:305 msgid "67" msgstr "67" -#: ../../configuration/service/dhcp-server.rst:309 +#: ../../configuration/service/dhcp-server.rst:315 msgid "69" msgstr "69" @@ -1222,7 +1380,7 @@ msgstr "6in4 uses tunneling to encapsulate IPv6 traffic over IPv4 links as defin msgid "7" msgstr "7" -#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:320 msgid "70" msgstr "70" @@ -1299,11 +1457,11 @@ msgstr "<x.x.x.x>-<x.x.x.x>: IP range to match." msgid "<x.x.x.x>: IP address to match." msgstr "<x.x.x.x>: IP address to match." -#: ../../configuration/pki/index.rst:252 +#: ../../configuration/pki/index.rst:283 msgid "ACME" msgstr "ACME" -#: ../../configuration/pki/index.rst:281 +#: ../../configuration/pki/index.rst:312 msgid "ACME Directory Resource URI." msgstr "ACME Directory Resource URI." @@ -1311,7 +1469,7 @@ msgstr "ACME Directory Resource URI." msgid "API" msgstr "API" -#: ../../configuration/protocols/static.rst:150 +#: ../../configuration/protocols/static.rst:183 msgid "ARP" msgstr "ARP" @@ -1335,7 +1493,7 @@ msgstr "A *bit* is written as **bit**," msgid "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." msgstr "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." -#: ../../configuration/protocols/bgp.rst:929 +#: ../../configuration/protocols/bgp.rst:951 msgid "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" msgstr "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" @@ -1351,7 +1509,7 @@ msgstr "A GRE tunnel operates at layer 3 of the OSI model and is represented by msgid "A Rule-Set can be applied to every interface:" msgstr "A Rule-Set can be applied to every interface:" -#: ../../configuration/service/dhcp-server.rst:561 +#: ../../configuration/service/dhcp-server.rst:567 msgid "A SNTP server address can be specified for DHCPv6 clients." msgstr "A SNTP server address can be specified for DHCPv6 clients." @@ -1363,11 +1521,11 @@ msgstr "A VRF device is created with an associated route table. Network interfac msgid "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." msgstr "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." -#: ../../configuration/service/dns.rst:162 +#: ../../configuration/service/dns.rst:149 msgid "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." msgstr "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." -#: ../../configuration/service/dhcp-server.rst:533 +#: ../../configuration/service/dhcp-server.rst:539 msgid "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." msgstr "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." @@ -1384,6 +1542,10 @@ msgstr "A basic introduction to zone-based firewalls can be found `here <https:/ msgid "A bridge named `br100`" msgstr "A bridge named `br100`" +#: ../../configuration/container/index.rst:144 +msgid "A brief description what this network is all about." +msgstr "A brief description what this network is all about." + #: ../../configuration/trafficpolicy/index.rst:147 msgid "A class can have multiple match filters:" msgstr "A class can have multiple match filters:" @@ -1396,7 +1558,11 @@ msgstr "A common example is the case of some policies which, in order to be effe msgid "A complete LDAP auth OpenVPN configuration could look like the following example:" msgstr "A complete LDAP auth OpenVPN configuration could look like the following example:" -#: ../../configuration/vpn/sstp.rst:335 +#: ../../configuration/service/ids.rst:84 +msgid "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" +msgstr "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" + +#: ../../configuration/vpn/sstp.rst:508 msgid "A connection attempt will be shown as:" msgstr "A connection attempt will be shown as:" @@ -1420,7 +1586,7 @@ msgstr "A domain name is the label (name) assigned to a computer network and is msgid "A dummy interface for the provider-assigned IP;" msgstr "A dummy interface for the provider-assigned IP;" -#: ../../configuration/highavailability/index.rst:426 +#: ../../configuration/highavailability/index.rst:436 msgid "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." msgstr "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." @@ -1436,11 +1602,11 @@ msgstr "A generic `<name>` referencing this sync service." msgid "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." msgstr "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." -#: ../../configuration/pki/index.rst:189 +#: ../../configuration/pki/index.rst:191 msgid "A human readable description what this CA is about." msgstr "A human readable description what this CA is about." -#: ../../configuration/pki/index.rst:228 +#: ../../configuration/pki/index.rst:230 msgid "A human readable description what this certificate is about." msgstr "A human readable description what this certificate is about." @@ -1456,7 +1622,7 @@ msgstr "A managed device is a network node that implements an SNMP interface tha msgid "A match filter can contain multiple criteria and will match traffic if all those criteria are true." msgstr "A match filter can contain multiple criteria and will match traffic if all those criteria are true." -#: ../../configuration/protocols/bfd.rst:138 +#: ../../configuration/protocols/bfd.rst:145 msgid "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." msgstr "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." @@ -1476,7 +1642,7 @@ msgstr "A packet rate limit can be set for a rule to apply the rule to traffic a msgid "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." msgstr "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." -#: ../../configuration/protocols/bgp.rst:698 +#: ../../configuration/protocols/bgp.rst:720 msgid "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." msgstr "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." @@ -1488,7 +1654,7 @@ msgstr "A physical interface is required to connect this MACsec instance to. Tra msgid "A pool of addresses can be defined by using a hyphen between two IP addresses:" msgstr "A pool of addresses can be defined by using a hyphen between two IP addresses:" -#: ../../configuration/firewall/ipv4.rst:485 +#: ../../configuration/firewall/ipv4.rst:508 #: ../../configuration/firewall/ipv6.rst:491 msgid "A port can be set with a port number or a name which is here defined: ``/etc/services``." msgstr "A port can be set with a port number or a name which is here defined: ``/etc/services``." @@ -1526,11 +1692,11 @@ msgstr "A segment ID that contains an IP address prefix calculated by an IGP in msgid "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." msgstr "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." -#: ../../configuration/service/dhcp-server.rst:589 +#: ../../configuration/service/dhcp-server.rst:595 msgid "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" msgstr "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" -#: ../../configuration/protocols/bgp.rst:1146 +#: ../../configuration/protocols/bgp.rst:1168 msgid "A simple BGP configuration via IPv6." msgstr "A simple BGP configuration via IPv6." @@ -1538,7 +1704,7 @@ msgstr "A simple BGP configuration via IPv6." msgid "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." msgstr "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." -#: ../../configuration/protocols/bgp.rst:1101 +#: ../../configuration/protocols/bgp.rst:1123 msgid "A simple eBGP configuration:" msgstr "A simple eBGP configuration:" @@ -1602,7 +1768,7 @@ msgstr "A very small buffer will soon start dropping packets." msgid "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." msgstr "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." -#: ../../configuration/service/dns.rst:397 +#: ../../configuration/service/dns.rst:411 msgid "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." msgstr "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." @@ -1622,6 +1788,21 @@ msgstr "Accept SSH connections for the given `<device>` on TCP port `<port>`. Af msgid "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." msgstr "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." +#: ../../configuration/service/pppoe-server.rst:384 +#: ../../configuration/vpn/l2tp.rst:328 +#: ../../configuration/vpn/pptp.rst:252 +#: ../../configuration/vpn/sstp.rst:286 +msgid "Accept peer interface identifier. By default is not defined." +msgstr "Accept peer interface identifier. By default is not defined." + +#: ../../configuration/service/ipoe-server.rst:364 +#: ../../configuration/service/pppoe-server.rst:530 +#: ../../configuration/vpn/l2tp.rst:484 +#: ../../configuration/vpn/pptp.rst:408 +#: ../../configuration/vpn/sstp.rst:442 +msgid "Acceptable rate of connections (e.g. 1/min, 60/sec)" +msgstr "Acceptable rate of connections (e.g. 1/min, 60/sec)" + #: ../../configuration/policy/access-list.rst:3 msgid "Access List Policy" msgstr "Access List Policy" @@ -1665,7 +1846,7 @@ msgstr "Add Power Constraint element to Beacon and Probe Response frames." msgid "Add a forwarding rule matching UDP port on your internet router." msgstr "Add a forwarding rule matching UDP port on your internet router." -#: ../../configuration/container/index.rst:113 +#: ../../configuration/container/index.rst:118 msgid "Add a host device to the container." msgstr "Add a host device to the container." @@ -1693,11 +1874,11 @@ msgstr "Add new port to SSL-ports acl. Ports included by default in SSL-ports ac msgid "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" msgstr "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" -#: ../../configuration/policy/route-map.rst:221 +#: ../../configuration/policy/route-map.rst:224 msgid "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" msgstr "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" -#: ../../configuration/policy/route-map.rst:236 +#: ../../configuration/policy/route-map.rst:239 msgid "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" @@ -1705,11 +1886,11 @@ msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0 msgid "Add policy route matching VLAN source addresses" msgstr "Add policy route matching VLAN source addresses" -#: ../../configuration/pki/index.rst:217 +#: ../../configuration/pki/index.rst:219 msgid "Add public key portion for the certificate named `name` to the VyOS CLI." msgstr "Add public key portion for the certificate named `name` to the VyOS CLI." -#: ../../configuration/pki/index.rst:193 +#: ../../configuration/pki/index.rst:195 msgid "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." msgstr "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." @@ -1717,11 +1898,11 @@ msgstr "Add the CAs private key to the VyOS CLI. This should never leave the sys msgid "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." msgstr "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." -#: ../../configuration/pki/index.rst:232 +#: ../../configuration/pki/index.rst:234 msgid "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." msgstr "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." -#: ../../configuration/pki/index.rst:174 +#: ../../configuration/pki/index.rst:176 msgid "Add the public CA certificate for the CA named `name` to the VyOS CLI." msgstr "Add the public CA certificate for the CA named `name` to the VyOS CLI." @@ -1765,11 +1946,11 @@ msgstr "Address Families" msgid "Address Groups" msgstr "Address Groups" -#: ../../configuration/service/dhcp-server.rst:592 +#: ../../configuration/service/dhcp-server.rst:598 msgid "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." msgstr "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." -#: ../../configuration/service/dhcp-server.rst:582 +#: ../../configuration/service/dhcp-server.rst:588 msgid "Address pools" msgstr "Address pools" @@ -1777,14 +1958,30 @@ msgstr "Address pools" msgid "Address to listen for HTTPS requests" msgstr "Address to listen for HTTPS requests" -#: ../../configuration/container/index.rst:136 +#: ../../configuration/container/index.rst:160 +msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." +msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." + +#: ../../configuration/container/index.rst:141 msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." -#: ../../configuration/protocols/bgp.rst:647 +#: ../../configuration/protocols/bgp.rst:669 msgid "Administrative Distance" msgstr "Administrative Distance" +#: ../../configuration/service/ipoe-server.rst:335 +msgid "Advanced Interface Options" +msgstr "Advanced Interface Options" + +#: ../../configuration/service/ipoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:425 +#: ../../configuration/vpn/l2tp.rst:369 +#: ../../configuration/vpn/pptp.rst:293 +#: ../../configuration/vpn/sstp.rst:327 +msgid "Advanced Options" +msgstr "Advanced Options" + #: ../../configuration/nat/nat44.rst:301 msgid "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." msgstr "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." @@ -1797,7 +1994,11 @@ msgstr "Advantages of OpenVPN are:" msgid "Advertise DNS server per https://tools.ietf.org/html/rfc6106" msgstr "Advertise DNS server per https://tools.ietf.org/html/rfc6106" -#: ../../configuration/service/router-advert.rst:53 +#: ../../configuration/service/router-advert.rst:78 +msgid "Advertising a NAT64 Prefix" +msgstr "Advertising a NAT64 Prefix" + +#: ../../configuration/service/router-advert.rst:54 msgid "Advertising a Prefix" msgstr "Advertising a Prefix" @@ -1805,7 +2006,7 @@ msgstr "Advertising a Prefix" msgid "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" msgstr "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" -#: ../../configuration/vrf/index.rst:325 +#: ../../configuration/vrf/index.rst:344 msgid "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." msgstr "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." @@ -1813,10 +2014,18 @@ msgstr "After committing the configuration we can verify all leaked routes are i msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." -#: ../../configuration/pki/index.rst:212 +#: ../../configuration/vpn/ipsec.rst:418 +msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." +msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." + +#: ../../configuration/pki/index.rst:214 msgid "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." msgstr "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." +#: ../../configuration/vpn/ipsec.rst:399 +msgid "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." +msgstr "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." + #: ../../configuration/service/snmp.rst:39 msgid "Agent - software which runs on managed devices" msgstr "Agent - software which runs on managed devices" @@ -1825,7 +2034,7 @@ msgstr "Agent - software which runs on managed devices" msgid "Alert" msgstr "Alert" -#: ../../configuration/highavailability/index.rst:346 +#: ../../configuration/highavailability/index.rst:356 msgid "Algorithm" msgstr "Algorithm" @@ -1833,7 +2042,7 @@ msgstr "Algorithm" msgid "Aliases" msgstr "Aliases" -#: ../../configuration/service/dns.rst:167 +#: ../../configuration/service/dns.rst:154 msgid "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" msgstr "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" @@ -1861,7 +2070,7 @@ msgstr "All interfaces used for the DHCP relay must be configured. This includes msgid "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." msgstr "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." -#: ../../configuration/service/dns.rst:169 +#: ../../configuration/service/dns.rst:156 msgid "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" msgstr "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" @@ -1897,7 +2106,11 @@ msgstr "All traffic to and from an interface within a zone is permitted." msgid "All tunnel sessions can be checked via:" msgstr "All tunnel sessions can be checked via:" -#: ../../configuration/vpn/l2tp.rst:209 +#: ../../configuration/service/ipoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:193 +#: ../../configuration/vpn/l2tp.rst:236 +#: ../../configuration/vpn/pptp.rst:176 +#: ../../configuration/vpn/sstp.rst:209 msgid "Allocation clients ip addresses by RADIUS" msgstr "Allocation clients ip addresses by RADIUS" @@ -1913,7 +2126,7 @@ msgstr "Allow access to sites in a domain without retrieving them from the Proxy msgid "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." msgstr "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." -#: ../../configuration/service/dns.rst:359 +#: ../../configuration/service/dns.rst:362 msgid "Allow explicit IPv6 address for the interface." msgstr "Allow explicit IPv6 address for the interface." @@ -1933,7 +2146,7 @@ msgstr "Allow this BFD peer to not be directly connected" msgid "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." msgstr "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:812 +#: ../../configuration/firewall/ipv4.rst:835 #: ../../configuration/firewall/ipv6.rst:821 #: ../../configuration/system/conntrack.rst:199 msgid "Allowed values fpr TCP flags: ``ack``, ``cwr``, ``ecn``, ``fin``, ``psh``, ``rst``, ``syn`` and ``urg``. Multiple values are supported, and for inverted selection use ``not``, as shown in the example." @@ -1947,11 +2160,11 @@ msgstr "Allows specific VLAN IDs to pass through the bridge member interface. Th msgid "Allows to define URL path matching rules for a specific service." msgstr "Allows to define URL path matching rules for a specific service." -#: ../../configuration/protocols/static.rst:69 +#: ../../configuration/protocols/static.rst:92 msgid "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." -#: ../../configuration/protocols/static.rst:89 +#: ../../configuration/protocols/static.rst:112 msgid "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." @@ -1977,11 +2190,11 @@ msgstr "Also, for those who haven't updated to newer version, legacy documentati msgid "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." msgstr "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." -#: ../../configuration/protocols/static.rst:138 +#: ../../configuration/protocols/static.rst:171 msgid "Alternate Routing Tables" msgstr "Alternate Routing Tables" -#: ../../configuration/protocols/static.rst:142 +#: ../../configuration/protocols/static.rst:175 msgid "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." msgstr "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." @@ -2037,7 +2250,7 @@ msgstr "An agent is a network-management software module that resides on a manag msgid "An alternate command could be \"mpls-te on\" (Traffic Engineering)" msgstr "An alternate command could be \"mpls-te on\" (Traffic Engineering)" -#: ../../configuration/firewall/ipv4.rst:373 +#: ../../configuration/firewall/ipv4.rst:396 msgid "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." msgstr "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." @@ -2062,7 +2275,7 @@ msgstr "An basic introduction to zone-based firewalls can be found `here <https: #: ../../configuration/interfaces/tunnel.rst:71 #: ../../configuration/interfaces/tunnel.rst:93 #: ../../configuration/interfaces/tunnel.rst:194 -#: ../../configuration/system/login.rst:195 +#: ../../configuration/system/login.rst:199 msgid "An example:" msgstr "An example:" @@ -2074,7 +2287,7 @@ msgstr "An example of a configuration that sends ``telegraf`` metrics to remote msgid "An example of creating a VLAN-aware bridge is as follows:" msgstr "An example of creating a VLAN-aware bridge is as follows:" -#: ../../configuration/system/login.rst:149 +#: ../../configuration/system/login.rst:153 msgid "An example of key generation:" msgstr "An example of key generation:" @@ -2102,6 +2315,10 @@ msgstr "And base chain for traffic generated by the router is ``set firewall ipv msgid "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" msgstr "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" +#: ../../configuration/service/ids.rst:138 +msgid "And content of the script:" +msgstr "And content of the script:" + #: ../../configuration/policy/route.rst:76 msgid "And for ipv6:" msgstr "And for ipv6:" @@ -2114,7 +2331,7 @@ msgstr "And next, some configuration example where groups are used:" msgid "And op-mode commands:" msgstr "And op-mode commands:" -#: ../../configuration/system/ip.rst:84 +#: ../../configuration/system/ip.rst:97 msgid "And the different IPv4 **reset** commands available:" msgstr "And the different IPv4 **reset** commands available:" @@ -2131,6 +2348,10 @@ msgstr "Another term often used for DNAT is **1-to-1 NAT**. For a 1-to-1 NAT con msgid "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." msgstr "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." +#: ../../configuration/vpn/ipsec.rst:549 +msgid "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/vrf/index.rst:52 #: ../../configuration/vrf/index.rst:62 msgid "Apply a route-map filter to routes for the specified protocol." @@ -2221,11 +2442,15 @@ msgstr "As a result, the processing of each packet becomes more efficient, poten msgid "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." msgstr "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." +#: ../../configuration/vpn/ipsec.rst:523 +msgid "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." +msgstr "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." + #: ../../configuration/firewall/flowtables.rst:109 msgid "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." msgstr "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." -#: ../../configuration/system/option.rst:80 +#: ../../configuration/system/option.rst:110 msgid "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." msgstr "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." @@ -2265,7 +2490,7 @@ msgstr "As the example image below shows, the device was configured with rules b msgid "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." msgstr "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." -#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/l2tp.rst:86 msgid "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" msgstr "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" @@ -2301,7 +2526,7 @@ msgstr "Assign `<member>` interface to bridge `<interface>`. A completion helper msgid "Assign a specific backend to a rule" msgstr "Assign a specific backend to a rule" -#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:98 msgid "Assign interface identified by `<interface>` to VRF named `<name>`." msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." @@ -2309,7 +2534,10 @@ msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." msgid "Assign member interfaces to PortChannel" msgstr "Assign member interfaces to PortChannel" -#: ../../configuration/vpn/sstp.rst:80 +#: ../../configuration/service/pppoe-server.rst:437 +#: ../../configuration/vpn/l2tp.rst:381 +#: ../../configuration/vpn/pptp.rst:305 +#: ../../configuration/vpn/sstp.rst:339 msgid "Assign static IP address to `<user>` account." msgstr "Assign static IP address to `<user>` account." @@ -2317,7 +2545,7 @@ msgstr "Assign static IP address to `<user>` account." msgid "Assign the IP address to this machine for `<time>` seconds." msgstr "Assign the IP address to this machine for `<time>` seconds." -#: ../../configuration/system/login.rst:62 +#: ../../configuration/system/login.rst:66 msgid "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." msgstr "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." @@ -2401,6 +2629,14 @@ msgstr "Attaches user-defined network to a container. Only one network must be s msgid "Authentication" msgstr "Authentication" +#: ../../configuration/service/ipoe-server.rst:310 +#: ../../configuration/service/pppoe-server.rst:428 +#: ../../configuration/vpn/l2tp.rst:372 +#: ../../configuration/vpn/pptp.rst:296 +#: ../../configuration/vpn/sstp.rst:330 +msgid "Authentication Advanced Options" +msgstr "Authentication Advanced Options" + #: ../../configuration/interfaces/ethernet.rst:99 msgid "Authentication (EAPoL)" msgstr "Authentication (EAPoL)" @@ -2437,11 +2673,11 @@ msgstr "Authentication – to verify that the message is from a valid source." msgid "Authorization token" msgstr "Authorization token" -#: ../../configuration/service/pppoe-server.rst:159 +#: ../../configuration/service/pppoe-server.rst:228 msgid "Automatic VLAN Creation" msgstr "Automatic VLAN Creation" -#: ../../configuration/service/ipoe-server.rst:96 +#: ../../configuration/service/ipoe-server.rst:97 msgid "Automatic VLAN creation" msgstr "Automatic VLAN creation" @@ -2469,7 +2705,7 @@ msgstr "Azure-data-explorer" msgid "BFD" msgstr "BFD" -#: ../../configuration/protocols/bfd.rst:136 +#: ../../configuration/protocols/bfd.rst:143 msgid "BFD Static Route Monitoring" msgstr "BFD Static Route Monitoring" @@ -2505,7 +2741,7 @@ msgstr "BGP Example" msgid "BGP Router Configuration" msgstr "BGP Router Configuration" -#: ../../configuration/protocols/bgp.rst:888 +#: ../../configuration/protocols/bgp.rst:910 msgid "BGP Scaling Configuration" msgstr "BGP Scaling Configuration" @@ -2517,7 +2753,7 @@ msgstr "BGP aggregator attribute: AS number or IP address of an aggregation." msgid "BGP as-path list to match." msgstr "BGP as-path list to match." -#: ../../configuration/policy/route-map.rst:216 +#: ../../configuration/policy/route-map.rst:219 msgid "BGP atomic aggregate attribute." msgstr "BGP atomic aggregate attribute." @@ -2533,11 +2769,11 @@ msgstr "BGP extended community to match." msgid "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" msgstr "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" -#: ../../configuration/protocols/bgp.rst:890 +#: ../../configuration/protocols/bgp.rst:912 msgid "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." msgstr "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." -#: ../../configuration/vrf/index.rst:413 +#: ../../configuration/vrf/index.rst:432 msgid "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." msgstr "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." @@ -2569,18 +2805,16 @@ msgstr "Balancing Rules" msgid "Balancing based on domain name" msgstr "Balancing based on domain name" -#: ../../configuration/service/ipoe-server.rst:122 -#: ../../configuration/service/pppoe-server.rst:182 -#: ../../configuration/vpn/l2tp.rst:113 +#: ../../configuration/service/pppoe-server.rst:251 msgid "Bandwidth Shaping" msgstr "Bandwidth Shaping" -#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/ipoe-server.rst:129 #: ../../configuration/vpn/l2tp.rst:118 msgid "Bandwidth Shaping for local users" msgstr "Bandwidth Shaping for local users" -#: ../../configuration/service/pppoe-server.rst:184 +#: ../../configuration/service/pppoe-server.rst:253 msgid "Bandwidth rate limits can be set for local users or RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or RADIUS based attributes." @@ -2588,7 +2822,7 @@ msgstr "Bandwidth rate limits can be set for local users or RADIUS based attribu msgid "Bandwidth rate limits can be set for local users or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or via RADIUS based attributes." -#: ../../configuration/service/ipoe-server.rst:124 +#: ../../configuration/service/ipoe-server.rst:125 msgid "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." @@ -2648,7 +2882,7 @@ msgstr "Before enabling any hardware segmentation offload a corresponding softwa msgid "Before you are able to apply a rule-set to a zone you have to create the zones first." msgstr "Before you are able to apply a rule-set to a zone you have to create the zones first." -#: ../../configuration/vpn/site2site_ipsec.rst:422 +#: ../../configuration/vpn/site2site_ipsec.rst:425 msgid "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." msgstr "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." @@ -2672,6 +2906,10 @@ msgstr "Bidirectional NAT" msgid "Binary value" msgstr "Binary value" +#: ../../configuration/container/index.rst:153 +msgid "Bind container network to a given VRF instance." +msgstr "Bind container network to a given VRF instance." + #: ../../configuration/protocols/bfd.rst:39 msgid "Bind listener to specific interface/address, mandatory for IPv6" msgstr "Bind listener to specific interface/address, mandatory for IPv6" @@ -2680,7 +2918,7 @@ msgstr "Bind listener to specific interface/address, mandatory for IPv6" msgid "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." msgstr "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." -#: ../../configuration/protocols/static.rst:108 +#: ../../configuration/protocols/static.rst:142 msgid "Blackhole" msgstr "Blackhole" @@ -2708,11 +2946,11 @@ msgstr "Bond / Link Aggregation" msgid "Bond options" msgstr "Bond options" -#: ../../configuration/service/dhcp-server.rst:306 +#: ../../configuration/service/dhcp-server.rst:312 msgid "Boot image length in 512-octet blocks" msgstr "Boot image length in 512-octet blocks" -#: ../../configuration/service/dhcp-server.rst:301 +#: ../../configuration/service/dhcp-server.rst:307 msgid "Bootstrap file name" msgstr "Bootstrap file name" @@ -2761,6 +2999,14 @@ msgstr "Bridge answers on IP address 192.0.2.1/24 and 2001:db8::ffff/64" msgid "Bridge maximum aging `<time>` in seconds (default: 20)." msgstr "Bridge maximum aging `<time>` in seconds (default: 20)." +#: ../../configuration/service/ipoe-server.rst:360 +#: ../../configuration/service/pppoe-server.rst:526 +#: ../../configuration/vpn/l2tp.rst:480 +#: ../../configuration/vpn/pptp.rst:404 +#: ../../configuration/vpn/sstp.rst:438 +msgid "Burst count" +msgstr "Burst count" + #: ../../configuration/interfaces/pppoe.rst:41 msgid "Business Users" msgstr "Business Users" @@ -2777,11 +3023,11 @@ msgstr "By default, FRR will bring up peering with minimal common capability for msgid "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." msgstr "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." -#: ../../configuration/system/login.rst:126 +#: ../../configuration/system/login.rst:130 msgid "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." msgstr "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." -#: ../../configuration/service/dns.rst:393 +#: ../../configuration/service/dns.rst:401 msgid "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." msgstr "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." @@ -2794,6 +3040,10 @@ msgstr "By default, enabling RPKI does not change best path selection. In partic msgid "By default, it supports both planned and unplanned outages." msgstr "By default, it supports both planned and unplanned outages." +#: ../../configuration/protocols/bgp.rst:661 +msgid "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." +msgstr "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." + #: ../../configuration/service/https.rst:45 msgid "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." msgstr "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." @@ -2839,7 +3089,7 @@ msgstr "By using Pseudo-Ethernet interfaces there will be less system overhead c msgid "Bypassing the webproxy" msgstr "Bypassing the webproxy" -#: ../../configuration/pki/index.rst:170 +#: ../../configuration/pki/index.rst:172 msgid "CA (Certificate Authority)" msgstr "CA (Certificate Authority)" @@ -2860,20 +3110,20 @@ msgstr "Capability Negotiation" msgid "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." msgstr "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." -#: ../../configuration/pki/index.rst:33 +#: ../../configuration/pki/index.rst:35 msgid "Certificate Authority (CA)" msgstr "Certificate Authority (CA)" -#: ../../configuration/pki/index.rst:185 +#: ../../configuration/pki/index.rst:187 msgid "Certificate revocation list in PEM format." msgstr "Certificate revocation list in PEM format." -#: ../../configuration/pki/index.rst:63 +#: ../../configuration/pki/index.rst:65 #: ../../configuration/vpn/sstp.rst:27 msgid "Certificates" msgstr "Certificates" -#: ../../configuration/system/option.rst:66 +#: ../../configuration/system/option.rst:96 msgid "Change system keyboard layout to given language." msgstr "Change system keyboard layout to given language." @@ -2889,7 +3139,7 @@ msgstr "Changes in BGP policies require the BGP session to be cleared. Clearing msgid "Changes to the NAT system only affect newly established connections. Already established connections are not affected." msgstr "Changes to the NAT system only affect newly established connections. Already established connections are not affected." -#: ../../configuration/system/option.rst:70 +#: ../../configuration/system/option.rst:100 msgid "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." msgstr "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." @@ -2909,11 +3159,11 @@ msgstr "Check if the Intel® QAT device is up and ready to do the job." msgid "Check status" msgstr "Check status" -#: ../../configuration/system/ipv6.rst:64 +#: ../../configuration/system/ipv6.rst:77 msgid "Check the many parameters available for the `show ipv6 route` command:" msgstr "Check the many parameters available for the `show ipv6 route` command:" -#: ../../configuration/service/pppoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:315 msgid "Checking connections" msgstr "Checking connections" @@ -2945,11 +3195,11 @@ msgstr "Class treatment" msgid "Classes" msgstr "Classes" -#: ../../configuration/service/dhcp-server.rst:326 +#: ../../configuration/service/dhcp-server.rst:332 msgid "Classless static route" msgstr "Classless static route" -#: ../../configuration/policy/route-map.rst:269 +#: ../../configuration/policy/route-map.rst:272 msgid "Clear all BGP extcommunities." msgstr "Clear all BGP extcommunities." @@ -2973,7 +3223,15 @@ msgstr "Client Authentication" msgid "Client Configuration" msgstr "Client Configuration" -#: ../../configuration/vpn/sstp.rst:289 +#: ../../configuration/service/ipoe-server.rst:328 +#: ../../configuration/service/pppoe-server.rst:446 +#: ../../configuration/vpn/l2tp.rst:400 +#: ../../configuration/vpn/pptp.rst:324 +#: ../../configuration/vpn/sstp.rst:358 +msgid "Client IP Pool Advanced Options" +msgstr "Client IP Pool Advanced Options" + +#: ../../configuration/vpn/sstp.rst:358 msgid "Client IP addresses will be provided from pool `192.0.2.0/25`" msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" @@ -2981,15 +3239,15 @@ msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" msgid "Client Side" msgstr "Client Side" -#: ../../configuration/service/ipoe-server.rst:184 +#: ../../configuration/service/ipoe-server.rst:186 msgid "Client configuration" msgstr "Client configuration" -#: ../../configuration/service/dhcp-server.rst:266 +#: ../../configuration/service/dhcp-server.rst:272 msgid "Client domain name" msgstr "Client domain name" -#: ../../configuration/service/dhcp-server.rst:321 +#: ../../configuration/service/dhcp-server.rst:327 msgid "Client domain search" msgstr "Client domain search" @@ -3001,7 +3259,7 @@ msgstr "Client isolation can be used to prevent low-level bridging of frames bet msgid "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" msgstr "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" -#: ../../configuration/service/dhcp-server.rst:514 +#: ../../configuration/service/dhcp-server.rst:520 msgid "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." msgstr "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." @@ -3019,11 +3277,11 @@ msgstr "Command completion can be used to list available time zones. The adjustm msgid "Command for disabling a rule but keep it in the configuration." msgstr "Command for disabling a rule but keep it in the configuration." -#: ../../configuration/vrf/index.rst:128 +#: ../../configuration/vrf/index.rst:147 msgid "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." msgstr "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." -#: ../../configuration/firewall/ipv4.rst:1179 +#: ../../configuration/firewall/ipv4.rst:1202 #: ../../configuration/firewall/ipv6.rst:1195 msgid "Command used to update GeoIP database and firewall sets." msgstr "Command used to update GeoIP database and firewall sets." @@ -3032,7 +3290,7 @@ msgstr "Command used to update GeoIP database and firewall sets." msgid "Commands" msgstr "Commands" -#: ../../configuration/service/dhcp-server.rst:379 +#: ../../configuration/service/dhcp-server.rst:385 msgid "Common configuration, valid for both primary and secondary node." msgstr "Common configuration, valid for both primary and secondary node." @@ -3059,7 +3317,7 @@ msgstr "Common interface configuration" msgid "Common parameters" msgstr "Common parameters" -#: ../../configuration/protocols/bgp.rst:927 +#: ../../configuration/protocols/bgp.rst:949 msgid "Confederation Configuration" msgstr "Confederation Configuration" @@ -3098,7 +3356,7 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/policy/local-route.rst:9 #: ../../configuration/policy/prefix-list.rst:16 #: ../../configuration/policy/route-map.rst:10 -#: ../../configuration/protocols/bfd.rst:143 +#: ../../configuration/protocols/bfd.rst:150 #: ../../configuration/protocols/bgp.rst:164 #: ../../configuration/protocols/igmp-proxy.rst:14 #: ../../configuration/protocols/isis.rst:28 @@ -3111,15 +3369,15 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/service/dhcp-relay.rst:19 #: ../../configuration/service/dhcp-relay.rst:137 #: ../../configuration/service/dhcp-server.rst:22 -#: ../../configuration/service/dhcp-server.rst:510 +#: ../../configuration/service/dhcp-server.rst:516 #: ../../configuration/service/dns.rst:8 -#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:214 #: ../../configuration/service/https.rst:14 -#: ../../configuration/service/ipoe-server.rst:28 +#: ../../configuration/service/ids.rst:20 #: ../../configuration/service/lldp.rst:36 #: ../../configuration/service/mdns.rst:19 #: ../../configuration/service/ntp.rst:40 -#: ../../configuration/service/pppoe-server.rst:17 +#: ../../configuration/service/router-advert.rst:28 #: ../../configuration/service/salt-minion.rst:25 #: ../../configuration/service/ssh.rst:36 #: ../../configuration/service/tftp-server.rst:14 @@ -3127,18 +3385,18 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/system/default-route.rst:12 #: ../../configuration/system/flow-accounting.rst:43 #: ../../configuration/system/lcd.rst:17 -#: ../../configuration/system/login.rst:241 -#: ../../configuration/system/login.rst:310 +#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:314 #: ../../configuration/system/sflow.rst:12 #: ../../configuration/system/updates.rst:8 #: ../../configuration/vpn/dmvpn.rst:38 #: ../../configuration/vpn/dmvpn.rst:182 #: ../../configuration/vpn/openconnect.rst:21 -#: ../../configuration/vpn/sstp.rst:65 +#: ../../configuration/vpn/sstp.rst:40 #: ../../configuration/vrf/index.rst:16 -#: ../../configuration/vrf/index.rst:253 -#: ../../configuration/vrf/index.rst:288 -#: ../../configuration/vrf/index.rst:436 +#: ../../configuration/vrf/index.rst:272 +#: ../../configuration/vrf/index.rst:307 +#: ../../configuration/vrf/index.rst:455 msgid "Configuration" msgstr "Configuration" @@ -3148,8 +3406,8 @@ msgstr "Configuration" #: ../../configuration/protocols/pim6.rst:78 #: ../../configuration/protocols/rip.rst:239 #: ../../configuration/protocols/segment-routing.rst:187 -#: ../../configuration/system/login.rst:279 -#: ../../configuration/system/login.rst:350 +#: ../../configuration/system/login.rst:283 +#: ../../configuration/system/login.rst:354 msgid "Configuration Example" msgstr "Configuration Example" @@ -3171,7 +3429,7 @@ msgstr "Configuration Options" msgid "Configuration commands covered in this section:" msgstr "Configuration commands covered in this section:" -#: ../../configuration/vpn/ipsec.rst:284 +#: ../../configuration/vpn/ipsec.rst:288 msgid "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" msgstr "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" @@ -3183,7 +3441,7 @@ msgstr "Configuration commands will display. Note the command with the public ke msgid "Configuration example:" msgstr "Configuration example:" -#: ../../configuration/vrf/index.rst:430 +#: ../../configuration/vrf/index.rst:449 msgid "Configuration for these exported routes must, at a minimum, specify these two parameters." msgstr "Configuration for these exported routes must, at a minimum, specify these two parameters." @@ -3191,15 +3449,15 @@ msgstr "Configuration for these exported routes must, at a minimum, specify thes msgid "Configuration of :ref:`routing-static`" msgstr "Configuration of :ref:`routing-static`" -#: ../../configuration/service/dhcp-server.rst:371 +#: ../../configuration/service/dhcp-server.rst:377 msgid "Configuration of a DHCP failover pair" msgstr "Configuration of a DHCP failover pair" -#: ../../configuration/vrf/index.rst:438 +#: ../../configuration/vrf/index.rst:457 msgid "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." msgstr "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." -#: ../../configuration/protocols/static.rst:166 +#: ../../configuration/protocols/static.rst:199 #: ../../configuration/system/conntrack.rst:12 msgid "Configure" msgstr "Configure" @@ -3208,11 +3466,11 @@ msgstr "Configure" msgid "Configure BFD" msgstr "Configure BFD" -#: ../../configuration/service/dns.rst:258 +#: ../../configuration/service/dns.rst:245 msgid "Configure DNS `<record>` which should be updated. This can be set multiple times." msgstr "Configure DNS `<record>` which should be updated. This can be set multiple times." -#: ../../configuration/service/dns.rst:253 +#: ../../configuration/service/dns.rst:241 msgid "Configure DNS `<zone>` to be updated." msgstr "Configure DNS `<zone>` to be updated." @@ -3230,15 +3488,27 @@ msgstr "Configure Graceful Restart :rfc:`3623` helper support. By default, helpe msgid "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." msgstr "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." +#: ../../configuration/service/ids.rst:69 +msgid "Configure ICMP threshold parameters." +msgstr "Configure ICMP threshold parameters." + #: ../../configuration/service/dhcp-relay.rst:40 msgid "Configure IP address of the DHCP `<server>` which will handle the relayed packets." msgstr "Configure IP address of the DHCP `<server>` which will handle the relayed packets." -#: ../../configuration/vpn/sstp.rst:214 +#: ../../configuration/service/ipoe-server.rst:162 +#: ../../configuration/service/pppoe-server.rst:124 +#: ../../configuration/vpn/l2tp.rst:167 +#: ../../configuration/vpn/pptp.rst:107 +#: ../../configuration/vpn/sstp.rst:140 msgid "Configure RADIUS `<server>` and its required port for authentication requests." msgstr "Configure RADIUS `<server>` and its required port for authentication requests." -#: ../../configuration/vpn/sstp.rst:218 +#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/pppoe-server.rst:90 +#: ../../configuration/vpn/l2tp.rst:133 +#: ../../configuration/vpn/pptp.rst:73 +#: ../../configuration/vpn/sstp.rst:106 msgid "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." @@ -3246,23 +3516,39 @@ msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for commu msgid "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." msgstr "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." +#: ../../configuration/service/ids.rst:74 +msgid "Configure TCP threshold parameters" +msgstr "Configure TCP threshold parameters" + +#: ../../configuration/service/ids.rst:79 +msgid "Configure UDP threshold parameters" +msgstr "Configure UDP threshold parameters" + #: ../../_include/interface-mtu.txt:4 msgid "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." msgstr "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." -#: ../../configuration/system/login.rst:375 +#: ../../configuration/system/login.rst:379 msgid "Configure `<message>` which is shown after user has logged in to the system." msgstr "Configure `<message>` which is shown after user has logged in to the system." -#: ../../configuration/system/login.rst:370 +#: ../../configuration/system/login.rst:374 msgid "Configure `<message>` which is shown during SSH connect and before a user is logged in." msgstr "Configure `<message>` which is shown during SSH connect and before a user is logged in." -#: ../../configuration/service/dns.rst:341 +#: ../../configuration/service/dns.rst:346 +msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:355 msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." -#: ../../configuration/service/dns.rst:334 +#: ../../configuration/service/dns.rst:341 +msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:348 msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." @@ -3274,13 +3560,13 @@ msgstr "Configure a URL that contains information about images." msgid "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." msgstr "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." -#: ../../configuration/protocols/bfd.rst:154 -#: ../../configuration/protocols/bfd.rst:167 +#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:174 msgid "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." -#: ../../configuration/protocols/bfd.rst:148 -#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:155 +#: ../../configuration/protocols/bfd.rst:168 msgid "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." @@ -3304,6 +3590,10 @@ msgstr "Configure agent IP address associated with this interface." msgid "Configure aggregation delay timer interval." msgstr "Configure aggregation delay timer interval." +#: ../../configuration/service/ids.rst:24 +msgid "Configure alert script that will be executed when an attack is detected." +msgstr "Configure alert script that will be executed when an attack is detected." + #: ../../configuration/vpn/openconnect.rst:285 msgid "Configure an accounting server and enable accounting with:" msgstr "Configure an accounting server and enable accounting with:" @@ -3328,6 +3618,10 @@ msgstr "Configure backend `<name>` mode TCP or HTTP" msgid "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" msgstr "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" +#: ../../configuration/service/ids.rst:33 +msgid "Configure direction for processing traffic." +msgstr "Configure direction for processing traffic." + #: ../../configuration/service/console-server.rst:49 msgid "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." msgstr "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." @@ -3336,6 +3630,14 @@ msgstr "Configure either one or two stop bits. This defaults to one stop bits if msgid "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." msgstr "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." +#: ../../configuration/service/ids.rst:64 +msgid "Configure general threshold parameters." +msgstr "Configure general threshold parameters." + +#: ../../configuration/service/ids.rst:28 +msgid "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." +msgstr "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." + #: ../../configuration/interfaces/bridge.rst:46 msgid "Configure individual bridge port `<priority>`." msgstr "Configure individual bridge port `<priority>`." @@ -3353,6 +3655,14 @@ msgstr "Configure interface-specific Host/Router behaviour. If set, the interfac msgid "Configure interface `<interface>` with one or more interface addresses." msgstr "Configure interface `<interface>` with one or more interface addresses." +#: ../../configuration/service/ids.rst:42 +msgid "Configure listen interface for mirroring traffic." +msgstr "Configure listen interface for mirroring traffic." + +#: ../../configuration/service/ids.rst:55 +msgid "Configure local IPv4 address to listen for sflow." +msgstr "Configure local IPv4 address to listen for sflow." + #: ../../configuration/service/snmp.rst:148 msgid "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" msgstr "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" @@ -3369,7 +3679,7 @@ msgstr "Configure next-hop `<address>` for an IPv4 static route. Multiple static msgid "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." msgstr "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." -#: ../../configuration/system/option.rst:95 +#: ../../configuration/system/option.rst:125 msgid "Configure one of the predefined system performance profiles." msgstr "Configure one of the predefined system performance profiles." @@ -3381,7 +3691,7 @@ msgstr "Configure one or more attributes to the given NTP server." msgid "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." msgstr "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." -#: ../../configuration/service/dns.rst:264 +#: ../../configuration/service/dns.rst:249 msgid "Configure optional TTL value on the given resource record. This defaults to 600 seconds." msgstr "Configure optional TTL value on the given resource record. This defaults to 600 seconds." @@ -3405,6 +3715,10 @@ msgstr "Configure port mirroring for `interface` outbound traffic and copy the t msgid "Configure port number of remote VXLAN endpoint." msgstr "Configure port number of remote VXLAN endpoint." +#: ../../configuration/service/ids.rst:59 +msgid "Configure port number to be used for sflow conection. Default port is 6343." +msgstr "Configure port number to be used for sflow conection. Default port is 6343." + #: ../../configuration/system/syslog.rst:73 msgid "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." msgstr "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." @@ -3429,7 +3743,7 @@ msgstr "Configure service `<name>` mode TCP or HTTP" msgid "Configure service `<name>` to use the backend <name>" msgstr "Configure service `<name>` to use the backend <name>" -#: ../../configuration/system/login.rst:394 +#: ../../configuration/system/login.rst:398 msgid "Configure session timeout after which the user will be logged out." msgstr "Configure session timeout after which the user will be logged out." @@ -3445,7 +3759,7 @@ msgstr "Configure the A-side router for NPTv6 using the prefixes above:" msgid "Configure the B-side router for NPTv6 using the prefixes above:" msgstr "Configure the B-side router for NPTv6 using the prefixes above:" -#: ../../configuration/service/dns.rst:247 +#: ../../configuration/service/dns.rst:236 msgid "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." msgstr "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." @@ -3457,11 +3771,11 @@ msgstr "Configure the IPv4 or IPv6 listen address of the TFTP server. Multiple I msgid "Configure the connection tracking protocol helper modules. All modules are enable by default." msgstr "Configure the connection tracking protocol helper modules. All modules are enable by default." -#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:256 msgid "Configure the discrete port under which the RADIUS server can be reached." msgstr "Configure the discrete port under which the RADIUS server can be reached." -#: ../../configuration/system/login.rst:321 +#: ../../configuration/system/login.rst:325 msgid "Configure the discrete port under which the TACACS server can be reached." msgstr "Configure the discrete port under which the TACACS server can be reached." @@ -3469,6 +3783,10 @@ msgstr "Configure the discrete port under which the TACACS server can be reached msgid "Configure the load-balancing reverse-proxy service for HTTP." msgstr "Configure the load-balancing reverse-proxy service for HTTP." +#: ../../configuration/service/ids.rst:46 +msgid "Configure traffic capture mode." +msgstr "Configure traffic capture mode." + #: ../../_include/interface-mac.txt:4 msgid "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." msgstr "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." @@ -3489,10 +3807,54 @@ msgstr "Configured value" msgid "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." msgstr "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." +#: ../../configuration/service/ipoe-server.rst:27 +msgid "Configuring IPoE Server" +msgstr "Configuring IPoE Server" + +#: ../../configuration/vpn/l2tp.rst:57 +msgid "Configuring IPsec" +msgstr "Configuring IPsec" + +#: ../../configuration/vpn/l2tp.rst:12 +msgid "Configuring L2TP Server" +msgstr "Configuring L2TP Server" + +#: ../../configuration/vpn/l2tp.rst:270 +msgid "Configuring LNS (L2TP Network Server)" +msgstr "Configuring LNS (L2TP Network Server)" + +#: ../../configuration/service/pppoe-server.rst:18 +msgid "Configuring PPPoE Server" +msgstr "Configuring PPPoE Server" + +#: ../../configuration/vpn/pptp.rst:13 +msgid "Configuring PPTP Server" +msgstr "Configuring PPTP Server" + #: ../../configuration/vpn/openconnect.rst:279 msgid "Configuring RADIUS accounting" msgstr "Configuring RADIUS accounting" +#: ../../configuration/service/ipoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:76 +#: ../../configuration/vpn/l2tp.rst:119 +#: ../../configuration/vpn/pptp.rst:59 +#: ../../configuration/vpn/sstp.rst:92 +msgid "Configuring RADIUS authentication" +msgstr "Configuring RADIUS authentication" + +#: ../../configuration/vpn/sstp.rst:24 +msgid "Configuring SSTP Server" +msgstr "Configuring SSTP Server" + +#: ../../configuration/vpn/sstp.rst:476 +msgid "Configuring SSTP client" +msgstr "Configuring SSTP client" + +#: ../../configuration/vpn/ipsec.rst:494 +msgid "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." +msgstr "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." + #: ../../configuration/service/tftp-server.rst:39 msgid "Configuring a listen-address is essential for the service to work." msgstr "Configuring a listen-address is essential for the service to work." @@ -3502,11 +3864,15 @@ msgstr "Configuring a listen-address is essential for the service to work." msgid "Connect/Disconnect" msgstr "Connect/Disconnect" -#: ../../configuration/vpn/sstp.rst:155 +#: ../../configuration/service/ipoe-server.rst:376 +#: ../../configuration/service/pppoe-server.rst:546 +#: ../../configuration/vpn/l2tp.rst:500 +#: ../../configuration/vpn/pptp.rst:424 +#: ../../configuration/vpn/sstp.rst:458 msgid "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." msgstr "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." -#: ../../configuration/protocols/rpki.rst:129 +#: ../../configuration/protocols/rpki.rst:143 msgid "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." msgstr "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." @@ -3542,7 +3908,7 @@ msgstr "Console" msgid "Console Server" msgstr "Console Server" -#: ../../configuration/container/index.rst:106 +#: ../../configuration/container/index.rst:111 msgid "Constrain the memory available to the container." msgstr "Constrain the memory available to the container." @@ -3550,6 +3916,14 @@ msgstr "Constrain the memory available to the container." msgid "Container" msgstr "Container" +#: ../../configuration/container/index.rst:136 +msgid "Container Networks" +msgstr "Container Networks" + +#: ../../configuration/container/index.rst:156 +msgid "Container Registry" +msgstr "Container Registry" + #: ../../configuration/system/conntrack.rst:65 msgid "Contrack Timeouts" msgstr "Contrack Timeouts" @@ -3590,7 +3964,10 @@ msgstr "Create DHCP address range with a range id of `<n>`. DHCP leases are take msgid "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" msgstr "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" -#: ../../configuration/vpn/sstp.rst:70 +#: ../../configuration/service/pppoe-server.rst:49 +#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/pptp.rst:38 +#: ../../configuration/vpn/sstp.rst:63 msgid "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." msgstr "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." @@ -3606,6 +3983,10 @@ msgstr "Create a file named ``VyOS-1.3.6.1.4.1.44641.ConfigMgmt-Commands`` using msgid "Create a load balancing rule, it can be a number between 1 and 9999:" msgstr "Create a load balancing rule, it can be a number between 1 and 9999:" +#: ../../configuration/service/dhcp-server.rst:189 +msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." +msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." + #: ../../configuration/service/dhcp-server.rst:183 msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." @@ -3614,31 +3995,31 @@ msgstr "Create a new DHCP static mapping named `<description>` which is valid fo msgid "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." msgstr "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." -#: ../../configuration/pki/index.rst:40 -#: ../../configuration/pki/index.rst:45 +#: ../../configuration/pki/index.rst:42 +#: ../../configuration/pki/index.rst:47 msgid "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." msgstr "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." -#: ../../configuration/pki/index.rst:67 -#: ../../configuration/pki/index.rst:71 +#: ../../configuration/pki/index.rst:69 +#: ../../configuration/pki/index.rst:73 msgid "Create a new public/private keypair and output the certificate on the console." msgstr "Create a new public/private keypair and output the certificate on the console." -#: ../../configuration/pki/index.rst:89 -#: ../../configuration/pki/index.rst:94 +#: ../../configuration/pki/index.rst:91 +#: ../../configuration/pki/index.rst:96 msgid "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." msgstr "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." -#: ../../configuration/pki/index.rst:77 -#: ../../configuration/pki/index.rst:82 +#: ../../configuration/pki/index.rst:79 +#: ../../configuration/pki/index.rst:84 msgid "Create a new self-signed certificate. The public/private is then shown on the console." msgstr "Create a new self-signed certificate. The public/private is then shown on the console." -#: ../../configuration/pki/index.rst:52 +#: ../../configuration/pki/index.rst:54 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." -#: ../../configuration/pki/index.rst:57 +#: ../../configuration/pki/index.rst:59 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." @@ -3686,10 +4067,15 @@ msgstr "Create named `<alias>` for the configured static mapping for `<hostname> msgid "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." msgstr "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." -#: ../../configuration/service/dns.rst:234 +#: ../../configuration/service/dns.rst:248 msgid "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." msgstr "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +#: ../../configuration/service/dns.rst:221 +#: ../../configuration/service/dns.rst:326 +msgid "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +msgstr "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." + #: ../../configuration/system/login.rst:21 msgid "Create new system user with username `<name>` and real-name specified by `<string>`." msgstr "Create new system user with username `<name>` and real-name specified by `<string>`." @@ -3698,10 +4084,14 @@ msgstr "Create new system user with username `<name>` and real-name specified by msgid "Create service `<name>` to listen on <port>" msgstr "Create service `<name>` to listen on <port>" -#: ../../configuration/container/index.rst:132 +#: ../../configuration/container/index.rst:140 msgid "Creates a named container network" msgstr "Creates a named container network" +#: ../../configuration/service/ipoe-server.rst:55 +msgid "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" +msgstr "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" + #: ../../configuration/vpn/dmvpn.rst:83 msgid "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." msgstr "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." @@ -3722,6 +4112,10 @@ msgstr "Creating a traffic policy" msgid "Creating rules for using flow tables:" msgstr "Creating rules for using flow tables:" +#: ../../configuration/container/index.rst:173 +msgid "Credentials can be defined here and will only be used when adding a container image to the system." +msgstr "Credentials can be defined here and will only be used when adding a container image to the system." + #: ../../configuration/system/syslog.rst:178 msgid "Critical" msgstr "Critical" @@ -3754,7 +4148,7 @@ msgstr "Cur Hop Limit" msgid "Currently does not do much as caching is not implemented." msgstr "Currently does not do much as caching is not implemented." -#: ../../configuration/vrf/index.rst:86 +#: ../../configuration/vrf/index.rst:105 msgid "Currently dynamic routing is supported for the following protocols:" msgstr "Currently dynamic routing is supported for the following protocols:" @@ -3778,7 +4172,7 @@ msgstr "Custom firewall chains can be created, with commands ``set firewall ipv4 msgid "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." msgstr "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." -#: ../../configuration/highavailability/index.rst:373 +#: ../../configuration/highavailability/index.rst:383 msgid "Custom health-check script allows checking real-server availability" msgstr "Custom health-check script allows checking real-server availability" @@ -3794,6 +4188,10 @@ msgstr "DCO can be enabled for both new and existing tunnels,VyOS adds an option msgid "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." msgstr "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." +#: ../../configuration/service/ids.rst:5 +msgid "DDoS Protection" +msgstr "DDoS Protection" + #: ../../configuration/service/dhcp-relay.rst:5 msgid "DHCP Relay" msgstr "DHCP Relay" @@ -3802,15 +4200,15 @@ msgstr "DHCP Relay" msgid "DHCP Server" msgstr "DHCP Server" -#: ../../configuration/service/dhcp-server.rst:351 +#: ../../configuration/service/dhcp-server.rst:357 msgid "DHCP failover parameters" msgstr "DHCP failover parameters" -#: ../../configuration/service/dhcp-server.rst:341 +#: ../../configuration/service/dhcp-server.rst:347 msgid "DHCP lease range" msgstr "DHCP lease range" -#: ../../configuration/service/dhcp-server.rst:377 +#: ../../configuration/service/dhcp-server.rst:383 msgid "DHCP range spans from `192.168.189.10` - `192.168.189.250`" msgstr "DHCP range spans from `192.168.189.10` - `192.168.189.250`" @@ -3822,7 +4220,7 @@ msgstr "DHCP relay example" msgid "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." msgstr "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." -#: ../../configuration/service/dhcp-server.rst:584 +#: ../../configuration/service/dhcp-server.rst:590 msgid "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." msgstr "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." @@ -3887,11 +4285,11 @@ msgstr "DNS name servers" msgid "DNS search list to advertise" msgstr "DNS search list to advertise" -#: ../../configuration/service/dhcp-server.rst:261 +#: ../../configuration/service/dhcp-server.rst:267 msgid "DNS server IPv4 address" msgstr "DNS server IPv4 address" -#: ../../configuration/service/dhcp-server.rst:591 +#: ../../configuration/service/dhcp-server.rst:597 msgid "DNS server is located at ``2001:db8::ffff``" msgstr "DNS server is located at ``2001:db8::ffff``" @@ -3903,7 +4301,7 @@ msgstr "DSCP values as per :rfc:`2474` and :rfc:`4595`:" msgid "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" msgstr "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" -#: ../../configuration/firewall/ipv4.rst:444 +#: ../../configuration/firewall/ipv4.rst:467 #: ../../configuration/firewall/ipv6.rst:451 msgid "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." msgstr "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." @@ -3940,15 +4338,18 @@ msgstr "Default Gateway/Route" msgid "Default Router Preference" msgstr "Default Router Preference" -#: ../../configuration/vpn/sstp.rst:201 +#: ../../configuration/service/pppoe-server.rst:509 +#: ../../configuration/vpn/l2tp.rst:463 +#: ../../configuration/vpn/pptp.rst:387 +#: ../../configuration/vpn/sstp.rst:421 msgid "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." msgstr "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." -#: ../../configuration/service/dhcp-server.rst:374 +#: ../../configuration/service/dhcp-server.rst:380 msgid "Default gateway and DNS server is at `192.0.2.254`" msgstr "Default gateway and DNS server is at `192.0.2.254`" -#: ../../configuration/container/index.rst:108 +#: ../../configuration/container/index.rst:113 msgid "Default is 512 MB. Use 0 MB for unlimited memory." msgstr "Default is 512 MB. Use 0 MB for unlimited memory." @@ -3976,7 +4377,7 @@ msgstr "Defaults to 'uid'" msgid "Defaults to 225.0.0.50." msgstr "Defaults to 225.0.0.50." -#: ../../configuration/system/option.rst:68 +#: ../../configuration/system/option.rst:98 msgid "Defaults to ``us``." msgstr "Defaults to ``us``." @@ -3988,6 +4389,10 @@ msgstr "Define Conection Timeouts" msgid "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." msgstr "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." +#: ../../configuration/container/index.rst:148 +msgid "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." +msgstr "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." + #: ../../configuration/firewall/groups.rst:52 msgid "Define a IPv4 or IPv6 Network group." msgstr "Define a IPv4 or IPv6 Network group." @@ -4040,6 +4445,10 @@ msgstr "Define different modes for sending replies in response to received ARP r msgid "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." msgstr "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." +#: ../../configuration/service/ntp.rst:88 +msgid "Define how to handle leaf-seonds." +msgstr "Define how to handle leaf-seonds." + #: ../../configuration/firewall/flowtables.rst:71 msgid "Define interfaces to be used in the flowtable." msgstr "Define interfaces to be used in the flowtable." @@ -4080,7 +4489,7 @@ msgstr "Define the zone as a local zone. A local zone has no interfaces and will msgid "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." msgstr "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." -#: ../../configuration/protocols/rpki.rst:114 +#: ../../configuration/protocols/rpki.rst:128 msgid "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." msgstr "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." @@ -4092,26 +4501,47 @@ msgstr "Defines alternate sources for multicasting and IGMP data. The network ad msgid "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." msgstr "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." -#: ../../configuration/protocols/static.rst:120 -#: ../../configuration/protocols/static.rst:133 +#: ../../configuration/protocols/static.rst:154 +#: ../../configuration/protocols/static.rst:167 msgid "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:496 +#: ../../configuration/vpn/l2tp.rst:450 +#: ../../configuration/vpn/pptp.rst:374 +#: ../../configuration/vpn/sstp.rst:408 +msgid "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." +msgstr "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." + #: ../../configuration/protocols/static.rst:34 #: ../../configuration/protocols/static.rst:54 -#: ../../configuration/protocols/static.rst:81 -#: ../../configuration/protocols/static.rst:101 +#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:124 msgid "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:515 +#: ../../configuration/vpn/l2tp.rst:469 +#: ../../configuration/vpn/pptp.rst:393 +#: ../../configuration/vpn/sstp.rst:427 +msgid "Defines preferred MRU. By default is not defined." +msgstr "Defines preferred MRU. By default is not defined." + #: ../../configuration/protocols/failover.rst:31 msgid "Defines protocols for checking ARP, ICMP, TCP" msgstr "Defines protocols for checking ARP, ICMP, TCP" -#: ../../configuration/vpn/sstp.rst:178 +#: ../../configuration/vpn/sstp.rst:184 msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." +#: ../../configuration/service/pppoe-server.rst:479 +#: ../../configuration/vpn/l2tp.rst:433 +#: ../../configuration/vpn/pptp.rst:357 +#: ../../configuration/vpn/sstp.rst:391 +msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." +msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." + #: ../../configuration/system/console.rst:21 msgid "Defines the specified device as a system console. Available console devices can be (see completion helper):" msgstr "Defines the specified device as a system console. Available console devices can be (see completion helper):" @@ -4120,15 +4550,15 @@ msgstr "Defines the specified device as a system console. Available console devi msgid "Defining Peers" msgstr "Defining Peers" -#: ../../configuration/service/dhcp-server.rst:579 +#: ../../configuration/service/dhcp-server.rst:585 msgid "Delegate prefixes from the range indicated by the start and stop qualifier." msgstr "Delegate prefixes from the range indicated by the start and stop qualifier." -#: ../../configuration/policy/route-map.rst:231 +#: ../../configuration/policy/route-map.rst:234 msgid "Delete BGP communities matching the community-list." msgstr "Delete BGP communities matching the community-list." -#: ../../configuration/policy/route-map.rst:246 +#: ../../configuration/policy/route-map.rst:249 msgid "Delete BGP communities matching the large-community-list." msgstr "Delete BGP communities matching the large-community-list." @@ -4136,11 +4566,15 @@ msgstr "Delete BGP communities matching the large-community-list." msgid "Delete Logs" msgstr "Delete Logs" -#: ../../configuration/policy/route-map.rst:226 +#: ../../configuration/container/index.rst:211 +msgid "Delete a particular container image based on it's image ID. You can also delete all container images at once." +msgstr "Delete a particular container image based on it's image ID. You can also delete all container images at once." + +#: ../../configuration/policy/route-map.rst:229 msgid "Delete all BGP communities" msgstr "Delete all BGP communities" -#: ../../configuration/policy/route-map.rst:241 +#: ../../configuration/policy/route-map.rst:244 msgid "Delete all BGP large-communities" msgstr "Delete all BGP large-communities" @@ -4205,15 +4639,37 @@ msgstr "Devices evaluating whether an IPv4 address is public must be updated to msgid "Different NAT Types" msgstr "Different NAT Types" -#: ../../configuration/pki/index.rst:100 +#: ../../configuration/pki/index.rst:102 msgid "Diffie-Hellman parameters" msgstr "Diffie-Hellman parameters" +#: ../../configuration/service/ids.rst:93 +msgid "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." +msgstr "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." + +#: ../../configuration/system/option.rst:46 +msgid "Disable CPU power saving mechanisms also known as C states." +msgstr "Disable CPU power saving mechanisms also known as C states." + +#: ../../configuration/service/pppoe-server.rst:457 +#: ../../configuration/vpn/l2tp.rst:411 +#: ../../configuration/vpn/pptp.rst:335 +#: ../../configuration/vpn/sstp.rst:369 +msgid "Disable Compression Control Protocol (CCP). CCP is enabled by default." +msgstr "Disable Compression Control Protocol (CCP). CCP is enabled by default." + #: ../../configuration/protocols/pim6.rst:37 msgid "Disable MLD reports and query on the interface." msgstr "Disable MLD reports and query on the interface." -#: ../../configuration/vpn/sstp.rst:75 +#: ../../configuration/system/login.rst:39 +msgid "Disable (lock) account. User will not be able to log in." +msgstr "Disable (lock) account. User will not be able to log in." + +#: ../../configuration/service/pppoe-server.rst:432 +#: ../../configuration/vpn/l2tp.rst:376 +#: ../../configuration/vpn/pptp.rst:300 +#: ../../configuration/vpn/sstp.rst:334 msgid "Disable `<user>` account." msgstr "Disable `<user>` account." @@ -4221,11 +4677,23 @@ msgstr "Disable `<user>` account." msgid "Disable a BFD peer" msgstr "Disable a BFD peer" -#: ../../configuration/container/index.rst:128 +#: ../../configuration/container/index.rst:133 msgid "Disable a container." msgstr "Disable a container." -#: ../../configuration/firewall/ipv4.rst:930 +#: ../../configuration/container/index.rst:166 +msgid "Disable a given container registry" +msgstr "Disable a given container registry" + +#: ../../configuration/system/option.rst:35 +msgid "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." +msgstr "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." + +#: ../../configuration/service/conntrack-sync.rst:103 +msgid "Disable connection logging via Syslog." +msgstr "Disable connection logging via Syslog." + +#: ../../configuration/firewall/ipv4.rst:953 #: ../../configuration/firewall/ipv6.rst:939 msgid "Disable conntrack loose track option" msgstr "Disable conntrack loose track option" @@ -4242,7 +4710,7 @@ msgstr "Disable dhcpv6-relay service." msgid "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." msgstr "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." -#: ../../configuration/protocols/bgp.rst:616 +#: ../../configuration/protocols/bgp.rst:628 msgid "Disable immediate session reset if peer's connected link goes down." msgstr "Disable immediate session reset if peer's connected link goes down." @@ -4286,11 +4754,11 @@ msgstr "Disabled by default - no kernel module loaded." msgid "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." msgstr "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." -#: ../../configuration/protocols/static.rst:76 +#: ../../configuration/protocols/static.rst:99 msgid "Disables interface-based IPv4 static route." msgstr "Disables interface-based IPv4 static route." -#: ../../configuration/protocols/static.rst:96 +#: ../../configuration/protocols/static.rst:119 msgid "Disables interface-based IPv6 static route." msgstr "Disables interface-based IPv6 static route." @@ -4306,7 +4774,7 @@ msgstr "Disables web filtering without discarding configuration." msgid "Disables web proxy transparent mode at a listening address." msgstr "Disables web proxy transparent mode at a listening address." -#: ../../configuration/service/router-advert.rst:73 +#: ../../configuration/service/router-advert.rst:99 msgid "Disabling Advertisements" msgstr "Disabling Advertisements" @@ -4326,11 +4794,11 @@ msgstr "Disadvantages are:" msgid "Disassociate stations based on excessive transmission failures or other indications of connection loss." msgstr "Disassociate stations based on excessive transmission failures or other indications of connection loss." -#: ../../configuration/vrf/index.rst:142 +#: ../../configuration/vrf/index.rst:161 msgid "Display IPv4 routing table for VRF identified by `<name>`." msgstr "Display IPv4 routing table for VRF identified by `<name>`." -#: ../../configuration/vrf/index.rst:161 +#: ../../configuration/vrf/index.rst:180 msgid "Display IPv6 routing table for VRF identified by `<name>`." msgstr "Display IPv6 routing table for VRF identified by `<name>`." @@ -4338,7 +4806,7 @@ msgstr "Display IPv6 routing table for VRF identified by `<name>`." msgid "Display Logs" msgstr "Display Logs" -#: ../../configuration/system/login.rst:188 +#: ../../configuration/system/login.rst:192 msgid "Display OTP key for user" msgstr "Display OTP key for user" @@ -4346,11 +4814,11 @@ msgstr "Display OTP key for user" msgid "Display all authorization attempts of the specified image" msgstr "Display all authorization attempts of the specified image" -#: ../../configuration/protocols/static.rst:200 +#: ../../configuration/protocols/static.rst:233 msgid "Display all known ARP table entries on a given interface only (`eth1`):" msgstr "Display all known ARP table entries on a given interface only (`eth1`):" -#: ../../configuration/protocols/static.rst:188 +#: ../../configuration/protocols/static.rst:221 msgid "Display all known ARP table entries spanning across all interfaces" msgstr "Display all known ARP table entries spanning across all interfaces" @@ -4382,7 +4850,7 @@ msgstr "Displays information about all neighbors discovered via LLDP." msgid "Displays queue information for a PPPoE interface." msgstr "Displays queue information for a PPPoE interface." -#: ../../configuration/vrf/index.rst:213 +#: ../../configuration/vrf/index.rst:232 msgid "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." msgstr "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." @@ -4390,14 +4858,28 @@ msgstr "Displays the route packets taken to a network host utilizing VRF instanc msgid "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." msgstr "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." +#: ../../configuration/system/ip.rst:55 +#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:85 +msgid "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + +#: ../../configuration/system/ipv6.rst:51 +msgid "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + #: ../../_include/interface-ipv6.txt:37 msgid "Do not assign a link-local IPv6 address to this interface." msgstr "Do not assign a link-local IPv6 address to this interface." -#: ../../configuration/trafficpolicy/index.rst:1208 +#: ../../configuration/trafficpolicy/index.rst:1210 msgid "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." msgstr "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." +#: ../../configuration/protocols/bgp.rst:609 +msgid "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." +msgstr "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." + #: ../../configuration/service/dns.rst:103 msgid "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." msgstr "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." @@ -4426,7 +4908,7 @@ msgstr "Domain name(s) for which to obtain certificate" msgid "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." msgstr "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." -#: ../../configuration/pki/index.rst:259 +#: ../../configuration/pki/index.rst:290 msgid "Domain names to apply, multiple domain-names can be specified." msgstr "Domain names to apply, multiple domain-names can be specified." @@ -4435,19 +4917,19 @@ msgstr "Domain names to apply, multiple domain-names can be specified." msgid "Domain search order" msgstr "Domain search order" -#: ../../configuration/pki/index.rst:25 +#: ../../configuration/pki/index.rst:27 msgid "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" msgstr "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" -#: ../../configuration/protocols/bgp.rst:1172 +#: ../../configuration/protocols/bgp.rst:1194 msgid "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/protocols/bgp.rst:1126 +#: ../../configuration/protocols/bgp.rst:1148 msgid "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/vpn/site2site_ipsec.rst:299 +#: ../../configuration/vpn/site2site_ipsec.rst:302 msgid "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." msgstr "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." @@ -4459,10 +4941,17 @@ msgstr "Download/Update complete blacklist" msgid "Download/Update partial blacklist." msgstr "Download/Update partial blacklist." -#: ../../configuration/vpn/sstp.rst:85 +#: ../../configuration/service/pppoe-server.rst:262 +#: ../../configuration/vpn/l2tp.rst:386 +#: ../../configuration/vpn/pptp.rst:310 +#: ../../configuration/vpn/sstp.rst:344 msgid "Download bandwidth limit in kbit/s for `<user>`." msgstr "Download bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:320 +msgid "Download bandwidth limit in kbit/s for user on interface `<interface>`." +msgstr "Download bandwidth limit in kbit/s for user on interface `<interface>`." + #: ../../configuration/policy/route-map.rst:202 msgid "Drop AS-NUMBER from the BGP AS path." msgstr "Drop AS-NUMBER from the BGP AS path." @@ -4479,7 +4968,7 @@ msgstr "Drop rate" msgid "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" msgstr "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" -#: ../../configuration/service/pppoe-server.rst:367 +#: ../../configuration/service/pppoe-server.rst:625 msgid "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" msgstr "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" @@ -4495,19 +4984,23 @@ msgstr "Dummy interface" msgid "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." msgstr "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." -#: ../../configuration/vrf/index.rst:193 +#: ../../configuration/vrf/index.rst:212 msgid "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." msgstr "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." -#: ../../configuration/pki/index.rst:285 +#: ../../configuration/pki/index.rst:316 msgid "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" msgstr "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" +#: ../../configuration/vpn/ipsec.rst:568 +msgid "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." +msgstr "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." + #: ../../configuration/service/ssh.rst:113 msgid "Dynamic-protection" msgstr "Dynamic-protection" -#: ../../configuration/service/dns.rst:212 +#: ../../configuration/service/dns.rst:199 msgid "Dynamic DNS" msgstr "Dynamic DNS" @@ -4519,11 +5012,11 @@ msgstr "EAPoL comes with an identify option. We automatically use the interface msgid "ESP Phase:" msgstr "ESP Phase:" -#: ../../configuration/vpn/ipsec.rst:111 +#: ../../configuration/vpn/ipsec.rst:113 msgid "ESP (Encapsulating Security Payload) Attributes" msgstr "ESP (Encapsulating Security Payload) Attributes" -#: ../../configuration/vpn/ipsec.rst:112 +#: ../../configuration/vpn/ipsec.rst:115 msgid "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" msgstr "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" @@ -4587,7 +5080,7 @@ msgstr "Eenables the Generic Protocol extension (VXLAN-GPE). Currently, this is msgid "Email address to associate with certificate" msgstr "Email address to associate with certificate" -#: ../../configuration/pki/index.rst:265 +#: ../../configuration/pki/index.rst:296 msgid "Email used for registration and recovery contact." msgstr "Email used for registration and recovery contact." @@ -4599,35 +5092,35 @@ msgstr "Embedding one policy into another one" msgid "Emergency" msgstr "Emergency" -#: ../../configuration/protocols/bfd.rst:89 +#: ../../configuration/protocols/bfd.rst:96 msgid "Enable BFD for ISIS on an interface" msgstr "Enable BFD for ISIS on an interface" -#: ../../configuration/protocols/bfd.rst:77 +#: ../../configuration/protocols/bfd.rst:84 msgid "Enable BFD for OSPF on an interface" msgstr "Enable BFD for OSPF on an interface" -#: ../../configuration/protocols/bfd.rst:81 +#: ../../configuration/protocols/bfd.rst:88 msgid "Enable BFD for OSPFv3 on an interface" msgstr "Enable BFD for OSPFv3 on an interface" -#: ../../configuration/protocols/bfd.rst:61 +#: ../../configuration/protocols/bfd.rst:68 msgid "Enable BFD in BGP" msgstr "Enable BFD in BGP" -#: ../../configuration/protocols/bfd.rst:85 +#: ../../configuration/protocols/bfd.rst:92 msgid "Enable BFD in ISIS" msgstr "Enable BFD in ISIS" -#: ../../configuration/protocols/bfd.rst:73 +#: ../../configuration/protocols/bfd.rst:80 msgid "Enable BFD in OSPF" msgstr "Enable BFD in OSPF" -#: ../../configuration/protocols/bfd.rst:69 +#: ../../configuration/protocols/bfd.rst:76 msgid "Enable BFD on a BGP peer group" msgstr "Enable BFD on a BGP peer group" -#: ../../configuration/protocols/bfd.rst:65 +#: ../../configuration/protocols/bfd.rst:72 msgid "Enable BFD on a single BGP neighbor" msgstr "Enable BFD on a single BGP neighbor" @@ -4651,7 +5144,7 @@ msgstr "Enable IGMP and MLD querier." msgid "Enable IGMP and MLD snooping." msgstr "Enable IGMP and MLD snooping." -#: ../../configuration/service/dhcp-server.rst:271 +#: ../../configuration/service/dhcp-server.rst:277 msgid "Enable IP forwarding on client" msgstr "Enable IP forwarding on client" @@ -4705,7 +5198,7 @@ msgstr "Enable OSPF with Segment Routing (Experimental):" msgid "Enable OSPF with route redistribution of the loopback and default originate:" msgstr "Enable OSPF with route redistribution of the loopback and default originate:" -#: ../../configuration/system/login.rst:103 +#: ../../configuration/system/login.rst:107 msgid "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." @@ -4713,6 +5206,18 @@ msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE msgid "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." msgstr "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." +#: ../../configuration/service/router-advert.rst:82 +msgid "Enable PREF64 option as outlined in :rfc:`8781`." +msgstr "Enable PREF64 option as outlined in :rfc:`8781`." + +#: ../../configuration/service/ipoe-server.rst:386 +#: ../../configuration/service/pppoe-server.rst:575 +#: ../../configuration/vpn/l2tp.rst:510 +#: ../../configuration/vpn/pptp.rst:434 +#: ../../configuration/vpn/sstp.rst:468 +msgid "Enable SNMP" +msgstr "Enable SNMP" + #: ../../configuration/service/lldp.rst:59 msgid "Enable SNMP queries of the LLDP database" msgstr "Enable SNMP queries of the LLDP database" @@ -4833,15 +5338,19 @@ msgstr "Enabled on-demand PPPoE connections bring up the link only when traffic msgid "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." msgstr "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." -#: ../../configuration/vrf/index.rst:461 +#: ../../configuration/vrf/index.rst:480 msgid "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." msgstr "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." -#: ../../configuration/vpn/sstp.rst:277 +#: ../../configuration/service/ipoe-server.rst:220 +#: ../../configuration/service/pppoe-server.rst:182 +#: ../../configuration/vpn/l2tp.rst:225 +#: ../../configuration/vpn/pptp.rst:165 +#: ../../configuration/vpn/sstp.rst:198 msgid "Enables bandwidth shaping via RADIUS." msgstr "Enables bandwidth shaping via RADIUS." -#: ../../configuration/vrf/index.rst:483 +#: ../../configuration/vrf/index.rst:502 msgid "Enables import or export of routes between the current unicast VRF and VPN." msgstr "Enables import or export of routes between the current unicast VRF and VPN." @@ -4853,6 +5362,10 @@ msgstr "Enables the Generic Protocol extension (VXLAN-GPE). Currently, this is o msgid "Enables the echo transmission mode" msgstr "Enables the echo transmission mode" +#: ../../configuration/system/option.rst:27 +msgid "Enables the root partition auto-extension and resizes to the maximum available space on system boot." +msgstr "Enables the root partition auto-extension and resizes to the maximum available space on system boot." + #: ../../configuration/service/router-advert.rst:27 msgid "Enabling Advertisments" msgstr "Enabling Advertisments" @@ -4877,7 +5390,7 @@ msgstr "Enforce strict path checking" msgid "Enslave `<member>` interface to bond `<interface>`." msgstr "Enslave `<member>` interface to bond `<interface>`." -#: ../../configuration/protocols/bgp.rst:764 +#: ../../configuration/protocols/bgp.rst:786 msgid "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." msgstr "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." @@ -4945,11 +5458,11 @@ msgstr "Every NAT rule has a translation command defined. The address defined fo msgid "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" msgstr "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" -#: ../../configuration/system/login.rst:47 +#: ../../configuration/system/login.rst:51 msgid "Every SSH key comes in three parts:" msgstr "Every SSH key comes in three parts:" -#: ../../configuration/system/login.rst:68 +#: ../../configuration/system/login.rst:72 msgid "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" msgstr "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" @@ -4965,12 +5478,16 @@ msgstr "Every Virtual Ethernet interfaces behaves like a real Ethernet interface msgid "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." msgstr "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." +#: ../../configuration/vpn/ipsec.rst:439 +msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." +msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:98 msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." #: ../../configuration/firewall/bridge.rst:321 -#: ../../configuration/highavailability/index.rst:397 +#: ../../configuration/highavailability/index.rst:407 #: ../../configuration/interfaces/bonding.rst:291 #: ../../configuration/interfaces/l2tpv3.rst:86 #: ../../configuration/interfaces/pppoe.rst:323 @@ -4980,23 +5497,24 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/protocols/failover.rst:63 #: ../../configuration/protocols/igmp-proxy.rst:61 #: ../../configuration/protocols/pim.rst:217 -#: ../../configuration/protocols/rpki.rst:156 +#: ../../configuration/protocols/rpki.rst:166 #: ../../configuration/service/broadcast-relay.rst:55 -#: ../../configuration/service/conntrack-sync.rst:186 +#: ../../configuration/service/conntrack-sync.rst:190 #: ../../configuration/service/dhcp-relay.rst:85 #: ../../configuration/service/dhcp-relay.rst:174 -#: ../../configuration/service/dhcp-server.rst:362 -#: ../../configuration/service/dns.rst:160 -#: ../../configuration/service/dns.rst:276 +#: ../../configuration/service/dhcp-server.rst:368 +#: ../../configuration/service/dns.rst:147 +#: ../../configuration/service/dns.rst:260 #: ../../configuration/service/eventhandler.rst:83 -#: ../../configuration/service/ipoe-server.rst:150 +#: ../../configuration/service/ids.rst:82 #: ../../configuration/service/mdns.rst:50 #: ../../configuration/service/monitoring.rst:134 +#: ../../configuration/service/router-advert.rst:108 #: ../../configuration/service/snmp.rst:94 #: ../../configuration/service/snmp.rst:145 #: ../../configuration/service/tftp-server.rst:47 #: ../../configuration/system/acceleration.rst:58 -#: ../../configuration/system/login.rst:397 +#: ../../configuration/system/login.rst:401 #: ../../configuration/system/name-server.rst:28 #: ../../configuration/system/name-server.rst:63 #: ../../configuration/system/sflow.rst:49 @@ -5005,9 +5523,8 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/trafficpolicy/index.rst:1122 #: ../../configuration/vpn/dmvpn.rst:161 #: ../../configuration/vpn/openconnect.rst:97 -#: ../../configuration/vpn/sstp.rst:286 -#: ../../configuration/vrf/index.rst:99 -#: ../../configuration/vrf/index.rst:232 +#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:251 msgid "Example" msgstr "Example" @@ -5028,16 +5545,18 @@ msgstr "Example, from radius-server send command for disconnect client with user #: ../../configuration/nat/nat44.rst:425 #: ../../configuration/nat/nat66.rst:78 #: ../../configuration/nat/nat66.rst:96 -#: ../../configuration/protocols/static.rst:174 -#: ../../configuration/service/dns.rst:363 +#: ../../configuration/protocols/static.rst:67 +#: ../../configuration/protocols/static.rst:135 +#: ../../configuration/protocols/static.rst:207 +#: ../../configuration/service/dns.rst:366 #: ../../configuration/service/monitoring.rst:69 #: ../../configuration/service/monitoring.rst:98 #: ../../configuration/service/ssh.rst:165 #: ../../configuration/service/ssh.rst:200 #: ../../configuration/system/flow-accounting.rst:164 -#: ../../configuration/vpn/l2tp.rst:41 -#: ../../configuration/vpn/site2site_ipsec.rst:162 -#: ../../configuration/vpn/site2site_ipsec.rst:273 +#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:276 #: ../../_include/interface-address-with-dhcp.txt:22 #: ../../_include/interface-address.txt:9 #: ../../_include/interface-description.txt:7 @@ -5121,13 +5640,12 @@ msgstr "Example: Set `eth0` member port to be native VLAN 2" msgid "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." msgstr "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." -#: ../../configuration/container/index.rst:177 +#: ../../configuration/container/index.rst:216 #: ../../configuration/service/https.rst:77 -#: ../../configuration/service/router-advert.rst:80 msgid "Example Configuration" msgstr "Example Configuration" -#: ../../configuration/service/dns.rst:378 +#: ../../configuration/service/dns.rst:384 msgid "Example IPv6 only:" msgstr "Example IPv6 only:" @@ -5135,7 +5653,7 @@ msgstr "Example IPv6 only:" msgid "Example Network" msgstr "Example Network" -#: ../../configuration/firewall/ipv4.rst:1130 +#: ../../configuration/firewall/ipv4.rst:1153 #: ../../configuration/firewall/ipv6.rst:1153 msgid "Example Partial Config" msgstr "Example Partial Config" @@ -5156,7 +5674,7 @@ msgstr "Example for configuring a simple L2TP over IPsec VPN for remote access ( msgid "Example of redirection:" msgstr "Example of redirection:" -#: ../../configuration/firewall/ipv4.rst:925 +#: ../../configuration/firewall/ipv4.rst:948 #: ../../configuration/firewall/ipv6.rst:934 msgid "Example synproxy" msgstr "Example synproxy" @@ -5167,16 +5685,16 @@ msgstr "Example synproxy" #: ../../configuration/interfaces/wireless.rst:541 #: ../../configuration/loadbalancing/reverse-proxy.rst:187 #: ../../configuration/policy/index.rst:46 -#: ../../configuration/protocols/bgp.rst:1096 +#: ../../configuration/protocols/bgp.rst:1118 #: ../../configuration/protocols/isis.rst:336 #: ../../configuration/protocols/ospf.rst:834 -#: ../../configuration/service/pppoe-server.rst:343 +#: ../../configuration/service/pppoe-server.rst:601 #: ../../configuration/service/webproxy.rst:419 msgid "Examples" msgstr "Examples" #: ../../configuration/nat/nat44.rst:154 -#: ../../configuration/vpn/site2site_ipsec.rst:157 +#: ../../configuration/vpn/site2site_ipsec.rst:160 msgid "Examples:" msgstr "Examples:" @@ -5224,6 +5742,10 @@ msgstr "External DHCPv6 server is at 2001:db8::4" msgid "External Route Summarisation" msgstr "External Route Summarisation" +#: ../../configuration/service/ids.rst:101 +msgid "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" +msgstr "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" + #: ../../configuration/trafficpolicy/index.rst:441 msgid "FQ-CoDel" msgstr "FQ-CoDel" @@ -5275,7 +5797,7 @@ msgstr "Facility Code" #: ../../configuration/loadbalancing/wan.rst:218 #: ../../configuration/protocols/failover.rst:3 #: ../../configuration/service/dhcp-server.rst:136 -#: ../../configuration/service/dhcp-server.rst:369 +#: ../../configuration/service/dhcp-server.rst:375 msgid "Failover" msgstr "Failover" @@ -5303,6 +5825,14 @@ msgstr "Fair Queue is a non-shaping (work-conserving) policy, so it will only be msgid "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." msgstr "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." +#: ../../configuration/service/ids.rst:9 +msgid "FastNetMon" +msgstr "FastNetMon" + +#: ../../configuration/service/ids.rst:11 +msgid "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." +msgstr "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." + #: ../../configuration/protocols/rpki.rst:78 msgid "Features of the Current Implementation" msgstr "Features of the Current Implementation" @@ -5311,11 +5841,15 @@ msgstr "Features of the Current Implementation" msgid "Field" msgstr "Field" -#: ../../configuration/service/dns.rst:241 +#: ../../configuration/service/dns.rst:231 +msgid "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." +msgstr "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." + +#: ../../configuration/service/dns.rst:255 msgid "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." msgstr "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." -#: ../../configuration/service/pppoe-server.rst:228 +#: ../../configuration/service/pppoe-server.rst:302 msgid "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" msgstr "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" @@ -5404,7 +5938,7 @@ msgstr "Firewall groups represent collections of IP addresses, networks, ports, msgid "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." msgstr "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." -#: ../../configuration/highavailability/index.rst:381 +#: ../../configuration/highavailability/index.rst:391 msgid "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" msgstr "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" @@ -5428,7 +5962,7 @@ msgstr "Firmware Update" msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." -#: ../../configuration/vpn/ipsec.rst:267 +#: ../../configuration/vpn/ipsec.rst:271 msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." @@ -5544,15 +6078,15 @@ msgstr "For Hashing:" msgid "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." msgstr "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." -#: ../../configuration/policy/route-map.rst:311 +#: ../../configuration/policy/route-map.rst:314 msgid "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." msgstr "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." -#: ../../configuration/service/pppoe-server.rst:188 +#: ../../configuration/service/pppoe-server.rst:257 msgid "For Local Users" msgstr "For Local Users" -#: ../../configuration/service/pppoe-server.rst:223 +#: ../../configuration/service/pppoe-server.rst:297 msgid "For RADIUS users" msgstr "For RADIUS users" @@ -5592,7 +6126,7 @@ msgstr "For a simple home network using just the ISP's equipment, this is usuall msgid "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." msgstr "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." -#: ../../configuration/system/login.rst:132 +#: ../../configuration/system/login.rst:136 msgid "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." msgstr "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." @@ -5618,7 +6152,7 @@ msgstr "For fragmented TCP or UDP packets and all other IPv4 and IPv6 protocol t msgid "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" msgstr "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" -#: ../../configuration/protocols/bgp.rst:823 +#: ../../configuration/protocols/bgp.rst:845 msgid "For inbound updates the order of preference is:" msgstr "For inbound updates the order of preference is:" @@ -5642,7 +6176,11 @@ msgstr "For latest releases, refer the `firewall (interface-groups) <https://doc msgid "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." msgstr "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." -#: ../../configuration/service/pppoe-server.rst:299 +#: ../../configuration/protocols/bfd.rst:61 +msgid "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." +msgstr "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." + +#: ../../configuration/service/pppoe-server.rst:307 msgid "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." msgstr "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." @@ -5650,7 +6188,7 @@ msgstr "For network maintenance, it's a good idea to direct users to a backup se msgid "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." msgstr "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." -#: ../../configuration/protocols/bgp.rst:829 +#: ../../configuration/protocols/bgp.rst:851 msgid "For outbound updates the order of preference is:" msgstr "For outbound updates the order of preference is:" @@ -5695,7 +6233,7 @@ msgstr "For the average user a serial console has no advantage over a console of msgid "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." msgstr "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." -#: ../../configuration/container/index.rst:179 +#: ../../configuration/container/index.rst:218 msgid "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." msgstr "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." @@ -5737,7 +6275,7 @@ msgstr "Formally, a virtual link looks like a point-to-point network connecting msgid "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." msgstr "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." -#: ../../configuration/highavailability/index.rst:362 +#: ../../configuration/highavailability/index.rst:372 msgid "Forward method" msgstr "Forward method" @@ -5765,7 +6303,7 @@ msgstr "From a security perspective, it is not recommended to let a third party msgid "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" msgstr "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" -#: ../../configuration/highavailability/index.rst:380 +#: ../../configuration/highavailability/index.rst:390 msgid "Fwmark" msgstr "Fwmark" @@ -5806,6 +6344,11 @@ msgstr "GRE is often seen as a one size fits all solution when it comes to class msgid "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." msgstr "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." +#: ../../configuration/pki/index.rst:123 +#: ../../configuration/pki/index.rst:128 +msgid "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." +msgstr "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." + #: ../../configuration/protocols/isis.rst:25 #: ../../configuration/protocols/ospf.rst:25 #: ../../configuration/protocols/ospf.rst:1081 @@ -5835,18 +6378,18 @@ msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key." msgid "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." -#: ../../configuration/pki/index.rst:153 -#: ../../configuration/pki/index.rst:157 +#: ../../configuration/pki/index.rst:155 +#: ../../configuration/pki/index.rst:159 msgid "Generate a WireGuard pre-shared secret used for peers to communicate." msgstr "Generate a WireGuard pre-shared secret used for peers to communicate." -#: ../../configuration/pki/index.rst:136 -#: ../../configuration/pki/index.rst:141 +#: ../../configuration/pki/index.rst:138 +#: ../../configuration/pki/index.rst:143 msgid "Generate a new WireGuard public/private key portion and output the result to the console." msgstr "Generate a new WireGuard public/private key portion and output the result to the console." -#: ../../configuration/pki/index.rst:104 -#: ../../configuration/pki/index.rst:111 +#: ../../configuration/pki/index.rst:106 +#: ../../configuration/pki/index.rst:113 msgid "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." msgstr "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." @@ -5898,6 +6441,14 @@ msgstr "Given the following example we have one VyOS router acting as OpenVPN se msgid "Gloabal" msgstr "Gloabal" +#: ../../configuration/service/ipoe-server.rst:352 +#: ../../configuration/service/pppoe-server.rst:518 +#: ../../configuration/vpn/l2tp.rst:472 +#: ../../configuration/vpn/pptp.rst:396 +#: ../../configuration/vpn/sstp.rst:430 +msgid "Global Advanced options" +msgstr "Global Advanced options" + #: ../../configuration/firewall/general.rst:84 msgid "Global Options" msgstr "Global Options" @@ -5956,7 +6507,7 @@ msgstr "HTTP based services" msgid "HTTP basic authentication username" msgstr "HTTP basic authentication username" -#: ../../configuration/system/option.rst:27 +#: ../../configuration/system/option.rst:57 msgid "HTTP client" msgstr "HTTP client" @@ -5968,7 +6519,7 @@ msgstr "HT (High Throughput) capabilities (802.11n)" msgid "Hairpin NAT/NAT Reflection" msgstr "Hairpin NAT/NAT Reflection" -#: ../../configuration/service/dhcp-server.rst:573 +#: ../../configuration/service/dhcp-server.rst:579 msgid "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." msgstr "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." @@ -5980,7 +6531,7 @@ msgstr "Handling and monitoring" msgid "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." msgstr "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." -#: ../../configuration/highavailability/index.rst:372 +#: ../../configuration/highavailability/index.rst:382 msgid "Health-check" msgstr "Health-check" @@ -6024,7 +6575,7 @@ msgstr "Here is a second example of a dual-stack tunnel over IPv6 between a VyOS msgid "Here is an example :abbr:`NET (Network Entity Title)` value:" msgstr "Here is an example :abbr:`NET (Network Entity Title)` value:" -#: ../../configuration/protocols/rpki.rst:167 +#: ../../configuration/protocols/rpki.rst:177 msgid "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." msgstr "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." @@ -6074,7 +6625,7 @@ msgstr "Host Information" msgid "Host name" msgstr "Host name" -#: ../../configuration/service/dhcp-server.rst:630 +#: ../../configuration/service/dhcp-server.rst:638 msgid "Host specific mapping shall be named ``client1``" msgstr "Host specific mapping shall be named ``client1``" @@ -6094,7 +6645,7 @@ msgstr "How to configure Event Handler" msgid "How to make it work" msgstr "How to make it work" -#: ../../configuration/vpn/ipsec.rst:263 +#: ../../configuration/vpn/ipsec.rst:267 msgid "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." msgstr "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." @@ -6158,14 +6709,18 @@ msgstr "IKE (Internet Key Exchange) Attributes" msgid "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" msgstr "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" -#: ../../configuration/vpn/site2site_ipsec.rst:160 +#: ../../configuration/vpn/site2site_ipsec.rst:163 msgid "IKEv1" msgstr "IKEv1" -#: ../../configuration/vpn/site2site_ipsec.rst:271 +#: ../../configuration/vpn/site2site_ipsec.rst:274 msgid "IKEv2" msgstr "IKEv2" +#: ../../configuration/vpn/ipsec.rst:372 +msgid "IKEv2 IPSec road-warriors remote-access VPN" +msgstr "IKEv2 IPSec road-warriors remote-access VPN" + #: ../../configuration/system/ip.rst:3 msgid "IP" msgstr "IP" @@ -6198,11 +6753,11 @@ msgstr "IPSec IKE and ESP Groups;" msgid "IPSec IKEv2 Remote Access VPN" msgstr "IPSec IKEv2 Remote Access VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN" msgstr "IPSec IKEv2 site2site VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" msgstr "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" @@ -6218,7 +6773,7 @@ msgstr "IPSec VPN tunnels." msgid "IP address" msgstr "IP address" -#: ../../configuration/service/dhcp-server.rst:202 +#: ../../configuration/service/dhcp-server.rst:208 msgid "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" @@ -6227,19 +6782,19 @@ msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named msgid "IP address ``192.168.2.1/24``" msgstr "IP address ``192.168.2.1/24``" -#: ../../configuration/service/dhcp-server.rst:286 +#: ../../configuration/service/dhcp-server.rst:292 msgid "IP address for DHCP server identifier" msgstr "IP address for DHCP server identifier" -#: ../../configuration/service/dhcp-server.rst:276 +#: ../../configuration/service/dhcp-server.rst:282 msgid "IP address of NTP server" msgstr "IP address of NTP server" -#: ../../configuration/service/dhcp-server.rst:316 +#: ../../configuration/service/dhcp-server.rst:322 msgid "IP address of POP3 server" msgstr "IP address of POP3 server" -#: ../../configuration/service/dhcp-server.rst:311 +#: ../../configuration/service/dhcp-server.rst:317 msgid "IP address of SMTP server" msgstr "IP address of SMTP server" @@ -6255,7 +6810,7 @@ msgstr "IP address of route to match, based on prefix-list." msgid "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." msgstr "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." -#: ../../configuration/service/dhcp-server.rst:346 +#: ../../configuration/service/dhcp-server.rst:352 msgid "IP address to exclude from DHCP lease range" msgstr "IP address to exclude from DHCP lease range" @@ -6295,7 +6850,7 @@ msgstr "IP next-hop of route to match, based on type." msgid "IP precedence as defined in :rfc:`791`:" msgstr "IP precedence as defined in :rfc:`791`:" -#: ../../configuration/vpn/l2tp.rst:33 +#: ../../configuration/vpn/l2tp.rst:83 msgid "IP protocol number 50 (ESP)" msgstr "IP protocol number 50 (ESP)" @@ -6307,19 +6862,19 @@ msgstr "IP route source of route to match, based on access-list." msgid "IP route source of route to match, based on prefix-list." msgstr "IP route source of route to match, based on prefix-list." -#: ../../configuration/service/ipoe-server.rst:7 +#: ../../configuration/service/ipoe-server.rst:5 msgid "IPoE Server" msgstr "IPoE Server" -#: ../../configuration/service/ipoe-server.rst:30 +#: ../../configuration/service/ipoe-server.rst:29 msgid "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." msgstr "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." -#: ../../configuration/service/ipoe-server.rst:13 +#: ../../configuration/service/ipoe-server.rst:11 msgid "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." msgstr "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." -#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:153 msgid "IPoE server will listen on interfaces eth1.50 and eth1.51" msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" @@ -6327,11 +6882,11 @@ msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" msgid "IPsec" msgstr "IPsec" -#: ../../configuration/vpn/ipsec.rst:172 +#: ../../configuration/vpn/ipsec.rst:176 msgid "IPsec policy matching GRE" msgstr "IPsec policy matching GRE" -#: ../../configuration/service/pppoe-server.rst:346 +#: ../../configuration/service/pppoe-server.rst:604 msgid "IPv4" msgstr "IPv4" @@ -6343,11 +6898,11 @@ msgstr "IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, msgid "IPv4 Firewall Configuration" msgstr "IPv4 Firewall Configuration" -#: ../../configuration/service/dhcp-server.rst:291 +#: ../../configuration/service/dhcp-server.rst:297 msgid "IPv4 address of next bootstrap server" msgstr "IPv4 address of next bootstrap server" -#: ../../configuration/service/dhcp-server.rst:251 +#: ../../configuration/service/dhcp-server.rst:257 msgid "IPv4 address of router on the client's subnet" msgstr "IPv4 address of router on the client's subnet" @@ -6355,7 +6910,7 @@ msgstr "IPv4 address of router on the client's subnet" msgid "IPv4 or IPv6 source address of NetFlow packets" msgstr "IPv4 or IPv6 source address of NetFlow packets" -#: ../../configuration/protocols/bgp.rst:1099 +#: ../../configuration/protocols/bgp.rst:1121 msgid "IPv4 peering" msgstr "IPv4 peering" @@ -6376,8 +6931,12 @@ msgid "IPv4 server" msgstr "IPv4 server" #: ../../configuration/interfaces/pppoe.rst:244 -#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/service/ipoe-server.rst:256 +#: ../../configuration/service/pppoe-server.rst:341 #: ../../configuration/system/ipv6.rst:3 +#: ../../configuration/vpn/l2tp.rst:286 +#: ../../configuration/vpn/pptp.rst:210 +#: ../../configuration/vpn/sstp.rst:244 msgid "IPv6" msgstr "IPv6" @@ -6385,6 +6944,13 @@ msgstr "IPv6" msgid "IPv6 Access List" msgstr "IPv6 Access List" +#: ../../configuration/service/pppoe-server.rst:381 +#: ../../configuration/vpn/l2tp.rst:325 +#: ../../configuration/vpn/pptp.rst:249 +#: ../../configuration/vpn/sstp.rst:283 +msgid "IPv6 Advanced Options" +msgstr "IPv6 Advanced Options" + #: ../../configuration/interfaces/pppoe.rst:379 msgid "IPv6 DHCPv6-PD Example" msgstr "IPv6 DHCPv6-PD Example" @@ -6417,7 +6983,7 @@ msgstr "IPv6 SLAAC and IA-PD" msgid "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" msgstr "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" -#: ../../configuration/service/dhcp-server.rst:628 +#: ../../configuration/service/dhcp-server.rst:636 msgid "IPv6 address ``2001:db8::101`` shall be statically mapped" msgstr "IPv6 address ``2001:db8::101`` shall be statically mapped" @@ -6434,10 +7000,18 @@ msgid "IPv6 address of route to match, based on specified prefix-length. Note th msgstr "IPv6 address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." #: ../../configuration/service/pppoe-server.rst:270 +msgid "IPv6 client's prefix" +msgstr "IPv6 client's prefix" + +#: ../../configuration/service/pppoe-server.rst:270 msgid "IPv6 client's prefix assignment" msgstr "IPv6 client's prefix assignment" -#: ../../configuration/protocols/bgp.rst:1144 +#: ../../configuration/service/pppoe-server.rst:295 +msgid "IPv6 default client's pool assignment" +msgstr "IPv6 default client's pool assignment" + +#: ../../configuration/protocols/bgp.rst:1166 msgid "IPv6 peering" msgstr "IPv6 peering" @@ -6445,7 +7019,7 @@ msgstr "IPv6 peering" msgid "IPv6 prefix." msgstr "IPv6 prefix." -#: ../../configuration/service/dhcp-server.rst:629 +#: ../../configuration/service/dhcp-server.rst:637 msgid "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" msgstr "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" @@ -6457,7 +7031,7 @@ msgstr "IPv6 relay" msgid "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." msgstr "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." -#: ../../configuration/service/dhcp-server.rst:502 +#: ../../configuration/service/dhcp-server.rst:508 msgid "IPv6 server" msgstr "IPv6 server" @@ -6477,7 +7051,7 @@ msgstr "IS-IS Global Configuration" msgid "IS-IS SR Configuration" msgstr "IS-IS SR Configuration" -#: ../../configuration/service/dhcp-server.rst:233 +#: ../../configuration/service/dhcp-server.rst:239 msgid "ISC-DHCP Option name" msgstr "ISC-DHCP Option name" @@ -6493,7 +7067,7 @@ msgstr "If **max-threshold** is set but **min-threshold is not, then **min-thres msgid "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." msgstr "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." -#: ../../configuration/pki/index.rst:249 +#: ../../configuration/pki/index.rst:251 msgid "If CA is present, this certificate will be included in generated CRLs" msgstr "If CA is present, this certificate will be included in generated CRLs" @@ -6517,7 +7091,11 @@ msgstr "If :cfgcmd:`strict` is set the BGP session won’t become established un msgid "If ``alias`` is set, it can be used instead of the device when connecting." msgstr "If ``alias`` is set, it can be used instead of the device when connecting." -#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/policy/route-map.rst:204 +msgid "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." +msgstr "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." + +#: ../../configuration/vpn/l2tp.rst:79 msgid "If a local firewall policy is in place on your external interface you will need to allow the ports below:" msgstr "If a local firewall policy is in place on your external interface you will need to allow the ports below:" @@ -6530,7 +7108,7 @@ msgstr "If a registry is not specified, Docker.io will be used as the container msgid "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." msgstr "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." -#: ../../configuration/protocols/bgp.rst:771 +#: ../../configuration/protocols/bgp.rst:793 msgid "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." msgstr "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." @@ -6660,11 +7238,46 @@ msgstr "If the AS-Path for the route has only private ASNs, the private ASNs are msgid "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." msgstr "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." +#: ../../configuration/service/ipoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:205 +#: ../../configuration/vpn/l2tp.rst:248 +#: ../../configuration/vpn/pptp.rst:188 +#: ../../configuration/vpn/sstp.rst:221 +msgid "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:233 +#: ../../configuration/service/pppoe-server.rst:195 +#: ../../configuration/vpn/l2tp.rst:238 +#: ../../configuration/vpn/pptp.rst:178 +#: ../../configuration/vpn/sstp.rst:211 +msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." +msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." + #: ../../configuration/vpn/l2tp.rst:211 msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." -#: ../../configuration/vpn/l2tp.rst:218 +#: ../../configuration/service/ipoe-server.rst:237 +#: ../../configuration/service/pppoe-server.rst:199 +#: ../../configuration/vpn/l2tp.rst:242 +#: ../../configuration/vpn/pptp.rst:182 +#: ../../configuration/vpn/sstp.rst:215 +msgid "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:240 +#: ../../configuration/service/pppoe-server.rst:202 +#: ../../configuration/vpn/l2tp.rst:245 +#: ../../configuration/vpn/pptp.rst:185 +#: ../../configuration/vpn/sstp.rst:218 +msgid "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." + +#: ../../configuration/service/pppoe-server.rst:219 +#: ../../configuration/vpn/l2tp.rst:262 +#: ../../configuration/vpn/pptp.rst:202 +#: ../../configuration/vpn/sstp.rst:235 msgid "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." msgstr "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." @@ -6688,6 +7301,10 @@ msgstr "If the current queue size is larger than **queue-limit**, then packets w msgid "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" msgstr "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +#: ../../configuration/firewall/index.rst:83 +msgid "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +msgstr "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" + #: ../../configuration/firewall/index.rst:26 msgid "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" msgstr "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" @@ -6705,7 +7322,7 @@ msgstr "If the statically mapped peer is running Cisco IOS, specify the cisco ke msgid "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." msgstr "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." -#: ../../configuration/service/conntrack-sync.rst:126 +#: ../../configuration/service/conntrack-sync.rst:130 msgid "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" msgstr "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" @@ -6713,7 +7330,7 @@ msgstr "If the table is empty and you have a warning message, it means conntrack msgid "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." msgstr "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." -#: ../../configuration/vpn/site2site_ipsec.rst:241 +#: ../../configuration/vpn/site2site_ipsec.rst:244 msgid "If there is SNAT rules on eth1, need to add exclude rule" msgstr "If there is SNAT rules on eth1, need to add exclude rule" @@ -6726,14 +7343,21 @@ msgstr "If this command is invoked from configure mode with the ``run`` prefix t msgid "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." msgstr "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." -#: ../../configuration/protocols/bgp.rst:768 +#: ../../configuration/protocols/bgp.rst:790 msgid "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." msgstr "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." -#: ../../configuration/vpn/sstp.rst:183 +#: ../../configuration/vpn/sstp.rst:189 msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." +#: ../../configuration/service/pppoe-server.rst:484 +#: ../../configuration/vpn/l2tp.rst:438 +#: ../../configuration/vpn/pptp.rst:362 +#: ../../configuration/vpn/sstp.rst:396 +msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." +msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." + #: ../../_include/interface-ip.txt:75 msgid "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." msgstr "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." @@ -6750,11 +7374,11 @@ msgstr "If this parameter is not set, the default holdoff time is 30 seconds." msgid "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." msgstr "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." -#: ../../configuration/system/login.rst:270 +#: ../../configuration/system/login.rst:274 msgid "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." -#: ../../configuration/system/login.rst:339 +#: ../../configuration/system/login.rst:343 msgid "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." @@ -6786,10 +7410,17 @@ msgstr "If you are responsible for the global addresses assigned to your network msgid "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." msgstr "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." -#: ../../configuration/vpn/l2tp.rst:165 +#: ../../configuration/service/ipoe-server.rst:146 +#: ../../configuration/service/pppoe-server.rst:108 +#: ../../configuration/vpn/l2tp.rst:151 msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +#: ../../configuration/vpn/pptp.rst:91 +#: ../../configuration/vpn/sstp.rst:124 +msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." + #: ../../configuration/interfaces/openvpn.rst:306 msgid "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." msgstr "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." @@ -6813,6 +7444,10 @@ msgstr "If you enable this, you will probably want to set diversity-factor and c msgid "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." msgstr "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." +#: ../../configuration/vpn/ipsec.rst:483 +msgid "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." +msgstr "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." + #: ../../configuration/interfaces/bonding.rst:312 msgid "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." msgstr "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." @@ -6849,10 +7484,26 @@ msgstr "If you only want to check if the user account is enabled and can authent msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." +#: ../../configuration/service/ipoe-server.rst:215 +#: ../../configuration/service/pppoe-server.rst:177 +#: ../../configuration/vpn/l2tp.rst:220 +#: ../../configuration/vpn/pptp.rst:160 +#: ../../configuration/vpn/sstp.rst:193 +msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." +msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." + #: ../../configuration/system/console.rst:41 msgid "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." msgstr "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." +#: ../../configuration/vpn/sstp.rst:482 +msgid "If you use a self-signed certificate, do not forget to install CA on the client side." +msgstr "If you use a self-signed certificate, do not forget to install CA on the client side." + +#: ../../configuration/vpn/ipsec.rst:538 +msgid "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." +msgstr "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." + #: ../../configuration/system/flow-accounting.rst:140 msgid "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." msgstr "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." @@ -6861,7 +7512,7 @@ msgstr "If you want to change the maximum number of flows, which are tracking si msgid "If you want to disable a rule but let it in the configuration." msgstr "If you want to disable a rule but let it in the configuration." -#: ../../configuration/system/login.rst:294 +#: ../../configuration/system/login.rst:298 msgid "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." msgstr "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." @@ -6873,7 +7524,7 @@ msgstr "If you want to use existing blacklists you have to create/download a dat msgid "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." msgstr "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." -#: ../../configuration/protocols/bgp.rst:760 +#: ../../configuration/protocols/bgp.rst:782 msgid "Ignore AS_PATH length when selecting a route" msgstr "Ignore AS_PATH length when selecting a route" @@ -6885,7 +7536,7 @@ msgstr "Ignore VRRP main interface faults" msgid "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" msgstr "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" -#: ../../configuration/vpn/site2site_ipsec.rst:279 +#: ../../configuration/vpn/site2site_ipsec.rst:282 msgid "Imagine the following topology" msgstr "Imagine the following topology" @@ -6893,11 +7544,35 @@ msgstr "Imagine the following topology" msgid "Immediate" msgstr "Immediate" +#: ../../configuration/pki/index.rst:254 +msgid "Import files to PKI format" +msgstr "Import files to PKI format" + +#: ../../configuration/pki/index.rst:265 +msgid "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." +msgstr "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." + +#: ../../configuration/pki/index.rst:280 +msgid "Import the OpenVPN shared secret stored in file to the VyOS CLI." +msgstr "Import the OpenVPN shared secret stored in file to the VyOS CLI." + +#: ../../configuration/pki/index.rst:271 +msgid "Import the certificate from the file to VyOS CLI." +msgstr "Import the certificate from the file to VyOS CLI." + +#: ../../configuration/pki/index.rst:275 +msgid "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." +msgstr "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." + +#: ../../configuration/pki/index.rst:261 +msgid "Import the public CA certificate from the defined file to VyOS CLI." +msgstr "Import the public CA certificate from the defined file to VyOS CLI." + #: ../../configuration/protocols/rpki.rst:46 msgid "Imported prefixes during the validation may have values:" msgstr "Imported prefixes during the validation may have values:" -#: ../../configuration/protocols/static.rst:158 +#: ../../configuration/protocols/static.rst:191 msgid "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." @@ -6905,7 +7580,7 @@ msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP msgid "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." msgstr "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." -#: ../../configuration/vpn/ipsec.rst:117 +#: ../../configuration/vpn/ipsec.rst:120 msgid "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." msgstr "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." @@ -6945,7 +7620,7 @@ msgstr "In a nutshell, the current implementation provides the following feature msgid "In addition, you can specify many other parameters to get BGP information:" msgstr "In addition, you can specify many other parameters to get BGP information:" -#: ../../configuration/system/login.rst:301 +#: ../../configuration/system/login.rst:305 msgid "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." @@ -6953,12 +7628,16 @@ msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service msgid "In addition to displaying flow accounting information locally, one can also exported them to a collection server." msgstr "In addition to displaying flow accounting information locally, one can also exported them to a collection server." -#: ../../configuration/pki/index.rst:144 -#: ../../configuration/pki/index.rst:159 +#: ../../configuration/pki/index.rst:146 +#: ../../configuration/pki/index.rst:161 #: ../../configuration/pki/pki_cli_import_help.txt:1 msgid "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." msgstr "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." +#: ../../configuration/interfaces/pppoe.rst:388 +msgid "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." +msgstr "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." + #: ../../configuration/service/broadcast-relay.rst:48 msgid "In addition you can also disable the whole service without the need to remove it from the current configuration." msgstr "In addition you can also disable the whole service without the need to remove it from the current configuration." @@ -7003,7 +7682,7 @@ msgstr "In firewall bridge rules, the action can be:" msgid "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." msgstr "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." -#: ../../configuration/system/login.rst:236 +#: ../../configuration/system/login.rst:240 msgid "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." msgstr "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." @@ -7023,7 +7702,7 @@ msgstr "In order for the system to use and complete unqualified host names, a li msgid "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." msgstr "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." -#: ../../configuration/protocols/bgp.rst:820 +#: ../../configuration/protocols/bgp.rst:842 msgid "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." msgstr "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." @@ -7039,7 +7718,7 @@ msgstr "In order to have VyOS Traffic Control working you need to follow 2 steps msgid "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." msgstr "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." -#: ../../configuration/service/dhcp-server.rst:623 +#: ../../configuration/service/dhcp-server.rst:631 msgid "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." msgstr "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." @@ -7079,6 +7758,10 @@ msgstr "In our example, we used the key name ``openvpn-1`` which we will referen msgid "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" msgstr "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" +#: ../../configuration/vpn/ipsec.rst:411 +msgid "In our example the certificate name is called vyos:" +msgstr "In our example the certificate name is called vyos:" + #: ../../configuration/trafficpolicy/index.rst:906 msgid "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." msgstr "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." @@ -7123,7 +7806,11 @@ msgstr "In the case you want to apply some kind of **shaping** to your **inbound msgid "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." msgstr "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." -#: ../../configuration/service/pppoe-server.rst:259 +#: ../../configuration/vpn/ipsec.rst:564 +msgid "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." +msgstr "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." + +#: ../../configuration/service/pppoe-server.rst:333 msgid "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." msgstr "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." @@ -7131,7 +7818,7 @@ msgstr "In the example above, the first 499 sessions connect without delay. PADO msgid "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" msgstr "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" -#: ../../configuration/system/login.rst:399 +#: ../../configuration/system/login.rst:403 msgid "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." msgstr "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." @@ -7151,7 +7838,7 @@ msgstr "In the following example we can see a basic multicast setup:" msgid "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." msgstr "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." -#: ../../configuration/highavailability/index.rst:400 +#: ../../configuration/highavailability/index.rst:410 msgid "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" msgstr "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" @@ -7175,7 +7862,7 @@ msgstr "In this example, we use **masquerade** as the translation address instea msgid "In this example, we will be using the example Quick Start configuration above as a starting point." msgstr "In this example, we will be using the example Quick Start configuration above as a starting point." -#: ../../configuration/highavailability/index.rst:430 +#: ../../configuration/highavailability/index.rst:440 msgid "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." msgstr "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." @@ -7191,7 +7878,7 @@ msgstr "In this example we will use the most complicated case: a setup where eac msgid "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." msgstr "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." -#: ../../configuration/service/dns.rst:165 +#: ../../configuration/service/dns.rst:152 msgid "In this scenario:" msgstr "In this scenario:" @@ -7319,6 +8006,10 @@ msgstr "Intel® QAT" msgid "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" msgstr "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" +#: ../../configuration/service/ids.rst:96 +msgid "Interface **eth0** used to connect to upstream." +msgstr "Interface **eth0** used to connect to upstream." + #: ../../configuration/protocols/isis.rst:146 #: ../../configuration/protocols/ospf.rst:356 #: ../../configuration/protocols/ospf.rst:1139 @@ -7329,7 +8020,7 @@ msgstr "Interface Configuration" msgid "Interface Groups" msgstr "Interface Groups" -#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:87 msgid "Interface Routes" msgstr "Interface Routes" @@ -7367,7 +8058,7 @@ msgid "Interface weight" msgstr "Interface weight" #: ../../configuration/interfaces/index.rst:3 -#: ../../configuration/vrf/index.rst:71 +#: ../../configuration/vrf/index.rst:90 msgid "Interfaces" msgstr "Interfaces" @@ -7388,10 +8079,18 @@ msgstr "Interfaces that participate in the DHCP relay process. If this command i msgid "Interfaces whose DHCP client nameservers to forward requests to." msgstr "Interfaces whose DHCP client nameservers to forward requests to." +#: ../../configuration/service/ids.rst:105 +msgid "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." +msgstr "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." + #: ../../configuration/system/flow-accounting.rst:70 msgid "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" msgstr "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" +#: ../../configuration/vpn/ipsec.rst:374 +msgid "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." +msgstr "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:6 msgid "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." msgstr "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." @@ -7412,7 +8111,7 @@ msgstr "Interval in milliseconds" msgid "Interval in minutes between updates (default: 60)" msgstr "Interval in minutes between updates (default: 60)" -#: ../../configuration/protocols/bgp.rst:906 +#: ../../configuration/protocols/bgp.rst:928 msgid "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." msgstr "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." @@ -7432,11 +8131,11 @@ msgstr "It's slower than IPsec due to higher protocol overhead and the fact it r msgid "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" msgstr "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" -#: ../../configuration/system/option.rst:111 +#: ../../configuration/system/option.rst:141 msgid "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." msgstr "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." -#: ../../configuration/system/option.rst:102 +#: ../../configuration/system/option.rst:132 msgid "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." msgstr "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." @@ -7457,11 +8156,11 @@ msgstr "It helps to think of the syntax as: (see below). The 'rule-set' should b msgid "It is compatible with Cisco (R) AnyConnect (R) clients." msgstr "It is compatible with Cisco (R) AnyConnect (R) clients." -#: ../../configuration/service/dhcp-server.rst:590 +#: ../../configuration/service/dhcp-server.rst:596 msgid "It is connected to ``eth1``" msgstr "It is connected to ``eth1``" -#: ../../configuration/system/login.rst:42 +#: ../../configuration/system/login.rst:46 msgid "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." msgstr "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." @@ -7477,11 +8176,11 @@ msgstr "It is important to note that when creating firewall rules, the DNAT tran msgid "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." msgstr "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." -#: ../../configuration/vrf/index.rst:505 +#: ../../configuration/vrf/index.rst:524 msgid "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." -#: ../../configuration/vrf/index.rst:113 +#: ../../configuration/vrf/index.rst:132 msgid "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." @@ -7489,14 +8188,19 @@ msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained msgid "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" msgstr "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" -#: ../../configuration/system/login.rst:93 +#: ../../configuration/system/login.rst:97 msgid "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." msgstr "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." -#: ../../configuration/vrf/index.rst:496 +#: ../../configuration/vrf/index.rst:515 msgid "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." msgstr "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." +#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:132 +msgid "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." +msgstr "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." + #: ../../configuration/service/conntrack-sync.rst:30 msgid "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" msgstr "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" @@ -7517,7 +8221,7 @@ msgstr "It uses a stochastic model to classify incoming packets into different f msgid "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." msgstr "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." -#: ../../configuration/vrf/index.rst:220 +#: ../../configuration/vrf/index.rst:239 msgid "Join a given VRF. This will open a new subshell within the specified VRF." msgstr "Join a given VRF. This will open a new subshell within the specified VRF." @@ -7529,15 +8233,19 @@ msgstr "Jump to a different rule in this route-map on a match." msgid "Juniper EX Switch" msgstr "Juniper EX Switch" +#: ../../configuration/system/option.rst:31 +msgid "Kernel" +msgstr "Kernel" + #: ../../configuration/system/syslog.rst:112 msgid "Kernel messages" msgstr "Kernel messages" -#: ../../configuration/system/login.rst:40 +#: ../../configuration/system/login.rst:44 msgid "Key Based Authentication" msgstr "Key Based Authentication" -#: ../../configuration/pki/index.rst:30 +#: ../../configuration/pki/index.rst:32 msgid "Key Generation" msgstr "Key Generation" @@ -7545,7 +8253,7 @@ msgstr "Key Generation" msgid "Key Management" msgstr "Key Management" -#: ../../configuration/vpn/site2site_ipsec.rst:383 +#: ../../configuration/vpn/site2site_ipsec.rst:386 msgid "Key Parameters:" msgstr "Key Parameters:" @@ -7557,11 +8265,15 @@ msgstr "Key Points:" msgid "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." msgstr "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." -#: ../../configuration/pki/index.rst:167 +#: ../../configuration/vpn/ipsec.rst:381 +msgid "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." +msgstr "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." + +#: ../../configuration/pki/index.rst:169 msgid "Key usage (CLI)" msgstr "Key usage (CLI)" -#: ../../configuration/system/option.rst:58 +#: ../../configuration/system/option.rst:88 msgid "Keyboard Layout" msgstr "Keyboard Layout" @@ -7574,7 +8286,7 @@ msgstr "Keypairs" msgid "Keyword" msgstr "Keyword" -#: ../../configuration/vpn/l2tp.rst:4 +#: ../../configuration/vpn/l2tp.rst:5 msgid "L2TP" msgstr "L2TP" @@ -7606,7 +8318,7 @@ msgstr "L2TPv3 is described in :rfc:`3931`." msgid "L2TPv3 options" msgstr "L2TPv3 options" -#: ../../configuration/vrf/index.rst:399 +#: ../../configuration/vrf/index.rst:418 msgid "L3VPN VRFs" msgstr "L3VPN VRFs" @@ -7635,7 +8347,7 @@ msgstr "LLDP performs functions similar to several proprietary protocols, such a msgid "LNS (L2TP Network Server)" msgstr "LNS (L2TP Network Server)" -#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/l2tp.rst:272 msgid "LNS are often used to connect to a LAC (L2TP Access Concentrator)." msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)." @@ -7647,11 +8359,11 @@ msgstr "Label Distribution Protocol" msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." -#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:599 msgid "Lease time will be left at the default value which is 24 hours" msgstr "Lease time will be left at the default value which is 24 hours" -#: ../../configuration/service/dhcp-server.rst:336 +#: ../../configuration/service/dhcp-server.rst:342 msgid "Lease timeout in seconds (default: 86400)" msgstr "Lease timeout in seconds (default: 86400)" @@ -7699,15 +8411,19 @@ msgstr "Lifetime in days; default is 365" msgid "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" msgstr "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" +#: ../../configuration/vpn/ipsec.rst:535 +msgid "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." +msgstr "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." + #: ../../configuration/loadbalancing/reverse-proxy.rst:162 msgid "Limit allowed cipher algorithms used during SSL/TLS handshake" msgstr "Limit allowed cipher algorithms used during SSL/TLS handshake" -#: ../../configuration/system/login.rst:112 +#: ../../configuration/system/login.rst:116 msgid "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." msgstr "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." -#: ../../configuration/system/login.rst:118 +#: ../../configuration/system/login.rst:122 msgid "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." msgstr "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." @@ -7723,7 +8439,7 @@ msgstr "Limiter" msgid "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." msgstr "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." -#: ../../configuration/system/login.rst:381 +#: ../../configuration/system/login.rst:385 msgid "Limits" msgstr "Limits" @@ -7767,7 +8483,7 @@ msgstr "List of supported algorithms: ``diffie-hellman-group1-sha1``, ``diffie-h msgid "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" msgstr "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" -#: ../../configuration/policy/route-map.rst:362 +#: ../../configuration/policy/route-map.rst:365 msgid "List of well-known communities" msgstr "List of well-known communities" @@ -7775,7 +8491,7 @@ msgstr "List of well-known communities" msgid "Listen for DHCP requests on interface ``eth1``." msgstr "Listen for DHCP requests on interface ``eth1``." -#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:137 msgid "Lists VRFs that have been created" msgstr "Lists VRFs that have been created" @@ -7787,7 +8503,7 @@ msgstr "Load-balancing" msgid "Load-balancing algorithms to be used for distributind requests among the vailable servers" msgstr "Load-balancing algorithms to be used for distributind requests among the vailable servers" -#: ../../configuration/highavailability/index.rst:347 +#: ../../configuration/highavailability/index.rst:357 msgid "Load-balancing schedule algorithm:" msgstr "Load-balancing schedule algorithm:" @@ -7795,11 +8511,11 @@ msgstr "Load-balancing schedule algorithm:" msgid "Load Balance" msgstr "Load Balance" -#: ../../configuration/service/pppoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:317 msgid "Load Balancing" msgstr "Load Balancing" -#: ../../configuration/system/login.rst:422 +#: ../../configuration/system/login.rst:426 msgid "Load the container image in op-mode." msgstr "Load the container image in op-mode." @@ -7848,11 +8564,11 @@ msgstr "Local User Account" msgid "Local path that includes the known hosts file." msgstr "Local path that includes the known hosts file." -#: ../../configuration/protocols/rpki.rst:145 +#: ../../configuration/protocols/rpki.rst:155 msgid "Local path that includes the private key file of the router." msgstr "Local path that includes the private key file of the router." -#: ../../configuration/protocols/rpki.rst:149 +#: ../../configuration/protocols/rpki.rst:159 msgid "Local path that includes the public key file of the router." msgstr "Local path that includes the public key file of the router." @@ -7864,7 +8580,7 @@ msgstr "Local route" msgid "Locally connect to serial port identified by `<device>`." msgstr "Locally connect to serial port identified by `<device>`." -#: ../../configuration/policy/route-map.rst:273 +#: ../../configuration/policy/route-map.rst:276 msgid "Locally significant administrative distance." msgstr "Locally significant administrative distance." @@ -7918,11 +8634,11 @@ msgstr "Logging to a remote host leaves the local logging configuration intact, msgid "Login/User Management" msgstr "Login/User Management" -#: ../../configuration/system/login.rst:363 +#: ../../configuration/system/login.rst:367 msgid "Login Banner" msgstr "Login Banner" -#: ../../configuration/system/login.rst:383 +#: ../../configuration/system/login.rst:387 msgid "Login limits" msgstr "Login limits" @@ -7981,7 +8697,7 @@ msgstr "MACsec options" msgid "MDI power" msgstr "MDI power" -#: ../../configuration/system/login.rst:91 +#: ../../configuration/system/login.rst:95 msgid "MFA/2FA authentication using OTP (one time passwords)" msgstr "MFA/2FA authentication using OTP (one time passwords)" @@ -8024,11 +8740,11 @@ msgstr "Main structure VyOS firewall cli is shown next:" msgid "Main structure is shown next:" msgstr "Main structure is shown next:" -#: ../../configuration/service/pppoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:303 msgid "Maintenance mode" msgstr "Maintenance mode" -#: ../../configuration/service/conntrack-sync.rst:107 +#: ../../configuration/service/conntrack-sync.rst:111 msgid "Make sure conntrack is enabled by running and show connection tracking table." msgstr "Make sure conntrack is enabled by running and show connection tracking table." @@ -8048,7 +8764,7 @@ msgstr "Mandatory Settings" msgid "Manual Neighbor Configuration" msgstr "Manual Neighbor Configuration" -#: ../../configuration/pki/index.rst:336 +#: ../../configuration/pki/index.rst:367 msgid "Manually trigger certificate renewal. This will be done twice a day." msgstr "Manually trigger certificate renewal. This will be done twice a day." @@ -8056,15 +8772,19 @@ msgstr "Manually trigger certificate renewal. This will be done twice a day." msgid "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." msgstr "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." -#: ../../configuration/vpn/sstp.rst:223 +#: ../../configuration/service/ipoe-server.rst:166 +#: ../../configuration/service/pppoe-server.rst:128 +#: ../../configuration/vpn/l2tp.rst:171 +#: ../../configuration/vpn/pptp.rst:111 +#: ../../configuration/vpn/sstp.rst:144 msgid "Mark RADIUS server as offline for this given `<time>` in seconds." msgstr "Mark RADIUS server as offline for this given `<time>` in seconds." -#: ../../configuration/pki/index.rst:206 +#: ../../configuration/pki/index.rst:208 msgid "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." -#: ../../configuration/pki/index.rst:244 +#: ../../configuration/pki/index.rst:246 msgid "Mark the private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the private key as password protected. User is asked for the password when the key is referenced." @@ -8076,7 +8796,7 @@ msgstr "Match BGP large communities." msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." -#: ../../configuration/firewall/ipv4.rst:440 +#: ../../configuration/firewall/ipv4.rst:463 #: ../../configuration/firewall/ipv6.rst:447 msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." @@ -8089,17 +8809,21 @@ msgstr "Match RPKI validation result." msgid "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." -#: ../../configuration/firewall/ipv4.rst:773 +#: ../../configuration/firewall/ipv4.rst:796 #: ../../configuration/firewall/ipv6.rst:783 msgid "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:831 +#: ../../configuration/firewall/ipv4.rst:854 #: ../../configuration/firewall/ipv6.rst:840 msgid "Match against the state of a packet." msgstr "Match against the state of a packet." -#: ../../configuration/firewall/ipv4.rst:620 +#: ../../configuration/firewall/ipv4.rst:336 +msgid "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." +msgstr "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." + +#: ../../configuration/firewall/ipv4.rst:643 #: ../../configuration/firewall/ipv6.rst:630 msgid "Match based on dscp value." msgstr "Match based on dscp value." @@ -8108,16 +8832,16 @@ msgstr "Match based on dscp value." msgid "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." msgstr "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:631 +#: ../../configuration/firewall/ipv4.rst:654 #: ../../configuration/firewall/ipv6.rst:641 msgid "Match based on fragment criteria." msgstr "Match based on fragment criteria." -#: ../../configuration/firewall/ipv4.rst:642 +#: ../../configuration/firewall/ipv4.rst:665 msgid "Match based on icmp code and type." msgstr "Match based on icmp code and type." -#: ../../configuration/firewall/ipv4.rst:653 +#: ../../configuration/firewall/ipv4.rst:676 msgid "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." msgstr "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." @@ -8147,18 +8871,18 @@ msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:239 -#: ../../configuration/firewall/ipv4.rst:663 +#: ../../configuration/firewall/ipv4.rst:686 #: ../../configuration/firewall/ipv6.rst:673 msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:248 -#: ../../configuration/firewall/ipv4.rst:674 +#: ../../configuration/firewall/ipv4.rst:697 #: ../../configuration/firewall/ipv6.rst:684 msgid "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:707 +#: ../../configuration/firewall/ipv4.rst:730 #: ../../configuration/firewall/ipv6.rst:717 msgid "Match based on ipsec criteria." msgstr "Match based on ipsec criteria." @@ -8168,35 +8892,35 @@ msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:256 -#: ../../configuration/firewall/ipv4.rst:684 +#: ../../configuration/firewall/ipv4.rst:707 #: ../../configuration/firewall/ipv6.rst:694 msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:265 -#: ../../configuration/firewall/ipv4.rst:695 +#: ../../configuration/firewall/ipv4.rst:718 #: ../../configuration/firewall/ipv6.rst:705 msgid "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:750 +#: ../../configuration/firewall/ipv4.rst:773 #: ../../configuration/firewall/ipv6.rst:760 #: ../../configuration/policy/route.rst:176 msgid "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." msgstr "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:762 +#: ../../configuration/firewall/ipv4.rst:785 #: ../../configuration/firewall/ipv6.rst:772 #: ../../configuration/policy/route.rst:184 msgid "Match based on packet type criteria." msgstr "Match based on packet type criteria." -#: ../../configuration/firewall/ipv4.rst:729 +#: ../../configuration/firewall/ipv4.rst:752 #: ../../configuration/firewall/ipv6.rst:739 msgid "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" msgstr "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" -#: ../../configuration/firewall/ipv4.rst:718 +#: ../../configuration/firewall/ipv4.rst:741 #: ../../configuration/firewall/ipv6.rst:728 msgid "Match based on the maximum number of packets to allow in excess of rate." msgstr "Match based on the maximum number of packets to allow in excess of rate." @@ -8209,7 +8933,7 @@ msgstr "Match based on vlan ID. Range is also supported." msgid "Match based on vlan priority(pcp). Range is also supported." msgstr "Match based on vlan priority(pcp). Range is also supported." -#: ../../configuration/firewall/ipv4.rst:801 +#: ../../configuration/firewall/ipv4.rst:824 #: ../../configuration/firewall/ipv6.rst:810 msgid "Match bases on recently seen sources." msgstr "Match bases on recently seen sources." @@ -8224,7 +8948,7 @@ msgstr "Match criteria based on connection mark." msgid "Match criteria based on nat connection status." msgstr "Match criteria based on nat connection status." -#: ../../configuration/firewall/ipv4.rst:345 +#: ../../configuration/firewall/ipv4.rst:368 #: ../../configuration/firewall/ipv6.rst:345 msgid "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." msgstr "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." @@ -8237,6 +8961,14 @@ msgstr "Match criteria based on source and/or destination mac-address." msgid "Match domain name" msgstr "Match domain name" +#: ../../configuration/service/ipoe-server.rst:382 +#: ../../configuration/service/pppoe-server.rst:571 +#: ../../configuration/vpn/l2tp.rst:506 +#: ../../configuration/vpn/pptp.rst:430 +#: ../../configuration/vpn/sstp.rst:464 +msgid "Match firewall mark value" +msgstr "Match firewall mark value" + #: ../../configuration/firewall/ipv6.rst:894 #: ../../configuration/policy/route.rst:234 msgid "Match hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." @@ -8250,12 +8982,12 @@ msgstr "Match local preference." msgid "Match route metric." msgstr "Match route metric." -#: ../../configuration/firewall/ipv4.rst:885 +#: ../../configuration/firewall/ipv4.rst:908 #: ../../configuration/policy/route.rst:229 msgid "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." msgstr "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." -#: ../../configuration/firewall/ipv4.rst:906 +#: ../../configuration/firewall/ipv4.rst:929 #: ../../configuration/firewall/ipv6.rst:915 msgid "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." msgstr "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." @@ -8275,11 +9007,24 @@ msgstr "Matching traffic" msgid "Maximum A-MSDU length 3839 (default) or 7935 octets" msgstr "Maximum A-MSDU length 3839 (default) or 7935 octets" +#: ../../configuration/vpn/l2tp.rst:492 +#: ../../configuration/vpn/pptp.rst:416 +msgid "Maximum Transmission Unit (MTU) (default: **1436**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1436**)" + +#: ../../configuration/service/pppoe-server.rst:538 +msgid "Maximum Transmission Unit (MTU) (default: **1492**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1492**)" + +#: ../../configuration/vpn/sstp.rst:450 +msgid "Maximum Transmission Unit (MTU) (default: **1500**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1500**)" + #: ../../configuration/service/dns.rst:108 msgid "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." msgstr "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." -#: ../../configuration/vpn/sstp.rst:159 +#: ../../configuration/vpn/sstp.rst:165 msgid "Maximum number of IPv4 nameservers" msgstr "Maximum number of IPv4 nameservers" @@ -8287,6 +9032,14 @@ msgstr "Maximum number of IPv4 nameservers" msgid "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." msgstr "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." +#: ../../configuration/service/ipoe-server.rst:372 +#: ../../configuration/service/pppoe-server.rst:542 +#: ../../configuration/vpn/l2tp.rst:496 +#: ../../configuration/vpn/pptp.rst:420 +#: ../../configuration/vpn/sstp.rst:454 +msgid "Maximum number of concurrent session start attempts" +msgstr "Maximum number of concurrent session start attempts" + #: ../../configuration/interfaces/wireless.rst:77 msgid "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." msgstr "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." @@ -8295,7 +9048,11 @@ msgstr "Maximum number of stations allowed in station table. New stations will b msgid "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." msgstr "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." -#: ../../configuration/vpn/sstp.rst:250 +#: ../../configuration/service/ipoe-server.rst:190 +#: ../../configuration/service/pppoe-server.rst:152 +#: ../../configuration/vpn/l2tp.rst:195 +#: ../../configuration/vpn/pptp.rst:135 +#: ../../configuration/vpn/sstp.rst:168 msgid "Maximum number of tries to send Access-Request/Accounting-Request queries" msgstr "Maximum number of tries to send Access-Request/Accounting-Request queries" @@ -8323,6 +9080,10 @@ msgstr "Messages generated internally by syslogd" msgid "Metris version, the default is ``2``" msgstr "Metris version, the default is ``2``" +#: ../../configuration/vpn/ipsec.rst:510 +msgid "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/service/router-advert.rst:1 msgid "Min and max intervals between unsolicited multicast RAs" msgstr "Min and max intervals between unsolicited multicast RAs" @@ -8351,7 +9112,12 @@ msgstr "Modify the time that pim will register suppress a FHR will send register msgid "Monitor, the system passively monitors any kind of wireless traffic" msgstr "Monitor, the system passively monitors any kind of wireless traffic" +#: ../../configuration/service/ipoe-server.rst:390 #: ../../configuration/service/monitoring.rst:2 +#: ../../configuration/service/pppoe-server.rst:583 +#: ../../configuration/vpn/l2tp.rst:518 +#: ../../configuration/vpn/pptp.rst:442 +#: ../../configuration/vpn/sstp.rst:538 msgid "Monitoring" msgstr "Monitoring" @@ -8371,7 +9137,7 @@ msgstr "Most operating systems include native client support for IPsec IKEv2 VPN msgid "Mount a volume into the container" msgstr "Mount a volume into the container" -#: ../../configuration/service/dhcp-server.rst:235 +#: ../../configuration/service/dhcp-server.rst:241 msgid "Multi" msgstr "Multi" @@ -8383,7 +9149,7 @@ msgstr "Multi-client server is the most popular OpenVPN mode on routers. It alwa msgid "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." msgstr "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." -#: ../../configuration/service/dhcp-server.rst:359 +#: ../../configuration/service/dhcp-server.rst:365 msgid "Multi: can be specified multiple times." msgstr "Multi: can be specified multiple times." @@ -8428,7 +9194,7 @@ msgstr "Multicast receivers will talk MLD to their local router, so, besides hav msgid "Multiple DNS servers can be defined." msgstr "Multiple DNS servers can be defined." -#: ../../configuration/protocols/rpki.rst:121 +#: ../../configuration/protocols/rpki.rst:135 msgid "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." msgstr "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." @@ -8460,16 +9226,16 @@ msgstr "Multiple interfaces may be specified." msgid "Multiple networks/client IP addresses can be configured." msgstr "Multiple networks/client IP addresses can be configured." -#: ../../configuration/system/login.rst:248 -#: ../../configuration/system/login.rst:317 +#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:321 msgid "Multiple servers can be specified." msgstr "Multiple servers can be specified." -#: ../../configuration/service/dns.rst:374 +#: ../../configuration/service/dns.rst:380 msgid "Multiple services can be used per interface. Just specify as many services per interface as you like!" msgstr "Multiple services can be used per interface. Just specify as many services per interface as you like!" -#: ../../configuration/firewall/ipv4.rst:494 +#: ../../configuration/firewall/ipv4.rst:517 #: ../../configuration/firewall/ipv6.rst:500 msgid "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" msgstr "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" @@ -8487,22 +9253,22 @@ msgstr "Multiple users can connect to the same serial device but only one is all msgid "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." msgstr "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." -#: ../../configuration/service/dhcp-server.rst:241 #: ../../configuration/service/dhcp-server.rst:247 -#: ../../configuration/service/dhcp-server.rst:252 -#: ../../configuration/service/dhcp-server.rst:272 -#: ../../configuration/service/dhcp-server.rst:287 -#: ../../configuration/service/dhcp-server.rst:292 -#: ../../configuration/service/dhcp-server.rst:297 -#: ../../configuration/service/dhcp-server.rst:302 -#: ../../configuration/service/dhcp-server.rst:307 -#: ../../configuration/service/dhcp-server.rst:327 -#: ../../configuration/service/dhcp-server.rst:332 -#: ../../configuration/service/dhcp-server.rst:337 +#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:293 +#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:308 +#: ../../configuration/service/dhcp-server.rst:313 +#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:338 +#: ../../configuration/service/dhcp-server.rst:343 msgid "N" msgstr "N" -#: ../../configuration/highavailability/index.rst:363 +#: ../../configuration/highavailability/index.rst:373 #: ../../configuration/nat/index.rst:5 msgid "NAT" msgstr "NAT" @@ -8523,6 +9289,10 @@ msgstr "NAT64" msgid "NAT64 client configuration:" msgstr "NAT64 client configuration:" +#: ../../configuration/service/router-advert.rst:84 +msgid "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." +msgstr "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." + #: ../../configuration/nat/nat64.rst:44 msgid "NAT64 server configuration:" msgstr "NAT64 server configuration:" @@ -8587,7 +9357,15 @@ msgstr "NTP supplies a warning of any impending leap second adjustment, but no i msgid "Name Server" msgstr "Name Server" -#: ../../configuration/service/dhcp-server.rst:356 +#: ../../configuration/vpn/sstp.rst:84 +msgid "Name of installed certificate authority certificate." +msgstr "Name of installed certificate authority certificate." + +#: ../../configuration/vpn/sstp.rst:88 +msgid "Name of installed server certificate." +msgstr "Name of installed server certificate." + +#: ../../configuration/service/dhcp-server.rst:362 msgid "Name of static mapping" msgstr "Name of static mapping" @@ -8595,11 +9373,11 @@ msgstr "Name of static mapping" msgid "Name of the single table Only if set group-metrics single-table." msgstr "Name of the single table Only if set group-metrics single-table." -#: ../../configuration/service/dhcp-server.rst:296 +#: ../../configuration/service/dhcp-server.rst:302 msgid "Name or IPv4 address of TFTP server" msgstr "Name or IPv4 address of TFTP server" -#: ../../configuration/service/dhcp-server.rst:281 +#: ../../configuration/service/dhcp-server.rst:287 msgid "NetBIOS over TCP/IP name server" msgstr "NetBIOS over TCP/IP name server" @@ -8677,6 +9455,10 @@ msgstr "Network management station (NMS) - software which runs on the manager" msgid "Network news subsystem" msgstr "Network news subsystem" +#: ../../configuration/service/ids.rst:87 +msgid "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" +msgstr "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" + #: ../../configuration/service/monitoring.rst:47 msgid "Networks allowed to query this server" msgstr "Networks allowed to query this server" @@ -8693,11 +9475,11 @@ msgstr "Next-hop interface for the route" msgid "Next it is necessary to configure 2FA for OpenConnect:" msgstr "Next it is necessary to configure 2FA for OpenConnect:" -#: ../../configuration/policy/route-map.rst:279 +#: ../../configuration/policy/route-map.rst:282 msgid "Nexthop IP address." msgstr "Nexthop IP address." -#: ../../configuration/policy/route-map.rst:298 +#: ../../configuration/policy/route-map.rst:301 msgid "Nexthop IPv6 address." msgstr "Nexthop IPv6 address." @@ -8705,6 +9487,18 @@ msgstr "Nexthop IPv6 address." msgid "Nexthop IPv6 address to match." msgstr "Nexthop IPv6 address to match." +#: ../../configuration/system/ip.rst:47 +#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/vrf/index.rst:71 +msgid "Nexthop Tracking" +msgstr "Nexthop Tracking" + +#: ../../configuration/system/ip.rst:49 +#: ../../configuration/system/ipv6.rst:45 +#: ../../configuration/vrf/index.rst:73 +msgid "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." +msgstr "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." + #: ../../configuration/protocols/rpki.rst:59 msgid "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" msgstr "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" @@ -8713,7 +9507,7 @@ msgstr "No ROA exists which covers that prefix. Unfortunately this is the case f msgid "No VLAN tagging required by your ISP." msgstr "No VLAN tagging required by your ISP." -#: ../../configuration/protocols/bgp.rst:707 +#: ../../configuration/protocols/bgp.rst:729 msgid "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." msgstr "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." @@ -8753,7 +9547,7 @@ msgstr "Note: certificate names don't matter, we use 'openvpn-local' and 'openvp msgid "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." msgstr "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." -#: ../../configuration/vpn/ipsec.rst:294 +#: ../../configuration/vpn/ipsec.rst:298 #: ../../configuration/vpn/rsa-keys.rst:35 msgid "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." @@ -8762,11 +9556,11 @@ msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT publi msgid "Notice" msgstr "Notice" -#: ../../configuration/service/conntrack-sync.rst:194 +#: ../../configuration/service/conntrack-sync.rst:198 msgid "Now configure conntrack-sync service on ``router1`` **and** ``router2``" msgstr "Now configure conntrack-sync service on ``router1`` **and** ``router2``" -#: ../../configuration/vpn/ipsec.rst:297 +#: ../../configuration/vpn/ipsec.rst:301 msgid "Now the noted public keys should be entered on the opposite routers." msgstr "Now the noted public keys should be entered on the opposite routers." @@ -8786,7 +9580,7 @@ msgstr "Now when connecting the user will first be asked for the password and th msgid "Now you are ready to setup IPsec. The key points:" msgstr "Now you are ready to setup IPsec. The key points:" -#: ../../configuration/vpn/ipsec.rst:311 +#: ../../configuration/vpn/ipsec.rst:315 msgid "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." @@ -8794,6 +9588,10 @@ msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of ad msgid "Number of antennas on this card" msgstr "Number of antennas on this card" +#: ../../configuration/service/dns.rst:166 +msgid "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." +msgstr "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." + #: ../../configuration/system/syslog.rst:231 msgid "Number of lines to be displayed, default 10" msgstr "Number of lines to be displayed, default 10" @@ -8822,7 +9620,7 @@ msgstr "OSPFv2 (IPv4)" msgid "OSPFv3 (IPv6)" msgstr "OSPFv3 (IPv6)" -#: ../../configuration/system/login.rst:141 +#: ../../configuration/system/login.rst:145 msgid "OTP-key generation" msgstr "OTP-key generation" @@ -8830,7 +9628,7 @@ msgstr "OTP-key generation" msgid "Offloading" msgstr "Offloading" -#: ../../configuration/service/dhcp-server.rst:245 +#: ../../configuration/service/dhcp-server.rst:251 msgid "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" msgstr "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" @@ -8842,7 +9640,7 @@ msgstr "Often we need to embed one policy into another one. It is possible to do msgid "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." msgstr "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." -#: ../../configuration/service/conntrack-sync.rst:211 +#: ../../configuration/service/conntrack-sync.rst:215 msgid "On active router run:" msgstr "On active router run:" @@ -8858,7 +9656,7 @@ msgstr "On low rates (below 40Mbit) you may want to tune `quantum` down to somet msgid "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." msgstr "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." -#: ../../configuration/service/conntrack-sync.rst:242 +#: ../../configuration/service/conntrack-sync.rst:246 msgid "On standby router run:" msgstr "On standby router run:" @@ -8866,34 +9664,34 @@ msgstr "On standby router run:" msgid "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." msgstr "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." -#: ../../configuration/vpn/ipsec.rst:181 -#: ../../configuration/vpn/ipsec.rst:239 -#: ../../configuration/vpn/ipsec.rst:299 +#: ../../configuration/vpn/ipsec.rst:185 +#: ../../configuration/vpn/ipsec.rst:243 +#: ../../configuration/vpn/ipsec.rst:303 #: ../../configuration/vpn/rsa-keys.rst:40 msgid "On the LEFT:" msgstr "On the LEFT:" -#: ../../configuration/vpn/ipsec.rst:314 +#: ../../configuration/vpn/ipsec.rst:318 #: ../../configuration/vpn/rsa-keys.rst:59 msgid "On the LEFT (static address):" msgstr "On the LEFT (static address):" -#: ../../configuration/vpn/ipsec.rst:221 +#: ../../configuration/vpn/ipsec.rst:225 msgid "On the RIGHT, setup by analogy and swap local and remote addresses." msgstr "On the RIGHT, setup by analogy and swap local and remote addresses." -#: ../../configuration/vpn/ipsec.rst:250 -#: ../../configuration/vpn/ipsec.rst:305 +#: ../../configuration/vpn/ipsec.rst:254 +#: ../../configuration/vpn/ipsec.rst:309 #: ../../configuration/vpn/rsa-keys.rst:46 msgid "On the RIGHT:" msgstr "On the RIGHT:" -#: ../../configuration/vpn/ipsec.rst:339 +#: ../../configuration/vpn/ipsec.rst:343 #: ../../configuration/vpn/rsa-keys.rst:84 msgid "On the RIGHT (dynamic address):" msgstr "On the RIGHT (dynamic address):" -#: ../../configuration/service/conntrack-sync.rst:207 +#: ../../configuration/service/conntrack-sync.rst:211 msgid "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" msgstr "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" @@ -8921,7 +9719,7 @@ msgstr "Once a class has a filter configured, you will also have to define what msgid "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." msgstr "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." -#: ../../configuration/protocols/bgp.rst:702 +#: ../../configuration/protocols/bgp.rst:724 msgid "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." msgstr "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." @@ -8957,6 +9755,10 @@ msgstr "Once the matching rules are set for a class, you can start configuring h msgid "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." msgstr "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." +#: ../../configuration/service/pppoe-server.rst:285 +msgid "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." +msgstr "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." + #: ../../configuration/vpn/openconnect.rst:257 msgid "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." msgstr "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." @@ -8965,11 +9767,11 @@ msgstr "Once you commit the above changes you can create a config file in the /c msgid "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." msgstr "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." -#: ../../configuration/vpn/sstp.rst:307 +#: ../../configuration/vpn/sstp.rst:478 msgid "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." msgstr "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." -#: ../../configuration/protocols/rpki.rst:183 +#: ../../configuration/protocols/rpki.rst:193 msgid "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." msgstr "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." @@ -9001,7 +9803,7 @@ msgstr "Only VRRP is supported. Required option." msgid "Only allow certain IP addresses or prefixes to access the https webserver." msgstr "Only allow certain IP addresses or prefixes to access the https webserver." -#: ../../configuration/firewall/ipv4.rst:459 +#: ../../configuration/firewall/ipv4.rst:482 #: ../../configuration/firewall/ipv6.rst:466 msgid "Only in the source criteria, you can specify a mac-address." msgstr "Only in the source criteria, you can specify a mac-address." @@ -9022,7 +9824,7 @@ msgstr "Only request an address from the PPPoE server but do not install any def msgid "Only request an address from the SSTP server but do not install any default route." msgstr "Only request an address from the SSTP server but do not install any default route." -#: ../../configuration/system/login.rst:51 +#: ../../configuration/system/login.rst:55 msgid "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." @@ -9030,7 +9832,7 @@ msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note t msgid "Only works with a VXLAN device with external flag set." msgstr "Only works with a VXLAN device with external flag set." -#: ../../configuration/highavailability/index.rst:457 +#: ../../configuration/highavailability/index.rst:467 msgid "Op-mode check virtual-server status" msgstr "Op-mode check virtual-server status" @@ -9055,7 +9857,7 @@ msgid "OpenConnect supports a subset of it's configuration options to be applied msgstr "OpenConnect supports a subset of it's configuration options to be applied on a per user/group basis, for configuration purposes we refer to this functionality as \"Identity based config\". The following `OpenConnect Server Manual <https://ocserv.gitlab.io/www/manual.html#:~:text=Configuration%20files%20that% 20will%20be%20applied%20per%20user%20connection%20or%0A%23%20per%20group>`_ outlines the set of configuration options that are allowed. This can be leveraged to apply different sets of configs to different users or groups of users." #: ../../configuration/interfaces/openvpn.rst:7 -#: ../../configuration/pki/index.rst:117 +#: ../../configuration/pki/index.rst:119 msgid "OpenVPN" msgstr "OpenVPN" @@ -9105,23 +9907,23 @@ msgstr "Operating Modes" #: ../../configuration/interfaces/virtual-ethernet.rst:55 #: ../../configuration/interfaces/wireless.rst:416 #: ../../configuration/interfaces/wwan.rst:79 -#: ../../configuration/pki/index.rst:290 +#: ../../configuration/pki/index.rst:321 #: ../../configuration/protocols/igmp-proxy.rst:73 -#: ../../configuration/protocols/static.rst:183 -#: ../../configuration/service/conntrack-sync.rst:103 +#: ../../configuration/protocols/static.rst:216 +#: ../../configuration/service/conntrack-sync.rst:107 #: ../../configuration/service/console-server.rst:76 #: ../../configuration/service/dhcp-relay.rst:124 #: ../../configuration/service/dhcp-relay.rst:201 -#: ../../configuration/service/dns.rst:195 +#: ../../configuration/service/dns.rst:182 #: ../../configuration/service/lldp.rst:71 #: ../../configuration/service/mdns.rst:79 #: ../../configuration/service/ssh.rst:145 #: ../../configuration/service/webproxy.rst:330 #: ../../configuration/system/default-route.rst:25 #: ../../configuration/system/flow-accounting.rst:175 -#: ../../configuration/vrf/index.rst:111 -#: ../../configuration/vrf/index.rst:323 -#: ../../configuration/vrf/index.rst:503 +#: ../../configuration/vrf/index.rst:130 +#: ../../configuration/vrf/index.rst:342 +#: ../../configuration/vrf/index.rst:522 msgid "Operation" msgstr "Operation" @@ -9131,17 +9933,17 @@ msgid "Operation-mode" msgstr "Operation-mode" #: ../../configuration/firewall/bridge.rst:284 -#: ../../configuration/firewall/ipv4.rst:954 +#: ../../configuration/firewall/ipv4.rst:977 #: ../../configuration/firewall/ipv6.rst:962 msgid "Operation-mode Firewall" msgstr "Operation-mode Firewall" -#: ../../configuration/container/index.rst:143 +#: ../../configuration/container/index.rst:179 msgid "Operation Commands" msgstr "Operation Commands" -#: ../../configuration/service/dhcp-server.rst:412 -#: ../../configuration/service/dhcp-server.rst:664 +#: ../../configuration/service/dhcp-server.rst:418 +#: ../../configuration/service/dhcp-server.rst:672 #: ../../configuration/system/acceleration.rst:42 msgid "Operation Mode" msgstr "Operation Mode" @@ -9151,12 +9953,12 @@ msgid "Operation mode of wireless radio." msgstr "Operation mode of wireless radio." #: ../../configuration/interfaces/wireguard.rst:338 -#: ../../configuration/protocols/bfd.rst:94 -#: ../../configuration/protocols/bfd.rst:175 +#: ../../configuration/protocols/bfd.rst:101 +#: ../../configuration/protocols/bfd.rst:182 msgid "Operational Commands" msgstr "Operational Commands" -#: ../../configuration/protocols/bgp.rst:950 +#: ../../configuration/protocols/bgp.rst:972 #: ../../configuration/protocols/mpls.rst:218 #: ../../configuration/protocols/ospf.rst:609 #: ../../configuration/protocols/ospf.rst:1268 @@ -9164,8 +9966,8 @@ msgstr "Operational Commands" msgid "Operational Mode Commands" msgstr "Operational Mode Commands" -#: ../../configuration/system/ip.rst:47 -#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/system/ip.rst:60 +#: ../../configuration/system/ipv6.rst:56 msgid "Operational commands" msgstr "Operational commands" @@ -9177,11 +9979,11 @@ msgstr "Option" msgid "Option 43 for UniFI" msgstr "Option 43 for UniFI" -#: ../../configuration/service/dhcp-server.rst:234 +#: ../../configuration/service/dhcp-server.rst:240 msgid "Option description" msgstr "Option description" -#: ../../configuration/service/dhcp-server.rst:232 +#: ../../configuration/service/dhcp-server.rst:238 msgid "Option number" msgstr "Option number" @@ -9211,7 +10013,7 @@ msgstr "Optional" msgid "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." msgstr "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." -#: ../../configuration/system/login.rst:107 +#: ../../configuration/system/login.rst:111 msgid "Optional/default settings" msgstr "Optional/default settings" @@ -9231,12 +10033,11 @@ msgstr "Optionally set a specific static IPv4 or IPv6 address for the container. #: ../../configuration/interfaces/openvpn.rst:631 #: ../../configuration/service/dhcp-relay.rst:53 #: ../../configuration/service/dhcp-relay.rst:160 -#: ../../configuration/service/dhcp-server.rst:224 -#: ../../configuration/vpn/sstp.rst:230 +#: ../../configuration/service/dhcp-server.rst:230 msgid "Options" msgstr "Options" -#: ../../configuration/vpn/ipsec.rst:159 +#: ../../configuration/vpn/ipsec.rst:162 msgid "Options (Global IPsec settings) Attributes" msgstr "Options (Global IPsec settings) Attributes" @@ -9256,7 +10057,7 @@ msgstr "Or **binary** prefixes." msgid "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." msgstr "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." -#: ../../configuration/service/pppoe-server.rst:238 +#: ../../configuration/service/pppoe-server.rst:312 msgid "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." msgstr "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." @@ -9325,15 +10126,15 @@ msgstr "Overview of defined groups. You see the type, the members, and where the msgid "PBR multiple uplinks" msgstr "PBR multiple uplinks" -#: ../../configuration/vrf/index.rst:244 +#: ../../configuration/vrf/index.rst:263 msgid "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" msgstr "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" -#: ../../configuration/vrf/index.rst:245 +#: ../../configuration/vrf/index.rst:264 msgid "PC2 is in VRF ``blue`` which is the development department" msgstr "PC2 is in VRF ``blue`` which is the development department" -#: ../../configuration/vrf/index.rst:246 +#: ../../configuration/vrf/index.rst:265 msgid "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." msgstr "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." @@ -9369,7 +10170,7 @@ msgstr "PIM – Protocol Independent Multicast" msgid "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." msgstr "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." -#: ../../configuration/pki/index.rst:7 +#: ../../configuration/pki/index.rst:9 msgid "PKI" msgstr "PKI" @@ -9377,7 +10178,14 @@ msgstr "PKI" msgid "PPDU" msgstr "PPDU" -#: ../../configuration/vpn/sstp.rst:174 +#: ../../configuration/service/pppoe-server.rst:453 +#: ../../configuration/vpn/l2tp.rst:407 +#: ../../configuration/vpn/pptp.rst:331 +#: ../../configuration/vpn/sstp.rst:365 +msgid "PPP Advanced Options" +msgstr "PPP Advanced Options" + +#: ../../configuration/vpn/sstp.rst:180 msgid "PPP Settings" msgstr "PPP Settings" @@ -9393,7 +10201,7 @@ msgstr "PPPoE Server" msgid "PPPoE options" msgstr "PPPoE options" -#: ../../configuration/vpn/pptp.rst:4 +#: ../../configuration/vpn/pptp.rst:5 msgid "PPTP-Server" msgstr "PPTP-Server" @@ -9409,11 +10217,11 @@ msgstr "Particularly large networks may wish to run their own RPKI certificate a msgid "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." msgstr "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." -#: ../../configuration/vpn/sstp.rst:166 +#: ../../configuration/vpn/sstp.rst:172 msgid "Path to `<file>` pointing to the certificate authority certificate." msgstr "Path to `<file>` pointing to the certificate authority certificate." -#: ../../configuration/vpn/sstp.rst:170 +#: ../../configuration/vpn/sstp.rst:176 msgid "Path to `<file>` pointing to the servers certificate (public portion)." msgstr "Path to `<file>` pointing to the servers certificate (public portion)." @@ -9457,11 +10265,11 @@ msgstr "Per default VyOSs has minimal syslog logging enabled which is stored and msgid "Per default every packet is sampled (that is, the sampling rate is 1)." msgstr "Per default every packet is sampled (that is, the sampling rate is 1)." -#: ../../configuration/service/pppoe-server.rst:323 +#: ../../configuration/service/pppoe-server.rst:556 msgid "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." msgstr "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." -#: ../../configuration/system/option.rst:78 +#: ../../configuration/system/option.rst:108 msgid "Performance" msgstr "Performance" @@ -9469,11 +10277,11 @@ msgstr "Performance" msgid "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." msgstr "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." -#: ../../configuration/vrf/index.rst:197 +#: ../../configuration/vrf/index.rst:216 msgid "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." msgstr "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." -#: ../../configuration/vrf/index.rst:183 +#: ../../configuration/vrf/index.rst:202 msgid "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." msgstr "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." @@ -9497,7 +10305,7 @@ msgstr "Please, refer to appropiate section for more information about firewall msgid "Please, refer to appropriate section for more information about firewall configuration:" msgstr "Please, refer to appropriate section for more information about firewall configuration:" -#: ../../configuration/service/ipoe-server.rst:23 +#: ../../configuration/service/ipoe-server.rst:21 msgid "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." msgstr "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." @@ -9513,7 +10321,7 @@ msgstr "Please refer to the :ref:`ipsec` documentation for the individual IPSec msgid "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." msgstr "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." -#: ../../configuration/service/dhcp-server.rst:364 +#: ../../configuration/service/dhcp-server.rst:370 msgid "Please see the :ref:`dhcp-dns-quick-start` configuration." msgstr "Please see the :ref:`dhcp-dns-quick-start` configuration." @@ -9571,7 +10379,11 @@ msgstr "Port Groups" msgid "Port Mirror (SPAN)" msgstr "Port Mirror (SPAN)" -#: ../../configuration/vpn/sstp.rst:242 +#: ../../configuration/service/ipoe-server.rst:182 +#: ../../configuration/service/pppoe-server.rst:144 +#: ../../configuration/vpn/l2tp.rst:187 +#: ../../configuration/vpn/pptp.rst:127 +#: ../../configuration/vpn/sstp.rst:160 msgid "Port for Dynamic Authorization Extension server (DM/CoA)" msgstr "Port for Dynamic Authorization Extension server (DM/CoA)" @@ -9656,7 +10468,7 @@ msgstr "Preference associated with the default router" msgid "Prefix Conversion" msgstr "Prefix Conversion" -#: ../../configuration/service/dhcp-server.rst:564 +#: ../../configuration/service/dhcp-server.rst:570 msgid "Prefix Delegation" msgstr "Prefix Delegation" @@ -9696,11 +10508,11 @@ msgstr "Prefix to match against." msgid "Prefixes" msgstr "Prefixes" -#: ../../configuration/policy/route-map.rst:212 +#: ../../configuration/policy/route-map.rst:215 msgid "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." msgstr "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." -#: ../../configuration/policy/route-map.rst:207 +#: ../../configuration/policy/route-map.rst:210 msgid "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." @@ -9708,11 +10520,11 @@ msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's msgid "Principle of SNMP Communication" msgstr "Principle of SNMP Communication" -#: ../../configuration/vrf/index.rst:532 +#: ../../configuration/vrf/index.rst:551 msgid "Print a summary of neighbor connections for the specified AFI/SAFI combination." msgstr "Print a summary of neighbor connections for the specified AFI/SAFI combination." -#: ../../configuration/vrf/index.rst:511 +#: ../../configuration/vrf/index.rst:530 msgid "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." msgstr "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." @@ -9733,6 +10545,10 @@ msgstr "Priority Queue, as other non-shaping policies, is only useful if your ou msgid "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." msgstr "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." +#: ../../configuration/vpn/ipsec.rst:544 +msgid "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." +msgstr "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." + #: ../../configuration/service/monitoring.rst:38 msgid "Prometheus-client" msgstr "Prometheus-client" @@ -9841,7 +10657,7 @@ msgstr "Pseudo Ethernet/MACVLAN options" msgid "Publish a port for the container." msgstr "Publish a port for the container." -#: ../../configuration/container/index.rst:147 +#: ../../configuration/container/index.rst:183 msgid "Pull a new image for container" msgstr "Pull a new image for container" @@ -9875,7 +10691,7 @@ msgstr "R1:" msgid "R1 has 192.0.2.1/24 & 2001:db8::1/64" msgstr "R1 has 192.0.2.1/24 & 2001:db8::1/64" -#: ../../configuration/vrf/index.rst:248 +#: ../../configuration/vrf/index.rst:267 msgid "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" msgstr "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" @@ -9887,12 +10703,11 @@ msgstr "R2:" msgid "R2 has 192.0.2.2/24 & 2001:db8::2/64" msgstr "R2 has 192.0.2.2/24 & 2001:db8::2/64" -#: ../../configuration/system/login.rst:234 -#: ../../configuration/vpn/sstp.rst:207 +#: ../../configuration/system/login.rst:238 msgid "RADIUS" msgstr "RADIUS" -#: ../../configuration/service/ipoe-server.rst:111 +#: ../../configuration/service/ipoe-server.rst:112 msgid "RADIUS Setup" msgstr "RADIUS Setup" @@ -9900,6 +10715,14 @@ msgstr "RADIUS Setup" msgid "RADIUS advanced features" msgstr "RADIUS advanced features" +#: ../../configuration/service/ipoe-server.rst:158 +#: ../../configuration/service/pppoe-server.rst:120 +#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/vpn/pptp.rst:103 +#: ../../configuration/vpn/sstp.rst:136 +msgid "RADIUS advanced options" +msgstr "RADIUS advanced options" + #: ../../configuration/vpn/l2tp.rst:139 msgid "RADIUS authentication" msgstr "RADIUS authentication" @@ -9916,11 +10739,15 @@ msgstr "RADIUS provides the IP addresses in the example above via Framed-IP-Addr msgid "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" msgstr "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" -#: ../../configuration/system/login.rst:266 +#: ../../configuration/system/login.rst:270 msgid "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." msgstr "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." -#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/service/ipoe-server.rst:144 +#: ../../configuration/service/pppoe-server.rst:106 +#: ../../configuration/vpn/l2tp.rst:149 +#: ../../configuration/vpn/pptp.rst:89 +#: ../../configuration/vpn/sstp.rst:122 msgid "RADIUS source address" msgstr "RADIUS source address" @@ -9928,7 +10755,7 @@ msgstr "RADIUS source address" msgid "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." msgstr "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." -#: ../../configuration/service/dhcp-server.rst:256 +#: ../../configuration/service/dhcp-server.rst:262 msgid "RFC 868 time server IPv4 address" msgstr "RFC 868 time server IPv4 address" @@ -9970,8 +10797,8 @@ msgstr "Random-Detect could be useful for heavy traffic. One use of this algorit #: ../../configuration/protocols/static.rst:37 #: ../../configuration/protocols/static.rst:57 -#: ../../configuration/protocols/static.rst:84 -#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:107 +#: ../../configuration/protocols/static.rst:127 msgid "Range is 1 to 255, default is 1." msgstr "Range is 1 to 255, default is 1." @@ -10016,15 +10843,15 @@ msgstr "Re-generated the public/private keyportion which SSH uses to secure conn msgid "Reachable Time" msgstr "Reachable Time" -#: ../../configuration/highavailability/index.rst:388 +#: ../../configuration/highavailability/index.rst:398 msgid "Real server" msgstr "Real server" -#: ../../configuration/highavailability/index.rst:389 +#: ../../configuration/highavailability/index.rst:399 msgid "Real server IP address and port" msgstr "Real server IP address and port" -#: ../../configuration/highavailability/index.rst:404 +#: ../../configuration/highavailability/index.rst:414 msgid "Real server is auto-excluded if port check with this server fail." msgstr "Real server is auto-excluded if port check with this server fail." @@ -10032,7 +10859,11 @@ msgstr "Real server is auto-excluded if port check with this server fail." msgid "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." msgstr "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." -#: ../../configuration/vpn/l2tp.rst:205 +#: ../../configuration/service/ipoe-server.rst:227 +#: ../../configuration/service/pppoe-server.rst:189 +#: ../../configuration/vpn/l2tp.rst:232 +#: ../../configuration/vpn/pptp.rst:172 +#: ../../configuration/vpn/sstp.rst:205 msgid "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." msgstr "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." @@ -10068,7 +10899,7 @@ msgstr "Redistribution Configuration" msgid "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." msgstr "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." -#: ../../configuration/service/dns.rst:278 +#: ../../configuration/service/dns.rst:262 msgid "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" msgstr "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" @@ -10159,7 +10990,10 @@ msgstr "Remote port" msgid "Remote transmission interval will be multiplied by this value" msgstr "Remote transmission interval will be multiplied by this value" -#: ../../configuration/vpn/l2tp.rst:216 +#: ../../configuration/service/pppoe-server.rst:217 +#: ../../configuration/vpn/l2tp.rst:260 +#: ../../configuration/vpn/pptp.rst:200 +#: ../../configuration/vpn/sstp.rst:233 msgid "Renaming clients interfaces by RADIUS" msgstr "Renaming clients interfaces by RADIUS" @@ -10179,7 +11013,10 @@ msgstr "Request only a temporary address and not form an IA_NA (Identity Associa msgid "Requests are forwarded through ``eth2`` as the `upstream interface`" msgstr "Requests are forwarded through ``eth2`` as the `upstream interface`" -#: ../../configuration/vpn/sstp.rst:95 +#: ../../configuration/service/pppoe-server.rst:442 +#: ../../configuration/vpn/l2tp.rst:396 +#: ../../configuration/vpn/pptp.rst:320 +#: ../../configuration/vpn/sstp.rst:354 msgid "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." msgstr "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." @@ -10191,12 +11028,12 @@ msgstr "Requirements" msgid "Requirements:" msgstr "Requirements:" -#: ../../configuration/firewall/ipv4.rst:926 +#: ../../configuration/firewall/ipv4.rst:949 #: ../../configuration/firewall/ipv6.rst:935 msgid "Requirements to enable synproxy:" msgstr "Requirements to enable synproxy:" -#: ../../configuration/protocols/bgp.rst:1064 +#: ../../configuration/protocols/bgp.rst:1086 #: ../../configuration/protocols/mpls.rst:248 msgid "Reset" msgstr "Reset" @@ -10205,11 +11042,11 @@ msgstr "Reset" msgid "Reset OpenVPN" msgstr "Reset OpenVPN" -#: ../../configuration/system/ipv6.rst:150 +#: ../../configuration/system/ipv6.rst:163 msgid "Reset commands" msgstr "Reset commands" -#: ../../configuration/service/dns.rst:199 +#: ../../configuration/service/dns.rst:186 msgid "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." msgstr "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." @@ -10225,7 +11062,7 @@ msgstr "Restart DHCP relay service" msgid "Restart DHCPv6 relay agent immediately." msgstr "Restart DHCPv6 relay agent immediately." -#: ../../configuration/container/index.rst:167 +#: ../../configuration/container/index.rst:203 msgid "Restart a given container" msgstr "Restart a given container" @@ -10233,7 +11070,7 @@ msgstr "Restart a given container" msgid "Restart mDNS repeater service." msgstr "Restart mDNS repeater service." -#: ../../configuration/service/dhcp-server.rst:428 +#: ../../configuration/service/dhcp-server.rst:434 msgid "Restart the DHCP server" msgstr "Restart the DHCP server" @@ -10245,7 +11082,7 @@ msgstr "Restart the IGMP proxy process." msgid "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." msgstr "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." -#: ../../configuration/service/dns.rst:204 +#: ../../configuration/service/dns.rst:191 msgid "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." msgstr "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." @@ -10263,11 +11100,11 @@ msgstr "Results in:" msgid "Retransmit Timer" msgstr "Retransmit Timer" -#: ../../configuration/service/conntrack-sync.rst:140 +#: ../../configuration/service/conntrack-sync.rst:144 msgid "Retrieve current statistics of connection tracking subsystem." msgstr "Retrieve current statistics of connection tracking subsystem." -#: ../../configuration/service/conntrack-sync.rst:173 +#: ../../configuration/service/conntrack-sync.rst:177 msgid "Retrieve current status of connection tracking subsystem." msgstr "Retrieve current status of connection tracking subsystem." @@ -10287,15 +11124,15 @@ msgstr "Round Robin" msgid "Route Aggregation Configuration" msgstr "Route Aggregation Configuration" -#: ../../configuration/protocols/bgp.rst:682 +#: ../../configuration/protocols/bgp.rst:704 msgid "Route Dampening" msgstr "Route Dampening" -#: ../../configuration/protocols/bgp.rst:1189 +#: ../../configuration/protocols/bgp.rst:1211 msgid "Route Filtering" msgstr "Route Filtering" -#: ../../configuration/protocols/bgp.rst:818 +#: ../../configuration/protocols/bgp.rst:840 msgid "Route Filtering Configuration" msgstr "Route Filtering Configuration" @@ -10311,7 +11148,7 @@ msgstr "Route Map Policy" msgid "Route Redistribution" msgstr "Route Redistribution" -#: ../../configuration/protocols/bgp.rst:904 +#: ../../configuration/protocols/bgp.rst:926 msgid "Route Reflector Configuration" msgstr "Route Reflector Configuration" @@ -10319,7 +11156,7 @@ msgstr "Route Reflector Configuration" msgid "Route Selection" msgstr "Route Selection" -#: ../../configuration/protocols/bgp.rst:737 +#: ../../configuration/protocols/bgp.rst:759 msgid "Route Selection Configuration" msgstr "Route Selection Configuration" @@ -10327,11 +11164,11 @@ msgstr "Route Selection Configuration" msgid "Route and Route6 Policy" msgstr "Route and Route6 Policy" -#: ../../configuration/protocols/bgp.rst:690 +#: ../../configuration/protocols/bgp.rst:712 msgid "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." msgstr "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." -#: ../../configuration/protocols/bgp.rst:1191 +#: ../../configuration/protocols/bgp.rst:1213 msgid "Route filter can be applied using a route-map:" msgstr "Route filter can be applied using a route-map:" @@ -10363,7 +11200,7 @@ msgstr "Router Lifetime" msgid "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." msgstr "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." -#: ../../configuration/vrf/index.rst:425 +#: ../../configuration/vrf/index.rst:444 msgid "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" msgstr "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" @@ -10375,7 +11212,7 @@ msgstr "Routes on Node 2:" msgid "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." msgstr "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." -#: ../../configuration/protocols/bgp.rst:662 +#: ../../configuration/protocols/bgp.rst:684 #: ../../configuration/protocols/ospf.rst:92 #: ../../configuration/protocols/rip.rst:64 #: ../../configuration/protocols/static.rst:39 @@ -10391,7 +11228,7 @@ msgstr "Routes with this attribute can only be sent to your neighbor if your loc msgid "Routine" msgstr "Routine" -#: ../../configuration/vrf/index.rst:82 +#: ../../configuration/vrf/index.rst:101 msgid "Routing" msgstr "Routing" @@ -10404,7 +11241,7 @@ msgid "Rule-Sets" msgstr "Rule-Sets" #: ../../configuration/firewall/bridge.rst:287 -#: ../../configuration/firewall/ipv4.rst:957 +#: ../../configuration/firewall/ipv4.rst:980 #: ../../configuration/firewall/ipv6.rst:965 msgid "Rule-set overview" msgstr "Rule-set overview" @@ -10447,7 +11284,7 @@ msgstr "Rules allow to control and route incoming traffic to specific backend ba msgid "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." msgstr "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." -#: ../../configuration/service/dns.rst:391 +#: ../../configuration/service/dns.rst:399 msgid "Running Behind NAT" msgstr "Running Behind NAT" @@ -10511,7 +11348,7 @@ msgstr "SNMPv3 (version 3 of the SNMP protocol) introduced a whole slew of new s msgid "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." msgstr "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." -#: ../../configuration/protocols/rpki.rst:127 +#: ../../configuration/protocols/rpki.rst:141 #: ../../configuration/service/ssh.rst:5 msgid "SSH" msgstr "SSH" @@ -10520,11 +11357,11 @@ msgstr "SSH" msgid "SSH :ref:`ssh_key_based_authentication`" msgstr "SSH :ref:`ssh_key_based_authentication`" -#: ../../configuration/system/login.rst:57 +#: ../../configuration/system/login.rst:61 msgid "SSH :ref:`ssh_operation`" msgstr "SSH :ref:`ssh_operation`" -#: ../../configuration/system/option.rst:44 +#: ../../configuration/system/option.rst:74 msgid "SSH client" msgstr "SSH client" @@ -10532,7 +11369,7 @@ msgstr "SSH client" msgid "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." msgstr "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." -#: ../../configuration/protocols/rpki.rst:137 +#: ../../configuration/protocols/rpki.rst:151 msgid "SSH username to establish an SSH connection to the cache server." msgstr "SSH username to establish an SSH connection to the cache server." @@ -10545,7 +11382,6 @@ msgid "SSID to be used in IEEE 802.11 management frames" msgstr "SSID to be used in IEEE 802.11 management frames" #: ../../configuration/vpn/openconnect.rst:24 -#: ../../configuration/vpn/sstp.rst:162 msgid "SSL Certificates" msgstr "SSL Certificates" @@ -10609,7 +11445,44 @@ msgstr "Scanning is not supported on all wireless drivers and wireless hardware. msgid "Script execution" msgstr "Script execution" +#: ../../configuration/service/ipoe-server.rst:299 +#: ../../configuration/service/pppoe-server.rst:417 +#: ../../configuration/vpn/l2tp.rst:361 +#: ../../configuration/vpn/pptp.rst:285 +#: ../../configuration/vpn/sstp.rst:319 +msgid "Script to run before session interface comes up" +msgstr "Script to run before session interface comes up" + +#: ../../configuration/service/ipoe-server.rst:291 +#: ../../configuration/service/pppoe-server.rst:409 +#: ../../configuration/vpn/l2tp.rst:353 +#: ../../configuration/vpn/pptp.rst:277 +#: ../../configuration/vpn/sstp.rst:311 +msgid "Script to run when session interface changed by RADIUS CoA handling" +msgstr "Script to run when session interface changed by RADIUS CoA handling" + +#: ../../configuration/service/ipoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:413 +#: ../../configuration/vpn/l2tp.rst:357 +#: ../../configuration/vpn/pptp.rst:281 +#: ../../configuration/vpn/sstp.rst:315 +msgid "Script to run when session interface going to terminate" +msgstr "Script to run when session interface going to terminate" + +#: ../../configuration/service/ipoe-server.rst:303 +#: ../../configuration/service/pppoe-server.rst:421 +#: ../../configuration/vpn/l2tp.rst:365 +#: ../../configuration/vpn/pptp.rst:289 +#: ../../configuration/vpn/sstp.rst:323 +msgid "Script to run when session interface is completely configured and started" +msgstr "Script to run when session interface is completely configured and started" + #: ../../configuration/highavailability/index.rst:299 +#: ../../configuration/service/ipoe-server.rst:287 +#: ../../configuration/service/pppoe-server.rst:405 +#: ../../configuration/vpn/l2tp.rst:349 +#: ../../configuration/vpn/pptp.rst:273 +#: ../../configuration/vpn/sstp.rst:307 msgid "Scripting" msgstr "Scripting" @@ -10617,7 +11490,11 @@ msgstr "Scripting" msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." -#: ../../configuration/vpn/sstp.rst:246 +#: ../../configuration/service/ipoe-server.rst:186 +#: ../../configuration/service/pppoe-server.rst:148 +#: ../../configuration/vpn/l2tp.rst:191 +#: ../../configuration/vpn/pptp.rst:131 +#: ../../configuration/vpn/sstp.rst:164 msgid "Secret for Dynamic Authorization Extension server (DM/CoA)" msgstr "Secret for Dynamic Authorization Extension server (DM/CoA)" @@ -10634,7 +11511,7 @@ msgstr "Security/authentication messages" msgid "See :rfc:`7761#section-4.1` for details." msgstr "See :rfc:`7761#section-4.1` for details." -#: ../../configuration/system/ip.rst:52 +#: ../../configuration/system/ip.rst:65 msgid "See below the different parameters available for the IPv4 **show** command:" msgstr "See below the different parameters available for the IPv4 **show** command:" @@ -10670,7 +11547,7 @@ msgstr "Select TLS version used." msgid "Select cipher suite used for cryptographic operations. This setting is mandatory." msgstr "Select cipher suite used for cryptographic operations. This setting is mandatory." -#: ../../configuration/vrf/index.rst:468 +#: ../../configuration/vrf/index.rst:487 msgid "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." msgstr "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." @@ -10694,6 +11571,10 @@ msgstr "Send all DNS queries to the IPv4/IPv6 DNS server specified under `<addre msgid "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." msgstr "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." +#: ../../configuration/vpn/l2tp.rst:276 +msgid "Sent to the client (LAC) in the Host-Name attribute" +msgstr "Sent to the client (LAC) in the Host-Name attribute" + #: ../../configuration/system/console.rst:5 msgid "Serial Console" msgstr "Serial Console" @@ -10703,7 +11584,6 @@ msgid "Serial interfaces can be any interface which is directly connected to the msgstr "Serial interfaces can be any interface which is directly connected to the CPU or chipset (mostly known as a ttyS interface in Linux) or any other USB to serial converter (Prolific PL2303 or FTDI FT232/FT4232 based chips)." #: ../../configuration/interfaces/openvpn.rst:325 -#: ../../configuration/vpn/sstp.rst:210 msgid "Server" msgstr "Server" @@ -10711,7 +11591,7 @@ msgstr "Server" msgid "Server:" msgstr "Server:" -#: ../../configuration/pki/index.rst:210 +#: ../../configuration/pki/index.rst:212 msgid "Server Certificate" msgstr "Server Certificate" @@ -10723,7 +11603,7 @@ msgstr "Server Configuration" msgid "Server Side" msgstr "Server Side" -#: ../../configuration/service/ipoe-server.rst:156 +#: ../../configuration/service/ipoe-server.rst:157 msgid "Server configuration" msgstr "Server configuration" @@ -10748,19 +11628,19 @@ msgstr "Set BFD peer IPv4 address or IPv6 address" msgid "Set BGP community-list to exactly match." msgstr "Set BGP community-list to exactly match." -#: ../../configuration/policy/route-map.rst:318 +#: ../../configuration/policy/route-map.rst:321 msgid "Set BGP local preference attribute." msgstr "Set BGP local preference attribute." -#: ../../configuration/policy/route-map.rst:336 +#: ../../configuration/policy/route-map.rst:339 msgid "Set BGP origin code." msgstr "Set BGP origin code." -#: ../../configuration/policy/route-map.rst:341 +#: ../../configuration/policy/route-map.rst:344 msgid "Set BGP originator ID attribute." msgstr "Set BGP originator ID attribute." -#: ../../configuration/policy/route-map.rst:359 +#: ../../configuration/policy/route-map.rst:362 msgid "Set BGP weight attribute" msgstr "Set BGP weight attribute" @@ -10776,7 +11656,7 @@ msgstr "Set IPSec inbound match criterias, where:" msgid "Set IP fragment match, where:" msgstr "Set IP fragment match, where:" -#: ../../configuration/policy/route-map.rst:331 +#: ../../configuration/policy/route-map.rst:334 msgid "Set OSPF external metric-type." msgstr "Set OSPF external metric-type." @@ -10796,12 +11676,12 @@ msgstr "Set SNAT rule 30 to only NAT packets arriving from the 203.0.113.0/24 ne msgid "Set SSL certeficate <name> for service <name>" msgstr "Set SSL certeficate <name> for service <name>" -#: ../../configuration/firewall/ipv4.rst:918 +#: ../../configuration/firewall/ipv4.rst:941 #: ../../configuration/firewall/ipv6.rst:927 msgid "Set TCP-MSS (maximum segment size) for the connection" msgstr "Set TCP-MSS (maximum segment size) for the connection" -#: ../../configuration/service/dns.rst:280 +#: ../../configuration/service/dns.rst:264 msgid "Set TTL to 300 seconds" msgstr "Set TTL to 300 seconds" @@ -10825,7 +11705,7 @@ msgstr "Set a destination and/or source port. Accepted input:" msgid "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." msgstr "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." -#: ../../configuration/system/login.rst:387 +#: ../../configuration/system/login.rst:391 msgid "Set a limit on the maximum number of concurrent logged-in users on the system." msgstr "Set a limit on the maximum number of concurrent logged-in users on the system." @@ -10864,11 +11744,16 @@ msgstr "Set action to take on entries matching this rule." msgid "Set an API-KEY is the minimal configuration to get a working API Endpoint." msgstr "Set an API-KEY is the minimal configuration to get a working API Endpoint." -#: ../../configuration/vpn/sstp.rst:100 +#: ../../configuration/service/ipoe-server.rst:60 +#: ../../configuration/service/ipoe-server.rst:88 +#: ../../configuration/service/pppoe-server.rst:38 +#: ../../configuration/vpn/l2tp.rst:26 +#: ../../configuration/vpn/pptp.rst:27 +#: ../../configuration/vpn/sstp.rst:53 msgid "Set authentication backend. The configured authentication backend is used for all queries." msgstr "Set authentication backend. The configured authentication backend is used for all queries." -#: ../../configuration/container/index.rst:117 +#: ../../configuration/container/index.rst:122 msgid "Set container capabilities or permissions." msgstr "Set container capabilities or permissions." @@ -10880,6 +11765,19 @@ msgstr "Set delay between gratuitous ARP messages sent on an interface." msgid "Set delay for second set of gratuitous ARPs after transition to MASTER." msgstr "Set delay for second set of gratuitous ARPs after transition to MASTER." +#: ../../configuration/service/ipoe-server.rst:356 +#: ../../configuration/service/pppoe-server.rst:522 +#: ../../configuration/vpn/l2tp.rst:476 +#: ../../configuration/vpn/pptp.rst:400 +#: ../../configuration/vpn/sstp.rst:434 +msgid "Set description." +msgstr "Set description." + +#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:332 +msgid "Set description `<text>` for dynamic DNS service being configured." +msgstr "Set description `<text>` for dynamic DNS service being configured." + #: ../../configuration/policy/as-path-list.rst:21 msgid "Set description for as-path-list policy." msgstr "Set description for as-path-list policy." @@ -10956,7 +11854,7 @@ msgstr "Set eth1 to be the listening interface for the DHCPv6 relay." msgid "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." msgstr "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." -#: ../../configuration/policy/route-map.rst:251 +#: ../../configuration/policy/route-map.rst:254 msgid "Set extcommunity bandwidth" msgstr "Set extcommunity bandwidth" @@ -11025,6 +11923,10 @@ msgstr "Set maximum number of packets to alow in excess of rate." msgid "Set minimum time interval for refreshing gratuitous ARPs while MASTER." msgstr "Set minimum time interval for refreshing gratuitous ARPs while MASTER." +#: ../../configuration/vpn/l2tp.rst:72 +msgid "Set mode for IPsec authentication between VyOS and L2TP clients." +msgstr "Set mode for IPsec authentication between VyOS and L2TP clients." + #: ../../configuration/highavailability/index.rst:285 msgid "Set number of gratuitous ARP messages to send at a time after transition to MASTER." msgstr "Set number of gratuitous ARP messages to send at a time after transition to MASTER." @@ -11055,7 +11957,11 @@ msgstr "Set packet modifications: Packet Differentiated Services Codepoint (DSCP msgid "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." msgstr "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." -#: ../../configuration/policy/route-map.rst:350 +#: ../../configuration/vpn/l2tp.rst:76 +msgid "Set predefined shared secret phrase." +msgstr "Set predefined shared secret phrase." + +#: ../../configuration/policy/route-map.rst:353 msgid "Set prefixes to table." msgstr "Set prefixes to table." @@ -11063,7 +11969,7 @@ msgstr "Set prefixes to table." msgid "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." msgstr "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." -#: ../../configuration/policy/route-map.rst:260 +#: ../../configuration/policy/route-map.rst:263 msgid "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11080,7 +11986,7 @@ msgstr "Set rule action to drop." msgid "Set service to bind on IP address, by default listen on any IPv4 and IPv6" msgstr "Set service to bind on IP address, by default listen on any IPv4 and IPv6" -#: ../../configuration/policy/route-map.rst:265 +#: ../../configuration/policy/route-map.rst:268 msgid "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11096,7 +12002,7 @@ msgstr "Set some metric to routes learned from a particular neighbor." msgid "Set source-address to your local IP (LAN)." msgstr "Set source-address to your local IP (LAN)." -#: ../../configuration/policy/route-map.rst:346 +#: ../../configuration/policy/route-map.rst:349 msgid "Set source IP/IPv6 address for route." msgstr "Set source IP/IPv6 address for route." @@ -11105,7 +12011,7 @@ msgstr "Set source IP/IPv6 address for route." msgid "Set source address or prefix to match." msgstr "Set source address or prefix to match." -#: ../../configuration/policy/route-map.rst:354 +#: ../../configuration/policy/route-map.rst:357 msgid "Set tag value for routing protocol." msgstr "Set tag value for routing protocol." @@ -11113,8 +12019,8 @@ msgstr "Set tag value for routing protocol." msgid "Set the \"recursion desired\" bit in requests to the upstream nameserver." msgstr "Set the \"recursion desired\" bit in requests to the upstream nameserver." -#: ../../configuration/policy/route-map.rst:290 -#: ../../configuration/policy/route-map.rst:303 +#: ../../configuration/policy/route-map.rst:293 +#: ../../configuration/policy/route-map.rst:306 msgid "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." msgstr "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." @@ -11175,6 +12081,10 @@ msgstr "Set the Segment Routing Local Block i.e. the label range used by MPLS to msgid "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." msgstr "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." +#: ../../configuration/container/index.rst:99 +msgid "Set the User ID or Group ID of the container" +msgstr "Set the User ID or Group ID of the container" + #: ../../configuration/protocols/pim.rst:147 msgid "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." msgstr "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." @@ -11259,7 +12169,7 @@ msgstr "Set the name of the x509 client keypair used to authenticate against the msgid "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" msgstr "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" -#: ../../configuration/policy/route-map.rst:284 +#: ../../configuration/policy/route-map.rst:287 msgid "Set the next-hop as unchanged. Pass through the route-map without changing its value" msgstr "Set the next-hop as unchanged. Pass through the route-map without changing its value" @@ -11271,7 +12181,15 @@ msgstr "Set the number of TCP maximum retransmit attempts." msgid "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." msgstr "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." -#: ../../configuration/system/login.rst:84 +#: ../../configuration/protocols/rpki.rst:121 +msgid "Set the number of seconds the router waits until retrying to connect to the cache server." +msgstr "Set the number of seconds the router waits until retrying to connect to the cache server." + +#: ../../configuration/protocols/rpki.rst:114 +msgid "Set the number of seconds the router waits until the router expires the cache." +msgstr "Set the number of seconds the router waits until the router expires the cache." + +#: ../../configuration/system/login.rst:88 msgid "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." msgstr "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." @@ -11291,11 +12209,11 @@ msgstr "Set the peer's key used to receive (RX) traffic" msgid "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." msgstr "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." -#: ../../configuration/container/index.rst:98 +#: ../../configuration/container/index.rst:103 msgid "Set the restart behavior of the container." msgstr "Set the restart behavior of the container." -#: ../../configuration/policy/route-map.rst:323 +#: ../../configuration/policy/route-map.rst:326 msgid "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." msgstr "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." @@ -11328,12 +12246,12 @@ msgstr "Set the timeout in secounds for a protocol or state in a custom rule." msgid "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." msgstr "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." -#: ../../configuration/firewall/ipv4.rst:922 +#: ../../configuration/firewall/ipv4.rst:945 #: ../../configuration/firewall/ipv6.rst:931 msgid "Set the window scale factor for TCP window scaling" msgstr "Set the window scale factor for TCP window scaling" -#: ../../configuration/system/login.rst:124 +#: ../../configuration/system/login.rst:128 msgid "Set window of concurrently valid codes." msgstr "Set window of concurrently valid codes." @@ -11357,7 +12275,7 @@ msgstr "Sets the unique id for this vxlan-interface. Not sure how it correlates msgid "Setting VRRP group priority" msgstr "Setting VRRP group priority" -#: ../../configuration/service/dhcp-server.rst:231 +#: ../../configuration/service/dhcp-server.rst:237 msgid "Setting name" msgstr "Setting name" @@ -11389,7 +12307,12 @@ msgstr "Setting up certificates:" msgid "Setting up tunnel:" msgstr "Setting up tunnel:" -#: ../../configuration/service/dhcp-server.rst:373 +#: ../../configuration/system/option.rst:42 +#: ../../configuration/system/option.rst:53 +msgid "Setting will only become active with the next reboot!" +msgstr "Setting will only become active with the next reboot!" + +#: ../../configuration/service/dhcp-server.rst:379 msgid "Setup DHCP failover for network 192.0.2.0/24" msgstr "Setup DHCP failover for network 192.0.2.0/24" @@ -11397,15 +12320,19 @@ msgstr "Setup DHCP failover for network 192.0.2.0/24" msgid "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." msgstr "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." -#: ../../configuration/system/login.rst:262 +#: ../../configuration/system/login.rst:266 msgid "Setup the `<timeout>` in seconds when querying the RADIUS server." msgstr "Setup the `<timeout>` in seconds when querying the RADIUS server." -#: ../../configuration/system/login.rst:331 +#: ../../configuration/system/login.rst:335 msgid "Setup the `<timeout>` in seconds when querying the TACACS server." msgstr "Setup the `<timeout>` in seconds when querying the TACACS server." -#: ../../configuration/service/dns.rst:327 +#: ../../configuration/service/dns.rst:336 +msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." +msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:341 msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." @@ -11413,11 +12340,11 @@ msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS p msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." -#: ../../configuration/system/option.rst:31 +#: ../../configuration/system/option.rst:61 msgid "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." msgstr "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." -#: ../../configuration/system/option.rst:36 +#: ../../configuration/system/option.rst:66 msgid "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." msgstr "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." @@ -11445,25 +12372,25 @@ msgstr "Short GI capabilities for 20 and 40 MHz" msgid "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." msgstr "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." -#: ../../configuration/vrf/index.rst:488 +#: ../../configuration/vrf/index.rst:507 msgid "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." msgstr "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." -#: ../../configuration/protocols/bgp.rst:953 +#: ../../configuration/protocols/bgp.rst:975 #: ../../configuration/protocols/mpls.rst:225 msgid "Show" msgstr "Show" -#: ../../configuration/service/dhcp-server.rst:416 +#: ../../configuration/service/dhcp-server.rst:422 msgid "Show DHCP server daemon log file" msgstr "Show DHCP server daemon log file" -#: ../../configuration/service/dhcp-server.rst:668 +#: ../../configuration/service/dhcp-server.rst:676 msgid "Show DHCPv6 server daemon log file" msgstr "Show DHCPv6 server daemon log file" #: ../../configuration/firewall/bridge.rst:306 -#: ../../configuration/firewall/ipv4.rst:1115 +#: ../../configuration/firewall/ipv4.rst:1138 #: ../../configuration/firewall/ipv6.rst:1138 msgid "Show Firewall log" msgstr "Show Firewall log" @@ -11528,23 +12455,23 @@ msgstr "Show WWAN module model." msgid "Show WWAN module signal strength." msgstr "Show WWAN module signal strength." -#: ../../configuration/container/index.rst:163 +#: ../../configuration/container/index.rst:199 msgid "Show a list available container networks" msgstr "Show a list available container networks" -#: ../../configuration/pki/index.rst:297 +#: ../../configuration/pki/index.rst:328 msgid "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." msgstr "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." -#: ../../configuration/pki/index.rst:332 +#: ../../configuration/pki/index.rst:363 msgid "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." msgstr "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." -#: ../../configuration/pki/index.rst:315 +#: ../../configuration/pki/index.rst:346 msgid "Show a list of installed certificates" msgstr "Show a list of installed certificates" -#: ../../configuration/protocols/bfd.rst:98 +#: ../../configuration/protocols/bfd.rst:105 msgid "Show all BFD peers" msgstr "Show all BFD peers" @@ -11572,7 +12499,7 @@ msgstr "Show bridge `<name>` mdb displays the current multicast group membership msgid "Show brief interface information." msgstr "Show brief interface information." -#: ../../configuration/system/ipv6.rst:46 +#: ../../configuration/system/ipv6.rst:59 msgid "Show commands" msgstr "Show commands" @@ -11584,11 +12511,11 @@ msgstr "Show configured serial ports and their respective interface configuratio msgid "Show connection data of load balanced traffic:" msgstr "Show connection data of load balanced traffic:" -#: ../../configuration/service/conntrack-sync.rst:132 +#: ../../configuration/service/conntrack-sync.rst:136 msgid "Show connection syncing external cache entries" msgstr "Show connection syncing external cache entries" -#: ../../configuration/service/conntrack-sync.rst:136 +#: ../../configuration/service/conntrack-sync.rst:140 msgid "Show connection syncing internal cache entries" msgstr "Show connection syncing internal cache entries" @@ -11654,44 +12581,44 @@ msgstr "Show list of IPs currently blocked by SSH dynamic-protection." msgid "Show logs for mDNS repeater service." msgstr "Show logs for mDNS repeater service." -#: ../../configuration/container/index.rst:159 +#: ../../configuration/container/index.rst:195 msgid "Show logs from a given container" msgstr "Show logs from a given container" -#: ../../configuration/service/dhcp-server.rst:420 +#: ../../configuration/service/dhcp-server.rst:426 msgid "Show logs from all DHCP client processes." msgstr "Show logs from all DHCP client processes." -#: ../../configuration/service/dhcp-server.rst:672 +#: ../../configuration/service/dhcp-server.rst:680 msgid "Show logs from all DHCPv6 client processes." msgstr "Show logs from all DHCPv6 client processes." -#: ../../configuration/service/dhcp-server.rst:424 +#: ../../configuration/service/dhcp-server.rst:430 msgid "Show logs from specific `interface` DHCP client process." msgstr "Show logs from specific `interface` DHCP client process." -#: ../../configuration/service/dhcp-server.rst:676 +#: ../../configuration/service/dhcp-server.rst:684 msgid "Show logs from specific `interface` DHCPv6 client process." msgstr "Show logs from specific `interface` DHCPv6 client process." -#: ../../configuration/pki/index.rst:311 +#: ../../configuration/pki/index.rst:342 msgid "Show only information for specified Certificate Authority." msgstr "Show only information for specified Certificate Authority." -#: ../../configuration/pki/index.rst:328 +#: ../../configuration/pki/index.rst:359 msgid "Show only information for specified certificate." msgstr "Show only information for specified certificate." -#: ../../configuration/service/dhcp-server.rst:478 -#: ../../configuration/service/dhcp-server.rst:699 +#: ../../configuration/service/dhcp-server.rst:484 +#: ../../configuration/service/dhcp-server.rst:707 msgid "Show only leases in the specified pool." msgstr "Show only leases in the specified pool." -#: ../../configuration/service/dhcp-server.rst:708 +#: ../../configuration/service/dhcp-server.rst:716 msgid "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" msgstr "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" -#: ../../configuration/service/dhcp-server.rst:496 +#: ../../configuration/service/dhcp-server.rst:502 msgid "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" msgstr "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" @@ -11703,23 +12630,23 @@ msgstr "Show routing table entry for the default route." msgid "Show specific MACsec interface information" msgstr "Show specific MACsec interface information" -#: ../../configuration/vpn/site2site_ipsec.rst:221 +#: ../../configuration/vpn/site2site_ipsec.rst:224 msgid "Show status of new setup:" msgstr "Show status of new setup:" -#: ../../configuration/service/dhcp-server.rst:447 +#: ../../configuration/service/dhcp-server.rst:453 msgid "Show statuses of all active leases:" msgstr "Show statuses of all active leases:" -#: ../../configuration/service/dhcp-server.rst:465 +#: ../../configuration/service/dhcp-server.rst:471 msgid "Show statuses of all active leases granted by local (this server) or remote (failover server):" msgstr "Show statuses of all active leases granted by local (this server) or remote (failover server):" -#: ../../configuration/service/dhcp-server.rst:432 +#: ../../configuration/service/dhcp-server.rst:438 msgid "Show the DHCP server statistics:" msgstr "Show the DHCP server statistics:" -#: ../../configuration/service/dhcp-server.rst:443 +#: ../../configuration/service/dhcp-server.rst:449 msgid "Show the DHCP server statistics for the specified pool." msgstr "Show the DHCP server statistics for the specified pool." @@ -11731,11 +12658,11 @@ msgstr "Show the console server log." msgid "Show the full config uploaded to the QAT device." msgstr "Show the full config uploaded to the QAT device." -#: ../../configuration/container/index.rst:151 +#: ../../configuration/container/index.rst:187 msgid "Show the list of all active containers." msgstr "Show the list of all active containers." -#: ../../configuration/container/index.rst:155 +#: ../../configuration/container/index.rst:191 msgid "Show the local container images." msgstr "Show the local container images." @@ -11747,7 +12674,7 @@ msgstr "Show the logs of a specific Rule-Set." msgid "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." -#: ../../configuration/firewall/ipv4.rst:1125 +#: ../../configuration/firewall/ipv4.rst:1148 msgid "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." @@ -11764,11 +12691,11 @@ msgstr "Show the route" msgid "Show transceiver information from plugin modules, e.g SFP+, QSFP" msgstr "Show transceiver information from plugin modules, e.g SFP+, QSFP" -#: ../../configuration/protocols/bfd.rst:179 +#: ../../configuration/protocols/bfd.rst:186 msgid "Showing BFD monitored static routes" msgstr "Showing BFD monitored static routes" -#: ../../configuration/service/dhcp-server.rst:684 +#: ../../configuration/service/dhcp-server.rst:692 msgid "Shows status of all assigned leases:" msgstr "Shows status of all assigned leases:" @@ -11796,7 +12723,7 @@ msgstr "Sierra Wireless AirPrime MC7455 miniPCIe card (LTE)" msgid "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" msgstr "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" -#: ../../configuration/vpn/site2site_ipsec.rst:427 +#: ../../configuration/vpn/site2site_ipsec.rst:430 msgid "Similar combinations are applicable for the dead-peer-detection." msgstr "Similar combinations are applicable for the dead-peer-detection." @@ -11828,6 +12755,14 @@ msgstr "Since it's a HQ and branch offices setup, we will want all clients to ha msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." +#: ../../configuration/service/ipoe-server.rst:131 +#: ../../configuration/service/pppoe-server.rst:93 +#: ../../configuration/vpn/l2tp.rst:136 +#: ../../configuration/vpn/pptp.rst:76 +#: ../../configuration/vpn/sstp.rst:109 +msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" +msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" + #: ../../configuration/service/mdns.rst:13 msgid "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." @@ -11836,6 +12771,10 @@ msgstr "Since the mDNS protocol sends the AA records in the packet itself, the r msgid "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." +#: ../../configuration/service/ids.rst:98 +msgid "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" +msgstr "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" + #: ../../configuration/interfaces/vxlan.rst:157 msgid "Single VXLAN device (SVD)" msgstr "Single VXLAN device (SVD)" @@ -11857,7 +12796,7 @@ msgstr "Site-to-site mode supports x.509 but doesn't require it and can also wor msgid "Site to Site VPN" msgstr "Site to Site VPN" -#: ../../configuration/pki/index.rst:275 +#: ../../configuration/pki/index.rst:306 msgid "Size of the RSA key." msgstr "Size of the RSA key." @@ -11865,6 +12804,10 @@ msgstr "Size of the RSA key." msgid "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." msgstr "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." +#: ../../configuration/service/ids.rst:110 +msgid "So, firewall configuration needed for this setup:" +msgstr "So, firewall configuration needed for this setup:" + #: ../../configuration/nat/nat44.rst:554 msgid "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." msgstr "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." @@ -11885,7 +12828,14 @@ msgstr "Some ISPs by default only delegate a /64 prefix. To request for a specif msgid "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." msgstr "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." -#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/service/ipoe-server.rst:140 +#: ../../configuration/service/pppoe-server.rst:102 +#: ../../configuration/vpn/pptp.rst:85 +#: ../../configuration/vpn/sstp.rst:118 +msgid "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." +msgstr "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." + +#: ../../configuration/vpn/l2tp.rst:145 msgid "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." msgstr "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." @@ -11893,6 +12843,10 @@ msgstr "Some RADIUS_ severs use an access control list which allows or denies qu msgid "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." msgstr "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." +#: ../../configuration/container/index.rst:171 +msgid "Some container registries require credentials to be used." +msgstr "Some container registries require credentials to be used." + #: ../../configuration/firewall/general-legacy.rst:38 msgid "Some firewall settings are global and have an affect on the whole system." msgstr "Some firewall settings are global and have an affect on the whole system." @@ -11933,11 +12887,11 @@ msgstr "Some users tend to connect their mobile devices using WireGuard to their msgid "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." msgstr "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." -#: ../../configuration/service/dhcp-server.rst:703 +#: ../../configuration/service/dhcp-server.rst:711 msgid "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" msgstr "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" -#: ../../configuration/service/dhcp-server.rst:491 +#: ../../configuration/service/dhcp-server.rst:497 msgid "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" msgstr "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" @@ -11949,7 +12903,16 @@ msgstr "Source Address" msgid "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." msgstr "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." -#: ../../configuration/vpn/sstp.rst:268 +#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:208 +#: ../../configuration/service/pppoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:170 +#: ../../configuration/vpn/l2tp.rst:157 +#: ../../configuration/vpn/l2tp.rst:213 +#: ../../configuration/vpn/pptp.rst:97 +#: ../../configuration/vpn/pptp.rst:153 +#: ../../configuration/vpn/sstp.rst:130 +#: ../../configuration/vpn/sstp.rst:186 msgid "Source IPv4 address used in all RADIUS server queires." msgstr "Source IPv4 address used in all RADIUS server queires." @@ -11961,11 +12924,11 @@ msgstr "Source NAT rules" msgid "Source Prefix" msgstr "Source Prefix" -#: ../../configuration/system/login.rst:276 +#: ../../configuration/system/login.rst:280 msgid "Source all connections to the RADIUS servers from given VRF `<name>`." msgstr "Source all connections to the RADIUS servers from given VRF `<name>`." -#: ../../configuration/system/login.rst:345 +#: ../../configuration/system/login.rst:349 msgid "Source all connections to the TACACS servers from given VRF `<name>`." msgstr "Source all connections to the TACACS servers from given VRF `<name>`." @@ -11973,7 +12936,7 @@ msgstr "Source all connections to the TACACS servers from given VRF `<name>`." msgid "Source protocol to match." msgstr "Source protocol to match." -#: ../../configuration/vpn/ipsec.rst:225 +#: ../../configuration/vpn/ipsec.rst:229 msgid "Source tunnel from dummy interface" msgstr "Source tunnel from dummy interface" @@ -12001,15 +12964,48 @@ msgstr "Spatial Multiplexing Power Save (SMPS) settings" msgid "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." msgstr "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." -#: ../../configuration/vpn/sstp.rst:238 +#: ../../configuration/service/ipoe-server.rst:178 +#: ../../configuration/service/pppoe-server.rst:140 +#: ../../configuration/vpn/l2tp.rst:183 +#: ../../configuration/vpn/pptp.rst:123 +#: ../../configuration/vpn/sstp.rst:156 msgid "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" msgstr "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" -#: ../../configuration/vpn/sstp.rst:194 +#: ../../configuration/service/pppoe-server.rst:470 +#: ../../configuration/vpn/l2tp.rst:424 +#: ../../configuration/vpn/pptp.rst:348 +#: ../../configuration/vpn/sstp.rst:382 +msgid "Specifies IPv4 negotiation preference." +msgstr "Specifies IPv4 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:345 +#: ../../configuration/vpn/l2tp.rst:289 +#: ../../configuration/vpn/pptp.rst:213 +#: ../../configuration/vpn/sstp.rst:247 +msgid "Specifies IPv6 negotiation preference." +msgstr "Specifies IPv6 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:552 +msgid "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" +msgstr "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" + +#: ../../configuration/service/pppoe-server.rst:502 +#: ../../configuration/vpn/l2tp.rst:456 +#: ../../configuration/vpn/pptp.rst:380 +#: ../../configuration/vpn/sstp.rst:414 +msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." +msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." + +#: ../../configuration/vpn/sstp.rst:200 msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." -#: ../../configuration/vrf/index.rst:477 +#: ../../configuration/service/ipoe-server.rst:81 +msgid "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." +msgstr "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." + +#: ../../configuration/vrf/index.rst:496 msgid "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." msgstr "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." @@ -12017,6 +13013,13 @@ msgstr "Specifies an optional route-map to be applied to routes imported or expo msgid "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." msgstr "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." +#: ../../configuration/service/pppoe-server.rst:388 +#: ../../configuration/vpn/l2tp.rst:332 +#: ../../configuration/vpn/pptp.rst:256 +#: ../../configuration/vpn/sstp.rst:290 +msgid "Specifies fixed or random interface identifier for IPv6. By default is fixed." +msgstr "Specifies fixed or random interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:173 msgid "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." msgstr "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." @@ -12025,15 +13028,36 @@ msgstr "Specifies how long squid assumes an externally validated username:passwo msgid "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." msgstr "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." +#: ../../configuration/service/pppoe-server.rst:462 +#: ../../configuration/vpn/l2tp.rst:416 +#: ../../configuration/vpn/pptp.rst:340 +#: ../../configuration/vpn/sstp.rst:374 +msgid "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." +msgstr "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." + #: ../../configuration/interfaces/bonding.rst:40 msgid "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" msgstr "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" +#: ../../configuration/service/pppoe-server.rst:396 +#: ../../configuration/vpn/l2tp.rst:340 +#: ../../configuration/vpn/pptp.rst:264 +#: ../../configuration/vpn/sstp.rst:298 +msgid "Specifies peer interface identifier for IPv6. By default is fixed." +msgstr "Specifies peer interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:81 msgid "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." msgstr "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." -#: ../../configuration/vpn/sstp.rst:110 +#: ../../configuration/service/ipoe-server.rst:348 +msgid "Specifies relay agent IP addre" +msgstr "Specifies relay agent IP addre" + +#: ../../configuration/service/pppoe-server.rst:70 +#: ../../configuration/vpn/l2tp.rst:52 +#: ../../configuration/vpn/pptp.rst:54 +#: ../../configuration/vpn/sstp.rst:79 msgid "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." msgstr "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." @@ -12057,7 +13081,7 @@ msgstr "Specifies the available :abbr:`MAC (Message Authentication Code)` algori msgid "Specifies the base DN under which the users are located." msgstr "Specifies the base DN under which the users are located." -#: ../../configuration/service/dhcp-server.rst:239 +#: ../../configuration/service/dhcp-server.rst:245 msgid "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." msgstr "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." @@ -12094,22 +13118,33 @@ msgstr "Specifies the port `<port>` that the SSTP port will listen on (default 4 msgid "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." msgstr "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." -#: ../../configuration/vrf/index.rst:452 +#: ../../configuration/vrf/index.rst:471 msgid "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." msgstr "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." -#: ../../configuration/vrf/index.rst:445 +#: ../../configuration/vrf/index.rst:464 msgid "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." msgstr "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." -#: ../../configuration/vpn/sstp.rst:281 +#: ../../configuration/service/ipoe-server.rst:224 +#: ../../configuration/service/pppoe-server.rst:186 +#: ../../configuration/vpn/l2tp.rst:229 +#: ../../configuration/vpn/pptp.rst:169 +#: ../../configuration/vpn/sstp.rst:202 msgid "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." msgstr "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." -#: ../../configuration/vpn/sstp.rst:188 +#: ../../configuration/vpn/sstp.rst:194 msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." +#: ../../configuration/service/pppoe-server.rst:490 +#: ../../configuration/vpn/l2tp.rst:444 +#: ../../configuration/vpn/pptp.rst:368 +#: ../../configuration/vpn/sstp.rst:402 +msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." +msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." + #: ../../configuration/interfaces/vxlan.rst:77 msgid "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." msgstr "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." @@ -12122,28 +13157,47 @@ msgstr "Specifies whether the VXLAN device is capable of vni filtering." msgid "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." msgstr "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." -#: ../../configuration/vpn/sstp.rst:272 +#: ../../configuration/service/ipoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:217 +#: ../../configuration/vpn/pptp.rst:157 +#: ../../configuration/vpn/sstp.rst:190 msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." +#: ../../configuration/service/pppoe-server.rst:174 +msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." +msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." + +#: ../../configuration/service/ipoe-server.rst:344 +msgid "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." +msgstr "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." + #: ../../configuration/service/ssh.rst:45 msgid "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." msgstr "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." -#: ../../configuration/firewall/ipv4.rst:401 +#: ../../configuration/service/ids.rst:51 +msgid "Specify IPv4 and/or IPv6 networks that should be protected/monitored." +msgstr "Specify IPv4 and/or IPv6 networks that should be protected/monitored." + +#: ../../configuration/service/ids.rst:38 +msgid "Specify IPv4 and/or IPv6 networks which are going to be excluded." +msgstr "Specify IPv4 and/or IPv6 networks which are going to be excluded." + +#: ../../configuration/firewall/ipv4.rst:424 #: ../../configuration/firewall/ipv6.rst:408 msgid "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." msgstr "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." -#: ../../configuration/service/dhcp-server.rst:550 +#: ../../configuration/service/dhcp-server.rst:556 msgid "Specify a NIS+ server address for DHCPv6 clients." msgstr "Specify a NIS+ server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:545 +#: ../../configuration/service/dhcp-server.rst:551 msgid "Specify a NIS server address for DHCPv6 clients." msgstr "Specify a NIS server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:555 +#: ../../configuration/service/dhcp-server.rst:561 msgid "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." msgstr "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." @@ -12167,6 +13221,14 @@ msgstr "Specify an alternate AS for this BGP process when interacting with the s msgid "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." msgstr "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." +#: ../../configuration/service/dns.rst:254 +msgid "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." +msgstr "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." + +#: ../../configuration/service/ipoe-server.rst:339 +msgid "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" +msgstr "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" + #: ../../configuration/service/ntp.rst:84 #: ../../configuration/service/ssh.rst:110 #: ../../configuration/system/syslog.rst:79 @@ -12181,11 +13243,11 @@ msgstr "Specify nexthop on the path to the destination, ``ipv4-address`` can be msgid "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." msgstr "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." -#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:249 msgid "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." -#: ../../configuration/system/login.rst:314 +#: ../../configuration/system/login.rst:318 msgid "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." @@ -12225,7 +13287,7 @@ msgstr "Specify the systems `<timezone>` as the Region/Location that best define msgid "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" msgstr "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" -#: ../../configuration/service/dns.rst:269 +#: ../../configuration/service/dns.rst:283 msgid "Specify timeout / update interval to check if IP address changed." msgstr "Specify timeout / update interval to check if IP address changed." @@ -12233,6 +13295,10 @@ msgstr "Specify timeout / update interval to check if IP address changed." msgid "Specify timeout interval for keepalive message in seconds." msgstr "Specify timeout interval for keepalive message in seconds." +#: ../../configuration/service/ipoe-server.rst:97 +msgid "Specify where interface is shared by multiple users or it is vlan-per-user." +msgstr "Specify where interface is shared by multiple users or it is vlan-per-user." + #: ../../configuration/interfaces/vxlan.rst:191 msgid "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." msgstr "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." @@ -12285,7 +13351,7 @@ msgstr "Starting with VyOS 1.2 a :abbr:`mDNS (Multicast DNS)` repeater functiona msgid "Static" msgstr "Static" -#: ../../configuration/service/dhcp-server.rst:189 +#: ../../configuration/service/dhcp-server.rst:195 msgid "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." msgstr "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." @@ -12314,12 +13380,12 @@ msgid "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured man msgstr "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured manually on each device wishing to use MACsec. Keys must be set statically on all devices for traffic to flow properly. Key rotation is dependent on the administrator updating all keys manually across connected devices. Static SAK mode can not be used with MKA." #: ../../configuration/service/dhcp-server.rst:174 -#: ../../configuration/service/dhcp-server.rst:621 +#: ../../configuration/service/dhcp-server.rst:629 msgid "Static mappings" msgstr "Static mappings" -#: ../../configuration/service/dhcp-server.rst:460 -#: ../../configuration/service/dhcp-server.rst:694 +#: ../../configuration/service/dhcp-server.rst:466 +#: ../../configuration/service/dhcp-server.rst:702 msgid "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." msgstr "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." @@ -12384,7 +13450,7 @@ msgstr "Supported versions of RIP are:" msgid "Supports as HELPER for configured grace period." msgstr "Supports as HELPER for configured grace period." -#: ../../configuration/vpn/ipsec.rst:178 +#: ../../configuration/vpn/ipsec.rst:182 msgid "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" msgstr "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" @@ -12404,17 +13470,17 @@ msgstr "Synamic instructs to forward to all peers which we have a direct connect msgid "Sync groups" msgstr "Sync groups" -#: ../../configuration/firewall/ipv4.rst:911 +#: ../../configuration/firewall/ipv4.rst:934 #: ../../configuration/firewall/ipv6.rst:920 msgid "Synproxy" msgstr "Synproxy" -#: ../../configuration/firewall/ipv4.rst:912 +#: ../../configuration/firewall/ipv4.rst:935 #: ../../configuration/firewall/ipv6.rst:921 msgid "Synproxy connections" msgstr "Synproxy connections" -#: ../../configuration/firewall/ipv4.rst:929 +#: ../../configuration/firewall/ipv4.rst:952 #: ../../configuration/firewall/ipv6.rst:938 msgid "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" msgstr "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" @@ -12484,23 +13550,23 @@ msgstr "System identifier: ``1921.6800.1002`` - for system idetifiers we recomme msgid "System is unusable - a panic condition" msgstr "System is unusable - a panic condition" -#: ../../configuration/system/login.rst:299 +#: ../../configuration/system/login.rst:303 msgid "TACACS+" msgstr "TACACS+" -#: ../../configuration/system/login.rst:418 +#: ../../configuration/system/login.rst:422 msgid "TACACS Example" msgstr "TACACS Example" -#: ../../configuration/system/login.rst:305 +#: ../../configuration/system/login.rst:309 msgid "TACACS is defined in :rfc:`8907`." msgstr "TACACS is defined in :rfc:`8907`." -#: ../../configuration/system/login.rst:335 +#: ../../configuration/system/login.rst:339 msgid "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." msgstr "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." -#: ../../configuration/protocols/static.rst:140 +#: ../../configuration/protocols/static.rst:173 #: ../../configuration/system/flow-accounting.rst:83 msgid "TBD" msgstr "TBD" @@ -12553,15 +13619,19 @@ msgstr "Tell hosts to use the administered (stateful) protocol (i.e. DHCP) for a msgid "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" msgstr "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" -#: ../../configuration/vpn/sstp.rst:227 +#: ../../configuration/service/ipoe-server.rst:170 +#: ../../configuration/service/pppoe-server.rst:132 +#: ../../configuration/vpn/l2tp.rst:175 +#: ../../configuration/vpn/pptp.rst:115 +#: ../../configuration/vpn/sstp.rst:148 msgid "Temporary disable this RADIUS server." msgstr "Temporary disable this RADIUS server." -#: ../../configuration/system/login.rst:258 +#: ../../configuration/system/login.rst:262 msgid "Temporary disable this RADIUS server. It won't be queried." msgstr "Temporary disable this RADIUS server. It won't be queried." -#: ../../configuration/system/login.rst:327 +#: ../../configuration/system/login.rst:331 msgid "Temporary disable this TACACS server. It won't be queried." msgstr "Temporary disable this TACACS server. It won't be queried." @@ -12589,7 +13659,7 @@ msgstr "Test disconnecting given connection-oriented interface. `<interface>` ca msgid "Test from the IPv6 only client:" msgstr "Test from the IPv6 only client:" -#: ../../configuration/vpn/sstp.rst:305 +#: ../../configuration/vpn/sstp.rst:374 msgid "Testing SSTP" msgstr "Testing SSTP" @@ -12621,7 +13691,7 @@ msgstr "The ASP has documented their IPSec requirements:" msgid "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." msgstr "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." -#: ../../configuration/vrf/index.rst:94 +#: ../../configuration/vrf/index.rst:113 msgid "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." msgstr "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." @@ -12661,7 +13731,7 @@ msgstr "The Intel AX200 card does not work out of the box in AP mode, see https: msgid "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." msgstr "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." -#: ../../configuration/vpn/pptp.rst:6 +#: ../../configuration/vpn/pptp.rst:7 msgid "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." msgstr "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." @@ -12701,19 +13771,19 @@ msgstr "The VXLAN specification was originally created by VMware, Arista Network msgid "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." msgstr "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." -#: ../../configuration/service/dns.rst:173 +#: ../../configuration/service/dns.rst:160 msgid "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" msgstr "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" -#: ../../configuration/service/dns.rst:171 +#: ../../configuration/service/dns.rst:158 msgid "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" msgstr "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" -#: ../../configuration/service/dns.rst:175 +#: ../../configuration/service/dns.rst:162 msgid "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." msgstr "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." -#: ../../configuration/pki/index.rst:254 +#: ../../configuration/pki/index.rst:285 msgid "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." msgstr "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." @@ -12770,7 +13840,11 @@ msgstr "The ``https`` service listens on port 443 with backend `bk-default` to h msgid "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." msgstr "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." -#: ../../configuration/vpn/l2tp.rst:176 +#: ../../configuration/service/ipoe-server.rst:154 +#: ../../configuration/service/pppoe-server.rst:116 +#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/vpn/pptp.rst:99 +#: ../../configuration/vpn/sstp.rst:132 msgid "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." msgstr "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." @@ -12787,11 +13861,11 @@ msgstr "The above directory and default-config must be a child directory of /con msgid "The action can be :" msgstr "The action can be :" -#: ../../configuration/pki/index.rst:271 +#: ../../configuration/pki/index.rst:302 msgid "The address the server listens to during http-01 challenge" msgstr "The address the server listens to during http-01 challenge" -#: ../../configuration/protocols/bgp.rst:775 +#: ../../configuration/protocols/bgp.rst:797 msgid "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." msgstr "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." @@ -12803,7 +13877,7 @@ msgstr "The allocated address block is 100.64.0.0/10." msgid "The amount of Duplicate Address Detection probes to send." msgstr "The amount of Duplicate Address Detection probes to send." -#: ../../configuration/protocols/bgp.rst:835 +#: ../../configuration/protocols/bgp.rst:857 msgid "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." msgstr "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." @@ -12823,11 +13897,15 @@ msgstr "The bonding interface provides a method for aggregating multiple network msgid "The case of ingress shaping" msgstr "The case of ingress shaping" -#: ../../configuration/service/pppoe-server.rst:385 +#: ../../configuration/service/pppoe-server.rst:644 +msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." +msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." + +#: ../../configuration/service/pppoe-server.rst:644 msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." -#: ../../configuration/service/ipoe-server.rst:90 +#: ../../configuration/service/ipoe-server.rst:91 msgid "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." msgstr "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." @@ -12839,7 +13917,7 @@ msgstr "The command :opcmd:`show interfaces wireguard wg01 public-key` will then msgid "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." msgstr "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." -#: ../../configuration/service/pppoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:305 msgid "The command below enables it, assuming the RADIUS connection has been setup and is working." msgstr "The command below enables it, assuming the RADIUS connection has been setup and is working." @@ -12855,9 +13933,9 @@ msgstr "The command pon TESTUNNEL establishes the PPTP tunnel to the remote syst msgid "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" msgstr "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" -#: ../../configuration/service/dhcp-server.rst:210 -#: ../../configuration/service/dhcp-server.rst:601 -#: ../../configuration/service/dhcp-server.rst:644 +#: ../../configuration/service/dhcp-server.rst:216 +#: ../../configuration/service/dhcp-server.rst:608 +#: ../../configuration/service/dhcp-server.rst:652 msgid "The configuration will look as follows:" msgstr "The configuration will look as follows:" @@ -12881,6 +13959,10 @@ msgstr "The connection tracking table contains one entry for each connection bei msgid "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" msgstr "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" +#: ../../configuration/service/pppoe-server.rst:299 +msgid "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" +msgstr "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" + #: ../../configuration/service/ntp.rst:29 msgid "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." msgstr "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." @@ -12905,7 +13987,7 @@ msgstr "The default hostname used is `vyos`." msgid "The default is 1492." msgstr "The default is 1492." -#: ../../configuration/service/dhcp-server.rst:526 +#: ../../configuration/service/dhcp-server.rst:532 msgid "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." msgstr "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." @@ -12937,6 +14019,14 @@ msgstr "The default value is 3." msgid "The default value is 3 packets." msgstr "The default value is 3 packets." +#: ../../configuration/protocols/rpki.rst:124 +msgid "The default value is 600 seconds." +msgstr "The default value is 600 seconds." + +#: ../../configuration/protocols/rpki.rst:117 +msgid "The default value is 7200 seconds." +msgstr "The default value is 7200 seconds." + #: ../../configuration/service/dhcp-server.rst:99 msgid "The default value is 86400 seconds which corresponds to one day." msgstr "The default value is 86400 seconds which corresponds to one day." @@ -12987,15 +14077,19 @@ msgstr "The embedded Squid proxy can use LDAP to authenticate users against a co msgid "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." msgstr "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." -#: ../../configuration/service/pppoe-server.rst:369 +#: ../../configuration/service/pppoe-server.rst:627 +msgid "The example below covers a dual-stack configuration." +msgstr "The example below covers a dual-stack configuration." + +#: ../../configuration/service/pppoe-server.rst:627 msgid "The example below covers a dual-stack configuration via pppoe-server." msgstr "The example below covers a dual-stack configuration via pppoe-server." -#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/service/pppoe-server.rst:606 msgid "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." msgstr "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." -#: ../../configuration/service/ipoe-server.rst:35 +#: ../../configuration/service/ipoe-server.rst:34 msgid "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." msgstr "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." @@ -13023,7 +14117,7 @@ msgstr "The first IP in the container network is reserved by the engine and cann msgid "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." msgstr "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." -#: ../../configuration/vpn/ipsec.rst:174 +#: ../../configuration/vpn/ipsec.rst:178 msgid "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." msgstr "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." @@ -13039,14 +14133,18 @@ msgstr "The first ip address is the RP's address and the second value is the mat msgid "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." msgstr "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." -#: ../../configuration/vpn/sstp.rst:311 +#: ../../configuration/vpn/sstp.rst:484 msgid "The following PPP configuration tests MSCHAP-v2:" msgstr "The following PPP configuration tests MSCHAP-v2:" -#: ../../configuration/system/login.rst:143 +#: ../../configuration/system/login.rst:147 msgid "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" msgstr "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" +#: ../../configuration/protocols/bgp.rst:664 +msgid "The following command uses the explicit-null label value for all the BGP instances." +msgstr "The following command uses the explicit-null label value for all the BGP instances." + #: ../../configuration/interfaces/openvpn.rst:708 msgid "The following commands let you check tunnel status." msgstr "The following commands let you check tunnel status." @@ -13059,7 +14157,7 @@ msgstr "The following commands let you reset OpenVPN." msgid "The following commands translate to \"--net host\" when the container is created" msgstr "The following commands translate to \"--net host\" when the container is created" -#: ../../configuration/vrf/index.rst:101 +#: ../../configuration/vrf/index.rst:120 msgid "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" msgstr "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" @@ -13083,6 +14181,10 @@ msgstr "The following configuration reverse-proxy terminate SSL." msgid "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." msgstr "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." +#: ../../configuration/interfaces/pppoe.rst:383 +msgid "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." +msgstr "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." + #: ../../configuration/policy/examples.rst:155 msgid "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." msgstr "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." @@ -13095,7 +14197,7 @@ msgstr "The following example creates a WAP. When configuring multiple WAP inter msgid "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." msgstr "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." -#: ../../configuration/vrf/index.rst:237 +#: ../../configuration/vrf/index.rst:256 msgid "The following example topology was built using EVE-NG." msgstr "The following example topology was built using EVE-NG." @@ -13140,7 +14242,7 @@ msgstr "The forwarding delay time is the time spent in each of the listening and msgid "The generated configuration will look like:" msgstr "The generated configuration will look like:" -#: ../../configuration/pki/index.rst:107 +#: ../../configuration/pki/index.rst:109 msgid "The generated parameters are then output to the console." msgstr "The generated parameters are then output to the console." @@ -13168,7 +14270,7 @@ msgstr "The hostname can be up to 63 characters. A hostname must start and end w msgid "The hostname or IP address of the master" msgstr "The hostname or IP address of the master" -#: ../../configuration/service/dhcp-server.rst:632 +#: ../../configuration/service/dhcp-server.rst:640 msgid "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." msgstr "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." @@ -13212,7 +14314,7 @@ msgstr "The legacy and zone-based firewall configuration options is not longer s msgid "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." msgstr "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." -#: ../../configuration/policy/route-map.rst:255 +#: ../../configuration/policy/route-map.rst:258 msgid "The link bandwidth extended community is encoded as non-transitive" msgstr "The link bandwidth extended community is encoded as non-transitive" @@ -13240,6 +14342,10 @@ msgstr "The main points regarding this packet flow and terminology used in VyOS msgid "The main structure VyOS firewall cli is shown next:" msgstr "The main structure VyOS firewall cli is shown next:" +#: ../../configuration/firewall/index.rst:92 +msgid "The main structure of the VyOS firewall CLI is shown next:" +msgstr "The main structure of the VyOS firewall CLI is shown next:" + #: ../../configuration/interfaces/bonding.rst:271 msgid "The maximum number of targets that can be specified is 16. The default value is no IP address." msgstr "The maximum number of targets that can be specified is 16. The default value is no IP address." @@ -13272,11 +14378,15 @@ msgstr "The multicast-group used by all leaves for this vlan extension. Has to b msgid "The name of the service can be different, in this example it is only for convenience." msgstr "The name of the service can be different, in this example it is only for convenience." +#: ../../configuration/service/dns.rst:171 +msgid "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." +msgstr "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." + #: ../../configuration/service/dhcp-server.rst:13 msgid "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." msgstr "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." -#: ../../configuration/service/conntrack-sync.rst:188 +#: ../../configuration/service/conntrack-sync.rst:192 msgid "The next example is a simple configuration of conntrack-sync." msgstr "The next example is a simple configuration of conntrack-sync." @@ -13324,7 +14434,7 @@ msgstr "The outgoing interface to perform the translation on" msgid "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." msgstr "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." -#: ../../configuration/vpn/ipsec.rst:235 +#: ../../configuration/vpn/ipsec.rst:239 msgid "The peer names RIGHT and LEFT are used as informational text." msgstr "The peer names RIGHT and LEFT are used as informational text." @@ -13332,7 +14442,7 @@ msgstr "The peer names RIGHT and LEFT are used as informational text." msgid "The peer with lower priority will become the key server and start distributing SAKs." msgstr "The peer with lower priority will become the key server and start distributing SAKs." -#: ../../configuration/vrf/index.rst:181 +#: ../../configuration/vrf/index.rst:200 msgid "The ping command is used to test whether a network host is reachable or not." msgstr "The ping command is used to test whether a network host is reachable or not." @@ -13352,7 +14462,7 @@ msgstr "The prefix and ASN that originated it match a signed ROA. These are prob msgid "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." msgstr "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." -#: ../../configuration/service/dhcp-server.rst:375 +#: ../../configuration/service/dhcp-server.rst:381 msgid "The primary DHCP server uses address `192.168.189.252`" msgstr "The primary DHCP server uses address `192.168.189.252`" @@ -13368,11 +14478,11 @@ msgstr "The primary option is only valid for active-backup, transmit-load-balanc msgid "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." msgstr "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." -#: ../../configuration/service/dhcp-server.rst:539 +#: ../../configuration/service/dhcp-server.rst:545 msgid "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" msgstr "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" -#: ../../configuration/vrf/index.rst:222 +#: ../../configuration/vrf/index.rst:241 msgid "The prompt is adjusted to reflect this change in both config and op-mode." msgstr "The prompt is adjusted to reflect this change in both config and op-mode." @@ -13400,7 +14510,7 @@ msgstr "The public IP address of the local side of the VPN will be 198.51.100.10 msgid "The public IP address of the remote side of the VPN will be 203.0.113.11." msgstr "The public IP address of the remote side of the VPN will be 203.0.113.11." -#: ../../configuration/service/ipoe-server.rst:130 +#: ../../configuration/service/ipoe-server.rst:131 #: ../../configuration/vpn/l2tp.rst:120 msgid "The rate-limit is set in kbit/sec." msgstr "The rate-limit is set in kbit/sec." @@ -13421,6 +14531,10 @@ msgstr "The remote site will have a subnet of 10.1.0.0/16." msgid "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." msgstr "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." +#: ../../configuration/service/dns.rst:161 +msgid "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." +msgstr "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." + #: ../../configuration/interfaces/openvpn.rst:458 msgid "The required config file may look like this:" msgstr "The required config file may look like this:" @@ -13465,7 +14579,7 @@ msgstr "The sFlow accounting based on hsflowd https://sflow.net/" msgid "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." msgstr "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." -#: ../../configuration/vpn/ipsec.rst:227 +#: ../../configuration/vpn/ipsec.rst:231 msgid "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." msgstr "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." @@ -13473,7 +14587,7 @@ msgstr "The scheme above doesn't work when one of the routers has a dynamic exte msgid "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." msgstr "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." -#: ../../configuration/service/dhcp-server.rst:376 +#: ../../configuration/service/dhcp-server.rst:382 msgid "The secondary DHCP server uses address `192.168.189.253`" msgstr "The secondary DHCP server uses address `192.168.189.253`" @@ -13533,11 +14647,14 @@ msgstr "The type can be the following: asbr-summary, external, network, nssa-ext msgid "The ultimate goal of classifying traffic is to give each class a different treatment." msgstr "The ultimate goal of classifying traffic is to give each class a different treatment." -#: ../../configuration/service/ipoe-server.rst:18 +#: ../../configuration/service/ipoe-server.rst:16 msgid "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." msgstr "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." -#: ../../configuration/vpn/l2tp.rst:221 +#: ../../configuration/service/pppoe-server.rst:222 +#: ../../configuration/vpn/l2tp.rst:265 +#: ../../configuration/vpn/pptp.rst:205 +#: ../../configuration/vpn/sstp.rst:238 msgid "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." msgstr "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." @@ -13549,7 +14666,11 @@ msgstr "The vendor-class-id option can be used to request a specific class of ve msgid "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." msgstr "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." -#: ../../configuration/system/login.rst:138 +#: ../../configuration/service/router-advert.rst:86 +msgid "The well known NAT64 prefix is ``64:ff9b::/96``" +msgstr "The well known NAT64 prefix is ``64:ff9b::/96``" + +#: ../../configuration/system/login.rst:142 msgid "The window size must be between 1 and 21." msgstr "The window size must be between 1 and 21." @@ -13557,6 +14678,10 @@ msgstr "The window size must be between 1 and 21." msgid "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." msgstr "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." +#: ../../configuration/service/ids.rst:125 +msgid "Then, FastNetMon configuration:" +msgstr "Then, FastNetMon configuration:" + #: ../../configuration/nat/nat44.rst:621 msgid "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." msgstr "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." @@ -13596,7 +14721,7 @@ msgstr "There are a lot of matching criteria against which the packet can be tes msgid "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." msgstr "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." -#: ../../configuration/system/ipv6.rst:92 +#: ../../configuration/system/ipv6.rst:105 msgid "There are different parameters for getting prefix-list information:" msgstr "There are different parameters for getting prefix-list information:" @@ -13612,7 +14737,7 @@ msgstr "There are many parameters you will be able to use in order to match the msgid "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" msgstr "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" -#: ../../configuration/service/ipoe-server.rst:153 +#: ../../configuration/service/ipoe-server.rst:154 msgid "There are rate-limited and non rate-limited users (MACs)" msgstr "There are rate-limited and non rate-limited users (MACs)" @@ -13628,7 +14753,7 @@ msgstr "There are three modes of operation for a wireless interface:" msgid "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" msgstr "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" -#: ../../configuration/protocols/bgp.rst:896 +#: ../../configuration/protocols/bgp.rst:918 msgid "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" msgstr "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" @@ -13757,7 +14882,7 @@ msgstr "This command allows peerings between directly connected eBGP peers using msgid "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." msgstr "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." -#: ../../configuration/protocols/bgp.rst:812 +#: ../../configuration/protocols/bgp.rst:834 msgid "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." msgstr "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." @@ -13814,19 +14939,19 @@ msgstr "This command allows you to select a specific access concentrator when yo msgid "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." msgstr "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." -#: ../../configuration/protocols/bgp.rst:867 +#: ../../configuration/protocols/bgp.rst:889 msgid "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." msgstr "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." -#: ../../configuration/protocols/bgp.rst:843 +#: ../../configuration/protocols/bgp.rst:865 msgid "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." msgstr "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." -#: ../../configuration/protocols/bgp.rst:851 +#: ../../configuration/protocols/bgp.rst:873 msgid "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." msgstr "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." -#: ../../configuration/protocols/bgp.rst:859 +#: ../../configuration/protocols/bgp.rst:881 msgid "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." msgstr "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." @@ -13854,7 +14979,7 @@ msgstr "This command can be used to filter the RIP path using prefix lists. :cfg msgid "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." msgstr "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." -#: ../../configuration/protocols/bgp.rst:652 +#: ../../configuration/protocols/bgp.rst:674 msgid "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." msgstr "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." @@ -13878,7 +15003,7 @@ msgstr "This command change distance value of OSPFv3 globally. The distance rang msgid "This command change the distance value of RIP. The distance range is 1 to 255." msgstr "This command change the distance value of RIP. The distance range is 1 to 255." -#: ../../configuration/protocols/bgp.rst:638 +#: ../../configuration/protocols/bgp.rst:650 msgid "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." msgstr "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." @@ -13954,23 +15079,23 @@ msgstr "This command defines matching parameters for access list rule. Matching msgid "This command defines the IS-IS router behavior:" msgstr "This command defines the IS-IS router behavior:" -#: ../../configuration/protocols/bgp.rst:720 +#: ../../configuration/protocols/bgp.rst:742 msgid "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:726 +#: ../../configuration/protocols/bgp.rst:748 msgid "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:713 +#: ../../configuration/protocols/bgp.rst:735 msgid "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." msgstr "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." -#: ../../configuration/protocols/bgp.rst:595 +#: ../../configuration/protocols/bgp.rst:601 msgid "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." msgstr "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." -#: ../../configuration/protocols/bgp.rst:732 +#: ../../configuration/protocols/bgp.rst:754 msgid "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." msgstr "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." @@ -13997,7 +15122,7 @@ msgstr "This command disables check of the MTU value in the OSPF DBD packets. Th msgid "This command disables it." msgstr "This command disables it." -#: ../../configuration/protocols/bgp.rst:607 +#: ../../configuration/protocols/bgp.rst:619 msgid "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." msgstr "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." @@ -14009,23 +15134,23 @@ msgstr "This command disables split-horizon on the interface. By default, VyOS d msgid "This command disables the load sharing across multiple LFA backups." msgstr "This command disables the load sharing across multiple LFA backups." -#: ../../configuration/protocols/bgp.rst:1009 +#: ../../configuration/protocols/bgp.rst:1031 msgid "This command displays BGP dampened routes." msgstr "This command displays BGP dampened routes." -#: ../../configuration/protocols/bgp.rst:1032 +#: ../../configuration/protocols/bgp.rst:1054 msgid "This command displays BGP received-routes that are accepted after filtering." msgstr "This command displays BGP received-routes that are accepted after filtering." -#: ../../configuration/protocols/bgp.rst:1022 +#: ../../configuration/protocols/bgp.rst:1044 msgid "This command displays BGP routes advertised to a neighbor." msgstr "This command displays BGP routes advertised to a neighbor." -#: ../../configuration/protocols/bgp.rst:1017 +#: ../../configuration/protocols/bgp.rst:1039 msgid "This command displays BGP routes allowed by the specified AS Path access list." msgstr "This command displays BGP routes allowed by the specified AS Path access list." -#: ../../configuration/protocols/bgp.rst:1026 +#: ../../configuration/protocols/bgp.rst:1048 msgid "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." msgstr "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." @@ -14052,11 +15177,11 @@ msgstr "This command displays a summary table with a database contents (LSA)." msgid "This command displays a table of paths to area boundary and autonomous system boundary routers." msgstr "This command displays a table of paths to area boundary and autonomous system boundary routers." -#: ../../configuration/protocols/bgp.rst:957 +#: ../../configuration/protocols/bgp.rst:979 msgid "This command displays all entries in BGP routing table." msgstr "This command displays all entries in BGP routing table." -#: ../../configuration/protocols/bgp.rst:1036 +#: ../../configuration/protocols/bgp.rst:1058 msgid "This command displays dampened routes received from BGP neighbor." msgstr "This command displays dampened routes received from BGP neighbor." @@ -14064,27 +15189,27 @@ msgstr "This command displays dampened routes received from BGP neighbor." msgid "This command displays external information redistributed into OSPFv3" msgstr "This command displays external information redistributed into OSPFv3" -#: ../../configuration/protocols/bgp.rst:1040 +#: ../../configuration/protocols/bgp.rst:1062 msgid "This command displays information about BGP routes whose AS path matches the specified regular expression." msgstr "This command displays information about BGP routes whose AS path matches the specified regular expression." -#: ../../configuration/protocols/bgp.rst:1013 +#: ../../configuration/protocols/bgp.rst:1035 msgid "This command displays information about flapping BGP routes." msgstr "This command displays information about flapping BGP routes." -#: ../../configuration/protocols/bgp.rst:977 +#: ../../configuration/protocols/bgp.rst:999 msgid "This command displays information about the particular entry in the BGP routing table." msgstr "This command displays information about the particular entry in the BGP routing table." -#: ../../configuration/protocols/bgp.rst:1004 +#: ../../configuration/protocols/bgp.rst:1026 msgid "This command displays routes that are permitted by the BGP community list." msgstr "This command displays routes that are permitted by the BGP community list." -#: ../../configuration/protocols/bgp.rst:997 +#: ../../configuration/protocols/bgp.rst:1019 msgid "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." msgstr "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." -#: ../../configuration/protocols/bgp.rst:993 +#: ../../configuration/protocols/bgp.rst:1015 msgid "This command displays routes with classless interdomain routing (CIDR)." msgstr "This command displays routes with classless interdomain routing (CIDR)." @@ -14126,7 +15251,7 @@ msgstr "This command displays the neighbors status." msgid "This command displays the neighbors status for a neighbor on the specified interface." msgstr "This command displays the neighbors status for a neighbor on the specified interface." -#: ../../configuration/protocols/bgp.rst:1045 +#: ../../configuration/protocols/bgp.rst:1067 msgid "This command displays the status of all BGP connections." msgstr "This command displays the status of all BGP connections." @@ -14134,7 +15259,7 @@ msgstr "This command displays the status of all BGP connections." msgid "This command enable/disables summarisation for the configured address range." msgstr "This command enable/disables summarisation for the configured address range." -#: ../../configuration/protocols/bgp.rst:603 +#: ../../configuration/protocols/bgp.rst:615 msgid "This command enable logging neighbor up/down changes and reset reason." msgstr "This command enable logging neighbor up/down changes and reset reason." @@ -14174,7 +15299,7 @@ msgstr "This command enables sending timestamps with each Hello and IHU message msgid "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." msgstr "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." -#: ../../configuration/protocols/bgp.rst:875 +#: ../../configuration/protocols/bgp.rst:897 msgid "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." msgstr "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." @@ -14198,7 +15323,7 @@ msgstr "This command generate a default route into the RIP." msgid "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:632 +#: ../../configuration/protocols/bgp.rst:644 msgid "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." msgstr "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." @@ -14241,7 +15366,7 @@ msgstr "This command is used for advertising IPv4 or IPv6 networks." msgid "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." msgstr "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." -#: ../../configuration/protocols/bgp.rst:620 +#: ../../configuration/protocols/bgp.rst:632 msgid "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." msgstr "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." @@ -14253,15 +15378,15 @@ msgstr "This command modifies the default metric (hop count) value for redistrib msgid "This command override AS number of the originating router with the local AS number." msgstr "This command override AS number of the originating router with the local AS number." -#: ../../configuration/protocols/bgp.rst:885 +#: ../../configuration/protocols/bgp.rst:907 msgid "This command prevents from sending back prefixes learned from the neighbor." msgstr "This command prevents from sending back prefixes learned from the neighbor." -#: ../../configuration/protocols/bgp.rst:804 +#: ../../configuration/protocols/bgp.rst:826 msgid "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." msgstr "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." -#: ../../configuration/protocols/bgp.rst:741 +#: ../../configuration/protocols/bgp.rst:763 msgid "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." msgstr "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." @@ -14297,19 +15422,19 @@ msgstr "This command redistributes routing information from the given route sour msgid "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." msgstr "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." -#: ../../configuration/protocols/bgp.rst:1068 +#: ../../configuration/protocols/bgp.rst:1090 msgid "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1088 +#: ../../configuration/protocols/bgp.rst:1110 msgid "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1075 +#: ../../configuration/protocols/bgp.rst:1097 msgid "This command resets all BGP connections of given router." msgstr "This command resets all BGP connections of given router." -#: ../../configuration/protocols/bgp.rst:1084 +#: ../../configuration/protocols/bgp.rst:1106 msgid "This command resets all external BGP peers of given router." msgstr "This command resets all external BGP peers of given router." @@ -14389,7 +15514,7 @@ msgstr "This command sets number of seconds for RxmtInterval timer value. This v msgid "This command sets old-style (ISO 10589) or new style packet formats:" msgstr "This command sets old-style (ISO 10589) or new style packet formats:" -#: ../../configuration/protocols/bgp.rst:944 +#: ../../configuration/protocols/bgp.rst:966 msgid "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." msgstr "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." @@ -14401,7 +15526,7 @@ msgstr "This command sets overload bit to avoid any transit traffic through this msgid "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." msgstr "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." -#: ../../configuration/protocols/bgp.rst:659 +#: ../../configuration/protocols/bgp.rst:681 msgid "This command sets the administrative distance for a particular route. The distance range is 1 to 255." msgstr "This command sets the administrative distance for a particular route. The distance range is 1 to 255." @@ -14461,7 +15586,7 @@ msgstr "This command should NOT be set normally." msgid "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:938 +#: ../../configuration/protocols/bgp.rst:960 msgid "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." msgstr "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." @@ -14517,11 +15642,11 @@ msgstr "This command specifies attributes to be left unchanged for advertisement msgid "This command specifies circuit type for interface:" msgstr "This command specifies circuit type for interface:" -#: ../../configuration/protocols/bgp.rst:920 +#: ../../configuration/protocols/bgp.rst:942 msgid "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." msgstr "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." -#: ../../configuration/protocols/bgp.rst:671 +#: ../../configuration/protocols/bgp.rst:693 msgid "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." msgstr "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." @@ -14530,7 +15655,7 @@ msgstr "This command specifies hold-time in seconds. The timer range is 4 to 655 msgid "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." msgstr "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." -#: ../../configuration/protocols/bgp.rst:677 +#: ../../configuration/protocols/bgp.rst:699 msgid "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." msgstr "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." @@ -14558,15 +15683,15 @@ msgstr "This command specifies metric type for redistributed routes. Difference msgid "This command specifies network type to Point-to-Point. The default network type is broadcast." msgstr "This command specifies network type to Point-to-Point. The default network type is broadcast." -#: ../../configuration/protocols/bgp.rst:784 +#: ../../configuration/protocols/bgp.rst:806 msgid "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." msgstr "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." -#: ../../configuration/protocols/bgp.rst:754 +#: ../../configuration/protocols/bgp.rst:776 msgid "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." msgstr "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." -#: ../../configuration/protocols/bgp.rst:791 +#: ../../configuration/protocols/bgp.rst:813 msgid "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." msgstr "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." @@ -14582,7 +15707,7 @@ msgstr "This command specifies that simple password authentication should be use msgid "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." msgstr "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." -#: ../../configuration/protocols/bgp.rst:748 +#: ../../configuration/protocols/bgp.rst:770 msgid "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." msgstr "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." @@ -14622,7 +15747,7 @@ msgstr "This command specifies the base receive cost for this interface. For wir msgid "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." msgstr "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." -#: ../../configuration/protocols/bgp.rst:799 +#: ../../configuration/protocols/bgp.rst:821 msgid "This command specifies the default local preference value. The local preference range is 0 to 4294967295." msgstr "This command specifies the default local preference value. The local preference range is 0 to 4294967295." @@ -14634,7 +15759,7 @@ msgstr "This command specifies the default metric value of redistributed routes. msgid "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." msgstr "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." -#: ../../configuration/protocols/bgp.rst:916 +#: ../../configuration/protocols/bgp.rst:938 msgid "This command specifies the given neighbor as route reflector client." msgstr "This command specifies the given neighbor as route reflector client." @@ -14658,7 +15783,7 @@ msgstr "This command specifies the minimum RTT, in milliseconds, starting from w msgid "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." msgstr "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." -#: ../../configuration/protocols/bgp.rst:589 +#: ../../configuration/protocols/bgp.rst:595 msgid "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." msgstr "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." @@ -14714,7 +15839,7 @@ msgstr "This command summarizes intra area paths from specified area into one su msgid "This command to ensure not advertise the summary lsa for the matched external LSAs." msgstr "This command to ensure not advertise the summary lsa for the matched external LSAs." -#: ../../configuration/protocols/bgp.rst:1079 +#: ../../configuration/protocols/bgp.rst:1101 msgid "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." msgstr "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." @@ -14763,7 +15888,7 @@ msgstr "This command will generate a default-route in L2 database." msgid "This command will give an overview of a rule in a single rule-set" msgstr "This command will give an overview of a rule in a single rule-set" -#: ../../configuration/firewall/ipv4.rst:1091 +#: ../../configuration/firewall/ipv4.rst:1114 msgid "This command will give an overview of a rule in a single rule-set, plus information for default action." msgstr "This command will give an overview of a rule in a single rule-set, plus information for default action." @@ -14771,7 +15896,7 @@ msgstr "This command will give an overview of a rule in a single rule-set, plus msgid "This command will give an overview of a rule in a single rule-set." msgstr "This command will give an overview of a rule in a single rule-set." -#: ../../configuration/firewall/ipv4.rst:1072 +#: ../../configuration/firewall/ipv4.rst:1095 #: ../../configuration/firewall/ipv6.rst:1088 msgid "This command will give an overview of a single rule-set." msgstr "This command will give an overview of a single rule-set." @@ -14805,7 +15930,7 @@ msgid "This configuration modifies the behavior of the network statement. If you msgstr "This configuration modifies the behavior of the network statement. If you have this configured the underlying network must exist in the routing table." #: ../../configuration/service/dhcp-server.rst:76 -#: ../../configuration/service/dhcp-server.rst:520 +#: ../../configuration/service/dhcp-server.rst:526 msgid "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." msgstr "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." @@ -14825,7 +15950,7 @@ msgstr "This creates a route policy called FILTER-WEB with one rule to set the r msgid "This defaults to 10000." msgstr "This defaults to 10000." -#: ../../configuration/system/login.rst:254 +#: ../../configuration/system/login.rst:258 msgid "This defaults to 1812." msgstr "This defaults to 1812." @@ -14833,7 +15958,7 @@ msgstr "This defaults to 1812." msgid "This defaults to 2007." msgstr "This defaults to 2007." -#: ../../configuration/service/dns.rst:271 +#: ../../configuration/service/dns.rst:285 msgid "This defaults to 300 seconds." msgstr "This defaults to 300 seconds." @@ -14841,7 +15966,7 @@ msgstr "This defaults to 300 seconds." msgid "This defaults to 30 seconds." msgstr "This defaults to 30 seconds." -#: ../../configuration/system/login.rst:323 +#: ../../configuration/system/login.rst:327 msgid "This defaults to 49." msgstr "This defaults to 49." @@ -14857,7 +15982,7 @@ msgstr "This defaults to UDP" msgid "This defaults to both 1.2 and 1.3." msgstr "This defaults to both 1.2 and 1.3." -#: ../../configuration/pki/index.rst:283 +#: ../../configuration/pki/index.rst:314 msgid "This defaults to https://acme-v02.api.letsencrypt.org/directory" msgstr "This defaults to https://acme-v02.api.letsencrypt.org/directory" @@ -14893,15 +16018,27 @@ msgstr "This establishes our Port Forward rule, but if we created a firewall pol msgid "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." msgstr "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." +#: ../../configuration/vpn/ipsec.rst:392 +msgid "This example uses CACert as certificate authority." +msgstr "This example uses CACert as certificate authority." + +#: ../../configuration/vpn/ipsec.rst:386 +msgid "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." +msgstr "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." + +#: ../../configuration/protocols/bfd.rst:64 +msgid "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." +msgstr "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." + #: ../../configuration/protocols/ospf.rst:476 msgid "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." msgstr "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." -#: ../../configuration/service/dns.rst:404 +#: ../../configuration/service/dns.rst:418 msgid "This functionality is controlled by adding the following configuration:" msgstr "This functionality is controlled by adding the following configuration:" -#: ../../configuration/firewall/ipv4.rst:376 +#: ../../configuration/firewall/ipv4.rst:399 #: ../../configuration/firewall/ipv6.rst:378 msgid "This functions for both individual addresses and address groups." msgstr "This functions for both individual addresses and address groups." @@ -14946,13 +16083,13 @@ msgstr "This is a mandatory command. Sets regular expression to match against lo msgid "This is a mandatory command. Sets the full path to the script. The script file must be executable." msgstr "This is a mandatory command. Sets the full path to the script. The script file must be executable." -#: ../../configuration/pki/index.rst:261 -#: ../../configuration/pki/index.rst:267 +#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:298 msgid "This is a mandatory option" msgstr "This is a mandatory option" -#: ../../configuration/protocols/rpki.rst:117 -#: ../../configuration/protocols/rpki.rst:124 +#: ../../configuration/protocols/rpki.rst:131 +#: ../../configuration/protocols/rpki.rst:138 msgid "This is a mandatory setting." msgstr "This is a mandatory setting." @@ -15019,7 +16156,7 @@ msgstr "This is the LCD model used in your system." msgid "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." msgstr "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." -#: ../../configuration/service/dhcp-server.rst:197 +#: ../../configuration/service/dhcp-server.rst:203 msgid "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." msgstr "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." @@ -15031,7 +16168,7 @@ msgstr "This is the name of the physical interface used to connect to your LCD d msgid "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" msgstr "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" -#: ../../configuration/service/dhcp-server.rst:195 +#: ../../configuration/service/dhcp-server.rst:201 msgid "This is useful, for example, in combination with hostfile update." msgstr "This is useful, for example, in combination with hostfile update." @@ -15088,7 +16225,7 @@ msgstr "This option is used by some DHCP clients as a way for users to specify i msgid "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." msgstr "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." -#: ../../configuration/system/login.rst:390 +#: ../../configuration/system/login.rst:394 msgid "This option must be used with ``timeout`` option." msgstr "This option must be used with ``timeout`` option." @@ -15101,7 +16238,7 @@ msgstr "This option only affects 802.3ad mode." msgid "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." msgstr "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." -#: ../../configuration/pki/index.rst:277 +#: ../../configuration/pki/index.rst:308 msgid "This options defaults to 2048" msgstr "This options defaults to 2048" @@ -15219,11 +16356,19 @@ msgstr "This the simplest queue possible you can apply to your traffic. Traffic msgid "This topology was built using GNS3." msgstr "This topology was built using GNS3." +#: ../../configuration/system/option.rst:38 +msgid "This will add the following option to the Kernel commandline:" +msgstr "This will add the following option to the Kernel commandline:" + +#: ../../configuration/system/option.rst:48 +msgid "This will add the following two options to the Kernel commandline:" +msgstr "This will add the following two options to the Kernel commandline:" + #: ../../configuration/interfaces/ethernet.rst:9 msgid "This will be the most widely used interface on a router carrying traffic to the real world." msgstr "This will be the most widely used interface on a router carrying traffic to the real world." -#: ../../configuration/protocols/static.rst:171 +#: ../../configuration/protocols/static.rst:204 msgid "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." msgstr "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." @@ -15239,7 +16384,7 @@ msgstr "This will render the following ddclient_ configuration entry:" msgid "This will show you a basic firewall overview" msgstr "This will show you a basic firewall overview" -#: ../../configuration/firewall/ipv4.rst:961 +#: ../../configuration/firewall/ipv4.rst:984 msgid "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" msgstr "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" @@ -15255,12 +16400,12 @@ msgstr "This will show you a basic summary of zones configuration." msgid "This will show you a rule-set statistic since the last boot." msgstr "This will show you a rule-set statistic since the last boot." -#: ../../configuration/firewall/ipv4.rst:1112 +#: ../../configuration/firewall/ipv4.rst:1135 #: ../../configuration/firewall/ipv6.rst:1135 msgid "This will show you a statistic of all rule-sets since the last boot." msgstr "This will show you a statistic of all rule-sets since the last boot." -#: ../../configuration/firewall/ipv4.rst:1016 +#: ../../configuration/firewall/ipv4.rst:1039 #: ../../configuration/firewall/ipv6.rst:1032 msgid "This will show you a summary of rule-sets and groups" msgstr "This will show you a summary of rule-sets and groups" @@ -15301,29 +16446,49 @@ msgstr "Time in seconds that the prefix will remain preferred (default 4 hours)" msgid "Time in seconds that the prefix will remain valid (default: 30 days)" msgstr "Time in seconds that the prefix will remain valid (default: 30 days)" +#: ../../configuration/service/router-advert.rst:1 +msgid "Time in seconds that the prefix will remain valid (default: 65528 seconds)" +msgstr "Time in seconds that the prefix will remain valid (default: 65528 seconds)" + #: ../../configuration/service/webproxy.rst:177 msgid "Time is in minutes and defaults to 60." msgstr "Time is in minutes and defaults to 60." -#: ../../configuration/firewall/ipv4.rst:874 +#: ../../configuration/firewall/ipv4.rst:897 #: ../../configuration/firewall/ipv6.rst:883 #: ../../configuration/policy/route.rst:225 msgid "Time to match the defined rule." msgstr "Time to match the defined rule." +#: ../../configuration/service/ipoe-server.rst:368 +#: ../../configuration/service/pppoe-server.rst:534 +#: ../../configuration/vpn/l2tp.rst:488 +#: ../../configuration/vpn/pptp.rst:412 +#: ../../configuration/vpn/sstp.rst:446 +msgid "Timeout in seconds" +msgstr "Timeout in seconds" + #: ../../configuration/protocols/failover.rst:24 msgid "Timeout in seconds between health target checks." msgstr "Timeout in seconds between health target checks." -#: ../../configuration/vpn/sstp.rst:234 +#: ../../configuration/service/ipoe-server.rst:174 +#: ../../configuration/service/pppoe-server.rst:136 +#: ../../configuration/vpn/l2tp.rst:179 +#: ../../configuration/vpn/pptp.rst:119 +#: ../../configuration/vpn/sstp.rst:152 msgid "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" msgstr "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" -#: ../../configuration/vpn/sstp.rst:254 +#: ../../configuration/service/ipoe-server.rst:194 +#: ../../configuration/service/pppoe-server.rst:156 +#: ../../configuration/vpn/l2tp.rst:199 +#: ../../configuration/vpn/pptp.rst:139 +#: ../../configuration/vpn/sstp.rst:172 msgid "Timeout to wait response from server (seconds)" msgstr "Timeout to wait response from server (seconds)" -#: ../../configuration/protocols/bgp.rst:667 +#: ../../configuration/protocols/bgp.rst:689 #: ../../configuration/protocols/isis.rst:257 msgid "Timers" msgstr "Timers" @@ -15332,7 +16497,7 @@ msgstr "Timers" msgid "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" msgstr "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" -#: ../../configuration/vpn/l2tp.rst:58 +#: ../../configuration/vpn/l2tp.rst:108 msgid "To allow VPN-clients access via your external address, a NAT rule is required:" msgstr "To allow VPN-clients access via your external address, a NAT rule is required:" @@ -15344,7 +16509,7 @@ msgstr "To allow listing additional custom domain, for example ``openthread.thre msgid "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" msgstr "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" -#: ../../configuration/vpn/site2site_ipsec.rst:257 +#: ../../configuration/vpn/site2site_ipsec.rst:260 msgid "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" msgstr "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" @@ -15442,11 +16607,11 @@ msgstr "To configure syslog, you need to switch into configuration mode." msgid "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." msgstr "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." -#: ../../configuration/service/ipoe-server.rst:98 +#: ../../configuration/service/ipoe-server.rst:99 msgid "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." msgstr "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." -#: ../../configuration/system/login.rst:377 +#: ../../configuration/system/login.rst:381 msgid "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." msgstr "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." @@ -15462,11 +16627,11 @@ msgstr "To create routing table 100 and add a new default gateway to be used by msgid "To define a zone setup either one with interfaces or a local zone." msgstr "To define a zone setup either one with interfaces or a local zone." -#: ../../configuration/service/router-advert.rst:75 +#: ../../configuration/service/router-advert.rst:101 msgid "To disable advertisements without deleting the configuration:" msgstr "To disable advertisements without deleting the configuration:" -#: ../../configuration/system/login.rst:190 +#: ../../configuration/system/login.rst:194 msgid "To display the configured OTP user key, use the command:" msgstr "To display the configured OTP user key, use the command:" @@ -15483,7 +16648,11 @@ msgstr "To enable/disable helper support for a specific neighbour, the router-id msgid "To enable MLD reports and query on interfaces `eth0` and `eth1`:" msgstr "To enable MLD reports and query on interfaces `eth0` and `eth1`:" -#: ../../configuration/vpn/l2tp.rst:141 +#: ../../configuration/service/ipoe-server.rst:116 +#: ../../configuration/service/pppoe-server.rst:78 +#: ../../configuration/vpn/l2tp.rst:121 +#: ../../configuration/vpn/pptp.rst:61 +#: ../../configuration/vpn/sstp.rst:94 msgid "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." msgstr "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." @@ -15511,6 +16680,10 @@ msgstr "To enable the HTTP security headers in the configuration file, use the c msgid "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" msgstr "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" +#: ../../configuration/vpn/l2tp.rst:282 +msgid "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." +msgstr "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." + #: ../../configuration/service/snmp.rst:216 msgid "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." msgstr "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." @@ -15527,11 +16700,15 @@ msgstr "To generate the CA, the server private key and certificates the followin msgid "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." msgstr "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." -#: ../../configuration/service/dhcp-server.rst:566 +#: ../../configuration/service/dhcp-server.rst:572 msgid "To hand out individual prefixes to your clients the following configuration is used:" msgstr "To hand out individual prefixes to your clients the following configuration is used:" -#: ../../configuration/highavailability/index.rst:336 +#: ../../configuration/vpn/ipsec.rst:405 +msgid "To import it from the filesystem use:" +msgstr "To import it from the filesystem use:" + +#: ../../configuration/highavailability/index.rst:346 msgid "To know more about scripting, check the :ref:`command-scripting` section." msgstr "To know more about scripting, check the :ref:`command-scripting` section." @@ -15539,7 +16716,7 @@ msgstr "To know more about scripting, check the :ref:`command-scripting` section msgid "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" msgstr "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" -#: ../../configuration/protocols/static.rst:161 +#: ../../configuration/protocols/static.rst:194 msgid "To manipulate or display ARP_ table entries, the following commands are implemented." msgstr "To manipulate or display ARP_ table entries, the following commands are implemented." @@ -15552,7 +16729,7 @@ msgstr "To perform a graceful shutdown, the FRR ``graceful-restart prepare ip os msgid "To request a /56 prefix from your ISP use:" msgstr "To request a /56 prefix from your ISP use:" -#: ../../configuration/service/dhcp-server.rst:680 +#: ../../configuration/service/dhcp-server.rst:688 msgid "To restart the DHCPv6 server" msgstr "To restart the DHCPv6 server" @@ -15568,7 +16745,7 @@ msgstr "To setup a destination NAT rule we need to gather:" msgid "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" msgstr "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" -#: ../../configuration/service/ipoe-server.rst:113 +#: ../../configuration/service/ipoe-server.rst:114 msgid "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." msgstr "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." @@ -15596,6 +16773,10 @@ msgstr "Topology:" msgid "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" msgstr "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" +#: ../../configuration/service/ipoe-server.rst:433 +msgid "Toubleshooting" +msgstr "Toubleshooting" + #: ../../configuration/highavailability/index.rst:171 msgid "Track" msgstr "Track" @@ -15644,7 +16825,7 @@ msgstr "Traffic from multicast sources will go to the Rendezvous Point, and rece msgid "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." msgstr "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." -#: ../../configuration/firewall/ipv4.rst:928 +#: ../../configuration/firewall/ipv4.rst:951 #: ../../configuration/firewall/ipv6.rst:937 msgid "Traffic must be symmetric" msgstr "Traffic must be symmetric" @@ -15653,11 +16834,11 @@ msgstr "Traffic must be symmetric" msgid "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" msgstr "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" -#: ../../configuration/highavailability/index.rst:322 +#: ../../configuration/highavailability/index.rst:332 msgid "Transition scripts" msgstr "Transition scripts" -#: ../../configuration/highavailability/index.rst:324 +#: ../../configuration/highavailability/index.rst:334 msgid "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" msgstr "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" @@ -15667,6 +16848,8 @@ msgstr "Transparent Proxy" #: ../../configuration/interfaces/openvpn.rst:701 #: ../../configuration/interfaces/tunnel.rst:227 +#: ../../configuration/vpn/pptp.rst:484 +#: ../../configuration/vpn/sstp.rst:580 msgid "Troubleshooting" msgstr "Troubleshooting" @@ -15682,6 +16865,10 @@ msgstr "Tunnel" msgid "Tunnel keys" msgstr "Tunnel keys" +#: ../../configuration/vpn/l2tp.rst:280 +msgid "Tunnel password used to authenticate the client (LAC)" +msgstr "Tunnel password used to authenticate the client (LAC)" + #: ../../configuration/loadbalancing/wan.rst:257 msgid "Two environment variables are available:" msgstr "Two environment variables are available:" @@ -15714,15 +16901,15 @@ msgstr "UDP Broadcast Relay" msgid "UDP mode works better with NAT:" msgstr "UDP mode works better with NAT:" -#: ../../configuration/vpn/l2tp.rst:34 +#: ../../configuration/vpn/l2tp.rst:84 msgid "UDP port 1701 for IPsec" msgstr "UDP port 1701 for IPsec" -#: ../../configuration/vpn/l2tp.rst:39 +#: ../../configuration/vpn/l2tp.rst:89 msgid "UDP port 4500 (NAT-T)" msgstr "UDP port 4500 (NAT-T)" -#: ../../configuration/vpn/l2tp.rst:32 +#: ../../configuration/vpn/l2tp.rst:82 msgid "UDP port 500 (IKE)" msgstr "UDP port 500 (IKE)" @@ -15778,11 +16965,11 @@ msgstr "Up to seven queues -defined as classes_ with different priorities- can b msgid "Update" msgstr "Update" -#: ../../configuration/container/index.rst:171 +#: ../../configuration/container/index.rst:207 msgid "Update container image" msgstr "Update container image" -#: ../../configuration/firewall/ipv4.rst:1175 +#: ../../configuration/firewall/ipv4.rst:1198 #: ../../configuration/firewall/ipv6.rst:1191 msgid "Update geoip database" msgstr "Update geoip database" @@ -15795,10 +16982,17 @@ msgstr "Updates" msgid "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." msgstr "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." -#: ../../configuration/vpn/sstp.rst:90 +#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/vpn/l2tp.rst:391 +#: ../../configuration/vpn/pptp.rst:315 +#: ../../configuration/vpn/sstp.rst:349 msgid "Upload bandwidth limit in kbit/s for `<user>`." msgstr "Upload bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:325 +msgid "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." +msgstr "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." + #: ../../configuration/loadbalancing/wan.rst:209 msgid "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" msgstr "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" @@ -15816,7 +17010,7 @@ msgstr "Use 802.11n protocol" msgid "Use CA certificate from PKI subsystem" msgstr "Use CA certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:365 +#: ../../configuration/service/dns.rst:379 msgid "Use DynDNS as your preferred provider:" msgstr "Use DynDNS as your preferred provider:" @@ -15848,27 +17042,27 @@ msgstr "Use `delete system conntrack modules` to deactive all modules." msgid "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." msgstr "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." -#: ../../configuration/firewall/ipv4.rst:515 +#: ../../configuration/firewall/ipv4.rst:538 #: ../../configuration/firewall/ipv6.rst:525 msgid "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:578 +#: ../../configuration/firewall/ipv4.rst:601 #: ../../configuration/firewall/ipv6.rst:588 msgid "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:599 +#: ../../configuration/firewall/ipv4.rst:622 #: ../../configuration/firewall/ipv6.rst:609 msgid "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:536 +#: ../../configuration/firewall/ipv4.rst:559 #: ../../configuration/firewall/ipv6.rst:546 msgid "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:557 +#: ../../configuration/firewall/ipv4.rst:580 #: ../../configuration/firewall/ipv6.rst:567 msgid "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." @@ -15885,7 +17079,7 @@ msgstr "Use an automatically generated self-signed certificate" msgid "Use any local address, configured on any interface if this is not set." msgstr "Use any local address, configured on any interface if this is not set." -#: ../../configuration/service/dns.rst:279 +#: ../../configuration/service/dns.rst:263 msgid "Use auth key file at ``/config/auth/my.key``" msgstr "Use auth key file at ``/config/auth/my.key``" @@ -15893,10 +17087,14 @@ msgstr "Use auth key file at ``/config/auth/my.key``" msgid "Use certificate from PKI subsystem" msgstr "Use certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:408 +#: ../../configuration/service/dns.rst:410 msgid "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." msgstr "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." +#: ../../configuration/service/dns.rst:368 +msgid "Use deSEC (dedyn.io) as your preferred provider:" +msgstr "Use deSEC (dedyn.io) as your preferred provider:" + #: ../../configuration/firewall/general-legacy.rst:478 msgid "Use inverse-match to match anything except the given country-codes." msgstr "Use inverse-match to match anything except the given country-codes." @@ -15905,7 +17103,7 @@ msgstr "Use inverse-match to match anything except the given country-codes." msgid "Use local socket for API" msgstr "Use local socket for API" -#: ../../configuration/vpn/sstp.rst:288 +#: ../../configuration/vpn/sstp.rst:357 msgid "Use local user `foo` with password `bar`" msgstr "Use local user `foo` with password `bar`" @@ -15913,7 +17111,7 @@ msgstr "Use local user `foo` with password `bar`" msgid "Use tab completion to get a list of categories." msgstr "Use tab completion to get a list of categories." -#: ../../configuration/system/option.rst:53 +#: ../../configuration/system/option.rst:83 msgid "Use the address of the specified interface on the local machine as the source address of the connection." msgstr "Use the address of the specified interface on the local machine as the source address of the connection." @@ -15925,7 +17123,7 @@ msgstr "Use the following topology to build a nat66 based isolated network betwe msgid "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." msgstr "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." -#: ../../configuration/system/option.rst:48 +#: ../../configuration/system/option.rst:78 msgid "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." msgstr "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." @@ -15957,10 +17155,26 @@ msgstr "Use this PIM command to modify the time out value (31-60000 seconds) for msgid "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." -#: ../../configuration/vpn/sstp.rst:137 +#: ../../configuration/service/ipoe-server.rst:261 +msgid "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/service/pppoe-server.rst:355 +msgid "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/pptp.rst:223 +msgid "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/sstp.rst:257 msgid "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +#: ../../configuration/vpn/l2tp.rst:299 +msgid "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + #: ../../configuration/service/pppoe-server.rst:93 msgid "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." msgstr "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." @@ -16005,7 +17219,7 @@ msgstr "Use this command to check the tunnel status for OpenVPN server interface msgid "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." msgstr "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." -#: ../../configuration/system/ipv6.rst:154 +#: ../../configuration/system/ipv6.rst:167 msgid "Use this command to clear Border Gateway Protocol statistics or status." msgstr "Use this command to clear Border Gateway Protocol statistics or status." @@ -16013,16 +17227,32 @@ msgstr "Use this command to clear Border Gateway Protocol statistics or status." msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." -#: ../../configuration/vpn/sstp.rst:146 +#: ../../configuration/service/ipoe-server.rst:269 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/service/pppoe-server.rst:363 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/pptp.rst:231 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/sstp.rst:265 msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +#: ../../configuration/vpn/l2tp.rst:307 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + #: ../../configuration/service/pppoe-server.rst:120 msgid "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." msgstr "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." -#: ../../configuration/protocols/static.rst:112 -#: ../../configuration/protocols/static.rst:125 +#: ../../configuration/protocols/static.rst:146 +#: ../../configuration/protocols/static.rst:159 msgid "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." msgstr "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." @@ -16226,6 +17456,10 @@ msgstr "Use this command to control the maximum number of equal cost paths to re msgid "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." msgstr "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." +#: ../../configuration/vpn/l2tp.rst:68 +msgid "Use this command to define IPsec interface." +msgstr "Use this command to define IPsec interface." + #: ../../configuration/trafficpolicy/index.rst:425 msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." @@ -16234,8 +17468,19 @@ msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." -#: ../../configuration/service/pppoe-server.rst:81 -#: ../../configuration/vpn/sstp.rst:132 +#: ../../configuration/service/ipoe-server.rst:277 +#: ../../configuration/service/pppoe-server.rst:371 +#: ../../configuration/vpn/l2tp.rst:315 +#: ../../configuration/vpn/pptp.rst:239 +#: ../../configuration/vpn/sstp.rst:273 +msgid "Use this command to define default IPv6 address pool name." +msgstr "Use this command to define default IPv6 address pool name." + +#: ../../configuration/service/ipoe-server.rst:77 +#: ../../configuration/service/pppoe-server.rst:61 +#: ../../configuration/vpn/l2tp.rst:48 +#: ../../configuration/vpn/pptp.rst:50 +#: ../../configuration/vpn/sstp.rst:75 msgid "Use this command to define default address pool name." msgstr "Use this command to define default address pool name." @@ -16255,15 +17500,31 @@ msgstr "Use this command to define in the selected interface whether you choose msgid "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +#: ../../configuration/service/ipoe-server.rst:70 +msgid "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + #: ../../configuration/service/pppoe-server.rst:73 msgid "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." -#: ../../configuration/vpn/sstp.rst:121 +#: ../../configuration/vpn/pptp.rst:43 +msgid "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/vpn/sstp.rst:68 msgid "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." -#: ../../configuration/service/pppoe-server.rst:42 +#: ../../configuration/vpn/l2tp.rst:41 +msgid "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:54 +msgid "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:65 msgid "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." msgstr "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." @@ -16283,8 +17544,11 @@ msgstr "Use this command to define the maximum number of entries to keep in the msgid "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." msgstr "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." -#: ../../configuration/service/pppoe-server.rst:77 -#: ../../configuration/vpn/sstp.rst:128 +#: ../../configuration/service/ipoe-server.rst:332 +#: ../../configuration/service/pppoe-server.rst:450 +#: ../../configuration/vpn/l2tp.rst:404 +#: ../../configuration/vpn/pptp.rst:328 +#: ../../configuration/vpn/sstp.rst:362 msgid "Use this command to define the next address pool name." msgstr "Use this command to define the next address pool name." @@ -16352,7 +17616,7 @@ msgstr "Use this command to enable PIMv6 in the selected interface so that it ca msgid "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." msgstr "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." -#: ../../configuration/service/pppoe-server.rst:236 +#: ../../configuration/service/pppoe-server.rst:310 msgid "Use this command to enable bandwidth shaping via RADIUS." msgstr "Use this command to enable bandwidth shaping via RADIUS." @@ -16364,7 +17628,7 @@ msgstr "Use this command to enable proxy Address Resolution Protocol (ARP) on th msgid "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." msgstr "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." -#: ../../configuration/service/pppoe-server.rst:249 +#: ../../configuration/service/pppoe-server.rst:323 msgid "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." msgstr "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." @@ -16386,7 +17650,7 @@ msgstr "Use this command to enable the logging of the default action on custom c msgid "Use this command to enable the logging of the default action on the specified chain." msgstr "Use this command to enable the logging of the default action on the specified chain." -#: ../../configuration/system/ipv6.rst:165 +#: ../../configuration/system/ipv6.rst:178 msgid "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." msgstr "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." @@ -16394,11 +17658,11 @@ msgstr "Use this command to flush the kernel IPv6 route cache. An address can be msgid "Use this command to get an overview of a zone." msgstr "Use this command to get an overview of a zone." -#: ../../configuration/system/ipv6.rst:120 +#: ../../configuration/system/ipv6.rst:133 msgid "Use this command to get information about OSPFv3." msgstr "Use this command to get information about OSPFv3." -#: ../../configuration/system/ipv6.rst:142 +#: ../../configuration/system/ipv6.rst:155 msgid "Use this command to get information about the RIPNG protocol" msgstr "Use this command to get information about the RIPNG protocol" @@ -16410,10 +17674,22 @@ msgstr "Use this command to instruct the system to establish a PPPoE connection msgid "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." msgstr "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." -#: ../../configuration/service/pppoe-server.rst:311 +#: ../../configuration/service/ipoe-server.rst:394 +msgid "Use this command to locally check the active sessions in the IPoE server." +msgstr "Use this command to locally check the active sessions in the IPoE server." + +#: ../../configuration/service/pppoe-server.rst:587 msgid "Use this command to locally check the active sessions in the PPPoE server." msgstr "Use this command to locally check the active sessions in the PPPoE server." +#: ../../configuration/vpn/pptp.rst:446 +msgid "Use this command to locally check the active sessions in the PPTP server." +msgstr "Use this command to locally check the active sessions in the PPTP server." + +#: ../../configuration/vpn/sstp.rst:542 +msgid "Use this command to locally check the active sessions in the SSTP server." +msgstr "Use this command to locally check the active sessions in the SSTP server." + #: ../../configuration/protocols/igmp.rst:104 msgid "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." msgstr "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." @@ -16427,7 +17703,7 @@ msgstr "Use this command to not install advertised DNS nameservers into the loca msgid "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." msgstr "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." -#: ../../configuration/system/ipv6.rst:160 +#: ../../configuration/system/ipv6.rst:173 msgid "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." msgstr "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." @@ -16467,7 +17743,7 @@ msgstr "Use this command to see discovery hello information" msgid "Use this command to see the Label Information Base." msgstr "Use this command to see the Label Information Base." -#: ../../configuration/service/pppoe-server.rst:26 +#: ../../configuration/service/pppoe-server.rst:33 msgid "Use this command to set a name for this PPPoE-server access concentrator." msgstr "Use this command to set a name for this PPPoE-server access concentrator." @@ -16511,31 +17787,31 @@ msgstr "Use this command to set the username for authenticating with a remote PP msgid "Use this command to show IPv6 Border Gateway Protocol information." msgstr "Use this command to show IPv6 Border Gateway Protocol information." -#: ../../configuration/system/ipv6.rst:50 +#: ../../configuration/system/ipv6.rst:63 msgid "Use this command to show IPv6 Neighbor Discovery Protocol information." msgstr "Use this command to show IPv6 Neighbor Discovery Protocol information." -#: ../../configuration/system/ipv6.rst:58 +#: ../../configuration/system/ipv6.rst:71 msgid "Use this command to show IPv6 forwarding status." msgstr "Use this command to show IPv6 forwarding status." -#: ../../configuration/system/ipv6.rst:54 +#: ../../configuration/system/ipv6.rst:67 msgid "Use this command to show IPv6 multicast group membership." msgstr "Use this command to show IPv6 multicast group membership." -#: ../../configuration/system/ipv6.rst:62 +#: ../../configuration/system/ipv6.rst:75 msgid "Use this command to show IPv6 routes." msgstr "Use this command to show IPv6 routes." -#: ../../configuration/system/ipv6.rst:105 +#: ../../configuration/system/ipv6.rst:118 msgid "Use this command to show all IPv6 access lists" msgstr "Use this command to show all IPv6 access lists" -#: ../../configuration/system/ipv6.rst:90 +#: ../../configuration/system/ipv6.rst:103 msgid "Use this command to show all IPv6 prefix lists" msgstr "Use this command to show all IPv6 prefix lists" -#: ../../configuration/system/ipv6.rst:146 +#: ../../configuration/system/ipv6.rst:159 msgid "Use this command to show the status of the RIPNG protocol" msgstr "Use this command to show the status of the RIPNG protocol" @@ -16595,6 +17871,14 @@ msgstr "Used to block specific domains by the Proxy. Specifying \"vyos.net\" wil msgid "User-level messages" msgstr "User-level messages" +#: ../../configuration/service/ipoe-server.rst:250 +#: ../../configuration/service/pppoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:255 +#: ../../configuration/vpn/pptp.rst:195 +#: ../../configuration/vpn/sstp.rst:228 +msgid "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." +msgstr "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." + #: ../../configuration/policy/examples.rst:18 msgid "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." @@ -16603,11 +17887,11 @@ msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing t msgid "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." msgstr "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." -#: ../../configuration/protocols/bgp.rst:900 +#: ../../configuration/protocols/bgp.rst:922 msgid "Using BGP confederation" msgstr "Using BGP confederation" -#: ../../configuration/protocols/bgp.rst:899 +#: ../../configuration/protocols/bgp.rst:921 msgid "Using BGP route-reflectors" msgstr "Using BGP route-reflectors" @@ -16615,6 +17899,10 @@ msgstr "Using BGP route-reflectors" msgid "Using VLAN aware Bridge" msgstr "Using VLAN aware Bridge" +#: ../../configuration/vpn/sstp.rst:29 +msgid "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" +msgstr "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" + #: ../../configuration/interfaces/bridge.rst:266 msgid "Using the operation mode command to view Bridge Information" msgstr "Using the operation mode command to view Bridge Information" @@ -16652,6 +17940,10 @@ msgstr "VHT operating channel center frequency - center freq 2 (for use with the msgid "VLAN" msgstr "VLAN" +#: ../../configuration/service/pppoe-server.rst:232 +msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." +msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." + #: ../../configuration/service/pppoe-server.rst:163 msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." @@ -16668,6 +17960,10 @@ msgstr "VLAN Example" msgid "VLAN Options" msgstr "VLAN Options" +#: ../../configuration/service/ipoe-server.rst:315 +msgid "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" +msgstr "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" + #: ../../configuration/service/lldp.rst:28 msgid "VLAN name" msgstr "VLAN name" @@ -16688,32 +17984,32 @@ msgstr "VPN-clients will request configuration parameters, optionally you can DN msgid "VRF" msgstr "VRF" -#: ../../configuration/vrf/index.rst:411 +#: ../../configuration/vrf/index.rst:430 msgid "VRF Route Leaking" msgstr "VRF Route Leaking" -#: ../../configuration/vrf/index.rst:283 +#: ../../configuration/vrf/index.rst:302 msgid "VRF and NAT" msgstr "VRF and NAT" -#: ../../configuration/vrf/index.rst:380 +#: ../../configuration/vrf/index.rst:399 msgid "VRF blue routing table" msgstr "VRF blue routing table" -#: ../../configuration/vrf/index.rst:347 +#: ../../configuration/vrf/index.rst:366 msgid "VRF default routing table" msgstr "VRF default routing table" -#: ../../configuration/vrf/index.rst:363 +#: ../../configuration/vrf/index.rst:382 msgid "VRF red routing table" msgstr "VRF red routing table" -#: ../../configuration/vrf/index.rst:235 -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:254 +#: ../../configuration/vrf/index.rst:261 msgid "VRF route leaking" msgstr "VRF route leaking" -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:261 msgid "VRF topology example" msgstr "VRF topology example" @@ -16769,11 +18065,19 @@ msgstr "Valid values are 0..255." msgid "Value" msgstr "Value" -#: ../../configuration/vpn/sstp.rst:263 +#: ../../configuration/service/ipoe-server.rst:203 +#: ../../configuration/service/pppoe-server.rst:165 +#: ../../configuration/vpn/l2tp.rst:208 +#: ../../configuration/vpn/pptp.rst:148 +#: ../../configuration/vpn/sstp.rst:181 msgid "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." msgstr "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." -#: ../../configuration/vpn/sstp.rst:258 +#: ../../configuration/service/ipoe-server.rst:198 +#: ../../configuration/service/pppoe-server.rst:160 +#: ../../configuration/vpn/l2tp.rst:203 +#: ../../configuration/vpn/pptp.rst:143 +#: ../../configuration/vpn/sstp.rst:176 msgid "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." msgstr "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." @@ -16795,11 +18099,11 @@ msgstr "Verify that connections are hitting the rule on both sides:" msgid "Version" msgstr "Version" -#: ../../configuration/highavailability/index.rst:339 +#: ../../configuration/highavailability/index.rst:349 msgid "Virtual-server" msgstr "Virtual-server" -#: ../../configuration/highavailability/index.rst:398 +#: ../../configuration/highavailability/index.rst:408 msgid "Virtual-server can be configured with VRRP virtual address or without VRRP." msgstr "Virtual-server can be configured with VRRP virtual address or without VRRP." @@ -16807,7 +18111,7 @@ msgstr "Virtual-server can be configured with VRRP virtual address or without VR msgid "Virtual Ethernet" msgstr "Virtual Ethernet" -#: ../../configuration/highavailability/index.rst:342 +#: ../../configuration/highavailability/index.rst:352 msgid "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." msgstr "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." @@ -16823,11 +18127,11 @@ msgstr "VyOS 1.1 supported login as user ``root``. This has been removed due to msgid "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." msgstr "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." -#: ../../configuration/vrf/index.rst:84 +#: ../../configuration/vrf/index.rst:103 msgid "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." msgstr "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." -#: ../../configuration/pki/index.rst:9 +#: ../../configuration/pki/index.rst:11 msgid "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." msgstr "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." @@ -16839,7 +18143,7 @@ msgstr "VyOS 1.4 uses chrony instead of ntpd (see :vytask:`T3008`) which will no msgid "VyOS Arista EOS setup" msgstr "VyOS Arista EOS setup" -#: ../../configuration/vpn/ipsec.rst:120 +#: ../../configuration/vpn/ipsec.rst:123 msgid "VyOS ESP group has the next options:" msgstr "VyOS ESP group has the next options:" @@ -16883,10 +18187,14 @@ msgstr "VyOS SNMP supports both IPv4 and IPv6." msgid "VyOS also comes with a build in SSTP server, see :ref:`sstp`." msgstr "VyOS also comes with a build in SSTP server, see :ref:`sstp`." -#: ../../configuration/service/dhcp-server.rst:504 +#: ../../configuration/service/dhcp-server.rst:510 msgid "VyOS also provides DHCPv6 server functionality which is described in this section." msgstr "VyOS also provides DHCPv6 server functionality which is described in this section." +#: ../../configuration/vpn/ipsec.rst:474 +msgid "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." +msgstr "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:127 msgid "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." msgstr "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." @@ -16928,7 +18236,11 @@ msgstr "VyOS facilitates IP Multicast by supporting **PIM Sparse Mode**, **IGMP* msgid "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." msgstr "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." -#: ../../configuration/service/dns.rst:214 +#: ../../configuration/service/ids.rst:17 +msgid "VyOS includes the FastNetMon Community Edition." +msgstr "VyOS includes the FastNetMon Community Edition." + +#: ../../configuration/service/dns.rst:201 msgid "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." msgstr "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." @@ -16952,15 +18264,15 @@ msgstr "VyOS makes use of Linux `netfilter <https://netfilter.org/>`_ for packet msgid "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" msgstr "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" -#: ../../configuration/pki/index.rst:21 +#: ../../configuration/pki/index.rst:23 msgid "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." msgstr "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." -#: ../../configuration/pki/index.rst:35 +#: ../../configuration/pki/index.rst:37 msgid "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." msgstr "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." -#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:323 msgid "VyOS operational mode commands are not only available for generating keys but also to display them." msgstr "VyOS operational mode commands are not only available for generating keys but also to display them." @@ -17000,6 +18312,10 @@ msgstr "VyOS provides some operational commands on OpenVPN." msgid "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." msgstr "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." +#: ../../configuration/pki/index.rst:255 +msgid "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." +msgstr "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." + #: ../../configuration/loadbalancing/reverse-proxy.rst:8 msgid "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." msgstr "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." @@ -17020,6 +18336,10 @@ msgstr "VyOS supports both MLD version 1 and version 2 (which allows source-spec msgid "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." msgstr "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." +#: ../../configuration/vpn/ipsec.rst:452 +msgid "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." +msgstr "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." + #: ../../configuration/system/updates.rst:5 msgid "VyOS supports online checking for updates" msgstr "VyOS supports online checking for updates" @@ -17060,11 +18380,11 @@ msgstr "VyOS uses the `mirror` option to configure port mirroring. The configura msgid "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." -#: ../../configuration/service/ipoe-server.rst:9 +#: ../../configuration/service/ipoe-server.rst:7 msgid "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." -#: ../../configuration/vpn/l2tp.rst:6 +#: ../../configuration/vpn/l2tp.rst:7 msgid "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." @@ -17076,7 +18396,7 @@ msgstr "VyOS utilizes accel-ppp_ to provide SSTP server functionality. We suppor msgid "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." msgstr "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." -#: ../../configuration/vpn/site2site_ipsec.rst:164 +#: ../../configuration/vpn/site2site_ipsec.rst:167 msgid "WAN interface on `eth1`" msgstr "WAN interface on `eth1`" @@ -17117,7 +18437,7 @@ msgstr "We'll configure OpenVPN using self-signed certificates, and then discuss msgid "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." msgstr "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." -#: ../../configuration/vpn/ipsec.rst:232 +#: ../../configuration/vpn/ipsec.rst:236 msgid "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." msgstr "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." @@ -17129,11 +18449,15 @@ msgstr "We can't support all displays from the beginning. If your display type i msgid "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." msgstr "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." -#: ../../configuration/protocols/rpki.rst:158 +#: ../../configuration/protocols/rpki.rst:168 msgid "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" msgstr "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" -#: ../../configuration/protocols/bgp.rst:1249 +#: ../../configuration/vpn/ipsec.rst:456 +msgid "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." +msgstr "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." + +#: ../../configuration/protocols/bgp.rst:1271 msgid "We could expand on this and also deny link local and multicast in the rule 20 action deny." msgstr "We could expand on this and also deny link local and multicast in the rule 20 action deny." @@ -17145,6 +18469,10 @@ msgstr "We do not have CLI nodes for every single OpenVPN option. If an option i msgid "We don't recomend to use arguments. Using environments is more preffereble." msgstr "We don't recomend to use arguments. Using environments is more preffereble." +#: ../../configuration/vpn/ipsec.rst:506 +msgid "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." +msgstr "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." + #: ../../configuration/interfaces/wireguard.rst:148 msgid "We listen on port 51820" msgstr "We listen on port 51820" @@ -17153,7 +18481,7 @@ msgstr "We listen on port 51820" msgid "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" msgstr "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" -#: ../../configuration/system/option.rst:85 +#: ../../configuration/system/option.rst:115 msgid "We now utilize `tuned` for dynamic resource balancing based on profiles." msgstr "We now utilize `tuned` for dynamic resource balancing based on profiles." @@ -17169,7 +18497,7 @@ msgstr "We only need a single step for this interface:" msgid "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" msgstr "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" -#: ../../configuration/system/login.rst:420 +#: ../../configuration/system/login.rst:424 msgid "We use a vontainer providing the TACACS serve rin this example." msgstr "We use a vontainer providing the TACACS serve rin this example." @@ -17177,7 +18505,7 @@ msgstr "We use a vontainer providing the TACACS serve rin this example." msgid "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." msgstr "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." -#: ../../configuration/service/dhcp-server.rst:331 +#: ../../configuration/service/dhcp-server.rst:337 msgid "Web Proxy Autodiscovery (WPAD) URL" msgstr "Web Proxy Autodiscovery (WPAD) URL" @@ -17201,15 +18529,19 @@ msgstr "When LDP is working, you will be able to see label information in the ou msgid "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." msgstr "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." -#: ../../configuration/vrf/index.rst:73 +#: ../../configuration/vrf/index.rst:92 msgid "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." msgstr "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." -#: ../../configuration/service/dns.rst:354 +#: ../../configuration/service/dns.rst:351 +msgid "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." +msgstr "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." + +#: ../../configuration/service/dns.rst:357 msgid "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." msgstr "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." -#: ../../configuration/service/dns.rst:347 +#: ../../configuration/service/dns.rst:361 msgid "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." msgstr "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." @@ -17225,7 +18557,11 @@ msgstr "When a link is reconnected or a new slave joins the bond the receive tra msgid "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." msgstr "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." -#: ../../configuration/protocols/bgp.rst:684 +#: ../../configuration/protocols/bgp.rst:589 +msgid "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." +msgstr "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." + +#: ../../configuration/protocols/bgp.rst:706 msgid "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." msgstr "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." @@ -17237,7 +18573,7 @@ msgstr "When adding IPv6 routing information exchange feature to BGP. There were msgid "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." msgstr "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." -#: ../../configuration/service/pppoe-server.rst:169 +#: ../../configuration/service/pppoe-server.rst:238 msgid "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." msgstr "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." @@ -17271,17 +18607,21 @@ msgstr "When dequeuing, each hash-bucket with data is queried in a round robin f msgid "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." msgstr "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." -#: ../../configuration/vrf/index.rst:188 +#: ../../configuration/vrf/index.rst:207 msgid "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." msgstr "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." -#: ../../configuration/pki/index.rst:176 -#: ../../configuration/pki/index.rst:219 +#: ../../configuration/vpn/ipsec.rst:529 +msgid "When first connecting to the new VPN the user is prompted to enter proper credentials." +msgstr "When first connecting to the new VPN the user is prompted to enter proper credentials." + +#: ../../configuration/pki/index.rst:178 +#: ../../configuration/pki/index.rst:221 msgid "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" -#: ../../configuration/pki/index.rst:197 -#: ../../configuration/pki/index.rst:235 +#: ../../configuration/pki/index.rst:199 +#: ../../configuration/pki/index.rst:237 msgid "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" @@ -17325,7 +18665,7 @@ msgstr "When set the interface is enabled for \"dial-on-demand\"." msgid "When specified, this should be the only keyword for the interface." msgstr "When specified, this should be the only keyword for the interface." -#: ../../configuration/system/option.rst:60 +#: ../../configuration/system/option.rst:90 msgid "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." msgstr "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." @@ -17334,7 +18674,7 @@ msgstr "When starting a VyOS live system (the installation CD) the configured ke msgid "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." msgstr "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." -#: ../../configuration/vpn/site2site_ipsec.rst:416 +#: ../../configuration/vpn/site2site_ipsec.rst:419 msgid "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." msgstr "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." @@ -17346,6 +18686,10 @@ msgstr "When the command above is set, VyOS will answer every ICMP echo request msgid "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." msgstr "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." +#: ../../configuration/highavailability/index.rst:321 +msgid "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" +msgstr "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" + #: ../../_include/interface-address-with-dhcp.txt:14 msgid "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" msgstr "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" @@ -17366,6 +18710,10 @@ msgstr "When using NAT for a large number of host systems it recommended that a msgid "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." msgstr "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." +#: ../../configuration/protocols/rpki.rst:161 +msgid "When using SSH, private-key-file and public-key-file are mandatory options." +msgstr "When using SSH, private-key-file and public-key-file are mandatory options." + #: ../../configuration/vpn/openconnect.rst:222 msgid "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" msgstr "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" @@ -17450,12 +18798,23 @@ msgstr "Will be recorded only packets/flows on **incoming** direction in configu msgid "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" msgstr "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" +#: ../../configuration/vpn/ipsec.rst:501 +msgid "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." +msgstr "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." + +#: ../../configuration/service/pppoe-server.rst:579 +#: ../../configuration/vpn/l2tp.rst:514 +#: ../../configuration/vpn/pptp.rst:438 +#: ../../configuration/vpn/sstp.rst:472 +msgid "Windows Internet Name Service (WINS) servers propagated to client" +msgstr "Windows Internet Name Service (WINS) servers propagated to client" + #: ../../configuration/vpn/remoteaccess_ipsec.rst:147 msgid "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." msgstr "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." #: ../../configuration/interfaces/wireguard.rst:7 -#: ../../configuration/pki/index.rst:132 +#: ../../configuration/pki/index.rst:134 msgid "WireGuard" msgstr "WireGuard" @@ -17524,17 +18883,17 @@ msgstr "With this command, you can specify how the URL path should be matched ag msgid "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." msgstr "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." -#: ../../configuration/service/dhcp-server.rst:257 -#: ../../configuration/service/dhcp-server.rst:262 -#: ../../configuration/service/dhcp-server.rst:267 -#: ../../configuration/service/dhcp-server.rst:277 -#: ../../configuration/service/dhcp-server.rst:282 -#: ../../configuration/service/dhcp-server.rst:312 -#: ../../configuration/service/dhcp-server.rst:317 -#: ../../configuration/service/dhcp-server.rst:322 -#: ../../configuration/service/dhcp-server.rst:342 -#: ../../configuration/service/dhcp-server.rst:347 -#: ../../configuration/service/dhcp-server.rst:357 +#: ../../configuration/service/dhcp-server.rst:263 +#: ../../configuration/service/dhcp-server.rst:268 +#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:318 +#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:363 msgid "Y" msgstr "Y" @@ -17542,7 +18901,7 @@ msgstr "Y" msgid "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." msgstr "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." -#: ../../configuration/system/login.rst:365 +#: ../../configuration/system/login.rst:369 msgid "You are able to set post-login or pre-login banner messages to display certain information for this system." msgstr "You are able to set post-login or pre-login banner messages to display certain information for this system." @@ -17562,7 +18921,11 @@ msgstr "You can also define custom timeout values to apply to a specific subset msgid "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" msgstr "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" -#: ../../configuration/system/ipv6.rst:107 +#: ../../configuration/service/router-advert.rst:58 +msgid "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." +msgstr "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." + +#: ../../configuration/system/ipv6.rst:120 msgid "You can also specify which IPv6 access-list should be shown:" msgstr "You can also specify which IPv6 access-list should be shown:" @@ -17578,7 +18941,7 @@ msgstr "You can also use another attributes for identify client for disconnect, msgid "You can also write a description for a filter:" msgstr "You can also write a description for a filter:" -#: ../../configuration/system/login.rst:78 +#: ../../configuration/system/login.rst:82 msgid "You can assign multiple keys to the same user by using a unique identifier per SSH key." msgstr "You can assign multiple keys to the same user by using a unique identifier per SSH key." @@ -17614,7 +18977,7 @@ msgstr "You can create multiple VLAN interfaces on a physical interface. The VLA msgid "You can disable a VRRP group with ``disable`` option:" msgstr "You can disable a VRRP group with ``disable`` option:" -#: ../../configuration/system/ipv6.rst:122 +#: ../../configuration/system/ipv6.rst:135 msgid "You can get more specific OSPFv3 information by using the parameters shown below:" msgstr "You can get more specific OSPFv3 information by using the parameters shown below:" @@ -17626,11 +18989,11 @@ msgstr "You can not assign the same allowed-ips statement to multiple WireGuard msgid "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" msgstr "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" -#: ../../configuration/vpn/sstp.rst:332 +#: ../../configuration/vpn/sstp.rst:505 msgid "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." msgstr "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." -#: ../../configuration/system/login.rst:443 +#: ../../configuration/system/login.rst:447 msgid "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." msgstr "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." @@ -17718,6 +19081,10 @@ msgstr "You will also need the public key of your peer as well as the network(s) msgid "Your ISPs modem is connected to port ``eth0`` of your VyOS box." msgstr "Your ISPs modem is connected to port ``eth0`` of your VyOS box." +#: ../../configuration/service/router-advert.rst:110 +msgid "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" +msgstr "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" + #: ../../configuration/system/ip.rst:31 #: ../../configuration/system/ipv6.rst:27 #: ../../configuration/vrf/index.rst:44 @@ -17758,7 +19125,7 @@ msgstr "(This can be useful when a called service has many and/or often changing msgid ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." msgstr ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." -#: ../../configuration/protocols/static.rst:152 +#: ../../configuration/protocols/static.rst:185 msgid ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." msgstr ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." @@ -17818,7 +19185,7 @@ msgstr ":abbr:`IPSec (IP Security)` - too many RFCs to list, but start with :rfc msgid ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." msgstr ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." -#: ../../configuration/vrf/index.rst:401 +#: ../../configuration/vrf/index.rst:420 msgid ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." msgstr ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." @@ -18010,43 +19377,43 @@ msgstr ":lastproofread:2021-07-12" msgid ":opcmd:`generate pki wireguard key-pair`." msgstr ":opcmd:`generate pki wireguard key-pair`." -#: ../../configuration/vrf/index.rst:88 +#: ../../configuration/vrf/index.rst:107 msgid ":ref:`routing-bgp`" msgstr ":ref:`routing-bgp`" -#: ../../configuration/vrf/index.rst:104 +#: ../../configuration/vrf/index.rst:123 msgid ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" msgstr ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" -#: ../../configuration/vrf/index.rst:89 +#: ../../configuration/vrf/index.rst:108 msgid ":ref:`routing-isis`" msgstr ":ref:`routing-isis`" -#: ../../configuration/vrf/index.rst:105 +#: ../../configuration/vrf/index.rst:124 msgid ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" msgstr ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" -#: ../../configuration/vrf/index.rst:90 +#: ../../configuration/vrf/index.rst:109 msgid ":ref:`routing-ospf`" msgstr ":ref:`routing-ospf`" -#: ../../configuration/vrf/index.rst:106 +#: ../../configuration/vrf/index.rst:125 msgid ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" msgstr ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" -#: ../../configuration/vrf/index.rst:91 +#: ../../configuration/vrf/index.rst:110 msgid ":ref:`routing-ospfv3`" msgstr ":ref:`routing-ospfv3`" -#: ../../configuration/vrf/index.rst:107 +#: ../../configuration/vrf/index.rst:126 msgid ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" msgstr ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" -#: ../../configuration/vrf/index.rst:92 +#: ../../configuration/vrf/index.rst:111 msgid ":ref:`routing-static`" msgstr ":ref:`routing-static`" -#: ../../configuration/vrf/index.rst:108 +#: ../../configuration/vrf/index.rst:127 msgid ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" @@ -18054,7 +19421,7 @@ msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgid ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." msgstr ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." -#: ../../configuration/service/dns.rst:230 +#: ../../configuration/service/dns.rst:217 msgid ":rfc:`2136` Based" msgstr ":rfc:`2136` Based" @@ -18062,7 +19429,7 @@ msgstr ":rfc:`2136` Based" msgid ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." msgstr ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." -#: ../../configuration/pki/index.rst:15 +#: ../../configuration/pki/index.rst:17 msgid ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." msgstr ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." @@ -18086,19 +19453,19 @@ msgstr "`4. Add optional parameters`_" msgid "`<name>` must be identical on both sides!" msgstr "`<name>` must be identical on both sides!" -#: ../../configuration/pki/index.rst:202 +#: ../../configuration/pki/index.rst:204 msgid "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:181 +#: ../../configuration/pki/index.rst:183 msgid "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:240 +#: ../../configuration/pki/index.rst:242 msgid "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:224 +#: ../../configuration/pki/index.rst:226 msgid "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" @@ -18202,7 +19569,7 @@ msgstr "``802.3ad`` - IEEE 802.3ad Dynamic link aggregation. Creates aggregation msgid "``9600`` - 9600 bps" msgstr "``9600`` - 9600 bps" -#: ../../configuration/vpn/ipsec.rst:149 +#: ../../configuration/vpn/ipsec.rst:152 msgid "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" @@ -18210,6 +19577,14 @@ msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgid "``Known limitations:``" msgstr "``Known limitations:``" +#: ../../configuration/service/ipoe-server.rst:247 +#: ../../configuration/service/pppoe-server.rst:209 +#: ../../configuration/vpn/l2tp.rst:252 +#: ../../configuration/vpn/pptp.rst:192 +#: ../../configuration/vpn/sstp.rst:225 +msgid "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." +msgstr "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." + #: ../../configuration/loadbalancing/wan.rst:259 msgid "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" msgstr "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" @@ -18226,11 +19601,11 @@ msgstr "``a`` - 802.11a - 54 Mbits/sec" msgid "``ac`` - 802.11ac - 1300 Mbits/sec" msgstr "``ac`` - 802.11ac - 1300 Mbits/sec" -#: ../../configuration/policy/route-map.rst:375 +#: ../../configuration/policy/route-map.rst:378 msgid "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" msgstr "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" -#: ../../configuration/policy/route-map.rst:368 +#: ../../configuration/policy/route-map.rst:371 msgid "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" msgstr "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" @@ -18256,7 +19631,7 @@ msgstr "``active-backup`` - Active-backup policy: Only one slave in the bond is msgid "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." msgstr "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." -#: ../../configuration/vpn/ipsec.rst:96 +#: ../../configuration/vpn/ipsec.rst:98 msgid "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" msgstr "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" @@ -18268,11 +19643,15 @@ msgstr "``all-available`` all checking target addresses must be available to pas msgid "``any-available`` any of the checking target addresses must be available to pass this check" msgstr "``any-available`` any of the checking target addresses must be available to pass this check" -#: ../../configuration/vpn/site2site_ipsec.rst:385 +#: ../../configuration/vpn/site2site_ipsec.rst:388 msgid "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." msgstr "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." #: ../../configuration/vpn/site2site_ipsec.rst:18 +msgid "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" +msgstr "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" + +#: ../../configuration/vpn/site2site_ipsec.rst:18 msgid "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" msgstr "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" @@ -18292,11 +19671,11 @@ msgstr "``begin`` Matches the beginning of the URL path" msgid "``bgp`` - Border Gateway Protocol (BGP)" msgstr "``bgp`` - Border Gateway Protocol (BGP)" -#: ../../configuration/vpn/site2site_ipsec.rst:147 +#: ../../configuration/vpn/site2site_ipsec.rst:150 msgid "``bind`` - select a VTI interface to bind to this peer;" msgstr "``bind`` - select a VTI interface to bind to this peer;" -#: ../../configuration/policy/route-map.rst:376 +#: ../../configuration/policy/route-map.rst:379 msgid "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" msgstr "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" @@ -18312,6 +19691,10 @@ msgstr "``burst``: Number of packets allowed to overshoot the limit within ``per msgid "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" msgstr "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:61 +msgid "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" +msgstr "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" + #: ../../configuration/service/lldp.rst:65 msgid "``cdp`` - Listen for CDP for Cisco routers/switches" msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" @@ -18320,6 +19703,14 @@ msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" msgid "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" msgstr "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:64 +msgid "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" +msgstr "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" + +#: ../../configuration/vpn/ipsec.rst:66 +msgid "``clear`` closes the CHILD_SA and does not take further action (default);" +msgstr "``clear`` closes the CHILD_SA and does not take further action (default);" + #: ../../configuration/vpn/ipsec.rst:65 msgid "``clear`` set action to clear;" msgstr "``clear`` set action to clear;" @@ -18328,11 +19719,15 @@ msgstr "``clear`` set action to clear;" msgid "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." msgstr "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +#: ../../configuration/vpn/site2site_ipsec.rst:414 +msgid "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +msgstr "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." + #: ../../configuration/vpn/ipsec.rst:47 msgid "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" msgstr "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" -#: ../../configuration/vpn/ipsec.rst:122 +#: ../../configuration/vpn/ipsec.rst:125 msgid "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." msgstr "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." @@ -18344,7 +19739,7 @@ msgstr "``compression`` whether IPComp compression of content is proposed on the msgid "``connected`` - Connected routes (directly attached subnet or host)" msgstr "``connected`` - Connected routes (directly attached subnet or host)" -#: ../../configuration/vpn/site2site_ipsec.rst:72 +#: ../../configuration/vpn/site2site_ipsec.rst:69 msgid "``connection-type`` - how to handle this connection process. Possible variants:" msgstr "``connection-type`` - how to handle this connection process. Possible variants:" @@ -18366,39 +19761,43 @@ msgstr "``d`` - Execution interval in days" msgid "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." msgstr "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +#: ../../configuration/vpn/site2site_ipsec.rst:403 +msgid "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +msgstr "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." + #: ../../configuration/vpn/ipsec.rst:56 msgid "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" msgstr "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" -#: ../../configuration/vpn/site2site_ipsec.rst:88 +#: ../../configuration/vpn/site2site_ipsec.rst:85 msgid "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" msgstr "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" -#: ../../configuration/vpn/site2site_ipsec.rst:92 +#: ../../configuration/vpn/site2site_ipsec.rst:89 msgid "``description`` - description for this peer;" msgstr "``description`` - description for this peer;" -#: ../../configuration/vpn/ipsec.rst:101 +#: ../../configuration/vpn/ipsec.rst:103 msgid "``dh-group`` dh-group;" msgstr "``dh-group`` dh-group;" -#: ../../configuration/vpn/site2site_ipsec.rst:23 +#: ../../configuration/vpn/site2site_ipsec.rst:24 msgid "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" msgstr "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" -#: ../../configuration/vpn/site2site_ipsec.rst:94 +#: ../../configuration/vpn/site2site_ipsec.rst:91 msgid "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" msgstr "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" -#: ../../configuration/vpn/ipsec.rst:88 +#: ../../configuration/vpn/ipsec.rst:90 msgid "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." msgstr "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." -#: ../../configuration/vpn/site2site_ipsec.rst:396 +#: ../../configuration/vpn/site2site_ipsec.rst:399 msgid "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." msgstr "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." -#: ../../configuration/vpn/ipsec.rst:162 +#: ../../configuration/vpn/ipsec.rst:166 msgid "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" msgstr "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" @@ -18406,7 +19805,7 @@ msgstr "``disable-route-autoinstall`` Do not automatically install routes to rem msgid "``disable`` - disable this tunnel;" msgstr "``disable`` - disable this tunnel;" -#: ../../configuration/vpn/ipsec.rst:147 +#: ../../configuration/vpn/ipsec.rst:150 msgid "``disable`` Disable PFS;" msgstr "``disable`` Disable PFS;" @@ -18424,15 +19823,15 @@ msgstr "``disable`` disable MOBIKE;" msgid "``drop``: drop the packet." msgstr "``drop``: drop the packet." -#: ../../configuration/system/login.rst:71 +#: ../../configuration/system/login.rst:75 msgid "``ecdsa-sha2-nistp256``" msgstr "``ecdsa-sha2-nistp256``" -#: ../../configuration/system/login.rst:72 +#: ../../configuration/system/login.rst:76 msgid "``ecdsa-sha2-nistp384``" msgstr "``ecdsa-sha2-nistp384``" -#: ../../configuration/system/login.rst:73 +#: ../../configuration/system/login.rst:77 msgid "``ecdsa-sha2-nistp521``" msgstr "``ecdsa-sha2-nistp521``" @@ -18440,7 +19839,7 @@ msgstr "``ecdsa-sha2-nistp521``" msgid "``edp`` - Listen for EDP for Extreme routers/switches" msgstr "``edp`` - Listen for EDP for Extreme routers/switches" -#: ../../configuration/vpn/ipsec.rst:145 +#: ../../configuration/vpn/ipsec.rst:148 msgid "``enable`` Inherit Diffie-Hellman group from IKE group (default);" msgstr "``enable`` Inherit Diffie-Hellman group from IKE group (default);" @@ -18452,11 +19851,11 @@ msgstr "``enable`` enable IPComp compression;" msgid "``enable`` enable MOBIKE (default for IKEv2);" msgstr "``enable`` enable MOBIKE (default for IKEv2);" -#: ../../configuration/vpn/ipsec.rst:103 +#: ../../configuration/vpn/ipsec.rst:105 msgid "``encryption`` encryption algorithm;" msgstr "``encryption`` encryption algorithm;" -#: ../../configuration/vpn/ipsec.rst:153 +#: ../../configuration/vpn/ipsec.rst:156 msgid "``encryption`` encryption algorithm (default 128 bit AES-CBC);" msgstr "``encryption`` encryption algorithm (default 128 bit AES-CBC);" @@ -18468,7 +19867,7 @@ msgstr "``end`` Matches the end of the URL path." msgid "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" msgstr "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" -#: ../../configuration/vpn/site2site_ipsec.rst:149 +#: ../../configuration/vpn/site2site_ipsec.rst:152 msgid "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." msgstr "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." @@ -18488,11 +19887,11 @@ msgstr "``file`` - path to the key file;" msgid "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/ipsec.rst:164 +#: ../../configuration/vpn/ipsec.rst:168 msgid "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/site2site_ipsec.rst:97 +#: ../../configuration/vpn/site2site_ipsec.rst:94 msgid "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" @@ -18500,7 +19899,7 @@ msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagr msgid "``g`` - 802.11g - 54 Mbits/sec (default)" msgstr "``g`` - 802.11g - 54 Mbits/sec (default)" -#: ../../configuration/policy/route-map.rst:367 +#: ../../configuration/policy/route-map.rst:370 msgid "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" @@ -18508,11 +19907,11 @@ msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL msgid "``h`` - Execution interval in hours" msgstr "``h`` - Execution interval in hours" -#: ../../configuration/vpn/ipsec.rst:105 +#: ../../configuration/vpn/ipsec.rst:107 msgid "``hash`` hash algorithm." msgstr "``hash`` hash algorithm." -#: ../../configuration/vpn/ipsec.rst:155 +#: ../../configuration/vpn/ipsec.rst:158 msgid "``hash`` hash algorithm (default sha1)." msgstr "``hash`` hash algorithm (default sha1)." @@ -18536,23 +19935,23 @@ msgstr "``ht40-`` - Both 20 MHz and 40 MHz with secondary channel below the prim msgid "``hvc0`` - Xen console" msgstr "``hvc0`` - Xen console" -#: ../../configuration/vpn/site2site_ipsec.rst:25 +#: ../../configuration/vpn/site2site_ipsec.rst:26 msgid "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" msgstr "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" -#: ../../configuration/vpn/site2site_ipsec.rst:101 +#: ../../configuration/vpn/site2site_ipsec.rst:98 msgid "``ike-group`` - IKE group to use for key exchanges;" msgstr "``ike-group`` - IKE group to use for key exchanges;" -#: ../../configuration/vpn/ipsec.rst:82 +#: ../../configuration/vpn/ipsec.rst:84 msgid "``ikev1`` use IKEv1 for Key Exchange;" msgstr "``ikev1`` use IKEv1 for Key Exchange;" -#: ../../configuration/vpn/site2site_ipsec.rst:103 +#: ../../configuration/vpn/site2site_ipsec.rst:100 msgid "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" msgstr "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" -#: ../../configuration/vpn/ipsec.rst:73 +#: ../../configuration/vpn/ipsec.rst:75 msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." @@ -18560,7 +19959,7 @@ msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticat msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" -#: ../../configuration/vpn/ipsec.rst:84 +#: ../../configuration/vpn/ipsec.rst:86 msgid "``ikev2`` use IKEv2 for Key Exchange;" msgstr "``ikev2`` use IKEv2 for Key Exchange;" @@ -18568,23 +19967,27 @@ msgstr "``ikev2`` use IKEv2 for Key Exchange;" msgid "``in``: Ruleset for forwarded packets on an inbound interface" msgstr "``in``: Ruleset for forwarded packets on an inbound interface" -#: ../../configuration/vpn/site2site_ipsec.rst:75 +#: ../../configuration/vpn/site2site_ipsec.rst:72 msgid "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" msgstr "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" -#: ../../configuration/vpn/ipsec.rst:166 +#: ../../configuration/system/option.rst:50 +msgid "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" +msgstr "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" + +#: ../../configuration/vpn/ipsec.rst:170 msgid "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" msgstr "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" -#: ../../configuration/pki/index.rst:148 +#: ../../configuration/pki/index.rst:150 msgid "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." msgstr "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." -#: ../../configuration/policy/route-map.rst:366 +#: ../../configuration/policy/route-map.rst:369 msgid "``internet`` - Well-known communities value 0" msgstr "``internet`` - Well-known communities value 0" -#: ../../configuration/vpn/ipsec.rst:69 +#: ../../configuration/vpn/ipsec.rst:71 msgid "``interval`` keep-alive interval in seconds <2-86400> (default 30);" msgstr "``interval`` keep-alive interval in seconds <2-86400> (default 30);" @@ -18602,7 +20005,7 @@ msgstr "``jump``: jump to another custom chain." msgid "``kernel`` - Kernel routes" msgstr "``kernel`` - Kernel routes" -#: ../../configuration/vpn/ipsec.rst:78 +#: ../../configuration/vpn/ipsec.rst:80 msgid "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" msgstr "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" @@ -18610,7 +20013,7 @@ msgstr "``key-exchange`` which protocol should be used to initialize the connect msgid "``key`` - a private key, which will be used for authenticating local router on remote peer:" msgstr "``key`` - a private key, which will be used for authenticating local router on remote peer:" -#: ../../configuration/system/option.rst:107 +#: ../../configuration/system/option.rst:137 msgid "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." msgstr "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." @@ -18622,19 +20025,19 @@ msgstr "``least-connection`` Distributes requests to the server with the fewest msgid "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" msgstr "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" -#: ../../configuration/vpn/ipsec.rst:125 +#: ../../configuration/vpn/ipsec.rst:128 msgid "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" msgstr "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:128 +#: ../../configuration/vpn/ipsec.rst:131 msgid "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" msgstr "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:131 +#: ../../configuration/vpn/ipsec.rst:134 msgid "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" msgstr "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" -#: ../../configuration/vpn/ipsec.rst:86 +#: ../../configuration/vpn/ipsec.rst:88 msgid "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" @@ -18642,22 +20045,26 @@ msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgid "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" -#: ../../configuration/policy/route-map.rst:373 +#: ../../configuration/policy/route-map.rst:376 msgid "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" msgstr "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" -#: ../../configuration/vpn/site2site_ipsec.rst:107 +#: ../../configuration/vpn/site2site_ipsec.rst:104 msgid "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" msgstr "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" -#: ../../configuration/policy/route-map.rst:363 +#: ../../configuration/policy/route-map.rst:366 msgid "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" msgstr "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" -#: ../../configuration/vpn/site2site_ipsec.rst:31 +#: ../../configuration/vpn/site2site_ipsec.rst:32 msgid "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" msgstr "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:50 +msgid "``local-key`` - name of PKI key-pair with local private key" +msgstr "``local-key`` - name of PKI key-pair with local private key" + #: ../../configuration/firewall/general-legacy.rst:753 msgid "``local``: Ruleset for packets destined for this router" msgstr "``local``: Ruleset for packets destined for this router" @@ -18674,7 +20081,7 @@ msgstr "``m`` - Execution interval in minutes" msgid "``main`` Routing table used by VyOS and other interfaces not participating in PBR" msgstr "``main`` Routing table used by VyOS and other interfaces not participating in PBR" -#: ../../configuration/vpn/ipsec.rst:93 +#: ../../configuration/vpn/ipsec.rst:95 msgid "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" @@ -18682,19 +20089,23 @@ msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommen msgid "``message``: Full message that has triggered the script." msgstr "``message``: Full message that has triggered the script." +#: ../../configuration/system/option.rst:40 +msgid "``mitigations=off``" +msgstr "``mitigations=off``" + #: ../../configuration/vpn/ipsec.rst:92 msgid "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" msgstr "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" -#: ../../configuration/vpn/site2site_ipsec.rst:35 +#: ../../configuration/vpn/site2site_ipsec.rst:36 msgid "``mode`` - mode for authentication between VyOS and remote peer:" msgstr "``mode`` - mode for authentication between VyOS and remote peer:" -#: ../../configuration/vpn/ipsec.rst:91 +#: ../../configuration/vpn/ipsec.rst:93 msgid "``mode`` IKEv1 Phase 1 Mode Selection:" msgstr "``mode`` IKEv1 Phase 1 Mode Selection:" -#: ../../configuration/vpn/ipsec.rst:136 +#: ../../configuration/vpn/ipsec.rst:139 msgid "``mode`` the type of the connection:" msgstr "``mode`` the type of the connection:" @@ -18758,19 +20169,19 @@ msgstr "``net.ipv6.conf.all.accept_redirects``" msgid "``net.ipv6.conf.all.accept_source_route``" msgstr "``net.ipv6.conf.all.accept_source_route``" -#: ../../configuration/policy/route-map.rst:364 +#: ../../configuration/policy/route-map.rst:367 msgid "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" msgstr "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" -#: ../../configuration/policy/route-map.rst:365 +#: ../../configuration/policy/route-map.rst:368 msgid "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" msgstr "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" -#: ../../configuration/policy/route-map.rst:374 +#: ../../configuration/policy/route-map.rst:377 msgid "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" msgstr "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" -#: ../../configuration/policy/route-map.rst:377 +#: ../../configuration/policy/route-map.rst:380 msgid "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" msgstr "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" @@ -18782,7 +20193,7 @@ msgstr "``no`` disable remote host re-authenticaton during an IKE rekey;" msgid "``none`` - Execution interval in minutes" msgstr "``none`` - Execution interval in minutes" -#: ../../configuration/vpn/site2site_ipsec.rst:85 +#: ../../configuration/vpn/site2site_ipsec.rst:82 msgid "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." msgstr "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." @@ -18798,7 +20209,7 @@ msgstr "``noselect`` marks the server as unused, except for display purposes. Th msgid "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" msgstr "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" -#: ../../configuration/vpn/ipsec.rst:160 +#: ../../configuration/vpn/ipsec.rst:164 msgid "``options``" msgstr "``options``" @@ -18814,11 +20225,19 @@ msgstr "``ospfv3`` - Open Shortest Path First (IPv6) (OSPFv3)" msgid "``out``: Ruleset for forwarded packets on an outbound interface" msgstr "``out``: Ruleset for forwarded packets on an outbound interface" +#: ../../configuration/vpn/site2site_ipsec.rst:54 +msgid "``passphrase`` - local private key passphrase" +msgstr "``passphrase`` - local private key passphrase" + +#: ../../configuration/vpn/site2site_ipsec.rst:67 +msgid "``passphrase`` - private key passphrase, if needed." +msgstr "``passphrase`` - private key passphrase, if needed." + #: ../../configuration/vpn/site2site_ipsec.rst:70 msgid "``password`` - passphrase private key, if needed." msgstr "``password`` - passphrase private key, if needed." -#: ../../configuration/pki/index.rst:163 +#: ../../configuration/pki/index.rst:165 msgid "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." @@ -18826,7 +20245,7 @@ msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer msgid "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." msgstr "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." -#: ../../configuration/vpn/ipsec.rst:142 +#: ../../configuration/vpn/ipsec.rst:145 msgid "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" msgstr "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" @@ -18835,11 +20254,11 @@ msgid "``pool`` mobilizes persistent client mode association with a number of re msgstr "``pool`` mobilizes persistent client mode association with a number of remote servers." #: ../../configuration/vpn/site2site_ipsec.rst:126 -#: ../../configuration/vpn/site2site_ipsec.rst:136 +#: ../../configuration/vpn/site2site_ipsec.rst:139 msgid "``port`` - define port. Have effect only when used together with ``prefix``;" msgstr "``port`` - define port. Have effect only when used together with ``prefix``;" -#: ../../configuration/vpn/site2site_ipsec.rst:37 +#: ../../configuration/vpn/site2site_ipsec.rst:38 msgid "``pre-shared-secret`` - use predefined shared secret phrase;" msgstr "``pre-shared-secret`` - use predefined shared secret phrase;" @@ -18851,27 +20270,35 @@ msgstr "``prefer`` marks the server as preferred. All other things being equal, msgid "``prefix`` - IP network at local side." msgstr "``prefix`` - IP network at local side." -#: ../../configuration/vpn/site2site_ipsec.rst:138 +#: ../../configuration/vpn/site2site_ipsec.rst:141 msgid "``prefix`` - IP network at remote side." msgstr "``prefix`` - IP network at remote side." -#: ../../configuration/vpn/ipsec.rst:107 +#: ../../configuration/vpn/ipsec.rst:109 msgid "``prf`` pseudo-random function." msgstr "``prf`` pseudo-random function." -#: ../../configuration/vpn/ipsec.rst:151 +#: ../../configuration/vpn/site2site_ipsec.rst:130 +msgid "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" +msgstr "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" + +#: ../../configuration/system/option.rst:51 +msgid "``processor.max_cstate=1`` Limit processor to maximum C-state 1" +msgstr "``processor.max_cstate=1`` Limit processor to maximum C-state 1" + +#: ../../configuration/vpn/ipsec.rst:154 msgid "``proposal`` ESP-group proposal with number <1-65535>:" msgstr "``proposal`` ESP-group proposal with number <1-65535>:" -#: ../../configuration/vpn/ipsec.rst:99 +#: ../../configuration/vpn/ipsec.rst:101 msgid "``proposal`` the list of proposals and their parameters:" msgstr "``proposal`` the list of proposals and their parameters:" -#: ../../configuration/vpn/site2site_ipsec.rst:130 +#: ../../configuration/vpn/site2site_ipsec.rst:133 msgid "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" msgstr "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" -#: ../../configuration/vpn/site2site_ipsec.rst:21 +#: ../../configuration/vpn/site2site_ipsec.rst:22 msgid "``psk`` - Preshared secret key name:" msgstr "``psk`` - Preshared secret key name:" @@ -18890,7 +20317,7 @@ msgstr "``rate``: Number of packets. Default 5." msgid "``reject``: reject the packet." msgstr "``reject``: reject the packet." -#: ../../configuration/vpn/site2site_ipsec.rst:111 +#: ../../configuration/vpn/site2site_ipsec.rst:108 msgid "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." @@ -18898,10 +20325,18 @@ msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. msgid "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" msgstr "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" -#: ../../configuration/vpn/site2site_ipsec.rst:133 +#: ../../configuration/vpn/site2site_ipsec.rst:52 +msgid "``remote-key`` - name of PKI key-pair with remote public key" +msgstr "``remote-key`` - name of PKI key-pair with remote public key" + +#: ../../configuration/vpn/site2site_ipsec.rst:136 msgid "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" msgstr "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" +#: ../../configuration/vpn/site2site_ipsec.rst:113 +msgid "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" +msgstr "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" + #: ../../configuration/loadbalancing/reverse-proxy.rst:64 msgid "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" @@ -18910,10 +20345,14 @@ msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgid "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" msgstr "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" -#: ../../configuration/vpn/site2site_ipsec.rst:80 +#: ../../configuration/vpn/site2site_ipsec.rst:77 msgid "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." msgstr "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." +#: ../../configuration/vpn/ipsec.rst:68 +msgid "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" +msgstr "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" + #: ../../configuration/vpn/ipsec.rst:54 #: ../../configuration/vpn/ipsec.rst:67 msgid "``restart`` set action to restart;" @@ -18941,19 +20380,19 @@ msgstr "``round-robin`` - Round-robin policy: Transmit packets in sequential ord msgid "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" msgstr "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" -#: ../../configuration/policy/route-map.rst:369 +#: ../../configuration/policy/route-map.rst:372 msgid "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" msgstr "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" -#: ../../configuration/policy/route-map.rst:371 +#: ../../configuration/policy/route-map.rst:374 msgid "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" msgstr "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" -#: ../../configuration/policy/route-map.rst:370 +#: ../../configuration/policy/route-map.rst:373 msgid "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" msgstr "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" -#: ../../configuration/policy/route-map.rst:372 +#: ../../configuration/policy/route-map.rst:375 msgid "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" @@ -18961,11 +20400,19 @@ msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FI msgid "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" +#: ../../configuration/vpn/site2site_ipsec.rst:48 +msgid "``rsa`` - options for RSA authentication mode:" +msgstr "``rsa`` - options for RSA authentication mode:" + +#: ../../configuration/vpn/site2site_ipsec.rst:40 +msgid "``rsa`` - use simple shared RSA key." +msgstr "``rsa`` - use simple shared RSA key." + #: ../../configuration/vpn/site2site_ipsec.rst:39 msgid "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" -#: ../../configuration/vpn/site2site_ipsec.rst:27 +#: ../../configuration/vpn/site2site_ipsec.rst:28 msgid "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" msgstr "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" @@ -18978,10 +20425,13 @@ msgid "``set firewall ipv4 forward filter ...``." msgstr "``set firewall ipv4 forward filter ...``." #: ../../configuration/firewall/index.rst:54 -#: ../../configuration/firewall/index.rst:72 msgid "``set firewall ipv4 input filter ...``." msgstr "``set firewall ipv4 input filter ...``." +#: ../../configuration/firewall/index.rst:72 +msgid "``set firewall ipv4 output filter ...``." +msgstr "``set firewall ipv4 output filter ...``." + #: ../../configuration/firewall/index.rst:63 msgid "``set firewall ipv6 forward filter ...``." msgstr "``set firewall ipv6 forward filter ...``." @@ -19010,19 +20460,19 @@ msgstr "``sonmp`` - Listen for SONMP for Nortel routers/switches" msgid "``source-address`` Distributes requests based on the source IP address of the client" msgstr "``source-address`` Distributes requests based on the source IP address of the client" -#: ../../configuration/system/login.rst:74 +#: ../../configuration/system/login.rst:78 msgid "``ssh-dss``" msgstr "``ssh-dss``" -#: ../../configuration/system/login.rst:75 +#: ../../configuration/system/login.rst:79 msgid "``ssh-ed25519``" msgstr "``ssh-ed25519``" -#: ../../configuration/system/login.rst:49 +#: ../../configuration/system/login.rst:53 msgid "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" msgstr "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" -#: ../../configuration/system/login.rst:76 +#: ../../configuration/system/login.rst:80 msgid "``ssh-rsa``" msgstr "``ssh-rsa``" @@ -19034,6 +20484,10 @@ msgstr "``ssl-fc-sni-end`` SSL frontend match end of connection Server Name" msgid "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" msgstr "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" +#: ../../configuration/vpn/ipsec.rst:54 +msgid "``start`` tries to immediately re-create the CHILD_SA;" +msgstr "``start`` tries to immediately re-create the CHILD_SA;" + #: ../../configuration/policy/route-map.rst:173 msgid "``static`` - Statically configured routes" msgstr "``static`` - Statically configured routes" @@ -19083,11 +20537,11 @@ msgstr "``test-script``: A user defined script must return 0 to be considered su msgid "``threshold``: ``below`` or ``above`` the specified rate limit." msgstr "``threshold``: ``below`` or ``above`` the specified rate limit." -#: ../../configuration/system/option.rst:97 +#: ../../configuration/system/option.rst:127 msgid "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." msgstr "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." -#: ../../configuration/vpn/ipsec.rst:71 +#: ../../configuration/vpn/ipsec.rst:73 msgid "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" @@ -19095,10 +20549,18 @@ msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 msgid "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." msgstr "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." -#: ../../configuration/vpn/ipsec.rst:140 +#: ../../configuration/vpn/ipsec.rst:143 msgid "``transport`` transport mode;" msgstr "``transport`` transport mode;" +#: ../../configuration/vpn/ipsec.rst:63 +msgid "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" +msgstr "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" + +#: ../../configuration/vpn/ipsec.rst:52 +msgid "``trap`` installs a trap policy for the CHILD_SA;" +msgstr "``trap`` installs a trap policy for the CHILD_SA;" + #: ../../configuration/loadbalancing/wan.rst:179 msgid "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" msgstr "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" @@ -19115,7 +20577,7 @@ msgstr "``ttyUSBX`` - USB Serial device name" msgid "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" msgstr "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" -#: ../../configuration/vpn/ipsec.rst:138 +#: ../../configuration/vpn/ipsec.rst:141 msgid "``tunnel`` tunnel mode (default);" msgstr "``tunnel`` tunnel mode (default);" @@ -19123,11 +20585,11 @@ msgstr "``tunnel`` tunnel mode (default);" msgid "``type``: Specify the type of test. type can be ping, ttl or a user defined script" msgstr "``type``: Specify the type of test. type can be ping, ttl or a user defined script" -#: ../../configuration/vpn/site2site_ipsec.rst:51 +#: ../../configuration/vpn/site2site_ipsec.rst:56 msgid "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" msgstr "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" -#: ../../configuration/vpn/site2site_ipsec.rst:152 +#: ../../configuration/vpn/site2site_ipsec.rst:155 msgid "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." msgstr "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." @@ -19135,7 +20597,7 @@ msgstr "``virtual-address`` - Defines a virtual IP address which is requested by msgid "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." msgstr "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." -#: ../../configuration/vpn/ipsec.rst:168 +#: ../../configuration/vpn/ipsec.rst:172 msgid "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." @@ -19143,11 +20605,11 @@ msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated l msgid "``vnc`` - Virtual Network Control (VNC)" msgstr "``vnc`` - Virtual Network Control (VNC)" -#: ../../configuration/vpn/site2site_ipsec.rst:140 +#: ../../configuration/vpn/site2site_ipsec.rst:143 msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" -#: ../../configuration/vpn/site2site_ipsec.rst:54 +#: ../../configuration/vpn/site2site_ipsec.rst:59 msgid "``x509`` - options for x509 authentication mode:" msgstr "``x509`` - options for x509 authentication mode:" @@ -19163,10 +20625,26 @@ msgstr "``xor-hash`` - XOR policy: Transmit based on the selected transmit hash msgid "``yes`` enable remote host re-authentication during an IKE rekey;" msgstr "``yes`` enable remote host re-authentication during an IKE rekey;" -#: ../../configuration/system/option.rst:39 +#: ../../configuration/service/ntp.rst:90 +msgid "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." +msgstr "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." + +#: ../../configuration/service/ntp.rst:94 +msgid "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." +msgstr "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." + +#: ../../configuration/system/option.rst:69 msgid "`source-address` and `source-interface` can not be used at the same time." msgstr "`source-address` and `source-interface` can not be used at the same time." +#: ../../configuration/service/ntp.rst:102 +msgid "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." +msgstr "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." + +#: ../../configuration/service/ntp.rst:107 +msgid "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" +msgstr "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" + #: ../../configuration/protocols/rpki.rst:12 msgid "`tweet by EvilMog`_, 2020-02-21" msgstr "`tweet by EvilMog`_, 2020-02-21" @@ -19194,7 +20672,7 @@ msgstr "alert" msgid "all" msgstr "all" -#: ../../configuration/vrf/index.rst:428 +#: ../../configuration/vrf/index.rst:447 msgid "an RD / RTLIST" msgstr "an RD / RTLIST" @@ -19234,23 +20712,23 @@ msgstr "bgpd" msgid "bonding" msgstr "bonding" -#: ../../configuration/service/dhcp-server.rst:305 +#: ../../configuration/service/dhcp-server.rst:311 msgid "boot-size" msgstr "boot-size" -#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:304 msgid "bootfile-name" msgstr "bootfile-name" -#: ../../configuration/service/dhcp-server.rst:300 +#: ../../configuration/service/dhcp-server.rst:306 msgid "bootfile-name, filename" msgstr "bootfile-name, filename" -#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:294 msgid "bootfile-server" msgstr "bootfile-server" -#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:309 msgid "bootfile-size" msgstr "bootfile-size" @@ -19258,7 +20736,7 @@ msgstr "bootfile-size" msgid "bridge" msgstr "bridge" -#: ../../configuration/service/dhcp-server.rst:236 +#: ../../configuration/service/dhcp-server.rst:242 msgid "client-prefix-length" msgstr "client-prefix-length" @@ -19286,15 +20764,19 @@ msgstr "cron" msgid "daemon" msgstr "daemon" -#: ../../configuration/service/dns.rst:384 +#: ../../configuration/service/dns.rst:405 msgid "ddclient_ has another way to determine the WAN IP address. This is controlled by:" msgstr "ddclient_ has another way to determine the WAN IP address. This is controlled by:" -#: ../../configuration/service/dns.rst:218 +#: ../../configuration/service/dns.rst:232 msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." -#: ../../configuration/service/dns.rst:413 +#: ../../configuration/service/dns.rst:205 +msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." +msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." + +#: ../../configuration/service/dns.rst:415 msgid "ddclient_ will skip any address located before the string set in `<pattern>`." msgstr "ddclient_ will skip any address located before the string set in `<pattern>`." @@ -19306,7 +20788,7 @@ msgstr "debug" msgid "decrement-lifetime" msgstr "decrement-lifetime" -#: ../../configuration/service/dhcp-server.rst:335 +#: ../../configuration/service/dhcp-server.rst:341 msgid "default-lease-time, max-lease-time" msgstr "default-lease-time, max-lease-time" @@ -19318,7 +20800,7 @@ msgstr "default-lifetime" msgid "default-preference" msgstr "default-preference" -#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:254 msgid "default-router" msgstr "default-router" @@ -19330,15 +20812,15 @@ msgstr "default min-threshold" msgid "deprecate-prefix" msgstr "deprecate-prefix" -#: ../../configuration/highavailability/index.rst:354 +#: ../../configuration/highavailability/index.rst:364 msgid "destination-hashing" msgstr "destination-hashing" -#: ../../configuration/service/dhcp-server.rst:285 +#: ../../configuration/service/dhcp-server.rst:291 msgid "dhcp-server-identifier" msgstr "dhcp-server-identifier" -#: ../../configuration/highavailability/index.rst:364 +#: ../../configuration/highavailability/index.rst:374 msgid "direct" msgstr "direct" @@ -19356,17 +20838,17 @@ msgstr "disable: No source validation" msgid "dnssl" msgstr "dnssl" -#: ../../configuration/service/dhcp-server.rst:263 -#: ../../configuration/service/dhcp-server.rst:265 +#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:271 msgid "domain-name" msgstr "domain-name" -#: ../../configuration/service/dhcp-server.rst:260 +#: ../../configuration/service/dhcp-server.rst:266 msgid "domain-name-servers" msgstr "domain-name-servers" -#: ../../configuration/service/dhcp-server.rst:318 -#: ../../configuration/service/dhcp-server.rst:320 +#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:326 msgid "domain-search" msgstr "domain-search" @@ -19402,11 +20884,11 @@ msgstr "ethernet" msgid "exact-match: exact match of the network prefixes." msgstr "exact-match: exact match of the network prefixes." -#: ../../configuration/service/dhcp-server.rst:343 +#: ../../configuration/service/dhcp-server.rst:349 msgid "exclude" msgstr "exclude" -#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:354 msgid "failover" msgstr "failover" @@ -19418,8 +20900,8 @@ msgstr "fast: Request partner to transmit LACPDUs every 1 second" msgid "file <file name>" msgstr "file <file name>" -#: ../../configuration/protocols/bgp.rst:826 -#: ../../configuration/protocols/bgp.rst:832 +#: ../../configuration/protocols/bgp.rst:848 +#: ../../configuration/protocols/bgp.rst:854 msgid "filter-list" msgstr "filter-list" @@ -19431,6 +20913,10 @@ msgstr "ftp" msgid "full - always use full-duplex" msgstr "full - always use full-duplex" +#: ../../configuration/service/router-advert.rst:16 +msgid "geneve" +msgstr "geneve" + #: ../../configuration/interfaces/ethernet.rst:32 msgid "half - always use half-duplex" msgstr "half - always use half-duplex" @@ -19443,7 +20929,7 @@ msgstr "hop-limit" msgid "host: single host IP address to match." msgstr "host: single host IP address to match." -#: ../../configuration/system/option.rst:89 +#: ../../configuration/system/option.rst:119 msgid "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" msgstr "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" @@ -19475,8 +20961,8 @@ msgstr "invalid" msgid "inverse-match: network/netmask to match (requires network be defined)." msgstr "inverse-match: network/netmask to match (requires network be defined)." -#: ../../configuration/service/dhcp-server.rst:268 -#: ../../configuration/service/dhcp-server.rst:270 +#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:276 msgid "ip-forwarding" msgstr "ip-forwarding" @@ -19496,7 +20982,7 @@ msgstr "it does not increase hardware device interrupt rate (although it does in msgid "kern" msgstr "kern" -#: ../../configuration/service/router-advert.rst:16 +#: ../../configuration/service/router-advert.rst:17 msgid "l2tpv3" msgstr "l2tpv3" @@ -19504,27 +20990,27 @@ msgstr "l2tpv3" msgid "ldpd" msgstr "ldpd" -#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:339 msgid "lease" msgstr "lease" -#: ../../configuration/highavailability/index.rst:351 +#: ../../configuration/highavailability/index.rst:361 msgid "least-connection" msgstr "least-connection" -#: ../../configuration/vpn/site2site_ipsec.rst:275 +#: ../../configuration/vpn/site2site_ipsec.rst:278 msgid "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" msgstr "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" -#: ../../configuration/vpn/site2site_ipsec.rst:167 +#: ../../configuration/vpn/site2site_ipsec.rst:170 msgid "left local_ip: `198.51.100.3` # server side WAN IP" msgstr "left local_ip: `198.51.100.3` # server side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:276 +#: ../../configuration/vpn/site2site_ipsec.rst:279 msgid "left public_ip:172.18.201.10" msgstr "left public_ip:172.18.201.10" -#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:168 msgid "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" msgstr "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" @@ -19592,7 +21078,7 @@ msgstr "local use 5 (local5)" msgid "local use 7 (local7)" msgstr "local use 7 (local7)" -#: ../../configuration/highavailability/index.rst:355 +#: ../../configuration/highavailability/index.rst:365 msgid "locality-based-least-connection" msgstr "locality-based-least-connection" @@ -19666,12 +21152,12 @@ msgstr "more information related IGP - :ref:`routing-isis`" msgid "more information related IGP - :ref:`routing-ospf`" msgstr "more information related IGP - :ref:`routing-ospf`" -#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:264 #: ../../configuration/service/router-advert.rst:1 msgid "name-server" msgstr "name-server" -#: ../../configuration/service/dhcp-server.rst:280 +#: ../../configuration/service/dhcp-server.rst:286 msgid "netbios-name-servers" msgstr "netbios-name-servers" @@ -19687,7 +21173,7 @@ msgstr "network: network/netmask to match (requires inverse-match be defined) BU msgid "news" msgstr "news" -#: ../../configuration/service/dhcp-server.rst:290 +#: ../../configuration/service/dhcp-server.rst:296 msgid "next-server" msgstr "next-server" @@ -19711,11 +21197,11 @@ msgstr "notice" msgid "ntp" msgstr "ntp" -#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:279 msgid "ntp-server" msgstr "ntp-server" -#: ../../configuration/service/dhcp-server.rst:275 +#: ../../configuration/service/dhcp-server.rst:281 msgid "ntp-servers" msgstr "ntp-servers" @@ -19723,7 +21209,7 @@ msgstr "ntp-servers" msgid "one rule with a LAN (inbound-interface) and the WAN (interface)." msgstr "one rule with a LAN (inbound-interface) and the WAN (interface)." -#: ../../configuration/service/router-advert.rst:17 +#: ../../configuration/service/router-advert.rst:18 msgid "openvpn" msgstr "openvpn" @@ -19763,8 +21249,8 @@ msgstr "policy extcommunity-list" msgid "policy large-community-list" msgstr "policy large-community-list" -#: ../../configuration/service/dhcp-server.rst:313 -#: ../../configuration/service/dhcp-server.rst:315 +#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:321 msgid "pop-server" msgstr "pop-server" @@ -19772,17 +21258,17 @@ msgstr "pop-server" msgid "preferred-lifetime" msgstr "preferred-lifetime" -#: ../../configuration/protocols/bgp.rst:827 -#: ../../configuration/protocols/bgp.rst:831 +#: ../../configuration/protocols/bgp.rst:849 +#: ../../configuration/protocols/bgp.rst:853 msgid "prefix-list, distribute-list" msgstr "prefix-list, distribute-list" -#: ../../configuration/service/router-advert.rst:18 +#: ../../configuration/service/router-advert.rst:19 msgid "pseudo-ethernet" msgstr "pseudo-ethernet" -#: ../../configuration/service/dhcp-server.rst:338 -#: ../../configuration/service/dhcp-server.rst:340 +#: ../../configuration/service/dhcp-server.rst:344 +#: ../../configuration/service/dhcp-server.rst:346 msgid "range" msgstr "range" @@ -19790,7 +21276,7 @@ msgstr "range" msgid "reachable-time" msgstr "reachable-time" -#: ../../configuration/system/ip.rst:82 +#: ../../configuration/system/ip.rst:95 msgid "reset commands" msgstr "reset commands" @@ -19798,7 +21284,7 @@ msgstr "reset commands" msgid "retrans-timer" msgstr "retrans-timer" -#: ../../configuration/service/dhcp-server.rst:325 +#: ../../configuration/service/dhcp-server.rst:331 msgid "rfc3442-static-route, windows-static-route" msgstr "rfc3442-static-route, windows-static-route" @@ -19806,15 +21292,15 @@ msgstr "rfc3442-static-route, windows-static-route" msgid "rfc3768-compatibility" msgstr "rfc3768-compatibility" -#: ../../configuration/vpn/site2site_ipsec.rst:277 +#: ../../configuration/vpn/site2site_ipsec.rst:280 msgid "right local_ip: 172.18.202.10 # right side WAN IP" msgstr "right local_ip: 172.18.202.10 # right side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:169 +#: ../../configuration/vpn/site2site_ipsec.rst:172 msgid "right local_ip: `203.0.113.2` # remote office side WAN IP" msgstr "right local_ip: `203.0.113.2` # remote office side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:168 +#: ../../configuration/vpn/site2site_ipsec.rst:171 msgid "right subnet: `10.0.0.0/24` site2,remote office side" msgstr "right subnet: `10.0.0.0/24` site2,remote office side" @@ -19822,16 +21308,16 @@ msgstr "right subnet: `10.0.0.0/24` site2,remote office side" msgid "ripd" msgstr "ripd" -#: ../../configuration/highavailability/index.rst:349 +#: ../../configuration/highavailability/index.rst:359 msgid "round-robin" msgstr "round-robin" -#: ../../configuration/protocols/bgp.rst:825 -#: ../../configuration/protocols/bgp.rst:833 +#: ../../configuration/protocols/bgp.rst:847 +#: ../../configuration/protocols/bgp.rst:855 msgid "route-map" msgstr "route-map" -#: ../../configuration/service/dhcp-server.rst:250 +#: ../../configuration/service/dhcp-server.rst:256 msgid "routers" msgstr "routers" @@ -19848,7 +21334,7 @@ msgstr "sFlow is a technology that enables monitoring of network traffic by send msgid "security" msgstr "security" -#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:289 msgid "server-identifier" msgstr "server-identifier" @@ -19865,11 +21351,11 @@ msgstr "set a destination and/or source address. Accepted input:" msgid "sha256 Hashes" msgstr "sha256 Hashes" -#: ../../configuration/system/ip.rst:50 +#: ../../configuration/system/ip.rst:63 msgid "show commands" msgstr "show commands" -#: ../../configuration/service/dhcp-server.rst:289 +#: ../../configuration/service/dhcp-server.rst:295 msgid "siaddr" msgstr "siaddr" @@ -19877,8 +21363,8 @@ msgstr "siaddr" msgid "slow: Request partner to transmit LACPDUs every 30 seconds" msgstr "slow: Request partner to transmit LACPDUs every 30 seconds" -#: ../../configuration/service/dhcp-server.rst:308 -#: ../../configuration/service/dhcp-server.rst:310 +#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:316 msgid "smtp-server" msgstr "smtp-server" @@ -19886,7 +21372,7 @@ msgstr "smtp-server" msgid "software filters can easily be added to hash over new protocols," msgstr "software filters can easily be added to hash over new protocols," -#: ../../configuration/highavailability/index.rst:353 +#: ../../configuration/highavailability/index.rst:363 msgid "source-hashing" msgstr "source-hashing" @@ -19898,11 +21384,11 @@ msgstr "spoke01-spoke04" msgid "spoke05" msgstr "spoke05" -#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:359 msgid "static-mapping" msgstr "static-mapping" -#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:329 msgid "static-route" msgstr "static-route" @@ -19912,7 +21398,7 @@ msgstr "static-route" msgid "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." msgstr "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." -#: ../../configuration/service/dhcp-server.rst:238 +#: ../../configuration/service/dhcp-server.rst:244 msgid "subnet-mask" msgstr "subnet-mask" @@ -19928,8 +21414,8 @@ msgstr "tail" msgid "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." msgstr "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." -#: ../../configuration/service/dhcp-server.rst:293 -#: ../../configuration/service/dhcp-server.rst:295 +#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:301 msgid "tftp-server-name" msgstr "tftp-server-name" @@ -19938,21 +21424,21 @@ msgstr "tftp-server-name" msgid "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." msgstr "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." -#: ../../configuration/service/dhcp-server.rst:242 -#: ../../configuration/service/dhcp-server.rst:244 +#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:250 msgid "time-offset" msgstr "time-offset" -#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:259 msgid "time-server" msgstr "time-server" -#: ../../configuration/service/dhcp-server.rst:255 +#: ../../configuration/service/dhcp-server.rst:261 msgid "time-servers" msgstr "time-servers" -#: ../../configuration/highavailability/index.rst:365 -#: ../../configuration/service/router-advert.rst:19 +#: ../../configuration/highavailability/index.rst:375 +#: ../../configuration/service/router-advert.rst:20 msgid "tunnel" msgstr "tunnel" @@ -19984,7 +21470,7 @@ msgstr "valid-lifetime" msgid "veth interfaces need to be created in pairs - it's called the peer name" msgstr "veth interfaces need to be created in pairs - it's called the peer name" -#: ../../configuration/service/router-advert.rst:20 +#: ../../configuration/service/router-advert.rst:21 msgid "vxlan" msgstr "vxlan" @@ -19996,11 +21482,11 @@ msgstr "warning" msgid "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." msgstr "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." -#: ../../configuration/highavailability/index.rst:352 +#: ../../configuration/highavailability/index.rst:362 msgid "weighted-least-connection" msgstr "weighted-least-connection" -#: ../../configuration/highavailability/index.rst:350 +#: ../../configuration/highavailability/index.rst:360 msgid "weighted-round-robin" msgstr "weighted-round-robin" @@ -20008,15 +21494,15 @@ msgstr "weighted-round-robin" msgid "while a *byte* is written as a single **b**." msgstr "while a *byte* is written as a single **b**." -#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:284 msgid "wins-server" msgstr "wins-server" -#: ../../configuration/service/router-advert.rst:21 +#: ../../configuration/service/router-advert.rst:22 msgid "wireguard" msgstr "wireguard" -#: ../../configuration/service/router-advert.rst:22 +#: ../../configuration/service/router-advert.rst:23 msgid "wireless" msgstr "wireless" @@ -20024,15 +21510,15 @@ msgstr "wireless" msgid "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." msgstr "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." -#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:334 msgid "wpad-url" msgstr "wpad-url" -#: ../../configuration/service/dhcp-server.rst:330 +#: ../../configuration/service/dhcp-server.rst:336 msgid "wpad-url, wpad-url code 252 = text" msgstr "wpad-url, wpad-url code 252 = text" -#: ../../configuration/service/router-advert.rst:23 +#: ../../configuration/service/router-advert.rst:24 msgid "wwan" msgstr "wwan" diff --git a/docs/_locale/ja/contributing.pot b/docs/_locale/ja/contributing.pot index dbf06213..f7fb379e 100644 --- a/docs/_locale/ja/contributing.pot +++ b/docs/_locale/ja/contributing.pot @@ -207,6 +207,10 @@ msgstr "Bad: radius (unless it's about the distance between a center of a circle msgid "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." msgstr "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +#: ../../contributing/debugging.rst:160 +msgid "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +msgstr "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." + #: ../../contributing/debugging.rst:170 msgid "Boot Timing" msgstr "Boot Timing" @@ -884,6 +888,10 @@ msgid "Our StrongSWAN build differs from the upstream:" msgstr "Our StrongSWAN build differs from the upstream:" #: ../../contributing/testing.rst:20 +msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." +msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." + +#: ../../contributing/testing.rst:20 msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." @@ -924,6 +932,10 @@ msgstr "Please submit your patches using the well-known GitHub pull-request agai msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." +#: ../../contributing/development.rst:254 +msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." +msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." + #: ../../contributing/testing.rst:104 msgid "Port description" msgstr "Port description" @@ -1017,6 +1029,10 @@ msgstr "Smoketests executes predefined VyOS CLI commands and checks if the desir msgid "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." msgstr "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +#: ../../contributing/testing.rst:45 +msgid "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +msgstr "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." + #: ../../contributing/build-vyos.rst:202 msgid "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." msgstr "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." @@ -1198,6 +1214,10 @@ msgid "The package ends up in deb_dist dir." msgstr "The package ends up in deb_dist dir." #: ../../contributing/debugging.rst:148 +msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" +msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" + +#: ../../contributing/debugging.rst:148 msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" @@ -1314,10 +1334,18 @@ msgid "To debug issues in priorities or to see what's going on in the background msgstr "To debug issues in priorities or to see what's going on in the background you can use the ``/opt/vyatta/sbin/priority.pl`` script which lists to you the execution order of the scripts." #: ../../contributing/build-vyos.rst:373 +msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" +msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" + +#: ../../contributing/build-vyos.rst:373 msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" #: ../../contributing/debugging.rst:182 +msgid "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" +msgstr "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" + +#: ../../contributing/debugging.rst:182 msgid "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" msgstr "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" @@ -1409,6 +1437,10 @@ msgstr "Virtualization Platforms" msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." +#: ../../contributing/debugging.rst:190 +msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." +msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." + #: ../../contributing/build-vyos.rst:168 msgid "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." msgstr "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." @@ -1485,6 +1517,10 @@ msgstr "When you are able to verify that it is actually a bug, spend some time t msgid "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." msgstr "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +#: ../../contributing/testing.rst:109 +msgid "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +msgstr "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." + #: ../../contributing/issues-features.rst:21 msgid "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." msgstr "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." @@ -1550,6 +1586,10 @@ msgstr "You have your own custom kernel `*.deb` packages in the `packages` folde msgid "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." msgstr "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +#: ../../contributing/debugging.rst:166 +msgid "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +msgstr "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." + #: ../../contributing/development.rst:146 msgid "You then can proceed with cloning your fork or add a new remote to your local repository:" msgstr "You then can proceed with cloning your fork or add a new remote to your local repository:" @@ -1666,6 +1706,10 @@ msgstr "commit:expression:" msgid "contine execution using ``cont``" msgstr "contine execution using ``cont``" +#: ../../contributing/debugging.rst:128 +msgid "continue execution using ``cont``" +msgstr "continue execution using ``cont``" + #: ../../contributing/development.rst:675 msgid "default:" msgstr "default:" diff --git a/docs/_locale/ja/copyright.pot b/docs/_locale/ja/copyright.pot index d64e38c0..75aafda9 100644 --- a/docs/_locale/ja/copyright.pot +++ b/docs/_locale/ja/copyright.pot @@ -13,6 +13,10 @@ msgid "Copyright Notice" msgstr "Copyright Notice" #: ../../copyright.md:3 +msgid "Copyright (C) 2018-2023 VyOS maintainers and contributors" +msgstr "Copyright (C) 2018-2023 VyOS maintainers and contributors" + +#: ../../copyright.md:3 msgid "Copyright (C) 2018-2024 VyOS maintainers and contributors" msgstr "Copyright (C) 2018-2024 VyOS maintainers and contributors" diff --git a/docs/_locale/ja/documentation.pot b/docs/_locale/ja/documentation.pot index 6b2b8401..073e9254 100644 --- a/docs/_locale/ja/documentation.pot +++ b/docs/_locale/ja/documentation.pot @@ -8,27 +8,47 @@ msgstr "" "Language: ja\n" "Plural-Forms: nplurals=1; plural=0;\n" -#: ../../documentation.rst:239 +#: ../../documentation.rst:216 msgid "16bit ASN: ``64496 - 64511``" msgstr "16bit ASN: ``64496 - 64511``" -#: ../../documentation.rst:240 +#: ../../documentation.rst:84 +msgid "1. Theoretical information" +msgstr "1. Theoretical information" + +#: ../../documentation.rst:92 +msgid "2. Configuration description" +msgstr "2. Configuration description" + +#: ../../documentation.rst:217 msgid "32bit ASN: ``65536 - 65551``" msgstr "32bit ASN: ``65536 - 65551``" -#: ../../documentation.rst:182 +#: ../../documentation.rst:99 +msgid "3. Configuration examples" +msgstr "3. Configuration examples" + +#: ../../documentation.rst:105 +msgid "4. Known issues" +msgstr "4. Known issues" + +#: ../../documentation.rst:113 +msgid "5. Debugging" +msgstr "5. Debugging" + +#: ../../documentation.rst:159 msgid "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." msgstr "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." -#: ../../documentation.rst:103 +#: ../../documentation.rst:408 msgid "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." msgstr "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." -#: ../../documentation.rst:229 +#: ../../documentation.rst:206 msgid "Address space" msgstr "Address space" -#: ../../documentation.rst:390 +#: ../../documentation.rst:58 msgid "All RST files must follow the same TOC Level syntax and have to start with" msgstr "All RST files must follow the same TOC Level syntax and have to start with" @@ -36,7 +56,7 @@ msgstr "All RST files must follow the same TOC Level syntax and have to start wi msgid "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." msgstr "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." -#: ../../documentation.rst:53 +#: ../../documentation.rst:51 msgid "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." msgstr "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." @@ -48,23 +68,23 @@ msgstr "Anything else" msgid "Anything else that is not a configuration or an operation command has no predefined structure." msgstr "Anything else that is not a configuration or an operation command has no predefined structure." -#: ../../documentation.rst:257 +#: ../../documentation.rst:234 msgid "Autolinter" msgstr "Autolinter" -#: ../../documentation.rst:94 +#: ../../documentation.rst:399 msgid "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." msgstr "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." -#: ../../documentation.rst:123 +#: ../../documentation.rst:428 msgid "Check your configured remote repositories:" msgstr "Check your configured remote repositories:" -#: ../../documentation.rst:78 +#: ../../documentation.rst:383 msgid "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" msgstr "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" -#: ../../documentation.rst:107 +#: ../../documentation.rst:412 msgid "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." msgstr "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." @@ -72,55 +92,67 @@ msgstr "Commit your changes with the message, ``$ git commit -m \"<commit messag msgid "Configuration mode pages" msgstr "Configuration mode pages" -#: ../../documentation.rst:84 +#: ../../documentation.rst:389 msgid "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" msgstr "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" -#: ../../documentation.rst:180 +#: ../../documentation.rst:157 msgid "Cross-References" msgstr "Cross-References" -#: ../../documentation.rst:268 +#: ../../documentation.rst:245 msgid "Custom Sphinx-doc Markup" msgstr "Custom Sphinx-doc Markup" -#: ../../documentation.rst:270 +#: ../../documentation.rst:247 msgid "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." msgstr "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." -#: ../../documentation.rst:45 +#: ../../documentation.rst:94 +msgid "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." +msgstr "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." + +#: ../../documentation.rst:115 +msgid "Described procedures for debugging a service:" +msgstr "Described procedures for debugging a service:" + +#: ../../documentation.rst:43 msgid "Don't forget to update ``index.rst`` when adding a new node." msgstr "Don't forget to update ``index.rst`` when adding a new node." -#: ../../documentation.rst:259 +#: ../../documentation.rst:236 msgid "Each GitHub pull request is automatically linted to check the address space and line length." msgstr "Each GitHub pull request is automatically linted to check the address space and line length." -#: ../../documentation.rst:252 +#: ../../documentation.rst:81 +msgid "Each page must contain the following parts:" +msgstr "Each page must contain the following parts:" + +#: ../../documentation.rst:229 msgid "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." msgstr "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." -#: ../../documentation.rst:292 +#: ../../documentation.rst:269 msgid "For an inline configuration level command, use ``:cfgcmd:``" msgstr "For an inline configuration level command, use ``:cfgcmd:``" -#: ../../documentation.rst:328 +#: ../../documentation.rst:305 msgid "For an inline operational level command, use ``:opcmd:``" msgstr "For an inline operational level command, use ``:opcmd:``" -#: ../../documentation.rst:186 +#: ../../documentation.rst:163 msgid "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." msgstr "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." -#: ../../documentation.rst:405 +#: ../../documentation.rst:70 msgid "For example:" msgstr "For example:" -#: ../../documentation.rst:76 +#: ../../documentation.rst:381 msgid "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" msgstr "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" -#: ../../documentation.rst:58 +#: ../../documentation.rst:363 msgid "Forking Workflow" msgstr "Forking Workflow" @@ -128,6 +160,10 @@ msgstr "Forking Workflow" msgid "Formating and Sphinxmarkup" msgstr "Formating and Sphinxmarkup" +#: ../../documentation.rst:127 +msgid "Formatting and Sphinxmarkup" +msgstr "Formatting and Sphinxmarkup" + #: ../../documentation.rst:432 msgid "General concepts for troubleshooting and detailed process descriptions belong here." msgstr "General concepts for troubleshooting and detailed process descriptions belong here." @@ -140,7 +176,7 @@ msgstr "Guidelines" msgid "If there some troubleshooting guides related to the commands. Explain it in the next optional part." msgstr "If there some troubleshooting guides related to the commands. Explain it in the next optional part." -#: ../../documentation.rst:143 +#: ../../documentation.rst:448 msgid "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" msgstr "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" @@ -152,43 +188,43 @@ msgstr "If you are willing to contribute to our documentation this is the defini msgid "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." msgstr "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." -#: ../../documentation.rst:417 +#: ../../documentation.rst:75 msgid "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." msgstr "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." -#: ../../documentation.rst:50 +#: ../../documentation.rst:48 msgid "Indent with two spaces." msgstr "Indent with two spaces." -#: ../../documentation.rst:81 +#: ../../documentation.rst:386 msgid "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" msgstr "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" -#: ../../documentation.rst:49 +#: ../../documentation.rst:47 msgid "Leave a newline before and after a header." msgstr "Leave a newline before and after a header." -#: ../../documentation.rst:250 +#: ../../documentation.rst:227 msgid "Limit all lines to a maximum of 80 characters." msgstr "Limit all lines to a maximum of 80 characters." -#: ../../documentation.rst:248 +#: ../../documentation.rst:225 msgid "Line length" msgstr "Line length" -#: ../../documentation.rst:87 +#: ../../documentation.rst:392 msgid "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." msgstr "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." -#: ../../documentation.rst:242 +#: ../../documentation.rst:219 msgid "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" msgstr "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" -#: ../../documentation.rst:231 +#: ../../documentation.rst:208 msgid "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" msgstr "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" -#: ../../documentation.rst:118 +#: ../../documentation.rst:423 msgid "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" msgstr "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" @@ -200,39 +236,43 @@ msgstr "Operation mode commands that do not fit in a related configuration mode msgid "Operation mode pages" msgstr "Operation mode pages" -#: ../../documentation.rst:385 +#: ../../documentation.rst:56 msgid "Page content" msgstr "Page content" -#: ../../documentation.rst:244 +#: ../../documentation.rst:221 msgid "Please do not use other public address space." msgstr "Please do not use other public address space." -#: ../../documentation.rst:47 +#: ../../documentation.rst:101 +msgid "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." +msgstr "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." + +#: ../../documentation.rst:45 msgid "Properly quote commands, filenames and brief code snippets with double backticks." msgstr "Properly quote commands, filenames and brief code snippets with double backticks." -#: ../../documentation.rst:112 +#: ../../documentation.rst:417 msgid "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" msgstr "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" -#: ../../documentation.rst:420 +#: ../../documentation.rst:78 msgid "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." msgstr "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." -#: ../../documentation.rst:262 +#: ../../documentation.rst:239 msgid "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." msgstr "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." -#: ../../documentation.rst:147 +#: ../../documentation.rst:124 msgid "Style Guide" msgstr "Style Guide" -#: ../../documentation.rst:114 +#: ../../documentation.rst:419 msgid "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." msgstr "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." -#: ../../documentation.rst:153 +#: ../../documentation.rst:130 msgid "TOC Level" msgstr "TOC Level" @@ -240,7 +280,7 @@ msgstr "TOC Level" msgid "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." msgstr "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." -#: ../../documentation.rst:60 +#: ../../documentation.rst:365 msgid "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." msgstr "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." @@ -248,7 +288,7 @@ msgstr "The Forking Workflow is fundamentally different from other popular Git w msgid "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." msgstr "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." -#: ../../documentation.rst:401 +#: ../../documentation.rst:66 msgid "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." msgstr "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." @@ -260,51 +300,59 @@ msgstr "The documentation has 3 different types of pages. The same kind of pages msgid "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." msgstr "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." -#: ../../documentation.rst:41 +#: ../../documentation.rst:39 msgid "The following is a quick summary of the rules:" msgstr "The following is a quick summary of the rules:" -#: ../../documentation.rst:66 +#: ../../documentation.rst:371 msgid "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." msgstr "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." -#: ../../documentation.rst:199 +#: ../../documentation.rst:176 msgid "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." msgstr "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." +#: ../../documentation.rst:86 +msgid "Theoretical information required for users to understand the next document sections:" +msgstr "Theoretical information required for users to understand the next document sections:" + #: ../../documentation.rst:35 msgid "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." msgstr "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." -#: ../../documentation.rst:299 +#: ../../documentation.rst:107 +msgid "This section must contain a list of:" +msgstr "This section must contain a list of:" + +#: ../../documentation.rst:276 msgid "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." msgstr "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." -#: ../../documentation.rst:337 +#: ../../documentation.rst:314 msgid "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." msgstr "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." -#: ../../documentation.rst:46 +#: ../../documentation.rst:44 msgid "Try not to exceed 80 characters per line, but don't break URLs over this." msgstr "Try not to exceed 80 characters per line, but don't break URLs over this." -#: ../../documentation.rst:241 +#: ../../documentation.rst:218 msgid "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" msgstr "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" -#: ../../documentation.rst:73 +#: ../../documentation.rst:378 msgid "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." msgstr "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." -#: ../../documentation.rst:43 +#: ../../documentation.rst:41 msgid "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." msgstr "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." -#: ../../documentation.rst:48 +#: ../../documentation.rst:46 msgid "Use literal blocks for longer snippets." msgstr "Use literal blocks for longer snippets." -#: ../../documentation.rst:99 +#: ../../documentation.rst:404 msgid "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." msgstr "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." @@ -312,35 +360,39 @@ msgstr "View modified files by calling ``$ git status``. You will get an overvie msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +#: ../../documentation.rst:20 +msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." + #: ../../documentation.rst:9 msgid "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." msgstr "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." -#: ../../documentation.rst:155 +#: ../../documentation.rst:132 msgid "We use the following syntax for Headlines." msgstr "We use the following syntax for Headlines." -#: ../../documentation.rst:277 +#: ../../documentation.rst:254 msgid "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." msgstr "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." -#: ../../documentation.rst:316 +#: ../../documentation.rst:293 msgid "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." msgstr "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." -#: ../../documentation.rst:51 +#: ../../documentation.rst:49 msgid "When in doubt, follow the style of existing documentation." msgstr "When in doubt, follow the style of existing documentation." -#: ../../documentation.rst:375 +#: ../../documentation.rst:352 msgid "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." msgstr "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." -#: ../../documentation.rst:319 +#: ../../documentation.rst:296 msgid "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." -#: ../../documentation.rst:282 +#: ../../documentation.rst:259 msgid "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." @@ -352,66 +404,98 @@ msgstr "Write Documentation" msgid "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." msgstr "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." -#: ../../documentation.rst:133 +#: ../../documentation.rst:29 +msgid "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." +msgstr "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." + +#: ../../documentation.rst:438 msgid "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." msgstr "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." -#: ../../documentation.rst:235 +#: ../../documentation.rst:212 msgid "``192.0.2.0/24``" msgstr "``192.0.2.0/24``" -#: ../../documentation.rst:236 +#: ../../documentation.rst:213 msgid "``198.51.100.0/24``" msgstr "``198.51.100.0/24``" -#: ../../documentation.rst:238 +#: ../../documentation.rst:215 msgid "``2001:db8::/32``" msgstr "``2001:db8::/32``" -#: ../../documentation.rst:237 +#: ../../documentation.rst:214 msgid "``203.0.113.0/24``" msgstr "``203.0.113.0/24``" -#: ../../documentation.rst:194 +#: ../../documentation.rst:171 msgid "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" msgstr "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" -#: ../../documentation.rst:190 +#: ../../documentation.rst:167 msgid "``:ref:`configuration/interfaces/ethernet:vlan``" msgstr "``:ref:`configuration/interfaces/ethernet:vlan``" -#: ../../documentation.rst:407 +#: ../../documentation.rst:72 msgid "``set firewall zone`` is written in ``firewall/zone.rst``" msgstr "``set firewall zone`` is written in ``firewall/zone.rst``" -#: ../../documentation.rst:408 +#: ../../documentation.rst:73 msgid "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" msgstr "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" -#: ../../documentation.rst:275 +#: ../../documentation.rst:88 +msgid "a simple explanation of what is this page about, why or when it is required to be used" +msgstr "a simple explanation of what is this page about, why or when it is required to be used" + +#: ../../documentation.rst:252 msgid "cfgcmd" msgstr "cfgcmd" -#: ../../documentation.rst:335 +#: ../../documentation.rst:312 msgid "cmdinclude" msgstr "cmdinclude" -#: ../../documentation.rst:197 +#: ../../documentation.rst:174 msgid "handle build errors" msgstr "handle build errors" -#: ../../documentation.rst:314 +#: ../../documentation.rst:117 +msgid "how to collect logs or other debugging information (like `show` commands output)" +msgstr "how to collect logs or other debugging information (like `show` commands output)" + +#: ../../documentation.rst:118 +msgid "how to read and what to search for in logs and collected information" +msgstr "how to read and what to search for in logs and collected information" + +#: ../../documentation.rst:109 +msgid "known issues or potential problems for the service or use case" +msgstr "known issues or potential problems for the service or use case" + +#: ../../documentation.rst:291 msgid "opcmd" msgstr "opcmd" -#: ../../documentation.rst:346 +#: ../../documentation.rst:89 +msgid "references to standards, RFCs" +msgstr "references to standards, RFCs" + +#: ../../documentation.rst:323 msgid "the content of interface-address.txt looks like this" msgstr "the content of interface-address.txt looks like this" -#: ../../documentation.rst:192 +#: ../../documentation.rst:169 msgid "to use an alternative hyperlink use it this way:" msgstr "to use an alternative hyperlink use it this way:" -#: ../../documentation.rst:373 +#: ../../documentation.rst:350 msgid "vytask" msgstr "vytask" + +#: ../../documentation.rst:119 +msgid "what are indicators of good and bad states in debugging outputs" +msgstr "what are indicators of good and bad states in debugging outputs" + +#: ../../documentation.rst:110 +msgid "workarounds for known issues (if any exist)" +msgstr "workarounds for known issues (if any exist)" diff --git a/docs/_locale/ja/installation.pot b/docs/_locale/ja/installation.pot index fab479b9..2b7831cd 100644 --- a/docs/_locale/ja/installation.pot +++ b/docs/_locale/ja/installation.pot @@ -212,6 +212,10 @@ msgstr "Add one or more routes for networks you want to pass through the VyOS VM msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." +#: ../../installation/cloud/aws.rst:27 +msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." +msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." + #: ../../installation/vyos-on-baremetal.rst:394 msgid "Advanced > Serial Port Console Redirection > Console Redirection Settings:" msgstr "Advanced > Serial Port Console Redirection > Console Redirection Settings:" @@ -465,6 +469,10 @@ msgstr "Clients (where VyOS is to be installed) with a PXE-enabled NIC" msgid "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." msgstr "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +#: ../../installation/cloud/aws.rst:88 +msgid "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +msgstr "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." + #: ../../installation/cloud/aws.rst:82 msgid "CloudWatch SSM Configuration creation" msgstr "CloudWatch SSM Configuration creation" @@ -1303,6 +1311,10 @@ msgstr "Requirements" msgid "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." msgstr "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +#: ../../installation/cloud/aws.rst:69 +msgid "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +msgstr "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." + #: ../../installation/install.rst:74 msgid "Rolling Release" msgstr "Rolling Release" diff --git a/docs/_locale/ja/quick-start.pot b/docs/_locale/ja/quick-start.pot index 1823bbf8..0a8e0385 100644 --- a/docs/_locale/ja/quick-start.pot +++ b/docs/_locale/ja/quick-start.pot @@ -101,6 +101,10 @@ msgid "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAG msgstr "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAGEMENT`` chain when new connections are addressed to port 22 (SSH) on the router itself:" #: ../../quick-start.rst:243 +msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." +msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." + +#: ../../quick-start.rst:243 msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." @@ -292,6 +296,10 @@ msgstr "To make firewall configuration easier, we can create groups of interface msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." +#: ../../quick-start.rst:164 +msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." +msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." + #: ../../quick-start.rst:90 msgid "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" msgstr "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" diff --git a/docs/_locale/pt/LC_MESSAGES/automation.mo b/docs/_locale/pt/LC_MESSAGES/automation.mo Binary files differindex e9c17d9e..ac458b9b 100644 --- a/docs/_locale/pt/LC_MESSAGES/automation.mo +++ b/docs/_locale/pt/LC_MESSAGES/automation.mo diff --git a/docs/_locale/pt/LC_MESSAGES/cli.mo b/docs/_locale/pt/LC_MESSAGES/cli.mo Binary files differindex eebe0051..2c519fba 100644 --- a/docs/_locale/pt/LC_MESSAGES/cli.mo +++ b/docs/_locale/pt/LC_MESSAGES/cli.mo diff --git a/docs/_locale/pt/LC_MESSAGES/configexamples.mo b/docs/_locale/pt/LC_MESSAGES/configexamples.mo Binary files differindex dff77ff7..04dee701 100644 --- a/docs/_locale/pt/LC_MESSAGES/configexamples.mo +++ b/docs/_locale/pt/LC_MESSAGES/configexamples.mo diff --git a/docs/_locale/pt/LC_MESSAGES/configuration.mo b/docs/_locale/pt/LC_MESSAGES/configuration.mo Binary files differindex d048c623..a36cc7f4 100644 --- a/docs/_locale/pt/LC_MESSAGES/configuration.mo +++ b/docs/_locale/pt/LC_MESSAGES/configuration.mo diff --git a/docs/_locale/pt/LC_MESSAGES/contributing.mo b/docs/_locale/pt/LC_MESSAGES/contributing.mo Binary files differindex 45d920c0..22ccd3a9 100644 --- a/docs/_locale/pt/LC_MESSAGES/contributing.mo +++ b/docs/_locale/pt/LC_MESSAGES/contributing.mo diff --git a/docs/_locale/pt/LC_MESSAGES/copyright.mo b/docs/_locale/pt/LC_MESSAGES/copyright.mo Binary files differindex 68bcfd08..092931ce 100644 --- a/docs/_locale/pt/LC_MESSAGES/copyright.mo +++ b/docs/_locale/pt/LC_MESSAGES/copyright.mo diff --git a/docs/_locale/pt/LC_MESSAGES/documentation.mo b/docs/_locale/pt/LC_MESSAGES/documentation.mo Binary files differindex f7c88653..33a908be 100644 --- a/docs/_locale/pt/LC_MESSAGES/documentation.mo +++ b/docs/_locale/pt/LC_MESSAGES/documentation.mo diff --git a/docs/_locale/pt/LC_MESSAGES/installation.mo b/docs/_locale/pt/LC_MESSAGES/installation.mo Binary files differindex ccb5df93..b94e98d8 100644 --- a/docs/_locale/pt/LC_MESSAGES/installation.mo +++ b/docs/_locale/pt/LC_MESSAGES/installation.mo diff --git a/docs/_locale/pt/LC_MESSAGES/quick-start.mo b/docs/_locale/pt/LC_MESSAGES/quick-start.mo Binary files differindex 7bbab8c6..50f024af 100644 --- a/docs/_locale/pt/LC_MESSAGES/quick-start.mo +++ b/docs/_locale/pt/LC_MESSAGES/quick-start.mo diff --git a/docs/_locale/pt/automation.pot b/docs/_locale/pt/automation.pot index 92be3d32..1f130019 100644 --- a/docs/_locale/pt/automation.pot +++ b/docs/_locale/pt/automation.pot @@ -8,6 +8,51 @@ msgstr "" "Language: pt\n" "Plural-Forms: nplurals=2; plural=(n>=0 && n<=1) ? 0 : 1;\n" +#: ../../automation/terraform/index.rst:15 +msgid "# terraformAZ # terraformvSphere # terraformGoogle" +msgstr "# terraformAZ # terraformvSphere # terraformGoogle" + +#: ../../automation/vyos-terraform.rst:707 +msgid "#az login" +msgstr "#az login" + +#: ../../automation/vyos-terraform.rst:261 +#: ../../automation/vyos-terraform.rst:283 +#: ../../automation/vyos-terraform.rst:711 +#: ../../automation/vyos-terraform.rst:731 +#: ../../automation/vyos-terraform.rst:1008 +#: ../../automation/vyos-terraform.rst:1029 +msgid "#cd /your folder" +msgstr "#cd /your folder" + +#: ../../automation/vyos-terraform.rst:287 +#: ../../automation/vyos-terraform.rst:735 +#: ../../automation/vyos-terraform.rst:1033 +msgid "#terraform apply" +msgstr "#terraform apply" + +#: ../../automation/vyos-terraform.rst:263 +#: ../../automation/vyos-terraform.rst:713 +#: ../../automation/vyos-terraform.rst:1010 +msgid "#terraform init" +msgstr "#terraform init" + +#: ../../automation/vyos-terraform.rst:285 +#: ../../automation/vyos-terraform.rst:733 +#: ../../automation/vyos-terraform.rst:1031 +msgid "#terraform plan" +msgstr "#terraform plan" + +#: ../../automation/vyos-terraform.rst:289 +#: ../../automation/vyos-terraform.rst:737 +#: ../../automation/vyos-terraform.rst:1035 +msgid "#yes" +msgstr "#yes" + +#: ../../automation/cloud-init.rst:363 +msgid "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." +msgstr "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." + #: ../../automation/cloud-init.rst:363 msgid "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." msgstr "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." @@ -32,11 +77,11 @@ msgstr "**user-data**: includes vyos-commands." msgid "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" msgstr "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" -#: ../../automation/vyos-api.rst:322 +#: ../../automation/vyos-api.rst:323 msgid "/config-file" msgstr "/config-file" -#: ../../automation/vyos-api.rst:265 +#: ../../automation/vyos-api.rst:266 msgid "/configure" msgstr "/configure" @@ -68,10 +113,239 @@ msgstr "/retrieve" msgid "/show" msgstr "/show" +#: ../../automation/vyos-terraform.rst:993 +msgid "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" +msgstr "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:61 +msgid "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/vyos-terraform.rst:692 +msgid "1.1 Create an account with Azure" +msgstr "1.1 Create an account with Azure" + +#: ../../automation/vyos-terraform.rst:243 +msgid "1.2 Create a key pair and download your .pem key" +msgstr "1.2 Create a key pair and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:63 +msgid "1.2 Create a key pair_ and download your .pem key" +msgstr "1.2 Create a key pair_ and download your .pem key" + +#: ../../automation/vyos-terraform.rst:245 +msgid "1.3 Create a security group for the new VyOS instance" +msgstr "1.3 Create a security group for the new VyOS instance" + +#: ../../automation/terraform/terraformAWS.rst:70 +msgid "1.3 Create a security group_ for the new VyOS instance and open all traffic" +msgstr "1.3 Create a security group_ for the new VyOS instance and open all traffic" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + +#: ../../automation/terraform/terraformAWS.rst:266 +msgid "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." +msgstr "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." + +#: ../../automation/terraform/terraformvSphere.rst:23 +msgid "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" +msgstr "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:77 +#: ../../automation/terraform/terraformAZ.rst:54 +#: ../../automation/terraform/terraformvSphere.rst:53 +msgid "1 Create an UNIX instance whenever you want (local, cloud, and so on)" +msgstr "1 Create an UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:54 +#: ../../automation/terraform/terraformAZ.rst:26 +#: ../../automation/terraform/terraformvSphere.rst:29 +msgid "1 Create an UNIX or Windows instance" +msgstr "1 Create an UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:29 +msgid "1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/terraform/terraformAZ.rst:21 +msgid "1 Create an account with Azure" +msgstr "1 Create an account with Azure" + +#: ../../automation/terraform/terraformAWS.rst:86 +msgid "2.1 Create a0 UNIX or Windows instance" +msgstr "2.1 Create a0 UNIX or Windows instance" + +#: ../../automation/vyos-terraform.rst:250 +#: ../../automation/vyos-terraform.rst:697 +#: ../../automation/vyos-terraform.rst:998 +msgid "2.1 Create a UNIX or Windows instance" +msgstr "2.1 Create a UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:88 +msgid "2.2 Download and install Terraform" +msgstr "2.2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:90 +msgid "2.3 Create the folder for example /root/awsterraform" +msgstr "2.3 Create the folder for example /root/awsterraform" + +#: ../../automation/vyos-terraform.rst:254 +msgid "2.3 Create the folder for example ../awsvyos/" +msgstr "2.3 Create the folder for example ../awsvyos/" + +#: ../../automation/vyos-terraform.rst:701 +msgid "2.3 Create the folder for example ../azvyos/" +msgstr "2.3 Create the folder for example ../azvyos/" + +#: ../../automation/vyos-terraform.rst:1002 +msgid "2.3 Create the folder for example ../vsphere/" +msgstr "2.3 Create the folder for example ../vsphere/" + +#: ../../automation/vyos-terraform.rst:1004 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project" + +#: ../../automation/vyos-terraform.rst:703 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" + +#: ../../automation/terraform/terraformAWS.rst:96 +msgid "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" +msgstr "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" + +#: ../../automation/vyos-terraform.rst:256 +msgid "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" +msgstr "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" + +#: ../../automation/vyos-terraform.rst:705 +msgid "2.5 Login with Azure using the command" +msgstr "2.5 Login with Azure using the command" + +#: ../../automation/terraform/terraformAWS.rst:98 +msgid "2.5 Type the commands :" +msgstr "2.5 Type the commands :" + +#: ../../automation/terraform/terraformAZ.rst:44 +msgid "2.6 Type the commands :" +msgstr "2.6 Type the commands :" + +#: ../../automation/terraform/terraformAWS.rst:31 +msgid "2 Create a key pair_ and download your .pem key" +msgstr "2 Create a key pair_ and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:79 +#: ../../automation/terraform/terraformAZ.rst:56 +#: ../../automation/terraform/terraformvSphere.rst:55 +msgid "2 Download and install Ansible" +msgstr "2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:56 +#: ../../automation/terraform/terraformAZ.rst:28 +#: ../../automation/terraform/terraformvSphere.rst:31 +msgid "2 Download and install Terraform" +msgstr "2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:270 +msgid "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" +msgstr "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" + +#: ../../automation/vyos-terraform.rst:268 +#: ../../automation/vyos-terraform.rst:718 +#: ../../automation/vyos-terraform.rst:1016 +msgid "3.1 Create a UNIX instance" +msgstr "3.1 Create a UNIX instance" + +#: ../../automation/terraform/terraformAWS.rst:109 +msgid "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" +msgstr "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:111 +msgid "3.2 Download and install Ansible" +msgstr "3.2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:113 +msgid "3.3 Create the folder for example /root/aws/" +msgstr "3.3 Create the folder for example /root/aws/" + +#: ../../automation/vyos-terraform.rst:722 +msgid "3.3 Create the folder for example /root/az/" +msgstr "3.3 Create the folder for example /root/az/" + +#: ../../automation/vyos-terraform.rst:1020 +msgid "3.3 Create the folder for example /root/vsphere/" +msgstr "3.3 Create the folder for example /root/vsphere/" + +#: ../../automation/vyos-terraform.rst:274 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" + +#: ../../automation/vyos-terraform.rst:724 +#: ../../automation/vyos-terraform.rst:1022 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" + +#: ../../automation/terraform/terraformAWS.rst:115 +msgid "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAWS.rst:81 +msgid "3 Create the folder for example /root/aws/" +msgstr "3 Create the folder for example /root/aws/" + +#: ../../automation/terraform/terraformAWS.rst:58 +msgid "3 Create the folder for example /root/awsterraform" +msgstr "3 Create the folder for example /root/awsterraform" + +#: ../../automation/terraform/terraformAZ.rst:58 +msgid "3 Create the folder for example /root/az/" +msgstr "3 Create the folder for example /root/az/" + +#: ../../automation/terraform/terraformAZ.rst:30 +msgid "3 Create the folder for example /root/azvyos/" +msgstr "3 Create the folder for example /root/azvyos/" + +#: ../../automation/terraform/terraformvSphere.rst:33 +msgid "3 Create the folder for example /root/vsphereterraform" +msgstr "3 Create the folder for example /root/vsphereterraform" + +#: ../../automation/terraform/terraformvSphere.rst:57 +msgid "3 Create the folder for example /root/vsphereterraform/" +msgstr "3 Create the folder for example /root/vsphereterraform/" + +#: ../../automation/terraform/terraformAWS.rst:123 +msgid "4.1 Type the commands on your Terrafom instance:" +msgstr "4.1 Type the commands on your Terrafom instance:" + +#: ../../automation/terraform/terraformAWS.rst:83 +msgid "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAZ.rst:60 +msgid "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" +msgstr "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" + +#: ../../automation/terraform/terraformvSphere.rst:59 +msgid "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" +msgstr "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" + #: ../../automation/vyos-api.rst:41 msgid "API Endpoints" msgstr "API Endpoints" +#: ../../automation/terraform/terraformAWS.rst:26 +msgid "AWS" +msgstr "AWS" + +#: ../../automation/vyos-terraform.rst:233 +msgid "AWS_terraform_ansible_single_vyos_instance" +msgstr "AWS_terraform_ansible_single_vyos_instance" + +#: ../../automation/cloud-init.rst:270 +msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." +msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." + #: ../../automation/cloud-init.rst:270 msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." @@ -92,18 +366,43 @@ msgstr "A single-quote symbol is not allowed inside command or value." msgid "Accept minion key" msgstr "Accept minion key" +#: ../../automation/terraform/terraformAWS.rst:255 +msgid "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformAZ.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformvSphere.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + #: ../../automation/vyos-api.rst:15 msgid "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." msgstr "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." +#: ../../automation/terraform/terraformAWS.rst:539 +#: ../../automation/terraform/terraformAZ.rst:484 +#: ../../automation/terraform/terraformvSphere.rst:397 +msgid "All files about the article can be found here_" +msgstr "All files about the article can be found here_" + #: ../../automation/cloud-init.rst:115 msgid "All of these can be overridden using the configuration in user-data." msgstr "All of these can be overridden using the configuration in user-data." +#: ../../automation/terraform/terraformAWS.rst:267 +msgid "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + #: ../../automation/cloud-init.rst:256 msgid "Also, this lab considers:" msgstr "Also, this lab considers:" +#: ../../automation/terraform/terraformAWS.rst:74 +#: ../../automation/terraform/terraformAZ.rst:51 +#: ../../automation/terraform/terraformvSphere.rst:50 #: ../../automation/vyos-ansible.rst:6 msgid "Ansible" msgstr "Ansible" @@ -121,6 +420,15 @@ msgstr "At this step we can get some op-mode information from VyOS nodes:" msgid "Authentication" msgstr "Authentication" +#: ../../automation/terraform/terraformAZ.rst:19 +msgid "Azure" +msgstr "Azure" + +#: ../../automation/vyos-terraform.rst:684 +#: ../../automation/vyos-terraform.rst:985 +msgid "Azure_terraform_ansible_single_vyos_instance" +msgstr "Azure_terraform_ansible_single_vyos_instance" + #: ../../automation/cloud-init.rst:241 msgid "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." msgstr "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." @@ -186,34 +494,38 @@ msgstr "Configuration" msgid "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" msgstr "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" -#: ../../automation/vyos-pyvyos.rst:94 +#: ../../automation/vyos-pyvyos.rst:102 msgid "Configure, then Delete Object" msgstr "Configure, then Delete Object" -#: ../../automation/vyos-pyvyos.rst:141 +#: ../../automation/vyos-pyvyos.rst:149 msgid "Configure, then Load File" msgstr "Configure, then Load File" -#: ../../automation/vyos-pyvyos.rst:101 +#: ../../automation/vyos-pyvyos.rst:109 msgid "Configure, then Save" msgstr "Configure, then Save" -#: ../../automation/vyos-pyvyos.rst:108 +#: ../../automation/vyos-pyvyos.rst:116 msgid "Configure, then Save File" msgstr "Configure, then Save File" -#: ../../automation/vyos-pyvyos.rst:68 +#: ../../automation/vyos-pyvyos.rst:76 msgid "Configure, then Set" msgstr "Configure, then Set" -#: ../../automation/vyos-pyvyos.rst:85 +#: ../../automation/vyos-pyvyos.rst:93 msgid "Configure, then Show Object" msgstr "Configure, then Show Object" -#: ../../automation/vyos-pyvyos.rst:77 +#: ../../automation/vyos-pyvyos.rst:85 msgid "Configure, then Show a Single Object Value" msgstr "Configure, then Show a Single Object Value" +#: ../../automation/terraform/index.rst:5 +msgid "Content" +msgstr "Content" + #: ../../automation/vyos-napalm.rst:89 msgid "Content of commands.conf" msgstr "Content of commands.conf" @@ -242,6 +554,30 @@ msgstr "Custom scripts are not executed with root privileges (Use sudo inside if msgid "DHCP on first Ethernet interface if no network configuration is provided." msgstr "DHCP on first Ethernet interface if no network configuration is provided." +#: ../../automation/terraform/terraformAWS.rst:6 +msgid "Deploying VyOS in the AWS cloud" +msgstr "Deploying VyOS in the AWS cloud" + +#: ../../automation/terraform/terraformAZ.rst:6 +msgid "Deploying VyOS in the Azure cloud" +msgstr "Deploying VyOS in the Azure cloud" + +#: ../../automation/terraform/terraformvSphere.rst:6 +msgid "Deploying VyOS in the vSphere infrastructure" +msgstr "Deploying VyOS in the vSphere infrastructure" + +#: ../../automation/terraform/terraformAWS.rst:39 +msgid "Deploying vyos in the AWS cloud" +msgstr "Deploying vyos in the AWS cloud" + +#: ../../automation/vyos-terraform.rst:299 +msgid "Deploying vyos in the Azure cloud" +msgstr "Deploying vyos in the Azure cloud" + +#: ../../automation/vyos-terraform.rst:742 +msgid "Deploying vyos in the Vsphere infrastructia" +msgstr "Deploying vyos in the Vsphere infrastructia" + #: ../../automation/vyos-netmiko.rst:12 msgid "Example" msgstr "Example" @@ -274,11 +610,39 @@ msgstr "Executing pre-hooks/post-hooks Scripts" msgid "File contents" msgstr "File contents" +#: ../../automation/terraform/terraformAWS.rst:476 +msgid "File contents of Ansible for AWS" +msgstr "File contents of Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:426 +msgid "File contents of Ansible for Azure" +msgstr "File contents of Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:338 +msgid "File contents of Ansible for vSphere" +msgstr "File contents of Ansible for vSphere" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "File contents of Terrafom for AWS" +msgstr "File contents of Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:93 +msgid "File contents of Terrafom for Azure" +msgstr "File contents of Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:96 +msgid "File contents of Terrafom for vSphere" +msgstr "File contents of Terrafom for vSphere" + #: ../../automation/cloud-init.rst:284 msgid "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" msgstr "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" #: ../../automation/cloud-init.rst:347 +msgid "Finally, file **meta-data** has no content, but it's required." +msgstr "Finally, file **meta-data** has no content, but it's required." + +#: ../../automation/cloud-init.rst:347 msgid "Finaly, file **meta-data** has no content, but it's required." msgstr "Finaly, file **meta-data** has no content, but it's required." @@ -306,7 +670,11 @@ msgstr "For more information on the NoCloud data source, visit its `page <https: msgid "From cli or GUI, power on VM, and after it boots, verify configuration" msgstr "From cli or GUI, power on VM, and after it boots, verify configuration" -#: ../../automation/vyos-pyvyos.rst:123 +#: ../../automation/terraform/terraformvyos.rst:26 +msgid "General commands that we will use for running Terraform scripts" +msgstr "General commands that we will use for running Terraform scripts" + +#: ../../automation/vyos-pyvyos.rst:131 msgid "Generate Object" msgstr "Generate Object" @@ -314,7 +682,7 @@ msgstr "Generate Object" msgid "Generate qcow image" msgstr "Generate qcow image" -#: ../../automation/vyos-pyvyos.rst:24 +#: ../../automation/vyos-pyvyos.rst:32 msgid "Getting Started" msgstr "Getting Started" @@ -326,6 +694,22 @@ msgstr "Here is a simple example:" msgid "Here is an example cloud-config that appends configuration at the time of first boot." msgstr "Here is an example cloud-config that appends configuration at the time of first boot." +#: ../../automation/terraform/terraformAWS.rst:23 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" + +#: ../../automation/terraform/terraformAZ.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" + +#: ../../automation/vyos-terraform.rst:987 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" + +#: ../../automation/terraform/terraformvSphere.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" + #: ../../automation/cloud-init.rst:377 msgid "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." msgstr "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." @@ -350,7 +734,7 @@ msgstr "If you need to gather information from linux commands to configure VyOS, msgid "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." msgstr "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." -#: ../../automation/vyos-pyvyos.rst:27 +#: ../../automation/vyos-pyvyos.rst:35 msgid "Importing and Disabling Warnings for verify=False" msgstr "Importing and Disabling Warnings for verify=False" @@ -362,6 +746,18 @@ msgstr "In Proxmox server three files are going to be used for this setup:" msgid "In VyOS, by default, enables only two modules:" msgstr "In VyOS, by default, enables only two modules:" +#: ../../automation/terraform/terraformAWS.rst:17 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." + #: ../../automation/cloud-init.rst:307 msgid "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" msgstr "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" @@ -374,7 +770,7 @@ msgstr "In this lab, we are using 1.3.0 VyOS version and setting a disk of 10G. msgid "Initial Configuration" msgstr "Initial Configuration" -#: ../../automation/vyos-pyvyos.rst:47 +#: ../../automation/vyos-pyvyos.rst:55 msgid "Initializing a VyDevice Object" msgstr "Initializing a VyDevice Object" @@ -386,7 +782,7 @@ msgstr "Injecting configuration data is not limited to cloud platforms. Users ca msgid "Install ``napalm-vyos`` module" msgstr "Install ``napalm-vyos`` module" -#: ../../automation/vyos-pyvyos.rst:15 +#: ../../automation/vyos-pyvyos.rst:23 msgid "Installation" msgstr "Installation" @@ -398,6 +794,10 @@ msgstr "It is possible to configure VyOS via netmiko_ proxy module. It requires msgid "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." msgstr "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." +#: ../../automation/terraform/terraformAWS.rst:282 +msgid "Make sure that Ansible is pinging from Terrafom." +msgstr "Make sure that Ansible is pinging from Terrafom." + #: ../../automation/cloud-init.rst:20 msgid "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." msgstr "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." @@ -410,6 +810,10 @@ msgstr "Most important keys that needs to be considered:" msgid "Napalm" msgstr "Napalm" +#: ../../automation/terraform/terraformvyos.rst:13 +msgid "Need to install_ Terraform" +msgstr "Need to install_ Terraform" + #: ../../automation/vyos-netmiko.rst:6 msgid "Netmiko" msgstr "Netmiko" @@ -418,6 +822,10 @@ msgstr "Netmiko" msgid "Netmiko-proxy" msgstr "Netmiko-proxy" +#: ../../automation/terraform/terraformAWS.rst:-1 +msgid "Network Topology Diagram" +msgstr "Network Topology Diagram" + #: ../../automation/cloud-init.rst:24 msgid "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." msgstr "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." @@ -431,6 +839,7 @@ msgid "NoCloud" msgstr "NoCloud" #: ../../automation/index.rst:6 +#: ../../automation/terraform/index.rst:6 msgid "Nornir" msgstr "Nornir" @@ -495,6 +904,18 @@ msgstr "Power on VM and verifications" msgid "Preconfig on boot" msgstr "Preconfig on boot" +#: ../../automation/terraform/terraformAWS.rst:21 +msgid "Preparation steps for deploying VyOS on AWS" +msgstr "Preparation steps for deploying VyOS on AWS" + +#: ../../automation/terraform/terraformAZ.rst:14 +msgid "Preparation steps for deploying VyOS on Azure" +msgstr "Preparation steps for deploying VyOS on Azure" + +#: ../../automation/terraform/terraformvSphere.rst:14 +msgid "Preparation steps for deploying VyOS on vSphere" +msgstr "Preparation steps for deploying VyOS on vSphere" + #: ../../automation/cloud-init.rst:296 msgid "Prepare cloud-init files" msgstr "Prepare cloud-init files" @@ -523,10 +944,14 @@ msgstr "References" msgid "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." msgstr "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." -#: ../../automation/vyos-pyvyos.rst:132 +#: ../../automation/vyos-pyvyos.rst:140 msgid "Reset Object" msgstr "Reset Object" +#: ../../automation/vyos-terraform.rst:22 +msgid "Run Terraform" +msgstr "Run Terraform" + #: ../../automation/vyos-ansible.rst:80 msgid "Run ansible" msgstr "Run ansible" @@ -555,11 +980,11 @@ msgstr "Salt" msgid "Salt master configuration:" msgstr "Salt master configuration:" -#: ../../automation/vyos-api.rst:344 +#: ../../automation/vyos-api.rst:345 msgid "Save a running configuration to a file." msgstr "Save a running configuration to a file." -#: ../../automation/vyos-api.rst:326 +#: ../../automation/vyos-api.rst:327 msgid "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." msgstr "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." @@ -571,7 +996,7 @@ msgstr "Script vyos-napalm.py" msgid "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." msgstr "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." -#: ../../automation/vyos-pyvyos.rst:115 +#: ../../automation/vyos-pyvyos.rst:123 msgid "Show Object" msgstr "Show Object" @@ -579,6 +1004,32 @@ msgstr "Show Object" msgid "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." msgstr "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." +#: ../../automation/command-scripting.rst:52 +msgid "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." +msgstr "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." + +#: ../../automation/terraform/terraformAWS.rst:537 +msgid "Sourse files for AWS from GIT" +msgstr "Sourse files for AWS from GIT" + +#: ../../automation/terraform/terraformAZ.rst:482 +msgid "Sourse files for Azure from GIT" +msgstr "Sourse files for Azure from GIT" + +#: ../../automation/terraform/terraformvSphere.rst:395 +msgid "Sourse files for vSphere from GIT" +msgstr "Sourse files for vSphere from GIT" + +#: ../../automation/terraform/terraformAWS.rst:88 +#: ../../automation/terraform/terraformAZ.rst:63 +#: ../../automation/terraform/terraformvSphere.rst:62 +msgid "Start" +msgstr "Start" + +#: ../../automation/terraform/terraformAWS.rst:102 +msgid "Start creating an AWS instance and check the result" +msgstr "Start creating an AWS instance and check the result" + #: ../../automation/cloud-init.rst:260 msgid "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." msgstr "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." @@ -591,11 +1042,64 @@ msgstr "Structure of /srv/salt:" msgid "Structure of files" msgstr "Structure of files" +#: ../../automation/vyos-terraform.rst:166 +#: ../../automation/vyos-terraform.rst:624 +msgid "Structure of files Ansible" +msgstr "Structure of files Ansible" + +#: ../../automation/terraform/terraformAWS.rst:463 +msgid "Structure of files Ansible for AWS" +msgstr "Structure of files Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:414 +msgid "Structure of files Ansible for Azure" +msgstr "Structure of files Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:326 +msgid "Structure of files Ansible for vSphere" +msgstr "Structure of files Ansible for vSphere" + +#: ../../automation/vyos-terraform.rst:38 +#: ../../automation/vyos-terraform.rst:302 +#: ../../automation/vyos-terraform.rst:745 +msgid "Structure of files Terrafom" +msgstr "Structure of files Terrafom" + +#: ../../automation/terraform/terraformAWS.rst:285 +msgid "Structure of files Terrafom for AWS" +msgstr "Structure of files Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:83 +msgid "Structure of files Terrafom for Azure" +msgstr "Structure of files Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:84 +msgid "Structure of files Terrafom for vSphere" +msgstr "Structure of files Terrafom for vSphere" + +#: ../../automation/terraform/terraformvyos.rst:15 +msgid "Structure of files in the standard Terraform project:" +msgstr "Structure of files in the standard Terraform project:" + #: ../../automation/cloud-init.rst:107 msgid "System Defaults/Fallbacks" msgstr "System Defaults/Fallbacks" -#: ../../automation/vyos-api.rst:301 +#: ../../automation/terraform/terraformAWS.rst:51 +#: ../../automation/terraform/terraformAZ.rst:23 +#: ../../automation/terraform/terraformvSphere.rst:26 +msgid "Terraform" +msgstr "Terraform" + +#: ../../automation/terraform/terraformAWS.rst:302 +msgid "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" +msgstr "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" + +#: ../../automation/terraform/terraformvyos.rst:6 +msgid "Terraform for VyOS" +msgstr "Terraform for VyOS" + +#: ../../automation/vyos-api.rst:302 msgid "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." msgstr "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." @@ -640,7 +1144,7 @@ msgstr "The default file looks like this:" msgid "The easiest way to configure the system via user-data is the Cloud-config syntax described below." msgstr "The easiest way to configure the system via user-data is the Cloud-config syntax described below." -#: ../../automation/vyos-api.rst:324 +#: ../../automation/vyos-api.rst:325 msgid "The endpoint ``/config-file`` is to save or load a configuration." msgstr "The endpoint ``/config-file`` is to save or load a configuration." @@ -676,7 +1180,7 @@ msgstr "This section needs improvements, examples and explanations." msgid "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." msgstr "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." -#: ../../automation/vyos-api.rst:360 +#: ../../automation/vyos-api.rst:361 msgid "To Load a configuration file." msgstr "To Load a configuration file." @@ -713,9 +1217,16 @@ msgid "To power off the system use the ``poweroff`` endpoint." msgstr "To power off the system use the ``poweroff`` endpoint." #: ../../automation/cloud-init.rst:223 +#: ../../automation/terraform/terraformAWS.rst:264 msgid "Troubleshooting" msgstr "Troubleshooting" +#: ../../automation/terraform/terraformAWS.rst:91 +#: ../../automation/terraform/terraformAZ.rst:66 +#: ../../automation/terraform/terraformvSphere.rst:65 +msgid "Type the commands on your Terrafom instance:" +msgstr "Type the commands on your Terrafom instance:" + #: ../../automation/command-scripting.rst:39 msgid "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." msgstr "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." @@ -728,7 +1239,7 @@ msgstr "User-data" msgid "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." msgstr "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." -#: ../../automation/vyos-pyvyos.rst:35 +#: ../../automation/vyos-pyvyos.rst:43 msgid "Using API Response Class" msgstr "Using API Response Class" @@ -736,6 +1247,10 @@ msgstr "Using API Response Class" msgid "Using PyVyOS" msgstr "Using PyVyOS" +#: ../../automation/vyos-pyvyos.rst:73 +msgid "Using pyvyos" +msgstr "Using pyvyos" + #: ../../automation/cloud-init.rst:373 msgid "VM ID: in this example, VM ID used is 555." msgstr "VM ID: in this example, VM ID used is 555." @@ -748,6 +1263,10 @@ msgstr "VM Resources: these parameters can be modified as needed." msgid "VM Storage: ``local`` volume is used." msgstr "VM Storage: ``local`` volume is used." +#: ../../automation/vyos-terraform.rst:991 +msgid "Vsphere" +msgstr "Vsphere" + #: ../../automation/vyos-api.rst:7 msgid "VyOS API" msgstr "VyOS API" @@ -756,6 +1275,10 @@ msgstr "VyOS API" msgid "VyOS Automation" msgstr "VyOS Automation" +#: ../../automation/terraform/index.rst:3 +msgid "VyOS Terraform" +msgstr "VyOS Terraform" + #: ../../automation/cloud-init.rst:418 msgid "VyOS `cloud-init-docs`_." msgstr "VyOS `cloud-init-docs`_." @@ -784,6 +1307,18 @@ msgstr "VyOS supports configuration via ansible. Need to install ``ansible`` and msgid "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." msgstr "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." +#: ../../automation/vyos-terraform.rst:8 +msgid "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" +msgstr "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" + +#: ../../automation/terraform/terraformvyos.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." + +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." + #: ../../automation/command-scripting.rst:8 msgid "VyOS supports executing configuration and operational commands non-interactively from shell scripts." msgstr "VyOS supports executing configuration and operational commands non-interactively from shell scripts." @@ -816,6 +1351,30 @@ msgstr "Will return:" msgid "With the ``retrieve`` endpoint you get parts or the whole configuration." msgstr "With the ``retrieve`` endpoint you get parts or the whole configuration." +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAWS.rst:40 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/vyos-terraform.rst:300 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." + +#: ../../automation/vyos-terraform.rst:743 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." + #: ../../automation/vyos-salt.rst:12 msgid "Without proxy it requires VyOS minion configuration and support op-mode data:" msgstr "Without proxy it requires VyOS minion configuration and support op-mode data:" @@ -828,11 +1387,15 @@ msgstr "Without proxy it requires VyOS minion configuration and supports op-mode msgid "You can install PyVyOS using pip:" msgstr "You can install PyVyOS using pip:" -#: ../../automation/vyos-api.rst:267 +#: ../../automation/vyos-pyvyos.rst:25 +msgid "You can install pyvyos using pip:" +msgstr "You can install pyvyos using pip:" + +#: ../../automation/vyos-api.rst:268 msgid "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." msgstr "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." -#: ../../automation/vyos-api.rst:286 +#: ../../automation/vyos-api.rst:287 msgid "``delete`` a single command" msgstr "``delete`` a single command" @@ -840,7 +1403,7 @@ msgstr "``delete`` a single command" msgid "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" msgstr "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" -#: ../../automation/vyos-api.rst:270 +#: ../../automation/vyos-api.rst:271 msgid "``set`` a single command" msgstr "``set`` a single command" @@ -856,10 +1419,29 @@ msgstr "``vyos``/``vyos`` credentials if no others specified by data source." msgid "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." msgstr "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." +#: ../../automation/vyos-pyvyos.rst:12 +msgid "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." +msgstr "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." + +#: ../../automation/vyos-pyvyos.rst:15 +msgid "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." +msgstr "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." + +#: ../../automation/vyos-pyvyos.rst:17 +msgid "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." +msgstr "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." + #: ../../automation/vyos-api.rst:188 msgid "add an image" msgstr "add an image" +#: ../../automation/terraform/terraformAWS.rst:560 +msgid "all" +msgstr "all" + +#: ../../automation/terraform/terraformAWS.rst:478 +#: ../../automation/terraform/terraformAZ.rst:428 +#: ../../automation/terraform/terraformvSphere.rst:340 #: ../../automation/vyos-ansible.rst:26 msgid "ansible.cfg" msgstr "ansible.cfg" @@ -880,6 +1462,12 @@ msgstr "commands.txt" msgid "delete an image, for example ``1.3-rolling-202006070117``" msgstr "delete an image, for example ``1.3-rolling-202006070117``" +#: ../../automation/terraform/terraformAWS.rst:528 +#: ../../automation/terraform/terraformAZ.rst:470 +#: ../../automation/terraform/terraformvSphere.rst:381 +msgid "group_vars/all" +msgstr "group_vars/all" + #: ../../automation/vyos-ansible.rst:42 msgid "hosts" msgstr "hosts" @@ -892,18 +1480,78 @@ msgstr "id_rsa_docker.pub. Needs to declare only public key exactly." msgid "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." msgstr "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." +#: ../../automation/terraform/terraformAWS.rst:495 +#: ../../automation/terraform/terraformAZ.rst:438 +#: ../../automation/terraform/terraformvSphere.rst:350 +msgid "instance.yml" +msgstr "instance.yml" + +#: ../../automation/vyos-terraform.rst:313 +#: ../../automation/vyos-terraform.rst:758 +msgid "main.tf" +msgstr "main.tf" + #: ../../automation/vyos-ansible.rst:56 msgid "main.yml" msgstr "main.yml" +#: ../../automation/terraform/terraformAWS.rst:488 +msgid "mykey.pem" +msgstr "mykey.pem" + +#: ../../automation/terraform/terraformAWS.rst:85 +msgid "mykey.pem you have to get using step 1.2" +msgstr "mykey.pem you have to get using step 1.2" + +#: ../../automation/vyos-pyvyos.rst:6 +msgid "pyvyos" +msgstr "pyvyos" + +#: ../../automation/vyos-pyvyos.rst:8 +msgid "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." +msgstr "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." + #: ../../automation/vyos-salt.rst:141 msgid "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" msgstr "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" #: ../../automation/index.rst:7 +#: ../../automation/terraform/index.rst:7 msgid "startup scripts" msgstr "startup scripts" +#: ../../automation/terraform/terraformAWS.rst:452 +#: ../../automation/terraform/terraformAZ.rst:405 +#: ../../automation/terraform/terraformvSphere.rst:307 +msgid "terraform.tfvars" +msgstr "terraform.tfvars" + #: ../../automation/vyos-salt.rst:131 msgid "top.sls" msgstr "top.sls" + +#: ../../automation/terraform/terraformvSphere.rst:20 +msgid "vSphere" +msgstr "vSphere" + +#: ../../automation/terraform/terraformAWS.rst:415 +#: ../../automation/terraform/terraformAZ.rst:298 +#: ../../automation/terraform/terraformvSphere.rst:239 +msgid "var.tf" +msgstr "var.tf" + +#: ../../automation/vyos-terraform.rst:516 +#: ../../automation/vyos-terraform.rst:899 +msgid "variables.tf" +msgstr "variables.tf" + +#: ../../automation/terraform/terraformAWS.rst:439 +#: ../../automation/terraform/terraformvSphere.rst:223 +msgid "versions.tf" +msgstr "versions.tf" + +#: ../../automation/terraform/terraformAWS.rst:300 +#: ../../automation/terraform/terraformAZ.rst:95 +#: ../../automation/terraform/terraformvSphere.rst:98 +msgid "vyos.tf" +msgstr "vyos.tf" diff --git a/docs/_locale/pt/cli.pot b/docs/_locale/pt/cli.pot index 34644e74..12dda7c8 100644 --- a/docs/_locale/pt/cli.pot +++ b/docs/_locale/pt/cli.pot @@ -228,6 +228,10 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." +#: ../../cli.rst:653 +msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." +msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." + #: ../../cli.rst:784 msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." @@ -321,6 +325,10 @@ msgid "View the current active configuration in readable JSON format." msgstr "View the current active configuration in readable JSON format." #: ../../cli.rst:852 +msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." +msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." + +#: ../../cli.rst:852 msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." @@ -340,6 +348,10 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +#: ../../cli.rst:558 +msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." + #: ../../cli.rst:340 msgid "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." msgstr "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." diff --git a/docs/_locale/pt/configexamples.pot b/docs/_locale/pt/configexamples.pot index bbc06225..a7861ab7 100644 --- a/docs/_locale/pt/configexamples.pot +++ b/docs/_locale/pt/configexamples.pot @@ -272,7 +272,7 @@ msgstr "A brief excursion into VRFs: This has been one of the longest-standing f msgid "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." msgstr "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." -#: ../../configexamples/index.rst:37 +#: ../../configexamples/index.rst:38 msgid "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." msgstr "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." @@ -656,6 +656,10 @@ msgstr "Cisco VPC Crossconnect - Ports 39 and 40 bonded between each switch" msgid "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." msgstr "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." +#: ../../configexamples/lac-lns.rst:96 +msgid "Client" +msgstr "Client" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:94 msgid "Client configuration" msgstr "Client configuration" @@ -704,7 +708,7 @@ msgstr "Configuration 'dcsp' and shaper using QoS" msgid "Configuration Blueprints" msgstr "Configuration Blueprints" -#: ../../configexamples/index.rst:30 +#: ../../configexamples/index.rst:31 msgid "Configuration Blueprints (autotest)" msgstr "Configuration Blueprints (autotest)" @@ -717,6 +721,7 @@ msgid "Configuration of basic firewall in one site, in order to:" msgstr "Configuration of basic firewall in one site, in order to:" #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:113 +#: ../../configexamples/lac-lns.rst:29 #: ../../configexamples/pppoe-ipv6-basic.rst:26 msgid "Configurations" msgstr "Configurations" @@ -885,7 +890,7 @@ msgstr "Dynamic routing used between CE and PE nodes and eBGP peering establishe msgid "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." msgstr "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." -#: ../../configexamples/index.rst:34 +#: ../../configexamples/index.rst:35 msgid "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." msgstr "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." @@ -1252,6 +1257,14 @@ msgstr "In this example two LAN interfaces exist in different subnets instead of msgid "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." msgstr "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." +#: ../../configexamples/lac-lns.rst:17 +msgid "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." +msgstr "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." + +#: ../../configexamples/lac-lns.rst:98 +msgid "In this lab we use Windows PPPoE client." +msgstr "In this lab we use Windows PPPoE client." + #: ../../configexamples/zone-policy.rst:50 msgid "Inbound WAN connect to DMZ host." msgstr "Inbound WAN connect to DMZ host." @@ -1345,6 +1358,10 @@ msgstr "L3VPN configuration parameters table:" msgid "L3VPN for Hub-and-Spoke connectivity with VyOS" msgstr "L3VPN for Hub-and-Spoke connectivity with VyOS" +#: ../../configexamples/lac-lns.rst:32 +msgid "LAC" +msgstr "LAC" + #: ../../configexamples/zone-policy.rst:392 msgid "LAN, WAN, DMZ, local and TUN (tunnel)" msgstr "LAN, WAN, DMZ, local and TUN (tunnel)" @@ -1389,6 +1406,10 @@ msgstr "LAN and DMZ hosts have basic outbound access: Web, FTP, SSH." msgid "LAN can access DMZ resources." msgstr "LAN can access DMZ resources." +#: ../../configexamples/lac-lns.rst:72 +msgid "LNS" +msgstr "LNS" + #: ../../configexamples/l3vpn-hub-and-spoke.rst:551 msgid "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" msgstr "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" @@ -1433,9 +1454,22 @@ msgid "Masquerade Traffic originating from 10.200.201.0/24 that is heading out t msgstr "Masquerade Traffic originating from 10.200.201.0/24 that is heading out the public interface." #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:254 +#: ../../configexamples/lac-lns.rst:106 msgid "Monitoring" msgstr "Monitoring" +#: ../../configexamples/lac-lns.rst:117 +msgid "Monitoring on LAC side" +msgstr "Monitoring on LAC side" + +#: ../../configexamples/lac-lns.rst:108 +msgid "Monitoring on LNS side" +msgstr "Monitoring on LNS side" + +#: ../../configexamples/lac-lns.rst:140 +msgid "Monitoring on RADIUS Server side" +msgstr "Monitoring on RADIUS Server side" + #: ../../configexamples/autotest/tunnelbroker/tunnelbroker.rst:162 msgid "Multiple LAN/DMZ Setup" msgstr "Multiple LAN/DMZ Setup" @@ -1456,6 +1490,7 @@ msgstr "Native IPv4 and IPv6" msgid "Network Cabling" msgstr "Network Cabling" +#: ../../configexamples/lac-lns.rst:21 #: ../../configexamples/pppoe-ipv6-basic.rst:18 msgid "Network Topology" msgstr "Network Topology" @@ -1463,6 +1498,7 @@ msgstr "Network Topology" #: ../../configexamples/ansible.rst:-1 #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:-1 #: ../../configexamples/l3vpn-hub-and-spoke.rst:-1 +#: ../../configexamples/lac-lns.rst:-1 #: ../../configexamples/nmp.rst:-1 #: ../../configexamples/pppoe-ipv6-basic.rst:-1 #: ../../configexamples/qos.rst:-1 @@ -1655,6 +1691,10 @@ msgstr "PPPoE IPv6 Basic Setup for Home Network" msgid "PPPoE Setup" msgstr "PPPoE Setup" +#: ../../configexamples/lac-lns.rst:7 +msgid "PPPoE over L2TP" +msgstr "PPPoE over L2TP" + #: ../../configexamples/segment-routing-isis.rst:255 msgid "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" msgstr "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" @@ -2046,7 +2086,7 @@ msgstr "The lab I built is using a VRF (called **mgmt**) to provide out-of-band msgid "The lab was built using EVE-NG." msgstr "The lab was built using EVE-NG." -#: ../../configexamples/index.rst:32 +#: ../../configexamples/index.rst:33 msgid "The next pages contains automatic full tested configuration examples." msgstr "The next pages contains automatic full tested configuration examples." @@ -2054,7 +2094,7 @@ msgstr "The next pages contains automatic full tested configuration examples." msgid "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." msgstr "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." -#: ../../configexamples/index.rst:40 +#: ../../configexamples/index.rst:41 msgid "The process will do the following steps:" msgstr "The process will do the following steps:" @@ -2130,6 +2170,10 @@ msgstr "This configuration example and the requirments consists on:" msgid "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." msgstr "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." +#: ../../configexamples/lac-lns.rst:9 +msgid "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." +msgstr "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." + #: ../../configexamples/pppoe-ipv6-basic.rst:9 msgid "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." msgstr "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." @@ -2210,6 +2254,10 @@ msgstr "This section describes verification commands for MPLS/BGP/LDP protocols msgid "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." msgstr "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." +#: ../../configexamples/lac-lns.rst:91 +msgid "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." +msgstr "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." + #: ../../configexamples/autotest/Wireguard/Wireguard.rst:10 msgid "This simple structure show how to connect two offices. One remote branch and the central office." msgstr "This simple structure show how to connect two offices. One remote branch and the central office." @@ -2580,6 +2628,10 @@ msgstr "When you have both routers up, you should be able to establish a connect msgid "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" msgstr "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" +#: ../../configexamples/lac-lns.rst:-1 +msgid "Window PPPoE Client Configuration" +msgstr "Window PPPoE Client Configuration" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:13 msgid "Windows Server 2019 with a running Active Directory" msgstr "Windows Server 2019 with a running Active Directory" @@ -2713,15 +2765,15 @@ msgstr "compute3 - Port 11 of each switch" msgid "compute3 (VMware ESXi 6.5)" msgstr "compute3 (VMware ESXi 6.5)" -#: ../../configexamples/index.rst:43 +#: ../../configexamples/index.rst:44 msgid "configure each host in the lab" msgstr "configure each host in the lab" -#: ../../configexamples/index.rst:42 +#: ../../configexamples/index.rst:43 msgid "create the lab on a eve-ng server" msgstr "create the lab on a eve-ng server" -#: ../../configexamples/index.rst:44 +#: ../../configexamples/index.rst:45 msgid "do some defined tests" msgstr "do some defined tests" @@ -2742,7 +2794,7 @@ msgstr "extended community and remote label of specific destination" msgid "first the PCA" msgstr "first the PCA" -#: ../../configexamples/index.rst:46 +#: ../../configexamples/index.rst:47 msgid "generate the documentation and include files" msgstr "generate the documentation and include files" @@ -2754,7 +2806,7 @@ msgstr "green uses local routing table id and VNI 4000" msgid "information between PE and CE:" msgstr "information between PE and CE:" -#: ../../configexamples/index.rst:45 +#: ../../configexamples/index.rst:46 msgid "optional do an upgrade to a higher version and do step 3 again." msgstr "optional do an upgrade to a higher version and do step 3 again." @@ -2770,7 +2822,7 @@ msgstr "router2 (Random 1RU machine with 4 NICs)" msgid "save the output to a file and import it in nearly all openvpn clients." msgstr "save the output to a file and import it in nearly all openvpn clients." -#: ../../configexamples/index.rst:47 +#: ../../configexamples/index.rst:48 msgid "shutdown and destroy the lab, if there is no error" msgstr "shutdown and destroy the lab, if there is no error" diff --git a/docs/_locale/pt/configuration.pot b/docs/_locale/pt/configuration.pot index 01486200..b932b2b9 100644 --- a/docs/_locale/pt/configuration.pot +++ b/docs/_locale/pt/configuration.pot @@ -168,9 +168,9 @@ msgstr "**Documentation under development**" msgid "**Ethernet (protocol, destination address or source address)**" msgstr "**Ethernet (protocol, destination address or source address)**" -#: ../../configuration/service/dhcp-server.rst:200 -#: ../../configuration/service/dhcp-server.rst:587 -#: ../../configuration/service/dhcp-server.rst:626 +#: ../../configuration/service/dhcp-server.rst:206 +#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:634 msgid "**Example:**" msgstr "**Example:**" @@ -269,11 +269,11 @@ msgstr "**Input**: stage where traffic destined for the router itself can be fil msgid "**Interface name**" msgstr "**Interface name**" -#: ../../configuration/vpn/site2site_ipsec.rst:303 +#: ../../configuration/vpn/site2site_ipsec.rst:306 msgid "**LEFT**" msgstr "**LEFT**" -#: ../../configuration/vpn/site2site_ipsec.rst:287 +#: ../../configuration/vpn/site2site_ipsec.rst:290 msgid "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" msgstr "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" @@ -309,11 +309,11 @@ msgstr "**MED check**" msgid "**Multi-path check**" msgstr "**Multi-path check**" -#: ../../configuration/protocols/bgp.rst:1193 +#: ../../configuration/protocols/bgp.rst:1215 msgid "**Node1:**" msgstr "**Node1:**" -#: ../../configuration/protocols/bgp.rst:1221 +#: ../../configuration/protocols/bgp.rst:1243 msgid "**Node2:**" msgstr "**Node2:**" @@ -326,10 +326,10 @@ msgid "**Node 1**" msgstr "**Node 1**" #: ../../configuration/protocols/babel.rst:192 -#: ../../configuration/protocols/bgp.rst:1103 -#: ../../configuration/protocols/bgp.rst:1130 -#: ../../configuration/protocols/bgp.rst:1148 -#: ../../configuration/protocols/bgp.rst:1176 +#: ../../configuration/protocols/bgp.rst:1125 +#: ../../configuration/protocols/bgp.rst:1152 +#: ../../configuration/protocols/bgp.rst:1170 +#: ../../configuration/protocols/bgp.rst:1198 #: ../../configuration/protocols/isis.rst:341 #: ../../configuration/protocols/isis.rst:416 #: ../../configuration/protocols/isis.rst:457 @@ -350,10 +350,10 @@ msgid "**Node 2**" msgstr "**Node 2**" #: ../../configuration/protocols/babel.rst:202 -#: ../../configuration/protocols/bgp.rst:1114 #: ../../configuration/protocols/bgp.rst:1136 -#: ../../configuration/protocols/bgp.rst:1160 +#: ../../configuration/protocols/bgp.rst:1158 #: ../../configuration/protocols/bgp.rst:1182 +#: ../../configuration/protocols/bgp.rst:1204 #: ../../configuration/protocols/isis.rst:352 #: ../../configuration/protocols/isis.rst:432 #: ../../configuration/protocols/isis.rst:511 @@ -384,6 +384,10 @@ msgid "**Output**: stage where traffic that is originated by the router itself c msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" #: ../../configuration/firewall/index.rst:65 +msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" +msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" + +#: ../../configuration/firewall/index.rst:65 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" @@ -411,7 +415,7 @@ msgstr "**Prerouting**: several actions can be done in this stage, and currently msgid "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" msgstr "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" -#: ../../configuration/service/dhcp-server.rst:391 +#: ../../configuration/service/dhcp-server.rst:397 msgid "**Primary**" msgstr "**Primary**" @@ -481,11 +485,11 @@ msgstr "**RADIUS based IP pools (Framed-IP-Address)**" msgid "**RADIUS sessions management DM/CoA**" msgstr "**RADIUS sessions management DM/CoA**" -#: ../../configuration/vpn/site2site_ipsec.rst:343 +#: ../../configuration/vpn/site2site_ipsec.rst:346 msgid "**RIGHT**" msgstr "**RIGHT**" -#: ../../configuration/vpn/site2site_ipsec.rst:293 +#: ../../configuration/vpn/site2site_ipsec.rst:296 msgid "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" msgstr "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" @@ -521,15 +525,15 @@ msgstr "**SW1**" msgid "**SW2**" msgstr "**SW2**" -#: ../../configuration/service/dhcp-server.rst:400 +#: ../../configuration/service/dhcp-server.rst:406 msgid "**Secondary**" msgstr "**Secondary**" -#: ../../configuration/vpn/ipsec.rst:261 +#: ../../configuration/vpn/ipsec.rst:265 msgid "**Setting up IPSec**" msgstr "**Setting up IPSec**" -#: ../../configuration/vpn/ipsec.rst:237 +#: ../../configuration/vpn/ipsec.rst:241 msgid "**Setting up the GRE tunnel**" msgstr "**Setting up the GRE tunnel**" @@ -575,11 +579,25 @@ msgstr "**address** can be specified multiple times, e.g. 192.168.100.1 and/or 1 msgid "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" msgstr "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" +#: ../../configuration/service/pppoe-server.rst:474 +#: ../../configuration/vpn/l2tp.rst:428 +#: ../../configuration/vpn/pptp.rst:352 +#: ../../configuration/vpn/sstp.rst:386 +msgid "**allow** - Negotiate IPv4 only if client requests (Default value)" +msgstr "**allow** - Negotiate IPv4 only if client requests (Default value)" + +#: ../../configuration/service/pppoe-server.rst:349 +#: ../../configuration/vpn/l2tp.rst:293 +#: ../../configuration/vpn/pptp.rst:217 +#: ../../configuration/vpn/sstp.rst:251 +msgid "**allow** - Negotiate IPv6 only if client requests" +msgstr "**allow** - Negotiate IPv6 only if client requests" + #: ../../configuration/container/index.rst:38 msgid "**allow-host-networks** cannot be used with **network**" msgstr "**allow-host-networks** cannot be used with **network**" -#: ../../configuration/container/index.rst:102 +#: ../../configuration/container/index.rst:107 msgid "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" msgstr "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" @@ -595,6 +613,10 @@ msgstr "**application**: analyzes received flow data in the context of intrusion msgid "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." msgstr "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." +#: ../../configuration/service/ids.rst:90 +msgid "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." +msgstr "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." + #: ../../configuration/protocols/ospf.rst:435 msgid "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." @@ -603,6 +625,13 @@ msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** msgid "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." +#: ../../configuration/service/pppoe-server.rst:401 +#: ../../configuration/vpn/l2tp.rst:345 +#: ../../configuration/vpn/pptp.rst:269 +#: ../../configuration/vpn/sstp.rst:303 +msgid "**calling-sid** - Calculate interface identifier from calling-station-id." +msgstr "**calling-sid** - Calculate interface identifier from calling-station-id." + #: ../../configuration/protocols/ospf.rst:121 msgid "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." msgstr "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." @@ -619,7 +648,28 @@ msgstr "**default** – this area will be used for shortcutting only if ABR doe msgid "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." msgstr "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." -#: ../../configuration/vpn/sstp.rst:199 +#: ../../configuration/service/pppoe-server.rst:566 +msgid "**deny**: Deny second session authorization." +msgstr "**deny**: Deny second session authorization." + +#: ../../configuration/service/pppoe-server.rst:475 +#: ../../configuration/vpn/l2tp.rst:429 +#: ../../configuration/vpn/pptp.rst:353 +#: ../../configuration/vpn/sstp.rst:387 +msgid "**deny** - Do not negotiate IPv4" +msgstr "**deny** - Do not negotiate IPv4" + +#: ../../configuration/service/pppoe-server.rst:350 +#: ../../configuration/vpn/l2tp.rst:294 +#: ../../configuration/vpn/pptp.rst:218 +#: ../../configuration/vpn/sstp.rst:252 +msgid "**deny** - Do not negotiate IPv6 (default value)" +msgstr "**deny** - Do not negotiate IPv6 (default value)" + +#: ../../configuration/service/pppoe-server.rst:507 +#: ../../configuration/vpn/l2tp.rst:461 +#: ../../configuration/vpn/pptp.rst:385 +#: ../../configuration/vpn/sstp.rst:419 msgid "**deny** - deny mppe" msgstr "**deny** - deny mppe" @@ -635,6 +685,10 @@ msgstr "**dhcp** interface address is received by DHCP from a DHCP server on thi msgid "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." msgstr "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." +#: ../../configuration/service/pppoe-server.rst:565 +msgid "**disable**: Disables session control." +msgstr "**disable**: Disables session control." + #: ../../configuration/service/dhcp-relay.rst:75 msgid "**discard:** Received packets which already contain relay information will be discarded." msgstr "**discard:** Received packets which already contain relay information will be discarded." @@ -667,6 +721,17 @@ msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It co msgid "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." +#: ../../configuration/service/pppoe-server.rst:400 +#: ../../configuration/vpn/l2tp.rst:344 +#: ../../configuration/vpn/pptp.rst:268 +#: ../../configuration/vpn/sstp.rst:302 +msgid "**ipv4-addr** - Calculate interface identifier from IPv4 address." +msgstr "**ipv4-addr** - Calculate interface identifier from IPv4 address." + +#: ../../configuration/service/ipoe-server.rst:91 +msgid "**l2**: It means that clients are on same network where interface is.**(default)**" +msgstr "**l2**: It means that clients are on same network where interface is.**(default)**" + #: ../../configuration/interfaces/bonding.rst:161 msgid "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" msgstr "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" @@ -707,10 +772,18 @@ msgstr "**level-2-only** - Act as an area (Level 2) router only." msgid "**level-2-only** - Level-2 only adjacencies are formed" msgstr "**level-2-only** - Level-2 only adjacencies are formed" -#: ../../configuration/vpn/sstp.rst:105 +#: ../../configuration/service/ipoe-server.rst:65 +#: ../../configuration/service/pppoe-server.rst:43 +#: ../../configuration/vpn/l2tp.rst:31 +#: ../../configuration/vpn/pptp.rst:32 +#: ../../configuration/vpn/sstp.rst:58 msgid "**local**: All authentication queries are handled locally." msgstr "**local**: All authentication queries are handled locally." +#: ../../configuration/service/ipoe-server.rst:93 +msgid "**local**: It means that client are behind some router." +msgstr "**local**: It means that client are behind some router." + #: ../../configuration/interfaces/wireguard.rst:140 msgid "**local side - commands**" msgstr "**local side - commands**" @@ -723,27 +796,36 @@ msgstr "**log-fail** In this mode, the recursor will attempt to validate all dat msgid "**narrow** - Use old style of TLVs with narrow metric." msgstr "**narrow** - Use old style of TLVs with narrow metric." -#: ../../configuration/container/index.rst:119 +#: ../../configuration/container/index.rst:124 msgid "**net-admin**: Network operations (interface, firewall, routing tables)" msgstr "**net-admin**: Network operations (interface, firewall, routing tables)" -#: ../../configuration/container/index.rst:120 +#: ../../configuration/container/index.rst:125 msgid "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" msgstr "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" -#: ../../configuration/container/index.rst:121 +#: ../../configuration/container/index.rst:126 msgid "**net-raw**: Permission to create raw network sockets" msgstr "**net-raw**: Permission to create raw network sockets" -#: ../../configuration/container/index.rst:100 +#: ../../configuration/container/index.rst:105 msgid "**no**: Do not restart containers on exit" msgstr "**no**: Do not restart containers on exit" +#: ../../configuration/service/ipoe-server.rst:66 +msgid "**noauth**: Authentication disabled" +msgstr "**noauth**: Authentication disabled" + +#: ../../configuration/service/pppoe-server.rst:44 +#: ../../configuration/vpn/pptp.rst:33 +msgid "**noauth**: Authentication disabled." +msgstr "**noauth**: Authentication disabled." + #: ../../configuration/service/dns.rst:66 msgid "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." msgstr "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." -#: ../../configuration/container/index.rst:101 +#: ../../configuration/container/index.rst:106 msgid "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" msgstr "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" @@ -755,10 +837,31 @@ msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It config msgid "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." -#: ../../configuration/vpn/sstp.rst:198 +#: ../../configuration/service/pppoe-server.rst:473 +#: ../../configuration/vpn/l2tp.rst:427 +#: ../../configuration/vpn/pptp.rst:351 +#: ../../configuration/vpn/sstp.rst:385 +msgid "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" + +#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/vpn/l2tp.rst:292 +#: ../../configuration/vpn/pptp.rst:216 +#: ../../configuration/vpn/sstp.rst:250 +msgid "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" + +#: ../../configuration/vpn/sstp.rst:204 msgid "**prefer** - ask client for mppe, if it rejects don't fail" msgstr "**prefer** - ask client for mppe, if it rejects don't fail" +#: ../../configuration/service/pppoe-server.rst:506 +#: ../../configuration/vpn/l2tp.rst:460 +#: ../../configuration/vpn/pptp.rst:384 +#: ../../configuration/vpn/sstp.rst:418 +msgid "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" +msgstr "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" + #: ../../configuration/service/dns.rst:77 msgid "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." msgstr "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." @@ -771,19 +874,55 @@ msgstr "**process-no-validate** In this mode the recursor acts as a \"security a msgid "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." msgstr "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." -#: ../../configuration/vpn/sstp.rst:103 +#: ../../configuration/service/ipoe-server.rst:63 +#: ../../configuration/service/pppoe-server.rst:41 +#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/vpn/pptp.rst:30 +#: ../../configuration/vpn/sstp.rst:56 msgid "**radius**: All authentication queries are handled by a configured RADIUS server." msgstr "**radius**: All authentication queries are handled by a configured RADIUS server." +#: ../../configuration/service/pppoe-server.rst:391 +#: ../../configuration/service/pppoe-server.rst:398 +#: ../../configuration/vpn/l2tp.rst:335 +#: ../../configuration/vpn/l2tp.rst:342 +#: ../../configuration/vpn/pptp.rst:259 +#: ../../configuration/vpn/pptp.rst:266 +#: ../../configuration/vpn/sstp.rst:293 +#: ../../configuration/vpn/sstp.rst:300 +msgid "**random** - Random interface identifier for IPv6" +msgstr "**random** - Random interface identifier for IPv6" + #: ../../configuration/interfaces/wireguard.rst:190 msgid "**remote side - commands**" msgstr "**remote side - commands**" +#: ../../configuration/service/pppoe-server.rst:567 +msgid "**replace**: Terminate first session when second is authorized **(default)**" +msgstr "**replace**: Terminate first session when second is authorized **(default)**" + #: ../../configuration/service/dhcp-relay.rst:81 msgid "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." msgstr "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." -#: ../../configuration/vpn/sstp.rst:197 +#: ../../configuration/service/pppoe-server.rst:472 +#: ../../configuration/vpn/l2tp.rst:426 +#: ../../configuration/vpn/pptp.rst:350 +#: ../../configuration/vpn/sstp.rst:384 +msgid "**require** - Require IPv4 negotiation" +msgstr "**require** - Require IPv4 negotiation" + +#: ../../configuration/service/pppoe-server.rst:347 +#: ../../configuration/vpn/l2tp.rst:291 +#: ../../configuration/vpn/pptp.rst:215 +#: ../../configuration/vpn/sstp.rst:249 +msgid "**require** - Require IPv6 negotiation" +msgstr "**require** - Require IPv6 negotiation" + +#: ../../configuration/service/pppoe-server.rst:505 +#: ../../configuration/vpn/l2tp.rst:459 +#: ../../configuration/vpn/pptp.rst:383 +#: ../../configuration/vpn/sstp.rst:417 msgid "**require** - ask client for mppe, if it rejects drop connection" msgstr "**require** - ask client for mppe, if it rejects drop connection" @@ -791,19 +930,23 @@ msgstr "**require** - ask client for mppe, if it rejects drop connection" msgid "**right**" msgstr "**right**" -#: ../../configuration/container/index.rst:122 +#: ../../configuration/container/index.rst:127 msgid "**setpcap**: Capability sets (from bounded or inherited set)" msgstr "**setpcap**: Capability sets (from bounded or inherited set)" +#: ../../configuration/service/ipoe-server.rst:99 +msgid "**shared**: Multiple clients share the same network. **(default)**" +msgstr "**shared**: Multiple clients share the same network. **(default)**" + #: ../../configuration/nat/nat44.rst:195 msgid "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." msgstr "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." -#: ../../configuration/container/index.rst:123 +#: ../../configuration/container/index.rst:128 msgid "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" msgstr "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" -#: ../../configuration/container/index.rst:124 +#: ../../configuration/container/index.rst:129 msgid "**sys-time**: Permission to set system clock" msgstr "**sys-time**: Permission to set system clock" @@ -819,10 +962,25 @@ msgstr "**upstream:** The upstream network interface is the outgoing interface w msgid "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." msgstr "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." +#: ../../configuration/service/ipoe-server.rst:100 +msgid "**vlan**: One VLAN per client." +msgstr "**vlan**: One VLAN per client." + #: ../../configuration/protocols/isis.rst:102 msgid "**wide** - Use new style of TLVs to carry wider metric." msgstr "**wide** - Use new style of TLVs to carry wider metric." +#: ../../configuration/service/pppoe-server.rst:392 +#: ../../configuration/service/pppoe-server.rst:399 +#: ../../configuration/vpn/l2tp.rst:336 +#: ../../configuration/vpn/l2tp.rst:343 +#: ../../configuration/vpn/pptp.rst:260 +#: ../../configuration/vpn/pptp.rst:267 +#: ../../configuration/vpn/sstp.rst:294 +#: ../../configuration/vpn/sstp.rst:301 +msgid "**x:x:x:x** - Specify interface identifier for IPv6" +msgstr "**x:x:x:x** - Specify interface identifier for IPv6" + #: ../../configuration/protocols/bgp.rst:143 msgid "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." msgstr "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." @@ -887,7 +1045,7 @@ msgstr "0 if not defined, which means no refreshing." msgid "0 if not defined." msgstr "0 if not defined." -#: ../../configuration/service/dhcp-server.rst:237 +#: ../../configuration/service/dhcp-server.rst:243 #: ../../configuration/system/syslog.rst:114 #: ../../configuration/system/syslog.rst:173 #: ../../configuration/trafficpolicy/index.rst:801 @@ -950,7 +1108,7 @@ msgstr "10 - 10 MBit/s" msgid "11" msgstr "11" -#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:325 msgid "119" msgstr "119" @@ -960,11 +1118,11 @@ msgstr "119" msgid "12" msgstr "12" -#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:330 msgid "121, 249" msgstr "121, 249" -#: ../../configuration/service/dhcp-server.rst:304 +#: ../../configuration/service/dhcp-server.rst:310 #: ../../configuration/system/syslog.rst:138 #: ../../configuration/trafficpolicy/index.rst:870 msgid "13" @@ -976,7 +1134,7 @@ msgstr "13" msgid "14" msgstr "14" -#: ../../configuration/service/dhcp-server.rst:264 +#: ../../configuration/service/dhcp-server.rst:270 #: ../../configuration/system/syslog.rst:142 #: ../../configuration/trafficpolicy/index.rst:866 msgid "15" @@ -1000,7 +1158,7 @@ msgstr "172.16.0.0 to 172.31.255.255 (CIDR: 172.16.0.0/12)" msgid "18" msgstr "18" -#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:275 #: ../../configuration/system/syslog.rst:150 msgid "19" msgstr "19" @@ -1025,7 +1183,7 @@ msgstr "1: Enable DAD (default)" msgid "1 if not defined." msgstr "1 if not defined." -#: ../../configuration/service/dhcp-server.rst:243 +#: ../../configuration/service/dhcp-server.rst:249 #: ../../configuration/system/syslog.rst:116 #: ../../configuration/system/syslog.rst:178 #: ../../configuration/trafficpolicy/index.rst:799 @@ -1059,7 +1217,7 @@ msgstr "25000 - 25 GBit/s" msgid "2500 - 2.5 GBit/s" msgstr "2500 - 2.5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:329 +#: ../../configuration/service/dhcp-server.rst:335 msgid "252" msgstr "252" @@ -1087,7 +1245,7 @@ msgstr "2. Since this is the first packet, connection status of this connection, msgid "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." msgstr "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." -#: ../../configuration/service/dhcp-server.rst:249 +#: ../../configuration/service/dhcp-server.rst:255 #: ../../configuration/system/syslog.rst:118 #: ../../configuration/system/syslog.rst:181 #: ../../configuration/trafficpolicy/index.rst:797 @@ -1115,7 +1273,7 @@ msgstr "38" msgid "3. Add a full path to the script" msgstr "3. Add a full path to the script" -#: ../../configuration/service/dhcp-server.rst:254 +#: ../../configuration/service/dhcp-server.rst:260 #: ../../configuration/system/syslog.rst:120 #: ../../configuration/system/syslog.rst:183 #: ../../configuration/trafficpolicy/index.rst:795 @@ -1131,11 +1289,11 @@ msgstr "40000 - 40 GBit/s" msgid "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." msgstr "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." -#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:280 msgid "42" msgstr "42" -#: ../../configuration/service/dhcp-server.rst:279 +#: ../../configuration/service/dhcp-server.rst:285 msgid "44" msgstr "44" @@ -1166,7 +1324,7 @@ msgstr "50000 - 50 GBit/s" msgid "5000 - 5 GBit/s" msgstr "5000 - 5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:284 +#: ../../configuration/service/dhcp-server.rst:290 msgid "54" msgstr "54" @@ -1179,7 +1337,7 @@ msgstr "5. Second packet for this connection is received by the router. Since co msgid "5 if not defined." msgstr "5 if not defined." -#: ../../configuration/service/dhcp-server.rst:259 +#: ../../configuration/service/dhcp-server.rst:265 #: ../../configuration/system/syslog.rst:124 #: ../../configuration/system/syslog.rst:189 #: ../../configuration/trafficpolicy/index.rst:791 @@ -1187,7 +1345,7 @@ msgstr "5 if not defined." msgid "6" msgstr "6" -#: ../../configuration/service/dhcp-server.rst:294 +#: ../../configuration/service/dhcp-server.rst:300 msgid "66" msgstr "66" @@ -1195,11 +1353,11 @@ msgstr "66" msgid "66% of traffic is routed to eth0, eth1 gets 33% of traffic." msgstr "66% of traffic is routed to eth0, eth1 gets 33% of traffic." -#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:305 msgid "67" msgstr "67" -#: ../../configuration/service/dhcp-server.rst:309 +#: ../../configuration/service/dhcp-server.rst:315 msgid "69" msgstr "69" @@ -1222,7 +1380,7 @@ msgstr "6in4 uses tunneling to encapsulate IPv6 traffic over IPv4 links as defin msgid "7" msgstr "7" -#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:320 msgid "70" msgstr "70" @@ -1299,11 +1457,11 @@ msgstr "<x.x.x.x>-<x.x.x.x>: IP range to match." msgid "<x.x.x.x>: IP address to match." msgstr "<x.x.x.x>: IP address to match." -#: ../../configuration/pki/index.rst:252 +#: ../../configuration/pki/index.rst:283 msgid "ACME" msgstr "ACME" -#: ../../configuration/pki/index.rst:281 +#: ../../configuration/pki/index.rst:312 msgid "ACME Directory Resource URI." msgstr "ACME Directory Resource URI." @@ -1311,7 +1469,7 @@ msgstr "ACME Directory Resource URI." msgid "API" msgstr "API" -#: ../../configuration/protocols/static.rst:150 +#: ../../configuration/protocols/static.rst:183 msgid "ARP" msgstr "ARP" @@ -1335,7 +1493,7 @@ msgstr "A *bit* is written as **bit**," msgid "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." msgstr "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." -#: ../../configuration/protocols/bgp.rst:929 +#: ../../configuration/protocols/bgp.rst:951 msgid "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" msgstr "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" @@ -1351,7 +1509,7 @@ msgstr "A GRE tunnel operates at layer 3 of the OSI model and is represented by msgid "A Rule-Set can be applied to every interface:" msgstr "A Rule-Set can be applied to every interface:" -#: ../../configuration/service/dhcp-server.rst:561 +#: ../../configuration/service/dhcp-server.rst:567 msgid "A SNTP server address can be specified for DHCPv6 clients." msgstr "A SNTP server address can be specified for DHCPv6 clients." @@ -1363,11 +1521,11 @@ msgstr "A VRF device is created with an associated route table. Network interfac msgid "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." msgstr "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." -#: ../../configuration/service/dns.rst:162 +#: ../../configuration/service/dns.rst:149 msgid "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." msgstr "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." -#: ../../configuration/service/dhcp-server.rst:533 +#: ../../configuration/service/dhcp-server.rst:539 msgid "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." msgstr "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." @@ -1384,6 +1542,10 @@ msgstr "A basic introduction to zone-based firewalls can be found `here <https:/ msgid "A bridge named `br100`" msgstr "A bridge named `br100`" +#: ../../configuration/container/index.rst:144 +msgid "A brief description what this network is all about." +msgstr "A brief description what this network is all about." + #: ../../configuration/trafficpolicy/index.rst:147 msgid "A class can have multiple match filters:" msgstr "A class can have multiple match filters:" @@ -1396,7 +1558,11 @@ msgstr "A common example is the case of some policies which, in order to be effe msgid "A complete LDAP auth OpenVPN configuration could look like the following example:" msgstr "A complete LDAP auth OpenVPN configuration could look like the following example:" -#: ../../configuration/vpn/sstp.rst:335 +#: ../../configuration/service/ids.rst:84 +msgid "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" +msgstr "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" + +#: ../../configuration/vpn/sstp.rst:508 msgid "A connection attempt will be shown as:" msgstr "A connection attempt will be shown as:" @@ -1420,7 +1586,7 @@ msgstr "A domain name is the label (name) assigned to a computer network and is msgid "A dummy interface for the provider-assigned IP;" msgstr "A dummy interface for the provider-assigned IP;" -#: ../../configuration/highavailability/index.rst:426 +#: ../../configuration/highavailability/index.rst:436 msgid "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." msgstr "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." @@ -1436,11 +1602,11 @@ msgstr "A generic `<name>` referencing this sync service." msgid "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." msgstr "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." -#: ../../configuration/pki/index.rst:189 +#: ../../configuration/pki/index.rst:191 msgid "A human readable description what this CA is about." msgstr "A human readable description what this CA is about." -#: ../../configuration/pki/index.rst:228 +#: ../../configuration/pki/index.rst:230 msgid "A human readable description what this certificate is about." msgstr "A human readable description what this certificate is about." @@ -1456,7 +1622,7 @@ msgstr "A managed device is a network node that implements an SNMP interface tha msgid "A match filter can contain multiple criteria and will match traffic if all those criteria are true." msgstr "A match filter can contain multiple criteria and will match traffic if all those criteria are true." -#: ../../configuration/protocols/bfd.rst:138 +#: ../../configuration/protocols/bfd.rst:145 msgid "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." msgstr "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." @@ -1476,7 +1642,7 @@ msgstr "A packet rate limit can be set for a rule to apply the rule to traffic a msgid "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." msgstr "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." -#: ../../configuration/protocols/bgp.rst:698 +#: ../../configuration/protocols/bgp.rst:720 msgid "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." msgstr "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." @@ -1488,7 +1654,7 @@ msgstr "A physical interface is required to connect this MACsec instance to. Tra msgid "A pool of addresses can be defined by using a hyphen between two IP addresses:" msgstr "A pool of addresses can be defined by using a hyphen between two IP addresses:" -#: ../../configuration/firewall/ipv4.rst:485 +#: ../../configuration/firewall/ipv4.rst:508 #: ../../configuration/firewall/ipv6.rst:491 msgid "A port can be set with a port number or a name which is here defined: ``/etc/services``." msgstr "A port can be set with a port number or a name which is here defined: ``/etc/services``." @@ -1526,11 +1692,11 @@ msgstr "A segment ID that contains an IP address prefix calculated by an IGP in msgid "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." msgstr "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." -#: ../../configuration/service/dhcp-server.rst:589 +#: ../../configuration/service/dhcp-server.rst:595 msgid "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" msgstr "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" -#: ../../configuration/protocols/bgp.rst:1146 +#: ../../configuration/protocols/bgp.rst:1168 msgid "A simple BGP configuration via IPv6." msgstr "A simple BGP configuration via IPv6." @@ -1538,7 +1704,7 @@ msgstr "A simple BGP configuration via IPv6." msgid "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." msgstr "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." -#: ../../configuration/protocols/bgp.rst:1101 +#: ../../configuration/protocols/bgp.rst:1123 msgid "A simple eBGP configuration:" msgstr "A simple eBGP configuration:" @@ -1602,7 +1768,7 @@ msgstr "A very small buffer will soon start dropping packets." msgid "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." msgstr "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." -#: ../../configuration/service/dns.rst:397 +#: ../../configuration/service/dns.rst:411 msgid "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." msgstr "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." @@ -1622,6 +1788,21 @@ msgstr "Accept SSH connections for the given `<device>` on TCP port `<port>`. Af msgid "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." msgstr "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." +#: ../../configuration/service/pppoe-server.rst:384 +#: ../../configuration/vpn/l2tp.rst:328 +#: ../../configuration/vpn/pptp.rst:252 +#: ../../configuration/vpn/sstp.rst:286 +msgid "Accept peer interface identifier. By default is not defined." +msgstr "Accept peer interface identifier. By default is not defined." + +#: ../../configuration/service/ipoe-server.rst:364 +#: ../../configuration/service/pppoe-server.rst:530 +#: ../../configuration/vpn/l2tp.rst:484 +#: ../../configuration/vpn/pptp.rst:408 +#: ../../configuration/vpn/sstp.rst:442 +msgid "Acceptable rate of connections (e.g. 1/min, 60/sec)" +msgstr "Acceptable rate of connections (e.g. 1/min, 60/sec)" + #: ../../configuration/policy/access-list.rst:3 msgid "Access List Policy" msgstr "Access List Policy" @@ -1665,7 +1846,7 @@ msgstr "Add Power Constraint element to Beacon and Probe Response frames." msgid "Add a forwarding rule matching UDP port on your internet router." msgstr "Add a forwarding rule matching UDP port on your internet router." -#: ../../configuration/container/index.rst:113 +#: ../../configuration/container/index.rst:118 msgid "Add a host device to the container." msgstr "Add a host device to the container." @@ -1693,11 +1874,11 @@ msgstr "Add new port to SSL-ports acl. Ports included by default in SSL-ports ac msgid "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" msgstr "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" -#: ../../configuration/policy/route-map.rst:221 +#: ../../configuration/policy/route-map.rst:224 msgid "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" msgstr "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" -#: ../../configuration/policy/route-map.rst:236 +#: ../../configuration/policy/route-map.rst:239 msgid "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" @@ -1705,11 +1886,11 @@ msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0 msgid "Add policy route matching VLAN source addresses" msgstr "Add policy route matching VLAN source addresses" -#: ../../configuration/pki/index.rst:217 +#: ../../configuration/pki/index.rst:219 msgid "Add public key portion for the certificate named `name` to the VyOS CLI." msgstr "Add public key portion for the certificate named `name` to the VyOS CLI." -#: ../../configuration/pki/index.rst:193 +#: ../../configuration/pki/index.rst:195 msgid "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." msgstr "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." @@ -1717,11 +1898,11 @@ msgstr "Add the CAs private key to the VyOS CLI. This should never leave the sys msgid "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." msgstr "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." -#: ../../configuration/pki/index.rst:232 +#: ../../configuration/pki/index.rst:234 msgid "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." msgstr "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." -#: ../../configuration/pki/index.rst:174 +#: ../../configuration/pki/index.rst:176 msgid "Add the public CA certificate for the CA named `name` to the VyOS CLI." msgstr "Add the public CA certificate for the CA named `name` to the VyOS CLI." @@ -1765,11 +1946,11 @@ msgstr "Address Families" msgid "Address Groups" msgstr "Address Groups" -#: ../../configuration/service/dhcp-server.rst:592 +#: ../../configuration/service/dhcp-server.rst:598 msgid "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." msgstr "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." -#: ../../configuration/service/dhcp-server.rst:582 +#: ../../configuration/service/dhcp-server.rst:588 msgid "Address pools" msgstr "Address pools" @@ -1777,14 +1958,30 @@ msgstr "Address pools" msgid "Address to listen for HTTPS requests" msgstr "Address to listen for HTTPS requests" -#: ../../configuration/container/index.rst:136 +#: ../../configuration/container/index.rst:160 +msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." +msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." + +#: ../../configuration/container/index.rst:141 msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." -#: ../../configuration/protocols/bgp.rst:647 +#: ../../configuration/protocols/bgp.rst:669 msgid "Administrative Distance" msgstr "Administrative Distance" +#: ../../configuration/service/ipoe-server.rst:335 +msgid "Advanced Interface Options" +msgstr "Advanced Interface Options" + +#: ../../configuration/service/ipoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:425 +#: ../../configuration/vpn/l2tp.rst:369 +#: ../../configuration/vpn/pptp.rst:293 +#: ../../configuration/vpn/sstp.rst:327 +msgid "Advanced Options" +msgstr "Advanced Options" + #: ../../configuration/nat/nat44.rst:301 msgid "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." msgstr "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." @@ -1797,7 +1994,11 @@ msgstr "Advantages of OpenVPN are:" msgid "Advertise DNS server per https://tools.ietf.org/html/rfc6106" msgstr "Advertise DNS server per https://tools.ietf.org/html/rfc6106" -#: ../../configuration/service/router-advert.rst:53 +#: ../../configuration/service/router-advert.rst:78 +msgid "Advertising a NAT64 Prefix" +msgstr "Advertising a NAT64 Prefix" + +#: ../../configuration/service/router-advert.rst:54 msgid "Advertising a Prefix" msgstr "Advertising a Prefix" @@ -1805,7 +2006,7 @@ msgstr "Advertising a Prefix" msgid "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" msgstr "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" -#: ../../configuration/vrf/index.rst:325 +#: ../../configuration/vrf/index.rst:344 msgid "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." msgstr "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." @@ -1813,10 +2014,18 @@ msgstr "After committing the configuration we can verify all leaked routes are i msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." -#: ../../configuration/pki/index.rst:212 +#: ../../configuration/vpn/ipsec.rst:418 +msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." +msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." + +#: ../../configuration/pki/index.rst:214 msgid "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." msgstr "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." +#: ../../configuration/vpn/ipsec.rst:399 +msgid "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." +msgstr "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." + #: ../../configuration/service/snmp.rst:39 msgid "Agent - software which runs on managed devices" msgstr "Agent - software which runs on managed devices" @@ -1825,7 +2034,7 @@ msgstr "Agent - software which runs on managed devices" msgid "Alert" msgstr "Alert" -#: ../../configuration/highavailability/index.rst:346 +#: ../../configuration/highavailability/index.rst:356 msgid "Algorithm" msgstr "Algorithm" @@ -1833,7 +2042,7 @@ msgstr "Algorithm" msgid "Aliases" msgstr "Aliases" -#: ../../configuration/service/dns.rst:167 +#: ../../configuration/service/dns.rst:154 msgid "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" msgstr "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" @@ -1861,7 +2070,7 @@ msgstr "All interfaces used for the DHCP relay must be configured. This includes msgid "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." msgstr "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." -#: ../../configuration/service/dns.rst:169 +#: ../../configuration/service/dns.rst:156 msgid "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" msgstr "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" @@ -1897,7 +2106,11 @@ msgstr "All traffic to and from an interface within a zone is permitted." msgid "All tunnel sessions can be checked via:" msgstr "All tunnel sessions can be checked via:" -#: ../../configuration/vpn/l2tp.rst:209 +#: ../../configuration/service/ipoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:193 +#: ../../configuration/vpn/l2tp.rst:236 +#: ../../configuration/vpn/pptp.rst:176 +#: ../../configuration/vpn/sstp.rst:209 msgid "Allocation clients ip addresses by RADIUS" msgstr "Allocation clients ip addresses by RADIUS" @@ -1913,7 +2126,7 @@ msgstr "Allow access to sites in a domain without retrieving them from the Proxy msgid "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." msgstr "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." -#: ../../configuration/service/dns.rst:359 +#: ../../configuration/service/dns.rst:362 msgid "Allow explicit IPv6 address for the interface." msgstr "Allow explicit IPv6 address for the interface." @@ -1933,7 +2146,7 @@ msgstr "Allow this BFD peer to not be directly connected" msgid "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." msgstr "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:812 +#: ../../configuration/firewall/ipv4.rst:835 #: ../../configuration/firewall/ipv6.rst:821 #: ../../configuration/system/conntrack.rst:199 msgid "Allowed values fpr TCP flags: ``ack``, ``cwr``, ``ecn``, ``fin``, ``psh``, ``rst``, ``syn`` and ``urg``. Multiple values are supported, and for inverted selection use ``not``, as shown in the example." @@ -1947,11 +2160,11 @@ msgstr "Allows specific VLAN IDs to pass through the bridge member interface. Th msgid "Allows to define URL path matching rules for a specific service." msgstr "Allows to define URL path matching rules for a specific service." -#: ../../configuration/protocols/static.rst:69 +#: ../../configuration/protocols/static.rst:92 msgid "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." -#: ../../configuration/protocols/static.rst:89 +#: ../../configuration/protocols/static.rst:112 msgid "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." @@ -1977,11 +2190,11 @@ msgstr "Also, for those who haven't updated to newer version, legacy documentati msgid "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." msgstr "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." -#: ../../configuration/protocols/static.rst:138 +#: ../../configuration/protocols/static.rst:171 msgid "Alternate Routing Tables" msgstr "Alternate Routing Tables" -#: ../../configuration/protocols/static.rst:142 +#: ../../configuration/protocols/static.rst:175 msgid "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." msgstr "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." @@ -2037,7 +2250,7 @@ msgstr "An agent is a network-management software module that resides on a manag msgid "An alternate command could be \"mpls-te on\" (Traffic Engineering)" msgstr "An alternate command could be \"mpls-te on\" (Traffic Engineering)" -#: ../../configuration/firewall/ipv4.rst:373 +#: ../../configuration/firewall/ipv4.rst:396 msgid "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." msgstr "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." @@ -2062,7 +2275,7 @@ msgstr "An basic introduction to zone-based firewalls can be found `here <https: #: ../../configuration/interfaces/tunnel.rst:71 #: ../../configuration/interfaces/tunnel.rst:93 #: ../../configuration/interfaces/tunnel.rst:194 -#: ../../configuration/system/login.rst:195 +#: ../../configuration/system/login.rst:199 msgid "An example:" msgstr "An example:" @@ -2074,7 +2287,7 @@ msgstr "An example of a configuration that sends ``telegraf`` metrics to remote msgid "An example of creating a VLAN-aware bridge is as follows:" msgstr "An example of creating a VLAN-aware bridge is as follows:" -#: ../../configuration/system/login.rst:149 +#: ../../configuration/system/login.rst:153 msgid "An example of key generation:" msgstr "An example of key generation:" @@ -2102,6 +2315,10 @@ msgstr "And base chain for traffic generated by the router is ``set firewall ipv msgid "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" msgstr "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" +#: ../../configuration/service/ids.rst:138 +msgid "And content of the script:" +msgstr "And content of the script:" + #: ../../configuration/policy/route.rst:76 msgid "And for ipv6:" msgstr "And for ipv6:" @@ -2114,7 +2331,7 @@ msgstr "And next, some configuration example where groups are used:" msgid "And op-mode commands:" msgstr "And op-mode commands:" -#: ../../configuration/system/ip.rst:84 +#: ../../configuration/system/ip.rst:97 msgid "And the different IPv4 **reset** commands available:" msgstr "And the different IPv4 **reset** commands available:" @@ -2131,6 +2348,10 @@ msgstr "Another term often used for DNAT is **1-to-1 NAT**. For a 1-to-1 NAT con msgid "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." msgstr "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." +#: ../../configuration/vpn/ipsec.rst:549 +msgid "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/vrf/index.rst:52 #: ../../configuration/vrf/index.rst:62 msgid "Apply a route-map filter to routes for the specified protocol." @@ -2221,11 +2442,15 @@ msgstr "As a result, the processing of each packet becomes more efficient, poten msgid "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." msgstr "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." +#: ../../configuration/vpn/ipsec.rst:523 +msgid "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." +msgstr "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." + #: ../../configuration/firewall/flowtables.rst:109 msgid "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." msgstr "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." -#: ../../configuration/system/option.rst:80 +#: ../../configuration/system/option.rst:110 msgid "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." msgstr "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." @@ -2265,7 +2490,7 @@ msgstr "As the example image below shows, the device was configured with rules b msgid "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." msgstr "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." -#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/l2tp.rst:86 msgid "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" msgstr "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" @@ -2301,7 +2526,7 @@ msgstr "Assign `<member>` interface to bridge `<interface>`. A completion helper msgid "Assign a specific backend to a rule" msgstr "Assign a specific backend to a rule" -#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:98 msgid "Assign interface identified by `<interface>` to VRF named `<name>`." msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." @@ -2309,7 +2534,10 @@ msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." msgid "Assign member interfaces to PortChannel" msgstr "Assign member interfaces to PortChannel" -#: ../../configuration/vpn/sstp.rst:80 +#: ../../configuration/service/pppoe-server.rst:437 +#: ../../configuration/vpn/l2tp.rst:381 +#: ../../configuration/vpn/pptp.rst:305 +#: ../../configuration/vpn/sstp.rst:339 msgid "Assign static IP address to `<user>` account." msgstr "Assign static IP address to `<user>` account." @@ -2317,7 +2545,7 @@ msgstr "Assign static IP address to `<user>` account." msgid "Assign the IP address to this machine for `<time>` seconds." msgstr "Assign the IP address to this machine for `<time>` seconds." -#: ../../configuration/system/login.rst:62 +#: ../../configuration/system/login.rst:66 msgid "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." msgstr "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." @@ -2401,6 +2629,14 @@ msgstr "Attaches user-defined network to a container. Only one network must be s msgid "Authentication" msgstr "Authentication" +#: ../../configuration/service/ipoe-server.rst:310 +#: ../../configuration/service/pppoe-server.rst:428 +#: ../../configuration/vpn/l2tp.rst:372 +#: ../../configuration/vpn/pptp.rst:296 +#: ../../configuration/vpn/sstp.rst:330 +msgid "Authentication Advanced Options" +msgstr "Authentication Advanced Options" + #: ../../configuration/interfaces/ethernet.rst:99 msgid "Authentication (EAPoL)" msgstr "Authentication (EAPoL)" @@ -2437,11 +2673,11 @@ msgstr "Authentication – to verify that the message is from a valid source." msgid "Authorization token" msgstr "Authorization token" -#: ../../configuration/service/pppoe-server.rst:159 +#: ../../configuration/service/pppoe-server.rst:228 msgid "Automatic VLAN Creation" msgstr "Automatic VLAN Creation" -#: ../../configuration/service/ipoe-server.rst:96 +#: ../../configuration/service/ipoe-server.rst:97 msgid "Automatic VLAN creation" msgstr "Automatic VLAN creation" @@ -2469,7 +2705,7 @@ msgstr "Azure-data-explorer" msgid "BFD" msgstr "BFD" -#: ../../configuration/protocols/bfd.rst:136 +#: ../../configuration/protocols/bfd.rst:143 msgid "BFD Static Route Monitoring" msgstr "BFD Static Route Monitoring" @@ -2505,7 +2741,7 @@ msgstr "BGP Example" msgid "BGP Router Configuration" msgstr "BGP Router Configuration" -#: ../../configuration/protocols/bgp.rst:888 +#: ../../configuration/protocols/bgp.rst:910 msgid "BGP Scaling Configuration" msgstr "BGP Scaling Configuration" @@ -2517,7 +2753,7 @@ msgstr "BGP aggregator attribute: AS number or IP address of an aggregation." msgid "BGP as-path list to match." msgstr "BGP as-path list to match." -#: ../../configuration/policy/route-map.rst:216 +#: ../../configuration/policy/route-map.rst:219 msgid "BGP atomic aggregate attribute." msgstr "BGP atomic aggregate attribute." @@ -2533,11 +2769,11 @@ msgstr "BGP extended community to match." msgid "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" msgstr "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" -#: ../../configuration/protocols/bgp.rst:890 +#: ../../configuration/protocols/bgp.rst:912 msgid "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." msgstr "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." -#: ../../configuration/vrf/index.rst:413 +#: ../../configuration/vrf/index.rst:432 msgid "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." msgstr "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." @@ -2569,18 +2805,16 @@ msgstr "Balancing Rules" msgid "Balancing based on domain name" msgstr "Balancing based on domain name" -#: ../../configuration/service/ipoe-server.rst:122 -#: ../../configuration/service/pppoe-server.rst:182 -#: ../../configuration/vpn/l2tp.rst:113 +#: ../../configuration/service/pppoe-server.rst:251 msgid "Bandwidth Shaping" msgstr "Bandwidth Shaping" -#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/ipoe-server.rst:129 #: ../../configuration/vpn/l2tp.rst:118 msgid "Bandwidth Shaping for local users" msgstr "Bandwidth Shaping for local users" -#: ../../configuration/service/pppoe-server.rst:184 +#: ../../configuration/service/pppoe-server.rst:253 msgid "Bandwidth rate limits can be set for local users or RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or RADIUS based attributes." @@ -2588,7 +2822,7 @@ msgstr "Bandwidth rate limits can be set for local users or RADIUS based attribu msgid "Bandwidth rate limits can be set for local users or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or via RADIUS based attributes." -#: ../../configuration/service/ipoe-server.rst:124 +#: ../../configuration/service/ipoe-server.rst:125 msgid "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." @@ -2648,7 +2882,7 @@ msgstr "Before enabling any hardware segmentation offload a corresponding softwa msgid "Before you are able to apply a rule-set to a zone you have to create the zones first." msgstr "Before you are able to apply a rule-set to a zone you have to create the zones first." -#: ../../configuration/vpn/site2site_ipsec.rst:422 +#: ../../configuration/vpn/site2site_ipsec.rst:425 msgid "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." msgstr "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." @@ -2672,6 +2906,10 @@ msgstr "Bidirectional NAT" msgid "Binary value" msgstr "Binary value" +#: ../../configuration/container/index.rst:153 +msgid "Bind container network to a given VRF instance." +msgstr "Bind container network to a given VRF instance." + #: ../../configuration/protocols/bfd.rst:39 msgid "Bind listener to specific interface/address, mandatory for IPv6" msgstr "Bind listener to specific interface/address, mandatory for IPv6" @@ -2680,7 +2918,7 @@ msgstr "Bind listener to specific interface/address, mandatory for IPv6" msgid "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." msgstr "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." -#: ../../configuration/protocols/static.rst:108 +#: ../../configuration/protocols/static.rst:142 msgid "Blackhole" msgstr "Blackhole" @@ -2708,11 +2946,11 @@ msgstr "Bond / Link Aggregation" msgid "Bond options" msgstr "Bond options" -#: ../../configuration/service/dhcp-server.rst:306 +#: ../../configuration/service/dhcp-server.rst:312 msgid "Boot image length in 512-octet blocks" msgstr "Boot image length in 512-octet blocks" -#: ../../configuration/service/dhcp-server.rst:301 +#: ../../configuration/service/dhcp-server.rst:307 msgid "Bootstrap file name" msgstr "Bootstrap file name" @@ -2761,6 +2999,14 @@ msgstr "Bridge answers on IP address 192.0.2.1/24 and 2001:db8::ffff/64" msgid "Bridge maximum aging `<time>` in seconds (default: 20)." msgstr "Bridge maximum aging `<time>` in seconds (default: 20)." +#: ../../configuration/service/ipoe-server.rst:360 +#: ../../configuration/service/pppoe-server.rst:526 +#: ../../configuration/vpn/l2tp.rst:480 +#: ../../configuration/vpn/pptp.rst:404 +#: ../../configuration/vpn/sstp.rst:438 +msgid "Burst count" +msgstr "Burst count" + #: ../../configuration/interfaces/pppoe.rst:41 msgid "Business Users" msgstr "Business Users" @@ -2777,11 +3023,11 @@ msgstr "By default, FRR will bring up peering with minimal common capability for msgid "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." msgstr "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." -#: ../../configuration/system/login.rst:126 +#: ../../configuration/system/login.rst:130 msgid "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." msgstr "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." -#: ../../configuration/service/dns.rst:393 +#: ../../configuration/service/dns.rst:401 msgid "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." msgstr "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." @@ -2794,6 +3040,10 @@ msgstr "By default, enabling RPKI does not change best path selection. In partic msgid "By default, it supports both planned and unplanned outages." msgstr "By default, it supports both planned and unplanned outages." +#: ../../configuration/protocols/bgp.rst:661 +msgid "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." +msgstr "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." + #: ../../configuration/service/https.rst:45 msgid "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." msgstr "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." @@ -2839,7 +3089,7 @@ msgstr "By using Pseudo-Ethernet interfaces there will be less system overhead c msgid "Bypassing the webproxy" msgstr "Bypassing the webproxy" -#: ../../configuration/pki/index.rst:170 +#: ../../configuration/pki/index.rst:172 msgid "CA (Certificate Authority)" msgstr "CA (Certificate Authority)" @@ -2860,20 +3110,20 @@ msgstr "Capability Negotiation" msgid "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." msgstr "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." -#: ../../configuration/pki/index.rst:33 +#: ../../configuration/pki/index.rst:35 msgid "Certificate Authority (CA)" msgstr "Certificate Authority (CA)" -#: ../../configuration/pki/index.rst:185 +#: ../../configuration/pki/index.rst:187 msgid "Certificate revocation list in PEM format." msgstr "Certificate revocation list in PEM format." -#: ../../configuration/pki/index.rst:63 +#: ../../configuration/pki/index.rst:65 #: ../../configuration/vpn/sstp.rst:27 msgid "Certificates" msgstr "Certificates" -#: ../../configuration/system/option.rst:66 +#: ../../configuration/system/option.rst:96 msgid "Change system keyboard layout to given language." msgstr "Change system keyboard layout to given language." @@ -2889,7 +3139,7 @@ msgstr "Changes in BGP policies require the BGP session to be cleared. Clearing msgid "Changes to the NAT system only affect newly established connections. Already established connections are not affected." msgstr "Changes to the NAT system only affect newly established connections. Already established connections are not affected." -#: ../../configuration/system/option.rst:70 +#: ../../configuration/system/option.rst:100 msgid "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." msgstr "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." @@ -2909,11 +3159,11 @@ msgstr "Check if the Intel® QAT device is up and ready to do the job." msgid "Check status" msgstr "Check status" -#: ../../configuration/system/ipv6.rst:64 +#: ../../configuration/system/ipv6.rst:77 msgid "Check the many parameters available for the `show ipv6 route` command:" msgstr "Check the many parameters available for the `show ipv6 route` command:" -#: ../../configuration/service/pppoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:315 msgid "Checking connections" msgstr "Checking connections" @@ -2945,11 +3195,11 @@ msgstr "Class treatment" msgid "Classes" msgstr "Classes" -#: ../../configuration/service/dhcp-server.rst:326 +#: ../../configuration/service/dhcp-server.rst:332 msgid "Classless static route" msgstr "Classless static route" -#: ../../configuration/policy/route-map.rst:269 +#: ../../configuration/policy/route-map.rst:272 msgid "Clear all BGP extcommunities." msgstr "Clear all BGP extcommunities." @@ -2973,7 +3223,15 @@ msgstr "Client Authentication" msgid "Client Configuration" msgstr "Client Configuration" -#: ../../configuration/vpn/sstp.rst:289 +#: ../../configuration/service/ipoe-server.rst:328 +#: ../../configuration/service/pppoe-server.rst:446 +#: ../../configuration/vpn/l2tp.rst:400 +#: ../../configuration/vpn/pptp.rst:324 +#: ../../configuration/vpn/sstp.rst:358 +msgid "Client IP Pool Advanced Options" +msgstr "Client IP Pool Advanced Options" + +#: ../../configuration/vpn/sstp.rst:358 msgid "Client IP addresses will be provided from pool `192.0.2.0/25`" msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" @@ -2981,15 +3239,15 @@ msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" msgid "Client Side" msgstr "Client Side" -#: ../../configuration/service/ipoe-server.rst:184 +#: ../../configuration/service/ipoe-server.rst:186 msgid "Client configuration" msgstr "Client configuration" -#: ../../configuration/service/dhcp-server.rst:266 +#: ../../configuration/service/dhcp-server.rst:272 msgid "Client domain name" msgstr "Client domain name" -#: ../../configuration/service/dhcp-server.rst:321 +#: ../../configuration/service/dhcp-server.rst:327 msgid "Client domain search" msgstr "Client domain search" @@ -3001,7 +3259,7 @@ msgstr "Client isolation can be used to prevent low-level bridging of frames bet msgid "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" msgstr "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" -#: ../../configuration/service/dhcp-server.rst:514 +#: ../../configuration/service/dhcp-server.rst:520 msgid "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." msgstr "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." @@ -3019,11 +3277,11 @@ msgstr "Command completion can be used to list available time zones. The adjustm msgid "Command for disabling a rule but keep it in the configuration." msgstr "Command for disabling a rule but keep it in the configuration." -#: ../../configuration/vrf/index.rst:128 +#: ../../configuration/vrf/index.rst:147 msgid "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." msgstr "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." -#: ../../configuration/firewall/ipv4.rst:1179 +#: ../../configuration/firewall/ipv4.rst:1202 #: ../../configuration/firewall/ipv6.rst:1195 msgid "Command used to update GeoIP database and firewall sets." msgstr "Command used to update GeoIP database and firewall sets." @@ -3032,7 +3290,7 @@ msgstr "Command used to update GeoIP database and firewall sets." msgid "Commands" msgstr "Commands" -#: ../../configuration/service/dhcp-server.rst:379 +#: ../../configuration/service/dhcp-server.rst:385 msgid "Common configuration, valid for both primary and secondary node." msgstr "Common configuration, valid for both primary and secondary node." @@ -3059,7 +3317,7 @@ msgstr "Common interface configuration" msgid "Common parameters" msgstr "Common parameters" -#: ../../configuration/protocols/bgp.rst:927 +#: ../../configuration/protocols/bgp.rst:949 msgid "Confederation Configuration" msgstr "Confederation Configuration" @@ -3098,7 +3356,7 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/policy/local-route.rst:9 #: ../../configuration/policy/prefix-list.rst:16 #: ../../configuration/policy/route-map.rst:10 -#: ../../configuration/protocols/bfd.rst:143 +#: ../../configuration/protocols/bfd.rst:150 #: ../../configuration/protocols/bgp.rst:164 #: ../../configuration/protocols/igmp-proxy.rst:14 #: ../../configuration/protocols/isis.rst:28 @@ -3111,15 +3369,15 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/service/dhcp-relay.rst:19 #: ../../configuration/service/dhcp-relay.rst:137 #: ../../configuration/service/dhcp-server.rst:22 -#: ../../configuration/service/dhcp-server.rst:510 +#: ../../configuration/service/dhcp-server.rst:516 #: ../../configuration/service/dns.rst:8 -#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:214 #: ../../configuration/service/https.rst:14 -#: ../../configuration/service/ipoe-server.rst:28 +#: ../../configuration/service/ids.rst:20 #: ../../configuration/service/lldp.rst:36 #: ../../configuration/service/mdns.rst:19 #: ../../configuration/service/ntp.rst:40 -#: ../../configuration/service/pppoe-server.rst:17 +#: ../../configuration/service/router-advert.rst:28 #: ../../configuration/service/salt-minion.rst:25 #: ../../configuration/service/ssh.rst:36 #: ../../configuration/service/tftp-server.rst:14 @@ -3127,18 +3385,18 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/system/default-route.rst:12 #: ../../configuration/system/flow-accounting.rst:43 #: ../../configuration/system/lcd.rst:17 -#: ../../configuration/system/login.rst:241 -#: ../../configuration/system/login.rst:310 +#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:314 #: ../../configuration/system/sflow.rst:12 #: ../../configuration/system/updates.rst:8 #: ../../configuration/vpn/dmvpn.rst:38 #: ../../configuration/vpn/dmvpn.rst:182 #: ../../configuration/vpn/openconnect.rst:21 -#: ../../configuration/vpn/sstp.rst:65 +#: ../../configuration/vpn/sstp.rst:40 #: ../../configuration/vrf/index.rst:16 -#: ../../configuration/vrf/index.rst:253 -#: ../../configuration/vrf/index.rst:288 -#: ../../configuration/vrf/index.rst:436 +#: ../../configuration/vrf/index.rst:272 +#: ../../configuration/vrf/index.rst:307 +#: ../../configuration/vrf/index.rst:455 msgid "Configuration" msgstr "Configuration" @@ -3148,8 +3406,8 @@ msgstr "Configuration" #: ../../configuration/protocols/pim6.rst:78 #: ../../configuration/protocols/rip.rst:239 #: ../../configuration/protocols/segment-routing.rst:187 -#: ../../configuration/system/login.rst:279 -#: ../../configuration/system/login.rst:350 +#: ../../configuration/system/login.rst:283 +#: ../../configuration/system/login.rst:354 msgid "Configuration Example" msgstr "Configuration Example" @@ -3171,7 +3429,7 @@ msgstr "Configuration Options" msgid "Configuration commands covered in this section:" msgstr "Configuration commands covered in this section:" -#: ../../configuration/vpn/ipsec.rst:284 +#: ../../configuration/vpn/ipsec.rst:288 msgid "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" msgstr "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" @@ -3183,7 +3441,7 @@ msgstr "Configuration commands will display. Note the command with the public ke msgid "Configuration example:" msgstr "Configuration example:" -#: ../../configuration/vrf/index.rst:430 +#: ../../configuration/vrf/index.rst:449 msgid "Configuration for these exported routes must, at a minimum, specify these two parameters." msgstr "Configuration for these exported routes must, at a minimum, specify these two parameters." @@ -3191,15 +3449,15 @@ msgstr "Configuration for these exported routes must, at a minimum, specify thes msgid "Configuration of :ref:`routing-static`" msgstr "Configuration of :ref:`routing-static`" -#: ../../configuration/service/dhcp-server.rst:371 +#: ../../configuration/service/dhcp-server.rst:377 msgid "Configuration of a DHCP failover pair" msgstr "Configuration of a DHCP failover pair" -#: ../../configuration/vrf/index.rst:438 +#: ../../configuration/vrf/index.rst:457 msgid "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." msgstr "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." -#: ../../configuration/protocols/static.rst:166 +#: ../../configuration/protocols/static.rst:199 #: ../../configuration/system/conntrack.rst:12 msgid "Configure" msgstr "Configure" @@ -3208,11 +3466,11 @@ msgstr "Configure" msgid "Configure BFD" msgstr "Configure BFD" -#: ../../configuration/service/dns.rst:258 +#: ../../configuration/service/dns.rst:245 msgid "Configure DNS `<record>` which should be updated. This can be set multiple times." msgstr "Configure DNS `<record>` which should be updated. This can be set multiple times." -#: ../../configuration/service/dns.rst:253 +#: ../../configuration/service/dns.rst:241 msgid "Configure DNS `<zone>` to be updated." msgstr "Configure DNS `<zone>` to be updated." @@ -3230,15 +3488,27 @@ msgstr "Configure Graceful Restart :rfc:`3623` helper support. By default, helpe msgid "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." msgstr "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." +#: ../../configuration/service/ids.rst:69 +msgid "Configure ICMP threshold parameters." +msgstr "Configure ICMP threshold parameters." + #: ../../configuration/service/dhcp-relay.rst:40 msgid "Configure IP address of the DHCP `<server>` which will handle the relayed packets." msgstr "Configure IP address of the DHCP `<server>` which will handle the relayed packets." -#: ../../configuration/vpn/sstp.rst:214 +#: ../../configuration/service/ipoe-server.rst:162 +#: ../../configuration/service/pppoe-server.rst:124 +#: ../../configuration/vpn/l2tp.rst:167 +#: ../../configuration/vpn/pptp.rst:107 +#: ../../configuration/vpn/sstp.rst:140 msgid "Configure RADIUS `<server>` and its required port for authentication requests." msgstr "Configure RADIUS `<server>` and its required port for authentication requests." -#: ../../configuration/vpn/sstp.rst:218 +#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/pppoe-server.rst:90 +#: ../../configuration/vpn/l2tp.rst:133 +#: ../../configuration/vpn/pptp.rst:73 +#: ../../configuration/vpn/sstp.rst:106 msgid "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." @@ -3246,23 +3516,39 @@ msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for commu msgid "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." msgstr "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." +#: ../../configuration/service/ids.rst:74 +msgid "Configure TCP threshold parameters" +msgstr "Configure TCP threshold parameters" + +#: ../../configuration/service/ids.rst:79 +msgid "Configure UDP threshold parameters" +msgstr "Configure UDP threshold parameters" + #: ../../_include/interface-mtu.txt:4 msgid "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." msgstr "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." -#: ../../configuration/system/login.rst:375 +#: ../../configuration/system/login.rst:379 msgid "Configure `<message>` which is shown after user has logged in to the system." msgstr "Configure `<message>` which is shown after user has logged in to the system." -#: ../../configuration/system/login.rst:370 +#: ../../configuration/system/login.rst:374 msgid "Configure `<message>` which is shown during SSH connect and before a user is logged in." msgstr "Configure `<message>` which is shown during SSH connect and before a user is logged in." -#: ../../configuration/service/dns.rst:341 +#: ../../configuration/service/dns.rst:346 +msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:355 msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." -#: ../../configuration/service/dns.rst:334 +#: ../../configuration/service/dns.rst:341 +msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:348 msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." @@ -3274,13 +3560,13 @@ msgstr "Configure a URL that contains information about images." msgid "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." msgstr "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." -#: ../../configuration/protocols/bfd.rst:154 -#: ../../configuration/protocols/bfd.rst:167 +#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:174 msgid "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." -#: ../../configuration/protocols/bfd.rst:148 -#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:155 +#: ../../configuration/protocols/bfd.rst:168 msgid "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." @@ -3304,6 +3590,10 @@ msgstr "Configure agent IP address associated with this interface." msgid "Configure aggregation delay timer interval." msgstr "Configure aggregation delay timer interval." +#: ../../configuration/service/ids.rst:24 +msgid "Configure alert script that will be executed when an attack is detected." +msgstr "Configure alert script that will be executed when an attack is detected." + #: ../../configuration/vpn/openconnect.rst:285 msgid "Configure an accounting server and enable accounting with:" msgstr "Configure an accounting server and enable accounting with:" @@ -3328,6 +3618,10 @@ msgstr "Configure backend `<name>` mode TCP or HTTP" msgid "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" msgstr "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" +#: ../../configuration/service/ids.rst:33 +msgid "Configure direction for processing traffic." +msgstr "Configure direction for processing traffic." + #: ../../configuration/service/console-server.rst:49 msgid "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." msgstr "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." @@ -3336,6 +3630,14 @@ msgstr "Configure either one or two stop bits. This defaults to one stop bits if msgid "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." msgstr "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." +#: ../../configuration/service/ids.rst:64 +msgid "Configure general threshold parameters." +msgstr "Configure general threshold parameters." + +#: ../../configuration/service/ids.rst:28 +msgid "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." +msgstr "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." + #: ../../configuration/interfaces/bridge.rst:46 msgid "Configure individual bridge port `<priority>`." msgstr "Configure individual bridge port `<priority>`." @@ -3353,6 +3655,14 @@ msgstr "Configure interface-specific Host/Router behaviour. If set, the interfac msgid "Configure interface `<interface>` with one or more interface addresses." msgstr "Configure interface `<interface>` with one or more interface addresses." +#: ../../configuration/service/ids.rst:42 +msgid "Configure listen interface for mirroring traffic." +msgstr "Configure listen interface for mirroring traffic." + +#: ../../configuration/service/ids.rst:55 +msgid "Configure local IPv4 address to listen for sflow." +msgstr "Configure local IPv4 address to listen for sflow." + #: ../../configuration/service/snmp.rst:148 msgid "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" msgstr "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" @@ -3369,7 +3679,7 @@ msgstr "Configure next-hop `<address>` for an IPv4 static route. Multiple static msgid "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." msgstr "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." -#: ../../configuration/system/option.rst:95 +#: ../../configuration/system/option.rst:125 msgid "Configure one of the predefined system performance profiles." msgstr "Configure one of the predefined system performance profiles." @@ -3381,7 +3691,7 @@ msgstr "Configure one or more attributes to the given NTP server." msgid "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." msgstr "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." -#: ../../configuration/service/dns.rst:264 +#: ../../configuration/service/dns.rst:249 msgid "Configure optional TTL value on the given resource record. This defaults to 600 seconds." msgstr "Configure optional TTL value on the given resource record. This defaults to 600 seconds." @@ -3405,6 +3715,10 @@ msgstr "Configure port mirroring for `interface` outbound traffic and copy the t msgid "Configure port number of remote VXLAN endpoint." msgstr "Configure port number of remote VXLAN endpoint." +#: ../../configuration/service/ids.rst:59 +msgid "Configure port number to be used for sflow conection. Default port is 6343." +msgstr "Configure port number to be used for sflow conection. Default port is 6343." + #: ../../configuration/system/syslog.rst:73 msgid "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." msgstr "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." @@ -3429,7 +3743,7 @@ msgstr "Configure service `<name>` mode TCP or HTTP" msgid "Configure service `<name>` to use the backend <name>" msgstr "Configure service `<name>` to use the backend <name>" -#: ../../configuration/system/login.rst:394 +#: ../../configuration/system/login.rst:398 msgid "Configure session timeout after which the user will be logged out." msgstr "Configure session timeout after which the user will be logged out." @@ -3445,7 +3759,7 @@ msgstr "Configure the A-side router for NPTv6 using the prefixes above:" msgid "Configure the B-side router for NPTv6 using the prefixes above:" msgstr "Configure the B-side router for NPTv6 using the prefixes above:" -#: ../../configuration/service/dns.rst:247 +#: ../../configuration/service/dns.rst:236 msgid "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." msgstr "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." @@ -3457,11 +3771,11 @@ msgstr "Configure the IPv4 or IPv6 listen address of the TFTP server. Multiple I msgid "Configure the connection tracking protocol helper modules. All modules are enable by default." msgstr "Configure the connection tracking protocol helper modules. All modules are enable by default." -#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:256 msgid "Configure the discrete port under which the RADIUS server can be reached." msgstr "Configure the discrete port under which the RADIUS server can be reached." -#: ../../configuration/system/login.rst:321 +#: ../../configuration/system/login.rst:325 msgid "Configure the discrete port under which the TACACS server can be reached." msgstr "Configure the discrete port under which the TACACS server can be reached." @@ -3469,6 +3783,10 @@ msgstr "Configure the discrete port under which the TACACS server can be reached msgid "Configure the load-balancing reverse-proxy service for HTTP." msgstr "Configure the load-balancing reverse-proxy service for HTTP." +#: ../../configuration/service/ids.rst:46 +msgid "Configure traffic capture mode." +msgstr "Configure traffic capture mode." + #: ../../_include/interface-mac.txt:4 msgid "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." msgstr "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." @@ -3489,10 +3807,54 @@ msgstr "Configured value" msgid "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." msgstr "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." +#: ../../configuration/service/ipoe-server.rst:27 +msgid "Configuring IPoE Server" +msgstr "Configuring IPoE Server" + +#: ../../configuration/vpn/l2tp.rst:57 +msgid "Configuring IPsec" +msgstr "Configuring IPsec" + +#: ../../configuration/vpn/l2tp.rst:12 +msgid "Configuring L2TP Server" +msgstr "Configuring L2TP Server" + +#: ../../configuration/vpn/l2tp.rst:270 +msgid "Configuring LNS (L2TP Network Server)" +msgstr "Configuring LNS (L2TP Network Server)" + +#: ../../configuration/service/pppoe-server.rst:18 +msgid "Configuring PPPoE Server" +msgstr "Configuring PPPoE Server" + +#: ../../configuration/vpn/pptp.rst:13 +msgid "Configuring PPTP Server" +msgstr "Configuring PPTP Server" + #: ../../configuration/vpn/openconnect.rst:279 msgid "Configuring RADIUS accounting" msgstr "Configuring RADIUS accounting" +#: ../../configuration/service/ipoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:76 +#: ../../configuration/vpn/l2tp.rst:119 +#: ../../configuration/vpn/pptp.rst:59 +#: ../../configuration/vpn/sstp.rst:92 +msgid "Configuring RADIUS authentication" +msgstr "Configuring RADIUS authentication" + +#: ../../configuration/vpn/sstp.rst:24 +msgid "Configuring SSTP Server" +msgstr "Configuring SSTP Server" + +#: ../../configuration/vpn/sstp.rst:476 +msgid "Configuring SSTP client" +msgstr "Configuring SSTP client" + +#: ../../configuration/vpn/ipsec.rst:494 +msgid "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." +msgstr "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." + #: ../../configuration/service/tftp-server.rst:39 msgid "Configuring a listen-address is essential for the service to work." msgstr "Configuring a listen-address is essential for the service to work." @@ -3502,11 +3864,15 @@ msgstr "Configuring a listen-address is essential for the service to work." msgid "Connect/Disconnect" msgstr "Connect/Disconnect" -#: ../../configuration/vpn/sstp.rst:155 +#: ../../configuration/service/ipoe-server.rst:376 +#: ../../configuration/service/pppoe-server.rst:546 +#: ../../configuration/vpn/l2tp.rst:500 +#: ../../configuration/vpn/pptp.rst:424 +#: ../../configuration/vpn/sstp.rst:458 msgid "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." msgstr "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." -#: ../../configuration/protocols/rpki.rst:129 +#: ../../configuration/protocols/rpki.rst:143 msgid "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." msgstr "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." @@ -3542,7 +3908,7 @@ msgstr "Console" msgid "Console Server" msgstr "Console Server" -#: ../../configuration/container/index.rst:106 +#: ../../configuration/container/index.rst:111 msgid "Constrain the memory available to the container." msgstr "Constrain the memory available to the container." @@ -3550,6 +3916,14 @@ msgstr "Constrain the memory available to the container." msgid "Container" msgstr "Container" +#: ../../configuration/container/index.rst:136 +msgid "Container Networks" +msgstr "Container Networks" + +#: ../../configuration/container/index.rst:156 +msgid "Container Registry" +msgstr "Container Registry" + #: ../../configuration/system/conntrack.rst:65 msgid "Contrack Timeouts" msgstr "Contrack Timeouts" @@ -3590,7 +3964,10 @@ msgstr "Create DHCP address range with a range id of `<n>`. DHCP leases are take msgid "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" msgstr "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" -#: ../../configuration/vpn/sstp.rst:70 +#: ../../configuration/service/pppoe-server.rst:49 +#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/pptp.rst:38 +#: ../../configuration/vpn/sstp.rst:63 msgid "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." msgstr "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." @@ -3606,6 +3983,10 @@ msgstr "Create a file named ``VyOS-1.3.6.1.4.1.44641.ConfigMgmt-Commands`` using msgid "Create a load balancing rule, it can be a number between 1 and 9999:" msgstr "Create a load balancing rule, it can be a number between 1 and 9999:" +#: ../../configuration/service/dhcp-server.rst:189 +msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." +msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." + #: ../../configuration/service/dhcp-server.rst:183 msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." @@ -3614,31 +3995,31 @@ msgstr "Create a new DHCP static mapping named `<description>` which is valid fo msgid "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." msgstr "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." -#: ../../configuration/pki/index.rst:40 -#: ../../configuration/pki/index.rst:45 +#: ../../configuration/pki/index.rst:42 +#: ../../configuration/pki/index.rst:47 msgid "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." msgstr "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." -#: ../../configuration/pki/index.rst:67 -#: ../../configuration/pki/index.rst:71 +#: ../../configuration/pki/index.rst:69 +#: ../../configuration/pki/index.rst:73 msgid "Create a new public/private keypair and output the certificate on the console." msgstr "Create a new public/private keypair and output the certificate on the console." -#: ../../configuration/pki/index.rst:89 -#: ../../configuration/pki/index.rst:94 +#: ../../configuration/pki/index.rst:91 +#: ../../configuration/pki/index.rst:96 msgid "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." msgstr "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." -#: ../../configuration/pki/index.rst:77 -#: ../../configuration/pki/index.rst:82 +#: ../../configuration/pki/index.rst:79 +#: ../../configuration/pki/index.rst:84 msgid "Create a new self-signed certificate. The public/private is then shown on the console." msgstr "Create a new self-signed certificate. The public/private is then shown on the console." -#: ../../configuration/pki/index.rst:52 +#: ../../configuration/pki/index.rst:54 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." -#: ../../configuration/pki/index.rst:57 +#: ../../configuration/pki/index.rst:59 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." @@ -3686,10 +4067,15 @@ msgstr "Create named `<alias>` for the configured static mapping for `<hostname> msgid "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." msgstr "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." -#: ../../configuration/service/dns.rst:234 +#: ../../configuration/service/dns.rst:248 msgid "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." msgstr "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +#: ../../configuration/service/dns.rst:221 +#: ../../configuration/service/dns.rst:326 +msgid "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +msgstr "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." + #: ../../configuration/system/login.rst:21 msgid "Create new system user with username `<name>` and real-name specified by `<string>`." msgstr "Create new system user with username `<name>` and real-name specified by `<string>`." @@ -3698,10 +4084,14 @@ msgstr "Create new system user with username `<name>` and real-name specified by msgid "Create service `<name>` to listen on <port>" msgstr "Create service `<name>` to listen on <port>" -#: ../../configuration/container/index.rst:132 +#: ../../configuration/container/index.rst:140 msgid "Creates a named container network" msgstr "Creates a named container network" +#: ../../configuration/service/ipoe-server.rst:55 +msgid "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" +msgstr "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" + #: ../../configuration/vpn/dmvpn.rst:83 msgid "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." msgstr "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." @@ -3722,6 +4112,10 @@ msgstr "Creating a traffic policy" msgid "Creating rules for using flow tables:" msgstr "Creating rules for using flow tables:" +#: ../../configuration/container/index.rst:173 +msgid "Credentials can be defined here and will only be used when adding a container image to the system." +msgstr "Credentials can be defined here and will only be used when adding a container image to the system." + #: ../../configuration/system/syslog.rst:178 msgid "Critical" msgstr "Critical" @@ -3754,7 +4148,7 @@ msgstr "Cur Hop Limit" msgid "Currently does not do much as caching is not implemented." msgstr "Currently does not do much as caching is not implemented." -#: ../../configuration/vrf/index.rst:86 +#: ../../configuration/vrf/index.rst:105 msgid "Currently dynamic routing is supported for the following protocols:" msgstr "Currently dynamic routing is supported for the following protocols:" @@ -3778,7 +4172,7 @@ msgstr "Custom firewall chains can be created, with commands ``set firewall ipv4 msgid "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." msgstr "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." -#: ../../configuration/highavailability/index.rst:373 +#: ../../configuration/highavailability/index.rst:383 msgid "Custom health-check script allows checking real-server availability" msgstr "Custom health-check script allows checking real-server availability" @@ -3794,6 +4188,10 @@ msgstr "DCO can be enabled for both new and existing tunnels,VyOS adds an option msgid "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." msgstr "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." +#: ../../configuration/service/ids.rst:5 +msgid "DDoS Protection" +msgstr "DDoS Protection" + #: ../../configuration/service/dhcp-relay.rst:5 msgid "DHCP Relay" msgstr "DHCP Relay" @@ -3802,15 +4200,15 @@ msgstr "DHCP Relay" msgid "DHCP Server" msgstr "DHCP Server" -#: ../../configuration/service/dhcp-server.rst:351 +#: ../../configuration/service/dhcp-server.rst:357 msgid "DHCP failover parameters" msgstr "DHCP failover parameters" -#: ../../configuration/service/dhcp-server.rst:341 +#: ../../configuration/service/dhcp-server.rst:347 msgid "DHCP lease range" msgstr "DHCP lease range" -#: ../../configuration/service/dhcp-server.rst:377 +#: ../../configuration/service/dhcp-server.rst:383 msgid "DHCP range spans from `192.168.189.10` - `192.168.189.250`" msgstr "DHCP range spans from `192.168.189.10` - `192.168.189.250`" @@ -3822,7 +4220,7 @@ msgstr "DHCP relay example" msgid "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." msgstr "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." -#: ../../configuration/service/dhcp-server.rst:584 +#: ../../configuration/service/dhcp-server.rst:590 msgid "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." msgstr "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." @@ -3887,11 +4285,11 @@ msgstr "DNS name servers" msgid "DNS search list to advertise" msgstr "DNS search list to advertise" -#: ../../configuration/service/dhcp-server.rst:261 +#: ../../configuration/service/dhcp-server.rst:267 msgid "DNS server IPv4 address" msgstr "DNS server IPv4 address" -#: ../../configuration/service/dhcp-server.rst:591 +#: ../../configuration/service/dhcp-server.rst:597 msgid "DNS server is located at ``2001:db8::ffff``" msgstr "DNS server is located at ``2001:db8::ffff``" @@ -3903,7 +4301,7 @@ msgstr "DSCP values as per :rfc:`2474` and :rfc:`4595`:" msgid "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" msgstr "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" -#: ../../configuration/firewall/ipv4.rst:444 +#: ../../configuration/firewall/ipv4.rst:467 #: ../../configuration/firewall/ipv6.rst:451 msgid "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." msgstr "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." @@ -3940,15 +4338,18 @@ msgstr "Default Gateway/Route" msgid "Default Router Preference" msgstr "Default Router Preference" -#: ../../configuration/vpn/sstp.rst:201 +#: ../../configuration/service/pppoe-server.rst:509 +#: ../../configuration/vpn/l2tp.rst:463 +#: ../../configuration/vpn/pptp.rst:387 +#: ../../configuration/vpn/sstp.rst:421 msgid "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." msgstr "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." -#: ../../configuration/service/dhcp-server.rst:374 +#: ../../configuration/service/dhcp-server.rst:380 msgid "Default gateway and DNS server is at `192.0.2.254`" msgstr "Default gateway and DNS server is at `192.0.2.254`" -#: ../../configuration/container/index.rst:108 +#: ../../configuration/container/index.rst:113 msgid "Default is 512 MB. Use 0 MB for unlimited memory." msgstr "Default is 512 MB. Use 0 MB for unlimited memory." @@ -3976,7 +4377,7 @@ msgstr "Defaults to 'uid'" msgid "Defaults to 225.0.0.50." msgstr "Defaults to 225.0.0.50." -#: ../../configuration/system/option.rst:68 +#: ../../configuration/system/option.rst:98 msgid "Defaults to ``us``." msgstr "Defaults to ``us``." @@ -3988,6 +4389,10 @@ msgstr "Define Conection Timeouts" msgid "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." msgstr "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." +#: ../../configuration/container/index.rst:148 +msgid "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." +msgstr "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." + #: ../../configuration/firewall/groups.rst:52 msgid "Define a IPv4 or IPv6 Network group." msgstr "Define a IPv4 or IPv6 Network group." @@ -4040,6 +4445,10 @@ msgstr "Define different modes for sending replies in response to received ARP r msgid "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." msgstr "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." +#: ../../configuration/service/ntp.rst:88 +msgid "Define how to handle leaf-seonds." +msgstr "Define how to handle leaf-seonds." + #: ../../configuration/firewall/flowtables.rst:71 msgid "Define interfaces to be used in the flowtable." msgstr "Define interfaces to be used in the flowtable." @@ -4080,7 +4489,7 @@ msgstr "Define the zone as a local zone. A local zone has no interfaces and will msgid "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." msgstr "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." -#: ../../configuration/protocols/rpki.rst:114 +#: ../../configuration/protocols/rpki.rst:128 msgid "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." msgstr "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." @@ -4092,26 +4501,47 @@ msgstr "Defines alternate sources for multicasting and IGMP data. The network ad msgid "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." msgstr "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." -#: ../../configuration/protocols/static.rst:120 -#: ../../configuration/protocols/static.rst:133 +#: ../../configuration/protocols/static.rst:154 +#: ../../configuration/protocols/static.rst:167 msgid "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:496 +#: ../../configuration/vpn/l2tp.rst:450 +#: ../../configuration/vpn/pptp.rst:374 +#: ../../configuration/vpn/sstp.rst:408 +msgid "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." +msgstr "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." + #: ../../configuration/protocols/static.rst:34 #: ../../configuration/protocols/static.rst:54 -#: ../../configuration/protocols/static.rst:81 -#: ../../configuration/protocols/static.rst:101 +#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:124 msgid "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:515 +#: ../../configuration/vpn/l2tp.rst:469 +#: ../../configuration/vpn/pptp.rst:393 +#: ../../configuration/vpn/sstp.rst:427 +msgid "Defines preferred MRU. By default is not defined." +msgstr "Defines preferred MRU. By default is not defined." + #: ../../configuration/protocols/failover.rst:31 msgid "Defines protocols for checking ARP, ICMP, TCP" msgstr "Defines protocols for checking ARP, ICMP, TCP" -#: ../../configuration/vpn/sstp.rst:178 +#: ../../configuration/vpn/sstp.rst:184 msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." +#: ../../configuration/service/pppoe-server.rst:479 +#: ../../configuration/vpn/l2tp.rst:433 +#: ../../configuration/vpn/pptp.rst:357 +#: ../../configuration/vpn/sstp.rst:391 +msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." +msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." + #: ../../configuration/system/console.rst:21 msgid "Defines the specified device as a system console. Available console devices can be (see completion helper):" msgstr "Defines the specified device as a system console. Available console devices can be (see completion helper):" @@ -4120,15 +4550,15 @@ msgstr "Defines the specified device as a system console. Available console devi msgid "Defining Peers" msgstr "Defining Peers" -#: ../../configuration/service/dhcp-server.rst:579 +#: ../../configuration/service/dhcp-server.rst:585 msgid "Delegate prefixes from the range indicated by the start and stop qualifier." msgstr "Delegate prefixes from the range indicated by the start and stop qualifier." -#: ../../configuration/policy/route-map.rst:231 +#: ../../configuration/policy/route-map.rst:234 msgid "Delete BGP communities matching the community-list." msgstr "Delete BGP communities matching the community-list." -#: ../../configuration/policy/route-map.rst:246 +#: ../../configuration/policy/route-map.rst:249 msgid "Delete BGP communities matching the large-community-list." msgstr "Delete BGP communities matching the large-community-list." @@ -4136,11 +4566,15 @@ msgstr "Delete BGP communities matching the large-community-list." msgid "Delete Logs" msgstr "Delete Logs" -#: ../../configuration/policy/route-map.rst:226 +#: ../../configuration/container/index.rst:211 +msgid "Delete a particular container image based on it's image ID. You can also delete all container images at once." +msgstr "Delete a particular container image based on it's image ID. You can also delete all container images at once." + +#: ../../configuration/policy/route-map.rst:229 msgid "Delete all BGP communities" msgstr "Delete all BGP communities" -#: ../../configuration/policy/route-map.rst:241 +#: ../../configuration/policy/route-map.rst:244 msgid "Delete all BGP large-communities" msgstr "Delete all BGP large-communities" @@ -4205,15 +4639,37 @@ msgstr "Devices evaluating whether an IPv4 address is public must be updated to msgid "Different NAT Types" msgstr "Different NAT Types" -#: ../../configuration/pki/index.rst:100 +#: ../../configuration/pki/index.rst:102 msgid "Diffie-Hellman parameters" msgstr "Diffie-Hellman parameters" +#: ../../configuration/service/ids.rst:93 +msgid "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." +msgstr "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." + +#: ../../configuration/system/option.rst:46 +msgid "Disable CPU power saving mechanisms also known as C states." +msgstr "Disable CPU power saving mechanisms also known as C states." + +#: ../../configuration/service/pppoe-server.rst:457 +#: ../../configuration/vpn/l2tp.rst:411 +#: ../../configuration/vpn/pptp.rst:335 +#: ../../configuration/vpn/sstp.rst:369 +msgid "Disable Compression Control Protocol (CCP). CCP is enabled by default." +msgstr "Disable Compression Control Protocol (CCP). CCP is enabled by default." + #: ../../configuration/protocols/pim6.rst:37 msgid "Disable MLD reports and query on the interface." msgstr "Disable MLD reports and query on the interface." -#: ../../configuration/vpn/sstp.rst:75 +#: ../../configuration/system/login.rst:39 +msgid "Disable (lock) account. User will not be able to log in." +msgstr "Disable (lock) account. User will not be able to log in." + +#: ../../configuration/service/pppoe-server.rst:432 +#: ../../configuration/vpn/l2tp.rst:376 +#: ../../configuration/vpn/pptp.rst:300 +#: ../../configuration/vpn/sstp.rst:334 msgid "Disable `<user>` account." msgstr "Disable `<user>` account." @@ -4221,11 +4677,23 @@ msgstr "Disable `<user>` account." msgid "Disable a BFD peer" msgstr "Disable a BFD peer" -#: ../../configuration/container/index.rst:128 +#: ../../configuration/container/index.rst:133 msgid "Disable a container." msgstr "Disable a container." -#: ../../configuration/firewall/ipv4.rst:930 +#: ../../configuration/container/index.rst:166 +msgid "Disable a given container registry" +msgstr "Disable a given container registry" + +#: ../../configuration/system/option.rst:35 +msgid "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." +msgstr "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." + +#: ../../configuration/service/conntrack-sync.rst:103 +msgid "Disable connection logging via Syslog." +msgstr "Disable connection logging via Syslog." + +#: ../../configuration/firewall/ipv4.rst:953 #: ../../configuration/firewall/ipv6.rst:939 msgid "Disable conntrack loose track option" msgstr "Disable conntrack loose track option" @@ -4242,7 +4710,7 @@ msgstr "Disable dhcpv6-relay service." msgid "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." msgstr "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." -#: ../../configuration/protocols/bgp.rst:616 +#: ../../configuration/protocols/bgp.rst:628 msgid "Disable immediate session reset if peer's connected link goes down." msgstr "Disable immediate session reset if peer's connected link goes down." @@ -4286,11 +4754,11 @@ msgstr "Disabled by default - no kernel module loaded." msgid "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." msgstr "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." -#: ../../configuration/protocols/static.rst:76 +#: ../../configuration/protocols/static.rst:99 msgid "Disables interface-based IPv4 static route." msgstr "Disables interface-based IPv4 static route." -#: ../../configuration/protocols/static.rst:96 +#: ../../configuration/protocols/static.rst:119 msgid "Disables interface-based IPv6 static route." msgstr "Disables interface-based IPv6 static route." @@ -4306,7 +4774,7 @@ msgstr "Disables web filtering without discarding configuration." msgid "Disables web proxy transparent mode at a listening address." msgstr "Disables web proxy transparent mode at a listening address." -#: ../../configuration/service/router-advert.rst:73 +#: ../../configuration/service/router-advert.rst:99 msgid "Disabling Advertisements" msgstr "Disabling Advertisements" @@ -4326,11 +4794,11 @@ msgstr "Disadvantages are:" msgid "Disassociate stations based on excessive transmission failures or other indications of connection loss." msgstr "Disassociate stations based on excessive transmission failures or other indications of connection loss." -#: ../../configuration/vrf/index.rst:142 +#: ../../configuration/vrf/index.rst:161 msgid "Display IPv4 routing table for VRF identified by `<name>`." msgstr "Display IPv4 routing table for VRF identified by `<name>`." -#: ../../configuration/vrf/index.rst:161 +#: ../../configuration/vrf/index.rst:180 msgid "Display IPv6 routing table for VRF identified by `<name>`." msgstr "Display IPv6 routing table for VRF identified by `<name>`." @@ -4338,7 +4806,7 @@ msgstr "Display IPv6 routing table for VRF identified by `<name>`." msgid "Display Logs" msgstr "Display Logs" -#: ../../configuration/system/login.rst:188 +#: ../../configuration/system/login.rst:192 msgid "Display OTP key for user" msgstr "Display OTP key for user" @@ -4346,11 +4814,11 @@ msgstr "Display OTP key for user" msgid "Display all authorization attempts of the specified image" msgstr "Display all authorization attempts of the specified image" -#: ../../configuration/protocols/static.rst:200 +#: ../../configuration/protocols/static.rst:233 msgid "Display all known ARP table entries on a given interface only (`eth1`):" msgstr "Display all known ARP table entries on a given interface only (`eth1`):" -#: ../../configuration/protocols/static.rst:188 +#: ../../configuration/protocols/static.rst:221 msgid "Display all known ARP table entries spanning across all interfaces" msgstr "Display all known ARP table entries spanning across all interfaces" @@ -4382,7 +4850,7 @@ msgstr "Displays information about all neighbors discovered via LLDP." msgid "Displays queue information for a PPPoE interface." msgstr "Displays queue information for a PPPoE interface." -#: ../../configuration/vrf/index.rst:213 +#: ../../configuration/vrf/index.rst:232 msgid "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." msgstr "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." @@ -4390,14 +4858,28 @@ msgstr "Displays the route packets taken to a network host utilizing VRF instanc msgid "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." msgstr "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." +#: ../../configuration/system/ip.rst:55 +#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:85 +msgid "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + +#: ../../configuration/system/ipv6.rst:51 +msgid "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + #: ../../_include/interface-ipv6.txt:37 msgid "Do not assign a link-local IPv6 address to this interface." msgstr "Do not assign a link-local IPv6 address to this interface." -#: ../../configuration/trafficpolicy/index.rst:1208 +#: ../../configuration/trafficpolicy/index.rst:1210 msgid "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." msgstr "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." +#: ../../configuration/protocols/bgp.rst:609 +msgid "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." +msgstr "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." + #: ../../configuration/service/dns.rst:103 msgid "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." msgstr "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." @@ -4426,7 +4908,7 @@ msgstr "Domain name(s) for which to obtain certificate" msgid "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." msgstr "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." -#: ../../configuration/pki/index.rst:259 +#: ../../configuration/pki/index.rst:290 msgid "Domain names to apply, multiple domain-names can be specified." msgstr "Domain names to apply, multiple domain-names can be specified." @@ -4435,19 +4917,19 @@ msgstr "Domain names to apply, multiple domain-names can be specified." msgid "Domain search order" msgstr "Domain search order" -#: ../../configuration/pki/index.rst:25 +#: ../../configuration/pki/index.rst:27 msgid "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" msgstr "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" -#: ../../configuration/protocols/bgp.rst:1172 +#: ../../configuration/protocols/bgp.rst:1194 msgid "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/protocols/bgp.rst:1126 +#: ../../configuration/protocols/bgp.rst:1148 msgid "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/vpn/site2site_ipsec.rst:299 +#: ../../configuration/vpn/site2site_ipsec.rst:302 msgid "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." msgstr "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." @@ -4459,10 +4941,17 @@ msgstr "Download/Update complete blacklist" msgid "Download/Update partial blacklist." msgstr "Download/Update partial blacklist." -#: ../../configuration/vpn/sstp.rst:85 +#: ../../configuration/service/pppoe-server.rst:262 +#: ../../configuration/vpn/l2tp.rst:386 +#: ../../configuration/vpn/pptp.rst:310 +#: ../../configuration/vpn/sstp.rst:344 msgid "Download bandwidth limit in kbit/s for `<user>`." msgstr "Download bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:320 +msgid "Download bandwidth limit in kbit/s for user on interface `<interface>`." +msgstr "Download bandwidth limit in kbit/s for user on interface `<interface>`." + #: ../../configuration/policy/route-map.rst:202 msgid "Drop AS-NUMBER from the BGP AS path." msgstr "Drop AS-NUMBER from the BGP AS path." @@ -4479,7 +4968,7 @@ msgstr "Drop rate" msgid "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" msgstr "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" -#: ../../configuration/service/pppoe-server.rst:367 +#: ../../configuration/service/pppoe-server.rst:625 msgid "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" msgstr "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" @@ -4495,19 +4984,23 @@ msgstr "Dummy interface" msgid "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." msgstr "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." -#: ../../configuration/vrf/index.rst:193 +#: ../../configuration/vrf/index.rst:212 msgid "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." msgstr "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." -#: ../../configuration/pki/index.rst:285 +#: ../../configuration/pki/index.rst:316 msgid "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" msgstr "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" +#: ../../configuration/vpn/ipsec.rst:568 +msgid "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." +msgstr "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." + #: ../../configuration/service/ssh.rst:113 msgid "Dynamic-protection" msgstr "Dynamic-protection" -#: ../../configuration/service/dns.rst:212 +#: ../../configuration/service/dns.rst:199 msgid "Dynamic DNS" msgstr "Dynamic DNS" @@ -4519,11 +5012,11 @@ msgstr "EAPoL comes with an identify option. We automatically use the interface msgid "ESP Phase:" msgstr "ESP Phase:" -#: ../../configuration/vpn/ipsec.rst:111 +#: ../../configuration/vpn/ipsec.rst:113 msgid "ESP (Encapsulating Security Payload) Attributes" msgstr "ESP (Encapsulating Security Payload) Attributes" -#: ../../configuration/vpn/ipsec.rst:112 +#: ../../configuration/vpn/ipsec.rst:115 msgid "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" msgstr "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" @@ -4587,7 +5080,7 @@ msgstr "Eenables the Generic Protocol extension (VXLAN-GPE). Currently, this is msgid "Email address to associate with certificate" msgstr "Email address to associate with certificate" -#: ../../configuration/pki/index.rst:265 +#: ../../configuration/pki/index.rst:296 msgid "Email used for registration and recovery contact." msgstr "Email used for registration and recovery contact." @@ -4599,35 +5092,35 @@ msgstr "Embedding one policy into another one" msgid "Emergency" msgstr "Emergency" -#: ../../configuration/protocols/bfd.rst:89 +#: ../../configuration/protocols/bfd.rst:96 msgid "Enable BFD for ISIS on an interface" msgstr "Enable BFD for ISIS on an interface" -#: ../../configuration/protocols/bfd.rst:77 +#: ../../configuration/protocols/bfd.rst:84 msgid "Enable BFD for OSPF on an interface" msgstr "Enable BFD for OSPF on an interface" -#: ../../configuration/protocols/bfd.rst:81 +#: ../../configuration/protocols/bfd.rst:88 msgid "Enable BFD for OSPFv3 on an interface" msgstr "Enable BFD for OSPFv3 on an interface" -#: ../../configuration/protocols/bfd.rst:61 +#: ../../configuration/protocols/bfd.rst:68 msgid "Enable BFD in BGP" msgstr "Enable BFD in BGP" -#: ../../configuration/protocols/bfd.rst:85 +#: ../../configuration/protocols/bfd.rst:92 msgid "Enable BFD in ISIS" msgstr "Enable BFD in ISIS" -#: ../../configuration/protocols/bfd.rst:73 +#: ../../configuration/protocols/bfd.rst:80 msgid "Enable BFD in OSPF" msgstr "Enable BFD in OSPF" -#: ../../configuration/protocols/bfd.rst:69 +#: ../../configuration/protocols/bfd.rst:76 msgid "Enable BFD on a BGP peer group" msgstr "Enable BFD on a BGP peer group" -#: ../../configuration/protocols/bfd.rst:65 +#: ../../configuration/protocols/bfd.rst:72 msgid "Enable BFD on a single BGP neighbor" msgstr "Enable BFD on a single BGP neighbor" @@ -4651,7 +5144,7 @@ msgstr "Enable IGMP and MLD querier." msgid "Enable IGMP and MLD snooping." msgstr "Enable IGMP and MLD snooping." -#: ../../configuration/service/dhcp-server.rst:271 +#: ../../configuration/service/dhcp-server.rst:277 msgid "Enable IP forwarding on client" msgstr "Enable IP forwarding on client" @@ -4705,7 +5198,7 @@ msgstr "Enable OSPF with Segment Routing (Experimental):" msgid "Enable OSPF with route redistribution of the loopback and default originate:" msgstr "Enable OSPF with route redistribution of the loopback and default originate:" -#: ../../configuration/system/login.rst:103 +#: ../../configuration/system/login.rst:107 msgid "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." @@ -4713,6 +5206,18 @@ msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE msgid "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." msgstr "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." +#: ../../configuration/service/router-advert.rst:82 +msgid "Enable PREF64 option as outlined in :rfc:`8781`." +msgstr "Enable PREF64 option as outlined in :rfc:`8781`." + +#: ../../configuration/service/ipoe-server.rst:386 +#: ../../configuration/service/pppoe-server.rst:575 +#: ../../configuration/vpn/l2tp.rst:510 +#: ../../configuration/vpn/pptp.rst:434 +#: ../../configuration/vpn/sstp.rst:468 +msgid "Enable SNMP" +msgstr "Enable SNMP" + #: ../../configuration/service/lldp.rst:59 msgid "Enable SNMP queries of the LLDP database" msgstr "Enable SNMP queries of the LLDP database" @@ -4833,15 +5338,19 @@ msgstr "Enabled on-demand PPPoE connections bring up the link only when traffic msgid "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." msgstr "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." -#: ../../configuration/vrf/index.rst:461 +#: ../../configuration/vrf/index.rst:480 msgid "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." msgstr "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." -#: ../../configuration/vpn/sstp.rst:277 +#: ../../configuration/service/ipoe-server.rst:220 +#: ../../configuration/service/pppoe-server.rst:182 +#: ../../configuration/vpn/l2tp.rst:225 +#: ../../configuration/vpn/pptp.rst:165 +#: ../../configuration/vpn/sstp.rst:198 msgid "Enables bandwidth shaping via RADIUS." msgstr "Enables bandwidth shaping via RADIUS." -#: ../../configuration/vrf/index.rst:483 +#: ../../configuration/vrf/index.rst:502 msgid "Enables import or export of routes between the current unicast VRF and VPN." msgstr "Enables import or export of routes between the current unicast VRF and VPN." @@ -4853,6 +5362,10 @@ msgstr "Enables the Generic Protocol extension (VXLAN-GPE). Currently, this is o msgid "Enables the echo transmission mode" msgstr "Enables the echo transmission mode" +#: ../../configuration/system/option.rst:27 +msgid "Enables the root partition auto-extension and resizes to the maximum available space on system boot." +msgstr "Enables the root partition auto-extension and resizes to the maximum available space on system boot." + #: ../../configuration/service/router-advert.rst:27 msgid "Enabling Advertisments" msgstr "Enabling Advertisments" @@ -4877,7 +5390,7 @@ msgstr "Enforce strict path checking" msgid "Enslave `<member>` interface to bond `<interface>`." msgstr "Enslave `<member>` interface to bond `<interface>`." -#: ../../configuration/protocols/bgp.rst:764 +#: ../../configuration/protocols/bgp.rst:786 msgid "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." msgstr "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." @@ -4945,11 +5458,11 @@ msgstr "Every NAT rule has a translation command defined. The address defined fo msgid "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" msgstr "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" -#: ../../configuration/system/login.rst:47 +#: ../../configuration/system/login.rst:51 msgid "Every SSH key comes in three parts:" msgstr "Every SSH key comes in three parts:" -#: ../../configuration/system/login.rst:68 +#: ../../configuration/system/login.rst:72 msgid "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" msgstr "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" @@ -4965,12 +5478,16 @@ msgstr "Every Virtual Ethernet interfaces behaves like a real Ethernet interface msgid "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." msgstr "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." +#: ../../configuration/vpn/ipsec.rst:439 +msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." +msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:98 msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." #: ../../configuration/firewall/bridge.rst:321 -#: ../../configuration/highavailability/index.rst:397 +#: ../../configuration/highavailability/index.rst:407 #: ../../configuration/interfaces/bonding.rst:291 #: ../../configuration/interfaces/l2tpv3.rst:86 #: ../../configuration/interfaces/pppoe.rst:323 @@ -4980,23 +5497,24 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/protocols/failover.rst:63 #: ../../configuration/protocols/igmp-proxy.rst:61 #: ../../configuration/protocols/pim.rst:217 -#: ../../configuration/protocols/rpki.rst:156 +#: ../../configuration/protocols/rpki.rst:166 #: ../../configuration/service/broadcast-relay.rst:55 -#: ../../configuration/service/conntrack-sync.rst:186 +#: ../../configuration/service/conntrack-sync.rst:190 #: ../../configuration/service/dhcp-relay.rst:85 #: ../../configuration/service/dhcp-relay.rst:174 -#: ../../configuration/service/dhcp-server.rst:362 -#: ../../configuration/service/dns.rst:160 -#: ../../configuration/service/dns.rst:276 +#: ../../configuration/service/dhcp-server.rst:368 +#: ../../configuration/service/dns.rst:147 +#: ../../configuration/service/dns.rst:260 #: ../../configuration/service/eventhandler.rst:83 -#: ../../configuration/service/ipoe-server.rst:150 +#: ../../configuration/service/ids.rst:82 #: ../../configuration/service/mdns.rst:50 #: ../../configuration/service/monitoring.rst:134 +#: ../../configuration/service/router-advert.rst:108 #: ../../configuration/service/snmp.rst:94 #: ../../configuration/service/snmp.rst:145 #: ../../configuration/service/tftp-server.rst:47 #: ../../configuration/system/acceleration.rst:58 -#: ../../configuration/system/login.rst:397 +#: ../../configuration/system/login.rst:401 #: ../../configuration/system/name-server.rst:28 #: ../../configuration/system/name-server.rst:63 #: ../../configuration/system/sflow.rst:49 @@ -5005,9 +5523,8 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/trafficpolicy/index.rst:1122 #: ../../configuration/vpn/dmvpn.rst:161 #: ../../configuration/vpn/openconnect.rst:97 -#: ../../configuration/vpn/sstp.rst:286 -#: ../../configuration/vrf/index.rst:99 -#: ../../configuration/vrf/index.rst:232 +#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:251 msgid "Example" msgstr "Example" @@ -5028,16 +5545,18 @@ msgstr "Example, from radius-server send command for disconnect client with user #: ../../configuration/nat/nat44.rst:425 #: ../../configuration/nat/nat66.rst:78 #: ../../configuration/nat/nat66.rst:96 -#: ../../configuration/protocols/static.rst:174 -#: ../../configuration/service/dns.rst:363 +#: ../../configuration/protocols/static.rst:67 +#: ../../configuration/protocols/static.rst:135 +#: ../../configuration/protocols/static.rst:207 +#: ../../configuration/service/dns.rst:366 #: ../../configuration/service/monitoring.rst:69 #: ../../configuration/service/monitoring.rst:98 #: ../../configuration/service/ssh.rst:165 #: ../../configuration/service/ssh.rst:200 #: ../../configuration/system/flow-accounting.rst:164 -#: ../../configuration/vpn/l2tp.rst:41 -#: ../../configuration/vpn/site2site_ipsec.rst:162 -#: ../../configuration/vpn/site2site_ipsec.rst:273 +#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:276 #: ../../_include/interface-address-with-dhcp.txt:22 #: ../../_include/interface-address.txt:9 #: ../../_include/interface-description.txt:7 @@ -5121,13 +5640,12 @@ msgstr "Example: Set `eth0` member port to be native VLAN 2" msgid "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." msgstr "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." -#: ../../configuration/container/index.rst:177 +#: ../../configuration/container/index.rst:216 #: ../../configuration/service/https.rst:77 -#: ../../configuration/service/router-advert.rst:80 msgid "Example Configuration" msgstr "Example Configuration" -#: ../../configuration/service/dns.rst:378 +#: ../../configuration/service/dns.rst:384 msgid "Example IPv6 only:" msgstr "Example IPv6 only:" @@ -5135,7 +5653,7 @@ msgstr "Example IPv6 only:" msgid "Example Network" msgstr "Example Network" -#: ../../configuration/firewall/ipv4.rst:1130 +#: ../../configuration/firewall/ipv4.rst:1153 #: ../../configuration/firewall/ipv6.rst:1153 msgid "Example Partial Config" msgstr "Example Partial Config" @@ -5156,7 +5674,7 @@ msgstr "Example for configuring a simple L2TP over IPsec VPN for remote access ( msgid "Example of redirection:" msgstr "Example of redirection:" -#: ../../configuration/firewall/ipv4.rst:925 +#: ../../configuration/firewall/ipv4.rst:948 #: ../../configuration/firewall/ipv6.rst:934 msgid "Example synproxy" msgstr "Example synproxy" @@ -5167,16 +5685,16 @@ msgstr "Example synproxy" #: ../../configuration/interfaces/wireless.rst:541 #: ../../configuration/loadbalancing/reverse-proxy.rst:187 #: ../../configuration/policy/index.rst:46 -#: ../../configuration/protocols/bgp.rst:1096 +#: ../../configuration/protocols/bgp.rst:1118 #: ../../configuration/protocols/isis.rst:336 #: ../../configuration/protocols/ospf.rst:834 -#: ../../configuration/service/pppoe-server.rst:343 +#: ../../configuration/service/pppoe-server.rst:601 #: ../../configuration/service/webproxy.rst:419 msgid "Examples" msgstr "Examples" #: ../../configuration/nat/nat44.rst:154 -#: ../../configuration/vpn/site2site_ipsec.rst:157 +#: ../../configuration/vpn/site2site_ipsec.rst:160 msgid "Examples:" msgstr "Examples:" @@ -5224,6 +5742,10 @@ msgstr "External DHCPv6 server is at 2001:db8::4" msgid "External Route Summarisation" msgstr "External Route Summarisation" +#: ../../configuration/service/ids.rst:101 +msgid "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" +msgstr "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" + #: ../../configuration/trafficpolicy/index.rst:441 msgid "FQ-CoDel" msgstr "FQ-CoDel" @@ -5275,7 +5797,7 @@ msgstr "Facility Code" #: ../../configuration/loadbalancing/wan.rst:218 #: ../../configuration/protocols/failover.rst:3 #: ../../configuration/service/dhcp-server.rst:136 -#: ../../configuration/service/dhcp-server.rst:369 +#: ../../configuration/service/dhcp-server.rst:375 msgid "Failover" msgstr "Failover" @@ -5303,6 +5825,14 @@ msgstr "Fair Queue is a non-shaping (work-conserving) policy, so it will only be msgid "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." msgstr "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." +#: ../../configuration/service/ids.rst:9 +msgid "FastNetMon" +msgstr "FastNetMon" + +#: ../../configuration/service/ids.rst:11 +msgid "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." +msgstr "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." + #: ../../configuration/protocols/rpki.rst:78 msgid "Features of the Current Implementation" msgstr "Features of the Current Implementation" @@ -5311,11 +5841,15 @@ msgstr "Features of the Current Implementation" msgid "Field" msgstr "Field" -#: ../../configuration/service/dns.rst:241 +#: ../../configuration/service/dns.rst:231 +msgid "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." +msgstr "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." + +#: ../../configuration/service/dns.rst:255 msgid "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." msgstr "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." -#: ../../configuration/service/pppoe-server.rst:228 +#: ../../configuration/service/pppoe-server.rst:302 msgid "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" msgstr "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" @@ -5404,7 +5938,7 @@ msgstr "Firewall groups represent collections of IP addresses, networks, ports, msgid "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." msgstr "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." -#: ../../configuration/highavailability/index.rst:381 +#: ../../configuration/highavailability/index.rst:391 msgid "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" msgstr "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" @@ -5428,7 +5962,7 @@ msgstr "Firmware Update" msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." -#: ../../configuration/vpn/ipsec.rst:267 +#: ../../configuration/vpn/ipsec.rst:271 msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." @@ -5544,15 +6078,15 @@ msgstr "For Hashing:" msgid "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." msgstr "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." -#: ../../configuration/policy/route-map.rst:311 +#: ../../configuration/policy/route-map.rst:314 msgid "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." msgstr "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." -#: ../../configuration/service/pppoe-server.rst:188 +#: ../../configuration/service/pppoe-server.rst:257 msgid "For Local Users" msgstr "For Local Users" -#: ../../configuration/service/pppoe-server.rst:223 +#: ../../configuration/service/pppoe-server.rst:297 msgid "For RADIUS users" msgstr "For RADIUS users" @@ -5592,7 +6126,7 @@ msgstr "For a simple home network using just the ISP's equipment, this is usuall msgid "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." msgstr "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." -#: ../../configuration/system/login.rst:132 +#: ../../configuration/system/login.rst:136 msgid "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." msgstr "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." @@ -5618,7 +6152,7 @@ msgstr "For fragmented TCP or UDP packets and all other IPv4 and IPv6 protocol t msgid "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" msgstr "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" -#: ../../configuration/protocols/bgp.rst:823 +#: ../../configuration/protocols/bgp.rst:845 msgid "For inbound updates the order of preference is:" msgstr "For inbound updates the order of preference is:" @@ -5642,7 +6176,11 @@ msgstr "For latest releases, refer the `firewall (interface-groups) <https://doc msgid "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." msgstr "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." -#: ../../configuration/service/pppoe-server.rst:299 +#: ../../configuration/protocols/bfd.rst:61 +msgid "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." +msgstr "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." + +#: ../../configuration/service/pppoe-server.rst:307 msgid "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." msgstr "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." @@ -5650,7 +6188,7 @@ msgstr "For network maintenance, it's a good idea to direct users to a backup se msgid "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." msgstr "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." -#: ../../configuration/protocols/bgp.rst:829 +#: ../../configuration/protocols/bgp.rst:851 msgid "For outbound updates the order of preference is:" msgstr "For outbound updates the order of preference is:" @@ -5695,7 +6233,7 @@ msgstr "For the average user a serial console has no advantage over a console of msgid "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." msgstr "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." -#: ../../configuration/container/index.rst:179 +#: ../../configuration/container/index.rst:218 msgid "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." msgstr "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." @@ -5737,7 +6275,7 @@ msgstr "Formally, a virtual link looks like a point-to-point network connecting msgid "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." msgstr "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." -#: ../../configuration/highavailability/index.rst:362 +#: ../../configuration/highavailability/index.rst:372 msgid "Forward method" msgstr "Forward method" @@ -5765,7 +6303,7 @@ msgstr "From a security perspective, it is not recommended to let a third party msgid "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" msgstr "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" -#: ../../configuration/highavailability/index.rst:380 +#: ../../configuration/highavailability/index.rst:390 msgid "Fwmark" msgstr "Fwmark" @@ -5806,6 +6344,11 @@ msgstr "GRE is often seen as a one size fits all solution when it comes to class msgid "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." msgstr "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." +#: ../../configuration/pki/index.rst:123 +#: ../../configuration/pki/index.rst:128 +msgid "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." +msgstr "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." + #: ../../configuration/protocols/isis.rst:25 #: ../../configuration/protocols/ospf.rst:25 #: ../../configuration/protocols/ospf.rst:1081 @@ -5835,18 +6378,18 @@ msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key." msgid "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." -#: ../../configuration/pki/index.rst:153 -#: ../../configuration/pki/index.rst:157 +#: ../../configuration/pki/index.rst:155 +#: ../../configuration/pki/index.rst:159 msgid "Generate a WireGuard pre-shared secret used for peers to communicate." msgstr "Generate a WireGuard pre-shared secret used for peers to communicate." -#: ../../configuration/pki/index.rst:136 -#: ../../configuration/pki/index.rst:141 +#: ../../configuration/pki/index.rst:138 +#: ../../configuration/pki/index.rst:143 msgid "Generate a new WireGuard public/private key portion and output the result to the console." msgstr "Generate a new WireGuard public/private key portion and output the result to the console." -#: ../../configuration/pki/index.rst:104 -#: ../../configuration/pki/index.rst:111 +#: ../../configuration/pki/index.rst:106 +#: ../../configuration/pki/index.rst:113 msgid "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." msgstr "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." @@ -5898,6 +6441,14 @@ msgstr "Given the following example we have one VyOS router acting as OpenVPN se msgid "Gloabal" msgstr "Gloabal" +#: ../../configuration/service/ipoe-server.rst:352 +#: ../../configuration/service/pppoe-server.rst:518 +#: ../../configuration/vpn/l2tp.rst:472 +#: ../../configuration/vpn/pptp.rst:396 +#: ../../configuration/vpn/sstp.rst:430 +msgid "Global Advanced options" +msgstr "Global Advanced options" + #: ../../configuration/firewall/general.rst:84 msgid "Global Options" msgstr "Global Options" @@ -5956,7 +6507,7 @@ msgstr "HTTP based services" msgid "HTTP basic authentication username" msgstr "HTTP basic authentication username" -#: ../../configuration/system/option.rst:27 +#: ../../configuration/system/option.rst:57 msgid "HTTP client" msgstr "HTTP client" @@ -5968,7 +6519,7 @@ msgstr "HT (High Throughput) capabilities (802.11n)" msgid "Hairpin NAT/NAT Reflection" msgstr "Hairpin NAT/NAT Reflection" -#: ../../configuration/service/dhcp-server.rst:573 +#: ../../configuration/service/dhcp-server.rst:579 msgid "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." msgstr "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." @@ -5980,7 +6531,7 @@ msgstr "Handling and monitoring" msgid "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." msgstr "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." -#: ../../configuration/highavailability/index.rst:372 +#: ../../configuration/highavailability/index.rst:382 msgid "Health-check" msgstr "Health-check" @@ -6024,7 +6575,7 @@ msgstr "Here is a second example of a dual-stack tunnel over IPv6 between a VyOS msgid "Here is an example :abbr:`NET (Network Entity Title)` value:" msgstr "Here is an example :abbr:`NET (Network Entity Title)` value:" -#: ../../configuration/protocols/rpki.rst:167 +#: ../../configuration/protocols/rpki.rst:177 msgid "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." msgstr "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." @@ -6074,7 +6625,7 @@ msgstr "Host Information" msgid "Host name" msgstr "Host name" -#: ../../configuration/service/dhcp-server.rst:630 +#: ../../configuration/service/dhcp-server.rst:638 msgid "Host specific mapping shall be named ``client1``" msgstr "Host specific mapping shall be named ``client1``" @@ -6094,7 +6645,7 @@ msgstr "How to configure Event Handler" msgid "How to make it work" msgstr "How to make it work" -#: ../../configuration/vpn/ipsec.rst:263 +#: ../../configuration/vpn/ipsec.rst:267 msgid "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." msgstr "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." @@ -6158,14 +6709,18 @@ msgstr "IKE (Internet Key Exchange) Attributes" msgid "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" msgstr "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" -#: ../../configuration/vpn/site2site_ipsec.rst:160 +#: ../../configuration/vpn/site2site_ipsec.rst:163 msgid "IKEv1" msgstr "IKEv1" -#: ../../configuration/vpn/site2site_ipsec.rst:271 +#: ../../configuration/vpn/site2site_ipsec.rst:274 msgid "IKEv2" msgstr "IKEv2" +#: ../../configuration/vpn/ipsec.rst:372 +msgid "IKEv2 IPSec road-warriors remote-access VPN" +msgstr "IKEv2 IPSec road-warriors remote-access VPN" + #: ../../configuration/system/ip.rst:3 msgid "IP" msgstr "IP" @@ -6198,11 +6753,11 @@ msgstr "IPSec IKE and ESP Groups;" msgid "IPSec IKEv2 Remote Access VPN" msgstr "IPSec IKEv2 Remote Access VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN" msgstr "IPSec IKEv2 site2site VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" msgstr "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" @@ -6218,7 +6773,7 @@ msgstr "IPSec VPN tunnels." msgid "IP address" msgstr "IP address" -#: ../../configuration/service/dhcp-server.rst:202 +#: ../../configuration/service/dhcp-server.rst:208 msgid "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" @@ -6227,19 +6782,19 @@ msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named msgid "IP address ``192.168.2.1/24``" msgstr "IP address ``192.168.2.1/24``" -#: ../../configuration/service/dhcp-server.rst:286 +#: ../../configuration/service/dhcp-server.rst:292 msgid "IP address for DHCP server identifier" msgstr "IP address for DHCP server identifier" -#: ../../configuration/service/dhcp-server.rst:276 +#: ../../configuration/service/dhcp-server.rst:282 msgid "IP address of NTP server" msgstr "IP address of NTP server" -#: ../../configuration/service/dhcp-server.rst:316 +#: ../../configuration/service/dhcp-server.rst:322 msgid "IP address of POP3 server" msgstr "IP address of POP3 server" -#: ../../configuration/service/dhcp-server.rst:311 +#: ../../configuration/service/dhcp-server.rst:317 msgid "IP address of SMTP server" msgstr "IP address of SMTP server" @@ -6255,7 +6810,7 @@ msgstr "IP address of route to match, based on prefix-list." msgid "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." msgstr "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." -#: ../../configuration/service/dhcp-server.rst:346 +#: ../../configuration/service/dhcp-server.rst:352 msgid "IP address to exclude from DHCP lease range" msgstr "IP address to exclude from DHCP lease range" @@ -6295,7 +6850,7 @@ msgstr "IP next-hop of route to match, based on type." msgid "IP precedence as defined in :rfc:`791`:" msgstr "IP precedence as defined in :rfc:`791`:" -#: ../../configuration/vpn/l2tp.rst:33 +#: ../../configuration/vpn/l2tp.rst:83 msgid "IP protocol number 50 (ESP)" msgstr "IP protocol number 50 (ESP)" @@ -6307,19 +6862,19 @@ msgstr "IP route source of route to match, based on access-list." msgid "IP route source of route to match, based on prefix-list." msgstr "IP route source of route to match, based on prefix-list." -#: ../../configuration/service/ipoe-server.rst:7 +#: ../../configuration/service/ipoe-server.rst:5 msgid "IPoE Server" msgstr "IPoE Server" -#: ../../configuration/service/ipoe-server.rst:30 +#: ../../configuration/service/ipoe-server.rst:29 msgid "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." msgstr "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." -#: ../../configuration/service/ipoe-server.rst:13 +#: ../../configuration/service/ipoe-server.rst:11 msgid "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." msgstr "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." -#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:153 msgid "IPoE server will listen on interfaces eth1.50 and eth1.51" msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" @@ -6327,11 +6882,11 @@ msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" msgid "IPsec" msgstr "IPsec" -#: ../../configuration/vpn/ipsec.rst:172 +#: ../../configuration/vpn/ipsec.rst:176 msgid "IPsec policy matching GRE" msgstr "IPsec policy matching GRE" -#: ../../configuration/service/pppoe-server.rst:346 +#: ../../configuration/service/pppoe-server.rst:604 msgid "IPv4" msgstr "IPv4" @@ -6343,11 +6898,11 @@ msgstr "IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, msgid "IPv4 Firewall Configuration" msgstr "IPv4 Firewall Configuration" -#: ../../configuration/service/dhcp-server.rst:291 +#: ../../configuration/service/dhcp-server.rst:297 msgid "IPv4 address of next bootstrap server" msgstr "IPv4 address of next bootstrap server" -#: ../../configuration/service/dhcp-server.rst:251 +#: ../../configuration/service/dhcp-server.rst:257 msgid "IPv4 address of router on the client's subnet" msgstr "IPv4 address of router on the client's subnet" @@ -6355,7 +6910,7 @@ msgstr "IPv4 address of router on the client's subnet" msgid "IPv4 or IPv6 source address of NetFlow packets" msgstr "IPv4 or IPv6 source address of NetFlow packets" -#: ../../configuration/protocols/bgp.rst:1099 +#: ../../configuration/protocols/bgp.rst:1121 msgid "IPv4 peering" msgstr "IPv4 peering" @@ -6376,8 +6931,12 @@ msgid "IPv4 server" msgstr "IPv4 server" #: ../../configuration/interfaces/pppoe.rst:244 -#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/service/ipoe-server.rst:256 +#: ../../configuration/service/pppoe-server.rst:341 #: ../../configuration/system/ipv6.rst:3 +#: ../../configuration/vpn/l2tp.rst:286 +#: ../../configuration/vpn/pptp.rst:210 +#: ../../configuration/vpn/sstp.rst:244 msgid "IPv6" msgstr "IPv6" @@ -6385,6 +6944,13 @@ msgstr "IPv6" msgid "IPv6 Access List" msgstr "IPv6 Access List" +#: ../../configuration/service/pppoe-server.rst:381 +#: ../../configuration/vpn/l2tp.rst:325 +#: ../../configuration/vpn/pptp.rst:249 +#: ../../configuration/vpn/sstp.rst:283 +msgid "IPv6 Advanced Options" +msgstr "IPv6 Advanced Options" + #: ../../configuration/interfaces/pppoe.rst:379 msgid "IPv6 DHCPv6-PD Example" msgstr "IPv6 DHCPv6-PD Example" @@ -6417,7 +6983,7 @@ msgstr "IPv6 SLAAC and IA-PD" msgid "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" msgstr "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" -#: ../../configuration/service/dhcp-server.rst:628 +#: ../../configuration/service/dhcp-server.rst:636 msgid "IPv6 address ``2001:db8::101`` shall be statically mapped" msgstr "IPv6 address ``2001:db8::101`` shall be statically mapped" @@ -6434,10 +7000,18 @@ msgid "IPv6 address of route to match, based on specified prefix-length. Note th msgstr "IPv6 address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." #: ../../configuration/service/pppoe-server.rst:270 +msgid "IPv6 client's prefix" +msgstr "IPv6 client's prefix" + +#: ../../configuration/service/pppoe-server.rst:270 msgid "IPv6 client's prefix assignment" msgstr "IPv6 client's prefix assignment" -#: ../../configuration/protocols/bgp.rst:1144 +#: ../../configuration/service/pppoe-server.rst:295 +msgid "IPv6 default client's pool assignment" +msgstr "IPv6 default client's pool assignment" + +#: ../../configuration/protocols/bgp.rst:1166 msgid "IPv6 peering" msgstr "IPv6 peering" @@ -6445,7 +7019,7 @@ msgstr "IPv6 peering" msgid "IPv6 prefix." msgstr "IPv6 prefix." -#: ../../configuration/service/dhcp-server.rst:629 +#: ../../configuration/service/dhcp-server.rst:637 msgid "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" msgstr "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" @@ -6457,7 +7031,7 @@ msgstr "IPv6 relay" msgid "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." msgstr "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." -#: ../../configuration/service/dhcp-server.rst:502 +#: ../../configuration/service/dhcp-server.rst:508 msgid "IPv6 server" msgstr "IPv6 server" @@ -6477,7 +7051,7 @@ msgstr "IS-IS Global Configuration" msgid "IS-IS SR Configuration" msgstr "IS-IS SR Configuration" -#: ../../configuration/service/dhcp-server.rst:233 +#: ../../configuration/service/dhcp-server.rst:239 msgid "ISC-DHCP Option name" msgstr "ISC-DHCP Option name" @@ -6493,7 +7067,7 @@ msgstr "If **max-threshold** is set but **min-threshold is not, then **min-thres msgid "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." msgstr "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." -#: ../../configuration/pki/index.rst:249 +#: ../../configuration/pki/index.rst:251 msgid "If CA is present, this certificate will be included in generated CRLs" msgstr "If CA is present, this certificate will be included in generated CRLs" @@ -6517,7 +7091,11 @@ msgstr "If :cfgcmd:`strict` is set the BGP session won’t become established un msgid "If ``alias`` is set, it can be used instead of the device when connecting." msgstr "If ``alias`` is set, it can be used instead of the device when connecting." -#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/policy/route-map.rst:204 +msgid "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." +msgstr "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." + +#: ../../configuration/vpn/l2tp.rst:79 msgid "If a local firewall policy is in place on your external interface you will need to allow the ports below:" msgstr "If a local firewall policy is in place on your external interface you will need to allow the ports below:" @@ -6530,7 +7108,7 @@ msgstr "If a registry is not specified, Docker.io will be used as the container msgid "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." msgstr "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." -#: ../../configuration/protocols/bgp.rst:771 +#: ../../configuration/protocols/bgp.rst:793 msgid "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." msgstr "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." @@ -6660,11 +7238,46 @@ msgstr "If the AS-Path for the route has only private ASNs, the private ASNs are msgid "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." msgstr "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." +#: ../../configuration/service/ipoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:205 +#: ../../configuration/vpn/l2tp.rst:248 +#: ../../configuration/vpn/pptp.rst:188 +#: ../../configuration/vpn/sstp.rst:221 +msgid "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:233 +#: ../../configuration/service/pppoe-server.rst:195 +#: ../../configuration/vpn/l2tp.rst:238 +#: ../../configuration/vpn/pptp.rst:178 +#: ../../configuration/vpn/sstp.rst:211 +msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." +msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." + #: ../../configuration/vpn/l2tp.rst:211 msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." -#: ../../configuration/vpn/l2tp.rst:218 +#: ../../configuration/service/ipoe-server.rst:237 +#: ../../configuration/service/pppoe-server.rst:199 +#: ../../configuration/vpn/l2tp.rst:242 +#: ../../configuration/vpn/pptp.rst:182 +#: ../../configuration/vpn/sstp.rst:215 +msgid "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:240 +#: ../../configuration/service/pppoe-server.rst:202 +#: ../../configuration/vpn/l2tp.rst:245 +#: ../../configuration/vpn/pptp.rst:185 +#: ../../configuration/vpn/sstp.rst:218 +msgid "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." + +#: ../../configuration/service/pppoe-server.rst:219 +#: ../../configuration/vpn/l2tp.rst:262 +#: ../../configuration/vpn/pptp.rst:202 +#: ../../configuration/vpn/sstp.rst:235 msgid "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." msgstr "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." @@ -6688,6 +7301,10 @@ msgstr "If the current queue size is larger than **queue-limit**, then packets w msgid "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" msgstr "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +#: ../../configuration/firewall/index.rst:83 +msgid "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +msgstr "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" + #: ../../configuration/firewall/index.rst:26 msgid "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" msgstr "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" @@ -6705,7 +7322,7 @@ msgstr "If the statically mapped peer is running Cisco IOS, specify the cisco ke msgid "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." msgstr "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." -#: ../../configuration/service/conntrack-sync.rst:126 +#: ../../configuration/service/conntrack-sync.rst:130 msgid "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" msgstr "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" @@ -6713,7 +7330,7 @@ msgstr "If the table is empty and you have a warning message, it means conntrack msgid "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." msgstr "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." -#: ../../configuration/vpn/site2site_ipsec.rst:241 +#: ../../configuration/vpn/site2site_ipsec.rst:244 msgid "If there is SNAT rules on eth1, need to add exclude rule" msgstr "If there is SNAT rules on eth1, need to add exclude rule" @@ -6726,14 +7343,21 @@ msgstr "If this command is invoked from configure mode with the ``run`` prefix t msgid "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." msgstr "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." -#: ../../configuration/protocols/bgp.rst:768 +#: ../../configuration/protocols/bgp.rst:790 msgid "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." msgstr "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." -#: ../../configuration/vpn/sstp.rst:183 +#: ../../configuration/vpn/sstp.rst:189 msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." +#: ../../configuration/service/pppoe-server.rst:484 +#: ../../configuration/vpn/l2tp.rst:438 +#: ../../configuration/vpn/pptp.rst:362 +#: ../../configuration/vpn/sstp.rst:396 +msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." +msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." + #: ../../_include/interface-ip.txt:75 msgid "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." msgstr "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." @@ -6750,11 +7374,11 @@ msgstr "If this parameter is not set, the default holdoff time is 30 seconds." msgid "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." msgstr "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." -#: ../../configuration/system/login.rst:270 +#: ../../configuration/system/login.rst:274 msgid "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." -#: ../../configuration/system/login.rst:339 +#: ../../configuration/system/login.rst:343 msgid "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." @@ -6786,10 +7410,17 @@ msgstr "If you are responsible for the global addresses assigned to your network msgid "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." msgstr "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." -#: ../../configuration/vpn/l2tp.rst:165 +#: ../../configuration/service/ipoe-server.rst:146 +#: ../../configuration/service/pppoe-server.rst:108 +#: ../../configuration/vpn/l2tp.rst:151 msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +#: ../../configuration/vpn/pptp.rst:91 +#: ../../configuration/vpn/sstp.rst:124 +msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." + #: ../../configuration/interfaces/openvpn.rst:306 msgid "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." msgstr "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." @@ -6813,6 +7444,10 @@ msgstr "If you enable this, you will probably want to set diversity-factor and c msgid "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." msgstr "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." +#: ../../configuration/vpn/ipsec.rst:483 +msgid "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." +msgstr "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." + #: ../../configuration/interfaces/bonding.rst:312 msgid "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." msgstr "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." @@ -6849,10 +7484,26 @@ msgstr "If you only want to check if the user account is enabled and can authent msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." +#: ../../configuration/service/ipoe-server.rst:215 +#: ../../configuration/service/pppoe-server.rst:177 +#: ../../configuration/vpn/l2tp.rst:220 +#: ../../configuration/vpn/pptp.rst:160 +#: ../../configuration/vpn/sstp.rst:193 +msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." +msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." + #: ../../configuration/system/console.rst:41 msgid "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." msgstr "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." +#: ../../configuration/vpn/sstp.rst:482 +msgid "If you use a self-signed certificate, do not forget to install CA on the client side." +msgstr "If you use a self-signed certificate, do not forget to install CA on the client side." + +#: ../../configuration/vpn/ipsec.rst:538 +msgid "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." +msgstr "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." + #: ../../configuration/system/flow-accounting.rst:140 msgid "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." msgstr "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." @@ -6861,7 +7512,7 @@ msgstr "If you want to change the maximum number of flows, which are tracking si msgid "If you want to disable a rule but let it in the configuration." msgstr "If you want to disable a rule but let it in the configuration." -#: ../../configuration/system/login.rst:294 +#: ../../configuration/system/login.rst:298 msgid "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." msgstr "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." @@ -6873,7 +7524,7 @@ msgstr "If you want to use existing blacklists you have to create/download a dat msgid "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." msgstr "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." -#: ../../configuration/protocols/bgp.rst:760 +#: ../../configuration/protocols/bgp.rst:782 msgid "Ignore AS_PATH length when selecting a route" msgstr "Ignore AS_PATH length when selecting a route" @@ -6885,7 +7536,7 @@ msgstr "Ignore VRRP main interface faults" msgid "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" msgstr "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" -#: ../../configuration/vpn/site2site_ipsec.rst:279 +#: ../../configuration/vpn/site2site_ipsec.rst:282 msgid "Imagine the following topology" msgstr "Imagine the following topology" @@ -6893,11 +7544,35 @@ msgstr "Imagine the following topology" msgid "Immediate" msgstr "Immediate" +#: ../../configuration/pki/index.rst:254 +msgid "Import files to PKI format" +msgstr "Import files to PKI format" + +#: ../../configuration/pki/index.rst:265 +msgid "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." +msgstr "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." + +#: ../../configuration/pki/index.rst:280 +msgid "Import the OpenVPN shared secret stored in file to the VyOS CLI." +msgstr "Import the OpenVPN shared secret stored in file to the VyOS CLI." + +#: ../../configuration/pki/index.rst:271 +msgid "Import the certificate from the file to VyOS CLI." +msgstr "Import the certificate from the file to VyOS CLI." + +#: ../../configuration/pki/index.rst:275 +msgid "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." +msgstr "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." + +#: ../../configuration/pki/index.rst:261 +msgid "Import the public CA certificate from the defined file to VyOS CLI." +msgstr "Import the public CA certificate from the defined file to VyOS CLI." + #: ../../configuration/protocols/rpki.rst:46 msgid "Imported prefixes during the validation may have values:" msgstr "Imported prefixes during the validation may have values:" -#: ../../configuration/protocols/static.rst:158 +#: ../../configuration/protocols/static.rst:191 msgid "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." @@ -6905,7 +7580,7 @@ msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP msgid "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." msgstr "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." -#: ../../configuration/vpn/ipsec.rst:117 +#: ../../configuration/vpn/ipsec.rst:120 msgid "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." msgstr "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." @@ -6945,7 +7620,7 @@ msgstr "In a nutshell, the current implementation provides the following feature msgid "In addition, you can specify many other parameters to get BGP information:" msgstr "In addition, you can specify many other parameters to get BGP information:" -#: ../../configuration/system/login.rst:301 +#: ../../configuration/system/login.rst:305 msgid "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." @@ -6953,12 +7628,16 @@ msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service msgid "In addition to displaying flow accounting information locally, one can also exported them to a collection server." msgstr "In addition to displaying flow accounting information locally, one can also exported them to a collection server." -#: ../../configuration/pki/index.rst:144 -#: ../../configuration/pki/index.rst:159 +#: ../../configuration/pki/index.rst:146 +#: ../../configuration/pki/index.rst:161 #: ../../configuration/pki/pki_cli_import_help.txt:1 msgid "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." msgstr "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." +#: ../../configuration/interfaces/pppoe.rst:388 +msgid "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." +msgstr "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." + #: ../../configuration/service/broadcast-relay.rst:48 msgid "In addition you can also disable the whole service without the need to remove it from the current configuration." msgstr "In addition you can also disable the whole service without the need to remove it from the current configuration." @@ -7003,7 +7682,7 @@ msgstr "In firewall bridge rules, the action can be:" msgid "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." msgstr "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." -#: ../../configuration/system/login.rst:236 +#: ../../configuration/system/login.rst:240 msgid "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." msgstr "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." @@ -7023,7 +7702,7 @@ msgstr "In order for the system to use and complete unqualified host names, a li msgid "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." msgstr "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." -#: ../../configuration/protocols/bgp.rst:820 +#: ../../configuration/protocols/bgp.rst:842 msgid "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." msgstr "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." @@ -7039,7 +7718,7 @@ msgstr "In order to have VyOS Traffic Control working you need to follow 2 steps msgid "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." msgstr "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." -#: ../../configuration/service/dhcp-server.rst:623 +#: ../../configuration/service/dhcp-server.rst:631 msgid "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." msgstr "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." @@ -7079,6 +7758,10 @@ msgstr "In our example, we used the key name ``openvpn-1`` which we will referen msgid "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" msgstr "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" +#: ../../configuration/vpn/ipsec.rst:411 +msgid "In our example the certificate name is called vyos:" +msgstr "In our example the certificate name is called vyos:" + #: ../../configuration/trafficpolicy/index.rst:906 msgid "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." msgstr "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." @@ -7123,7 +7806,11 @@ msgstr "In the case you want to apply some kind of **shaping** to your **inbound msgid "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." msgstr "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." -#: ../../configuration/service/pppoe-server.rst:259 +#: ../../configuration/vpn/ipsec.rst:564 +msgid "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." +msgstr "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." + +#: ../../configuration/service/pppoe-server.rst:333 msgid "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." msgstr "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." @@ -7131,7 +7818,7 @@ msgstr "In the example above, the first 499 sessions connect without delay. PADO msgid "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" msgstr "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" -#: ../../configuration/system/login.rst:399 +#: ../../configuration/system/login.rst:403 msgid "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." msgstr "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." @@ -7151,7 +7838,7 @@ msgstr "In the following example we can see a basic multicast setup:" msgid "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." msgstr "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." -#: ../../configuration/highavailability/index.rst:400 +#: ../../configuration/highavailability/index.rst:410 msgid "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" msgstr "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" @@ -7175,7 +7862,7 @@ msgstr "In this example, we use **masquerade** as the translation address instea msgid "In this example, we will be using the example Quick Start configuration above as a starting point." msgstr "In this example, we will be using the example Quick Start configuration above as a starting point." -#: ../../configuration/highavailability/index.rst:430 +#: ../../configuration/highavailability/index.rst:440 msgid "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." msgstr "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." @@ -7191,7 +7878,7 @@ msgstr "In this example we will use the most complicated case: a setup where eac msgid "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." msgstr "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." -#: ../../configuration/service/dns.rst:165 +#: ../../configuration/service/dns.rst:152 msgid "In this scenario:" msgstr "In this scenario:" @@ -7319,6 +8006,10 @@ msgstr "Intel® QAT" msgid "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" msgstr "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" +#: ../../configuration/service/ids.rst:96 +msgid "Interface **eth0** used to connect to upstream." +msgstr "Interface **eth0** used to connect to upstream." + #: ../../configuration/protocols/isis.rst:146 #: ../../configuration/protocols/ospf.rst:356 #: ../../configuration/protocols/ospf.rst:1139 @@ -7329,7 +8020,7 @@ msgstr "Interface Configuration" msgid "Interface Groups" msgstr "Interface Groups" -#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:87 msgid "Interface Routes" msgstr "Interface Routes" @@ -7367,7 +8058,7 @@ msgid "Interface weight" msgstr "Interface weight" #: ../../configuration/interfaces/index.rst:3 -#: ../../configuration/vrf/index.rst:71 +#: ../../configuration/vrf/index.rst:90 msgid "Interfaces" msgstr "Interfaces" @@ -7388,10 +8079,18 @@ msgstr "Interfaces that participate in the DHCP relay process. If this command i msgid "Interfaces whose DHCP client nameservers to forward requests to." msgstr "Interfaces whose DHCP client nameservers to forward requests to." +#: ../../configuration/service/ids.rst:105 +msgid "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." +msgstr "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." + #: ../../configuration/system/flow-accounting.rst:70 msgid "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" msgstr "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" +#: ../../configuration/vpn/ipsec.rst:374 +msgid "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." +msgstr "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:6 msgid "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." msgstr "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." @@ -7412,7 +8111,7 @@ msgstr "Interval in milliseconds" msgid "Interval in minutes between updates (default: 60)" msgstr "Interval in minutes between updates (default: 60)" -#: ../../configuration/protocols/bgp.rst:906 +#: ../../configuration/protocols/bgp.rst:928 msgid "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." msgstr "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." @@ -7432,11 +8131,11 @@ msgstr "It's slower than IPsec due to higher protocol overhead and the fact it r msgid "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" msgstr "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" -#: ../../configuration/system/option.rst:111 +#: ../../configuration/system/option.rst:141 msgid "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." msgstr "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." -#: ../../configuration/system/option.rst:102 +#: ../../configuration/system/option.rst:132 msgid "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." msgstr "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." @@ -7457,11 +8156,11 @@ msgstr "It helps to think of the syntax as: (see below). The 'rule-set' should b msgid "It is compatible with Cisco (R) AnyConnect (R) clients." msgstr "It is compatible with Cisco (R) AnyConnect (R) clients." -#: ../../configuration/service/dhcp-server.rst:590 +#: ../../configuration/service/dhcp-server.rst:596 msgid "It is connected to ``eth1``" msgstr "It is connected to ``eth1``" -#: ../../configuration/system/login.rst:42 +#: ../../configuration/system/login.rst:46 msgid "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." msgstr "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." @@ -7477,11 +8176,11 @@ msgstr "It is important to note that when creating firewall rules, the DNAT tran msgid "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." msgstr "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." -#: ../../configuration/vrf/index.rst:505 +#: ../../configuration/vrf/index.rst:524 msgid "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." -#: ../../configuration/vrf/index.rst:113 +#: ../../configuration/vrf/index.rst:132 msgid "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." @@ -7489,14 +8188,19 @@ msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained msgid "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" msgstr "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" -#: ../../configuration/system/login.rst:93 +#: ../../configuration/system/login.rst:97 msgid "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." msgstr "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." -#: ../../configuration/vrf/index.rst:496 +#: ../../configuration/vrf/index.rst:515 msgid "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." msgstr "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." +#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:132 +msgid "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." +msgstr "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." + #: ../../configuration/service/conntrack-sync.rst:30 msgid "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" msgstr "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" @@ -7517,7 +8221,7 @@ msgstr "It uses a stochastic model to classify incoming packets into different f msgid "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." msgstr "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." -#: ../../configuration/vrf/index.rst:220 +#: ../../configuration/vrf/index.rst:239 msgid "Join a given VRF. This will open a new subshell within the specified VRF." msgstr "Join a given VRF. This will open a new subshell within the specified VRF." @@ -7529,15 +8233,19 @@ msgstr "Jump to a different rule in this route-map on a match." msgid "Juniper EX Switch" msgstr "Juniper EX Switch" +#: ../../configuration/system/option.rst:31 +msgid "Kernel" +msgstr "Kernel" + #: ../../configuration/system/syslog.rst:112 msgid "Kernel messages" msgstr "Kernel messages" -#: ../../configuration/system/login.rst:40 +#: ../../configuration/system/login.rst:44 msgid "Key Based Authentication" msgstr "Key Based Authentication" -#: ../../configuration/pki/index.rst:30 +#: ../../configuration/pki/index.rst:32 msgid "Key Generation" msgstr "Key Generation" @@ -7545,7 +8253,7 @@ msgstr "Key Generation" msgid "Key Management" msgstr "Key Management" -#: ../../configuration/vpn/site2site_ipsec.rst:383 +#: ../../configuration/vpn/site2site_ipsec.rst:386 msgid "Key Parameters:" msgstr "Key Parameters:" @@ -7557,11 +8265,15 @@ msgstr "Key Points:" msgid "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." msgstr "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." -#: ../../configuration/pki/index.rst:167 +#: ../../configuration/vpn/ipsec.rst:381 +msgid "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." +msgstr "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." + +#: ../../configuration/pki/index.rst:169 msgid "Key usage (CLI)" msgstr "Key usage (CLI)" -#: ../../configuration/system/option.rst:58 +#: ../../configuration/system/option.rst:88 msgid "Keyboard Layout" msgstr "Keyboard Layout" @@ -7574,7 +8286,7 @@ msgstr "Keypairs" msgid "Keyword" msgstr "Keyword" -#: ../../configuration/vpn/l2tp.rst:4 +#: ../../configuration/vpn/l2tp.rst:5 msgid "L2TP" msgstr "L2TP" @@ -7606,7 +8318,7 @@ msgstr "L2TPv3 is described in :rfc:`3931`." msgid "L2TPv3 options" msgstr "L2TPv3 options" -#: ../../configuration/vrf/index.rst:399 +#: ../../configuration/vrf/index.rst:418 msgid "L3VPN VRFs" msgstr "L3VPN VRFs" @@ -7635,7 +8347,7 @@ msgstr "LLDP performs functions similar to several proprietary protocols, such a msgid "LNS (L2TP Network Server)" msgstr "LNS (L2TP Network Server)" -#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/l2tp.rst:272 msgid "LNS are often used to connect to a LAC (L2TP Access Concentrator)." msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)." @@ -7647,11 +8359,11 @@ msgstr "Label Distribution Protocol" msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." -#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:599 msgid "Lease time will be left at the default value which is 24 hours" msgstr "Lease time will be left at the default value which is 24 hours" -#: ../../configuration/service/dhcp-server.rst:336 +#: ../../configuration/service/dhcp-server.rst:342 msgid "Lease timeout in seconds (default: 86400)" msgstr "Lease timeout in seconds (default: 86400)" @@ -7699,15 +8411,19 @@ msgstr "Lifetime in days; default is 365" msgid "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" msgstr "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" +#: ../../configuration/vpn/ipsec.rst:535 +msgid "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." +msgstr "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." + #: ../../configuration/loadbalancing/reverse-proxy.rst:162 msgid "Limit allowed cipher algorithms used during SSL/TLS handshake" msgstr "Limit allowed cipher algorithms used during SSL/TLS handshake" -#: ../../configuration/system/login.rst:112 +#: ../../configuration/system/login.rst:116 msgid "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." msgstr "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." -#: ../../configuration/system/login.rst:118 +#: ../../configuration/system/login.rst:122 msgid "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." msgstr "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." @@ -7723,7 +8439,7 @@ msgstr "Limiter" msgid "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." msgstr "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." -#: ../../configuration/system/login.rst:381 +#: ../../configuration/system/login.rst:385 msgid "Limits" msgstr "Limits" @@ -7767,7 +8483,7 @@ msgstr "List of supported algorithms: ``diffie-hellman-group1-sha1``, ``diffie-h msgid "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" msgstr "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" -#: ../../configuration/policy/route-map.rst:362 +#: ../../configuration/policy/route-map.rst:365 msgid "List of well-known communities" msgstr "List of well-known communities" @@ -7775,7 +8491,7 @@ msgstr "List of well-known communities" msgid "Listen for DHCP requests on interface ``eth1``." msgstr "Listen for DHCP requests on interface ``eth1``." -#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:137 msgid "Lists VRFs that have been created" msgstr "Lists VRFs that have been created" @@ -7787,7 +8503,7 @@ msgstr "Load-balancing" msgid "Load-balancing algorithms to be used for distributind requests among the vailable servers" msgstr "Load-balancing algorithms to be used for distributind requests among the vailable servers" -#: ../../configuration/highavailability/index.rst:347 +#: ../../configuration/highavailability/index.rst:357 msgid "Load-balancing schedule algorithm:" msgstr "Load-balancing schedule algorithm:" @@ -7795,11 +8511,11 @@ msgstr "Load-balancing schedule algorithm:" msgid "Load Balance" msgstr "Load Balance" -#: ../../configuration/service/pppoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:317 msgid "Load Balancing" msgstr "Load Balancing" -#: ../../configuration/system/login.rst:422 +#: ../../configuration/system/login.rst:426 msgid "Load the container image in op-mode." msgstr "Load the container image in op-mode." @@ -7848,11 +8564,11 @@ msgstr "Local User Account" msgid "Local path that includes the known hosts file." msgstr "Local path that includes the known hosts file." -#: ../../configuration/protocols/rpki.rst:145 +#: ../../configuration/protocols/rpki.rst:155 msgid "Local path that includes the private key file of the router." msgstr "Local path that includes the private key file of the router." -#: ../../configuration/protocols/rpki.rst:149 +#: ../../configuration/protocols/rpki.rst:159 msgid "Local path that includes the public key file of the router." msgstr "Local path that includes the public key file of the router." @@ -7864,7 +8580,7 @@ msgstr "Local route" msgid "Locally connect to serial port identified by `<device>`." msgstr "Locally connect to serial port identified by `<device>`." -#: ../../configuration/policy/route-map.rst:273 +#: ../../configuration/policy/route-map.rst:276 msgid "Locally significant administrative distance." msgstr "Locally significant administrative distance." @@ -7918,11 +8634,11 @@ msgstr "Logging to a remote host leaves the local logging configuration intact, msgid "Login/User Management" msgstr "Login/User Management" -#: ../../configuration/system/login.rst:363 +#: ../../configuration/system/login.rst:367 msgid "Login Banner" msgstr "Login Banner" -#: ../../configuration/system/login.rst:383 +#: ../../configuration/system/login.rst:387 msgid "Login limits" msgstr "Login limits" @@ -7981,7 +8697,7 @@ msgstr "MACsec options" msgid "MDI power" msgstr "MDI power" -#: ../../configuration/system/login.rst:91 +#: ../../configuration/system/login.rst:95 msgid "MFA/2FA authentication using OTP (one time passwords)" msgstr "MFA/2FA authentication using OTP (one time passwords)" @@ -8024,11 +8740,11 @@ msgstr "Main structure VyOS firewall cli is shown next:" msgid "Main structure is shown next:" msgstr "Main structure is shown next:" -#: ../../configuration/service/pppoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:303 msgid "Maintenance mode" msgstr "Maintenance mode" -#: ../../configuration/service/conntrack-sync.rst:107 +#: ../../configuration/service/conntrack-sync.rst:111 msgid "Make sure conntrack is enabled by running and show connection tracking table." msgstr "Make sure conntrack is enabled by running and show connection tracking table." @@ -8048,7 +8764,7 @@ msgstr "Mandatory Settings" msgid "Manual Neighbor Configuration" msgstr "Manual Neighbor Configuration" -#: ../../configuration/pki/index.rst:336 +#: ../../configuration/pki/index.rst:367 msgid "Manually trigger certificate renewal. This will be done twice a day." msgstr "Manually trigger certificate renewal. This will be done twice a day." @@ -8056,15 +8772,19 @@ msgstr "Manually trigger certificate renewal. This will be done twice a day." msgid "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." msgstr "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." -#: ../../configuration/vpn/sstp.rst:223 +#: ../../configuration/service/ipoe-server.rst:166 +#: ../../configuration/service/pppoe-server.rst:128 +#: ../../configuration/vpn/l2tp.rst:171 +#: ../../configuration/vpn/pptp.rst:111 +#: ../../configuration/vpn/sstp.rst:144 msgid "Mark RADIUS server as offline for this given `<time>` in seconds." msgstr "Mark RADIUS server as offline for this given `<time>` in seconds." -#: ../../configuration/pki/index.rst:206 +#: ../../configuration/pki/index.rst:208 msgid "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." -#: ../../configuration/pki/index.rst:244 +#: ../../configuration/pki/index.rst:246 msgid "Mark the private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the private key as password protected. User is asked for the password when the key is referenced." @@ -8076,7 +8796,7 @@ msgstr "Match BGP large communities." msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." -#: ../../configuration/firewall/ipv4.rst:440 +#: ../../configuration/firewall/ipv4.rst:463 #: ../../configuration/firewall/ipv6.rst:447 msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." @@ -8089,17 +8809,21 @@ msgstr "Match RPKI validation result." msgid "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." -#: ../../configuration/firewall/ipv4.rst:773 +#: ../../configuration/firewall/ipv4.rst:796 #: ../../configuration/firewall/ipv6.rst:783 msgid "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:831 +#: ../../configuration/firewall/ipv4.rst:854 #: ../../configuration/firewall/ipv6.rst:840 msgid "Match against the state of a packet." msgstr "Match against the state of a packet." -#: ../../configuration/firewall/ipv4.rst:620 +#: ../../configuration/firewall/ipv4.rst:336 +msgid "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." +msgstr "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." + +#: ../../configuration/firewall/ipv4.rst:643 #: ../../configuration/firewall/ipv6.rst:630 msgid "Match based on dscp value." msgstr "Match based on dscp value." @@ -8108,16 +8832,16 @@ msgstr "Match based on dscp value." msgid "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." msgstr "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:631 +#: ../../configuration/firewall/ipv4.rst:654 #: ../../configuration/firewall/ipv6.rst:641 msgid "Match based on fragment criteria." msgstr "Match based on fragment criteria." -#: ../../configuration/firewall/ipv4.rst:642 +#: ../../configuration/firewall/ipv4.rst:665 msgid "Match based on icmp code and type." msgstr "Match based on icmp code and type." -#: ../../configuration/firewall/ipv4.rst:653 +#: ../../configuration/firewall/ipv4.rst:676 msgid "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." msgstr "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." @@ -8147,18 +8871,18 @@ msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:239 -#: ../../configuration/firewall/ipv4.rst:663 +#: ../../configuration/firewall/ipv4.rst:686 #: ../../configuration/firewall/ipv6.rst:673 msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:248 -#: ../../configuration/firewall/ipv4.rst:674 +#: ../../configuration/firewall/ipv4.rst:697 #: ../../configuration/firewall/ipv6.rst:684 msgid "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:707 +#: ../../configuration/firewall/ipv4.rst:730 #: ../../configuration/firewall/ipv6.rst:717 msgid "Match based on ipsec criteria." msgstr "Match based on ipsec criteria." @@ -8168,35 +8892,35 @@ msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:256 -#: ../../configuration/firewall/ipv4.rst:684 +#: ../../configuration/firewall/ipv4.rst:707 #: ../../configuration/firewall/ipv6.rst:694 msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:265 -#: ../../configuration/firewall/ipv4.rst:695 +#: ../../configuration/firewall/ipv4.rst:718 #: ../../configuration/firewall/ipv6.rst:705 msgid "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:750 +#: ../../configuration/firewall/ipv4.rst:773 #: ../../configuration/firewall/ipv6.rst:760 #: ../../configuration/policy/route.rst:176 msgid "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." msgstr "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:762 +#: ../../configuration/firewall/ipv4.rst:785 #: ../../configuration/firewall/ipv6.rst:772 #: ../../configuration/policy/route.rst:184 msgid "Match based on packet type criteria." msgstr "Match based on packet type criteria." -#: ../../configuration/firewall/ipv4.rst:729 +#: ../../configuration/firewall/ipv4.rst:752 #: ../../configuration/firewall/ipv6.rst:739 msgid "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" msgstr "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" -#: ../../configuration/firewall/ipv4.rst:718 +#: ../../configuration/firewall/ipv4.rst:741 #: ../../configuration/firewall/ipv6.rst:728 msgid "Match based on the maximum number of packets to allow in excess of rate." msgstr "Match based on the maximum number of packets to allow in excess of rate." @@ -8209,7 +8933,7 @@ msgstr "Match based on vlan ID. Range is also supported." msgid "Match based on vlan priority(pcp). Range is also supported." msgstr "Match based on vlan priority(pcp). Range is also supported." -#: ../../configuration/firewall/ipv4.rst:801 +#: ../../configuration/firewall/ipv4.rst:824 #: ../../configuration/firewall/ipv6.rst:810 msgid "Match bases on recently seen sources." msgstr "Match bases on recently seen sources." @@ -8224,7 +8948,7 @@ msgstr "Match criteria based on connection mark." msgid "Match criteria based on nat connection status." msgstr "Match criteria based on nat connection status." -#: ../../configuration/firewall/ipv4.rst:345 +#: ../../configuration/firewall/ipv4.rst:368 #: ../../configuration/firewall/ipv6.rst:345 msgid "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." msgstr "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." @@ -8237,6 +8961,14 @@ msgstr "Match criteria based on source and/or destination mac-address." msgid "Match domain name" msgstr "Match domain name" +#: ../../configuration/service/ipoe-server.rst:382 +#: ../../configuration/service/pppoe-server.rst:571 +#: ../../configuration/vpn/l2tp.rst:506 +#: ../../configuration/vpn/pptp.rst:430 +#: ../../configuration/vpn/sstp.rst:464 +msgid "Match firewall mark value" +msgstr "Match firewall mark value" + #: ../../configuration/firewall/ipv6.rst:894 #: ../../configuration/policy/route.rst:234 msgid "Match hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." @@ -8250,12 +8982,12 @@ msgstr "Match local preference." msgid "Match route metric." msgstr "Match route metric." -#: ../../configuration/firewall/ipv4.rst:885 +#: ../../configuration/firewall/ipv4.rst:908 #: ../../configuration/policy/route.rst:229 msgid "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." msgstr "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." -#: ../../configuration/firewall/ipv4.rst:906 +#: ../../configuration/firewall/ipv4.rst:929 #: ../../configuration/firewall/ipv6.rst:915 msgid "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." msgstr "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." @@ -8275,11 +9007,24 @@ msgstr "Matching traffic" msgid "Maximum A-MSDU length 3839 (default) or 7935 octets" msgstr "Maximum A-MSDU length 3839 (default) or 7935 octets" +#: ../../configuration/vpn/l2tp.rst:492 +#: ../../configuration/vpn/pptp.rst:416 +msgid "Maximum Transmission Unit (MTU) (default: **1436**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1436**)" + +#: ../../configuration/service/pppoe-server.rst:538 +msgid "Maximum Transmission Unit (MTU) (default: **1492**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1492**)" + +#: ../../configuration/vpn/sstp.rst:450 +msgid "Maximum Transmission Unit (MTU) (default: **1500**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1500**)" + #: ../../configuration/service/dns.rst:108 msgid "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." msgstr "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." -#: ../../configuration/vpn/sstp.rst:159 +#: ../../configuration/vpn/sstp.rst:165 msgid "Maximum number of IPv4 nameservers" msgstr "Maximum number of IPv4 nameservers" @@ -8287,6 +9032,14 @@ msgstr "Maximum number of IPv4 nameservers" msgid "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." msgstr "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." +#: ../../configuration/service/ipoe-server.rst:372 +#: ../../configuration/service/pppoe-server.rst:542 +#: ../../configuration/vpn/l2tp.rst:496 +#: ../../configuration/vpn/pptp.rst:420 +#: ../../configuration/vpn/sstp.rst:454 +msgid "Maximum number of concurrent session start attempts" +msgstr "Maximum number of concurrent session start attempts" + #: ../../configuration/interfaces/wireless.rst:77 msgid "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." msgstr "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." @@ -8295,7 +9048,11 @@ msgstr "Maximum number of stations allowed in station table. New stations will b msgid "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." msgstr "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." -#: ../../configuration/vpn/sstp.rst:250 +#: ../../configuration/service/ipoe-server.rst:190 +#: ../../configuration/service/pppoe-server.rst:152 +#: ../../configuration/vpn/l2tp.rst:195 +#: ../../configuration/vpn/pptp.rst:135 +#: ../../configuration/vpn/sstp.rst:168 msgid "Maximum number of tries to send Access-Request/Accounting-Request queries" msgstr "Maximum number of tries to send Access-Request/Accounting-Request queries" @@ -8323,6 +9080,10 @@ msgstr "Messages generated internally by syslogd" msgid "Metris version, the default is ``2``" msgstr "Metris version, the default is ``2``" +#: ../../configuration/vpn/ipsec.rst:510 +msgid "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/service/router-advert.rst:1 msgid "Min and max intervals between unsolicited multicast RAs" msgstr "Min and max intervals between unsolicited multicast RAs" @@ -8351,7 +9112,12 @@ msgstr "Modify the time that pim will register suppress a FHR will send register msgid "Monitor, the system passively monitors any kind of wireless traffic" msgstr "Monitor, the system passively monitors any kind of wireless traffic" +#: ../../configuration/service/ipoe-server.rst:390 #: ../../configuration/service/monitoring.rst:2 +#: ../../configuration/service/pppoe-server.rst:583 +#: ../../configuration/vpn/l2tp.rst:518 +#: ../../configuration/vpn/pptp.rst:442 +#: ../../configuration/vpn/sstp.rst:538 msgid "Monitoring" msgstr "Monitoring" @@ -8371,7 +9137,7 @@ msgstr "Most operating systems include native client support for IPsec IKEv2 VPN msgid "Mount a volume into the container" msgstr "Mount a volume into the container" -#: ../../configuration/service/dhcp-server.rst:235 +#: ../../configuration/service/dhcp-server.rst:241 msgid "Multi" msgstr "Multi" @@ -8383,7 +9149,7 @@ msgstr "Multi-client server is the most popular OpenVPN mode on routers. It alwa msgid "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." msgstr "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." -#: ../../configuration/service/dhcp-server.rst:359 +#: ../../configuration/service/dhcp-server.rst:365 msgid "Multi: can be specified multiple times." msgstr "Multi: can be specified multiple times." @@ -8428,7 +9194,7 @@ msgstr "Multicast receivers will talk MLD to their local router, so, besides hav msgid "Multiple DNS servers can be defined." msgstr "Multiple DNS servers can be defined." -#: ../../configuration/protocols/rpki.rst:121 +#: ../../configuration/protocols/rpki.rst:135 msgid "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." msgstr "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." @@ -8460,16 +9226,16 @@ msgstr "Multiple interfaces may be specified." msgid "Multiple networks/client IP addresses can be configured." msgstr "Multiple networks/client IP addresses can be configured." -#: ../../configuration/system/login.rst:248 -#: ../../configuration/system/login.rst:317 +#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:321 msgid "Multiple servers can be specified." msgstr "Multiple servers can be specified." -#: ../../configuration/service/dns.rst:374 +#: ../../configuration/service/dns.rst:380 msgid "Multiple services can be used per interface. Just specify as many services per interface as you like!" msgstr "Multiple services can be used per interface. Just specify as many services per interface as you like!" -#: ../../configuration/firewall/ipv4.rst:494 +#: ../../configuration/firewall/ipv4.rst:517 #: ../../configuration/firewall/ipv6.rst:500 msgid "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" msgstr "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" @@ -8487,22 +9253,22 @@ msgstr "Multiple users can connect to the same serial device but only one is all msgid "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." msgstr "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." -#: ../../configuration/service/dhcp-server.rst:241 #: ../../configuration/service/dhcp-server.rst:247 -#: ../../configuration/service/dhcp-server.rst:252 -#: ../../configuration/service/dhcp-server.rst:272 -#: ../../configuration/service/dhcp-server.rst:287 -#: ../../configuration/service/dhcp-server.rst:292 -#: ../../configuration/service/dhcp-server.rst:297 -#: ../../configuration/service/dhcp-server.rst:302 -#: ../../configuration/service/dhcp-server.rst:307 -#: ../../configuration/service/dhcp-server.rst:327 -#: ../../configuration/service/dhcp-server.rst:332 -#: ../../configuration/service/dhcp-server.rst:337 +#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:293 +#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:308 +#: ../../configuration/service/dhcp-server.rst:313 +#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:338 +#: ../../configuration/service/dhcp-server.rst:343 msgid "N" msgstr "N" -#: ../../configuration/highavailability/index.rst:363 +#: ../../configuration/highavailability/index.rst:373 #: ../../configuration/nat/index.rst:5 msgid "NAT" msgstr "NAT" @@ -8523,6 +9289,10 @@ msgstr "NAT64" msgid "NAT64 client configuration:" msgstr "NAT64 client configuration:" +#: ../../configuration/service/router-advert.rst:84 +msgid "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." +msgstr "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." + #: ../../configuration/nat/nat64.rst:44 msgid "NAT64 server configuration:" msgstr "NAT64 server configuration:" @@ -8587,7 +9357,15 @@ msgstr "NTP supplies a warning of any impending leap second adjustment, but no i msgid "Name Server" msgstr "Name Server" -#: ../../configuration/service/dhcp-server.rst:356 +#: ../../configuration/vpn/sstp.rst:84 +msgid "Name of installed certificate authority certificate." +msgstr "Name of installed certificate authority certificate." + +#: ../../configuration/vpn/sstp.rst:88 +msgid "Name of installed server certificate." +msgstr "Name of installed server certificate." + +#: ../../configuration/service/dhcp-server.rst:362 msgid "Name of static mapping" msgstr "Name of static mapping" @@ -8595,11 +9373,11 @@ msgstr "Name of static mapping" msgid "Name of the single table Only if set group-metrics single-table." msgstr "Name of the single table Only if set group-metrics single-table." -#: ../../configuration/service/dhcp-server.rst:296 +#: ../../configuration/service/dhcp-server.rst:302 msgid "Name or IPv4 address of TFTP server" msgstr "Name or IPv4 address of TFTP server" -#: ../../configuration/service/dhcp-server.rst:281 +#: ../../configuration/service/dhcp-server.rst:287 msgid "NetBIOS over TCP/IP name server" msgstr "NetBIOS over TCP/IP name server" @@ -8677,6 +9455,10 @@ msgstr "Network management station (NMS) - software which runs on the manager" msgid "Network news subsystem" msgstr "Network news subsystem" +#: ../../configuration/service/ids.rst:87 +msgid "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" +msgstr "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" + #: ../../configuration/service/monitoring.rst:47 msgid "Networks allowed to query this server" msgstr "Networks allowed to query this server" @@ -8693,11 +9475,11 @@ msgstr "Next-hop interface for the route" msgid "Next it is necessary to configure 2FA for OpenConnect:" msgstr "Next it is necessary to configure 2FA for OpenConnect:" -#: ../../configuration/policy/route-map.rst:279 +#: ../../configuration/policy/route-map.rst:282 msgid "Nexthop IP address." msgstr "Nexthop IP address." -#: ../../configuration/policy/route-map.rst:298 +#: ../../configuration/policy/route-map.rst:301 msgid "Nexthop IPv6 address." msgstr "Nexthop IPv6 address." @@ -8705,6 +9487,18 @@ msgstr "Nexthop IPv6 address." msgid "Nexthop IPv6 address to match." msgstr "Nexthop IPv6 address to match." +#: ../../configuration/system/ip.rst:47 +#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/vrf/index.rst:71 +msgid "Nexthop Tracking" +msgstr "Nexthop Tracking" + +#: ../../configuration/system/ip.rst:49 +#: ../../configuration/system/ipv6.rst:45 +#: ../../configuration/vrf/index.rst:73 +msgid "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." +msgstr "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." + #: ../../configuration/protocols/rpki.rst:59 msgid "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" msgstr "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" @@ -8713,7 +9507,7 @@ msgstr "No ROA exists which covers that prefix. Unfortunately this is the case f msgid "No VLAN tagging required by your ISP." msgstr "No VLAN tagging required by your ISP." -#: ../../configuration/protocols/bgp.rst:707 +#: ../../configuration/protocols/bgp.rst:729 msgid "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." msgstr "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." @@ -8753,7 +9547,7 @@ msgstr "Note: certificate names don't matter, we use 'openvpn-local' and 'openvp msgid "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." msgstr "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." -#: ../../configuration/vpn/ipsec.rst:294 +#: ../../configuration/vpn/ipsec.rst:298 #: ../../configuration/vpn/rsa-keys.rst:35 msgid "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." @@ -8762,11 +9556,11 @@ msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT publi msgid "Notice" msgstr "Notice" -#: ../../configuration/service/conntrack-sync.rst:194 +#: ../../configuration/service/conntrack-sync.rst:198 msgid "Now configure conntrack-sync service on ``router1`` **and** ``router2``" msgstr "Now configure conntrack-sync service on ``router1`` **and** ``router2``" -#: ../../configuration/vpn/ipsec.rst:297 +#: ../../configuration/vpn/ipsec.rst:301 msgid "Now the noted public keys should be entered on the opposite routers." msgstr "Now the noted public keys should be entered on the opposite routers." @@ -8786,7 +9580,7 @@ msgstr "Now when connecting the user will first be asked for the password and th msgid "Now you are ready to setup IPsec. The key points:" msgstr "Now you are ready to setup IPsec. The key points:" -#: ../../configuration/vpn/ipsec.rst:311 +#: ../../configuration/vpn/ipsec.rst:315 msgid "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." @@ -8794,6 +9588,10 @@ msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of ad msgid "Number of antennas on this card" msgstr "Number of antennas on this card" +#: ../../configuration/service/dns.rst:166 +msgid "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." +msgstr "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." + #: ../../configuration/system/syslog.rst:231 msgid "Number of lines to be displayed, default 10" msgstr "Number of lines to be displayed, default 10" @@ -8822,7 +9620,7 @@ msgstr "OSPFv2 (IPv4)" msgid "OSPFv3 (IPv6)" msgstr "OSPFv3 (IPv6)" -#: ../../configuration/system/login.rst:141 +#: ../../configuration/system/login.rst:145 msgid "OTP-key generation" msgstr "OTP-key generation" @@ -8830,7 +9628,7 @@ msgstr "OTP-key generation" msgid "Offloading" msgstr "Offloading" -#: ../../configuration/service/dhcp-server.rst:245 +#: ../../configuration/service/dhcp-server.rst:251 msgid "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" msgstr "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" @@ -8842,7 +9640,7 @@ msgstr "Often we need to embed one policy into another one. It is possible to do msgid "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." msgstr "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." -#: ../../configuration/service/conntrack-sync.rst:211 +#: ../../configuration/service/conntrack-sync.rst:215 msgid "On active router run:" msgstr "On active router run:" @@ -8858,7 +9656,7 @@ msgstr "On low rates (below 40Mbit) you may want to tune `quantum` down to somet msgid "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." msgstr "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." -#: ../../configuration/service/conntrack-sync.rst:242 +#: ../../configuration/service/conntrack-sync.rst:246 msgid "On standby router run:" msgstr "On standby router run:" @@ -8866,34 +9664,34 @@ msgstr "On standby router run:" msgid "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." msgstr "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." -#: ../../configuration/vpn/ipsec.rst:181 -#: ../../configuration/vpn/ipsec.rst:239 -#: ../../configuration/vpn/ipsec.rst:299 +#: ../../configuration/vpn/ipsec.rst:185 +#: ../../configuration/vpn/ipsec.rst:243 +#: ../../configuration/vpn/ipsec.rst:303 #: ../../configuration/vpn/rsa-keys.rst:40 msgid "On the LEFT:" msgstr "On the LEFT:" -#: ../../configuration/vpn/ipsec.rst:314 +#: ../../configuration/vpn/ipsec.rst:318 #: ../../configuration/vpn/rsa-keys.rst:59 msgid "On the LEFT (static address):" msgstr "On the LEFT (static address):" -#: ../../configuration/vpn/ipsec.rst:221 +#: ../../configuration/vpn/ipsec.rst:225 msgid "On the RIGHT, setup by analogy and swap local and remote addresses." msgstr "On the RIGHT, setup by analogy and swap local and remote addresses." -#: ../../configuration/vpn/ipsec.rst:250 -#: ../../configuration/vpn/ipsec.rst:305 +#: ../../configuration/vpn/ipsec.rst:254 +#: ../../configuration/vpn/ipsec.rst:309 #: ../../configuration/vpn/rsa-keys.rst:46 msgid "On the RIGHT:" msgstr "On the RIGHT:" -#: ../../configuration/vpn/ipsec.rst:339 +#: ../../configuration/vpn/ipsec.rst:343 #: ../../configuration/vpn/rsa-keys.rst:84 msgid "On the RIGHT (dynamic address):" msgstr "On the RIGHT (dynamic address):" -#: ../../configuration/service/conntrack-sync.rst:207 +#: ../../configuration/service/conntrack-sync.rst:211 msgid "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" msgstr "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" @@ -8921,7 +9719,7 @@ msgstr "Once a class has a filter configured, you will also have to define what msgid "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." msgstr "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." -#: ../../configuration/protocols/bgp.rst:702 +#: ../../configuration/protocols/bgp.rst:724 msgid "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." msgstr "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." @@ -8957,6 +9755,10 @@ msgstr "Once the matching rules are set for a class, you can start configuring h msgid "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." msgstr "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." +#: ../../configuration/service/pppoe-server.rst:285 +msgid "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." +msgstr "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." + #: ../../configuration/vpn/openconnect.rst:257 msgid "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." msgstr "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." @@ -8965,11 +9767,11 @@ msgstr "Once you commit the above changes you can create a config file in the /c msgid "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." msgstr "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." -#: ../../configuration/vpn/sstp.rst:307 +#: ../../configuration/vpn/sstp.rst:478 msgid "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." msgstr "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." -#: ../../configuration/protocols/rpki.rst:183 +#: ../../configuration/protocols/rpki.rst:193 msgid "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." msgstr "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." @@ -9001,7 +9803,7 @@ msgstr "Only VRRP is supported. Required option." msgid "Only allow certain IP addresses or prefixes to access the https webserver." msgstr "Only allow certain IP addresses or prefixes to access the https webserver." -#: ../../configuration/firewall/ipv4.rst:459 +#: ../../configuration/firewall/ipv4.rst:482 #: ../../configuration/firewall/ipv6.rst:466 msgid "Only in the source criteria, you can specify a mac-address." msgstr "Only in the source criteria, you can specify a mac-address." @@ -9022,7 +9824,7 @@ msgstr "Only request an address from the PPPoE server but do not install any def msgid "Only request an address from the SSTP server but do not install any default route." msgstr "Only request an address from the SSTP server but do not install any default route." -#: ../../configuration/system/login.rst:51 +#: ../../configuration/system/login.rst:55 msgid "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." @@ -9030,7 +9832,7 @@ msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note t msgid "Only works with a VXLAN device with external flag set." msgstr "Only works with a VXLAN device with external flag set." -#: ../../configuration/highavailability/index.rst:457 +#: ../../configuration/highavailability/index.rst:467 msgid "Op-mode check virtual-server status" msgstr "Op-mode check virtual-server status" @@ -9055,7 +9857,7 @@ msgid "OpenConnect supports a subset of it's configuration options to be applied msgstr "OpenConnect supports a subset of it's configuration options to be applied on a per user/group basis, for configuration purposes we refer to this functionality as \"Identity based config\". The following `OpenConnect Server Manual <https://ocserv.gitlab.io/www/manual.html#:~:text=Configuration%20files%20that% 20will%20be%20applied%20per%20user%20connection%20or%0A%23%20per%20group>`_ outlines the set of configuration options that are allowed. This can be leveraged to apply different sets of configs to different users or groups of users." #: ../../configuration/interfaces/openvpn.rst:7 -#: ../../configuration/pki/index.rst:117 +#: ../../configuration/pki/index.rst:119 msgid "OpenVPN" msgstr "OpenVPN" @@ -9105,23 +9907,23 @@ msgstr "Operating Modes" #: ../../configuration/interfaces/virtual-ethernet.rst:55 #: ../../configuration/interfaces/wireless.rst:416 #: ../../configuration/interfaces/wwan.rst:79 -#: ../../configuration/pki/index.rst:290 +#: ../../configuration/pki/index.rst:321 #: ../../configuration/protocols/igmp-proxy.rst:73 -#: ../../configuration/protocols/static.rst:183 -#: ../../configuration/service/conntrack-sync.rst:103 +#: ../../configuration/protocols/static.rst:216 +#: ../../configuration/service/conntrack-sync.rst:107 #: ../../configuration/service/console-server.rst:76 #: ../../configuration/service/dhcp-relay.rst:124 #: ../../configuration/service/dhcp-relay.rst:201 -#: ../../configuration/service/dns.rst:195 +#: ../../configuration/service/dns.rst:182 #: ../../configuration/service/lldp.rst:71 #: ../../configuration/service/mdns.rst:79 #: ../../configuration/service/ssh.rst:145 #: ../../configuration/service/webproxy.rst:330 #: ../../configuration/system/default-route.rst:25 #: ../../configuration/system/flow-accounting.rst:175 -#: ../../configuration/vrf/index.rst:111 -#: ../../configuration/vrf/index.rst:323 -#: ../../configuration/vrf/index.rst:503 +#: ../../configuration/vrf/index.rst:130 +#: ../../configuration/vrf/index.rst:342 +#: ../../configuration/vrf/index.rst:522 msgid "Operation" msgstr "Operation" @@ -9131,17 +9933,17 @@ msgid "Operation-mode" msgstr "Operation-mode" #: ../../configuration/firewall/bridge.rst:284 -#: ../../configuration/firewall/ipv4.rst:954 +#: ../../configuration/firewall/ipv4.rst:977 #: ../../configuration/firewall/ipv6.rst:962 msgid "Operation-mode Firewall" msgstr "Operation-mode Firewall" -#: ../../configuration/container/index.rst:143 +#: ../../configuration/container/index.rst:179 msgid "Operation Commands" msgstr "Operation Commands" -#: ../../configuration/service/dhcp-server.rst:412 -#: ../../configuration/service/dhcp-server.rst:664 +#: ../../configuration/service/dhcp-server.rst:418 +#: ../../configuration/service/dhcp-server.rst:672 #: ../../configuration/system/acceleration.rst:42 msgid "Operation Mode" msgstr "Operation Mode" @@ -9151,12 +9953,12 @@ msgid "Operation mode of wireless radio." msgstr "Operation mode of wireless radio." #: ../../configuration/interfaces/wireguard.rst:338 -#: ../../configuration/protocols/bfd.rst:94 -#: ../../configuration/protocols/bfd.rst:175 +#: ../../configuration/protocols/bfd.rst:101 +#: ../../configuration/protocols/bfd.rst:182 msgid "Operational Commands" msgstr "Operational Commands" -#: ../../configuration/protocols/bgp.rst:950 +#: ../../configuration/protocols/bgp.rst:972 #: ../../configuration/protocols/mpls.rst:218 #: ../../configuration/protocols/ospf.rst:609 #: ../../configuration/protocols/ospf.rst:1268 @@ -9164,8 +9966,8 @@ msgstr "Operational Commands" msgid "Operational Mode Commands" msgstr "Operational Mode Commands" -#: ../../configuration/system/ip.rst:47 -#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/system/ip.rst:60 +#: ../../configuration/system/ipv6.rst:56 msgid "Operational commands" msgstr "Operational commands" @@ -9177,11 +9979,11 @@ msgstr "Option" msgid "Option 43 for UniFI" msgstr "Option 43 for UniFI" -#: ../../configuration/service/dhcp-server.rst:234 +#: ../../configuration/service/dhcp-server.rst:240 msgid "Option description" msgstr "Option description" -#: ../../configuration/service/dhcp-server.rst:232 +#: ../../configuration/service/dhcp-server.rst:238 msgid "Option number" msgstr "Option number" @@ -9211,7 +10013,7 @@ msgstr "Optional" msgid "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." msgstr "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." -#: ../../configuration/system/login.rst:107 +#: ../../configuration/system/login.rst:111 msgid "Optional/default settings" msgstr "Optional/default settings" @@ -9231,12 +10033,11 @@ msgstr "Optionally set a specific static IPv4 or IPv6 address for the container. #: ../../configuration/interfaces/openvpn.rst:631 #: ../../configuration/service/dhcp-relay.rst:53 #: ../../configuration/service/dhcp-relay.rst:160 -#: ../../configuration/service/dhcp-server.rst:224 -#: ../../configuration/vpn/sstp.rst:230 +#: ../../configuration/service/dhcp-server.rst:230 msgid "Options" msgstr "Options" -#: ../../configuration/vpn/ipsec.rst:159 +#: ../../configuration/vpn/ipsec.rst:162 msgid "Options (Global IPsec settings) Attributes" msgstr "Options (Global IPsec settings) Attributes" @@ -9256,7 +10057,7 @@ msgstr "Or **binary** prefixes." msgid "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." msgstr "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." -#: ../../configuration/service/pppoe-server.rst:238 +#: ../../configuration/service/pppoe-server.rst:312 msgid "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." msgstr "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." @@ -9325,15 +10126,15 @@ msgstr "Overview of defined groups. You see the type, the members, and where the msgid "PBR multiple uplinks" msgstr "PBR multiple uplinks" -#: ../../configuration/vrf/index.rst:244 +#: ../../configuration/vrf/index.rst:263 msgid "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" msgstr "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" -#: ../../configuration/vrf/index.rst:245 +#: ../../configuration/vrf/index.rst:264 msgid "PC2 is in VRF ``blue`` which is the development department" msgstr "PC2 is in VRF ``blue`` which is the development department" -#: ../../configuration/vrf/index.rst:246 +#: ../../configuration/vrf/index.rst:265 msgid "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." msgstr "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." @@ -9369,7 +10170,7 @@ msgstr "PIM – Protocol Independent Multicast" msgid "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." msgstr "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." -#: ../../configuration/pki/index.rst:7 +#: ../../configuration/pki/index.rst:9 msgid "PKI" msgstr "PKI" @@ -9377,7 +10178,14 @@ msgstr "PKI" msgid "PPDU" msgstr "PPDU" -#: ../../configuration/vpn/sstp.rst:174 +#: ../../configuration/service/pppoe-server.rst:453 +#: ../../configuration/vpn/l2tp.rst:407 +#: ../../configuration/vpn/pptp.rst:331 +#: ../../configuration/vpn/sstp.rst:365 +msgid "PPP Advanced Options" +msgstr "PPP Advanced Options" + +#: ../../configuration/vpn/sstp.rst:180 msgid "PPP Settings" msgstr "PPP Settings" @@ -9393,7 +10201,7 @@ msgstr "PPPoE Server" msgid "PPPoE options" msgstr "PPPoE options" -#: ../../configuration/vpn/pptp.rst:4 +#: ../../configuration/vpn/pptp.rst:5 msgid "PPTP-Server" msgstr "PPTP-Server" @@ -9409,11 +10217,11 @@ msgstr "Particularly large networks may wish to run their own RPKI certificate a msgid "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." msgstr "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." -#: ../../configuration/vpn/sstp.rst:166 +#: ../../configuration/vpn/sstp.rst:172 msgid "Path to `<file>` pointing to the certificate authority certificate." msgstr "Path to `<file>` pointing to the certificate authority certificate." -#: ../../configuration/vpn/sstp.rst:170 +#: ../../configuration/vpn/sstp.rst:176 msgid "Path to `<file>` pointing to the servers certificate (public portion)." msgstr "Path to `<file>` pointing to the servers certificate (public portion)." @@ -9457,11 +10265,11 @@ msgstr "Per default VyOSs has minimal syslog logging enabled which is stored and msgid "Per default every packet is sampled (that is, the sampling rate is 1)." msgstr "Per default every packet is sampled (that is, the sampling rate is 1)." -#: ../../configuration/service/pppoe-server.rst:323 +#: ../../configuration/service/pppoe-server.rst:556 msgid "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." msgstr "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." -#: ../../configuration/system/option.rst:78 +#: ../../configuration/system/option.rst:108 msgid "Performance" msgstr "Performance" @@ -9469,11 +10277,11 @@ msgstr "Performance" msgid "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." msgstr "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." -#: ../../configuration/vrf/index.rst:197 +#: ../../configuration/vrf/index.rst:216 msgid "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." msgstr "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." -#: ../../configuration/vrf/index.rst:183 +#: ../../configuration/vrf/index.rst:202 msgid "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." msgstr "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." @@ -9497,7 +10305,7 @@ msgstr "Please, refer to appropiate section for more information about firewall msgid "Please, refer to appropriate section for more information about firewall configuration:" msgstr "Please, refer to appropriate section for more information about firewall configuration:" -#: ../../configuration/service/ipoe-server.rst:23 +#: ../../configuration/service/ipoe-server.rst:21 msgid "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." msgstr "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." @@ -9513,7 +10321,7 @@ msgstr "Please refer to the :ref:`ipsec` documentation for the individual IPSec msgid "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." msgstr "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." -#: ../../configuration/service/dhcp-server.rst:364 +#: ../../configuration/service/dhcp-server.rst:370 msgid "Please see the :ref:`dhcp-dns-quick-start` configuration." msgstr "Please see the :ref:`dhcp-dns-quick-start` configuration." @@ -9571,7 +10379,11 @@ msgstr "Port Groups" msgid "Port Mirror (SPAN)" msgstr "Port Mirror (SPAN)" -#: ../../configuration/vpn/sstp.rst:242 +#: ../../configuration/service/ipoe-server.rst:182 +#: ../../configuration/service/pppoe-server.rst:144 +#: ../../configuration/vpn/l2tp.rst:187 +#: ../../configuration/vpn/pptp.rst:127 +#: ../../configuration/vpn/sstp.rst:160 msgid "Port for Dynamic Authorization Extension server (DM/CoA)" msgstr "Port for Dynamic Authorization Extension server (DM/CoA)" @@ -9656,7 +10468,7 @@ msgstr "Preference associated with the default router" msgid "Prefix Conversion" msgstr "Prefix Conversion" -#: ../../configuration/service/dhcp-server.rst:564 +#: ../../configuration/service/dhcp-server.rst:570 msgid "Prefix Delegation" msgstr "Prefix Delegation" @@ -9696,11 +10508,11 @@ msgstr "Prefix to match against." msgid "Prefixes" msgstr "Prefixes" -#: ../../configuration/policy/route-map.rst:212 +#: ../../configuration/policy/route-map.rst:215 msgid "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." msgstr "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." -#: ../../configuration/policy/route-map.rst:207 +#: ../../configuration/policy/route-map.rst:210 msgid "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." @@ -9708,11 +10520,11 @@ msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's msgid "Principle of SNMP Communication" msgstr "Principle of SNMP Communication" -#: ../../configuration/vrf/index.rst:532 +#: ../../configuration/vrf/index.rst:551 msgid "Print a summary of neighbor connections for the specified AFI/SAFI combination." msgstr "Print a summary of neighbor connections for the specified AFI/SAFI combination." -#: ../../configuration/vrf/index.rst:511 +#: ../../configuration/vrf/index.rst:530 msgid "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." msgstr "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." @@ -9733,6 +10545,10 @@ msgstr "Priority Queue, as other non-shaping policies, is only useful if your ou msgid "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." msgstr "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." +#: ../../configuration/vpn/ipsec.rst:544 +msgid "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." +msgstr "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." + #: ../../configuration/service/monitoring.rst:38 msgid "Prometheus-client" msgstr "Prometheus-client" @@ -9841,7 +10657,7 @@ msgstr "Pseudo Ethernet/MACVLAN options" msgid "Publish a port for the container." msgstr "Publish a port for the container." -#: ../../configuration/container/index.rst:147 +#: ../../configuration/container/index.rst:183 msgid "Pull a new image for container" msgstr "Pull a new image for container" @@ -9875,7 +10691,7 @@ msgstr "R1:" msgid "R1 has 192.0.2.1/24 & 2001:db8::1/64" msgstr "R1 has 192.0.2.1/24 & 2001:db8::1/64" -#: ../../configuration/vrf/index.rst:248 +#: ../../configuration/vrf/index.rst:267 msgid "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" msgstr "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" @@ -9887,12 +10703,11 @@ msgstr "R2:" msgid "R2 has 192.0.2.2/24 & 2001:db8::2/64" msgstr "R2 has 192.0.2.2/24 & 2001:db8::2/64" -#: ../../configuration/system/login.rst:234 -#: ../../configuration/vpn/sstp.rst:207 +#: ../../configuration/system/login.rst:238 msgid "RADIUS" msgstr "RADIUS" -#: ../../configuration/service/ipoe-server.rst:111 +#: ../../configuration/service/ipoe-server.rst:112 msgid "RADIUS Setup" msgstr "RADIUS Setup" @@ -9900,6 +10715,14 @@ msgstr "RADIUS Setup" msgid "RADIUS advanced features" msgstr "RADIUS advanced features" +#: ../../configuration/service/ipoe-server.rst:158 +#: ../../configuration/service/pppoe-server.rst:120 +#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/vpn/pptp.rst:103 +#: ../../configuration/vpn/sstp.rst:136 +msgid "RADIUS advanced options" +msgstr "RADIUS advanced options" + #: ../../configuration/vpn/l2tp.rst:139 msgid "RADIUS authentication" msgstr "RADIUS authentication" @@ -9916,11 +10739,15 @@ msgstr "RADIUS provides the IP addresses in the example above via Framed-IP-Addr msgid "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" msgstr "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" -#: ../../configuration/system/login.rst:266 +#: ../../configuration/system/login.rst:270 msgid "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." msgstr "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." -#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/service/ipoe-server.rst:144 +#: ../../configuration/service/pppoe-server.rst:106 +#: ../../configuration/vpn/l2tp.rst:149 +#: ../../configuration/vpn/pptp.rst:89 +#: ../../configuration/vpn/sstp.rst:122 msgid "RADIUS source address" msgstr "RADIUS source address" @@ -9928,7 +10755,7 @@ msgstr "RADIUS source address" msgid "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." msgstr "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." -#: ../../configuration/service/dhcp-server.rst:256 +#: ../../configuration/service/dhcp-server.rst:262 msgid "RFC 868 time server IPv4 address" msgstr "RFC 868 time server IPv4 address" @@ -9970,8 +10797,8 @@ msgstr "Random-Detect could be useful for heavy traffic. One use of this algorit #: ../../configuration/protocols/static.rst:37 #: ../../configuration/protocols/static.rst:57 -#: ../../configuration/protocols/static.rst:84 -#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:107 +#: ../../configuration/protocols/static.rst:127 msgid "Range is 1 to 255, default is 1." msgstr "Range is 1 to 255, default is 1." @@ -10016,15 +10843,15 @@ msgstr "Re-generated the public/private keyportion which SSH uses to secure conn msgid "Reachable Time" msgstr "Reachable Time" -#: ../../configuration/highavailability/index.rst:388 +#: ../../configuration/highavailability/index.rst:398 msgid "Real server" msgstr "Real server" -#: ../../configuration/highavailability/index.rst:389 +#: ../../configuration/highavailability/index.rst:399 msgid "Real server IP address and port" msgstr "Real server IP address and port" -#: ../../configuration/highavailability/index.rst:404 +#: ../../configuration/highavailability/index.rst:414 msgid "Real server is auto-excluded if port check with this server fail." msgstr "Real server is auto-excluded if port check with this server fail." @@ -10032,7 +10859,11 @@ msgstr "Real server is auto-excluded if port check with this server fail." msgid "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." msgstr "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." -#: ../../configuration/vpn/l2tp.rst:205 +#: ../../configuration/service/ipoe-server.rst:227 +#: ../../configuration/service/pppoe-server.rst:189 +#: ../../configuration/vpn/l2tp.rst:232 +#: ../../configuration/vpn/pptp.rst:172 +#: ../../configuration/vpn/sstp.rst:205 msgid "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." msgstr "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." @@ -10068,7 +10899,7 @@ msgstr "Redistribution Configuration" msgid "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." msgstr "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." -#: ../../configuration/service/dns.rst:278 +#: ../../configuration/service/dns.rst:262 msgid "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" msgstr "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" @@ -10159,7 +10990,10 @@ msgstr "Remote port" msgid "Remote transmission interval will be multiplied by this value" msgstr "Remote transmission interval will be multiplied by this value" -#: ../../configuration/vpn/l2tp.rst:216 +#: ../../configuration/service/pppoe-server.rst:217 +#: ../../configuration/vpn/l2tp.rst:260 +#: ../../configuration/vpn/pptp.rst:200 +#: ../../configuration/vpn/sstp.rst:233 msgid "Renaming clients interfaces by RADIUS" msgstr "Renaming clients interfaces by RADIUS" @@ -10179,7 +11013,10 @@ msgstr "Request only a temporary address and not form an IA_NA (Identity Associa msgid "Requests are forwarded through ``eth2`` as the `upstream interface`" msgstr "Requests are forwarded through ``eth2`` as the `upstream interface`" -#: ../../configuration/vpn/sstp.rst:95 +#: ../../configuration/service/pppoe-server.rst:442 +#: ../../configuration/vpn/l2tp.rst:396 +#: ../../configuration/vpn/pptp.rst:320 +#: ../../configuration/vpn/sstp.rst:354 msgid "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." msgstr "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." @@ -10191,12 +11028,12 @@ msgstr "Requirements" msgid "Requirements:" msgstr "Requirements:" -#: ../../configuration/firewall/ipv4.rst:926 +#: ../../configuration/firewall/ipv4.rst:949 #: ../../configuration/firewall/ipv6.rst:935 msgid "Requirements to enable synproxy:" msgstr "Requirements to enable synproxy:" -#: ../../configuration/protocols/bgp.rst:1064 +#: ../../configuration/protocols/bgp.rst:1086 #: ../../configuration/protocols/mpls.rst:248 msgid "Reset" msgstr "Reset" @@ -10205,11 +11042,11 @@ msgstr "Reset" msgid "Reset OpenVPN" msgstr "Reset OpenVPN" -#: ../../configuration/system/ipv6.rst:150 +#: ../../configuration/system/ipv6.rst:163 msgid "Reset commands" msgstr "Reset commands" -#: ../../configuration/service/dns.rst:199 +#: ../../configuration/service/dns.rst:186 msgid "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." msgstr "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." @@ -10225,7 +11062,7 @@ msgstr "Restart DHCP relay service" msgid "Restart DHCPv6 relay agent immediately." msgstr "Restart DHCPv6 relay agent immediately." -#: ../../configuration/container/index.rst:167 +#: ../../configuration/container/index.rst:203 msgid "Restart a given container" msgstr "Restart a given container" @@ -10233,7 +11070,7 @@ msgstr "Restart a given container" msgid "Restart mDNS repeater service." msgstr "Restart mDNS repeater service." -#: ../../configuration/service/dhcp-server.rst:428 +#: ../../configuration/service/dhcp-server.rst:434 msgid "Restart the DHCP server" msgstr "Restart the DHCP server" @@ -10245,7 +11082,7 @@ msgstr "Restart the IGMP proxy process." msgid "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." msgstr "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." -#: ../../configuration/service/dns.rst:204 +#: ../../configuration/service/dns.rst:191 msgid "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." msgstr "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." @@ -10263,11 +11100,11 @@ msgstr "Results in:" msgid "Retransmit Timer" msgstr "Retransmit Timer" -#: ../../configuration/service/conntrack-sync.rst:140 +#: ../../configuration/service/conntrack-sync.rst:144 msgid "Retrieve current statistics of connection tracking subsystem." msgstr "Retrieve current statistics of connection tracking subsystem." -#: ../../configuration/service/conntrack-sync.rst:173 +#: ../../configuration/service/conntrack-sync.rst:177 msgid "Retrieve current status of connection tracking subsystem." msgstr "Retrieve current status of connection tracking subsystem." @@ -10287,15 +11124,15 @@ msgstr "Round Robin" msgid "Route Aggregation Configuration" msgstr "Route Aggregation Configuration" -#: ../../configuration/protocols/bgp.rst:682 +#: ../../configuration/protocols/bgp.rst:704 msgid "Route Dampening" msgstr "Route Dampening" -#: ../../configuration/protocols/bgp.rst:1189 +#: ../../configuration/protocols/bgp.rst:1211 msgid "Route Filtering" msgstr "Route Filtering" -#: ../../configuration/protocols/bgp.rst:818 +#: ../../configuration/protocols/bgp.rst:840 msgid "Route Filtering Configuration" msgstr "Route Filtering Configuration" @@ -10311,7 +11148,7 @@ msgstr "Route Map Policy" msgid "Route Redistribution" msgstr "Route Redistribution" -#: ../../configuration/protocols/bgp.rst:904 +#: ../../configuration/protocols/bgp.rst:926 msgid "Route Reflector Configuration" msgstr "Route Reflector Configuration" @@ -10319,7 +11156,7 @@ msgstr "Route Reflector Configuration" msgid "Route Selection" msgstr "Route Selection" -#: ../../configuration/protocols/bgp.rst:737 +#: ../../configuration/protocols/bgp.rst:759 msgid "Route Selection Configuration" msgstr "Route Selection Configuration" @@ -10327,11 +11164,11 @@ msgstr "Route Selection Configuration" msgid "Route and Route6 Policy" msgstr "Route and Route6 Policy" -#: ../../configuration/protocols/bgp.rst:690 +#: ../../configuration/protocols/bgp.rst:712 msgid "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." msgstr "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." -#: ../../configuration/protocols/bgp.rst:1191 +#: ../../configuration/protocols/bgp.rst:1213 msgid "Route filter can be applied using a route-map:" msgstr "Route filter can be applied using a route-map:" @@ -10363,7 +11200,7 @@ msgstr "Router Lifetime" msgid "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." msgstr "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." -#: ../../configuration/vrf/index.rst:425 +#: ../../configuration/vrf/index.rst:444 msgid "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" msgstr "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" @@ -10375,7 +11212,7 @@ msgstr "Routes on Node 2:" msgid "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." msgstr "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." -#: ../../configuration/protocols/bgp.rst:662 +#: ../../configuration/protocols/bgp.rst:684 #: ../../configuration/protocols/ospf.rst:92 #: ../../configuration/protocols/rip.rst:64 #: ../../configuration/protocols/static.rst:39 @@ -10391,7 +11228,7 @@ msgstr "Routes with this attribute can only be sent to your neighbor if your loc msgid "Routine" msgstr "Routine" -#: ../../configuration/vrf/index.rst:82 +#: ../../configuration/vrf/index.rst:101 msgid "Routing" msgstr "Routing" @@ -10404,7 +11241,7 @@ msgid "Rule-Sets" msgstr "Rule-Sets" #: ../../configuration/firewall/bridge.rst:287 -#: ../../configuration/firewall/ipv4.rst:957 +#: ../../configuration/firewall/ipv4.rst:980 #: ../../configuration/firewall/ipv6.rst:965 msgid "Rule-set overview" msgstr "Rule-set overview" @@ -10447,7 +11284,7 @@ msgstr "Rules allow to control and route incoming traffic to specific backend ba msgid "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." msgstr "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." -#: ../../configuration/service/dns.rst:391 +#: ../../configuration/service/dns.rst:399 msgid "Running Behind NAT" msgstr "Running Behind NAT" @@ -10511,7 +11348,7 @@ msgstr "SNMPv3 (version 3 of the SNMP protocol) introduced a whole slew of new s msgid "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." msgstr "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." -#: ../../configuration/protocols/rpki.rst:127 +#: ../../configuration/protocols/rpki.rst:141 #: ../../configuration/service/ssh.rst:5 msgid "SSH" msgstr "SSH" @@ -10520,11 +11357,11 @@ msgstr "SSH" msgid "SSH :ref:`ssh_key_based_authentication`" msgstr "SSH :ref:`ssh_key_based_authentication`" -#: ../../configuration/system/login.rst:57 +#: ../../configuration/system/login.rst:61 msgid "SSH :ref:`ssh_operation`" msgstr "SSH :ref:`ssh_operation`" -#: ../../configuration/system/option.rst:44 +#: ../../configuration/system/option.rst:74 msgid "SSH client" msgstr "SSH client" @@ -10532,7 +11369,7 @@ msgstr "SSH client" msgid "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." msgstr "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." -#: ../../configuration/protocols/rpki.rst:137 +#: ../../configuration/protocols/rpki.rst:151 msgid "SSH username to establish an SSH connection to the cache server." msgstr "SSH username to establish an SSH connection to the cache server." @@ -10545,7 +11382,6 @@ msgid "SSID to be used in IEEE 802.11 management frames" msgstr "SSID to be used in IEEE 802.11 management frames" #: ../../configuration/vpn/openconnect.rst:24 -#: ../../configuration/vpn/sstp.rst:162 msgid "SSL Certificates" msgstr "SSL Certificates" @@ -10609,7 +11445,44 @@ msgstr "Scanning is not supported on all wireless drivers and wireless hardware. msgid "Script execution" msgstr "Script execution" +#: ../../configuration/service/ipoe-server.rst:299 +#: ../../configuration/service/pppoe-server.rst:417 +#: ../../configuration/vpn/l2tp.rst:361 +#: ../../configuration/vpn/pptp.rst:285 +#: ../../configuration/vpn/sstp.rst:319 +msgid "Script to run before session interface comes up" +msgstr "Script to run before session interface comes up" + +#: ../../configuration/service/ipoe-server.rst:291 +#: ../../configuration/service/pppoe-server.rst:409 +#: ../../configuration/vpn/l2tp.rst:353 +#: ../../configuration/vpn/pptp.rst:277 +#: ../../configuration/vpn/sstp.rst:311 +msgid "Script to run when session interface changed by RADIUS CoA handling" +msgstr "Script to run when session interface changed by RADIUS CoA handling" + +#: ../../configuration/service/ipoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:413 +#: ../../configuration/vpn/l2tp.rst:357 +#: ../../configuration/vpn/pptp.rst:281 +#: ../../configuration/vpn/sstp.rst:315 +msgid "Script to run when session interface going to terminate" +msgstr "Script to run when session interface going to terminate" + +#: ../../configuration/service/ipoe-server.rst:303 +#: ../../configuration/service/pppoe-server.rst:421 +#: ../../configuration/vpn/l2tp.rst:365 +#: ../../configuration/vpn/pptp.rst:289 +#: ../../configuration/vpn/sstp.rst:323 +msgid "Script to run when session interface is completely configured and started" +msgstr "Script to run when session interface is completely configured and started" + #: ../../configuration/highavailability/index.rst:299 +#: ../../configuration/service/ipoe-server.rst:287 +#: ../../configuration/service/pppoe-server.rst:405 +#: ../../configuration/vpn/l2tp.rst:349 +#: ../../configuration/vpn/pptp.rst:273 +#: ../../configuration/vpn/sstp.rst:307 msgid "Scripting" msgstr "Scripting" @@ -10617,7 +11490,11 @@ msgstr "Scripting" msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." -#: ../../configuration/vpn/sstp.rst:246 +#: ../../configuration/service/ipoe-server.rst:186 +#: ../../configuration/service/pppoe-server.rst:148 +#: ../../configuration/vpn/l2tp.rst:191 +#: ../../configuration/vpn/pptp.rst:131 +#: ../../configuration/vpn/sstp.rst:164 msgid "Secret for Dynamic Authorization Extension server (DM/CoA)" msgstr "Secret for Dynamic Authorization Extension server (DM/CoA)" @@ -10634,7 +11511,7 @@ msgstr "Security/authentication messages" msgid "See :rfc:`7761#section-4.1` for details." msgstr "See :rfc:`7761#section-4.1` for details." -#: ../../configuration/system/ip.rst:52 +#: ../../configuration/system/ip.rst:65 msgid "See below the different parameters available for the IPv4 **show** command:" msgstr "See below the different parameters available for the IPv4 **show** command:" @@ -10670,7 +11547,7 @@ msgstr "Select TLS version used." msgid "Select cipher suite used for cryptographic operations. This setting is mandatory." msgstr "Select cipher suite used for cryptographic operations. This setting is mandatory." -#: ../../configuration/vrf/index.rst:468 +#: ../../configuration/vrf/index.rst:487 msgid "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." msgstr "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." @@ -10694,6 +11571,10 @@ msgstr "Send all DNS queries to the IPv4/IPv6 DNS server specified under `<addre msgid "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." msgstr "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." +#: ../../configuration/vpn/l2tp.rst:276 +msgid "Sent to the client (LAC) in the Host-Name attribute" +msgstr "Sent to the client (LAC) in the Host-Name attribute" + #: ../../configuration/system/console.rst:5 msgid "Serial Console" msgstr "Serial Console" @@ -10703,7 +11584,6 @@ msgid "Serial interfaces can be any interface which is directly connected to the msgstr "Serial interfaces can be any interface which is directly connected to the CPU or chipset (mostly known as a ttyS interface in Linux) or any other USB to serial converter (Prolific PL2303 or FTDI FT232/FT4232 based chips)." #: ../../configuration/interfaces/openvpn.rst:325 -#: ../../configuration/vpn/sstp.rst:210 msgid "Server" msgstr "Server" @@ -10711,7 +11591,7 @@ msgstr "Server" msgid "Server:" msgstr "Server:" -#: ../../configuration/pki/index.rst:210 +#: ../../configuration/pki/index.rst:212 msgid "Server Certificate" msgstr "Server Certificate" @@ -10723,7 +11603,7 @@ msgstr "Server Configuration" msgid "Server Side" msgstr "Server Side" -#: ../../configuration/service/ipoe-server.rst:156 +#: ../../configuration/service/ipoe-server.rst:157 msgid "Server configuration" msgstr "Server configuration" @@ -10748,19 +11628,19 @@ msgstr "Set BFD peer IPv4 address or IPv6 address" msgid "Set BGP community-list to exactly match." msgstr "Set BGP community-list to exactly match." -#: ../../configuration/policy/route-map.rst:318 +#: ../../configuration/policy/route-map.rst:321 msgid "Set BGP local preference attribute." msgstr "Set BGP local preference attribute." -#: ../../configuration/policy/route-map.rst:336 +#: ../../configuration/policy/route-map.rst:339 msgid "Set BGP origin code." msgstr "Set BGP origin code." -#: ../../configuration/policy/route-map.rst:341 +#: ../../configuration/policy/route-map.rst:344 msgid "Set BGP originator ID attribute." msgstr "Set BGP originator ID attribute." -#: ../../configuration/policy/route-map.rst:359 +#: ../../configuration/policy/route-map.rst:362 msgid "Set BGP weight attribute" msgstr "Set BGP weight attribute" @@ -10776,7 +11656,7 @@ msgstr "Set IPSec inbound match criterias, where:" msgid "Set IP fragment match, where:" msgstr "Set IP fragment match, where:" -#: ../../configuration/policy/route-map.rst:331 +#: ../../configuration/policy/route-map.rst:334 msgid "Set OSPF external metric-type." msgstr "Set OSPF external metric-type." @@ -10796,12 +11676,12 @@ msgstr "Set SNAT rule 30 to only NAT packets arriving from the 203.0.113.0/24 ne msgid "Set SSL certeficate <name> for service <name>" msgstr "Set SSL certeficate <name> for service <name>" -#: ../../configuration/firewall/ipv4.rst:918 +#: ../../configuration/firewall/ipv4.rst:941 #: ../../configuration/firewall/ipv6.rst:927 msgid "Set TCP-MSS (maximum segment size) for the connection" msgstr "Set TCP-MSS (maximum segment size) for the connection" -#: ../../configuration/service/dns.rst:280 +#: ../../configuration/service/dns.rst:264 msgid "Set TTL to 300 seconds" msgstr "Set TTL to 300 seconds" @@ -10825,7 +11705,7 @@ msgstr "Set a destination and/or source port. Accepted input:" msgid "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." msgstr "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." -#: ../../configuration/system/login.rst:387 +#: ../../configuration/system/login.rst:391 msgid "Set a limit on the maximum number of concurrent logged-in users on the system." msgstr "Set a limit on the maximum number of concurrent logged-in users on the system." @@ -10864,11 +11744,16 @@ msgstr "Set action to take on entries matching this rule." msgid "Set an API-KEY is the minimal configuration to get a working API Endpoint." msgstr "Set an API-KEY is the minimal configuration to get a working API Endpoint." -#: ../../configuration/vpn/sstp.rst:100 +#: ../../configuration/service/ipoe-server.rst:60 +#: ../../configuration/service/ipoe-server.rst:88 +#: ../../configuration/service/pppoe-server.rst:38 +#: ../../configuration/vpn/l2tp.rst:26 +#: ../../configuration/vpn/pptp.rst:27 +#: ../../configuration/vpn/sstp.rst:53 msgid "Set authentication backend. The configured authentication backend is used for all queries." msgstr "Set authentication backend. The configured authentication backend is used for all queries." -#: ../../configuration/container/index.rst:117 +#: ../../configuration/container/index.rst:122 msgid "Set container capabilities or permissions." msgstr "Set container capabilities or permissions." @@ -10880,6 +11765,19 @@ msgstr "Set delay between gratuitous ARP messages sent on an interface." msgid "Set delay for second set of gratuitous ARPs after transition to MASTER." msgstr "Set delay for second set of gratuitous ARPs after transition to MASTER." +#: ../../configuration/service/ipoe-server.rst:356 +#: ../../configuration/service/pppoe-server.rst:522 +#: ../../configuration/vpn/l2tp.rst:476 +#: ../../configuration/vpn/pptp.rst:400 +#: ../../configuration/vpn/sstp.rst:434 +msgid "Set description." +msgstr "Set description." + +#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:332 +msgid "Set description `<text>` for dynamic DNS service being configured." +msgstr "Set description `<text>` for dynamic DNS service being configured." + #: ../../configuration/policy/as-path-list.rst:21 msgid "Set description for as-path-list policy." msgstr "Set description for as-path-list policy." @@ -10956,7 +11854,7 @@ msgstr "Set eth1 to be the listening interface for the DHCPv6 relay." msgid "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." msgstr "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." -#: ../../configuration/policy/route-map.rst:251 +#: ../../configuration/policy/route-map.rst:254 msgid "Set extcommunity bandwidth" msgstr "Set extcommunity bandwidth" @@ -11025,6 +11923,10 @@ msgstr "Set maximum number of packets to alow in excess of rate." msgid "Set minimum time interval for refreshing gratuitous ARPs while MASTER." msgstr "Set minimum time interval for refreshing gratuitous ARPs while MASTER." +#: ../../configuration/vpn/l2tp.rst:72 +msgid "Set mode for IPsec authentication between VyOS and L2TP clients." +msgstr "Set mode for IPsec authentication between VyOS and L2TP clients." + #: ../../configuration/highavailability/index.rst:285 msgid "Set number of gratuitous ARP messages to send at a time after transition to MASTER." msgstr "Set number of gratuitous ARP messages to send at a time after transition to MASTER." @@ -11055,7 +11957,11 @@ msgstr "Set packet modifications: Packet Differentiated Services Codepoint (DSCP msgid "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." msgstr "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." -#: ../../configuration/policy/route-map.rst:350 +#: ../../configuration/vpn/l2tp.rst:76 +msgid "Set predefined shared secret phrase." +msgstr "Set predefined shared secret phrase." + +#: ../../configuration/policy/route-map.rst:353 msgid "Set prefixes to table." msgstr "Set prefixes to table." @@ -11063,7 +11969,7 @@ msgstr "Set prefixes to table." msgid "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." msgstr "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." -#: ../../configuration/policy/route-map.rst:260 +#: ../../configuration/policy/route-map.rst:263 msgid "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11080,7 +11986,7 @@ msgstr "Set rule action to drop." msgid "Set service to bind on IP address, by default listen on any IPv4 and IPv6" msgstr "Set service to bind on IP address, by default listen on any IPv4 and IPv6" -#: ../../configuration/policy/route-map.rst:265 +#: ../../configuration/policy/route-map.rst:268 msgid "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11096,7 +12002,7 @@ msgstr "Set some metric to routes learned from a particular neighbor." msgid "Set source-address to your local IP (LAN)." msgstr "Set source-address to your local IP (LAN)." -#: ../../configuration/policy/route-map.rst:346 +#: ../../configuration/policy/route-map.rst:349 msgid "Set source IP/IPv6 address for route." msgstr "Set source IP/IPv6 address for route." @@ -11105,7 +12011,7 @@ msgstr "Set source IP/IPv6 address for route." msgid "Set source address or prefix to match." msgstr "Set source address or prefix to match." -#: ../../configuration/policy/route-map.rst:354 +#: ../../configuration/policy/route-map.rst:357 msgid "Set tag value for routing protocol." msgstr "Set tag value for routing protocol." @@ -11113,8 +12019,8 @@ msgstr "Set tag value for routing protocol." msgid "Set the \"recursion desired\" bit in requests to the upstream nameserver." msgstr "Set the \"recursion desired\" bit in requests to the upstream nameserver." -#: ../../configuration/policy/route-map.rst:290 -#: ../../configuration/policy/route-map.rst:303 +#: ../../configuration/policy/route-map.rst:293 +#: ../../configuration/policy/route-map.rst:306 msgid "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." msgstr "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." @@ -11175,6 +12081,10 @@ msgstr "Set the Segment Routing Local Block i.e. the label range used by MPLS to msgid "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." msgstr "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." +#: ../../configuration/container/index.rst:99 +msgid "Set the User ID or Group ID of the container" +msgstr "Set the User ID or Group ID of the container" + #: ../../configuration/protocols/pim.rst:147 msgid "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." msgstr "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." @@ -11259,7 +12169,7 @@ msgstr "Set the name of the x509 client keypair used to authenticate against the msgid "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" msgstr "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" -#: ../../configuration/policy/route-map.rst:284 +#: ../../configuration/policy/route-map.rst:287 msgid "Set the next-hop as unchanged. Pass through the route-map without changing its value" msgstr "Set the next-hop as unchanged. Pass through the route-map without changing its value" @@ -11271,7 +12181,15 @@ msgstr "Set the number of TCP maximum retransmit attempts." msgid "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." msgstr "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." -#: ../../configuration/system/login.rst:84 +#: ../../configuration/protocols/rpki.rst:121 +msgid "Set the number of seconds the router waits until retrying to connect to the cache server." +msgstr "Set the number of seconds the router waits until retrying to connect to the cache server." + +#: ../../configuration/protocols/rpki.rst:114 +msgid "Set the number of seconds the router waits until the router expires the cache." +msgstr "Set the number of seconds the router waits until the router expires the cache." + +#: ../../configuration/system/login.rst:88 msgid "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." msgstr "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." @@ -11291,11 +12209,11 @@ msgstr "Set the peer's key used to receive (RX) traffic" msgid "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." msgstr "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." -#: ../../configuration/container/index.rst:98 +#: ../../configuration/container/index.rst:103 msgid "Set the restart behavior of the container." msgstr "Set the restart behavior of the container." -#: ../../configuration/policy/route-map.rst:323 +#: ../../configuration/policy/route-map.rst:326 msgid "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." msgstr "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." @@ -11328,12 +12246,12 @@ msgstr "Set the timeout in secounds for a protocol or state in a custom rule." msgid "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." msgstr "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." -#: ../../configuration/firewall/ipv4.rst:922 +#: ../../configuration/firewall/ipv4.rst:945 #: ../../configuration/firewall/ipv6.rst:931 msgid "Set the window scale factor for TCP window scaling" msgstr "Set the window scale factor for TCP window scaling" -#: ../../configuration/system/login.rst:124 +#: ../../configuration/system/login.rst:128 msgid "Set window of concurrently valid codes." msgstr "Set window of concurrently valid codes." @@ -11357,7 +12275,7 @@ msgstr "Sets the unique id for this vxlan-interface. Not sure how it correlates msgid "Setting VRRP group priority" msgstr "Setting VRRP group priority" -#: ../../configuration/service/dhcp-server.rst:231 +#: ../../configuration/service/dhcp-server.rst:237 msgid "Setting name" msgstr "Setting name" @@ -11389,7 +12307,12 @@ msgstr "Setting up certificates:" msgid "Setting up tunnel:" msgstr "Setting up tunnel:" -#: ../../configuration/service/dhcp-server.rst:373 +#: ../../configuration/system/option.rst:42 +#: ../../configuration/system/option.rst:53 +msgid "Setting will only become active with the next reboot!" +msgstr "Setting will only become active with the next reboot!" + +#: ../../configuration/service/dhcp-server.rst:379 msgid "Setup DHCP failover for network 192.0.2.0/24" msgstr "Setup DHCP failover for network 192.0.2.0/24" @@ -11397,15 +12320,19 @@ msgstr "Setup DHCP failover for network 192.0.2.0/24" msgid "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." msgstr "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." -#: ../../configuration/system/login.rst:262 +#: ../../configuration/system/login.rst:266 msgid "Setup the `<timeout>` in seconds when querying the RADIUS server." msgstr "Setup the `<timeout>` in seconds when querying the RADIUS server." -#: ../../configuration/system/login.rst:331 +#: ../../configuration/system/login.rst:335 msgid "Setup the `<timeout>` in seconds when querying the TACACS server." msgstr "Setup the `<timeout>` in seconds when querying the TACACS server." -#: ../../configuration/service/dns.rst:327 +#: ../../configuration/service/dns.rst:336 +msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." +msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:341 msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." @@ -11413,11 +12340,11 @@ msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS p msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." -#: ../../configuration/system/option.rst:31 +#: ../../configuration/system/option.rst:61 msgid "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." msgstr "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." -#: ../../configuration/system/option.rst:36 +#: ../../configuration/system/option.rst:66 msgid "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." msgstr "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." @@ -11445,25 +12372,25 @@ msgstr "Short GI capabilities for 20 and 40 MHz" msgid "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." msgstr "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." -#: ../../configuration/vrf/index.rst:488 +#: ../../configuration/vrf/index.rst:507 msgid "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." msgstr "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." -#: ../../configuration/protocols/bgp.rst:953 +#: ../../configuration/protocols/bgp.rst:975 #: ../../configuration/protocols/mpls.rst:225 msgid "Show" msgstr "Show" -#: ../../configuration/service/dhcp-server.rst:416 +#: ../../configuration/service/dhcp-server.rst:422 msgid "Show DHCP server daemon log file" msgstr "Show DHCP server daemon log file" -#: ../../configuration/service/dhcp-server.rst:668 +#: ../../configuration/service/dhcp-server.rst:676 msgid "Show DHCPv6 server daemon log file" msgstr "Show DHCPv6 server daemon log file" #: ../../configuration/firewall/bridge.rst:306 -#: ../../configuration/firewall/ipv4.rst:1115 +#: ../../configuration/firewall/ipv4.rst:1138 #: ../../configuration/firewall/ipv6.rst:1138 msgid "Show Firewall log" msgstr "Show Firewall log" @@ -11528,23 +12455,23 @@ msgstr "Show WWAN module model." msgid "Show WWAN module signal strength." msgstr "Show WWAN module signal strength." -#: ../../configuration/container/index.rst:163 +#: ../../configuration/container/index.rst:199 msgid "Show a list available container networks" msgstr "Show a list available container networks" -#: ../../configuration/pki/index.rst:297 +#: ../../configuration/pki/index.rst:328 msgid "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." msgstr "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." -#: ../../configuration/pki/index.rst:332 +#: ../../configuration/pki/index.rst:363 msgid "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." msgstr "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." -#: ../../configuration/pki/index.rst:315 +#: ../../configuration/pki/index.rst:346 msgid "Show a list of installed certificates" msgstr "Show a list of installed certificates" -#: ../../configuration/protocols/bfd.rst:98 +#: ../../configuration/protocols/bfd.rst:105 msgid "Show all BFD peers" msgstr "Show all BFD peers" @@ -11572,7 +12499,7 @@ msgstr "Show bridge `<name>` mdb displays the current multicast group membership msgid "Show brief interface information." msgstr "Show brief interface information." -#: ../../configuration/system/ipv6.rst:46 +#: ../../configuration/system/ipv6.rst:59 msgid "Show commands" msgstr "Show commands" @@ -11584,11 +12511,11 @@ msgstr "Show configured serial ports and their respective interface configuratio msgid "Show connection data of load balanced traffic:" msgstr "Show connection data of load balanced traffic:" -#: ../../configuration/service/conntrack-sync.rst:132 +#: ../../configuration/service/conntrack-sync.rst:136 msgid "Show connection syncing external cache entries" msgstr "Show connection syncing external cache entries" -#: ../../configuration/service/conntrack-sync.rst:136 +#: ../../configuration/service/conntrack-sync.rst:140 msgid "Show connection syncing internal cache entries" msgstr "Show connection syncing internal cache entries" @@ -11654,44 +12581,44 @@ msgstr "Show list of IPs currently blocked by SSH dynamic-protection." msgid "Show logs for mDNS repeater service." msgstr "Show logs for mDNS repeater service." -#: ../../configuration/container/index.rst:159 +#: ../../configuration/container/index.rst:195 msgid "Show logs from a given container" msgstr "Show logs from a given container" -#: ../../configuration/service/dhcp-server.rst:420 +#: ../../configuration/service/dhcp-server.rst:426 msgid "Show logs from all DHCP client processes." msgstr "Show logs from all DHCP client processes." -#: ../../configuration/service/dhcp-server.rst:672 +#: ../../configuration/service/dhcp-server.rst:680 msgid "Show logs from all DHCPv6 client processes." msgstr "Show logs from all DHCPv6 client processes." -#: ../../configuration/service/dhcp-server.rst:424 +#: ../../configuration/service/dhcp-server.rst:430 msgid "Show logs from specific `interface` DHCP client process." msgstr "Show logs from specific `interface` DHCP client process." -#: ../../configuration/service/dhcp-server.rst:676 +#: ../../configuration/service/dhcp-server.rst:684 msgid "Show logs from specific `interface` DHCPv6 client process." msgstr "Show logs from specific `interface` DHCPv6 client process." -#: ../../configuration/pki/index.rst:311 +#: ../../configuration/pki/index.rst:342 msgid "Show only information for specified Certificate Authority." msgstr "Show only information for specified Certificate Authority." -#: ../../configuration/pki/index.rst:328 +#: ../../configuration/pki/index.rst:359 msgid "Show only information for specified certificate." msgstr "Show only information for specified certificate." -#: ../../configuration/service/dhcp-server.rst:478 -#: ../../configuration/service/dhcp-server.rst:699 +#: ../../configuration/service/dhcp-server.rst:484 +#: ../../configuration/service/dhcp-server.rst:707 msgid "Show only leases in the specified pool." msgstr "Show only leases in the specified pool." -#: ../../configuration/service/dhcp-server.rst:708 +#: ../../configuration/service/dhcp-server.rst:716 msgid "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" msgstr "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" -#: ../../configuration/service/dhcp-server.rst:496 +#: ../../configuration/service/dhcp-server.rst:502 msgid "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" msgstr "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" @@ -11703,23 +12630,23 @@ msgstr "Show routing table entry for the default route." msgid "Show specific MACsec interface information" msgstr "Show specific MACsec interface information" -#: ../../configuration/vpn/site2site_ipsec.rst:221 +#: ../../configuration/vpn/site2site_ipsec.rst:224 msgid "Show status of new setup:" msgstr "Show status of new setup:" -#: ../../configuration/service/dhcp-server.rst:447 +#: ../../configuration/service/dhcp-server.rst:453 msgid "Show statuses of all active leases:" msgstr "Show statuses of all active leases:" -#: ../../configuration/service/dhcp-server.rst:465 +#: ../../configuration/service/dhcp-server.rst:471 msgid "Show statuses of all active leases granted by local (this server) or remote (failover server):" msgstr "Show statuses of all active leases granted by local (this server) or remote (failover server):" -#: ../../configuration/service/dhcp-server.rst:432 +#: ../../configuration/service/dhcp-server.rst:438 msgid "Show the DHCP server statistics:" msgstr "Show the DHCP server statistics:" -#: ../../configuration/service/dhcp-server.rst:443 +#: ../../configuration/service/dhcp-server.rst:449 msgid "Show the DHCP server statistics for the specified pool." msgstr "Show the DHCP server statistics for the specified pool." @@ -11731,11 +12658,11 @@ msgstr "Show the console server log." msgid "Show the full config uploaded to the QAT device." msgstr "Show the full config uploaded to the QAT device." -#: ../../configuration/container/index.rst:151 +#: ../../configuration/container/index.rst:187 msgid "Show the list of all active containers." msgstr "Show the list of all active containers." -#: ../../configuration/container/index.rst:155 +#: ../../configuration/container/index.rst:191 msgid "Show the local container images." msgstr "Show the local container images." @@ -11747,7 +12674,7 @@ msgstr "Show the logs of a specific Rule-Set." msgid "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." -#: ../../configuration/firewall/ipv4.rst:1125 +#: ../../configuration/firewall/ipv4.rst:1148 msgid "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." @@ -11764,11 +12691,11 @@ msgstr "Show the route" msgid "Show transceiver information from plugin modules, e.g SFP+, QSFP" msgstr "Show transceiver information from plugin modules, e.g SFP+, QSFP" -#: ../../configuration/protocols/bfd.rst:179 +#: ../../configuration/protocols/bfd.rst:186 msgid "Showing BFD monitored static routes" msgstr "Showing BFD monitored static routes" -#: ../../configuration/service/dhcp-server.rst:684 +#: ../../configuration/service/dhcp-server.rst:692 msgid "Shows status of all assigned leases:" msgstr "Shows status of all assigned leases:" @@ -11796,7 +12723,7 @@ msgstr "Sierra Wireless AirPrime MC7455 miniPCIe card (LTE)" msgid "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" msgstr "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" -#: ../../configuration/vpn/site2site_ipsec.rst:427 +#: ../../configuration/vpn/site2site_ipsec.rst:430 msgid "Similar combinations are applicable for the dead-peer-detection." msgstr "Similar combinations are applicable for the dead-peer-detection." @@ -11828,6 +12755,14 @@ msgstr "Since it's a HQ and branch offices setup, we will want all clients to ha msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." +#: ../../configuration/service/ipoe-server.rst:131 +#: ../../configuration/service/pppoe-server.rst:93 +#: ../../configuration/vpn/l2tp.rst:136 +#: ../../configuration/vpn/pptp.rst:76 +#: ../../configuration/vpn/sstp.rst:109 +msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" +msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" + #: ../../configuration/service/mdns.rst:13 msgid "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." @@ -11836,6 +12771,10 @@ msgstr "Since the mDNS protocol sends the AA records in the packet itself, the r msgid "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." +#: ../../configuration/service/ids.rst:98 +msgid "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" +msgstr "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" + #: ../../configuration/interfaces/vxlan.rst:157 msgid "Single VXLAN device (SVD)" msgstr "Single VXLAN device (SVD)" @@ -11857,7 +12796,7 @@ msgstr "Site-to-site mode supports x.509 but doesn't require it and can also wor msgid "Site to Site VPN" msgstr "Site to Site VPN" -#: ../../configuration/pki/index.rst:275 +#: ../../configuration/pki/index.rst:306 msgid "Size of the RSA key." msgstr "Size of the RSA key." @@ -11865,6 +12804,10 @@ msgstr "Size of the RSA key." msgid "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." msgstr "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." +#: ../../configuration/service/ids.rst:110 +msgid "So, firewall configuration needed for this setup:" +msgstr "So, firewall configuration needed for this setup:" + #: ../../configuration/nat/nat44.rst:554 msgid "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." msgstr "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." @@ -11885,7 +12828,14 @@ msgstr "Some ISPs by default only delegate a /64 prefix. To request for a specif msgid "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." msgstr "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." -#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/service/ipoe-server.rst:140 +#: ../../configuration/service/pppoe-server.rst:102 +#: ../../configuration/vpn/pptp.rst:85 +#: ../../configuration/vpn/sstp.rst:118 +msgid "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." +msgstr "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." + +#: ../../configuration/vpn/l2tp.rst:145 msgid "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." msgstr "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." @@ -11893,6 +12843,10 @@ msgstr "Some RADIUS_ severs use an access control list which allows or denies qu msgid "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." msgstr "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." +#: ../../configuration/container/index.rst:171 +msgid "Some container registries require credentials to be used." +msgstr "Some container registries require credentials to be used." + #: ../../configuration/firewall/general-legacy.rst:38 msgid "Some firewall settings are global and have an affect on the whole system." msgstr "Some firewall settings are global and have an affect on the whole system." @@ -11933,11 +12887,11 @@ msgstr "Some users tend to connect their mobile devices using WireGuard to their msgid "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." msgstr "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." -#: ../../configuration/service/dhcp-server.rst:703 +#: ../../configuration/service/dhcp-server.rst:711 msgid "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" msgstr "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" -#: ../../configuration/service/dhcp-server.rst:491 +#: ../../configuration/service/dhcp-server.rst:497 msgid "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" msgstr "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" @@ -11949,7 +12903,16 @@ msgstr "Source Address" msgid "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." msgstr "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." -#: ../../configuration/vpn/sstp.rst:268 +#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:208 +#: ../../configuration/service/pppoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:170 +#: ../../configuration/vpn/l2tp.rst:157 +#: ../../configuration/vpn/l2tp.rst:213 +#: ../../configuration/vpn/pptp.rst:97 +#: ../../configuration/vpn/pptp.rst:153 +#: ../../configuration/vpn/sstp.rst:130 +#: ../../configuration/vpn/sstp.rst:186 msgid "Source IPv4 address used in all RADIUS server queires." msgstr "Source IPv4 address used in all RADIUS server queires." @@ -11961,11 +12924,11 @@ msgstr "Source NAT rules" msgid "Source Prefix" msgstr "Source Prefix" -#: ../../configuration/system/login.rst:276 +#: ../../configuration/system/login.rst:280 msgid "Source all connections to the RADIUS servers from given VRF `<name>`." msgstr "Source all connections to the RADIUS servers from given VRF `<name>`." -#: ../../configuration/system/login.rst:345 +#: ../../configuration/system/login.rst:349 msgid "Source all connections to the TACACS servers from given VRF `<name>`." msgstr "Source all connections to the TACACS servers from given VRF `<name>`." @@ -11973,7 +12936,7 @@ msgstr "Source all connections to the TACACS servers from given VRF `<name>`." msgid "Source protocol to match." msgstr "Source protocol to match." -#: ../../configuration/vpn/ipsec.rst:225 +#: ../../configuration/vpn/ipsec.rst:229 msgid "Source tunnel from dummy interface" msgstr "Source tunnel from dummy interface" @@ -12001,15 +12964,48 @@ msgstr "Spatial Multiplexing Power Save (SMPS) settings" msgid "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." msgstr "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." -#: ../../configuration/vpn/sstp.rst:238 +#: ../../configuration/service/ipoe-server.rst:178 +#: ../../configuration/service/pppoe-server.rst:140 +#: ../../configuration/vpn/l2tp.rst:183 +#: ../../configuration/vpn/pptp.rst:123 +#: ../../configuration/vpn/sstp.rst:156 msgid "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" msgstr "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" -#: ../../configuration/vpn/sstp.rst:194 +#: ../../configuration/service/pppoe-server.rst:470 +#: ../../configuration/vpn/l2tp.rst:424 +#: ../../configuration/vpn/pptp.rst:348 +#: ../../configuration/vpn/sstp.rst:382 +msgid "Specifies IPv4 negotiation preference." +msgstr "Specifies IPv4 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:345 +#: ../../configuration/vpn/l2tp.rst:289 +#: ../../configuration/vpn/pptp.rst:213 +#: ../../configuration/vpn/sstp.rst:247 +msgid "Specifies IPv6 negotiation preference." +msgstr "Specifies IPv6 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:552 +msgid "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" +msgstr "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" + +#: ../../configuration/service/pppoe-server.rst:502 +#: ../../configuration/vpn/l2tp.rst:456 +#: ../../configuration/vpn/pptp.rst:380 +#: ../../configuration/vpn/sstp.rst:414 +msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." +msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." + +#: ../../configuration/vpn/sstp.rst:200 msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." -#: ../../configuration/vrf/index.rst:477 +#: ../../configuration/service/ipoe-server.rst:81 +msgid "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." +msgstr "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." + +#: ../../configuration/vrf/index.rst:496 msgid "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." msgstr "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." @@ -12017,6 +13013,13 @@ msgstr "Specifies an optional route-map to be applied to routes imported or expo msgid "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." msgstr "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." +#: ../../configuration/service/pppoe-server.rst:388 +#: ../../configuration/vpn/l2tp.rst:332 +#: ../../configuration/vpn/pptp.rst:256 +#: ../../configuration/vpn/sstp.rst:290 +msgid "Specifies fixed or random interface identifier for IPv6. By default is fixed." +msgstr "Specifies fixed or random interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:173 msgid "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." msgstr "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." @@ -12025,15 +13028,36 @@ msgstr "Specifies how long squid assumes an externally validated username:passwo msgid "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." msgstr "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." +#: ../../configuration/service/pppoe-server.rst:462 +#: ../../configuration/vpn/l2tp.rst:416 +#: ../../configuration/vpn/pptp.rst:340 +#: ../../configuration/vpn/sstp.rst:374 +msgid "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." +msgstr "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." + #: ../../configuration/interfaces/bonding.rst:40 msgid "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" msgstr "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" +#: ../../configuration/service/pppoe-server.rst:396 +#: ../../configuration/vpn/l2tp.rst:340 +#: ../../configuration/vpn/pptp.rst:264 +#: ../../configuration/vpn/sstp.rst:298 +msgid "Specifies peer interface identifier for IPv6. By default is fixed." +msgstr "Specifies peer interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:81 msgid "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." msgstr "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." -#: ../../configuration/vpn/sstp.rst:110 +#: ../../configuration/service/ipoe-server.rst:348 +msgid "Specifies relay agent IP addre" +msgstr "Specifies relay agent IP addre" + +#: ../../configuration/service/pppoe-server.rst:70 +#: ../../configuration/vpn/l2tp.rst:52 +#: ../../configuration/vpn/pptp.rst:54 +#: ../../configuration/vpn/sstp.rst:79 msgid "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." msgstr "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." @@ -12057,7 +13081,7 @@ msgstr "Specifies the available :abbr:`MAC (Message Authentication Code)` algori msgid "Specifies the base DN under which the users are located." msgstr "Specifies the base DN under which the users are located." -#: ../../configuration/service/dhcp-server.rst:239 +#: ../../configuration/service/dhcp-server.rst:245 msgid "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." msgstr "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." @@ -12094,22 +13118,33 @@ msgstr "Specifies the port `<port>` that the SSTP port will listen on (default 4 msgid "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." msgstr "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." -#: ../../configuration/vrf/index.rst:452 +#: ../../configuration/vrf/index.rst:471 msgid "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." msgstr "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." -#: ../../configuration/vrf/index.rst:445 +#: ../../configuration/vrf/index.rst:464 msgid "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." msgstr "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." -#: ../../configuration/vpn/sstp.rst:281 +#: ../../configuration/service/ipoe-server.rst:224 +#: ../../configuration/service/pppoe-server.rst:186 +#: ../../configuration/vpn/l2tp.rst:229 +#: ../../configuration/vpn/pptp.rst:169 +#: ../../configuration/vpn/sstp.rst:202 msgid "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." msgstr "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." -#: ../../configuration/vpn/sstp.rst:188 +#: ../../configuration/vpn/sstp.rst:194 msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." +#: ../../configuration/service/pppoe-server.rst:490 +#: ../../configuration/vpn/l2tp.rst:444 +#: ../../configuration/vpn/pptp.rst:368 +#: ../../configuration/vpn/sstp.rst:402 +msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." +msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." + #: ../../configuration/interfaces/vxlan.rst:77 msgid "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." msgstr "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." @@ -12122,28 +13157,47 @@ msgstr "Specifies whether the VXLAN device is capable of vni filtering." msgid "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." msgstr "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." -#: ../../configuration/vpn/sstp.rst:272 +#: ../../configuration/service/ipoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:217 +#: ../../configuration/vpn/pptp.rst:157 +#: ../../configuration/vpn/sstp.rst:190 msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." +#: ../../configuration/service/pppoe-server.rst:174 +msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." +msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." + +#: ../../configuration/service/ipoe-server.rst:344 +msgid "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." +msgstr "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." + #: ../../configuration/service/ssh.rst:45 msgid "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." msgstr "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." -#: ../../configuration/firewall/ipv4.rst:401 +#: ../../configuration/service/ids.rst:51 +msgid "Specify IPv4 and/or IPv6 networks that should be protected/monitored." +msgstr "Specify IPv4 and/or IPv6 networks that should be protected/monitored." + +#: ../../configuration/service/ids.rst:38 +msgid "Specify IPv4 and/or IPv6 networks which are going to be excluded." +msgstr "Specify IPv4 and/or IPv6 networks which are going to be excluded." + +#: ../../configuration/firewall/ipv4.rst:424 #: ../../configuration/firewall/ipv6.rst:408 msgid "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." msgstr "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." -#: ../../configuration/service/dhcp-server.rst:550 +#: ../../configuration/service/dhcp-server.rst:556 msgid "Specify a NIS+ server address for DHCPv6 clients." msgstr "Specify a NIS+ server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:545 +#: ../../configuration/service/dhcp-server.rst:551 msgid "Specify a NIS server address for DHCPv6 clients." msgstr "Specify a NIS server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:555 +#: ../../configuration/service/dhcp-server.rst:561 msgid "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." msgstr "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." @@ -12167,6 +13221,14 @@ msgstr "Specify an alternate AS for this BGP process when interacting with the s msgid "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." msgstr "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." +#: ../../configuration/service/dns.rst:254 +msgid "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." +msgstr "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." + +#: ../../configuration/service/ipoe-server.rst:339 +msgid "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" +msgstr "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" + #: ../../configuration/service/ntp.rst:84 #: ../../configuration/service/ssh.rst:110 #: ../../configuration/system/syslog.rst:79 @@ -12181,11 +13243,11 @@ msgstr "Specify nexthop on the path to the destination, ``ipv4-address`` can be msgid "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." msgstr "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." -#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:249 msgid "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." -#: ../../configuration/system/login.rst:314 +#: ../../configuration/system/login.rst:318 msgid "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." @@ -12225,7 +13287,7 @@ msgstr "Specify the systems `<timezone>` as the Region/Location that best define msgid "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" msgstr "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" -#: ../../configuration/service/dns.rst:269 +#: ../../configuration/service/dns.rst:283 msgid "Specify timeout / update interval to check if IP address changed." msgstr "Specify timeout / update interval to check if IP address changed." @@ -12233,6 +13295,10 @@ msgstr "Specify timeout / update interval to check if IP address changed." msgid "Specify timeout interval for keepalive message in seconds." msgstr "Specify timeout interval for keepalive message in seconds." +#: ../../configuration/service/ipoe-server.rst:97 +msgid "Specify where interface is shared by multiple users or it is vlan-per-user." +msgstr "Specify where interface is shared by multiple users or it is vlan-per-user." + #: ../../configuration/interfaces/vxlan.rst:191 msgid "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." msgstr "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." @@ -12285,7 +13351,7 @@ msgstr "Starting with VyOS 1.2 a :abbr:`mDNS (Multicast DNS)` repeater functiona msgid "Static" msgstr "Static" -#: ../../configuration/service/dhcp-server.rst:189 +#: ../../configuration/service/dhcp-server.rst:195 msgid "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." msgstr "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." @@ -12314,12 +13380,12 @@ msgid "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured man msgstr "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured manually on each device wishing to use MACsec. Keys must be set statically on all devices for traffic to flow properly. Key rotation is dependent on the administrator updating all keys manually across connected devices. Static SAK mode can not be used with MKA." #: ../../configuration/service/dhcp-server.rst:174 -#: ../../configuration/service/dhcp-server.rst:621 +#: ../../configuration/service/dhcp-server.rst:629 msgid "Static mappings" msgstr "Static mappings" -#: ../../configuration/service/dhcp-server.rst:460 -#: ../../configuration/service/dhcp-server.rst:694 +#: ../../configuration/service/dhcp-server.rst:466 +#: ../../configuration/service/dhcp-server.rst:702 msgid "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." msgstr "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." @@ -12384,7 +13450,7 @@ msgstr "Supported versions of RIP are:" msgid "Supports as HELPER for configured grace period." msgstr "Supports as HELPER for configured grace period." -#: ../../configuration/vpn/ipsec.rst:178 +#: ../../configuration/vpn/ipsec.rst:182 msgid "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" msgstr "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" @@ -12404,17 +13470,17 @@ msgstr "Synamic instructs to forward to all peers which we have a direct connect msgid "Sync groups" msgstr "Sync groups" -#: ../../configuration/firewall/ipv4.rst:911 +#: ../../configuration/firewall/ipv4.rst:934 #: ../../configuration/firewall/ipv6.rst:920 msgid "Synproxy" msgstr "Synproxy" -#: ../../configuration/firewall/ipv4.rst:912 +#: ../../configuration/firewall/ipv4.rst:935 #: ../../configuration/firewall/ipv6.rst:921 msgid "Synproxy connections" msgstr "Synproxy connections" -#: ../../configuration/firewall/ipv4.rst:929 +#: ../../configuration/firewall/ipv4.rst:952 #: ../../configuration/firewall/ipv6.rst:938 msgid "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" msgstr "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" @@ -12484,23 +13550,23 @@ msgstr "System identifier: ``1921.6800.1002`` - for system idetifiers we recomme msgid "System is unusable - a panic condition" msgstr "System is unusable - a panic condition" -#: ../../configuration/system/login.rst:299 +#: ../../configuration/system/login.rst:303 msgid "TACACS+" msgstr "TACACS+" -#: ../../configuration/system/login.rst:418 +#: ../../configuration/system/login.rst:422 msgid "TACACS Example" msgstr "TACACS Example" -#: ../../configuration/system/login.rst:305 +#: ../../configuration/system/login.rst:309 msgid "TACACS is defined in :rfc:`8907`." msgstr "TACACS is defined in :rfc:`8907`." -#: ../../configuration/system/login.rst:335 +#: ../../configuration/system/login.rst:339 msgid "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." msgstr "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." -#: ../../configuration/protocols/static.rst:140 +#: ../../configuration/protocols/static.rst:173 #: ../../configuration/system/flow-accounting.rst:83 msgid "TBD" msgstr "TBD" @@ -12553,15 +13619,19 @@ msgstr "Tell hosts to use the administered (stateful) protocol (i.e. DHCP) for a msgid "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" msgstr "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" -#: ../../configuration/vpn/sstp.rst:227 +#: ../../configuration/service/ipoe-server.rst:170 +#: ../../configuration/service/pppoe-server.rst:132 +#: ../../configuration/vpn/l2tp.rst:175 +#: ../../configuration/vpn/pptp.rst:115 +#: ../../configuration/vpn/sstp.rst:148 msgid "Temporary disable this RADIUS server." msgstr "Temporary disable this RADIUS server." -#: ../../configuration/system/login.rst:258 +#: ../../configuration/system/login.rst:262 msgid "Temporary disable this RADIUS server. It won't be queried." msgstr "Temporary disable this RADIUS server. It won't be queried." -#: ../../configuration/system/login.rst:327 +#: ../../configuration/system/login.rst:331 msgid "Temporary disable this TACACS server. It won't be queried." msgstr "Temporary disable this TACACS server. It won't be queried." @@ -12589,7 +13659,7 @@ msgstr "Test disconnecting given connection-oriented interface. `<interface>` ca msgid "Test from the IPv6 only client:" msgstr "Test from the IPv6 only client:" -#: ../../configuration/vpn/sstp.rst:305 +#: ../../configuration/vpn/sstp.rst:374 msgid "Testing SSTP" msgstr "Testing SSTP" @@ -12621,7 +13691,7 @@ msgstr "The ASP has documented their IPSec requirements:" msgid "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." msgstr "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." -#: ../../configuration/vrf/index.rst:94 +#: ../../configuration/vrf/index.rst:113 msgid "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." msgstr "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." @@ -12661,7 +13731,7 @@ msgstr "The Intel AX200 card does not work out of the box in AP mode, see https: msgid "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." msgstr "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." -#: ../../configuration/vpn/pptp.rst:6 +#: ../../configuration/vpn/pptp.rst:7 msgid "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." msgstr "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." @@ -12701,19 +13771,19 @@ msgstr "The VXLAN specification was originally created by VMware, Arista Network msgid "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." msgstr "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." -#: ../../configuration/service/dns.rst:173 +#: ../../configuration/service/dns.rst:160 msgid "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" msgstr "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" -#: ../../configuration/service/dns.rst:171 +#: ../../configuration/service/dns.rst:158 msgid "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" msgstr "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" -#: ../../configuration/service/dns.rst:175 +#: ../../configuration/service/dns.rst:162 msgid "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." msgstr "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." -#: ../../configuration/pki/index.rst:254 +#: ../../configuration/pki/index.rst:285 msgid "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." msgstr "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." @@ -12770,7 +13840,11 @@ msgstr "The ``https`` service listens on port 443 with backend `bk-default` to h msgid "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." msgstr "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." -#: ../../configuration/vpn/l2tp.rst:176 +#: ../../configuration/service/ipoe-server.rst:154 +#: ../../configuration/service/pppoe-server.rst:116 +#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/vpn/pptp.rst:99 +#: ../../configuration/vpn/sstp.rst:132 msgid "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." msgstr "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." @@ -12787,11 +13861,11 @@ msgstr "The above directory and default-config must be a child directory of /con msgid "The action can be :" msgstr "The action can be :" -#: ../../configuration/pki/index.rst:271 +#: ../../configuration/pki/index.rst:302 msgid "The address the server listens to during http-01 challenge" msgstr "The address the server listens to during http-01 challenge" -#: ../../configuration/protocols/bgp.rst:775 +#: ../../configuration/protocols/bgp.rst:797 msgid "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." msgstr "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." @@ -12803,7 +13877,7 @@ msgstr "The allocated address block is 100.64.0.0/10." msgid "The amount of Duplicate Address Detection probes to send." msgstr "The amount of Duplicate Address Detection probes to send." -#: ../../configuration/protocols/bgp.rst:835 +#: ../../configuration/protocols/bgp.rst:857 msgid "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." msgstr "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." @@ -12823,11 +13897,15 @@ msgstr "The bonding interface provides a method for aggregating multiple network msgid "The case of ingress shaping" msgstr "The case of ingress shaping" -#: ../../configuration/service/pppoe-server.rst:385 +#: ../../configuration/service/pppoe-server.rst:644 +msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." +msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." + +#: ../../configuration/service/pppoe-server.rst:644 msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." -#: ../../configuration/service/ipoe-server.rst:90 +#: ../../configuration/service/ipoe-server.rst:91 msgid "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." msgstr "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." @@ -12839,7 +13917,7 @@ msgstr "The command :opcmd:`show interfaces wireguard wg01 public-key` will then msgid "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." msgstr "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." -#: ../../configuration/service/pppoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:305 msgid "The command below enables it, assuming the RADIUS connection has been setup and is working." msgstr "The command below enables it, assuming the RADIUS connection has been setup and is working." @@ -12855,9 +13933,9 @@ msgstr "The command pon TESTUNNEL establishes the PPTP tunnel to the remote syst msgid "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" msgstr "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" -#: ../../configuration/service/dhcp-server.rst:210 -#: ../../configuration/service/dhcp-server.rst:601 -#: ../../configuration/service/dhcp-server.rst:644 +#: ../../configuration/service/dhcp-server.rst:216 +#: ../../configuration/service/dhcp-server.rst:608 +#: ../../configuration/service/dhcp-server.rst:652 msgid "The configuration will look as follows:" msgstr "The configuration will look as follows:" @@ -12881,6 +13959,10 @@ msgstr "The connection tracking table contains one entry for each connection bei msgid "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" msgstr "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" +#: ../../configuration/service/pppoe-server.rst:299 +msgid "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" +msgstr "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" + #: ../../configuration/service/ntp.rst:29 msgid "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." msgstr "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." @@ -12905,7 +13987,7 @@ msgstr "The default hostname used is `vyos`." msgid "The default is 1492." msgstr "The default is 1492." -#: ../../configuration/service/dhcp-server.rst:526 +#: ../../configuration/service/dhcp-server.rst:532 msgid "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." msgstr "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." @@ -12937,6 +14019,14 @@ msgstr "The default value is 3." msgid "The default value is 3 packets." msgstr "The default value is 3 packets." +#: ../../configuration/protocols/rpki.rst:124 +msgid "The default value is 600 seconds." +msgstr "The default value is 600 seconds." + +#: ../../configuration/protocols/rpki.rst:117 +msgid "The default value is 7200 seconds." +msgstr "The default value is 7200 seconds." + #: ../../configuration/service/dhcp-server.rst:99 msgid "The default value is 86400 seconds which corresponds to one day." msgstr "The default value is 86400 seconds which corresponds to one day." @@ -12987,15 +14077,19 @@ msgstr "The embedded Squid proxy can use LDAP to authenticate users against a co msgid "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." msgstr "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." -#: ../../configuration/service/pppoe-server.rst:369 +#: ../../configuration/service/pppoe-server.rst:627 +msgid "The example below covers a dual-stack configuration." +msgstr "The example below covers a dual-stack configuration." + +#: ../../configuration/service/pppoe-server.rst:627 msgid "The example below covers a dual-stack configuration via pppoe-server." msgstr "The example below covers a dual-stack configuration via pppoe-server." -#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/service/pppoe-server.rst:606 msgid "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." msgstr "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." -#: ../../configuration/service/ipoe-server.rst:35 +#: ../../configuration/service/ipoe-server.rst:34 msgid "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." msgstr "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." @@ -13023,7 +14117,7 @@ msgstr "The first IP in the container network is reserved by the engine and cann msgid "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." msgstr "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." -#: ../../configuration/vpn/ipsec.rst:174 +#: ../../configuration/vpn/ipsec.rst:178 msgid "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." msgstr "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." @@ -13039,14 +14133,18 @@ msgstr "The first ip address is the RP's address and the second value is the mat msgid "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." msgstr "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." -#: ../../configuration/vpn/sstp.rst:311 +#: ../../configuration/vpn/sstp.rst:484 msgid "The following PPP configuration tests MSCHAP-v2:" msgstr "The following PPP configuration tests MSCHAP-v2:" -#: ../../configuration/system/login.rst:143 +#: ../../configuration/system/login.rst:147 msgid "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" msgstr "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" +#: ../../configuration/protocols/bgp.rst:664 +msgid "The following command uses the explicit-null label value for all the BGP instances." +msgstr "The following command uses the explicit-null label value for all the BGP instances." + #: ../../configuration/interfaces/openvpn.rst:708 msgid "The following commands let you check tunnel status." msgstr "The following commands let you check tunnel status." @@ -13059,7 +14157,7 @@ msgstr "The following commands let you reset OpenVPN." msgid "The following commands translate to \"--net host\" when the container is created" msgstr "The following commands translate to \"--net host\" when the container is created" -#: ../../configuration/vrf/index.rst:101 +#: ../../configuration/vrf/index.rst:120 msgid "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" msgstr "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" @@ -13083,6 +14181,10 @@ msgstr "The following configuration reverse-proxy terminate SSL." msgid "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." msgstr "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." +#: ../../configuration/interfaces/pppoe.rst:383 +msgid "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." +msgstr "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." + #: ../../configuration/policy/examples.rst:155 msgid "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." msgstr "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." @@ -13095,7 +14197,7 @@ msgstr "The following example creates a WAP. When configuring multiple WAP inter msgid "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." msgstr "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." -#: ../../configuration/vrf/index.rst:237 +#: ../../configuration/vrf/index.rst:256 msgid "The following example topology was built using EVE-NG." msgstr "The following example topology was built using EVE-NG." @@ -13140,7 +14242,7 @@ msgstr "The forwarding delay time is the time spent in each of the listening and msgid "The generated configuration will look like:" msgstr "The generated configuration will look like:" -#: ../../configuration/pki/index.rst:107 +#: ../../configuration/pki/index.rst:109 msgid "The generated parameters are then output to the console." msgstr "The generated parameters are then output to the console." @@ -13168,7 +14270,7 @@ msgstr "The hostname can be up to 63 characters. A hostname must start and end w msgid "The hostname or IP address of the master" msgstr "The hostname or IP address of the master" -#: ../../configuration/service/dhcp-server.rst:632 +#: ../../configuration/service/dhcp-server.rst:640 msgid "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." msgstr "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." @@ -13212,7 +14314,7 @@ msgstr "The legacy and zone-based firewall configuration options is not longer s msgid "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." msgstr "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." -#: ../../configuration/policy/route-map.rst:255 +#: ../../configuration/policy/route-map.rst:258 msgid "The link bandwidth extended community is encoded as non-transitive" msgstr "The link bandwidth extended community is encoded as non-transitive" @@ -13240,6 +14342,10 @@ msgstr "The main points regarding this packet flow and terminology used in VyOS msgid "The main structure VyOS firewall cli is shown next:" msgstr "The main structure VyOS firewall cli is shown next:" +#: ../../configuration/firewall/index.rst:92 +msgid "The main structure of the VyOS firewall CLI is shown next:" +msgstr "The main structure of the VyOS firewall CLI is shown next:" + #: ../../configuration/interfaces/bonding.rst:271 msgid "The maximum number of targets that can be specified is 16. The default value is no IP address." msgstr "The maximum number of targets that can be specified is 16. The default value is no IP address." @@ -13272,11 +14378,15 @@ msgstr "The multicast-group used by all leaves for this vlan extension. Has to b msgid "The name of the service can be different, in this example it is only for convenience." msgstr "The name of the service can be different, in this example it is only for convenience." +#: ../../configuration/service/dns.rst:171 +msgid "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." +msgstr "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." + #: ../../configuration/service/dhcp-server.rst:13 msgid "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." msgstr "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." -#: ../../configuration/service/conntrack-sync.rst:188 +#: ../../configuration/service/conntrack-sync.rst:192 msgid "The next example is a simple configuration of conntrack-sync." msgstr "The next example is a simple configuration of conntrack-sync." @@ -13324,7 +14434,7 @@ msgstr "The outgoing interface to perform the translation on" msgid "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." msgstr "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." -#: ../../configuration/vpn/ipsec.rst:235 +#: ../../configuration/vpn/ipsec.rst:239 msgid "The peer names RIGHT and LEFT are used as informational text." msgstr "The peer names RIGHT and LEFT are used as informational text." @@ -13332,7 +14442,7 @@ msgstr "The peer names RIGHT and LEFT are used as informational text." msgid "The peer with lower priority will become the key server and start distributing SAKs." msgstr "The peer with lower priority will become the key server and start distributing SAKs." -#: ../../configuration/vrf/index.rst:181 +#: ../../configuration/vrf/index.rst:200 msgid "The ping command is used to test whether a network host is reachable or not." msgstr "The ping command is used to test whether a network host is reachable or not." @@ -13352,7 +14462,7 @@ msgstr "The prefix and ASN that originated it match a signed ROA. These are prob msgid "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." msgstr "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." -#: ../../configuration/service/dhcp-server.rst:375 +#: ../../configuration/service/dhcp-server.rst:381 msgid "The primary DHCP server uses address `192.168.189.252`" msgstr "The primary DHCP server uses address `192.168.189.252`" @@ -13368,11 +14478,11 @@ msgstr "The primary option is only valid for active-backup, transmit-load-balanc msgid "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." msgstr "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." -#: ../../configuration/service/dhcp-server.rst:539 +#: ../../configuration/service/dhcp-server.rst:545 msgid "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" msgstr "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" -#: ../../configuration/vrf/index.rst:222 +#: ../../configuration/vrf/index.rst:241 msgid "The prompt is adjusted to reflect this change in both config and op-mode." msgstr "The prompt is adjusted to reflect this change in both config and op-mode." @@ -13400,7 +14510,7 @@ msgstr "The public IP address of the local side of the VPN will be 198.51.100.10 msgid "The public IP address of the remote side of the VPN will be 203.0.113.11." msgstr "The public IP address of the remote side of the VPN will be 203.0.113.11." -#: ../../configuration/service/ipoe-server.rst:130 +#: ../../configuration/service/ipoe-server.rst:131 #: ../../configuration/vpn/l2tp.rst:120 msgid "The rate-limit is set in kbit/sec." msgstr "The rate-limit is set in kbit/sec." @@ -13421,6 +14531,10 @@ msgstr "The remote site will have a subnet of 10.1.0.0/16." msgid "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." msgstr "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." +#: ../../configuration/service/dns.rst:161 +msgid "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." +msgstr "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." + #: ../../configuration/interfaces/openvpn.rst:458 msgid "The required config file may look like this:" msgstr "The required config file may look like this:" @@ -13465,7 +14579,7 @@ msgstr "The sFlow accounting based on hsflowd https://sflow.net/" msgid "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." msgstr "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." -#: ../../configuration/vpn/ipsec.rst:227 +#: ../../configuration/vpn/ipsec.rst:231 msgid "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." msgstr "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." @@ -13473,7 +14587,7 @@ msgstr "The scheme above doesn't work when one of the routers has a dynamic exte msgid "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." msgstr "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." -#: ../../configuration/service/dhcp-server.rst:376 +#: ../../configuration/service/dhcp-server.rst:382 msgid "The secondary DHCP server uses address `192.168.189.253`" msgstr "The secondary DHCP server uses address `192.168.189.253`" @@ -13533,11 +14647,14 @@ msgstr "The type can be the following: asbr-summary, external, network, nssa-ext msgid "The ultimate goal of classifying traffic is to give each class a different treatment." msgstr "The ultimate goal of classifying traffic is to give each class a different treatment." -#: ../../configuration/service/ipoe-server.rst:18 +#: ../../configuration/service/ipoe-server.rst:16 msgid "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." msgstr "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." -#: ../../configuration/vpn/l2tp.rst:221 +#: ../../configuration/service/pppoe-server.rst:222 +#: ../../configuration/vpn/l2tp.rst:265 +#: ../../configuration/vpn/pptp.rst:205 +#: ../../configuration/vpn/sstp.rst:238 msgid "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." msgstr "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." @@ -13549,7 +14666,11 @@ msgstr "The vendor-class-id option can be used to request a specific class of ve msgid "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." msgstr "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." -#: ../../configuration/system/login.rst:138 +#: ../../configuration/service/router-advert.rst:86 +msgid "The well known NAT64 prefix is ``64:ff9b::/96``" +msgstr "The well known NAT64 prefix is ``64:ff9b::/96``" + +#: ../../configuration/system/login.rst:142 msgid "The window size must be between 1 and 21." msgstr "The window size must be between 1 and 21." @@ -13557,6 +14678,10 @@ msgstr "The window size must be between 1 and 21." msgid "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." msgstr "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." +#: ../../configuration/service/ids.rst:125 +msgid "Then, FastNetMon configuration:" +msgstr "Then, FastNetMon configuration:" + #: ../../configuration/nat/nat44.rst:621 msgid "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." msgstr "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." @@ -13596,7 +14721,7 @@ msgstr "There are a lot of matching criteria against which the packet can be tes msgid "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." msgstr "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." -#: ../../configuration/system/ipv6.rst:92 +#: ../../configuration/system/ipv6.rst:105 msgid "There are different parameters for getting prefix-list information:" msgstr "There are different parameters for getting prefix-list information:" @@ -13612,7 +14737,7 @@ msgstr "There are many parameters you will be able to use in order to match the msgid "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" msgstr "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" -#: ../../configuration/service/ipoe-server.rst:153 +#: ../../configuration/service/ipoe-server.rst:154 msgid "There are rate-limited and non rate-limited users (MACs)" msgstr "There are rate-limited and non rate-limited users (MACs)" @@ -13628,7 +14753,7 @@ msgstr "There are three modes of operation for a wireless interface:" msgid "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" msgstr "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" -#: ../../configuration/protocols/bgp.rst:896 +#: ../../configuration/protocols/bgp.rst:918 msgid "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" msgstr "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" @@ -13757,7 +14882,7 @@ msgstr "This command allows peerings between directly connected eBGP peers using msgid "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." msgstr "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." -#: ../../configuration/protocols/bgp.rst:812 +#: ../../configuration/protocols/bgp.rst:834 msgid "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." msgstr "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." @@ -13814,19 +14939,19 @@ msgstr "This command allows you to select a specific access concentrator when yo msgid "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." msgstr "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." -#: ../../configuration/protocols/bgp.rst:867 +#: ../../configuration/protocols/bgp.rst:889 msgid "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." msgstr "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." -#: ../../configuration/protocols/bgp.rst:843 +#: ../../configuration/protocols/bgp.rst:865 msgid "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." msgstr "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." -#: ../../configuration/protocols/bgp.rst:851 +#: ../../configuration/protocols/bgp.rst:873 msgid "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." msgstr "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." -#: ../../configuration/protocols/bgp.rst:859 +#: ../../configuration/protocols/bgp.rst:881 msgid "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." msgstr "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." @@ -13854,7 +14979,7 @@ msgstr "This command can be used to filter the RIP path using prefix lists. :cfg msgid "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." msgstr "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." -#: ../../configuration/protocols/bgp.rst:652 +#: ../../configuration/protocols/bgp.rst:674 msgid "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." msgstr "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." @@ -13878,7 +15003,7 @@ msgstr "This command change distance value of OSPFv3 globally. The distance rang msgid "This command change the distance value of RIP. The distance range is 1 to 255." msgstr "This command change the distance value of RIP. The distance range is 1 to 255." -#: ../../configuration/protocols/bgp.rst:638 +#: ../../configuration/protocols/bgp.rst:650 msgid "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." msgstr "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." @@ -13954,23 +15079,23 @@ msgstr "This command defines matching parameters for access list rule. Matching msgid "This command defines the IS-IS router behavior:" msgstr "This command defines the IS-IS router behavior:" -#: ../../configuration/protocols/bgp.rst:720 +#: ../../configuration/protocols/bgp.rst:742 msgid "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:726 +#: ../../configuration/protocols/bgp.rst:748 msgid "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:713 +#: ../../configuration/protocols/bgp.rst:735 msgid "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." msgstr "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." -#: ../../configuration/protocols/bgp.rst:595 +#: ../../configuration/protocols/bgp.rst:601 msgid "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." msgstr "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." -#: ../../configuration/protocols/bgp.rst:732 +#: ../../configuration/protocols/bgp.rst:754 msgid "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." msgstr "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." @@ -13997,7 +15122,7 @@ msgstr "This command disables check of the MTU value in the OSPF DBD packets. Th msgid "This command disables it." msgstr "This command disables it." -#: ../../configuration/protocols/bgp.rst:607 +#: ../../configuration/protocols/bgp.rst:619 msgid "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." msgstr "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." @@ -14009,23 +15134,23 @@ msgstr "This command disables split-horizon on the interface. By default, VyOS d msgid "This command disables the load sharing across multiple LFA backups." msgstr "This command disables the load sharing across multiple LFA backups." -#: ../../configuration/protocols/bgp.rst:1009 +#: ../../configuration/protocols/bgp.rst:1031 msgid "This command displays BGP dampened routes." msgstr "This command displays BGP dampened routes." -#: ../../configuration/protocols/bgp.rst:1032 +#: ../../configuration/protocols/bgp.rst:1054 msgid "This command displays BGP received-routes that are accepted after filtering." msgstr "This command displays BGP received-routes that are accepted after filtering." -#: ../../configuration/protocols/bgp.rst:1022 +#: ../../configuration/protocols/bgp.rst:1044 msgid "This command displays BGP routes advertised to a neighbor." msgstr "This command displays BGP routes advertised to a neighbor." -#: ../../configuration/protocols/bgp.rst:1017 +#: ../../configuration/protocols/bgp.rst:1039 msgid "This command displays BGP routes allowed by the specified AS Path access list." msgstr "This command displays BGP routes allowed by the specified AS Path access list." -#: ../../configuration/protocols/bgp.rst:1026 +#: ../../configuration/protocols/bgp.rst:1048 msgid "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." msgstr "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." @@ -14052,11 +15177,11 @@ msgstr "This command displays a summary table with a database contents (LSA)." msgid "This command displays a table of paths to area boundary and autonomous system boundary routers." msgstr "This command displays a table of paths to area boundary and autonomous system boundary routers." -#: ../../configuration/protocols/bgp.rst:957 +#: ../../configuration/protocols/bgp.rst:979 msgid "This command displays all entries in BGP routing table." msgstr "This command displays all entries in BGP routing table." -#: ../../configuration/protocols/bgp.rst:1036 +#: ../../configuration/protocols/bgp.rst:1058 msgid "This command displays dampened routes received from BGP neighbor." msgstr "This command displays dampened routes received from BGP neighbor." @@ -14064,27 +15189,27 @@ msgstr "This command displays dampened routes received from BGP neighbor." msgid "This command displays external information redistributed into OSPFv3" msgstr "This command displays external information redistributed into OSPFv3" -#: ../../configuration/protocols/bgp.rst:1040 +#: ../../configuration/protocols/bgp.rst:1062 msgid "This command displays information about BGP routes whose AS path matches the specified regular expression." msgstr "This command displays information about BGP routes whose AS path matches the specified regular expression." -#: ../../configuration/protocols/bgp.rst:1013 +#: ../../configuration/protocols/bgp.rst:1035 msgid "This command displays information about flapping BGP routes." msgstr "This command displays information about flapping BGP routes." -#: ../../configuration/protocols/bgp.rst:977 +#: ../../configuration/protocols/bgp.rst:999 msgid "This command displays information about the particular entry in the BGP routing table." msgstr "This command displays information about the particular entry in the BGP routing table." -#: ../../configuration/protocols/bgp.rst:1004 +#: ../../configuration/protocols/bgp.rst:1026 msgid "This command displays routes that are permitted by the BGP community list." msgstr "This command displays routes that are permitted by the BGP community list." -#: ../../configuration/protocols/bgp.rst:997 +#: ../../configuration/protocols/bgp.rst:1019 msgid "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." msgstr "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." -#: ../../configuration/protocols/bgp.rst:993 +#: ../../configuration/protocols/bgp.rst:1015 msgid "This command displays routes with classless interdomain routing (CIDR)." msgstr "This command displays routes with classless interdomain routing (CIDR)." @@ -14126,7 +15251,7 @@ msgstr "This command displays the neighbors status." msgid "This command displays the neighbors status for a neighbor on the specified interface." msgstr "This command displays the neighbors status for a neighbor on the specified interface." -#: ../../configuration/protocols/bgp.rst:1045 +#: ../../configuration/protocols/bgp.rst:1067 msgid "This command displays the status of all BGP connections." msgstr "This command displays the status of all BGP connections." @@ -14134,7 +15259,7 @@ msgstr "This command displays the status of all BGP connections." msgid "This command enable/disables summarisation for the configured address range." msgstr "This command enable/disables summarisation for the configured address range." -#: ../../configuration/protocols/bgp.rst:603 +#: ../../configuration/protocols/bgp.rst:615 msgid "This command enable logging neighbor up/down changes and reset reason." msgstr "This command enable logging neighbor up/down changes and reset reason." @@ -14174,7 +15299,7 @@ msgstr "This command enables sending timestamps with each Hello and IHU message msgid "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." msgstr "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." -#: ../../configuration/protocols/bgp.rst:875 +#: ../../configuration/protocols/bgp.rst:897 msgid "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." msgstr "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." @@ -14198,7 +15323,7 @@ msgstr "This command generate a default route into the RIP." msgid "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:632 +#: ../../configuration/protocols/bgp.rst:644 msgid "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." msgstr "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." @@ -14241,7 +15366,7 @@ msgstr "This command is used for advertising IPv4 or IPv6 networks." msgid "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." msgstr "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." -#: ../../configuration/protocols/bgp.rst:620 +#: ../../configuration/protocols/bgp.rst:632 msgid "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." msgstr "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." @@ -14253,15 +15378,15 @@ msgstr "This command modifies the default metric (hop count) value for redistrib msgid "This command override AS number of the originating router with the local AS number." msgstr "This command override AS number of the originating router with the local AS number." -#: ../../configuration/protocols/bgp.rst:885 +#: ../../configuration/protocols/bgp.rst:907 msgid "This command prevents from sending back prefixes learned from the neighbor." msgstr "This command prevents from sending back prefixes learned from the neighbor." -#: ../../configuration/protocols/bgp.rst:804 +#: ../../configuration/protocols/bgp.rst:826 msgid "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." msgstr "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." -#: ../../configuration/protocols/bgp.rst:741 +#: ../../configuration/protocols/bgp.rst:763 msgid "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." msgstr "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." @@ -14297,19 +15422,19 @@ msgstr "This command redistributes routing information from the given route sour msgid "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." msgstr "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." -#: ../../configuration/protocols/bgp.rst:1068 +#: ../../configuration/protocols/bgp.rst:1090 msgid "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1088 +#: ../../configuration/protocols/bgp.rst:1110 msgid "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1075 +#: ../../configuration/protocols/bgp.rst:1097 msgid "This command resets all BGP connections of given router." msgstr "This command resets all BGP connections of given router." -#: ../../configuration/protocols/bgp.rst:1084 +#: ../../configuration/protocols/bgp.rst:1106 msgid "This command resets all external BGP peers of given router." msgstr "This command resets all external BGP peers of given router." @@ -14389,7 +15514,7 @@ msgstr "This command sets number of seconds for RxmtInterval timer value. This v msgid "This command sets old-style (ISO 10589) or new style packet formats:" msgstr "This command sets old-style (ISO 10589) or new style packet formats:" -#: ../../configuration/protocols/bgp.rst:944 +#: ../../configuration/protocols/bgp.rst:966 msgid "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." msgstr "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." @@ -14401,7 +15526,7 @@ msgstr "This command sets overload bit to avoid any transit traffic through this msgid "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." msgstr "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." -#: ../../configuration/protocols/bgp.rst:659 +#: ../../configuration/protocols/bgp.rst:681 msgid "This command sets the administrative distance for a particular route. The distance range is 1 to 255." msgstr "This command sets the administrative distance for a particular route. The distance range is 1 to 255." @@ -14461,7 +15586,7 @@ msgstr "This command should NOT be set normally." msgid "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:938 +#: ../../configuration/protocols/bgp.rst:960 msgid "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." msgstr "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." @@ -14517,11 +15642,11 @@ msgstr "This command specifies attributes to be left unchanged for advertisement msgid "This command specifies circuit type for interface:" msgstr "This command specifies circuit type for interface:" -#: ../../configuration/protocols/bgp.rst:920 +#: ../../configuration/protocols/bgp.rst:942 msgid "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." msgstr "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." -#: ../../configuration/protocols/bgp.rst:671 +#: ../../configuration/protocols/bgp.rst:693 msgid "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." msgstr "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." @@ -14530,7 +15655,7 @@ msgstr "This command specifies hold-time in seconds. The timer range is 4 to 655 msgid "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." msgstr "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." -#: ../../configuration/protocols/bgp.rst:677 +#: ../../configuration/protocols/bgp.rst:699 msgid "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." msgstr "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." @@ -14558,15 +15683,15 @@ msgstr "This command specifies metric type for redistributed routes. Difference msgid "This command specifies network type to Point-to-Point. The default network type is broadcast." msgstr "This command specifies network type to Point-to-Point. The default network type is broadcast." -#: ../../configuration/protocols/bgp.rst:784 +#: ../../configuration/protocols/bgp.rst:806 msgid "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." msgstr "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." -#: ../../configuration/protocols/bgp.rst:754 +#: ../../configuration/protocols/bgp.rst:776 msgid "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." msgstr "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." -#: ../../configuration/protocols/bgp.rst:791 +#: ../../configuration/protocols/bgp.rst:813 msgid "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." msgstr "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." @@ -14582,7 +15707,7 @@ msgstr "This command specifies that simple password authentication should be use msgid "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." msgstr "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." -#: ../../configuration/protocols/bgp.rst:748 +#: ../../configuration/protocols/bgp.rst:770 msgid "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." msgstr "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." @@ -14622,7 +15747,7 @@ msgstr "This command specifies the base receive cost for this interface. For wir msgid "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." msgstr "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." -#: ../../configuration/protocols/bgp.rst:799 +#: ../../configuration/protocols/bgp.rst:821 msgid "This command specifies the default local preference value. The local preference range is 0 to 4294967295." msgstr "This command specifies the default local preference value. The local preference range is 0 to 4294967295." @@ -14634,7 +15759,7 @@ msgstr "This command specifies the default metric value of redistributed routes. msgid "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." msgstr "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." -#: ../../configuration/protocols/bgp.rst:916 +#: ../../configuration/protocols/bgp.rst:938 msgid "This command specifies the given neighbor as route reflector client." msgstr "This command specifies the given neighbor as route reflector client." @@ -14658,7 +15783,7 @@ msgstr "This command specifies the minimum RTT, in milliseconds, starting from w msgid "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." msgstr "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." -#: ../../configuration/protocols/bgp.rst:589 +#: ../../configuration/protocols/bgp.rst:595 msgid "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." msgstr "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." @@ -14714,7 +15839,7 @@ msgstr "This command summarizes intra area paths from specified area into one su msgid "This command to ensure not advertise the summary lsa for the matched external LSAs." msgstr "This command to ensure not advertise the summary lsa for the matched external LSAs." -#: ../../configuration/protocols/bgp.rst:1079 +#: ../../configuration/protocols/bgp.rst:1101 msgid "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." msgstr "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." @@ -14763,7 +15888,7 @@ msgstr "This command will generate a default-route in L2 database." msgid "This command will give an overview of a rule in a single rule-set" msgstr "This command will give an overview of a rule in a single rule-set" -#: ../../configuration/firewall/ipv4.rst:1091 +#: ../../configuration/firewall/ipv4.rst:1114 msgid "This command will give an overview of a rule in a single rule-set, plus information for default action." msgstr "This command will give an overview of a rule in a single rule-set, plus information for default action." @@ -14771,7 +15896,7 @@ msgstr "This command will give an overview of a rule in a single rule-set, plus msgid "This command will give an overview of a rule in a single rule-set." msgstr "This command will give an overview of a rule in a single rule-set." -#: ../../configuration/firewall/ipv4.rst:1072 +#: ../../configuration/firewall/ipv4.rst:1095 #: ../../configuration/firewall/ipv6.rst:1088 msgid "This command will give an overview of a single rule-set." msgstr "This command will give an overview of a single rule-set." @@ -14805,7 +15930,7 @@ msgid "This configuration modifies the behavior of the network statement. If you msgstr "This configuration modifies the behavior of the network statement. If you have this configured the underlying network must exist in the routing table." #: ../../configuration/service/dhcp-server.rst:76 -#: ../../configuration/service/dhcp-server.rst:520 +#: ../../configuration/service/dhcp-server.rst:526 msgid "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." msgstr "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." @@ -14825,7 +15950,7 @@ msgstr "This creates a route policy called FILTER-WEB with one rule to set the r msgid "This defaults to 10000." msgstr "This defaults to 10000." -#: ../../configuration/system/login.rst:254 +#: ../../configuration/system/login.rst:258 msgid "This defaults to 1812." msgstr "This defaults to 1812." @@ -14833,7 +15958,7 @@ msgstr "This defaults to 1812." msgid "This defaults to 2007." msgstr "This defaults to 2007." -#: ../../configuration/service/dns.rst:271 +#: ../../configuration/service/dns.rst:285 msgid "This defaults to 300 seconds." msgstr "This defaults to 300 seconds." @@ -14841,7 +15966,7 @@ msgstr "This defaults to 300 seconds." msgid "This defaults to 30 seconds." msgstr "This defaults to 30 seconds." -#: ../../configuration/system/login.rst:323 +#: ../../configuration/system/login.rst:327 msgid "This defaults to 49." msgstr "This defaults to 49." @@ -14857,7 +15982,7 @@ msgstr "This defaults to UDP" msgid "This defaults to both 1.2 and 1.3." msgstr "This defaults to both 1.2 and 1.3." -#: ../../configuration/pki/index.rst:283 +#: ../../configuration/pki/index.rst:314 msgid "This defaults to https://acme-v02.api.letsencrypt.org/directory" msgstr "This defaults to https://acme-v02.api.letsencrypt.org/directory" @@ -14893,15 +16018,27 @@ msgstr "This establishes our Port Forward rule, but if we created a firewall pol msgid "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." msgstr "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." +#: ../../configuration/vpn/ipsec.rst:392 +msgid "This example uses CACert as certificate authority." +msgstr "This example uses CACert as certificate authority." + +#: ../../configuration/vpn/ipsec.rst:386 +msgid "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." +msgstr "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." + +#: ../../configuration/protocols/bfd.rst:64 +msgid "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." +msgstr "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." + #: ../../configuration/protocols/ospf.rst:476 msgid "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." msgstr "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." -#: ../../configuration/service/dns.rst:404 +#: ../../configuration/service/dns.rst:418 msgid "This functionality is controlled by adding the following configuration:" msgstr "This functionality is controlled by adding the following configuration:" -#: ../../configuration/firewall/ipv4.rst:376 +#: ../../configuration/firewall/ipv4.rst:399 #: ../../configuration/firewall/ipv6.rst:378 msgid "This functions for both individual addresses and address groups." msgstr "This functions for both individual addresses and address groups." @@ -14946,13 +16083,13 @@ msgstr "This is a mandatory command. Sets regular expression to match against lo msgid "This is a mandatory command. Sets the full path to the script. The script file must be executable." msgstr "This is a mandatory command. Sets the full path to the script. The script file must be executable." -#: ../../configuration/pki/index.rst:261 -#: ../../configuration/pki/index.rst:267 +#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:298 msgid "This is a mandatory option" msgstr "This is a mandatory option" -#: ../../configuration/protocols/rpki.rst:117 -#: ../../configuration/protocols/rpki.rst:124 +#: ../../configuration/protocols/rpki.rst:131 +#: ../../configuration/protocols/rpki.rst:138 msgid "This is a mandatory setting." msgstr "This is a mandatory setting." @@ -15019,7 +16156,7 @@ msgstr "This is the LCD model used in your system." msgid "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." msgstr "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." -#: ../../configuration/service/dhcp-server.rst:197 +#: ../../configuration/service/dhcp-server.rst:203 msgid "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." msgstr "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." @@ -15031,7 +16168,7 @@ msgstr "This is the name of the physical interface used to connect to your LCD d msgid "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" msgstr "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" -#: ../../configuration/service/dhcp-server.rst:195 +#: ../../configuration/service/dhcp-server.rst:201 msgid "This is useful, for example, in combination with hostfile update." msgstr "This is useful, for example, in combination with hostfile update." @@ -15088,7 +16225,7 @@ msgstr "This option is used by some DHCP clients as a way for users to specify i msgid "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." msgstr "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." -#: ../../configuration/system/login.rst:390 +#: ../../configuration/system/login.rst:394 msgid "This option must be used with ``timeout`` option." msgstr "This option must be used with ``timeout`` option." @@ -15101,7 +16238,7 @@ msgstr "This option only affects 802.3ad mode." msgid "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." msgstr "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." -#: ../../configuration/pki/index.rst:277 +#: ../../configuration/pki/index.rst:308 msgid "This options defaults to 2048" msgstr "This options defaults to 2048" @@ -15219,11 +16356,19 @@ msgstr "This the simplest queue possible you can apply to your traffic. Traffic msgid "This topology was built using GNS3." msgstr "This topology was built using GNS3." +#: ../../configuration/system/option.rst:38 +msgid "This will add the following option to the Kernel commandline:" +msgstr "This will add the following option to the Kernel commandline:" + +#: ../../configuration/system/option.rst:48 +msgid "This will add the following two options to the Kernel commandline:" +msgstr "This will add the following two options to the Kernel commandline:" + #: ../../configuration/interfaces/ethernet.rst:9 msgid "This will be the most widely used interface on a router carrying traffic to the real world." msgstr "This will be the most widely used interface on a router carrying traffic to the real world." -#: ../../configuration/protocols/static.rst:171 +#: ../../configuration/protocols/static.rst:204 msgid "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." msgstr "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." @@ -15239,7 +16384,7 @@ msgstr "This will render the following ddclient_ configuration entry:" msgid "This will show you a basic firewall overview" msgstr "This will show you a basic firewall overview" -#: ../../configuration/firewall/ipv4.rst:961 +#: ../../configuration/firewall/ipv4.rst:984 msgid "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" msgstr "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" @@ -15255,12 +16400,12 @@ msgstr "This will show you a basic summary of zones configuration." msgid "This will show you a rule-set statistic since the last boot." msgstr "This will show you a rule-set statistic since the last boot." -#: ../../configuration/firewall/ipv4.rst:1112 +#: ../../configuration/firewall/ipv4.rst:1135 #: ../../configuration/firewall/ipv6.rst:1135 msgid "This will show you a statistic of all rule-sets since the last boot." msgstr "This will show you a statistic of all rule-sets since the last boot." -#: ../../configuration/firewall/ipv4.rst:1016 +#: ../../configuration/firewall/ipv4.rst:1039 #: ../../configuration/firewall/ipv6.rst:1032 msgid "This will show you a summary of rule-sets and groups" msgstr "This will show you a summary of rule-sets and groups" @@ -15301,29 +16446,49 @@ msgstr "Time in seconds that the prefix will remain preferred (default 4 hours)" msgid "Time in seconds that the prefix will remain valid (default: 30 days)" msgstr "Time in seconds that the prefix will remain valid (default: 30 days)" +#: ../../configuration/service/router-advert.rst:1 +msgid "Time in seconds that the prefix will remain valid (default: 65528 seconds)" +msgstr "Time in seconds that the prefix will remain valid (default: 65528 seconds)" + #: ../../configuration/service/webproxy.rst:177 msgid "Time is in minutes and defaults to 60." msgstr "Time is in minutes and defaults to 60." -#: ../../configuration/firewall/ipv4.rst:874 +#: ../../configuration/firewall/ipv4.rst:897 #: ../../configuration/firewall/ipv6.rst:883 #: ../../configuration/policy/route.rst:225 msgid "Time to match the defined rule." msgstr "Time to match the defined rule." +#: ../../configuration/service/ipoe-server.rst:368 +#: ../../configuration/service/pppoe-server.rst:534 +#: ../../configuration/vpn/l2tp.rst:488 +#: ../../configuration/vpn/pptp.rst:412 +#: ../../configuration/vpn/sstp.rst:446 +msgid "Timeout in seconds" +msgstr "Timeout in seconds" + #: ../../configuration/protocols/failover.rst:24 msgid "Timeout in seconds between health target checks." msgstr "Timeout in seconds between health target checks." -#: ../../configuration/vpn/sstp.rst:234 +#: ../../configuration/service/ipoe-server.rst:174 +#: ../../configuration/service/pppoe-server.rst:136 +#: ../../configuration/vpn/l2tp.rst:179 +#: ../../configuration/vpn/pptp.rst:119 +#: ../../configuration/vpn/sstp.rst:152 msgid "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" msgstr "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" -#: ../../configuration/vpn/sstp.rst:254 +#: ../../configuration/service/ipoe-server.rst:194 +#: ../../configuration/service/pppoe-server.rst:156 +#: ../../configuration/vpn/l2tp.rst:199 +#: ../../configuration/vpn/pptp.rst:139 +#: ../../configuration/vpn/sstp.rst:172 msgid "Timeout to wait response from server (seconds)" msgstr "Timeout to wait response from server (seconds)" -#: ../../configuration/protocols/bgp.rst:667 +#: ../../configuration/protocols/bgp.rst:689 #: ../../configuration/protocols/isis.rst:257 msgid "Timers" msgstr "Timers" @@ -15332,7 +16497,7 @@ msgstr "Timers" msgid "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" msgstr "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" -#: ../../configuration/vpn/l2tp.rst:58 +#: ../../configuration/vpn/l2tp.rst:108 msgid "To allow VPN-clients access via your external address, a NAT rule is required:" msgstr "To allow VPN-clients access via your external address, a NAT rule is required:" @@ -15344,7 +16509,7 @@ msgstr "To allow listing additional custom domain, for example ``openthread.thre msgid "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" msgstr "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" -#: ../../configuration/vpn/site2site_ipsec.rst:257 +#: ../../configuration/vpn/site2site_ipsec.rst:260 msgid "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" msgstr "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" @@ -15442,11 +16607,11 @@ msgstr "To configure syslog, you need to switch into configuration mode." msgid "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." msgstr "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." -#: ../../configuration/service/ipoe-server.rst:98 +#: ../../configuration/service/ipoe-server.rst:99 msgid "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." msgstr "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." -#: ../../configuration/system/login.rst:377 +#: ../../configuration/system/login.rst:381 msgid "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." msgstr "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." @@ -15462,11 +16627,11 @@ msgstr "To create routing table 100 and add a new default gateway to be used by msgid "To define a zone setup either one with interfaces or a local zone." msgstr "To define a zone setup either one with interfaces or a local zone." -#: ../../configuration/service/router-advert.rst:75 +#: ../../configuration/service/router-advert.rst:101 msgid "To disable advertisements without deleting the configuration:" msgstr "To disable advertisements without deleting the configuration:" -#: ../../configuration/system/login.rst:190 +#: ../../configuration/system/login.rst:194 msgid "To display the configured OTP user key, use the command:" msgstr "To display the configured OTP user key, use the command:" @@ -15483,7 +16648,11 @@ msgstr "To enable/disable helper support for a specific neighbour, the router-id msgid "To enable MLD reports and query on interfaces `eth0` and `eth1`:" msgstr "To enable MLD reports and query on interfaces `eth0` and `eth1`:" -#: ../../configuration/vpn/l2tp.rst:141 +#: ../../configuration/service/ipoe-server.rst:116 +#: ../../configuration/service/pppoe-server.rst:78 +#: ../../configuration/vpn/l2tp.rst:121 +#: ../../configuration/vpn/pptp.rst:61 +#: ../../configuration/vpn/sstp.rst:94 msgid "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." msgstr "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." @@ -15511,6 +16680,10 @@ msgstr "To enable the HTTP security headers in the configuration file, use the c msgid "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" msgstr "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" +#: ../../configuration/vpn/l2tp.rst:282 +msgid "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." +msgstr "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." + #: ../../configuration/service/snmp.rst:216 msgid "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." msgstr "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." @@ -15527,11 +16700,15 @@ msgstr "To generate the CA, the server private key and certificates the followin msgid "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." msgstr "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." -#: ../../configuration/service/dhcp-server.rst:566 +#: ../../configuration/service/dhcp-server.rst:572 msgid "To hand out individual prefixes to your clients the following configuration is used:" msgstr "To hand out individual prefixes to your clients the following configuration is used:" -#: ../../configuration/highavailability/index.rst:336 +#: ../../configuration/vpn/ipsec.rst:405 +msgid "To import it from the filesystem use:" +msgstr "To import it from the filesystem use:" + +#: ../../configuration/highavailability/index.rst:346 msgid "To know more about scripting, check the :ref:`command-scripting` section." msgstr "To know more about scripting, check the :ref:`command-scripting` section." @@ -15539,7 +16716,7 @@ msgstr "To know more about scripting, check the :ref:`command-scripting` section msgid "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" msgstr "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" -#: ../../configuration/protocols/static.rst:161 +#: ../../configuration/protocols/static.rst:194 msgid "To manipulate or display ARP_ table entries, the following commands are implemented." msgstr "To manipulate or display ARP_ table entries, the following commands are implemented." @@ -15552,7 +16729,7 @@ msgstr "To perform a graceful shutdown, the FRR ``graceful-restart prepare ip os msgid "To request a /56 prefix from your ISP use:" msgstr "To request a /56 prefix from your ISP use:" -#: ../../configuration/service/dhcp-server.rst:680 +#: ../../configuration/service/dhcp-server.rst:688 msgid "To restart the DHCPv6 server" msgstr "To restart the DHCPv6 server" @@ -15568,7 +16745,7 @@ msgstr "To setup a destination NAT rule we need to gather:" msgid "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" msgstr "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" -#: ../../configuration/service/ipoe-server.rst:113 +#: ../../configuration/service/ipoe-server.rst:114 msgid "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." msgstr "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." @@ -15596,6 +16773,10 @@ msgstr "Topology:" msgid "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" msgstr "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" +#: ../../configuration/service/ipoe-server.rst:433 +msgid "Toubleshooting" +msgstr "Toubleshooting" + #: ../../configuration/highavailability/index.rst:171 msgid "Track" msgstr "Track" @@ -15644,7 +16825,7 @@ msgstr "Traffic from multicast sources will go to the Rendezvous Point, and rece msgid "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." msgstr "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." -#: ../../configuration/firewall/ipv4.rst:928 +#: ../../configuration/firewall/ipv4.rst:951 #: ../../configuration/firewall/ipv6.rst:937 msgid "Traffic must be symmetric" msgstr "Traffic must be symmetric" @@ -15653,11 +16834,11 @@ msgstr "Traffic must be symmetric" msgid "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" msgstr "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" -#: ../../configuration/highavailability/index.rst:322 +#: ../../configuration/highavailability/index.rst:332 msgid "Transition scripts" msgstr "Transition scripts" -#: ../../configuration/highavailability/index.rst:324 +#: ../../configuration/highavailability/index.rst:334 msgid "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" msgstr "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" @@ -15667,6 +16848,8 @@ msgstr "Transparent Proxy" #: ../../configuration/interfaces/openvpn.rst:701 #: ../../configuration/interfaces/tunnel.rst:227 +#: ../../configuration/vpn/pptp.rst:484 +#: ../../configuration/vpn/sstp.rst:580 msgid "Troubleshooting" msgstr "Troubleshooting" @@ -15682,6 +16865,10 @@ msgstr "Tunnel" msgid "Tunnel keys" msgstr "Tunnel keys" +#: ../../configuration/vpn/l2tp.rst:280 +msgid "Tunnel password used to authenticate the client (LAC)" +msgstr "Tunnel password used to authenticate the client (LAC)" + #: ../../configuration/loadbalancing/wan.rst:257 msgid "Two environment variables are available:" msgstr "Two environment variables are available:" @@ -15714,15 +16901,15 @@ msgstr "UDP Broadcast Relay" msgid "UDP mode works better with NAT:" msgstr "UDP mode works better with NAT:" -#: ../../configuration/vpn/l2tp.rst:34 +#: ../../configuration/vpn/l2tp.rst:84 msgid "UDP port 1701 for IPsec" msgstr "UDP port 1701 for IPsec" -#: ../../configuration/vpn/l2tp.rst:39 +#: ../../configuration/vpn/l2tp.rst:89 msgid "UDP port 4500 (NAT-T)" msgstr "UDP port 4500 (NAT-T)" -#: ../../configuration/vpn/l2tp.rst:32 +#: ../../configuration/vpn/l2tp.rst:82 msgid "UDP port 500 (IKE)" msgstr "UDP port 500 (IKE)" @@ -15778,11 +16965,11 @@ msgstr "Up to seven queues -defined as classes_ with different priorities- can b msgid "Update" msgstr "Update" -#: ../../configuration/container/index.rst:171 +#: ../../configuration/container/index.rst:207 msgid "Update container image" msgstr "Update container image" -#: ../../configuration/firewall/ipv4.rst:1175 +#: ../../configuration/firewall/ipv4.rst:1198 #: ../../configuration/firewall/ipv6.rst:1191 msgid "Update geoip database" msgstr "Update geoip database" @@ -15795,10 +16982,17 @@ msgstr "Updates" msgid "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." msgstr "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." -#: ../../configuration/vpn/sstp.rst:90 +#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/vpn/l2tp.rst:391 +#: ../../configuration/vpn/pptp.rst:315 +#: ../../configuration/vpn/sstp.rst:349 msgid "Upload bandwidth limit in kbit/s for `<user>`." msgstr "Upload bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:325 +msgid "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." +msgstr "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." + #: ../../configuration/loadbalancing/wan.rst:209 msgid "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" msgstr "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" @@ -15816,7 +17010,7 @@ msgstr "Use 802.11n protocol" msgid "Use CA certificate from PKI subsystem" msgstr "Use CA certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:365 +#: ../../configuration/service/dns.rst:379 msgid "Use DynDNS as your preferred provider:" msgstr "Use DynDNS as your preferred provider:" @@ -15848,27 +17042,27 @@ msgstr "Use `delete system conntrack modules` to deactive all modules." msgid "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." msgstr "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." -#: ../../configuration/firewall/ipv4.rst:515 +#: ../../configuration/firewall/ipv4.rst:538 #: ../../configuration/firewall/ipv6.rst:525 msgid "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:578 +#: ../../configuration/firewall/ipv4.rst:601 #: ../../configuration/firewall/ipv6.rst:588 msgid "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:599 +#: ../../configuration/firewall/ipv4.rst:622 #: ../../configuration/firewall/ipv6.rst:609 msgid "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:536 +#: ../../configuration/firewall/ipv4.rst:559 #: ../../configuration/firewall/ipv6.rst:546 msgid "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:557 +#: ../../configuration/firewall/ipv4.rst:580 #: ../../configuration/firewall/ipv6.rst:567 msgid "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." @@ -15885,7 +17079,7 @@ msgstr "Use an automatically generated self-signed certificate" msgid "Use any local address, configured on any interface if this is not set." msgstr "Use any local address, configured on any interface if this is not set." -#: ../../configuration/service/dns.rst:279 +#: ../../configuration/service/dns.rst:263 msgid "Use auth key file at ``/config/auth/my.key``" msgstr "Use auth key file at ``/config/auth/my.key``" @@ -15893,10 +17087,14 @@ msgstr "Use auth key file at ``/config/auth/my.key``" msgid "Use certificate from PKI subsystem" msgstr "Use certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:408 +#: ../../configuration/service/dns.rst:410 msgid "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." msgstr "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." +#: ../../configuration/service/dns.rst:368 +msgid "Use deSEC (dedyn.io) as your preferred provider:" +msgstr "Use deSEC (dedyn.io) as your preferred provider:" + #: ../../configuration/firewall/general-legacy.rst:478 msgid "Use inverse-match to match anything except the given country-codes." msgstr "Use inverse-match to match anything except the given country-codes." @@ -15905,7 +17103,7 @@ msgstr "Use inverse-match to match anything except the given country-codes." msgid "Use local socket for API" msgstr "Use local socket for API" -#: ../../configuration/vpn/sstp.rst:288 +#: ../../configuration/vpn/sstp.rst:357 msgid "Use local user `foo` with password `bar`" msgstr "Use local user `foo` with password `bar`" @@ -15913,7 +17111,7 @@ msgstr "Use local user `foo` with password `bar`" msgid "Use tab completion to get a list of categories." msgstr "Use tab completion to get a list of categories." -#: ../../configuration/system/option.rst:53 +#: ../../configuration/system/option.rst:83 msgid "Use the address of the specified interface on the local machine as the source address of the connection." msgstr "Use the address of the specified interface on the local machine as the source address of the connection." @@ -15925,7 +17123,7 @@ msgstr "Use the following topology to build a nat66 based isolated network betwe msgid "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." msgstr "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." -#: ../../configuration/system/option.rst:48 +#: ../../configuration/system/option.rst:78 msgid "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." msgstr "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." @@ -15957,10 +17155,26 @@ msgstr "Use this PIM command to modify the time out value (31-60000 seconds) for msgid "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." -#: ../../configuration/vpn/sstp.rst:137 +#: ../../configuration/service/ipoe-server.rst:261 +msgid "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/service/pppoe-server.rst:355 +msgid "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/pptp.rst:223 +msgid "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/sstp.rst:257 msgid "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +#: ../../configuration/vpn/l2tp.rst:299 +msgid "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + #: ../../configuration/service/pppoe-server.rst:93 msgid "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." msgstr "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." @@ -16005,7 +17219,7 @@ msgstr "Use this command to check the tunnel status for OpenVPN server interface msgid "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." msgstr "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." -#: ../../configuration/system/ipv6.rst:154 +#: ../../configuration/system/ipv6.rst:167 msgid "Use this command to clear Border Gateway Protocol statistics or status." msgstr "Use this command to clear Border Gateway Protocol statistics or status." @@ -16013,16 +17227,32 @@ msgstr "Use this command to clear Border Gateway Protocol statistics or status." msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." -#: ../../configuration/vpn/sstp.rst:146 +#: ../../configuration/service/ipoe-server.rst:269 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/service/pppoe-server.rst:363 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/pptp.rst:231 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/sstp.rst:265 msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +#: ../../configuration/vpn/l2tp.rst:307 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + #: ../../configuration/service/pppoe-server.rst:120 msgid "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." msgstr "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." -#: ../../configuration/protocols/static.rst:112 -#: ../../configuration/protocols/static.rst:125 +#: ../../configuration/protocols/static.rst:146 +#: ../../configuration/protocols/static.rst:159 msgid "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." msgstr "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." @@ -16226,6 +17456,10 @@ msgstr "Use this command to control the maximum number of equal cost paths to re msgid "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." msgstr "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." +#: ../../configuration/vpn/l2tp.rst:68 +msgid "Use this command to define IPsec interface." +msgstr "Use this command to define IPsec interface." + #: ../../configuration/trafficpolicy/index.rst:425 msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." @@ -16234,8 +17468,19 @@ msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." -#: ../../configuration/service/pppoe-server.rst:81 -#: ../../configuration/vpn/sstp.rst:132 +#: ../../configuration/service/ipoe-server.rst:277 +#: ../../configuration/service/pppoe-server.rst:371 +#: ../../configuration/vpn/l2tp.rst:315 +#: ../../configuration/vpn/pptp.rst:239 +#: ../../configuration/vpn/sstp.rst:273 +msgid "Use this command to define default IPv6 address pool name." +msgstr "Use this command to define default IPv6 address pool name." + +#: ../../configuration/service/ipoe-server.rst:77 +#: ../../configuration/service/pppoe-server.rst:61 +#: ../../configuration/vpn/l2tp.rst:48 +#: ../../configuration/vpn/pptp.rst:50 +#: ../../configuration/vpn/sstp.rst:75 msgid "Use this command to define default address pool name." msgstr "Use this command to define default address pool name." @@ -16255,15 +17500,31 @@ msgstr "Use this command to define in the selected interface whether you choose msgid "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +#: ../../configuration/service/ipoe-server.rst:70 +msgid "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + #: ../../configuration/service/pppoe-server.rst:73 msgid "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." -#: ../../configuration/vpn/sstp.rst:121 +#: ../../configuration/vpn/pptp.rst:43 +msgid "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/vpn/sstp.rst:68 msgid "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." -#: ../../configuration/service/pppoe-server.rst:42 +#: ../../configuration/vpn/l2tp.rst:41 +msgid "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:54 +msgid "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:65 msgid "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." msgstr "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." @@ -16283,8 +17544,11 @@ msgstr "Use this command to define the maximum number of entries to keep in the msgid "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." msgstr "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." -#: ../../configuration/service/pppoe-server.rst:77 -#: ../../configuration/vpn/sstp.rst:128 +#: ../../configuration/service/ipoe-server.rst:332 +#: ../../configuration/service/pppoe-server.rst:450 +#: ../../configuration/vpn/l2tp.rst:404 +#: ../../configuration/vpn/pptp.rst:328 +#: ../../configuration/vpn/sstp.rst:362 msgid "Use this command to define the next address pool name." msgstr "Use this command to define the next address pool name." @@ -16352,7 +17616,7 @@ msgstr "Use this command to enable PIMv6 in the selected interface so that it ca msgid "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." msgstr "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." -#: ../../configuration/service/pppoe-server.rst:236 +#: ../../configuration/service/pppoe-server.rst:310 msgid "Use this command to enable bandwidth shaping via RADIUS." msgstr "Use this command to enable bandwidth shaping via RADIUS." @@ -16364,7 +17628,7 @@ msgstr "Use this command to enable proxy Address Resolution Protocol (ARP) on th msgid "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." msgstr "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." -#: ../../configuration/service/pppoe-server.rst:249 +#: ../../configuration/service/pppoe-server.rst:323 msgid "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." msgstr "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." @@ -16386,7 +17650,7 @@ msgstr "Use this command to enable the logging of the default action on custom c msgid "Use this command to enable the logging of the default action on the specified chain." msgstr "Use this command to enable the logging of the default action on the specified chain." -#: ../../configuration/system/ipv6.rst:165 +#: ../../configuration/system/ipv6.rst:178 msgid "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." msgstr "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." @@ -16394,11 +17658,11 @@ msgstr "Use this command to flush the kernel IPv6 route cache. An address can be msgid "Use this command to get an overview of a zone." msgstr "Use this command to get an overview of a zone." -#: ../../configuration/system/ipv6.rst:120 +#: ../../configuration/system/ipv6.rst:133 msgid "Use this command to get information about OSPFv3." msgstr "Use this command to get information about OSPFv3." -#: ../../configuration/system/ipv6.rst:142 +#: ../../configuration/system/ipv6.rst:155 msgid "Use this command to get information about the RIPNG protocol" msgstr "Use this command to get information about the RIPNG protocol" @@ -16410,10 +17674,22 @@ msgstr "Use this command to instruct the system to establish a PPPoE connection msgid "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." msgstr "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." -#: ../../configuration/service/pppoe-server.rst:311 +#: ../../configuration/service/ipoe-server.rst:394 +msgid "Use this command to locally check the active sessions in the IPoE server." +msgstr "Use this command to locally check the active sessions in the IPoE server." + +#: ../../configuration/service/pppoe-server.rst:587 msgid "Use this command to locally check the active sessions in the PPPoE server." msgstr "Use this command to locally check the active sessions in the PPPoE server." +#: ../../configuration/vpn/pptp.rst:446 +msgid "Use this command to locally check the active sessions in the PPTP server." +msgstr "Use this command to locally check the active sessions in the PPTP server." + +#: ../../configuration/vpn/sstp.rst:542 +msgid "Use this command to locally check the active sessions in the SSTP server." +msgstr "Use this command to locally check the active sessions in the SSTP server." + #: ../../configuration/protocols/igmp.rst:104 msgid "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." msgstr "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." @@ -16427,7 +17703,7 @@ msgstr "Use this command to not install advertised DNS nameservers into the loca msgid "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." msgstr "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." -#: ../../configuration/system/ipv6.rst:160 +#: ../../configuration/system/ipv6.rst:173 msgid "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." msgstr "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." @@ -16467,7 +17743,7 @@ msgstr "Use this command to see discovery hello information" msgid "Use this command to see the Label Information Base." msgstr "Use this command to see the Label Information Base." -#: ../../configuration/service/pppoe-server.rst:26 +#: ../../configuration/service/pppoe-server.rst:33 msgid "Use this command to set a name for this PPPoE-server access concentrator." msgstr "Use this command to set a name for this PPPoE-server access concentrator." @@ -16511,31 +17787,31 @@ msgstr "Use this command to set the username for authenticating with a remote PP msgid "Use this command to show IPv6 Border Gateway Protocol information." msgstr "Use this command to show IPv6 Border Gateway Protocol information." -#: ../../configuration/system/ipv6.rst:50 +#: ../../configuration/system/ipv6.rst:63 msgid "Use this command to show IPv6 Neighbor Discovery Protocol information." msgstr "Use this command to show IPv6 Neighbor Discovery Protocol information." -#: ../../configuration/system/ipv6.rst:58 +#: ../../configuration/system/ipv6.rst:71 msgid "Use this command to show IPv6 forwarding status." msgstr "Use this command to show IPv6 forwarding status." -#: ../../configuration/system/ipv6.rst:54 +#: ../../configuration/system/ipv6.rst:67 msgid "Use this command to show IPv6 multicast group membership." msgstr "Use this command to show IPv6 multicast group membership." -#: ../../configuration/system/ipv6.rst:62 +#: ../../configuration/system/ipv6.rst:75 msgid "Use this command to show IPv6 routes." msgstr "Use this command to show IPv6 routes." -#: ../../configuration/system/ipv6.rst:105 +#: ../../configuration/system/ipv6.rst:118 msgid "Use this command to show all IPv6 access lists" msgstr "Use this command to show all IPv6 access lists" -#: ../../configuration/system/ipv6.rst:90 +#: ../../configuration/system/ipv6.rst:103 msgid "Use this command to show all IPv6 prefix lists" msgstr "Use this command to show all IPv6 prefix lists" -#: ../../configuration/system/ipv6.rst:146 +#: ../../configuration/system/ipv6.rst:159 msgid "Use this command to show the status of the RIPNG protocol" msgstr "Use this command to show the status of the RIPNG protocol" @@ -16595,6 +17871,14 @@ msgstr "Used to block specific domains by the Proxy. Specifying \"vyos.net\" wil msgid "User-level messages" msgstr "User-level messages" +#: ../../configuration/service/ipoe-server.rst:250 +#: ../../configuration/service/pppoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:255 +#: ../../configuration/vpn/pptp.rst:195 +#: ../../configuration/vpn/sstp.rst:228 +msgid "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." +msgstr "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." + #: ../../configuration/policy/examples.rst:18 msgid "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." @@ -16603,11 +17887,11 @@ msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing t msgid "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." msgstr "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." -#: ../../configuration/protocols/bgp.rst:900 +#: ../../configuration/protocols/bgp.rst:922 msgid "Using BGP confederation" msgstr "Using BGP confederation" -#: ../../configuration/protocols/bgp.rst:899 +#: ../../configuration/protocols/bgp.rst:921 msgid "Using BGP route-reflectors" msgstr "Using BGP route-reflectors" @@ -16615,6 +17899,10 @@ msgstr "Using BGP route-reflectors" msgid "Using VLAN aware Bridge" msgstr "Using VLAN aware Bridge" +#: ../../configuration/vpn/sstp.rst:29 +msgid "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" +msgstr "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" + #: ../../configuration/interfaces/bridge.rst:266 msgid "Using the operation mode command to view Bridge Information" msgstr "Using the operation mode command to view Bridge Information" @@ -16652,6 +17940,10 @@ msgstr "VHT operating channel center frequency - center freq 2 (for use with the msgid "VLAN" msgstr "VLAN" +#: ../../configuration/service/pppoe-server.rst:232 +msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." +msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." + #: ../../configuration/service/pppoe-server.rst:163 msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." @@ -16668,6 +17960,10 @@ msgstr "VLAN Example" msgid "VLAN Options" msgstr "VLAN Options" +#: ../../configuration/service/ipoe-server.rst:315 +msgid "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" +msgstr "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" + #: ../../configuration/service/lldp.rst:28 msgid "VLAN name" msgstr "VLAN name" @@ -16688,32 +17984,32 @@ msgstr "VPN-clients will request configuration parameters, optionally you can DN msgid "VRF" msgstr "VRF" -#: ../../configuration/vrf/index.rst:411 +#: ../../configuration/vrf/index.rst:430 msgid "VRF Route Leaking" msgstr "VRF Route Leaking" -#: ../../configuration/vrf/index.rst:283 +#: ../../configuration/vrf/index.rst:302 msgid "VRF and NAT" msgstr "VRF and NAT" -#: ../../configuration/vrf/index.rst:380 +#: ../../configuration/vrf/index.rst:399 msgid "VRF blue routing table" msgstr "VRF blue routing table" -#: ../../configuration/vrf/index.rst:347 +#: ../../configuration/vrf/index.rst:366 msgid "VRF default routing table" msgstr "VRF default routing table" -#: ../../configuration/vrf/index.rst:363 +#: ../../configuration/vrf/index.rst:382 msgid "VRF red routing table" msgstr "VRF red routing table" -#: ../../configuration/vrf/index.rst:235 -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:254 +#: ../../configuration/vrf/index.rst:261 msgid "VRF route leaking" msgstr "VRF route leaking" -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:261 msgid "VRF topology example" msgstr "VRF topology example" @@ -16769,11 +18065,19 @@ msgstr "Valid values are 0..255." msgid "Value" msgstr "Value" -#: ../../configuration/vpn/sstp.rst:263 +#: ../../configuration/service/ipoe-server.rst:203 +#: ../../configuration/service/pppoe-server.rst:165 +#: ../../configuration/vpn/l2tp.rst:208 +#: ../../configuration/vpn/pptp.rst:148 +#: ../../configuration/vpn/sstp.rst:181 msgid "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." msgstr "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." -#: ../../configuration/vpn/sstp.rst:258 +#: ../../configuration/service/ipoe-server.rst:198 +#: ../../configuration/service/pppoe-server.rst:160 +#: ../../configuration/vpn/l2tp.rst:203 +#: ../../configuration/vpn/pptp.rst:143 +#: ../../configuration/vpn/sstp.rst:176 msgid "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." msgstr "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." @@ -16795,11 +18099,11 @@ msgstr "Verify that connections are hitting the rule on both sides:" msgid "Version" msgstr "Version" -#: ../../configuration/highavailability/index.rst:339 +#: ../../configuration/highavailability/index.rst:349 msgid "Virtual-server" msgstr "Virtual-server" -#: ../../configuration/highavailability/index.rst:398 +#: ../../configuration/highavailability/index.rst:408 msgid "Virtual-server can be configured with VRRP virtual address or without VRRP." msgstr "Virtual-server can be configured with VRRP virtual address or without VRRP." @@ -16807,7 +18111,7 @@ msgstr "Virtual-server can be configured with VRRP virtual address or without VR msgid "Virtual Ethernet" msgstr "Virtual Ethernet" -#: ../../configuration/highavailability/index.rst:342 +#: ../../configuration/highavailability/index.rst:352 msgid "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." msgstr "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." @@ -16823,11 +18127,11 @@ msgstr "VyOS 1.1 supported login as user ``root``. This has been removed due to msgid "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." msgstr "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." -#: ../../configuration/vrf/index.rst:84 +#: ../../configuration/vrf/index.rst:103 msgid "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." msgstr "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." -#: ../../configuration/pki/index.rst:9 +#: ../../configuration/pki/index.rst:11 msgid "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." msgstr "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." @@ -16839,7 +18143,7 @@ msgstr "VyOS 1.4 uses chrony instead of ntpd (see :vytask:`T3008`) which will no msgid "VyOS Arista EOS setup" msgstr "VyOS Arista EOS setup" -#: ../../configuration/vpn/ipsec.rst:120 +#: ../../configuration/vpn/ipsec.rst:123 msgid "VyOS ESP group has the next options:" msgstr "VyOS ESP group has the next options:" @@ -16883,10 +18187,14 @@ msgstr "VyOS SNMP supports both IPv4 and IPv6." msgid "VyOS also comes with a build in SSTP server, see :ref:`sstp`." msgstr "VyOS also comes with a build in SSTP server, see :ref:`sstp`." -#: ../../configuration/service/dhcp-server.rst:504 +#: ../../configuration/service/dhcp-server.rst:510 msgid "VyOS also provides DHCPv6 server functionality which is described in this section." msgstr "VyOS also provides DHCPv6 server functionality which is described in this section." +#: ../../configuration/vpn/ipsec.rst:474 +msgid "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." +msgstr "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:127 msgid "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." msgstr "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." @@ -16928,7 +18236,11 @@ msgstr "VyOS facilitates IP Multicast by supporting **PIM Sparse Mode**, **IGMP* msgid "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." msgstr "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." -#: ../../configuration/service/dns.rst:214 +#: ../../configuration/service/ids.rst:17 +msgid "VyOS includes the FastNetMon Community Edition." +msgstr "VyOS includes the FastNetMon Community Edition." + +#: ../../configuration/service/dns.rst:201 msgid "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." msgstr "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." @@ -16952,15 +18264,15 @@ msgstr "VyOS makes use of Linux `netfilter <https://netfilter.org/>`_ for packet msgid "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" msgstr "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" -#: ../../configuration/pki/index.rst:21 +#: ../../configuration/pki/index.rst:23 msgid "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." msgstr "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." -#: ../../configuration/pki/index.rst:35 +#: ../../configuration/pki/index.rst:37 msgid "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." msgstr "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." -#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:323 msgid "VyOS operational mode commands are not only available for generating keys but also to display them." msgstr "VyOS operational mode commands are not only available for generating keys but also to display them." @@ -17000,6 +18312,10 @@ msgstr "VyOS provides some operational commands on OpenVPN." msgid "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." msgstr "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." +#: ../../configuration/pki/index.rst:255 +msgid "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." +msgstr "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." + #: ../../configuration/loadbalancing/reverse-proxy.rst:8 msgid "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." msgstr "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." @@ -17020,6 +18336,10 @@ msgstr "VyOS supports both MLD version 1 and version 2 (which allows source-spec msgid "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." msgstr "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." +#: ../../configuration/vpn/ipsec.rst:452 +msgid "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." +msgstr "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." + #: ../../configuration/system/updates.rst:5 msgid "VyOS supports online checking for updates" msgstr "VyOS supports online checking for updates" @@ -17060,11 +18380,11 @@ msgstr "VyOS uses the `mirror` option to configure port mirroring. The configura msgid "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." -#: ../../configuration/service/ipoe-server.rst:9 +#: ../../configuration/service/ipoe-server.rst:7 msgid "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." -#: ../../configuration/vpn/l2tp.rst:6 +#: ../../configuration/vpn/l2tp.rst:7 msgid "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." @@ -17076,7 +18396,7 @@ msgstr "VyOS utilizes accel-ppp_ to provide SSTP server functionality. We suppor msgid "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." msgstr "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." -#: ../../configuration/vpn/site2site_ipsec.rst:164 +#: ../../configuration/vpn/site2site_ipsec.rst:167 msgid "WAN interface on `eth1`" msgstr "WAN interface on `eth1`" @@ -17117,7 +18437,7 @@ msgstr "We'll configure OpenVPN using self-signed certificates, and then discuss msgid "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." msgstr "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." -#: ../../configuration/vpn/ipsec.rst:232 +#: ../../configuration/vpn/ipsec.rst:236 msgid "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." msgstr "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." @@ -17129,11 +18449,15 @@ msgstr "We can't support all displays from the beginning. If your display type i msgid "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." msgstr "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." -#: ../../configuration/protocols/rpki.rst:158 +#: ../../configuration/protocols/rpki.rst:168 msgid "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" msgstr "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" -#: ../../configuration/protocols/bgp.rst:1249 +#: ../../configuration/vpn/ipsec.rst:456 +msgid "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." +msgstr "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." + +#: ../../configuration/protocols/bgp.rst:1271 msgid "We could expand on this and also deny link local and multicast in the rule 20 action deny." msgstr "We could expand on this and also deny link local and multicast in the rule 20 action deny." @@ -17145,6 +18469,10 @@ msgstr "We do not have CLI nodes for every single OpenVPN option. If an option i msgid "We don't recomend to use arguments. Using environments is more preffereble." msgstr "We don't recomend to use arguments. Using environments is more preffereble." +#: ../../configuration/vpn/ipsec.rst:506 +msgid "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." +msgstr "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." + #: ../../configuration/interfaces/wireguard.rst:148 msgid "We listen on port 51820" msgstr "We listen on port 51820" @@ -17153,7 +18481,7 @@ msgstr "We listen on port 51820" msgid "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" msgstr "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" -#: ../../configuration/system/option.rst:85 +#: ../../configuration/system/option.rst:115 msgid "We now utilize `tuned` for dynamic resource balancing based on profiles." msgstr "We now utilize `tuned` for dynamic resource balancing based on profiles." @@ -17169,7 +18497,7 @@ msgstr "We only need a single step for this interface:" msgid "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" msgstr "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" -#: ../../configuration/system/login.rst:420 +#: ../../configuration/system/login.rst:424 msgid "We use a vontainer providing the TACACS serve rin this example." msgstr "We use a vontainer providing the TACACS serve rin this example." @@ -17177,7 +18505,7 @@ msgstr "We use a vontainer providing the TACACS serve rin this example." msgid "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." msgstr "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." -#: ../../configuration/service/dhcp-server.rst:331 +#: ../../configuration/service/dhcp-server.rst:337 msgid "Web Proxy Autodiscovery (WPAD) URL" msgstr "Web Proxy Autodiscovery (WPAD) URL" @@ -17201,15 +18529,19 @@ msgstr "When LDP is working, you will be able to see label information in the ou msgid "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." msgstr "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." -#: ../../configuration/vrf/index.rst:73 +#: ../../configuration/vrf/index.rst:92 msgid "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." msgstr "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." -#: ../../configuration/service/dns.rst:354 +#: ../../configuration/service/dns.rst:351 +msgid "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." +msgstr "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." + +#: ../../configuration/service/dns.rst:357 msgid "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." msgstr "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." -#: ../../configuration/service/dns.rst:347 +#: ../../configuration/service/dns.rst:361 msgid "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." msgstr "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." @@ -17225,7 +18557,11 @@ msgstr "When a link is reconnected or a new slave joins the bond the receive tra msgid "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." msgstr "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." -#: ../../configuration/protocols/bgp.rst:684 +#: ../../configuration/protocols/bgp.rst:589 +msgid "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." +msgstr "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." + +#: ../../configuration/protocols/bgp.rst:706 msgid "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." msgstr "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." @@ -17237,7 +18573,7 @@ msgstr "When adding IPv6 routing information exchange feature to BGP. There were msgid "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." msgstr "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." -#: ../../configuration/service/pppoe-server.rst:169 +#: ../../configuration/service/pppoe-server.rst:238 msgid "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." msgstr "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." @@ -17271,17 +18607,21 @@ msgstr "When dequeuing, each hash-bucket with data is queried in a round robin f msgid "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." msgstr "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." -#: ../../configuration/vrf/index.rst:188 +#: ../../configuration/vrf/index.rst:207 msgid "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." msgstr "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." -#: ../../configuration/pki/index.rst:176 -#: ../../configuration/pki/index.rst:219 +#: ../../configuration/vpn/ipsec.rst:529 +msgid "When first connecting to the new VPN the user is prompted to enter proper credentials." +msgstr "When first connecting to the new VPN the user is prompted to enter proper credentials." + +#: ../../configuration/pki/index.rst:178 +#: ../../configuration/pki/index.rst:221 msgid "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" -#: ../../configuration/pki/index.rst:197 -#: ../../configuration/pki/index.rst:235 +#: ../../configuration/pki/index.rst:199 +#: ../../configuration/pki/index.rst:237 msgid "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" @@ -17325,7 +18665,7 @@ msgstr "When set the interface is enabled for \"dial-on-demand\"." msgid "When specified, this should be the only keyword for the interface." msgstr "When specified, this should be the only keyword for the interface." -#: ../../configuration/system/option.rst:60 +#: ../../configuration/system/option.rst:90 msgid "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." msgstr "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." @@ -17334,7 +18674,7 @@ msgstr "When starting a VyOS live system (the installation CD) the configured ke msgid "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." msgstr "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." -#: ../../configuration/vpn/site2site_ipsec.rst:416 +#: ../../configuration/vpn/site2site_ipsec.rst:419 msgid "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." msgstr "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." @@ -17346,6 +18686,10 @@ msgstr "When the command above is set, VyOS will answer every ICMP echo request msgid "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." msgstr "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." +#: ../../configuration/highavailability/index.rst:321 +msgid "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" +msgstr "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" + #: ../../_include/interface-address-with-dhcp.txt:14 msgid "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" msgstr "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" @@ -17366,6 +18710,10 @@ msgstr "When using NAT for a large number of host systems it recommended that a msgid "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." msgstr "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." +#: ../../configuration/protocols/rpki.rst:161 +msgid "When using SSH, private-key-file and public-key-file are mandatory options." +msgstr "When using SSH, private-key-file and public-key-file are mandatory options." + #: ../../configuration/vpn/openconnect.rst:222 msgid "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" msgstr "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" @@ -17450,12 +18798,23 @@ msgstr "Will be recorded only packets/flows on **incoming** direction in configu msgid "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" msgstr "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" +#: ../../configuration/vpn/ipsec.rst:501 +msgid "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." +msgstr "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." + +#: ../../configuration/service/pppoe-server.rst:579 +#: ../../configuration/vpn/l2tp.rst:514 +#: ../../configuration/vpn/pptp.rst:438 +#: ../../configuration/vpn/sstp.rst:472 +msgid "Windows Internet Name Service (WINS) servers propagated to client" +msgstr "Windows Internet Name Service (WINS) servers propagated to client" + #: ../../configuration/vpn/remoteaccess_ipsec.rst:147 msgid "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." msgstr "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." #: ../../configuration/interfaces/wireguard.rst:7 -#: ../../configuration/pki/index.rst:132 +#: ../../configuration/pki/index.rst:134 msgid "WireGuard" msgstr "WireGuard" @@ -17524,17 +18883,17 @@ msgstr "With this command, you can specify how the URL path should be matched ag msgid "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." msgstr "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." -#: ../../configuration/service/dhcp-server.rst:257 -#: ../../configuration/service/dhcp-server.rst:262 -#: ../../configuration/service/dhcp-server.rst:267 -#: ../../configuration/service/dhcp-server.rst:277 -#: ../../configuration/service/dhcp-server.rst:282 -#: ../../configuration/service/dhcp-server.rst:312 -#: ../../configuration/service/dhcp-server.rst:317 -#: ../../configuration/service/dhcp-server.rst:322 -#: ../../configuration/service/dhcp-server.rst:342 -#: ../../configuration/service/dhcp-server.rst:347 -#: ../../configuration/service/dhcp-server.rst:357 +#: ../../configuration/service/dhcp-server.rst:263 +#: ../../configuration/service/dhcp-server.rst:268 +#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:318 +#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:363 msgid "Y" msgstr "Y" @@ -17542,7 +18901,7 @@ msgstr "Y" msgid "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." msgstr "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." -#: ../../configuration/system/login.rst:365 +#: ../../configuration/system/login.rst:369 msgid "You are able to set post-login or pre-login banner messages to display certain information for this system." msgstr "You are able to set post-login or pre-login banner messages to display certain information for this system." @@ -17562,7 +18921,11 @@ msgstr "You can also define custom timeout values to apply to a specific subset msgid "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" msgstr "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" -#: ../../configuration/system/ipv6.rst:107 +#: ../../configuration/service/router-advert.rst:58 +msgid "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." +msgstr "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." + +#: ../../configuration/system/ipv6.rst:120 msgid "You can also specify which IPv6 access-list should be shown:" msgstr "You can also specify which IPv6 access-list should be shown:" @@ -17578,7 +18941,7 @@ msgstr "You can also use another attributes for identify client for disconnect, msgid "You can also write a description for a filter:" msgstr "You can also write a description for a filter:" -#: ../../configuration/system/login.rst:78 +#: ../../configuration/system/login.rst:82 msgid "You can assign multiple keys to the same user by using a unique identifier per SSH key." msgstr "You can assign multiple keys to the same user by using a unique identifier per SSH key." @@ -17614,7 +18977,7 @@ msgstr "You can create multiple VLAN interfaces on a physical interface. The VLA msgid "You can disable a VRRP group with ``disable`` option:" msgstr "You can disable a VRRP group with ``disable`` option:" -#: ../../configuration/system/ipv6.rst:122 +#: ../../configuration/system/ipv6.rst:135 msgid "You can get more specific OSPFv3 information by using the parameters shown below:" msgstr "You can get more specific OSPFv3 information by using the parameters shown below:" @@ -17626,11 +18989,11 @@ msgstr "You can not assign the same allowed-ips statement to multiple WireGuard msgid "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" msgstr "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" -#: ../../configuration/vpn/sstp.rst:332 +#: ../../configuration/vpn/sstp.rst:505 msgid "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." msgstr "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." -#: ../../configuration/system/login.rst:443 +#: ../../configuration/system/login.rst:447 msgid "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." msgstr "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." @@ -17718,6 +19081,10 @@ msgstr "You will also need the public key of your peer as well as the network(s) msgid "Your ISPs modem is connected to port ``eth0`` of your VyOS box." msgstr "Your ISPs modem is connected to port ``eth0`` of your VyOS box." +#: ../../configuration/service/router-advert.rst:110 +msgid "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" +msgstr "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" + #: ../../configuration/system/ip.rst:31 #: ../../configuration/system/ipv6.rst:27 #: ../../configuration/vrf/index.rst:44 @@ -17758,7 +19125,7 @@ msgstr "(This can be useful when a called service has many and/or often changing msgid ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." msgstr ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." -#: ../../configuration/protocols/static.rst:152 +#: ../../configuration/protocols/static.rst:185 msgid ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." msgstr ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." @@ -17818,7 +19185,7 @@ msgstr ":abbr:`IPSec (IP Security)` - too many RFCs to list, but start with :rfc msgid ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." msgstr ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." -#: ../../configuration/vrf/index.rst:401 +#: ../../configuration/vrf/index.rst:420 msgid ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." msgstr ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." @@ -18010,43 +19377,43 @@ msgstr ":lastproofread:2021-07-12" msgid ":opcmd:`generate pki wireguard key-pair`." msgstr ":opcmd:`generate pki wireguard key-pair`." -#: ../../configuration/vrf/index.rst:88 +#: ../../configuration/vrf/index.rst:107 msgid ":ref:`routing-bgp`" msgstr ":ref:`routing-bgp`" -#: ../../configuration/vrf/index.rst:104 +#: ../../configuration/vrf/index.rst:123 msgid ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" msgstr ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" -#: ../../configuration/vrf/index.rst:89 +#: ../../configuration/vrf/index.rst:108 msgid ":ref:`routing-isis`" msgstr ":ref:`routing-isis`" -#: ../../configuration/vrf/index.rst:105 +#: ../../configuration/vrf/index.rst:124 msgid ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" msgstr ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" -#: ../../configuration/vrf/index.rst:90 +#: ../../configuration/vrf/index.rst:109 msgid ":ref:`routing-ospf`" msgstr ":ref:`routing-ospf`" -#: ../../configuration/vrf/index.rst:106 +#: ../../configuration/vrf/index.rst:125 msgid ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" msgstr ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" -#: ../../configuration/vrf/index.rst:91 +#: ../../configuration/vrf/index.rst:110 msgid ":ref:`routing-ospfv3`" msgstr ":ref:`routing-ospfv3`" -#: ../../configuration/vrf/index.rst:107 +#: ../../configuration/vrf/index.rst:126 msgid ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" msgstr ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" -#: ../../configuration/vrf/index.rst:92 +#: ../../configuration/vrf/index.rst:111 msgid ":ref:`routing-static`" msgstr ":ref:`routing-static`" -#: ../../configuration/vrf/index.rst:108 +#: ../../configuration/vrf/index.rst:127 msgid ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" @@ -18054,7 +19421,7 @@ msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgid ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." msgstr ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." -#: ../../configuration/service/dns.rst:230 +#: ../../configuration/service/dns.rst:217 msgid ":rfc:`2136` Based" msgstr ":rfc:`2136` Based" @@ -18062,7 +19429,7 @@ msgstr ":rfc:`2136` Based" msgid ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." msgstr ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." -#: ../../configuration/pki/index.rst:15 +#: ../../configuration/pki/index.rst:17 msgid ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." msgstr ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." @@ -18086,19 +19453,19 @@ msgstr "`4. Add optional parameters`_" msgid "`<name>` must be identical on both sides!" msgstr "`<name>` must be identical on both sides!" -#: ../../configuration/pki/index.rst:202 +#: ../../configuration/pki/index.rst:204 msgid "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:181 +#: ../../configuration/pki/index.rst:183 msgid "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:240 +#: ../../configuration/pki/index.rst:242 msgid "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:224 +#: ../../configuration/pki/index.rst:226 msgid "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" @@ -18202,7 +19569,7 @@ msgstr "``802.3ad`` - IEEE 802.3ad Dynamic link aggregation. Creates aggregation msgid "``9600`` - 9600 bps" msgstr "``9600`` - 9600 bps" -#: ../../configuration/vpn/ipsec.rst:149 +#: ../../configuration/vpn/ipsec.rst:152 msgid "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" @@ -18210,6 +19577,14 @@ msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgid "``Known limitations:``" msgstr "``Known limitations:``" +#: ../../configuration/service/ipoe-server.rst:247 +#: ../../configuration/service/pppoe-server.rst:209 +#: ../../configuration/vpn/l2tp.rst:252 +#: ../../configuration/vpn/pptp.rst:192 +#: ../../configuration/vpn/sstp.rst:225 +msgid "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." +msgstr "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." + #: ../../configuration/loadbalancing/wan.rst:259 msgid "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" msgstr "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" @@ -18226,11 +19601,11 @@ msgstr "``a`` - 802.11a - 54 Mbits/sec" msgid "``ac`` - 802.11ac - 1300 Mbits/sec" msgstr "``ac`` - 802.11ac - 1300 Mbits/sec" -#: ../../configuration/policy/route-map.rst:375 +#: ../../configuration/policy/route-map.rst:378 msgid "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" msgstr "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" -#: ../../configuration/policy/route-map.rst:368 +#: ../../configuration/policy/route-map.rst:371 msgid "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" msgstr "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" @@ -18256,7 +19631,7 @@ msgstr "``active-backup`` - Active-backup policy: Only one slave in the bond is msgid "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." msgstr "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." -#: ../../configuration/vpn/ipsec.rst:96 +#: ../../configuration/vpn/ipsec.rst:98 msgid "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" msgstr "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" @@ -18268,11 +19643,15 @@ msgstr "``all-available`` all checking target addresses must be available to pas msgid "``any-available`` any of the checking target addresses must be available to pass this check" msgstr "``any-available`` any of the checking target addresses must be available to pass this check" -#: ../../configuration/vpn/site2site_ipsec.rst:385 +#: ../../configuration/vpn/site2site_ipsec.rst:388 msgid "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." msgstr "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." #: ../../configuration/vpn/site2site_ipsec.rst:18 +msgid "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" +msgstr "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" + +#: ../../configuration/vpn/site2site_ipsec.rst:18 msgid "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" msgstr "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" @@ -18292,11 +19671,11 @@ msgstr "``begin`` Matches the beginning of the URL path" msgid "``bgp`` - Border Gateway Protocol (BGP)" msgstr "``bgp`` - Border Gateway Protocol (BGP)" -#: ../../configuration/vpn/site2site_ipsec.rst:147 +#: ../../configuration/vpn/site2site_ipsec.rst:150 msgid "``bind`` - select a VTI interface to bind to this peer;" msgstr "``bind`` - select a VTI interface to bind to this peer;" -#: ../../configuration/policy/route-map.rst:376 +#: ../../configuration/policy/route-map.rst:379 msgid "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" msgstr "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" @@ -18312,6 +19691,10 @@ msgstr "``burst``: Number of packets allowed to overshoot the limit within ``per msgid "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" msgstr "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:61 +msgid "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" +msgstr "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" + #: ../../configuration/service/lldp.rst:65 msgid "``cdp`` - Listen for CDP for Cisco routers/switches" msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" @@ -18320,6 +19703,14 @@ msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" msgid "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" msgstr "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:64 +msgid "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" +msgstr "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" + +#: ../../configuration/vpn/ipsec.rst:66 +msgid "``clear`` closes the CHILD_SA and does not take further action (default);" +msgstr "``clear`` closes the CHILD_SA and does not take further action (default);" + #: ../../configuration/vpn/ipsec.rst:65 msgid "``clear`` set action to clear;" msgstr "``clear`` set action to clear;" @@ -18328,11 +19719,15 @@ msgstr "``clear`` set action to clear;" msgid "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." msgstr "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +#: ../../configuration/vpn/site2site_ipsec.rst:414 +msgid "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +msgstr "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." + #: ../../configuration/vpn/ipsec.rst:47 msgid "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" msgstr "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" -#: ../../configuration/vpn/ipsec.rst:122 +#: ../../configuration/vpn/ipsec.rst:125 msgid "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." msgstr "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." @@ -18344,7 +19739,7 @@ msgstr "``compression`` whether IPComp compression of content is proposed on the msgid "``connected`` - Connected routes (directly attached subnet or host)" msgstr "``connected`` - Connected routes (directly attached subnet or host)" -#: ../../configuration/vpn/site2site_ipsec.rst:72 +#: ../../configuration/vpn/site2site_ipsec.rst:69 msgid "``connection-type`` - how to handle this connection process. Possible variants:" msgstr "``connection-type`` - how to handle this connection process. Possible variants:" @@ -18366,39 +19761,43 @@ msgstr "``d`` - Execution interval in days" msgid "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." msgstr "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +#: ../../configuration/vpn/site2site_ipsec.rst:403 +msgid "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +msgstr "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." + #: ../../configuration/vpn/ipsec.rst:56 msgid "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" msgstr "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" -#: ../../configuration/vpn/site2site_ipsec.rst:88 +#: ../../configuration/vpn/site2site_ipsec.rst:85 msgid "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" msgstr "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" -#: ../../configuration/vpn/site2site_ipsec.rst:92 +#: ../../configuration/vpn/site2site_ipsec.rst:89 msgid "``description`` - description for this peer;" msgstr "``description`` - description for this peer;" -#: ../../configuration/vpn/ipsec.rst:101 +#: ../../configuration/vpn/ipsec.rst:103 msgid "``dh-group`` dh-group;" msgstr "``dh-group`` dh-group;" -#: ../../configuration/vpn/site2site_ipsec.rst:23 +#: ../../configuration/vpn/site2site_ipsec.rst:24 msgid "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" msgstr "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" -#: ../../configuration/vpn/site2site_ipsec.rst:94 +#: ../../configuration/vpn/site2site_ipsec.rst:91 msgid "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" msgstr "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" -#: ../../configuration/vpn/ipsec.rst:88 +#: ../../configuration/vpn/ipsec.rst:90 msgid "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." msgstr "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." -#: ../../configuration/vpn/site2site_ipsec.rst:396 +#: ../../configuration/vpn/site2site_ipsec.rst:399 msgid "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." msgstr "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." -#: ../../configuration/vpn/ipsec.rst:162 +#: ../../configuration/vpn/ipsec.rst:166 msgid "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" msgstr "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" @@ -18406,7 +19805,7 @@ msgstr "``disable-route-autoinstall`` Do not automatically install routes to rem msgid "``disable`` - disable this tunnel;" msgstr "``disable`` - disable this tunnel;" -#: ../../configuration/vpn/ipsec.rst:147 +#: ../../configuration/vpn/ipsec.rst:150 msgid "``disable`` Disable PFS;" msgstr "``disable`` Disable PFS;" @@ -18424,15 +19823,15 @@ msgstr "``disable`` disable MOBIKE;" msgid "``drop``: drop the packet." msgstr "``drop``: drop the packet." -#: ../../configuration/system/login.rst:71 +#: ../../configuration/system/login.rst:75 msgid "``ecdsa-sha2-nistp256``" msgstr "``ecdsa-sha2-nistp256``" -#: ../../configuration/system/login.rst:72 +#: ../../configuration/system/login.rst:76 msgid "``ecdsa-sha2-nistp384``" msgstr "``ecdsa-sha2-nistp384``" -#: ../../configuration/system/login.rst:73 +#: ../../configuration/system/login.rst:77 msgid "``ecdsa-sha2-nistp521``" msgstr "``ecdsa-sha2-nistp521``" @@ -18440,7 +19839,7 @@ msgstr "``ecdsa-sha2-nistp521``" msgid "``edp`` - Listen for EDP for Extreme routers/switches" msgstr "``edp`` - Listen for EDP for Extreme routers/switches" -#: ../../configuration/vpn/ipsec.rst:145 +#: ../../configuration/vpn/ipsec.rst:148 msgid "``enable`` Inherit Diffie-Hellman group from IKE group (default);" msgstr "``enable`` Inherit Diffie-Hellman group from IKE group (default);" @@ -18452,11 +19851,11 @@ msgstr "``enable`` enable IPComp compression;" msgid "``enable`` enable MOBIKE (default for IKEv2);" msgstr "``enable`` enable MOBIKE (default for IKEv2);" -#: ../../configuration/vpn/ipsec.rst:103 +#: ../../configuration/vpn/ipsec.rst:105 msgid "``encryption`` encryption algorithm;" msgstr "``encryption`` encryption algorithm;" -#: ../../configuration/vpn/ipsec.rst:153 +#: ../../configuration/vpn/ipsec.rst:156 msgid "``encryption`` encryption algorithm (default 128 bit AES-CBC);" msgstr "``encryption`` encryption algorithm (default 128 bit AES-CBC);" @@ -18468,7 +19867,7 @@ msgstr "``end`` Matches the end of the URL path." msgid "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" msgstr "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" -#: ../../configuration/vpn/site2site_ipsec.rst:149 +#: ../../configuration/vpn/site2site_ipsec.rst:152 msgid "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." msgstr "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." @@ -18488,11 +19887,11 @@ msgstr "``file`` - path to the key file;" msgid "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/ipsec.rst:164 +#: ../../configuration/vpn/ipsec.rst:168 msgid "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/site2site_ipsec.rst:97 +#: ../../configuration/vpn/site2site_ipsec.rst:94 msgid "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" @@ -18500,7 +19899,7 @@ msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagr msgid "``g`` - 802.11g - 54 Mbits/sec (default)" msgstr "``g`` - 802.11g - 54 Mbits/sec (default)" -#: ../../configuration/policy/route-map.rst:367 +#: ../../configuration/policy/route-map.rst:370 msgid "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" @@ -18508,11 +19907,11 @@ msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL msgid "``h`` - Execution interval in hours" msgstr "``h`` - Execution interval in hours" -#: ../../configuration/vpn/ipsec.rst:105 +#: ../../configuration/vpn/ipsec.rst:107 msgid "``hash`` hash algorithm." msgstr "``hash`` hash algorithm." -#: ../../configuration/vpn/ipsec.rst:155 +#: ../../configuration/vpn/ipsec.rst:158 msgid "``hash`` hash algorithm (default sha1)." msgstr "``hash`` hash algorithm (default sha1)." @@ -18536,23 +19935,23 @@ msgstr "``ht40-`` - Both 20 MHz and 40 MHz with secondary channel below the prim msgid "``hvc0`` - Xen console" msgstr "``hvc0`` - Xen console" -#: ../../configuration/vpn/site2site_ipsec.rst:25 +#: ../../configuration/vpn/site2site_ipsec.rst:26 msgid "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" msgstr "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" -#: ../../configuration/vpn/site2site_ipsec.rst:101 +#: ../../configuration/vpn/site2site_ipsec.rst:98 msgid "``ike-group`` - IKE group to use for key exchanges;" msgstr "``ike-group`` - IKE group to use for key exchanges;" -#: ../../configuration/vpn/ipsec.rst:82 +#: ../../configuration/vpn/ipsec.rst:84 msgid "``ikev1`` use IKEv1 for Key Exchange;" msgstr "``ikev1`` use IKEv1 for Key Exchange;" -#: ../../configuration/vpn/site2site_ipsec.rst:103 +#: ../../configuration/vpn/site2site_ipsec.rst:100 msgid "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" msgstr "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" -#: ../../configuration/vpn/ipsec.rst:73 +#: ../../configuration/vpn/ipsec.rst:75 msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." @@ -18560,7 +19959,7 @@ msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticat msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" -#: ../../configuration/vpn/ipsec.rst:84 +#: ../../configuration/vpn/ipsec.rst:86 msgid "``ikev2`` use IKEv2 for Key Exchange;" msgstr "``ikev2`` use IKEv2 for Key Exchange;" @@ -18568,23 +19967,27 @@ msgstr "``ikev2`` use IKEv2 for Key Exchange;" msgid "``in``: Ruleset for forwarded packets on an inbound interface" msgstr "``in``: Ruleset for forwarded packets on an inbound interface" -#: ../../configuration/vpn/site2site_ipsec.rst:75 +#: ../../configuration/vpn/site2site_ipsec.rst:72 msgid "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" msgstr "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" -#: ../../configuration/vpn/ipsec.rst:166 +#: ../../configuration/system/option.rst:50 +msgid "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" +msgstr "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" + +#: ../../configuration/vpn/ipsec.rst:170 msgid "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" msgstr "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" -#: ../../configuration/pki/index.rst:148 +#: ../../configuration/pki/index.rst:150 msgid "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." msgstr "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." -#: ../../configuration/policy/route-map.rst:366 +#: ../../configuration/policy/route-map.rst:369 msgid "``internet`` - Well-known communities value 0" msgstr "``internet`` - Well-known communities value 0" -#: ../../configuration/vpn/ipsec.rst:69 +#: ../../configuration/vpn/ipsec.rst:71 msgid "``interval`` keep-alive interval in seconds <2-86400> (default 30);" msgstr "``interval`` keep-alive interval in seconds <2-86400> (default 30);" @@ -18602,7 +20005,7 @@ msgstr "``jump``: jump to another custom chain." msgid "``kernel`` - Kernel routes" msgstr "``kernel`` - Kernel routes" -#: ../../configuration/vpn/ipsec.rst:78 +#: ../../configuration/vpn/ipsec.rst:80 msgid "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" msgstr "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" @@ -18610,7 +20013,7 @@ msgstr "``key-exchange`` which protocol should be used to initialize the connect msgid "``key`` - a private key, which will be used for authenticating local router on remote peer:" msgstr "``key`` - a private key, which will be used for authenticating local router on remote peer:" -#: ../../configuration/system/option.rst:107 +#: ../../configuration/system/option.rst:137 msgid "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." msgstr "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." @@ -18622,19 +20025,19 @@ msgstr "``least-connection`` Distributes requests to the server with the fewest msgid "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" msgstr "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" -#: ../../configuration/vpn/ipsec.rst:125 +#: ../../configuration/vpn/ipsec.rst:128 msgid "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" msgstr "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:128 +#: ../../configuration/vpn/ipsec.rst:131 msgid "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" msgstr "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:131 +#: ../../configuration/vpn/ipsec.rst:134 msgid "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" msgstr "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" -#: ../../configuration/vpn/ipsec.rst:86 +#: ../../configuration/vpn/ipsec.rst:88 msgid "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" @@ -18642,22 +20045,26 @@ msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgid "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" -#: ../../configuration/policy/route-map.rst:373 +#: ../../configuration/policy/route-map.rst:376 msgid "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" msgstr "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" -#: ../../configuration/vpn/site2site_ipsec.rst:107 +#: ../../configuration/vpn/site2site_ipsec.rst:104 msgid "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" msgstr "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" -#: ../../configuration/policy/route-map.rst:363 +#: ../../configuration/policy/route-map.rst:366 msgid "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" msgstr "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" -#: ../../configuration/vpn/site2site_ipsec.rst:31 +#: ../../configuration/vpn/site2site_ipsec.rst:32 msgid "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" msgstr "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:50 +msgid "``local-key`` - name of PKI key-pair with local private key" +msgstr "``local-key`` - name of PKI key-pair with local private key" + #: ../../configuration/firewall/general-legacy.rst:753 msgid "``local``: Ruleset for packets destined for this router" msgstr "``local``: Ruleset for packets destined for this router" @@ -18674,7 +20081,7 @@ msgstr "``m`` - Execution interval in minutes" msgid "``main`` Routing table used by VyOS and other interfaces not participating in PBR" msgstr "``main`` Routing table used by VyOS and other interfaces not participating in PBR" -#: ../../configuration/vpn/ipsec.rst:93 +#: ../../configuration/vpn/ipsec.rst:95 msgid "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" @@ -18682,19 +20089,23 @@ msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommen msgid "``message``: Full message that has triggered the script." msgstr "``message``: Full message that has triggered the script." +#: ../../configuration/system/option.rst:40 +msgid "``mitigations=off``" +msgstr "``mitigations=off``" + #: ../../configuration/vpn/ipsec.rst:92 msgid "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" msgstr "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" -#: ../../configuration/vpn/site2site_ipsec.rst:35 +#: ../../configuration/vpn/site2site_ipsec.rst:36 msgid "``mode`` - mode for authentication between VyOS and remote peer:" msgstr "``mode`` - mode for authentication between VyOS and remote peer:" -#: ../../configuration/vpn/ipsec.rst:91 +#: ../../configuration/vpn/ipsec.rst:93 msgid "``mode`` IKEv1 Phase 1 Mode Selection:" msgstr "``mode`` IKEv1 Phase 1 Mode Selection:" -#: ../../configuration/vpn/ipsec.rst:136 +#: ../../configuration/vpn/ipsec.rst:139 msgid "``mode`` the type of the connection:" msgstr "``mode`` the type of the connection:" @@ -18758,19 +20169,19 @@ msgstr "``net.ipv6.conf.all.accept_redirects``" msgid "``net.ipv6.conf.all.accept_source_route``" msgstr "``net.ipv6.conf.all.accept_source_route``" -#: ../../configuration/policy/route-map.rst:364 +#: ../../configuration/policy/route-map.rst:367 msgid "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" msgstr "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" -#: ../../configuration/policy/route-map.rst:365 +#: ../../configuration/policy/route-map.rst:368 msgid "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" msgstr "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" -#: ../../configuration/policy/route-map.rst:374 +#: ../../configuration/policy/route-map.rst:377 msgid "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" msgstr "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" -#: ../../configuration/policy/route-map.rst:377 +#: ../../configuration/policy/route-map.rst:380 msgid "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" msgstr "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" @@ -18782,7 +20193,7 @@ msgstr "``no`` disable remote host re-authenticaton during an IKE rekey;" msgid "``none`` - Execution interval in minutes" msgstr "``none`` - Execution interval in minutes" -#: ../../configuration/vpn/site2site_ipsec.rst:85 +#: ../../configuration/vpn/site2site_ipsec.rst:82 msgid "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." msgstr "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." @@ -18798,7 +20209,7 @@ msgstr "``noselect`` marks the server as unused, except for display purposes. Th msgid "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" msgstr "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" -#: ../../configuration/vpn/ipsec.rst:160 +#: ../../configuration/vpn/ipsec.rst:164 msgid "``options``" msgstr "``options``" @@ -18814,11 +20225,19 @@ msgstr "``ospfv3`` - Open Shortest Path First (IPv6) (OSPFv3)" msgid "``out``: Ruleset for forwarded packets on an outbound interface" msgstr "``out``: Ruleset for forwarded packets on an outbound interface" +#: ../../configuration/vpn/site2site_ipsec.rst:54 +msgid "``passphrase`` - local private key passphrase" +msgstr "``passphrase`` - local private key passphrase" + +#: ../../configuration/vpn/site2site_ipsec.rst:67 +msgid "``passphrase`` - private key passphrase, if needed." +msgstr "``passphrase`` - private key passphrase, if needed." + #: ../../configuration/vpn/site2site_ipsec.rst:70 msgid "``password`` - passphrase private key, if needed." msgstr "``password`` - passphrase private key, if needed." -#: ../../configuration/pki/index.rst:163 +#: ../../configuration/pki/index.rst:165 msgid "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." @@ -18826,7 +20245,7 @@ msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer msgid "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." msgstr "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." -#: ../../configuration/vpn/ipsec.rst:142 +#: ../../configuration/vpn/ipsec.rst:145 msgid "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" msgstr "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" @@ -18835,11 +20254,11 @@ msgid "``pool`` mobilizes persistent client mode association with a number of re msgstr "``pool`` mobilizes persistent client mode association with a number of remote servers." #: ../../configuration/vpn/site2site_ipsec.rst:126 -#: ../../configuration/vpn/site2site_ipsec.rst:136 +#: ../../configuration/vpn/site2site_ipsec.rst:139 msgid "``port`` - define port. Have effect only when used together with ``prefix``;" msgstr "``port`` - define port. Have effect only when used together with ``prefix``;" -#: ../../configuration/vpn/site2site_ipsec.rst:37 +#: ../../configuration/vpn/site2site_ipsec.rst:38 msgid "``pre-shared-secret`` - use predefined shared secret phrase;" msgstr "``pre-shared-secret`` - use predefined shared secret phrase;" @@ -18851,27 +20270,35 @@ msgstr "``prefer`` marks the server as preferred. All other things being equal, msgid "``prefix`` - IP network at local side." msgstr "``prefix`` - IP network at local side." -#: ../../configuration/vpn/site2site_ipsec.rst:138 +#: ../../configuration/vpn/site2site_ipsec.rst:141 msgid "``prefix`` - IP network at remote side." msgstr "``prefix`` - IP network at remote side." -#: ../../configuration/vpn/ipsec.rst:107 +#: ../../configuration/vpn/ipsec.rst:109 msgid "``prf`` pseudo-random function." msgstr "``prf`` pseudo-random function." -#: ../../configuration/vpn/ipsec.rst:151 +#: ../../configuration/vpn/site2site_ipsec.rst:130 +msgid "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" +msgstr "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" + +#: ../../configuration/system/option.rst:51 +msgid "``processor.max_cstate=1`` Limit processor to maximum C-state 1" +msgstr "``processor.max_cstate=1`` Limit processor to maximum C-state 1" + +#: ../../configuration/vpn/ipsec.rst:154 msgid "``proposal`` ESP-group proposal with number <1-65535>:" msgstr "``proposal`` ESP-group proposal with number <1-65535>:" -#: ../../configuration/vpn/ipsec.rst:99 +#: ../../configuration/vpn/ipsec.rst:101 msgid "``proposal`` the list of proposals and their parameters:" msgstr "``proposal`` the list of proposals and their parameters:" -#: ../../configuration/vpn/site2site_ipsec.rst:130 +#: ../../configuration/vpn/site2site_ipsec.rst:133 msgid "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" msgstr "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" -#: ../../configuration/vpn/site2site_ipsec.rst:21 +#: ../../configuration/vpn/site2site_ipsec.rst:22 msgid "``psk`` - Preshared secret key name:" msgstr "``psk`` - Preshared secret key name:" @@ -18890,7 +20317,7 @@ msgstr "``rate``: Number of packets. Default 5." msgid "``reject``: reject the packet." msgstr "``reject``: reject the packet." -#: ../../configuration/vpn/site2site_ipsec.rst:111 +#: ../../configuration/vpn/site2site_ipsec.rst:108 msgid "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." @@ -18898,10 +20325,18 @@ msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. msgid "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" msgstr "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" -#: ../../configuration/vpn/site2site_ipsec.rst:133 +#: ../../configuration/vpn/site2site_ipsec.rst:52 +msgid "``remote-key`` - name of PKI key-pair with remote public key" +msgstr "``remote-key`` - name of PKI key-pair with remote public key" + +#: ../../configuration/vpn/site2site_ipsec.rst:136 msgid "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" msgstr "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" +#: ../../configuration/vpn/site2site_ipsec.rst:113 +msgid "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" +msgstr "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" + #: ../../configuration/loadbalancing/reverse-proxy.rst:64 msgid "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" @@ -18910,10 +20345,14 @@ msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgid "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" msgstr "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" -#: ../../configuration/vpn/site2site_ipsec.rst:80 +#: ../../configuration/vpn/site2site_ipsec.rst:77 msgid "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." msgstr "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." +#: ../../configuration/vpn/ipsec.rst:68 +msgid "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" +msgstr "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" + #: ../../configuration/vpn/ipsec.rst:54 #: ../../configuration/vpn/ipsec.rst:67 msgid "``restart`` set action to restart;" @@ -18941,19 +20380,19 @@ msgstr "``round-robin`` - Round-robin policy: Transmit packets in sequential ord msgid "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" msgstr "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" -#: ../../configuration/policy/route-map.rst:369 +#: ../../configuration/policy/route-map.rst:372 msgid "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" msgstr "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" -#: ../../configuration/policy/route-map.rst:371 +#: ../../configuration/policy/route-map.rst:374 msgid "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" msgstr "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" -#: ../../configuration/policy/route-map.rst:370 +#: ../../configuration/policy/route-map.rst:373 msgid "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" msgstr "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" -#: ../../configuration/policy/route-map.rst:372 +#: ../../configuration/policy/route-map.rst:375 msgid "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" @@ -18961,11 +20400,19 @@ msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FI msgid "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" +#: ../../configuration/vpn/site2site_ipsec.rst:48 +msgid "``rsa`` - options for RSA authentication mode:" +msgstr "``rsa`` - options for RSA authentication mode:" + +#: ../../configuration/vpn/site2site_ipsec.rst:40 +msgid "``rsa`` - use simple shared RSA key." +msgstr "``rsa`` - use simple shared RSA key." + #: ../../configuration/vpn/site2site_ipsec.rst:39 msgid "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" -#: ../../configuration/vpn/site2site_ipsec.rst:27 +#: ../../configuration/vpn/site2site_ipsec.rst:28 msgid "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" msgstr "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" @@ -18978,10 +20425,13 @@ msgid "``set firewall ipv4 forward filter ...``." msgstr "``set firewall ipv4 forward filter ...``." #: ../../configuration/firewall/index.rst:54 -#: ../../configuration/firewall/index.rst:72 msgid "``set firewall ipv4 input filter ...``." msgstr "``set firewall ipv4 input filter ...``." +#: ../../configuration/firewall/index.rst:72 +msgid "``set firewall ipv4 output filter ...``." +msgstr "``set firewall ipv4 output filter ...``." + #: ../../configuration/firewall/index.rst:63 msgid "``set firewall ipv6 forward filter ...``." msgstr "``set firewall ipv6 forward filter ...``." @@ -19010,19 +20460,19 @@ msgstr "``sonmp`` - Listen for SONMP for Nortel routers/switches" msgid "``source-address`` Distributes requests based on the source IP address of the client" msgstr "``source-address`` Distributes requests based on the source IP address of the client" -#: ../../configuration/system/login.rst:74 +#: ../../configuration/system/login.rst:78 msgid "``ssh-dss``" msgstr "``ssh-dss``" -#: ../../configuration/system/login.rst:75 +#: ../../configuration/system/login.rst:79 msgid "``ssh-ed25519``" msgstr "``ssh-ed25519``" -#: ../../configuration/system/login.rst:49 +#: ../../configuration/system/login.rst:53 msgid "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" msgstr "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" -#: ../../configuration/system/login.rst:76 +#: ../../configuration/system/login.rst:80 msgid "``ssh-rsa``" msgstr "``ssh-rsa``" @@ -19034,6 +20484,10 @@ msgstr "``ssl-fc-sni-end`` SSL frontend match end of connection Server Name" msgid "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" msgstr "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" +#: ../../configuration/vpn/ipsec.rst:54 +msgid "``start`` tries to immediately re-create the CHILD_SA;" +msgstr "``start`` tries to immediately re-create the CHILD_SA;" + #: ../../configuration/policy/route-map.rst:173 msgid "``static`` - Statically configured routes" msgstr "``static`` - Statically configured routes" @@ -19083,11 +20537,11 @@ msgstr "``test-script``: A user defined script must return 0 to be considered su msgid "``threshold``: ``below`` or ``above`` the specified rate limit." msgstr "``threshold``: ``below`` or ``above`` the specified rate limit." -#: ../../configuration/system/option.rst:97 +#: ../../configuration/system/option.rst:127 msgid "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." msgstr "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." -#: ../../configuration/vpn/ipsec.rst:71 +#: ../../configuration/vpn/ipsec.rst:73 msgid "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" @@ -19095,10 +20549,18 @@ msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 msgid "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." msgstr "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." -#: ../../configuration/vpn/ipsec.rst:140 +#: ../../configuration/vpn/ipsec.rst:143 msgid "``transport`` transport mode;" msgstr "``transport`` transport mode;" +#: ../../configuration/vpn/ipsec.rst:63 +msgid "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" +msgstr "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" + +#: ../../configuration/vpn/ipsec.rst:52 +msgid "``trap`` installs a trap policy for the CHILD_SA;" +msgstr "``trap`` installs a trap policy for the CHILD_SA;" + #: ../../configuration/loadbalancing/wan.rst:179 msgid "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" msgstr "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" @@ -19115,7 +20577,7 @@ msgstr "``ttyUSBX`` - USB Serial device name" msgid "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" msgstr "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" -#: ../../configuration/vpn/ipsec.rst:138 +#: ../../configuration/vpn/ipsec.rst:141 msgid "``tunnel`` tunnel mode (default);" msgstr "``tunnel`` tunnel mode (default);" @@ -19123,11 +20585,11 @@ msgstr "``tunnel`` tunnel mode (default);" msgid "``type``: Specify the type of test. type can be ping, ttl or a user defined script" msgstr "``type``: Specify the type of test. type can be ping, ttl or a user defined script" -#: ../../configuration/vpn/site2site_ipsec.rst:51 +#: ../../configuration/vpn/site2site_ipsec.rst:56 msgid "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" msgstr "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" -#: ../../configuration/vpn/site2site_ipsec.rst:152 +#: ../../configuration/vpn/site2site_ipsec.rst:155 msgid "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." msgstr "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." @@ -19135,7 +20597,7 @@ msgstr "``virtual-address`` - Defines a virtual IP address which is requested by msgid "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." msgstr "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." -#: ../../configuration/vpn/ipsec.rst:168 +#: ../../configuration/vpn/ipsec.rst:172 msgid "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." @@ -19143,11 +20605,11 @@ msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated l msgid "``vnc`` - Virtual Network Control (VNC)" msgstr "``vnc`` - Virtual Network Control (VNC)" -#: ../../configuration/vpn/site2site_ipsec.rst:140 +#: ../../configuration/vpn/site2site_ipsec.rst:143 msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" -#: ../../configuration/vpn/site2site_ipsec.rst:54 +#: ../../configuration/vpn/site2site_ipsec.rst:59 msgid "``x509`` - options for x509 authentication mode:" msgstr "``x509`` - options for x509 authentication mode:" @@ -19163,10 +20625,26 @@ msgstr "``xor-hash`` - XOR policy: Transmit based on the selected transmit hash msgid "``yes`` enable remote host re-authentication during an IKE rekey;" msgstr "``yes`` enable remote host re-authentication during an IKE rekey;" -#: ../../configuration/system/option.rst:39 +#: ../../configuration/service/ntp.rst:90 +msgid "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." +msgstr "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." + +#: ../../configuration/service/ntp.rst:94 +msgid "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." +msgstr "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." + +#: ../../configuration/system/option.rst:69 msgid "`source-address` and `source-interface` can not be used at the same time." msgstr "`source-address` and `source-interface` can not be used at the same time." +#: ../../configuration/service/ntp.rst:102 +msgid "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." +msgstr "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." + +#: ../../configuration/service/ntp.rst:107 +msgid "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" +msgstr "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" + #: ../../configuration/protocols/rpki.rst:12 msgid "`tweet by EvilMog`_, 2020-02-21" msgstr "`tweet by EvilMog`_, 2020-02-21" @@ -19194,7 +20672,7 @@ msgstr "alert" msgid "all" msgstr "all" -#: ../../configuration/vrf/index.rst:428 +#: ../../configuration/vrf/index.rst:447 msgid "an RD / RTLIST" msgstr "an RD / RTLIST" @@ -19234,23 +20712,23 @@ msgstr "bgpd" msgid "bonding" msgstr "bonding" -#: ../../configuration/service/dhcp-server.rst:305 +#: ../../configuration/service/dhcp-server.rst:311 msgid "boot-size" msgstr "boot-size" -#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:304 msgid "bootfile-name" msgstr "bootfile-name" -#: ../../configuration/service/dhcp-server.rst:300 +#: ../../configuration/service/dhcp-server.rst:306 msgid "bootfile-name, filename" msgstr "bootfile-name, filename" -#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:294 msgid "bootfile-server" msgstr "bootfile-server" -#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:309 msgid "bootfile-size" msgstr "bootfile-size" @@ -19258,7 +20736,7 @@ msgstr "bootfile-size" msgid "bridge" msgstr "bridge" -#: ../../configuration/service/dhcp-server.rst:236 +#: ../../configuration/service/dhcp-server.rst:242 msgid "client-prefix-length" msgstr "client-prefix-length" @@ -19286,15 +20764,19 @@ msgstr "cron" msgid "daemon" msgstr "daemon" -#: ../../configuration/service/dns.rst:384 +#: ../../configuration/service/dns.rst:405 msgid "ddclient_ has another way to determine the WAN IP address. This is controlled by:" msgstr "ddclient_ has another way to determine the WAN IP address. This is controlled by:" -#: ../../configuration/service/dns.rst:218 +#: ../../configuration/service/dns.rst:232 msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." -#: ../../configuration/service/dns.rst:413 +#: ../../configuration/service/dns.rst:205 +msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." +msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." + +#: ../../configuration/service/dns.rst:415 msgid "ddclient_ will skip any address located before the string set in `<pattern>`." msgstr "ddclient_ will skip any address located before the string set in `<pattern>`." @@ -19306,7 +20788,7 @@ msgstr "debug" msgid "decrement-lifetime" msgstr "decrement-lifetime" -#: ../../configuration/service/dhcp-server.rst:335 +#: ../../configuration/service/dhcp-server.rst:341 msgid "default-lease-time, max-lease-time" msgstr "default-lease-time, max-lease-time" @@ -19318,7 +20800,7 @@ msgstr "default-lifetime" msgid "default-preference" msgstr "default-preference" -#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:254 msgid "default-router" msgstr "default-router" @@ -19330,15 +20812,15 @@ msgstr "default min-threshold" msgid "deprecate-prefix" msgstr "deprecate-prefix" -#: ../../configuration/highavailability/index.rst:354 +#: ../../configuration/highavailability/index.rst:364 msgid "destination-hashing" msgstr "destination-hashing" -#: ../../configuration/service/dhcp-server.rst:285 +#: ../../configuration/service/dhcp-server.rst:291 msgid "dhcp-server-identifier" msgstr "dhcp-server-identifier" -#: ../../configuration/highavailability/index.rst:364 +#: ../../configuration/highavailability/index.rst:374 msgid "direct" msgstr "direct" @@ -19356,17 +20838,17 @@ msgstr "disable: No source validation" msgid "dnssl" msgstr "dnssl" -#: ../../configuration/service/dhcp-server.rst:263 -#: ../../configuration/service/dhcp-server.rst:265 +#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:271 msgid "domain-name" msgstr "domain-name" -#: ../../configuration/service/dhcp-server.rst:260 +#: ../../configuration/service/dhcp-server.rst:266 msgid "domain-name-servers" msgstr "domain-name-servers" -#: ../../configuration/service/dhcp-server.rst:318 -#: ../../configuration/service/dhcp-server.rst:320 +#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:326 msgid "domain-search" msgstr "domain-search" @@ -19402,11 +20884,11 @@ msgstr "ethernet" msgid "exact-match: exact match of the network prefixes." msgstr "exact-match: exact match of the network prefixes." -#: ../../configuration/service/dhcp-server.rst:343 +#: ../../configuration/service/dhcp-server.rst:349 msgid "exclude" msgstr "exclude" -#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:354 msgid "failover" msgstr "failover" @@ -19418,8 +20900,8 @@ msgstr "fast: Request partner to transmit LACPDUs every 1 second" msgid "file <file name>" msgstr "file <file name>" -#: ../../configuration/protocols/bgp.rst:826 -#: ../../configuration/protocols/bgp.rst:832 +#: ../../configuration/protocols/bgp.rst:848 +#: ../../configuration/protocols/bgp.rst:854 msgid "filter-list" msgstr "filter-list" @@ -19431,6 +20913,10 @@ msgstr "ftp" msgid "full - always use full-duplex" msgstr "full - always use full-duplex" +#: ../../configuration/service/router-advert.rst:16 +msgid "geneve" +msgstr "geneve" + #: ../../configuration/interfaces/ethernet.rst:32 msgid "half - always use half-duplex" msgstr "half - always use half-duplex" @@ -19443,7 +20929,7 @@ msgstr "hop-limit" msgid "host: single host IP address to match." msgstr "host: single host IP address to match." -#: ../../configuration/system/option.rst:89 +#: ../../configuration/system/option.rst:119 msgid "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" msgstr "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" @@ -19475,8 +20961,8 @@ msgstr "invalid" msgid "inverse-match: network/netmask to match (requires network be defined)." msgstr "inverse-match: network/netmask to match (requires network be defined)." -#: ../../configuration/service/dhcp-server.rst:268 -#: ../../configuration/service/dhcp-server.rst:270 +#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:276 msgid "ip-forwarding" msgstr "ip-forwarding" @@ -19496,7 +20982,7 @@ msgstr "it does not increase hardware device interrupt rate (although it does in msgid "kern" msgstr "kern" -#: ../../configuration/service/router-advert.rst:16 +#: ../../configuration/service/router-advert.rst:17 msgid "l2tpv3" msgstr "l2tpv3" @@ -19504,27 +20990,27 @@ msgstr "l2tpv3" msgid "ldpd" msgstr "ldpd" -#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:339 msgid "lease" msgstr "lease" -#: ../../configuration/highavailability/index.rst:351 +#: ../../configuration/highavailability/index.rst:361 msgid "least-connection" msgstr "least-connection" -#: ../../configuration/vpn/site2site_ipsec.rst:275 +#: ../../configuration/vpn/site2site_ipsec.rst:278 msgid "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" msgstr "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" -#: ../../configuration/vpn/site2site_ipsec.rst:167 +#: ../../configuration/vpn/site2site_ipsec.rst:170 msgid "left local_ip: `198.51.100.3` # server side WAN IP" msgstr "left local_ip: `198.51.100.3` # server side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:276 +#: ../../configuration/vpn/site2site_ipsec.rst:279 msgid "left public_ip:172.18.201.10" msgstr "left public_ip:172.18.201.10" -#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:168 msgid "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" msgstr "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" @@ -19592,7 +21078,7 @@ msgstr "local use 5 (local5)" msgid "local use 7 (local7)" msgstr "local use 7 (local7)" -#: ../../configuration/highavailability/index.rst:355 +#: ../../configuration/highavailability/index.rst:365 msgid "locality-based-least-connection" msgstr "locality-based-least-connection" @@ -19666,12 +21152,12 @@ msgstr "more information related IGP - :ref:`routing-isis`" msgid "more information related IGP - :ref:`routing-ospf`" msgstr "more information related IGP - :ref:`routing-ospf`" -#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:264 #: ../../configuration/service/router-advert.rst:1 msgid "name-server" msgstr "name-server" -#: ../../configuration/service/dhcp-server.rst:280 +#: ../../configuration/service/dhcp-server.rst:286 msgid "netbios-name-servers" msgstr "netbios-name-servers" @@ -19687,7 +21173,7 @@ msgstr "network: network/netmask to match (requires inverse-match be defined) BU msgid "news" msgstr "news" -#: ../../configuration/service/dhcp-server.rst:290 +#: ../../configuration/service/dhcp-server.rst:296 msgid "next-server" msgstr "next-server" @@ -19711,11 +21197,11 @@ msgstr "notice" msgid "ntp" msgstr "ntp" -#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:279 msgid "ntp-server" msgstr "ntp-server" -#: ../../configuration/service/dhcp-server.rst:275 +#: ../../configuration/service/dhcp-server.rst:281 msgid "ntp-servers" msgstr "ntp-servers" @@ -19723,7 +21209,7 @@ msgstr "ntp-servers" msgid "one rule with a LAN (inbound-interface) and the WAN (interface)." msgstr "one rule with a LAN (inbound-interface) and the WAN (interface)." -#: ../../configuration/service/router-advert.rst:17 +#: ../../configuration/service/router-advert.rst:18 msgid "openvpn" msgstr "openvpn" @@ -19763,8 +21249,8 @@ msgstr "policy extcommunity-list" msgid "policy large-community-list" msgstr "policy large-community-list" -#: ../../configuration/service/dhcp-server.rst:313 -#: ../../configuration/service/dhcp-server.rst:315 +#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:321 msgid "pop-server" msgstr "pop-server" @@ -19772,17 +21258,17 @@ msgstr "pop-server" msgid "preferred-lifetime" msgstr "preferred-lifetime" -#: ../../configuration/protocols/bgp.rst:827 -#: ../../configuration/protocols/bgp.rst:831 +#: ../../configuration/protocols/bgp.rst:849 +#: ../../configuration/protocols/bgp.rst:853 msgid "prefix-list, distribute-list" msgstr "prefix-list, distribute-list" -#: ../../configuration/service/router-advert.rst:18 +#: ../../configuration/service/router-advert.rst:19 msgid "pseudo-ethernet" msgstr "pseudo-ethernet" -#: ../../configuration/service/dhcp-server.rst:338 -#: ../../configuration/service/dhcp-server.rst:340 +#: ../../configuration/service/dhcp-server.rst:344 +#: ../../configuration/service/dhcp-server.rst:346 msgid "range" msgstr "range" @@ -19790,7 +21276,7 @@ msgstr "range" msgid "reachable-time" msgstr "reachable-time" -#: ../../configuration/system/ip.rst:82 +#: ../../configuration/system/ip.rst:95 msgid "reset commands" msgstr "reset commands" @@ -19798,7 +21284,7 @@ msgstr "reset commands" msgid "retrans-timer" msgstr "retrans-timer" -#: ../../configuration/service/dhcp-server.rst:325 +#: ../../configuration/service/dhcp-server.rst:331 msgid "rfc3442-static-route, windows-static-route" msgstr "rfc3442-static-route, windows-static-route" @@ -19806,15 +21292,15 @@ msgstr "rfc3442-static-route, windows-static-route" msgid "rfc3768-compatibility" msgstr "rfc3768-compatibility" -#: ../../configuration/vpn/site2site_ipsec.rst:277 +#: ../../configuration/vpn/site2site_ipsec.rst:280 msgid "right local_ip: 172.18.202.10 # right side WAN IP" msgstr "right local_ip: 172.18.202.10 # right side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:169 +#: ../../configuration/vpn/site2site_ipsec.rst:172 msgid "right local_ip: `203.0.113.2` # remote office side WAN IP" msgstr "right local_ip: `203.0.113.2` # remote office side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:168 +#: ../../configuration/vpn/site2site_ipsec.rst:171 msgid "right subnet: `10.0.0.0/24` site2,remote office side" msgstr "right subnet: `10.0.0.0/24` site2,remote office side" @@ -19822,16 +21308,16 @@ msgstr "right subnet: `10.0.0.0/24` site2,remote office side" msgid "ripd" msgstr "ripd" -#: ../../configuration/highavailability/index.rst:349 +#: ../../configuration/highavailability/index.rst:359 msgid "round-robin" msgstr "round-robin" -#: ../../configuration/protocols/bgp.rst:825 -#: ../../configuration/protocols/bgp.rst:833 +#: ../../configuration/protocols/bgp.rst:847 +#: ../../configuration/protocols/bgp.rst:855 msgid "route-map" msgstr "route-map" -#: ../../configuration/service/dhcp-server.rst:250 +#: ../../configuration/service/dhcp-server.rst:256 msgid "routers" msgstr "routers" @@ -19848,7 +21334,7 @@ msgstr "sFlow is a technology that enables monitoring of network traffic by send msgid "security" msgstr "security" -#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:289 msgid "server-identifier" msgstr "server-identifier" @@ -19865,11 +21351,11 @@ msgstr "set a destination and/or source address. Accepted input:" msgid "sha256 Hashes" msgstr "sha256 Hashes" -#: ../../configuration/system/ip.rst:50 +#: ../../configuration/system/ip.rst:63 msgid "show commands" msgstr "show commands" -#: ../../configuration/service/dhcp-server.rst:289 +#: ../../configuration/service/dhcp-server.rst:295 msgid "siaddr" msgstr "siaddr" @@ -19877,8 +21363,8 @@ msgstr "siaddr" msgid "slow: Request partner to transmit LACPDUs every 30 seconds" msgstr "slow: Request partner to transmit LACPDUs every 30 seconds" -#: ../../configuration/service/dhcp-server.rst:308 -#: ../../configuration/service/dhcp-server.rst:310 +#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:316 msgid "smtp-server" msgstr "smtp-server" @@ -19886,7 +21372,7 @@ msgstr "smtp-server" msgid "software filters can easily be added to hash over new protocols," msgstr "software filters can easily be added to hash over new protocols," -#: ../../configuration/highavailability/index.rst:353 +#: ../../configuration/highavailability/index.rst:363 msgid "source-hashing" msgstr "source-hashing" @@ -19898,11 +21384,11 @@ msgstr "spoke01-spoke04" msgid "spoke05" msgstr "spoke05" -#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:359 msgid "static-mapping" msgstr "static-mapping" -#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:329 msgid "static-route" msgstr "static-route" @@ -19912,7 +21398,7 @@ msgstr "static-route" msgid "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." msgstr "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." -#: ../../configuration/service/dhcp-server.rst:238 +#: ../../configuration/service/dhcp-server.rst:244 msgid "subnet-mask" msgstr "subnet-mask" @@ -19928,8 +21414,8 @@ msgstr "tail" msgid "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." msgstr "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." -#: ../../configuration/service/dhcp-server.rst:293 -#: ../../configuration/service/dhcp-server.rst:295 +#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:301 msgid "tftp-server-name" msgstr "tftp-server-name" @@ -19938,21 +21424,21 @@ msgstr "tftp-server-name" msgid "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." msgstr "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." -#: ../../configuration/service/dhcp-server.rst:242 -#: ../../configuration/service/dhcp-server.rst:244 +#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:250 msgid "time-offset" msgstr "time-offset" -#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:259 msgid "time-server" msgstr "time-server" -#: ../../configuration/service/dhcp-server.rst:255 +#: ../../configuration/service/dhcp-server.rst:261 msgid "time-servers" msgstr "time-servers" -#: ../../configuration/highavailability/index.rst:365 -#: ../../configuration/service/router-advert.rst:19 +#: ../../configuration/highavailability/index.rst:375 +#: ../../configuration/service/router-advert.rst:20 msgid "tunnel" msgstr "tunnel" @@ -19984,7 +21470,7 @@ msgstr "valid-lifetime" msgid "veth interfaces need to be created in pairs - it's called the peer name" msgstr "veth interfaces need to be created in pairs - it's called the peer name" -#: ../../configuration/service/router-advert.rst:20 +#: ../../configuration/service/router-advert.rst:21 msgid "vxlan" msgstr "vxlan" @@ -19996,11 +21482,11 @@ msgstr "warning" msgid "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." msgstr "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." -#: ../../configuration/highavailability/index.rst:352 +#: ../../configuration/highavailability/index.rst:362 msgid "weighted-least-connection" msgstr "weighted-least-connection" -#: ../../configuration/highavailability/index.rst:350 +#: ../../configuration/highavailability/index.rst:360 msgid "weighted-round-robin" msgstr "weighted-round-robin" @@ -20008,15 +21494,15 @@ msgstr "weighted-round-robin" msgid "while a *byte* is written as a single **b**." msgstr "while a *byte* is written as a single **b**." -#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:284 msgid "wins-server" msgstr "wins-server" -#: ../../configuration/service/router-advert.rst:21 +#: ../../configuration/service/router-advert.rst:22 msgid "wireguard" msgstr "wireguard" -#: ../../configuration/service/router-advert.rst:22 +#: ../../configuration/service/router-advert.rst:23 msgid "wireless" msgstr "wireless" @@ -20024,15 +21510,15 @@ msgstr "wireless" msgid "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." msgstr "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." -#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:334 msgid "wpad-url" msgstr "wpad-url" -#: ../../configuration/service/dhcp-server.rst:330 +#: ../../configuration/service/dhcp-server.rst:336 msgid "wpad-url, wpad-url code 252 = text" msgstr "wpad-url, wpad-url code 252 = text" -#: ../../configuration/service/router-advert.rst:23 +#: ../../configuration/service/router-advert.rst:24 msgid "wwan" msgstr "wwan" diff --git a/docs/_locale/pt/contributing.pot b/docs/_locale/pt/contributing.pot index b804fb90..6587eb08 100644 --- a/docs/_locale/pt/contributing.pot +++ b/docs/_locale/pt/contributing.pot @@ -207,6 +207,10 @@ msgstr "Bad: radius (unless it's about the distance between a center of a circle msgid "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." msgstr "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +#: ../../contributing/debugging.rst:160 +msgid "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +msgstr "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." + #: ../../contributing/debugging.rst:170 msgid "Boot Timing" msgstr "Boot Timing" @@ -884,6 +888,10 @@ msgid "Our StrongSWAN build differs from the upstream:" msgstr "Our StrongSWAN build differs from the upstream:" #: ../../contributing/testing.rst:20 +msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." +msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." + +#: ../../contributing/testing.rst:20 msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." @@ -924,6 +932,10 @@ msgstr "Please submit your patches using the well-known GitHub pull-request agai msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." +#: ../../contributing/development.rst:254 +msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." +msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." + #: ../../contributing/testing.rst:104 msgid "Port description" msgstr "Port description" @@ -1017,6 +1029,10 @@ msgstr "Smoketests executes predefined VyOS CLI commands and checks if the desir msgid "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." msgstr "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +#: ../../contributing/testing.rst:45 +msgid "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +msgstr "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." + #: ../../contributing/build-vyos.rst:202 msgid "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." msgstr "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." @@ -1198,6 +1214,10 @@ msgid "The package ends up in deb_dist dir." msgstr "The package ends up in deb_dist dir." #: ../../contributing/debugging.rst:148 +msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" +msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" + +#: ../../contributing/debugging.rst:148 msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" @@ -1314,10 +1334,18 @@ msgid "To debug issues in priorities or to see what's going on in the background msgstr "To debug issues in priorities or to see what's going on in the background you can use the ``/opt/vyatta/sbin/priority.pl`` script which lists to you the execution order of the scripts." #: ../../contributing/build-vyos.rst:373 +msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" +msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" + +#: ../../contributing/build-vyos.rst:373 msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" #: ../../contributing/debugging.rst:182 +msgid "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" +msgstr "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" + +#: ../../contributing/debugging.rst:182 msgid "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" msgstr "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" @@ -1409,6 +1437,10 @@ msgstr "Virtualization Platforms" msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." +#: ../../contributing/debugging.rst:190 +msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." +msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." + #: ../../contributing/build-vyos.rst:168 msgid "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." msgstr "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." @@ -1485,6 +1517,10 @@ msgstr "When you are able to verify that it is actually a bug, spend some time t msgid "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." msgstr "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +#: ../../contributing/testing.rst:109 +msgid "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +msgstr "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." + #: ../../contributing/issues-features.rst:21 msgid "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." msgstr "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." @@ -1550,6 +1586,10 @@ msgstr "You have your own custom kernel `*.deb` packages in the `packages` folde msgid "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." msgstr "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +#: ../../contributing/debugging.rst:166 +msgid "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +msgstr "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." + #: ../../contributing/development.rst:146 msgid "You then can proceed with cloning your fork or add a new remote to your local repository:" msgstr "You then can proceed with cloning your fork or add a new remote to your local repository:" @@ -1666,6 +1706,10 @@ msgstr "commit:expression:" msgid "contine execution using ``cont``" msgstr "contine execution using ``cont``" +#: ../../contributing/debugging.rst:128 +msgid "continue execution using ``cont``" +msgstr "continue execution using ``cont``" + #: ../../contributing/development.rst:675 msgid "default:" msgstr "default:" diff --git a/docs/_locale/pt/copyright.pot b/docs/_locale/pt/copyright.pot index 6f47ee66..a88566e9 100644 --- a/docs/_locale/pt/copyright.pot +++ b/docs/_locale/pt/copyright.pot @@ -13,6 +13,10 @@ msgid "Copyright Notice" msgstr "Copyright Notice" #: ../../copyright.md:3 +msgid "Copyright (C) 2018-2023 VyOS maintainers and contributors" +msgstr "Copyright (C) 2018-2023 VyOS maintainers and contributors" + +#: ../../copyright.md:3 msgid "Copyright (C) 2018-2024 VyOS maintainers and contributors" msgstr "Copyright (C) 2018-2024 VyOS maintainers and contributors" diff --git a/docs/_locale/pt/documentation.pot b/docs/_locale/pt/documentation.pot index 602471a4..d8343839 100644 --- a/docs/_locale/pt/documentation.pot +++ b/docs/_locale/pt/documentation.pot @@ -8,27 +8,47 @@ msgstr "" "Language: pt\n" "Plural-Forms: nplurals=2; plural=(n>=0 && n<=1) ? 0 : 1;\n" -#: ../../documentation.rst:239 +#: ../../documentation.rst:216 msgid "16bit ASN: ``64496 - 64511``" msgstr "16bit ASN: ``64496 - 64511``" -#: ../../documentation.rst:240 +#: ../../documentation.rst:84 +msgid "1. Theoretical information" +msgstr "1. Theoretical information" + +#: ../../documentation.rst:92 +msgid "2. Configuration description" +msgstr "2. Configuration description" + +#: ../../documentation.rst:217 msgid "32bit ASN: ``65536 - 65551``" msgstr "32bit ASN: ``65536 - 65551``" -#: ../../documentation.rst:182 +#: ../../documentation.rst:99 +msgid "3. Configuration examples" +msgstr "3. Configuration examples" + +#: ../../documentation.rst:105 +msgid "4. Known issues" +msgstr "4. Known issues" + +#: ../../documentation.rst:113 +msgid "5. Debugging" +msgstr "5. Debugging" + +#: ../../documentation.rst:159 msgid "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." msgstr "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." -#: ../../documentation.rst:103 +#: ../../documentation.rst:408 msgid "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." msgstr "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." -#: ../../documentation.rst:229 +#: ../../documentation.rst:206 msgid "Address space" msgstr "Address space" -#: ../../documentation.rst:390 +#: ../../documentation.rst:58 msgid "All RST files must follow the same TOC Level syntax and have to start with" msgstr "All RST files must follow the same TOC Level syntax and have to start with" @@ -36,7 +56,7 @@ msgstr "All RST files must follow the same TOC Level syntax and have to start wi msgid "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." msgstr "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." -#: ../../documentation.rst:53 +#: ../../documentation.rst:51 msgid "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." msgstr "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." @@ -48,23 +68,23 @@ msgstr "Anything else" msgid "Anything else that is not a configuration or an operation command has no predefined structure." msgstr "Anything else that is not a configuration or an operation command has no predefined structure." -#: ../../documentation.rst:257 +#: ../../documentation.rst:234 msgid "Autolinter" msgstr "Autolinter" -#: ../../documentation.rst:94 +#: ../../documentation.rst:399 msgid "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." msgstr "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." -#: ../../documentation.rst:123 +#: ../../documentation.rst:428 msgid "Check your configured remote repositories:" msgstr "Check your configured remote repositories:" -#: ../../documentation.rst:78 +#: ../../documentation.rst:383 msgid "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" msgstr "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" -#: ../../documentation.rst:107 +#: ../../documentation.rst:412 msgid "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." msgstr "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." @@ -72,55 +92,67 @@ msgstr "Commit your changes with the message, ``$ git commit -m \"<commit messag msgid "Configuration mode pages" msgstr "Configuration mode pages" -#: ../../documentation.rst:84 +#: ../../documentation.rst:389 msgid "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" msgstr "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" -#: ../../documentation.rst:180 +#: ../../documentation.rst:157 msgid "Cross-References" msgstr "Cross-References" -#: ../../documentation.rst:268 +#: ../../documentation.rst:245 msgid "Custom Sphinx-doc Markup" msgstr "Custom Sphinx-doc Markup" -#: ../../documentation.rst:270 +#: ../../documentation.rst:247 msgid "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." msgstr "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." -#: ../../documentation.rst:45 +#: ../../documentation.rst:94 +msgid "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." +msgstr "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." + +#: ../../documentation.rst:115 +msgid "Described procedures for debugging a service:" +msgstr "Described procedures for debugging a service:" + +#: ../../documentation.rst:43 msgid "Don't forget to update ``index.rst`` when adding a new node." msgstr "Don't forget to update ``index.rst`` when adding a new node." -#: ../../documentation.rst:259 +#: ../../documentation.rst:236 msgid "Each GitHub pull request is automatically linted to check the address space and line length." msgstr "Each GitHub pull request is automatically linted to check the address space and line length." -#: ../../documentation.rst:252 +#: ../../documentation.rst:81 +msgid "Each page must contain the following parts:" +msgstr "Each page must contain the following parts:" + +#: ../../documentation.rst:229 msgid "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." msgstr "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." -#: ../../documentation.rst:292 +#: ../../documentation.rst:269 msgid "For an inline configuration level command, use ``:cfgcmd:``" msgstr "For an inline configuration level command, use ``:cfgcmd:``" -#: ../../documentation.rst:328 +#: ../../documentation.rst:305 msgid "For an inline operational level command, use ``:opcmd:``" msgstr "For an inline operational level command, use ``:opcmd:``" -#: ../../documentation.rst:186 +#: ../../documentation.rst:163 msgid "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." msgstr "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." -#: ../../documentation.rst:405 +#: ../../documentation.rst:70 msgid "For example:" msgstr "For example:" -#: ../../documentation.rst:76 +#: ../../documentation.rst:381 msgid "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" msgstr "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" -#: ../../documentation.rst:58 +#: ../../documentation.rst:363 msgid "Forking Workflow" msgstr "Forking Workflow" @@ -128,6 +160,10 @@ msgstr "Forking Workflow" msgid "Formating and Sphinxmarkup" msgstr "Formating and Sphinxmarkup" +#: ../../documentation.rst:127 +msgid "Formatting and Sphinxmarkup" +msgstr "Formatting and Sphinxmarkup" + #: ../../documentation.rst:432 msgid "General concepts for troubleshooting and detailed process descriptions belong here." msgstr "General concepts for troubleshooting and detailed process descriptions belong here." @@ -140,7 +176,7 @@ msgstr "Guidelines" msgid "If there some troubleshooting guides related to the commands. Explain it in the next optional part." msgstr "If there some troubleshooting guides related to the commands. Explain it in the next optional part." -#: ../../documentation.rst:143 +#: ../../documentation.rst:448 msgid "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" msgstr "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" @@ -152,43 +188,43 @@ msgstr "If you are willing to contribute to our documentation this is the defini msgid "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." msgstr "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." -#: ../../documentation.rst:417 +#: ../../documentation.rst:75 msgid "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." msgstr "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." -#: ../../documentation.rst:50 +#: ../../documentation.rst:48 msgid "Indent with two spaces." msgstr "Indent with two spaces." -#: ../../documentation.rst:81 +#: ../../documentation.rst:386 msgid "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" msgstr "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" -#: ../../documentation.rst:49 +#: ../../documentation.rst:47 msgid "Leave a newline before and after a header." msgstr "Leave a newline before and after a header." -#: ../../documentation.rst:250 +#: ../../documentation.rst:227 msgid "Limit all lines to a maximum of 80 characters." msgstr "Limit all lines to a maximum of 80 characters." -#: ../../documentation.rst:248 +#: ../../documentation.rst:225 msgid "Line length" msgstr "Line length" -#: ../../documentation.rst:87 +#: ../../documentation.rst:392 msgid "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." msgstr "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." -#: ../../documentation.rst:242 +#: ../../documentation.rst:219 msgid "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" msgstr "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" -#: ../../documentation.rst:231 +#: ../../documentation.rst:208 msgid "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" msgstr "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" -#: ../../documentation.rst:118 +#: ../../documentation.rst:423 msgid "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" msgstr "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" @@ -200,39 +236,43 @@ msgstr "Operation mode commands that do not fit in a related configuration mode msgid "Operation mode pages" msgstr "Operation mode pages" -#: ../../documentation.rst:385 +#: ../../documentation.rst:56 msgid "Page content" msgstr "Page content" -#: ../../documentation.rst:244 +#: ../../documentation.rst:221 msgid "Please do not use other public address space." msgstr "Please do not use other public address space." -#: ../../documentation.rst:47 +#: ../../documentation.rst:101 +msgid "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." +msgstr "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." + +#: ../../documentation.rst:45 msgid "Properly quote commands, filenames and brief code snippets with double backticks." msgstr "Properly quote commands, filenames and brief code snippets with double backticks." -#: ../../documentation.rst:112 +#: ../../documentation.rst:417 msgid "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" msgstr "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" -#: ../../documentation.rst:420 +#: ../../documentation.rst:78 msgid "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." msgstr "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." -#: ../../documentation.rst:262 +#: ../../documentation.rst:239 msgid "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." msgstr "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." -#: ../../documentation.rst:147 +#: ../../documentation.rst:124 msgid "Style Guide" msgstr "Style Guide" -#: ../../documentation.rst:114 +#: ../../documentation.rst:419 msgid "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." msgstr "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." -#: ../../documentation.rst:153 +#: ../../documentation.rst:130 msgid "TOC Level" msgstr "TOC Level" @@ -240,7 +280,7 @@ msgstr "TOC Level" msgid "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." msgstr "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." -#: ../../documentation.rst:60 +#: ../../documentation.rst:365 msgid "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." msgstr "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." @@ -248,7 +288,7 @@ msgstr "The Forking Workflow is fundamentally different from other popular Git w msgid "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." msgstr "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." -#: ../../documentation.rst:401 +#: ../../documentation.rst:66 msgid "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." msgstr "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." @@ -260,51 +300,59 @@ msgstr "The documentation has 3 different types of pages. The same kind of pages msgid "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." msgstr "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." -#: ../../documentation.rst:41 +#: ../../documentation.rst:39 msgid "The following is a quick summary of the rules:" msgstr "The following is a quick summary of the rules:" -#: ../../documentation.rst:66 +#: ../../documentation.rst:371 msgid "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." msgstr "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." -#: ../../documentation.rst:199 +#: ../../documentation.rst:176 msgid "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." msgstr "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." +#: ../../documentation.rst:86 +msgid "Theoretical information required for users to understand the next document sections:" +msgstr "Theoretical information required for users to understand the next document sections:" + #: ../../documentation.rst:35 msgid "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." msgstr "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." -#: ../../documentation.rst:299 +#: ../../documentation.rst:107 +msgid "This section must contain a list of:" +msgstr "This section must contain a list of:" + +#: ../../documentation.rst:276 msgid "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." msgstr "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." -#: ../../documentation.rst:337 +#: ../../documentation.rst:314 msgid "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." msgstr "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." -#: ../../documentation.rst:46 +#: ../../documentation.rst:44 msgid "Try not to exceed 80 characters per line, but don't break URLs over this." msgstr "Try not to exceed 80 characters per line, but don't break URLs over this." -#: ../../documentation.rst:241 +#: ../../documentation.rst:218 msgid "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" msgstr "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" -#: ../../documentation.rst:73 +#: ../../documentation.rst:378 msgid "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." msgstr "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." -#: ../../documentation.rst:43 +#: ../../documentation.rst:41 msgid "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." msgstr "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." -#: ../../documentation.rst:48 +#: ../../documentation.rst:46 msgid "Use literal blocks for longer snippets." msgstr "Use literal blocks for longer snippets." -#: ../../documentation.rst:99 +#: ../../documentation.rst:404 msgid "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." msgstr "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." @@ -312,35 +360,39 @@ msgstr "View modified files by calling ``$ git status``. You will get an overvie msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +#: ../../documentation.rst:20 +msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." + #: ../../documentation.rst:9 msgid "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." msgstr "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." -#: ../../documentation.rst:155 +#: ../../documentation.rst:132 msgid "We use the following syntax for Headlines." msgstr "We use the following syntax for Headlines." -#: ../../documentation.rst:277 +#: ../../documentation.rst:254 msgid "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." msgstr "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." -#: ../../documentation.rst:316 +#: ../../documentation.rst:293 msgid "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." msgstr "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." -#: ../../documentation.rst:51 +#: ../../documentation.rst:49 msgid "When in doubt, follow the style of existing documentation." msgstr "When in doubt, follow the style of existing documentation." -#: ../../documentation.rst:375 +#: ../../documentation.rst:352 msgid "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." msgstr "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." -#: ../../documentation.rst:319 +#: ../../documentation.rst:296 msgid "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." -#: ../../documentation.rst:282 +#: ../../documentation.rst:259 msgid "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." @@ -352,66 +404,98 @@ msgstr "Write Documentation" msgid "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." msgstr "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." -#: ../../documentation.rst:133 +#: ../../documentation.rst:29 +msgid "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." +msgstr "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." + +#: ../../documentation.rst:438 msgid "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." msgstr "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." -#: ../../documentation.rst:235 +#: ../../documentation.rst:212 msgid "``192.0.2.0/24``" msgstr "``192.0.2.0/24``" -#: ../../documentation.rst:236 +#: ../../documentation.rst:213 msgid "``198.51.100.0/24``" msgstr "``198.51.100.0/24``" -#: ../../documentation.rst:238 +#: ../../documentation.rst:215 msgid "``2001:db8::/32``" msgstr "``2001:db8::/32``" -#: ../../documentation.rst:237 +#: ../../documentation.rst:214 msgid "``203.0.113.0/24``" msgstr "``203.0.113.0/24``" -#: ../../documentation.rst:194 +#: ../../documentation.rst:171 msgid "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" msgstr "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" -#: ../../documentation.rst:190 +#: ../../documentation.rst:167 msgid "``:ref:`configuration/interfaces/ethernet:vlan``" msgstr "``:ref:`configuration/interfaces/ethernet:vlan``" -#: ../../documentation.rst:407 +#: ../../documentation.rst:72 msgid "``set firewall zone`` is written in ``firewall/zone.rst``" msgstr "``set firewall zone`` is written in ``firewall/zone.rst``" -#: ../../documentation.rst:408 +#: ../../documentation.rst:73 msgid "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" msgstr "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" -#: ../../documentation.rst:275 +#: ../../documentation.rst:88 +msgid "a simple explanation of what is this page about, why or when it is required to be used" +msgstr "a simple explanation of what is this page about, why or when it is required to be used" + +#: ../../documentation.rst:252 msgid "cfgcmd" msgstr "cfgcmd" -#: ../../documentation.rst:335 +#: ../../documentation.rst:312 msgid "cmdinclude" msgstr "cmdinclude" -#: ../../documentation.rst:197 +#: ../../documentation.rst:174 msgid "handle build errors" msgstr "handle build errors" -#: ../../documentation.rst:314 +#: ../../documentation.rst:117 +msgid "how to collect logs or other debugging information (like `show` commands output)" +msgstr "how to collect logs or other debugging information (like `show` commands output)" + +#: ../../documentation.rst:118 +msgid "how to read and what to search for in logs and collected information" +msgstr "how to read and what to search for in logs and collected information" + +#: ../../documentation.rst:109 +msgid "known issues or potential problems for the service or use case" +msgstr "known issues or potential problems for the service or use case" + +#: ../../documentation.rst:291 msgid "opcmd" msgstr "opcmd" -#: ../../documentation.rst:346 +#: ../../documentation.rst:89 +msgid "references to standards, RFCs" +msgstr "references to standards, RFCs" + +#: ../../documentation.rst:323 msgid "the content of interface-address.txt looks like this" msgstr "the content of interface-address.txt looks like this" -#: ../../documentation.rst:192 +#: ../../documentation.rst:169 msgid "to use an alternative hyperlink use it this way:" msgstr "to use an alternative hyperlink use it this way:" -#: ../../documentation.rst:373 +#: ../../documentation.rst:350 msgid "vytask" msgstr "vytask" + +#: ../../documentation.rst:119 +msgid "what are indicators of good and bad states in debugging outputs" +msgstr "what are indicators of good and bad states in debugging outputs" + +#: ../../documentation.rst:110 +msgid "workarounds for known issues (if any exist)" +msgstr "workarounds for known issues (if any exist)" diff --git a/docs/_locale/pt/installation.pot b/docs/_locale/pt/installation.pot index b6b01c69..04cbc68f 100644 --- a/docs/_locale/pt/installation.pot +++ b/docs/_locale/pt/installation.pot @@ -212,6 +212,10 @@ msgstr "Add one or more routes for networks you want to pass through the VyOS VM msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." +#: ../../installation/cloud/aws.rst:27 +msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." +msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." + #: ../../installation/vyos-on-baremetal.rst:394 msgid "Advanced > Serial Port Console Redirection > Console Redirection Settings:" msgstr "Advanced > Serial Port Console Redirection > Console Redirection Settings:" @@ -465,6 +469,10 @@ msgstr "Clients (where VyOS is to be installed) with a PXE-enabled NIC" msgid "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." msgstr "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +#: ../../installation/cloud/aws.rst:88 +msgid "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +msgstr "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." + #: ../../installation/cloud/aws.rst:82 msgid "CloudWatch SSM Configuration creation" msgstr "CloudWatch SSM Configuration creation" @@ -1303,6 +1311,10 @@ msgstr "Requirements" msgid "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." msgstr "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +#: ../../installation/cloud/aws.rst:69 +msgid "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +msgstr "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." + #: ../../installation/install.rst:74 msgid "Rolling Release" msgstr "Rolling Release" diff --git a/docs/_locale/pt/quick-start.pot b/docs/_locale/pt/quick-start.pot index eff80392..3886dd71 100644 --- a/docs/_locale/pt/quick-start.pot +++ b/docs/_locale/pt/quick-start.pot @@ -101,6 +101,10 @@ msgid "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAG msgstr "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAGEMENT`` chain when new connections are addressed to port 22 (SSH) on the router itself:" #: ../../quick-start.rst:243 +msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." +msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." + +#: ../../quick-start.rst:243 msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." @@ -292,6 +296,10 @@ msgstr "To make firewall configuration easier, we can create groups of interface msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." +#: ../../quick-start.rst:164 +msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." +msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." + #: ../../quick-start.rst:90 msgid "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" msgstr "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" diff --git a/docs/_locale/uk/LC_MESSAGES/automation.mo b/docs/_locale/uk/LC_MESSAGES/automation.mo Binary files differindex c353f97f..edf49da2 100644 --- a/docs/_locale/uk/LC_MESSAGES/automation.mo +++ b/docs/_locale/uk/LC_MESSAGES/automation.mo diff --git a/docs/_locale/uk/LC_MESSAGES/cli.mo b/docs/_locale/uk/LC_MESSAGES/cli.mo Binary files differindex 468e41bb..ae3dffb7 100644 --- a/docs/_locale/uk/LC_MESSAGES/cli.mo +++ b/docs/_locale/uk/LC_MESSAGES/cli.mo diff --git a/docs/_locale/uk/LC_MESSAGES/configexamples.mo b/docs/_locale/uk/LC_MESSAGES/configexamples.mo Binary files differindex 923a9818..11b0bd11 100644 --- a/docs/_locale/uk/LC_MESSAGES/configexamples.mo +++ b/docs/_locale/uk/LC_MESSAGES/configexamples.mo diff --git a/docs/_locale/uk/LC_MESSAGES/configuration.mo b/docs/_locale/uk/LC_MESSAGES/configuration.mo Binary files differindex 7acb2117..f676d48d 100644 --- a/docs/_locale/uk/LC_MESSAGES/configuration.mo +++ b/docs/_locale/uk/LC_MESSAGES/configuration.mo diff --git a/docs/_locale/uk/LC_MESSAGES/contributing.mo b/docs/_locale/uk/LC_MESSAGES/contributing.mo Binary files differindex 6d56979f..ed247a8e 100644 --- a/docs/_locale/uk/LC_MESSAGES/contributing.mo +++ b/docs/_locale/uk/LC_MESSAGES/contributing.mo diff --git a/docs/_locale/uk/LC_MESSAGES/copyright.mo b/docs/_locale/uk/LC_MESSAGES/copyright.mo Binary files differindex b6a61413..3cacba1d 100644 --- a/docs/_locale/uk/LC_MESSAGES/copyright.mo +++ b/docs/_locale/uk/LC_MESSAGES/copyright.mo diff --git a/docs/_locale/uk/LC_MESSAGES/documentation.mo b/docs/_locale/uk/LC_MESSAGES/documentation.mo Binary files differindex 1023d5e8..267b3f0a 100644 --- a/docs/_locale/uk/LC_MESSAGES/documentation.mo +++ b/docs/_locale/uk/LC_MESSAGES/documentation.mo diff --git a/docs/_locale/uk/LC_MESSAGES/installation.mo b/docs/_locale/uk/LC_MESSAGES/installation.mo Binary files differindex 60c26968..3780988a 100644 --- a/docs/_locale/uk/LC_MESSAGES/installation.mo +++ b/docs/_locale/uk/LC_MESSAGES/installation.mo diff --git a/docs/_locale/uk/LC_MESSAGES/quick-start.mo b/docs/_locale/uk/LC_MESSAGES/quick-start.mo Binary files differindex 1db72477..fd868211 100644 --- a/docs/_locale/uk/LC_MESSAGES/quick-start.mo +++ b/docs/_locale/uk/LC_MESSAGES/quick-start.mo diff --git a/docs/_locale/uk/automation.pot b/docs/_locale/uk/automation.pot index fd209459..01625f53 100644 --- a/docs/_locale/uk/automation.pot +++ b/docs/_locale/uk/automation.pot @@ -8,6 +8,51 @@ msgstr "" "Language: uk\n" "Plural-Forms: nplurals=3; plural=((n%10==1) && (n%100!=11)) ? 0 : ((n%10>=2 && n%10<=4) && ((n%100<12 || n%100>14))) ? 1 : 2;\n" +#: ../../automation/terraform/index.rst:15 +msgid "# terraformAZ # terraformvSphere # terraformGoogle" +msgstr "# terraformAZ # terraformvSphere # terraformGoogle" + +#: ../../automation/vyos-terraform.rst:707 +msgid "#az login" +msgstr "#az login" + +#: ../../automation/vyos-terraform.rst:261 +#: ../../automation/vyos-terraform.rst:283 +#: ../../automation/vyos-terraform.rst:711 +#: ../../automation/vyos-terraform.rst:731 +#: ../../automation/vyos-terraform.rst:1008 +#: ../../automation/vyos-terraform.rst:1029 +msgid "#cd /your folder" +msgstr "#cd /your folder" + +#: ../../automation/vyos-terraform.rst:287 +#: ../../automation/vyos-terraform.rst:735 +#: ../../automation/vyos-terraform.rst:1033 +msgid "#terraform apply" +msgstr "#terraform apply" + +#: ../../automation/vyos-terraform.rst:263 +#: ../../automation/vyos-terraform.rst:713 +#: ../../automation/vyos-terraform.rst:1010 +msgid "#terraform init" +msgstr "#terraform init" + +#: ../../automation/vyos-terraform.rst:285 +#: ../../automation/vyos-terraform.rst:733 +#: ../../automation/vyos-terraform.rst:1031 +msgid "#terraform plan" +msgstr "#terraform plan" + +#: ../../automation/vyos-terraform.rst:289 +#: ../../automation/vyos-terraform.rst:737 +#: ../../automation/vyos-terraform.rst:1035 +msgid "#yes" +msgstr "#yes" + +#: ../../automation/cloud-init.rst:363 +msgid "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." +msgstr "**NOTE**: be careful while copying and pasting previous commands. Double quotes may need to be corrected." + #: ../../automation/cloud-init.rst:363 msgid "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." msgstr "**NOTE**: be carefull while copying and pasting previous commands. Doble quotes may need to be corrected." @@ -32,11 +77,11 @@ msgstr "**user-data**: includes vyos-commands." msgid "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" msgstr "**user-data** file must start with ``#cloud-config`` and contains vyos-commands. For example:" -#: ../../automation/vyos-api.rst:322 +#: ../../automation/vyos-api.rst:323 msgid "/config-file" msgstr "/config-file" -#: ../../automation/vyos-api.rst:265 +#: ../../automation/vyos-api.rst:266 msgid "/configure" msgstr "/configure" @@ -68,10 +113,239 @@ msgstr "/retrieve" msgid "/show" msgstr "/show" +#: ../../automation/vyos-terraform.rst:993 +msgid "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" +msgstr "1.1 Collect all data in to file \"terraform.tfvars\" and create resources fo example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:61 +msgid "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1.1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/vyos-terraform.rst:692 +msgid "1.1 Create an account with Azure" +msgstr "1.1 Create an account with Azure" + +#: ../../automation/vyos-terraform.rst:243 +msgid "1.2 Create a key pair and download your .pem key" +msgstr "1.2 Create a key pair and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:63 +msgid "1.2 Create a key pair_ and download your .pem key" +msgstr "1.2 Create a key pair_ and download your .pem key" + +#: ../../automation/vyos-terraform.rst:245 +msgid "1.3 Create a security group for the new VyOS instance" +msgstr "1.3 Create a security group for the new VyOS instance" + +#: ../../automation/terraform/terraformAWS.rst:70 +msgid "1.3 Create a security group_ for the new VyOS instance and open all traffic" +msgstr "1.3 Create a security group_ for the new VyOS instance and open all traffic" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "1. Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + +#: ../../automation/terraform/terraformAWS.rst:266 +msgid "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." +msgstr "1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/." + +#: ../../automation/terraform/terraformvSphere.rst:23 +msgid "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" +msgstr "1 Collect all data in to file \"terraform.tfvars\" and create resources for example \"terraform\"" + +#: ../../automation/terraform/terraformAWS.rst:77 +#: ../../automation/terraform/terraformAZ.rst:54 +#: ../../automation/terraform/terraformvSphere.rst:53 +msgid "1 Create an UNIX instance whenever you want (local, cloud, and so on)" +msgstr "1 Create an UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:54 +#: ../../automation/terraform/terraformAZ.rst:26 +#: ../../automation/terraform/terraformvSphere.rst:29 +msgid "1 Create an UNIX or Windows instance" +msgstr "1 Create an UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:29 +msgid "1 Create an account with AWS and get your \"access_key\", \"secret key\"" +msgstr "1 Create an account with AWS and get your \"access_key\", \"secret key\"" + +#: ../../automation/terraform/terraformAZ.rst:21 +msgid "1 Create an account with Azure" +msgstr "1 Create an account with Azure" + +#: ../../automation/terraform/terraformAWS.rst:86 +msgid "2.1 Create a0 UNIX or Windows instance" +msgstr "2.1 Create a0 UNIX or Windows instance" + +#: ../../automation/vyos-terraform.rst:250 +#: ../../automation/vyos-terraform.rst:697 +#: ../../automation/vyos-terraform.rst:998 +msgid "2.1 Create a UNIX or Windows instance" +msgstr "2.1 Create a UNIX or Windows instance" + +#: ../../automation/terraform/terraformAWS.rst:88 +msgid "2.2 Download and install Terraform" +msgstr "2.2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:90 +msgid "2.3 Create the folder for example /root/awsterraform" +msgstr "2.3 Create the folder for example /root/awsterraform" + +#: ../../automation/vyos-terraform.rst:254 +msgid "2.3 Create the folder for example ../awsvyos/" +msgstr "2.3 Create the folder for example ../awsvyos/" + +#: ../../automation/vyos-terraform.rst:701 +msgid "2.3 Create the folder for example ../azvyos/" +msgstr "2.3 Create the folder for example ../azvyos/" + +#: ../../automation/vyos-terraform.rst:1002 +msgid "2.3 Create the folder for example ../vsphere/" +msgstr "2.3 Create the folder for example ../vsphere/" + +#: ../../automation/vyos-terraform.rst:1004 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project" + +#: ../../automation/vyos-terraform.rst:703 +msgid "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" +msgstr "2.4 Copy all files from my folder /Terraform into your Terraform project (main.tf, variables.tf)" + +#: ../../automation/terraform/terraformAWS.rst:96 +msgid "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" +msgstr "2.4 Copy all files into your Terraform project \"/root/awsterraform\" (vyos.tf, var.tf, terraform.tfvars,version.tf), more detailed see `Structure of files Terrafom for AWS`_" + +#: ../../automation/vyos-terraform.rst:256 +msgid "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" +msgstr "2.4 Copy all files into your Terraform project (vyos.tf, var.tf) 2.4.1 Please type the information into the strings 22, 35, 36 of file \"vyos.tf\"" + +#: ../../automation/vyos-terraform.rst:705 +msgid "2.5 Login with Azure using the command" +msgstr "2.5 Login with Azure using the command" + +#: ../../automation/terraform/terraformAWS.rst:98 +msgid "2.5 Type the commands :" +msgstr "2.5 Type the commands :" + +#: ../../automation/terraform/terraformAZ.rst:44 +msgid "2.6 Type the commands :" +msgstr "2.6 Type the commands :" + +#: ../../automation/terraform/terraformAWS.rst:31 +msgid "2 Create a key pair_ and download your .pem key" +msgstr "2 Create a key pair_ and download your .pem key" + +#: ../../automation/terraform/terraformAWS.rst:79 +#: ../../automation/terraform/terraformAZ.rst:56 +#: ../../automation/terraform/terraformvSphere.rst:55 +msgid "2 Download and install Ansible" +msgstr "2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:56 +#: ../../automation/terraform/terraformAZ.rst:28 +#: ../../automation/terraform/terraformvSphere.rst:31 +msgid "2 Download and install Terraform" +msgstr "2 Download and install Terraform" + +#: ../../automation/terraform/terraformAWS.rst:270 +msgid "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" +msgstr "2 Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file VyOS. tf" + +#: ../../automation/vyos-terraform.rst:268 +#: ../../automation/vyos-terraform.rst:718 +#: ../../automation/vyos-terraform.rst:1016 +msgid "3.1 Create a UNIX instance" +msgstr "3.1 Create a UNIX instance" + +#: ../../automation/terraform/terraformAWS.rst:109 +msgid "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" +msgstr "3.1 Create a UNIX instance whenever you want (local, cloud, and so on)" + +#: ../../automation/terraform/terraformAWS.rst:111 +msgid "3.2 Download and install Ansible" +msgstr "3.2 Download and install Ansible" + +#: ../../automation/terraform/terraformAWS.rst:113 +msgid "3.3 Create the folder for example /root/aws/" +msgstr "3.3 Create the folder for example /root/aws/" + +#: ../../automation/vyos-terraform.rst:722 +msgid "3.3 Create the folder for example /root/az/" +msgstr "3.3 Create the folder for example /root/az/" + +#: ../../automation/vyos-terraform.rst:1020 +msgid "3.3 Create the folder for example /root/vsphere/" +msgstr "3.3 Create the folder for example /root/vsphere/" + +#: ../../automation/vyos-terraform.rst:274 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml, mykey.pem)" + +#: ../../automation/vyos-terraform.rst:724 +#: ../../automation/vyos-terraform.rst:1022 +msgid "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" +msgstr "3.4 Copy all files from my folder /Ansible into your Ansible project (ansible.cfg, instance.yml and /group_vars)" + +#: ../../automation/terraform/terraformAWS.rst:115 +msgid "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "3.4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAWS.rst:81 +msgid "3 Create the folder for example /root/aws/" +msgstr "3 Create the folder for example /root/aws/" + +#: ../../automation/terraform/terraformAWS.rst:58 +msgid "3 Create the folder for example /root/awsterraform" +msgstr "3 Create the folder for example /root/awsterraform" + +#: ../../automation/terraform/terraformAZ.rst:58 +msgid "3 Create the folder for example /root/az/" +msgstr "3 Create the folder for example /root/az/" + +#: ../../automation/terraform/terraformAZ.rst:30 +msgid "3 Create the folder for example /root/azvyos/" +msgstr "3 Create the folder for example /root/azvyos/" + +#: ../../automation/terraform/terraformvSphere.rst:33 +msgid "3 Create the folder for example /root/vsphereterraform" +msgstr "3 Create the folder for example /root/vsphereterraform" + +#: ../../automation/terraform/terraformvSphere.rst:57 +msgid "3 Create the folder for example /root/vsphereterraform/" +msgstr "3 Create the folder for example /root/vsphereterraform/" + +#: ../../automation/terraform/terraformAWS.rst:123 +msgid "4.1 Type the commands on your Terrafom instance:" +msgstr "4.1 Type the commands on your Terrafom instance:" + +#: ../../automation/terraform/terraformAWS.rst:83 +msgid "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" +msgstr "4 Copy all files into your Ansible project \"/root/aws/\" (ansible.cfg, instance.yml, mykey.pem and \"all\"), more detailed see `Structure of files Ansible for AWS`_" + +#: ../../automation/terraform/terraformAZ.rst:60 +msgid "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" +msgstr "4 Copy all files into your Ansible project \"/root/az/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for Azure`_" + +#: ../../automation/terraform/terraformvSphere.rst:59 +msgid "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" +msgstr "4 Copy all files into your Ansible project \"/root/vsphereterraform/\" (ansible.cfg, instance.yml,\"all\"), more detailed see `Structure of files Ansible for vSphere`_" + #: ../../automation/vyos-api.rst:41 msgid "API Endpoints" msgstr "API Endpoints" +#: ../../automation/terraform/terraformAWS.rst:26 +msgid "AWS" +msgstr "AWS" + +#: ../../automation/vyos-terraform.rst:233 +msgid "AWS_terraform_ansible_single_vyos_instance" +msgstr "AWS_terraform_ansible_single_vyos_instance" + +#: ../../automation/cloud-init.rst:270 +msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." +msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After cloning the repo, edit the file **qemu.yml** and comment the **download-iso** role." + #: ../../automation/cloud-init.rst:270 msgid "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." msgstr "A VyOS qcow image with cloud-init options is needed. This can be obtained using `vyos-vm-images`_ repo. After clonning the repo, edit the file **qemu.yml** and comment the **download-iso** role." @@ -92,18 +366,43 @@ msgstr "A single-quote symbol is not allowed inside command or value." msgid "Accept minion key" msgstr "Accept minion key" +#: ../../automation/terraform/terraformAWS.rst:255 +msgid "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the AWS cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformAZ.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the Azure cloud with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + +#: ../../automation/terraform/terraformvSphere.rst:75 +msgid "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" +msgstr "After executing all the commands you will have your VyOS instance on the vSphere with your configuration, it's a very convenient desition. If you need to delete the instance please type the command:" + #: ../../automation/vyos-api.rst:15 msgid "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." msgstr "All endpoints only listen on HTTP POST requests and the API KEY must set as ``key`` in the formdata." +#: ../../automation/terraform/terraformAWS.rst:539 +#: ../../automation/terraform/terraformAZ.rst:484 +#: ../../automation/terraform/terraformvSphere.rst:397 +msgid "All files about the article can be found here_" +msgstr "All files about the article can be found here_" + #: ../../automation/cloud-init.rst:115 msgid "All of these can be overridden using the configuration in user-data." msgstr "All of these can be overridden using the configuration in user-data." +#: ../../automation/terraform/terraformAWS.rst:267 +msgid "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." +msgstr "Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group." + #: ../../automation/cloud-init.rst:256 msgid "Also, this lab considers:" msgstr "Also, this lab considers:" +#: ../../automation/terraform/terraformAWS.rst:74 +#: ../../automation/terraform/terraformAZ.rst:51 +#: ../../automation/terraform/terraformvSphere.rst:50 #: ../../automation/vyos-ansible.rst:6 msgid "Ansible" msgstr "Ansible" @@ -121,6 +420,15 @@ msgstr "At this step we can get some op-mode information from VyOS nodes:" msgid "Authentication" msgstr "Authentication" +#: ../../automation/terraform/terraformAZ.rst:19 +msgid "Azure" +msgstr "Azure" + +#: ../../automation/vyos-terraform.rst:684 +#: ../../automation/vyos-terraform.rst:985 +msgid "Azure_terraform_ansible_single_vyos_instance" +msgstr "Azure_terraform_ansible_single_vyos_instance" + #: ../../automation/cloud-init.rst:241 msgid "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." msgstr "Before starting, please refer to cloud-init `network-config-docs`_ in order to know how to import user and network configurations." @@ -186,34 +494,38 @@ msgstr "Configuration" msgid "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" msgstr "Configuration commands are executed just like from a normal config session. For example, if you want to disable a BGP peer on VRRP transition to backup:" -#: ../../automation/vyos-pyvyos.rst:94 +#: ../../automation/vyos-pyvyos.rst:102 msgid "Configure, then Delete Object" msgstr "Configure, then Delete Object" -#: ../../automation/vyos-pyvyos.rst:141 +#: ../../automation/vyos-pyvyos.rst:149 msgid "Configure, then Load File" msgstr "Configure, then Load File" -#: ../../automation/vyos-pyvyos.rst:101 +#: ../../automation/vyos-pyvyos.rst:109 msgid "Configure, then Save" msgstr "Configure, then Save" -#: ../../automation/vyos-pyvyos.rst:108 +#: ../../automation/vyos-pyvyos.rst:116 msgid "Configure, then Save File" msgstr "Configure, then Save File" -#: ../../automation/vyos-pyvyos.rst:68 +#: ../../automation/vyos-pyvyos.rst:76 msgid "Configure, then Set" msgstr "Configure, then Set" -#: ../../automation/vyos-pyvyos.rst:85 +#: ../../automation/vyos-pyvyos.rst:93 msgid "Configure, then Show Object" msgstr "Configure, then Show Object" -#: ../../automation/vyos-pyvyos.rst:77 +#: ../../automation/vyos-pyvyos.rst:85 msgid "Configure, then Show a Single Object Value" msgstr "Configure, then Show a Single Object Value" +#: ../../automation/terraform/index.rst:5 +msgid "Content" +msgstr "Content" + #: ../../automation/vyos-napalm.rst:89 msgid "Content of commands.conf" msgstr "Content of commands.conf" @@ -242,6 +554,30 @@ msgstr "Custom scripts are not executed with root privileges (Use sudo inside if msgid "DHCP on first Ethernet interface if no network configuration is provided." msgstr "DHCP on first Ethernet interface if no network configuration is provided." +#: ../../automation/terraform/terraformAWS.rst:6 +msgid "Deploying VyOS in the AWS cloud" +msgstr "Deploying VyOS in the AWS cloud" + +#: ../../automation/terraform/terraformAZ.rst:6 +msgid "Deploying VyOS in the Azure cloud" +msgstr "Deploying VyOS in the Azure cloud" + +#: ../../automation/terraform/terraformvSphere.rst:6 +msgid "Deploying VyOS in the vSphere infrastructure" +msgstr "Deploying VyOS in the vSphere infrastructure" + +#: ../../automation/terraform/terraformAWS.rst:39 +msgid "Deploying vyos in the AWS cloud" +msgstr "Deploying vyos in the AWS cloud" + +#: ../../automation/vyos-terraform.rst:299 +msgid "Deploying vyos in the Azure cloud" +msgstr "Deploying vyos in the Azure cloud" + +#: ../../automation/vyos-terraform.rst:742 +msgid "Deploying vyos in the Vsphere infrastructia" +msgstr "Deploying vyos in the Vsphere infrastructia" + #: ../../automation/vyos-netmiko.rst:12 msgid "Example" msgstr "Example" @@ -274,11 +610,39 @@ msgstr "Executing pre-hooks/post-hooks Scripts" msgid "File contents" msgstr "File contents" +#: ../../automation/terraform/terraformAWS.rst:476 +msgid "File contents of Ansible for AWS" +msgstr "File contents of Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:426 +msgid "File contents of Ansible for Azure" +msgstr "File contents of Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:338 +msgid "File contents of Ansible for vSphere" +msgstr "File contents of Ansible for vSphere" + +#: ../../automation/terraform/terraformAWS.rst:298 +msgid "File contents of Terrafom for AWS" +msgstr "File contents of Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:93 +msgid "File contents of Terrafom for Azure" +msgstr "File contents of Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:96 +msgid "File contents of Terrafom for vSphere" +msgstr "File contents of Terrafom for vSphere" + #: ../../automation/cloud-init.rst:284 msgid "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" msgstr "File generated with previous command: ``/tmp/vyos-1.3.0-cloud-init-10G-qemu.qcow2``" #: ../../automation/cloud-init.rst:347 +msgid "Finally, file **meta-data** has no content, but it's required." +msgstr "Finally, file **meta-data** has no content, but it's required." + +#: ../../automation/cloud-init.rst:347 msgid "Finaly, file **meta-data** has no content, but it's required." msgstr "Finaly, file **meta-data** has no content, but it's required." @@ -306,7 +670,11 @@ msgstr "For more information on the NoCloud data source, visit its `page <https: msgid "From cli or GUI, power on VM, and after it boots, verify configuration" msgstr "From cli or GUI, power on VM, and after it boots, verify configuration" -#: ../../automation/vyos-pyvyos.rst:123 +#: ../../automation/terraform/terraformvyos.rst:26 +msgid "General commands that we will use for running Terraform scripts" +msgstr "General commands that we will use for running Terraform scripts" + +#: ../../automation/vyos-pyvyos.rst:131 msgid "Generate Object" msgstr "Generate Object" @@ -314,7 +682,7 @@ msgstr "Generate Object" msgid "Generate qcow image" msgstr "Generate qcow image" -#: ../../automation/vyos-pyvyos.rst:24 +#: ../../automation/vyos-pyvyos.rst:32 msgid "Getting Started" msgstr "Getting Started" @@ -326,6 +694,22 @@ msgstr "Here is a simple example:" msgid "Here is an example cloud-config that appends configuration at the time of first boot." msgstr "Here is an example cloud-config that appends configuration at the time of first boot." +#: ../../automation/terraform/terraformAWS.rst:23 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+AWS Step by step:" + +#: ../../automation/terraform/terraformAZ.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Azure Step by step:" + +#: ../../automation/vyos-terraform.rst:987 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+Vsphere Step by step:" + +#: ../../automation/terraform/terraformvSphere.rst:16 +msgid "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" +msgstr "How to create a single instance and install your configuration using Terraform+Ansible+vSphere Step by step:" + #: ../../automation/cloud-init.rst:377 msgid "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." msgstr "ISO files storage: ``local`` volume is used for ``.iso`` file storage. In this scenario ``local`` volume type is set to **directory**, abd attached to ``/var/lib/vz``." @@ -350,7 +734,7 @@ msgstr "If you need to gather information from linux commands to configure VyOS, msgid "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." msgstr "If you want to script the configs in a language other than bash you can have your script output commands and then source them in a bash script." -#: ../../automation/vyos-pyvyos.rst:27 +#: ../../automation/vyos-pyvyos.rst:35 msgid "Importing and Disabling Warnings for verify=False" msgstr "Importing and Disabling Warnings for verify=False" @@ -362,6 +746,18 @@ msgstr "In Proxmox server three files are going to be used for this setup:" msgid "In VyOS, by default, enables only two modules:" msgstr "In VyOS, by default, enables only two modules:" +#: ../../automation/terraform/terraformAWS.rst:17 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the AWS cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the Azure cloud and make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:11 +msgid "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." +msgstr "In this case, we'll create the necessary files for Terraform and Ansible next using Terraform we'll create a single instance on the vSphere cloud and make provisioning using Ansible." + #: ../../automation/cloud-init.rst:307 msgid "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" msgstr "In this lab, all files are located in ``/tmp/``. So, before going on, lets move to that directory:" @@ -374,7 +770,7 @@ msgstr "In this lab, we are using 1.3.0 VyOS version and setting a disk of 10G. msgid "Initial Configuration" msgstr "Initial Configuration" -#: ../../automation/vyos-pyvyos.rst:47 +#: ../../automation/vyos-pyvyos.rst:55 msgid "Initializing a VyDevice Object" msgstr "Initializing a VyDevice Object" @@ -386,7 +782,7 @@ msgstr "Injecting configuration data is not limited to cloud platforms. Users ca msgid "Install ``napalm-vyos`` module" msgstr "Install ``napalm-vyos`` module" -#: ../../automation/vyos-pyvyos.rst:15 +#: ../../automation/vyos-pyvyos.rst:23 msgid "Installation" msgstr "Installation" @@ -398,6 +794,10 @@ msgstr "It is possible to configure VyOS via netmiko_ proxy module. It requires msgid "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." msgstr "Major cloud providers offer a means of providing user-data at the time of instance launch. It can be provided as plain text or as base64-encoded text, depending on cloud provider. Also, it can be compressed using gzip, which makes sense with a long configuration commands list, because of the hard limit to ~16384 bytes for the whole user-data." +#: ../../automation/terraform/terraformAWS.rst:282 +msgid "Make sure that Ansible is pinging from Terrafom." +msgstr "Make sure that Ansible is pinging from Terrafom." + #: ../../automation/cloud-init.rst:20 msgid "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." msgstr "Metadata - Metadata is sourced by the cloud platform or hypervisor. In some clouds, there is implemented as an HTTP endpoint at ``http://169.254.169.254``." @@ -410,6 +810,10 @@ msgstr "Most important keys that needs to be considered:" msgid "Napalm" msgstr "Napalm" +#: ../../automation/terraform/terraformvyos.rst:13 +msgid "Need to install_ Terraform" +msgstr "Need to install_ Terraform" + #: ../../automation/vyos-netmiko.rst:6 msgid "Netmiko" msgstr "Netmiko" @@ -418,6 +822,10 @@ msgstr "Netmiko" msgid "Netmiko-proxy" msgstr "Netmiko-proxy" +#: ../../automation/terraform/terraformAWS.rst:-1 +msgid "Network Topology Diagram" +msgstr "Network Topology Diagram" + #: ../../automation/cloud-init.rst:24 msgid "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." msgstr "Network configuration - This config source informs the system about the network settings like IP addresses, routes, DNS. Available only in several cloud and virtualization platforms." @@ -431,6 +839,7 @@ msgid "NoCloud" msgstr "NoCloud" #: ../../automation/index.rst:6 +#: ../../automation/terraform/index.rst:6 msgid "Nornir" msgstr "Nornir" @@ -495,6 +904,18 @@ msgstr "Power on VM and verifications" msgid "Preconfig on boot" msgstr "Preconfig on boot" +#: ../../automation/terraform/terraformAWS.rst:21 +msgid "Preparation steps for deploying VyOS on AWS" +msgstr "Preparation steps for deploying VyOS on AWS" + +#: ../../automation/terraform/terraformAZ.rst:14 +msgid "Preparation steps for deploying VyOS on Azure" +msgstr "Preparation steps for deploying VyOS on Azure" + +#: ../../automation/terraform/terraformvSphere.rst:14 +msgid "Preparation steps for deploying VyOS on vSphere" +msgstr "Preparation steps for deploying VyOS on vSphere" + #: ../../automation/cloud-init.rst:296 msgid "Prepare cloud-init files" msgstr "Prepare cloud-init files" @@ -523,10 +944,14 @@ msgstr "References" msgid "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." msgstr "Remove default dhcp client on first interface, and load other configuration during first boot, using cloud-init." -#: ../../automation/vyos-pyvyos.rst:132 +#: ../../automation/vyos-pyvyos.rst:140 msgid "Reset Object" msgstr "Reset Object" +#: ../../automation/vyos-terraform.rst:22 +msgid "Run Terraform" +msgstr "Run Terraform" + #: ../../automation/vyos-ansible.rst:80 msgid "Run ansible" msgstr "Run ansible" @@ -555,11 +980,11 @@ msgstr "Salt" msgid "Salt master configuration:" msgstr "Salt master configuration:" -#: ../../automation/vyos-api.rst:344 +#: ../../automation/vyos-api.rst:345 msgid "Save a running configuration to a file." msgstr "Save a running configuration to a file." -#: ../../automation/vyos-api.rst:326 +#: ../../automation/vyos-api.rst:327 msgid "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." msgstr "Save a running configuration to the startup configuration. When you don't specify the file when saving, it saves to ``/config/config.boot``." @@ -571,7 +996,7 @@ msgstr "Script vyos-napalm.py" msgid "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." msgstr "Scripts are run in alphabetical order. Their names must consist entirely of ASCII upper- and lower-case letters,ASCII digits, ASCII underscores, and ASCII minus-hyphens.No other characters are allowed." -#: ../../automation/vyos-pyvyos.rst:115 +#: ../../automation/vyos-pyvyos.rst:123 msgid "Show Object" msgstr "Show Object" @@ -579,6 +1004,32 @@ msgstr "Show Object" msgid "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." msgstr "Sometimes you simply wan't to execute a bunch of op-mode commands via SSH on a remote VyOS system." +#: ../../automation/command-scripting.rst:52 +msgid "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." +msgstr "Sometimes you simply want to execute a bunch of op-mode commands via SSH on a remote VyOS system." + +#: ../../automation/terraform/terraformAWS.rst:537 +msgid "Sourse files for AWS from GIT" +msgstr "Sourse files for AWS from GIT" + +#: ../../automation/terraform/terraformAZ.rst:482 +msgid "Sourse files for Azure from GIT" +msgstr "Sourse files for Azure from GIT" + +#: ../../automation/terraform/terraformvSphere.rst:395 +msgid "Sourse files for vSphere from GIT" +msgstr "Sourse files for vSphere from GIT" + +#: ../../automation/terraform/terraformAWS.rst:88 +#: ../../automation/terraform/terraformAZ.rst:63 +#: ../../automation/terraform/terraformvSphere.rst:62 +msgid "Start" +msgstr "Start" + +#: ../../automation/terraform/terraformAWS.rst:102 +msgid "Start creating an AWS instance and check the result" +msgstr "Start creating an AWS instance and check the result" + #: ../../automation/cloud-init.rst:260 msgid "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." msgstr "Storaged used: volume local, which is mounted on directory **/var/lib/vz**, and contains all type of content, including snippets." @@ -591,11 +1042,64 @@ msgstr "Structure of /srv/salt:" msgid "Structure of files" msgstr "Structure of files" +#: ../../automation/vyos-terraform.rst:166 +#: ../../automation/vyos-terraform.rst:624 +msgid "Structure of files Ansible" +msgstr "Structure of files Ansible" + +#: ../../automation/terraform/terraformAWS.rst:463 +msgid "Structure of files Ansible for AWS" +msgstr "Structure of files Ansible for AWS" + +#: ../../automation/terraform/terraformAZ.rst:414 +msgid "Structure of files Ansible for Azure" +msgstr "Structure of files Ansible for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:326 +msgid "Structure of files Ansible for vSphere" +msgstr "Structure of files Ansible for vSphere" + +#: ../../automation/vyos-terraform.rst:38 +#: ../../automation/vyos-terraform.rst:302 +#: ../../automation/vyos-terraform.rst:745 +msgid "Structure of files Terrafom" +msgstr "Structure of files Terrafom" + +#: ../../automation/terraform/terraformAWS.rst:285 +msgid "Structure of files Terrafom for AWS" +msgstr "Structure of files Terrafom for AWS" + +#: ../../automation/terraform/terraformAZ.rst:83 +msgid "Structure of files Terrafom for Azure" +msgstr "Structure of files Terrafom for Azure" + +#: ../../automation/terraform/terraformvSphere.rst:84 +msgid "Structure of files Terrafom for vSphere" +msgstr "Structure of files Terrafom for vSphere" + +#: ../../automation/terraform/terraformvyos.rst:15 +msgid "Structure of files in the standard Terraform project:" +msgstr "Structure of files in the standard Terraform project:" + #: ../../automation/cloud-init.rst:107 msgid "System Defaults/Fallbacks" msgstr "System Defaults/Fallbacks" -#: ../../automation/vyos-api.rst:301 +#: ../../automation/terraform/terraformAWS.rst:51 +#: ../../automation/terraform/terraformAZ.rst:23 +#: ../../automation/terraform/terraformvSphere.rst:26 +msgid "Terraform" +msgstr "Terraform" + +#: ../../automation/terraform/terraformAWS.rst:302 +msgid "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" +msgstr "Terraform doesn't connect via SSH to your Ansible instance: you have to check the correct login and password in the part of the file vyos. tf" + +#: ../../automation/terraform/terraformvyos.rst:6 +msgid "Terraform for VyOS" +msgstr "Terraform for VyOS" + +#: ../../automation/vyos-api.rst:302 msgid "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." msgstr "The API pushes every request to a session and commit it. But some of VyOS components like DHCP and PPPoE Servers, IPSec, VXLAN, and other tunnels require full configuration for commit. The endpoint will process multiple commands when you pass them as a list to the ``data`` field." @@ -640,7 +1144,7 @@ msgstr "The default file looks like this:" msgid "The easiest way to configure the system via user-data is the Cloud-config syntax described below." msgstr "The easiest way to configure the system via user-data is the Cloud-config syntax described below." -#: ../../automation/vyos-api.rst:324 +#: ../../automation/vyos-api.rst:325 msgid "The endpoint ``/config-file`` is to save or load a configuration." msgstr "The endpoint ``/config-file`` is to save or load a configuration." @@ -676,7 +1180,7 @@ msgstr "This section needs improvements, examples and explanations." msgid "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." msgstr "This will result in the following error message: ``Set failed`` If this happens, a reboot is required to be able to edit the config manually again." -#: ../../automation/vyos-api.rst:360 +#: ../../automation/vyos-api.rst:361 msgid "To Load a configuration file." msgstr "To Load a configuration file." @@ -713,9 +1217,16 @@ msgid "To power off the system use the ``poweroff`` endpoint." msgstr "To power off the system use the ``poweroff`` endpoint." #: ../../automation/cloud-init.rst:223 +#: ../../automation/terraform/terraformAWS.rst:264 msgid "Troubleshooting" msgstr "Troubleshooting" +#: ../../automation/terraform/terraformAWS.rst:91 +#: ../../automation/terraform/terraformAZ.rst:66 +#: ../../automation/terraform/terraformvSphere.rst:65 +msgid "Type the commands on your Terrafom instance:" +msgstr "Type the commands on your Terrafom instance:" + #: ../../automation/command-scripting.rst:39 msgid "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." msgstr "Unlike a normal configuration session, all operational commands must be prepended with ``run``, even if you haven't created a session with configure." @@ -728,7 +1239,7 @@ msgstr "User-data" msgid "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." msgstr "User-data - User-data is specified by the user. This config source offers the ability to insert any CLI configuration commands into the configuration before the first boot." -#: ../../automation/vyos-pyvyos.rst:35 +#: ../../automation/vyos-pyvyos.rst:43 msgid "Using API Response Class" msgstr "Using API Response Class" @@ -736,6 +1247,10 @@ msgstr "Using API Response Class" msgid "Using PyVyOS" msgstr "Using PyVyOS" +#: ../../automation/vyos-pyvyos.rst:73 +msgid "Using pyvyos" +msgstr "Using pyvyos" + #: ../../automation/cloud-init.rst:373 msgid "VM ID: in this example, VM ID used is 555." msgstr "VM ID: in this example, VM ID used is 555." @@ -748,6 +1263,10 @@ msgstr "VM Resources: these parameters can be modified as needed." msgid "VM Storage: ``local`` volume is used." msgstr "VM Storage: ``local`` volume is used." +#: ../../automation/vyos-terraform.rst:991 +msgid "Vsphere" +msgstr "Vsphere" + #: ../../automation/vyos-api.rst:7 msgid "VyOS API" msgstr "VyOS API" @@ -756,6 +1275,10 @@ msgstr "VyOS API" msgid "VyOS Automation" msgstr "VyOS Automation" +#: ../../automation/terraform/index.rst:3 +msgid "VyOS Terraform" +msgstr "VyOS Terraform" + #: ../../automation/cloud-init.rst:418 msgid "VyOS `cloud-init-docs`_." msgstr "VyOS `cloud-init-docs`_." @@ -784,6 +1307,18 @@ msgstr "VyOS supports configuration via ansible. Need to install ``ansible`` and msgid "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." msgstr "VyOS supports configuration via netmiko_. It requires to install ``python3-netmiko`` module." +#: ../../automation/vyos-terraform.rst:8 +msgid "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" +msgstr "VyOS supports develop infrastructia via Terraform and provisioning via ansible. Need to install ``Terraform``" + +#: ../../automation/terraform/terraformvyos.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy VyOS on platforms - AWS, Azure, and vSphere. For more details about Terraform please have a look here link_." + +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." +msgstr "VyOS supports development infrastructure via Terraform and provisioning via Ansible. Terraform allows you to automate the process of deploying instances on many cloud and virtual platforms. In this article, we will look at using terraforms to deploy vyos on platforms - AWS, AZURE, and vSphere. More detailed about what is Terraform you can write using the link_." + #: ../../automation/command-scripting.rst:8 msgid "VyOS supports executing configuration and operational commands non-interactively from shell scripts." msgstr "VyOS supports executing configuration and operational commands non-interactively from shell scripts." @@ -816,6 +1351,30 @@ msgstr "Will return:" msgid "With the ``retrieve`` endpoint you get parts or the whole configuration." msgstr "With the ``retrieve`` endpoint you get parts or the whole configuration." +#: ../../automation/terraform/terraformAWS.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAZ.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformvSphere.rst:8 +msgid "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." +msgstr "With the help of Terraform, you can quickly deploy VyOS-based infrastructure in the vSphere. Also we will make provisioning using Ansible." + +#: ../../automation/terraform/terraformAWS.rst:40 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the AWS cloud. If necessary, the infrastructure can be removed using terraform. Also we will make provisioning using Ansible." + +#: ../../automation/vyos-terraform.rst:300 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the Azure cloud. If necessary, the infrastructure can be removed using terraform." + +#: ../../automation/vyos-terraform.rst:743 +msgid "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." +msgstr "With the help of terraforms, you can quickly deploy Vyos-based infrastructure in the vSphere." + #: ../../automation/vyos-salt.rst:12 msgid "Without proxy it requires VyOS minion configuration and support op-mode data:" msgstr "Without proxy it requires VyOS minion configuration and support op-mode data:" @@ -828,11 +1387,15 @@ msgstr "Without proxy it requires VyOS minion configuration and supports op-mode msgid "You can install PyVyOS using pip:" msgstr "You can install PyVyOS using pip:" -#: ../../automation/vyos-api.rst:267 +#: ../../automation/vyos-pyvyos.rst:25 +msgid "You can install pyvyos using pip:" +msgstr "You can install pyvyos using pip:" + +#: ../../automation/vyos-api.rst:268 msgid "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." msgstr "You can pass a ``set``, ``delete`` or ``comment`` command to the ``/configure`` endpoint." -#: ../../automation/vyos-api.rst:286 +#: ../../automation/vyos-api.rst:287 msgid "``delete`` a single command" msgstr "``delete`` a single command" @@ -840,7 +1403,7 @@ msgstr "``delete`` a single command" msgid "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" msgstr "``seed.iso`` was previously created in directory ``/tmp/``. It's necessary to move it to ``/var/lib/vz/template/iso``" -#: ../../automation/vyos-api.rst:270 +#: ../../automation/vyos-api.rst:271 msgid "``set`` a single command" msgstr "``set`` a single command" @@ -856,10 +1419,29 @@ msgstr "``vyos``/``vyos`` credentials if no others specified by data source." msgid "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." msgstr "``write_files`` - this module allows to insert any files into the filesystem before the first boot, for example, pre-generated encryption keys, certificates, or even a whole ``config.boot`` file. The format is described in the cloudinit documentation `Cloud-init-write_files`_." +#: ../../automation/vyos-pyvyos.rst:12 +msgid "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." +msgstr "`pyvyos Documentation on Read the Docs <https://pyvyos.readthedocs.io/en/latest/>`_ provides detailed instructions on the installation, configuration, and operation of the pyvyos library." + +#: ../../automation/vyos-pyvyos.rst:15 +msgid "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." +msgstr "`pyvyos Source Code on GitHub <https://github.com/robertoberto/pyvyos>`_ allows you to access and contribute to the library's code." + +#: ../../automation/vyos-pyvyos.rst:17 +msgid "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." +msgstr "`pyvyos on PyPI <https://pypi.org/project/pyvyos/>`_ for easy installation via pip, the Python package installer. Execute `pip install pyvyos` in your terminal to install." + #: ../../automation/vyos-api.rst:188 msgid "add an image" msgstr "add an image" +#: ../../automation/terraform/terraformAWS.rst:560 +msgid "all" +msgstr "all" + +#: ../../automation/terraform/terraformAWS.rst:478 +#: ../../automation/terraform/terraformAZ.rst:428 +#: ../../automation/terraform/terraformvSphere.rst:340 #: ../../automation/vyos-ansible.rst:26 msgid "ansible.cfg" msgstr "ansible.cfg" @@ -880,6 +1462,12 @@ msgstr "commands.txt" msgid "delete an image, for example ``1.3-rolling-202006070117``" msgstr "delete an image, for example ``1.3-rolling-202006070117``" +#: ../../automation/terraform/terraformAWS.rst:528 +#: ../../automation/terraform/terraformAZ.rst:470 +#: ../../automation/terraform/terraformvSphere.rst:381 +msgid "group_vars/all" +msgstr "group_vars/all" + #: ../../automation/vyos-ansible.rst:42 msgid "hosts" msgstr "hosts" @@ -892,18 +1480,78 @@ msgstr "id_rsa_docker.pub. Needs to declare only public key exactly." msgid "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." msgstr "if you just want the Value of a multi-valued node, use the ``returnValues`` operation." +#: ../../automation/terraform/terraformAWS.rst:495 +#: ../../automation/terraform/terraformAZ.rst:438 +#: ../../automation/terraform/terraformvSphere.rst:350 +msgid "instance.yml" +msgstr "instance.yml" + +#: ../../automation/vyos-terraform.rst:313 +#: ../../automation/vyos-terraform.rst:758 +msgid "main.tf" +msgstr "main.tf" + #: ../../automation/vyos-ansible.rst:56 msgid "main.yml" msgstr "main.yml" +#: ../../automation/terraform/terraformAWS.rst:488 +msgid "mykey.pem" +msgstr "mykey.pem" + +#: ../../automation/terraform/terraformAWS.rst:85 +msgid "mykey.pem you have to get using step 1.2" +msgstr "mykey.pem you have to get using step 1.2" + +#: ../../automation/vyos-pyvyos.rst:6 +msgid "pyvyos" +msgstr "pyvyos" + +#: ../../automation/vyos-pyvyos.rst:8 +msgid "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." +msgstr "pyvyos is a Python library designed for interacting with VyOS devices through their API. This documentation is intended to guide you in using pyvyos for programmatic management of your VyOS devices." + #: ../../automation/vyos-salt.rst:141 msgid "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" msgstr "r11-proxy.sls Includes parameters for connecting to salt-proxy minion" #: ../../automation/index.rst:7 +#: ../../automation/terraform/index.rst:7 msgid "startup scripts" msgstr "startup scripts" +#: ../../automation/terraform/terraformAWS.rst:452 +#: ../../automation/terraform/terraformAZ.rst:405 +#: ../../automation/terraform/terraformvSphere.rst:307 +msgid "terraform.tfvars" +msgstr "terraform.tfvars" + #: ../../automation/vyos-salt.rst:131 msgid "top.sls" msgstr "top.sls" + +#: ../../automation/terraform/terraformvSphere.rst:20 +msgid "vSphere" +msgstr "vSphere" + +#: ../../automation/terraform/terraformAWS.rst:415 +#: ../../automation/terraform/terraformAZ.rst:298 +#: ../../automation/terraform/terraformvSphere.rst:239 +msgid "var.tf" +msgstr "var.tf" + +#: ../../automation/vyos-terraform.rst:516 +#: ../../automation/vyos-terraform.rst:899 +msgid "variables.tf" +msgstr "variables.tf" + +#: ../../automation/terraform/terraformAWS.rst:439 +#: ../../automation/terraform/terraformvSphere.rst:223 +msgid "versions.tf" +msgstr "versions.tf" + +#: ../../automation/terraform/terraformAWS.rst:300 +#: ../../automation/terraform/terraformAZ.rst:95 +#: ../../automation/terraform/terraformvSphere.rst:98 +msgid "vyos.tf" +msgstr "vyos.tf" diff --git a/docs/_locale/uk/cli.pot b/docs/_locale/uk/cli.pot index 40f3c22e..270a6758 100644 --- a/docs/_locale/uk/cli.pot +++ b/docs/_locale/uk/cli.pot @@ -228,6 +228,10 @@ msgstr "The :cfgcmd:`show` command within configuration mode will show the worki msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be commited, just like other config changes." +#: ../../cli.rst:653 +msgid "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." +msgstr "The ``comment`` command allows you to insert a comment above the ``<config node>`` configuration section. When shown, comments are enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments need to be committed, just like other config changes." + #: ../../cli.rst:784 msgid "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." msgstr "The command :cfgcmd:`compare` allows you to compare different type of configurations. It also lets you compare different revisions through the :cfgcmd:`compare N M` command, where N and M are revision numbers. The output will describe how the configuration N is when compared to M indicating with a plus sign (``+``) the additional parts N has when compared to M, and indicating with a minus sign (``-``) the lacking parts N misses when compared to M." @@ -321,6 +325,10 @@ msgid "View the current active configuration in readable JSON format." msgstr "View the current active configuration in readable JSON format." #: ../../cli.rst:852 +msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." +msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successful the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." + +#: ../../cli.rst:852 msgid "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." msgstr "VyOS can upload the configuration to a remote location after each call to :cfgcmd:`commit`. You will have to set the commit-archive location. TFTP, FTP, SCP and SFTP servers are supported. Every time a :cfgcmd:`commit` is successfull the ``config.boot`` file will be copied to the defined destination(s). The filename used on the remote host will be ``config.boot-hostname.YYYYMMDD_HHMMSS``." @@ -340,6 +348,10 @@ msgstr "VyOS makes use of a unified configuration file for the entire system's c msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be commited, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +#: ../../cli.rst:558 +msgid "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." +msgstr "What if you are doing something dangerous? Suppose you want to setup a firewall, and you are not sure there are no mistakes that will lock you out of your system. You can use confirmed commit. If you issue the ``commit-confirm`` command, your changes will be committed, and if you don't issue the ``confirm`` command in 10 minutes, your system will reboot into previous config revision." + #: ../../cli.rst:340 msgid "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." msgstr "When entering the configuration mode you are navigating inside a tree structure, to enter configuration mode enter the command :opcmd:`configure` when in operational mode." diff --git a/docs/_locale/uk/configexamples.pot b/docs/_locale/uk/configexamples.pot index d009b64c..066dc74e 100644 --- a/docs/_locale/uk/configexamples.pot +++ b/docs/_locale/uk/configexamples.pot @@ -272,7 +272,7 @@ msgstr "A brief excursion into VRFs: This has been one of the longest-standing f msgid "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." msgstr "A connection resource deployed in Azure linking the Azure VNet gateway and the local network gateway representing the Vyos device." -#: ../../configexamples/index.rst:37 +#: ../../configexamples/index.rst:38 msgid "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." msgstr "A host ``vyos-oobm`` will use as a ssh proxy. This host is just necessary for the Lab test." @@ -656,6 +656,10 @@ msgstr "Cisco VPC Crossconnect - Ports 39 and 40 bonded between each switch" msgid "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." msgstr "Clamp the VTI's MSS to 1350 to avoid PMTU blackholes." +#: ../../configexamples/lac-lns.rst:96 +msgid "Client" +msgstr "Client" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:94 msgid "Client configuration" msgstr "Client configuration" @@ -704,7 +708,7 @@ msgstr "Configuration 'dcsp' and shaper using QoS" msgid "Configuration Blueprints" msgstr "Configuration Blueprints" -#: ../../configexamples/index.rst:30 +#: ../../configexamples/index.rst:31 msgid "Configuration Blueprints (autotest)" msgstr "Configuration Blueprints (autotest)" @@ -717,6 +721,7 @@ msgid "Configuration of basic firewall in one site, in order to:" msgstr "Configuration of basic firewall in one site, in order to:" #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:113 +#: ../../configexamples/lac-lns.rst:29 #: ../../configexamples/pppoe-ipv6-basic.rst:26 msgid "Configurations" msgstr "Configurations" @@ -885,7 +890,7 @@ msgstr "Dynamic routing used between CE and PE nodes and eBGP peering establishe msgid "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." msgstr "Each interface is assigned to a zone. The interface can be physical or virtual such as tunnels (VPN, PPTP, GRE, etc) and are treated exactly the same." -#: ../../configexamples/index.rst:34 +#: ../../configexamples/index.rst:35 msgid "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." msgstr "Each lab will build an test from an external script. The page content will generate, so changes will not take an effect." @@ -1252,6 +1257,14 @@ msgstr "In this example two LAN interfaces exist in different subnets instead of msgid "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." msgstr "In this example we have 4 zones. LAN, WAN, DMZ, Local. The local zone is the firewall itself." +#: ../../configexamples/lac-lns.rst:17 +msgid "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." +msgstr "In this example we use VyOS 1.5 as LNS and Cisco IOS as LAC. All users with domain **vyos.io** will be tunneled to LNS via L2TP." + +#: ../../configexamples/lac-lns.rst:98 +msgid "In this lab we use Windows PPPoE client." +msgstr "In this lab we use Windows PPPoE client." + #: ../../configexamples/zone-policy.rst:50 msgid "Inbound WAN connect to DMZ host." msgstr "Inbound WAN connect to DMZ host." @@ -1345,6 +1358,10 @@ msgstr "L3VPN configuration parameters table:" msgid "L3VPN for Hub-and-Spoke connectivity with VyOS" msgstr "L3VPN for Hub-and-Spoke connectivity with VyOS" +#: ../../configexamples/lac-lns.rst:32 +msgid "LAC" +msgstr "LAC" + #: ../../configexamples/zone-policy.rst:392 msgid "LAN, WAN, DMZ, local and TUN (tunnel)" msgstr "LAN, WAN, DMZ, local and TUN (tunnel)" @@ -1389,6 +1406,10 @@ msgstr "LAN and DMZ hosts have basic outbound access: Web, FTP, SSH." msgid "LAN can access DMZ resources." msgstr "LAN can access DMZ resources." +#: ../../configexamples/lac-lns.rst:72 +msgid "LNS" +msgstr "LNS" + #: ../../configexamples/l3vpn-hub-and-spoke.rst:551 msgid "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" msgstr "Let’s check IPv4 routing and MPLS information on provider nodes (same procedure for all P nodes):" @@ -1433,9 +1454,22 @@ msgid "Masquerade Traffic originating from 10.200.201.0/24 that is heading out t msgstr "Masquerade Traffic originating from 10.200.201.0/24 that is heading out the public interface." #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:254 +#: ../../configexamples/lac-lns.rst:106 msgid "Monitoring" msgstr "Monitoring" +#: ../../configexamples/lac-lns.rst:117 +msgid "Monitoring on LAC side" +msgstr "Monitoring on LAC side" + +#: ../../configexamples/lac-lns.rst:108 +msgid "Monitoring on LNS side" +msgstr "Monitoring on LNS side" + +#: ../../configexamples/lac-lns.rst:140 +msgid "Monitoring on RADIUS Server side" +msgstr "Monitoring on RADIUS Server side" + #: ../../configexamples/autotest/tunnelbroker/tunnelbroker.rst:162 msgid "Multiple LAN/DMZ Setup" msgstr "Multiple LAN/DMZ Setup" @@ -1456,6 +1490,7 @@ msgstr "Native IPv4 and IPv6" msgid "Network Cabling" msgstr "Network Cabling" +#: ../../configexamples/lac-lns.rst:21 #: ../../configexamples/pppoe-ipv6-basic.rst:18 msgid "Network Topology" msgstr "Network Topology" @@ -1463,6 +1498,7 @@ msgstr "Network Topology" #: ../../configexamples/ansible.rst:-1 #: ../../configexamples/inter-vrf-routing-vrf-lite.rst:-1 #: ../../configexamples/l3vpn-hub-and-spoke.rst:-1 +#: ../../configexamples/lac-lns.rst:-1 #: ../../configexamples/nmp.rst:-1 #: ../../configexamples/pppoe-ipv6-basic.rst:-1 #: ../../configexamples/qos.rst:-1 @@ -1655,6 +1691,10 @@ msgstr "PPPoE IPv6 Basic Setup for Home Network" msgid "PPPoE Setup" msgstr "PPPoE Setup" +#: ../../configexamples/lac-lns.rst:7 +msgid "PPPoE over L2TP" +msgstr "PPPoE over L2TP" + #: ../../configexamples/segment-routing-isis.rst:255 msgid "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" msgstr "Ping between VyOS-P1 / VyOS-P2 to confirm reachability:" @@ -2046,7 +2086,7 @@ msgstr "The lab I built is using a VRF (called **mgmt**) to provide out-of-band msgid "The lab was built using EVE-NG." msgstr "The lab was built using EVE-NG." -#: ../../configexamples/index.rst:32 +#: ../../configexamples/index.rst:33 msgid "The next pages contains automatic full tested configuration examples." msgstr "The next pages contains automatic full tested configuration examples." @@ -2054,7 +2094,7 @@ msgstr "The next pages contains automatic full tested configuration examples." msgid "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." msgstr "The previous example used the failover command to send traffic through eth1 if eth0 fails. In this example, failover functionality is provided by rule order." -#: ../../configexamples/index.rst:40 +#: ../../configexamples/index.rst:41 msgid "The process will do the following steps:" msgstr "The process will do the following steps:" @@ -2130,6 +2170,10 @@ msgstr "This configuration example and the requirments consists on:" msgid "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." msgstr "This document aims to walk you through setting everything up, so at a point where you can reboot any machine and not lose more than a few seconds worth of connectivity." +#: ../../configexamples/lac-lns.rst:9 +msgid "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." +msgstr "This document is to describe a basic setup using PPPoE over L2TP. LAC and LNS are components of the broadband topology. LAC - L2TP access concentrator LNS - L2TP Network Server LAC and LNS forms L2TP tunnel. LAC receives packets from PPPoE clients and forward them to LNS. LNS is the termination point that comes from PPP packets from the remote client." + #: ../../configexamples/pppoe-ipv6-basic.rst:9 msgid "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." msgstr "This document is to describe a basic setup using PPPoE with DHCPv6-PD + SLAAC to construct a typical home network. The user can follow the steps described here to quickly setup a working network and use this as a starting point to further configure or fine-tune other settings." @@ -2210,6 +2254,10 @@ msgstr "This section describes verification commands for MPLS/BGP/LDP protocols msgid "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." msgstr "This section provides configuration steps for setting up VRFs on our PE nodes including CE facing interfaces, BGP, rd and route-target import/export based on the pre-defined parameters." +#: ../../configexamples/lac-lns.rst:91 +msgid "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." +msgstr "This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ppp-options disable-ccp`` accomplishes that." + #: ../../configexamples/autotest/Wireguard/Wireguard.rst:10 msgid "This simple structure show how to connect two offices. One remote branch and the central office." msgstr "This simple structure show how to connect two offices. One remote branch and the central office." @@ -2580,6 +2628,10 @@ msgstr "When you have both routers up, you should be able to establish a connect msgid "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" msgstr "When you have enabled OSPF on both routers, you should be able to see each other with the command ``show ip ospf neighbour``. The state must be 'Full' or '2-Way'. If it is not, then there is a network connectivity issue between the hosts. This is often caused by NAT or MTU issues. You should not see any new routes (unless this is the second pass) in the output of ``show ip route``" +#: ../../configexamples/lac-lns.rst:-1 +msgid "Window PPPoE Client Configuration" +msgstr "Window PPPoE Client Configuration" + #: ../../configexamples/autotest/OpenVPN_with_LDAP/OpenVPN_with_LDAP.rst:13 msgid "Windows Server 2019 with a running Active Directory" msgstr "Windows Server 2019 with a running Active Directory" @@ -2713,15 +2765,15 @@ msgstr "compute3 - Port 11 of each switch" msgid "compute3 (VMware ESXi 6.5)" msgstr "compute3 (VMware ESXi 6.5)" -#: ../../configexamples/index.rst:43 +#: ../../configexamples/index.rst:44 msgid "configure each host in the lab" msgstr "configure each host in the lab" -#: ../../configexamples/index.rst:42 +#: ../../configexamples/index.rst:43 msgid "create the lab on a eve-ng server" msgstr "create the lab on a eve-ng server" -#: ../../configexamples/index.rst:44 +#: ../../configexamples/index.rst:45 msgid "do some defined tests" msgstr "do some defined tests" @@ -2742,7 +2794,7 @@ msgstr "extended community and remote label of specific destination" msgid "first the PCA" msgstr "first the PCA" -#: ../../configexamples/index.rst:46 +#: ../../configexamples/index.rst:47 msgid "generate the documentation and include files" msgstr "generate the documentation and include files" @@ -2754,7 +2806,7 @@ msgstr "green uses local routing table id and VNI 4000" msgid "information between PE and CE:" msgstr "information between PE and CE:" -#: ../../configexamples/index.rst:45 +#: ../../configexamples/index.rst:46 msgid "optional do an upgrade to a higher version and do step 3 again." msgstr "optional do an upgrade to a higher version and do step 3 again." @@ -2770,7 +2822,7 @@ msgstr "router2 (Random 1RU machine with 4 NICs)" msgid "save the output to a file and import it in nearly all openvpn clients." msgstr "save the output to a file and import it in nearly all openvpn clients." -#: ../../configexamples/index.rst:47 +#: ../../configexamples/index.rst:48 msgid "shutdown and destroy the lab, if there is no error" msgstr "shutdown and destroy the lab, if there is no error" diff --git a/docs/_locale/uk/configuration.pot b/docs/_locale/uk/configuration.pot index 62a76e08..e664bc23 100644 --- a/docs/_locale/uk/configuration.pot +++ b/docs/_locale/uk/configuration.pot @@ -168,9 +168,9 @@ msgstr "**Documentation under development**" msgid "**Ethernet (protocol, destination address or source address)**" msgstr "**Ethernet (protocol, destination address or source address)**" -#: ../../configuration/service/dhcp-server.rst:200 -#: ../../configuration/service/dhcp-server.rst:587 -#: ../../configuration/service/dhcp-server.rst:626 +#: ../../configuration/service/dhcp-server.rst:206 +#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:634 msgid "**Example:**" msgstr "**Example:**" @@ -269,11 +269,11 @@ msgstr "**Input**: stage where traffic destined for the router itself can be fil msgid "**Interface name**" msgstr "**Interface name**" -#: ../../configuration/vpn/site2site_ipsec.rst:303 +#: ../../configuration/vpn/site2site_ipsec.rst:306 msgid "**LEFT**" msgstr "**LEFT**" -#: ../../configuration/vpn/site2site_ipsec.rst:287 +#: ../../configuration/vpn/site2site_ipsec.rst:290 msgid "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" msgstr "**LEFT:** * WAN interface on `eth0.201` * `eth0.201` interface IP: `172.18.201.10/24` * `vti10` interface IP: `10.0.0.2/31` * `dum0` interface IP: `10.0.11.1/24` (for testing purposes)" @@ -309,11 +309,11 @@ msgstr "**MED check**" msgid "**Multi-path check**" msgstr "**Multi-path check**" -#: ../../configuration/protocols/bgp.rst:1193 +#: ../../configuration/protocols/bgp.rst:1215 msgid "**Node1:**" msgstr "**Node1:**" -#: ../../configuration/protocols/bgp.rst:1221 +#: ../../configuration/protocols/bgp.rst:1243 msgid "**Node2:**" msgstr "**Node2:**" @@ -326,10 +326,10 @@ msgid "**Node 1**" msgstr "**Node 1**" #: ../../configuration/protocols/babel.rst:192 -#: ../../configuration/protocols/bgp.rst:1103 -#: ../../configuration/protocols/bgp.rst:1130 -#: ../../configuration/protocols/bgp.rst:1148 -#: ../../configuration/protocols/bgp.rst:1176 +#: ../../configuration/protocols/bgp.rst:1125 +#: ../../configuration/protocols/bgp.rst:1152 +#: ../../configuration/protocols/bgp.rst:1170 +#: ../../configuration/protocols/bgp.rst:1198 #: ../../configuration/protocols/isis.rst:341 #: ../../configuration/protocols/isis.rst:416 #: ../../configuration/protocols/isis.rst:457 @@ -350,10 +350,10 @@ msgid "**Node 2**" msgstr "**Node 2**" #: ../../configuration/protocols/babel.rst:202 -#: ../../configuration/protocols/bgp.rst:1114 #: ../../configuration/protocols/bgp.rst:1136 -#: ../../configuration/protocols/bgp.rst:1160 +#: ../../configuration/protocols/bgp.rst:1158 #: ../../configuration/protocols/bgp.rst:1182 +#: ../../configuration/protocols/bgp.rst:1204 #: ../../configuration/protocols/isis.rst:352 #: ../../configuration/protocols/isis.rst:432 #: ../../configuration/protocols/isis.rst:511 @@ -384,6 +384,10 @@ msgid "**Output**: stage where traffic that is originated by the router itself c msgstr "**Output**: stage where traffic that is originated by the router itself can be filtered and controlled. Bare in mind that this traffic can be a new connection originted by a internal process running on VyOS router, such as NTP, or can be a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" #: ../../configuration/firewall/index.rst:65 +msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" +msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **input** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" + +#: ../../configuration/firewall/index.rst:65 msgid "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" msgstr "**Output**: stage where traffic that originates from the router itself can be filtered and controlled. Bear in mind that this traffic can be a new connection originated by a internal process running on VyOS router, such as NTP, or a response to traffic received externaly through **inputt** (for example response to an ssh login attempt to the router). This includes ipv4 and ipv6 filtering rules, defined in:" @@ -411,7 +415,7 @@ msgstr "**Prerouting**: several actions can be done in this stage, and currently msgid "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" msgstr "**Prerouting**: several actions can be done in this stage, and currently these actions are defined in different parts in vyos configuration. Order is important, and all these actions are performed before any actions define under ``firewall`` section. Relevant configuration that acts in this stage are:" -#: ../../configuration/service/dhcp-server.rst:391 +#: ../../configuration/service/dhcp-server.rst:397 msgid "**Primary**" msgstr "**Primary**" @@ -481,11 +485,11 @@ msgstr "**RADIUS based IP pools (Framed-IP-Address)**" msgid "**RADIUS sessions management DM/CoA**" msgstr "**RADIUS sessions management DM/CoA**" -#: ../../configuration/vpn/site2site_ipsec.rst:343 +#: ../../configuration/vpn/site2site_ipsec.rst:346 msgid "**RIGHT**" msgstr "**RIGHT**" -#: ../../configuration/vpn/site2site_ipsec.rst:293 +#: ../../configuration/vpn/site2site_ipsec.rst:296 msgid "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" msgstr "**RIGHT:** * WAN interface on `eth0.202` * `eth0.201` interface IP: `172.18.202.10/24` * `vti10` interface IP: `10.0.0.3/31` * `dum0` interface IP: `10.0.12.1/24` (for testing purposes)" @@ -521,15 +525,15 @@ msgstr "**SW1**" msgid "**SW2**" msgstr "**SW2**" -#: ../../configuration/service/dhcp-server.rst:400 +#: ../../configuration/service/dhcp-server.rst:406 msgid "**Secondary**" msgstr "**Secondary**" -#: ../../configuration/vpn/ipsec.rst:261 +#: ../../configuration/vpn/ipsec.rst:265 msgid "**Setting up IPSec**" msgstr "**Setting up IPSec**" -#: ../../configuration/vpn/ipsec.rst:237 +#: ../../configuration/vpn/ipsec.rst:241 msgid "**Setting up the GRE tunnel**" msgstr "**Setting up the GRE tunnel**" @@ -575,11 +579,25 @@ msgstr "**address** can be specified multiple times, e.g. 192.168.100.1 and/or 1 msgid "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" msgstr "**address** can be specified multiple times as IPv4 and/or IPv6 address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64" +#: ../../configuration/service/pppoe-server.rst:474 +#: ../../configuration/vpn/l2tp.rst:428 +#: ../../configuration/vpn/pptp.rst:352 +#: ../../configuration/vpn/sstp.rst:386 +msgid "**allow** - Negotiate IPv4 only if client requests (Default value)" +msgstr "**allow** - Negotiate IPv4 only if client requests (Default value)" + +#: ../../configuration/service/pppoe-server.rst:349 +#: ../../configuration/vpn/l2tp.rst:293 +#: ../../configuration/vpn/pptp.rst:217 +#: ../../configuration/vpn/sstp.rst:251 +msgid "**allow** - Negotiate IPv6 only if client requests" +msgstr "**allow** - Negotiate IPv6 only if client requests" + #: ../../configuration/container/index.rst:38 msgid "**allow-host-networks** cannot be used with **network**" msgstr "**allow-host-networks** cannot be used with **network**" -#: ../../configuration/container/index.rst:102 +#: ../../configuration/container/index.rst:107 msgid "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" msgstr "**always**: Restart containers when they exit, regardless of status, retrying indefinitely" @@ -595,6 +613,10 @@ msgstr "**application**: analyzes received flow data in the context of intrusion msgid "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." msgstr "**auto** – automatically determines the interface type. **wired** – enables optimisations for wired interfaces. **wireless** – disables a number of optimisations that are only correct on wired interfaces. Specifying wireless is always correct, but may cause slower convergence and extra routing traffic." +#: ../../configuration/service/ids.rst:90 +msgid "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." +msgstr "**ban-time** and **threshold**: these values are kept very low in order to easily identify and generate and attack." + #: ../../configuration/protocols/ospf.rst:435 msgid "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** – address distribution in NBMA networks topology. **point-to-multipoint** – address distribution in point-to-multipoint networks. **point-to-point** – address distribution in point-to-point networks." @@ -603,6 +625,13 @@ msgstr "**broadcast** – broadcast IP addresses distribution. **non-broadcast** msgid "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." msgstr "**broadcast** – broadcast IP addresses distribution. **point-to-point** – address distribution in point-to-point networks." +#: ../../configuration/service/pppoe-server.rst:401 +#: ../../configuration/vpn/l2tp.rst:345 +#: ../../configuration/vpn/pptp.rst:269 +#: ../../configuration/vpn/sstp.rst:303 +msgid "**calling-sid** - Calculate interface identifier from calling-station-id." +msgstr "**calling-sid** - Calculate interface identifier from calling-station-id." + #: ../../configuration/protocols/ospf.rst:121 msgid "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." msgstr "**cisco** – a router will be considered as ABR if it has several configured links to the networks in different areas one of which is a backbone area. Moreover, the link to the backbone area should be active (working). **ibm** – identical to \"cisco\" model but in this case a backbone area link may not be active. **standard** – router has several active links to different areas. **shortcut** – identical to \"standard\" but in this model a router is allowed to use a connected areas topology without involving a backbone area for inter-area connections." @@ -619,7 +648,28 @@ msgstr "**default** – this area will be used for shortcutting only if ABR doe msgid "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." msgstr "**default** – enable split-horizon on wired interfaces, and disable split-horizon on wireless interfaces. **enable** – enable split-horizon on this interfaces. **disable** – disable split-horizon on this interfaces." -#: ../../configuration/vpn/sstp.rst:199 +#: ../../configuration/service/pppoe-server.rst:566 +msgid "**deny**: Deny second session authorization." +msgstr "**deny**: Deny second session authorization." + +#: ../../configuration/service/pppoe-server.rst:475 +#: ../../configuration/vpn/l2tp.rst:429 +#: ../../configuration/vpn/pptp.rst:353 +#: ../../configuration/vpn/sstp.rst:387 +msgid "**deny** - Do not negotiate IPv4" +msgstr "**deny** - Do not negotiate IPv4" + +#: ../../configuration/service/pppoe-server.rst:350 +#: ../../configuration/vpn/l2tp.rst:294 +#: ../../configuration/vpn/pptp.rst:218 +#: ../../configuration/vpn/sstp.rst:252 +msgid "**deny** - Do not negotiate IPv6 (default value)" +msgstr "**deny** - Do not negotiate IPv6 (default value)" + +#: ../../configuration/service/pppoe-server.rst:507 +#: ../../configuration/vpn/l2tp.rst:461 +#: ../../configuration/vpn/pptp.rst:385 +#: ../../configuration/vpn/sstp.rst:419 msgid "**deny** - deny mppe" msgstr "**deny** - deny mppe" @@ -635,6 +685,10 @@ msgstr "**dhcp** interface address is received by DHCP from a DHCP server on thi msgid "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." msgstr "**dhcpv6** interface address is received by DHCPv6 from a DHCPv6 server on this segment." +#: ../../configuration/service/pppoe-server.rst:565 +msgid "**disable**: Disables session control." +msgstr "**disable**: Disables session control." + #: ../../configuration/service/dhcp-relay.rst:75 msgid "**discard:** Received packets which already contain relay information will be discarded." msgstr "**discard:** Received packets which already contain relay information will be discarded." @@ -667,6 +721,17 @@ msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It co msgid "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**inbound-interface** - applicable only to :ref:`destination-nat`. It configures the interface which is used for the inside traffic the translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." +#: ../../configuration/service/pppoe-server.rst:400 +#: ../../configuration/vpn/l2tp.rst:344 +#: ../../configuration/vpn/pptp.rst:268 +#: ../../configuration/vpn/sstp.rst:302 +msgid "**ipv4-addr** - Calculate interface identifier from IPv4 address." +msgstr "**ipv4-addr** - Calculate interface identifier from IPv4 address." + +#: ../../configuration/service/ipoe-server.rst:91 +msgid "**l2**: It means that clients are on same network where interface is.**(default)**" +msgstr "**l2**: It means that clients are on same network where interface is.**(default)**" + #: ../../configuration/interfaces/bonding.rst:161 msgid "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" msgstr "**layer2** - Uses XOR of hardware MAC addresses and packet type ID field to generate the hash. The formula is" @@ -707,10 +772,18 @@ msgstr "**level-2-only** - Act as an area (Level 2) router only." msgid "**level-2-only** - Level-2 only adjacencies are formed" msgstr "**level-2-only** - Level-2 only adjacencies are formed" -#: ../../configuration/vpn/sstp.rst:105 +#: ../../configuration/service/ipoe-server.rst:65 +#: ../../configuration/service/pppoe-server.rst:43 +#: ../../configuration/vpn/l2tp.rst:31 +#: ../../configuration/vpn/pptp.rst:32 +#: ../../configuration/vpn/sstp.rst:58 msgid "**local**: All authentication queries are handled locally." msgstr "**local**: All authentication queries are handled locally." +#: ../../configuration/service/ipoe-server.rst:93 +msgid "**local**: It means that client are behind some router." +msgstr "**local**: It means that client are behind some router." + #: ../../configuration/interfaces/wireguard.rst:140 msgid "**local side - commands**" msgstr "**local side - commands**" @@ -723,27 +796,36 @@ msgstr "**log-fail** In this mode, the recursor will attempt to validate all dat msgid "**narrow** - Use old style of TLVs with narrow metric." msgstr "**narrow** - Use old style of TLVs with narrow metric." -#: ../../configuration/container/index.rst:119 +#: ../../configuration/container/index.rst:124 msgid "**net-admin**: Network operations (interface, firewall, routing tables)" msgstr "**net-admin**: Network operations (interface, firewall, routing tables)" -#: ../../configuration/container/index.rst:120 +#: ../../configuration/container/index.rst:125 msgid "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" msgstr "**net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)" -#: ../../configuration/container/index.rst:121 +#: ../../configuration/container/index.rst:126 msgid "**net-raw**: Permission to create raw network sockets" msgstr "**net-raw**: Permission to create raw network sockets" -#: ../../configuration/container/index.rst:100 +#: ../../configuration/container/index.rst:105 msgid "**no**: Do not restart containers on exit" msgstr "**no**: Do not restart containers on exit" +#: ../../configuration/service/ipoe-server.rst:66 +msgid "**noauth**: Authentication disabled" +msgstr "**noauth**: Authentication disabled" + +#: ../../configuration/service/pppoe-server.rst:44 +#: ../../configuration/vpn/pptp.rst:33 +msgid "**noauth**: Authentication disabled." +msgstr "**noauth**: Authentication disabled." + #: ../../configuration/service/dns.rst:66 msgid "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." msgstr "**off** In this mode, no DNSSEC processing takes place. The recursor will not set the DNSSEC OK (DO) bit in the outgoing queries and will ignore the DO and AD bits in queries." -#: ../../configuration/container/index.rst:101 +#: ../../configuration/container/index.rst:106 msgid "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" msgstr "**on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)" @@ -755,10 +837,31 @@ msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It config msgid "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." msgstr "**outbound-interface** - applicable only to :ref:`source-nat`. It configures the interface which is used for the outside traffic that this translation rule applies to. Interface groups, inverted selection and wildcard, are also supported." -#: ../../configuration/vpn/sstp.rst:198 +#: ../../configuration/service/pppoe-server.rst:473 +#: ../../configuration/vpn/l2tp.rst:427 +#: ../../configuration/vpn/pptp.rst:351 +#: ../../configuration/vpn/sstp.rst:385 +msgid "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv4 negotiation, do not fail if it rejects" + +#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/vpn/l2tp.rst:292 +#: ../../configuration/vpn/pptp.rst:216 +#: ../../configuration/vpn/sstp.rst:250 +msgid "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" +msgstr "**prefer** - Ask client for IPv6 negotiation, do not fail if it rejects" + +#: ../../configuration/vpn/sstp.rst:204 msgid "**prefer** - ask client for mppe, if it rejects don't fail" msgstr "**prefer** - ask client for mppe, if it rejects don't fail" +#: ../../configuration/service/pppoe-server.rst:506 +#: ../../configuration/vpn/l2tp.rst:460 +#: ../../configuration/vpn/pptp.rst:384 +#: ../../configuration/vpn/sstp.rst:418 +msgid "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" +msgstr "**prefer** - ask client for mppe, if it rejects don't fail. (Default value)" + #: ../../configuration/service/dns.rst:77 msgid "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." msgstr "**process** When dnssec is set to process the behavior is similar to process-no-validate. However, the recursor will try to validate the data if at least one of the DO or AD bits is set in the query; in that case, it will set the AD-bit in the response when the data is validated successfully, or send SERVFAIL when the validation comes up bogus." @@ -771,19 +874,55 @@ msgstr "**process-no-validate** In this mode the recursor acts as a \"security a msgid "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." msgstr "**protocol** - specify which types of protocols this translation rule applies to. Only packets matching the specified protocol are NATed. By default this applies to `all` protocols." -#: ../../configuration/vpn/sstp.rst:103 +#: ../../configuration/service/ipoe-server.rst:63 +#: ../../configuration/service/pppoe-server.rst:41 +#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/vpn/pptp.rst:30 +#: ../../configuration/vpn/sstp.rst:56 msgid "**radius**: All authentication queries are handled by a configured RADIUS server." msgstr "**radius**: All authentication queries are handled by a configured RADIUS server." +#: ../../configuration/service/pppoe-server.rst:391 +#: ../../configuration/service/pppoe-server.rst:398 +#: ../../configuration/vpn/l2tp.rst:335 +#: ../../configuration/vpn/l2tp.rst:342 +#: ../../configuration/vpn/pptp.rst:259 +#: ../../configuration/vpn/pptp.rst:266 +#: ../../configuration/vpn/sstp.rst:293 +#: ../../configuration/vpn/sstp.rst:300 +msgid "**random** - Random interface identifier for IPv6" +msgstr "**random** - Random interface identifier for IPv6" + #: ../../configuration/interfaces/wireguard.rst:190 msgid "**remote side - commands**" msgstr "**remote side - commands**" +#: ../../configuration/service/pppoe-server.rst:567 +msgid "**replace**: Terminate first session when second is authorized **(default)**" +msgstr "**replace**: Terminate first session when second is authorized **(default)**" + #: ../../configuration/service/dhcp-relay.rst:81 msgid "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." msgstr "**replace:** Relay information already present in a packet is stripped and replaced with the router's own relay information set." -#: ../../configuration/vpn/sstp.rst:197 +#: ../../configuration/service/pppoe-server.rst:472 +#: ../../configuration/vpn/l2tp.rst:426 +#: ../../configuration/vpn/pptp.rst:350 +#: ../../configuration/vpn/sstp.rst:384 +msgid "**require** - Require IPv4 negotiation" +msgstr "**require** - Require IPv4 negotiation" + +#: ../../configuration/service/pppoe-server.rst:347 +#: ../../configuration/vpn/l2tp.rst:291 +#: ../../configuration/vpn/pptp.rst:215 +#: ../../configuration/vpn/sstp.rst:249 +msgid "**require** - Require IPv6 negotiation" +msgstr "**require** - Require IPv6 negotiation" + +#: ../../configuration/service/pppoe-server.rst:505 +#: ../../configuration/vpn/l2tp.rst:459 +#: ../../configuration/vpn/pptp.rst:383 +#: ../../configuration/vpn/sstp.rst:417 msgid "**require** - ask client for mppe, if it rejects drop connection" msgstr "**require** - ask client for mppe, if it rejects drop connection" @@ -791,19 +930,23 @@ msgstr "**require** - ask client for mppe, if it rejects drop connection" msgid "**right**" msgstr "**right**" -#: ../../configuration/container/index.rst:122 +#: ../../configuration/container/index.rst:127 msgid "**setpcap**: Capability sets (from bounded or inherited set)" msgstr "**setpcap**: Capability sets (from bounded or inherited set)" +#: ../../configuration/service/ipoe-server.rst:99 +msgid "**shared**: Multiple clients share the same network. **(default)**" +msgstr "**shared**: Multiple clients share the same network. **(default)**" + #: ../../configuration/nat/nat44.rst:195 msgid "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." msgstr "**source** - specifies which packets the NAT translation rule applies to based on the packets source IP address and/or source port. Only matching packets are considered for NAT." -#: ../../configuration/container/index.rst:123 +#: ../../configuration/container/index.rst:128 msgid "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" msgstr "**sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)" -#: ../../configuration/container/index.rst:124 +#: ../../configuration/container/index.rst:129 msgid "**sys-time**: Permission to set system clock" msgstr "**sys-time**: Permission to set system clock" @@ -819,10 +962,25 @@ msgstr "**upstream:** The upstream network interface is the outgoing interface w msgid "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." msgstr "**validate** The highest mode of DNSSEC processing. In this mode, all queries will be validated and will be answered with a SERVFAIL in case of bogus data, regardless of the client's request." +#: ../../configuration/service/ipoe-server.rst:100 +msgid "**vlan**: One VLAN per client." +msgstr "**vlan**: One VLAN per client." + #: ../../configuration/protocols/isis.rst:102 msgid "**wide** - Use new style of TLVs to carry wider metric." msgstr "**wide** - Use new style of TLVs to carry wider metric." +#: ../../configuration/service/pppoe-server.rst:392 +#: ../../configuration/service/pppoe-server.rst:399 +#: ../../configuration/vpn/l2tp.rst:336 +#: ../../configuration/vpn/l2tp.rst:343 +#: ../../configuration/vpn/pptp.rst:260 +#: ../../configuration/vpn/pptp.rst:267 +#: ../../configuration/vpn/sstp.rst:294 +#: ../../configuration/vpn/sstp.rst:301 +msgid "**x:x:x:x** - Specify interface identifier for IPv6" +msgstr "**x:x:x:x** - Specify interface identifier for IPv6" + #: ../../configuration/protocols/bgp.rst:143 msgid "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." msgstr "*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports the protocol, *bgpd* can exchange IPv6 and/or multicast routing information." @@ -887,7 +1045,7 @@ msgstr "0 if not defined, which means no refreshing." msgid "0 if not defined." msgstr "0 if not defined." -#: ../../configuration/service/dhcp-server.rst:237 +#: ../../configuration/service/dhcp-server.rst:243 #: ../../configuration/system/syslog.rst:114 #: ../../configuration/system/syslog.rst:173 #: ../../configuration/trafficpolicy/index.rst:801 @@ -950,7 +1108,7 @@ msgstr "10 - 10 MBit/s" msgid "11" msgstr "11" -#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:325 msgid "119" msgstr "119" @@ -960,11 +1118,11 @@ msgstr "119" msgid "12" msgstr "12" -#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:330 msgid "121, 249" msgstr "121, 249" -#: ../../configuration/service/dhcp-server.rst:304 +#: ../../configuration/service/dhcp-server.rst:310 #: ../../configuration/system/syslog.rst:138 #: ../../configuration/trafficpolicy/index.rst:870 msgid "13" @@ -976,7 +1134,7 @@ msgstr "13" msgid "14" msgstr "14" -#: ../../configuration/service/dhcp-server.rst:264 +#: ../../configuration/service/dhcp-server.rst:270 #: ../../configuration/system/syslog.rst:142 #: ../../configuration/trafficpolicy/index.rst:866 msgid "15" @@ -1000,7 +1158,7 @@ msgstr "172.16.0.0 to 172.31.255.255 (CIDR: 172.16.0.0/12)" msgid "18" msgstr "18" -#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:275 #: ../../configuration/system/syslog.rst:150 msgid "19" msgstr "19" @@ -1025,7 +1183,7 @@ msgstr "1: Enable DAD (default)" msgid "1 if not defined." msgstr "1 if not defined." -#: ../../configuration/service/dhcp-server.rst:243 +#: ../../configuration/service/dhcp-server.rst:249 #: ../../configuration/system/syslog.rst:116 #: ../../configuration/system/syslog.rst:178 #: ../../configuration/trafficpolicy/index.rst:799 @@ -1059,7 +1217,7 @@ msgstr "25000 - 25 GBit/s" msgid "2500 - 2.5 GBit/s" msgstr "2500 - 2.5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:329 +#: ../../configuration/service/dhcp-server.rst:335 msgid "252" msgstr "252" @@ -1087,7 +1245,7 @@ msgstr "2. Since this is the first packet, connection status of this connection, msgid "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." msgstr "2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found." -#: ../../configuration/service/dhcp-server.rst:249 +#: ../../configuration/service/dhcp-server.rst:255 #: ../../configuration/system/syslog.rst:118 #: ../../configuration/system/syslog.rst:181 #: ../../configuration/trafficpolicy/index.rst:797 @@ -1115,7 +1273,7 @@ msgstr "38" msgid "3. Add a full path to the script" msgstr "3. Add a full path to the script" -#: ../../configuration/service/dhcp-server.rst:254 +#: ../../configuration/service/dhcp-server.rst:260 #: ../../configuration/system/syslog.rst:120 #: ../../configuration/system/syslog.rst:183 #: ../../configuration/trafficpolicy/index.rst:795 @@ -1131,11 +1289,11 @@ msgstr "40000 - 40 GBit/s" msgid "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." msgstr "40 MHz channels may switch their primary and secondary channels if needed or creation of 40 MHz channel maybe rejected based on overlapping BSSes. These changes are done automatically when hostapd is setting up the 40 MHz channel." -#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:280 msgid "42" msgstr "42" -#: ../../configuration/service/dhcp-server.rst:279 +#: ../../configuration/service/dhcp-server.rst:285 msgid "44" msgstr "44" @@ -1166,7 +1324,7 @@ msgstr "50000 - 50 GBit/s" msgid "5000 - 5 GBit/s" msgstr "5000 - 5 GBit/s" -#: ../../configuration/service/dhcp-server.rst:284 +#: ../../configuration/service/dhcp-server.rst:290 msgid "54" msgstr "54" @@ -1179,7 +1337,7 @@ msgstr "5. Second packet for this connection is received by the router. Since co msgid "5 if not defined." msgstr "5 if not defined." -#: ../../configuration/service/dhcp-server.rst:259 +#: ../../configuration/service/dhcp-server.rst:265 #: ../../configuration/system/syslog.rst:124 #: ../../configuration/system/syslog.rst:189 #: ../../configuration/trafficpolicy/index.rst:791 @@ -1187,7 +1345,7 @@ msgstr "5 if not defined." msgid "6" msgstr "6" -#: ../../configuration/service/dhcp-server.rst:294 +#: ../../configuration/service/dhcp-server.rst:300 msgid "66" msgstr "66" @@ -1195,11 +1353,11 @@ msgstr "66" msgid "66% of traffic is routed to eth0, eth1 gets 33% of traffic." msgstr "66% of traffic is routed to eth0, eth1 gets 33% of traffic." -#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:305 msgid "67" msgstr "67" -#: ../../configuration/service/dhcp-server.rst:309 +#: ../../configuration/service/dhcp-server.rst:315 msgid "69" msgstr "69" @@ -1222,7 +1380,7 @@ msgstr "6in4 uses tunneling to encapsulate IPv6 traffic over IPv4 links as defin msgid "7" msgstr "7" -#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:320 msgid "70" msgstr "70" @@ -1299,11 +1457,11 @@ msgstr "<x.x.x.x>-<x.x.x.x>: IP range to match." msgid "<x.x.x.x>: IP address to match." msgstr "<x.x.x.x>: IP address to match." -#: ../../configuration/pki/index.rst:252 +#: ../../configuration/pki/index.rst:283 msgid "ACME" msgstr "ACME" -#: ../../configuration/pki/index.rst:281 +#: ../../configuration/pki/index.rst:312 msgid "ACME Directory Resource URI." msgstr "ACME Directory Resource URI." @@ -1311,7 +1469,7 @@ msgstr "ACME Directory Resource URI." msgid "API" msgstr "API" -#: ../../configuration/protocols/static.rst:150 +#: ../../configuration/protocols/static.rst:183 msgid "ARP" msgstr "ARP" @@ -1335,7 +1493,7 @@ msgstr "A *bit* is written as **bit**," msgid "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." msgstr "A BGP-speaking router like VyOS can retrieve ROA information from RPKI \"Relying Party software\" (often just called an \"RPKI server\" or \"RPKI validator\") by using :abbr:`RTR (RPKI to Router)` protocol. There are several open source implementations to choose from, such as NLNetLabs' Routinator_ (written in Rust), Cloudflare's GoRTR_ and OctoRPKI_ (written in Go), and RIPE NCC's RPKI Validator_ (written in Java). The RTR protocol is described in :rfc:`8210`." -#: ../../configuration/protocols/bgp.rst:929 +#: ../../configuration/protocols/bgp.rst:951 msgid "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" msgstr "A BGP confederation divides our AS into sub-ASes to reduce the number of required IBGP peerings. Within a sub-AS we still require full-mesh IBGP but between these sub-ASes we use something that looks like EBGP but behaves like IBGP (called confederation BGP). Confederation mechanism is described in :rfc:`5065`" @@ -1351,7 +1509,7 @@ msgstr "A GRE tunnel operates at layer 3 of the OSI model and is represented by msgid "A Rule-Set can be applied to every interface:" msgstr "A Rule-Set can be applied to every interface:" -#: ../../configuration/service/dhcp-server.rst:561 +#: ../../configuration/service/dhcp-server.rst:567 msgid "A SNTP server address can be specified for DHCPv6 clients." msgstr "A SNTP server address can be specified for DHCPv6 clients." @@ -1363,11 +1521,11 @@ msgstr "A VRF device is created with an associated route table. Network interfac msgid "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." msgstr "A VyOS GRE tunnel can carry both IPv4 and IPv6 traffic and can also be created over either IPv4 (gre) or IPv6 (ip6gre)." -#: ../../configuration/service/dns.rst:162 +#: ../../configuration/service/dns.rst:149 msgid "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." msgstr "A VyOS router with two interfaces - eth0 (WAN) and eth1 (LAN) - is required to implement a split-horizon DNS configuration for example.com." -#: ../../configuration/service/dhcp-server.rst:533 +#: ../../configuration/service/dhcp-server.rst:539 msgid "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." msgstr "A :abbr:`NIS (Network Information Service)` domain can be set to be used for DHCPv6 clients." @@ -1384,6 +1542,10 @@ msgstr "A basic introduction to zone-based firewalls can be found `here <https:/ msgid "A bridge named `br100`" msgstr "A bridge named `br100`" +#: ../../configuration/container/index.rst:144 +msgid "A brief description what this network is all about." +msgstr "A brief description what this network is all about." + #: ../../configuration/trafficpolicy/index.rst:147 msgid "A class can have multiple match filters:" msgstr "A class can have multiple match filters:" @@ -1396,7 +1558,11 @@ msgstr "A common example is the case of some policies which, in order to be effe msgid "A complete LDAP auth OpenVPN configuration could look like the following example:" msgstr "A complete LDAP auth OpenVPN configuration could look like the following example:" -#: ../../configuration/vpn/sstp.rst:335 +#: ../../configuration/service/ids.rst:84 +msgid "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" +msgstr "A configuration example can be found in this section. In this simplified scenario, main things to be considered are:" + +#: ../../configuration/vpn/sstp.rst:508 msgid "A connection attempt will be shown as:" msgstr "A connection attempt will be shown as:" @@ -1420,7 +1586,7 @@ msgstr "A domain name is the label (name) assigned to a computer network and is msgid "A dummy interface for the provider-assigned IP;" msgstr "A dummy interface for the provider-assigned IP;" -#: ../../configuration/highavailability/index.rst:426 +#: ../../configuration/highavailability/index.rst:436 msgid "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." msgstr "A firewall mark ``fwmark`` allows using multiple ports for high-availability virtual-server. It uses fwmark value." @@ -1436,11 +1602,11 @@ msgstr "A generic `<name>` referencing this sync service." msgid "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." msgstr "A hostname is the label (name) assigned to a network device (a host) on a network and is used to distinguish one device from another on specific networks or over the internet. On the other hand this will be the name which appears on the command line prompt." -#: ../../configuration/pki/index.rst:189 +#: ../../configuration/pki/index.rst:191 msgid "A human readable description what this CA is about." msgstr "A human readable description what this CA is about." -#: ../../configuration/pki/index.rst:228 +#: ../../configuration/pki/index.rst:230 msgid "A human readable description what this certificate is about." msgstr "A human readable description what this certificate is about." @@ -1456,7 +1622,7 @@ msgstr "A managed device is a network node that implements an SNMP interface tha msgid "A match filter can contain multiple criteria and will match traffic if all those criteria are true." msgstr "A match filter can contain multiple criteria and will match traffic if all those criteria are true." -#: ../../configuration/protocols/bfd.rst:138 +#: ../../configuration/protocols/bfd.rst:145 msgid "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." msgstr "A monitored static route conditions the installation to the RIB on the BFD session running state: when BFD session is up the route is installed to RIB, but when the BFD session is down it is removed from the RIB." @@ -1476,7 +1642,7 @@ msgstr "A packet rate limit can be set for a rule to apply the rule to traffic a msgid "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." msgstr "A packet that finds a matching entry in the flowtable (flowtable hit) is transmitted to the output netdevice, hence, packets bypass the classic IP forwarding path and uses the **Fast Path** (orange circles path). The visible effect is that you do not see these packets from any of the Netfilter hooks coming after ingress. In case that there is no matching entry in the flowtable (flowtable miss), the packet follows the classic IP forwarding path." -#: ../../configuration/protocols/bgp.rst:698 +#: ../../configuration/protocols/bgp.rst:720 msgid "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." msgstr "A penalty of 1000 is assessed each time the route fails. When the penalties reach a predefined threshold (suppress-value), the router stops advertising the route." @@ -1488,7 +1654,7 @@ msgstr "A physical interface is required to connect this MACsec instance to. Tra msgid "A pool of addresses can be defined by using a hyphen between two IP addresses:" msgstr "A pool of addresses can be defined by using a hyphen between two IP addresses:" -#: ../../configuration/firewall/ipv4.rst:485 +#: ../../configuration/firewall/ipv4.rst:508 #: ../../configuration/firewall/ipv6.rst:491 msgid "A port can be set with a port number or a name which is here defined: ``/etc/services``." msgstr "A port can be set with a port number or a name which is here defined: ``/etc/services``." @@ -1526,11 +1692,11 @@ msgstr "A segment ID that contains an IP address prefix calculated by an IGP in msgid "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." msgstr "A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up." -#: ../../configuration/service/dhcp-server.rst:589 +#: ../../configuration/service/dhcp-server.rst:595 msgid "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" msgstr "A shared network named ``NET1`` serves subnet ``2001:db8::/64``" -#: ../../configuration/protocols/bgp.rst:1146 +#: ../../configuration/protocols/bgp.rst:1168 msgid "A simple BGP configuration via IPv6." msgstr "A simple BGP configuration via IPv6." @@ -1538,7 +1704,7 @@ msgstr "A simple BGP configuration via IPv6." msgid "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." msgstr "A simple Random Early Detection (RED) policy would start randomly dropping packets from a queue before it reaches its queue limit thus avoiding congestion. That is good for TCP connections as the gradual dropping of packets acts as a signal for the sender to decrease its transmission rate." -#: ../../configuration/protocols/bgp.rst:1101 +#: ../../configuration/protocols/bgp.rst:1123 msgid "A simple eBGP configuration:" msgstr "A simple eBGP configuration:" @@ -1602,7 +1768,7 @@ msgstr "A very small buffer will soon start dropping packets." msgid "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." msgstr "A zone must be configured before an interface is assigned to it and an interface can be assigned to only a single zone." -#: ../../configuration/service/dns.rst:397 +#: ../../configuration/service/dns.rst:411 msgid "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." msgstr "Above, command syntax isn noted to configure dynamic dns on a specific interface. It is possible to overlook the additional address option, web, when completeing those commands. ddclient_ has another way to determine the WAN IP address, using a web-based url to determine the external IP. Each of the commands above will need to be modified to use 'web' as the 'interface' specified if this functionality is to be utilized." @@ -1622,6 +1788,21 @@ msgstr "Accept SSH connections for the given `<device>` on TCP port `<port>`. Af msgid "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." msgstr "Accept only certain protocols: You may want to replicate the state of flows depending on their layer 4 protocol." +#: ../../configuration/service/pppoe-server.rst:384 +#: ../../configuration/vpn/l2tp.rst:328 +#: ../../configuration/vpn/pptp.rst:252 +#: ../../configuration/vpn/sstp.rst:286 +msgid "Accept peer interface identifier. By default is not defined." +msgstr "Accept peer interface identifier. By default is not defined." + +#: ../../configuration/service/ipoe-server.rst:364 +#: ../../configuration/service/pppoe-server.rst:530 +#: ../../configuration/vpn/l2tp.rst:484 +#: ../../configuration/vpn/pptp.rst:408 +#: ../../configuration/vpn/sstp.rst:442 +msgid "Acceptable rate of connections (e.g. 1/min, 60/sec)" +msgstr "Acceptable rate of connections (e.g. 1/min, 60/sec)" + #: ../../configuration/policy/access-list.rst:3 msgid "Access List Policy" msgstr "Access List Policy" @@ -1665,7 +1846,7 @@ msgstr "Add Power Constraint element to Beacon and Probe Response frames." msgid "Add a forwarding rule matching UDP port on your internet router." msgstr "Add a forwarding rule matching UDP port on your internet router." -#: ../../configuration/container/index.rst:113 +#: ../../configuration/container/index.rst:118 msgid "Add a host device to the container." msgstr "Add a host device to the container." @@ -1693,11 +1874,11 @@ msgstr "Add new port to SSL-ports acl. Ports included by default in SSL-ports ac msgid "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" msgstr "Add new port to Safe-ports acl. Ports included by default in Safe-ports acl: 21, 70, 80, 210, 280, 443, 488, 591, 777, 873, 1025-65535" -#: ../../configuration/policy/route-map.rst:221 +#: ../../configuration/policy/route-map.rst:224 msgid "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" msgstr "Add or replace BGP community attribute in format ``<0-65535:0-65535>`` or from well-known community list" -#: ../../configuration/policy/route-map.rst:236 +#: ../../configuration/policy/route-map.rst:239 msgid "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0-4294967295:0-4294967295>``" @@ -1705,11 +1886,11 @@ msgstr "Add or replace BGP large-community attribute in format ``<0-4294967295:0 msgid "Add policy route matching VLAN source addresses" msgstr "Add policy route matching VLAN source addresses" -#: ../../configuration/pki/index.rst:217 +#: ../../configuration/pki/index.rst:219 msgid "Add public key portion for the certificate named `name` to the VyOS CLI." msgstr "Add public key portion for the certificate named `name` to the VyOS CLI." -#: ../../configuration/pki/index.rst:193 +#: ../../configuration/pki/index.rst:195 msgid "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." msgstr "Add the CAs private key to the VyOS CLI. This should never leave the system, and is only required if you use VyOS as your certificate generator as mentioned above." @@ -1717,11 +1898,11 @@ msgstr "Add the CAs private key to the VyOS CLI. This should never leave the sys msgid "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." msgstr "Add the commands from Snippet in the Windows side via PowerShell. Also import the root CA cert to the Windows “Trusted Root Certification Authorities†and establish the connection." -#: ../../configuration/pki/index.rst:232 +#: ../../configuration/pki/index.rst:234 msgid "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." msgstr "Add the private key portion of this certificate to the CLI. This should never leave the system as it is used to decrypt the data." -#: ../../configuration/pki/index.rst:174 +#: ../../configuration/pki/index.rst:176 msgid "Add the public CA certificate for the CA named `name` to the VyOS CLI." msgstr "Add the public CA certificate for the CA named `name` to the VyOS CLI." @@ -1765,11 +1946,11 @@ msgstr "Address Families" msgid "Address Groups" msgstr "Address Groups" -#: ../../configuration/service/dhcp-server.rst:592 +#: ../../configuration/service/dhcp-server.rst:598 msgid "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." msgstr "Address pool shall be ``2001:db8::100`` through ``2001:db8::199``." -#: ../../configuration/service/dhcp-server.rst:582 +#: ../../configuration/service/dhcp-server.rst:588 msgid "Address pools" msgstr "Address pools" @@ -1777,14 +1958,30 @@ msgstr "Address pools" msgid "Address to listen for HTTPS requests" msgstr "Address to listen for HTTPS requests" -#: ../../configuration/container/index.rst:136 +#: ../../configuration/container/index.rst:160 +msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." +msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, VyOS will use docker.io and quay.io as the container registry." + +#: ../../configuration/container/index.rst:141 msgid "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." msgstr "Adds registry to list of unqualified-search-registries. By default, for any image that does not include the registry in the image name, Vyos will use docker.io as the container registry." -#: ../../configuration/protocols/bgp.rst:647 +#: ../../configuration/protocols/bgp.rst:669 msgid "Administrative Distance" msgstr "Administrative Distance" +#: ../../configuration/service/ipoe-server.rst:335 +msgid "Advanced Interface Options" +msgstr "Advanced Interface Options" + +#: ../../configuration/service/ipoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:425 +#: ../../configuration/vpn/l2tp.rst:369 +#: ../../configuration/vpn/pptp.rst:293 +#: ../../configuration/vpn/sstp.rst:327 +msgid "Advanced Options" +msgstr "Advanced Options" + #: ../../configuration/nat/nat44.rst:301 msgid "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." msgstr "Advanced configuration can be used in order to apply source or destination NAT, and within a single rule, be able to define multiple translated addresses, so NAT balances the translations among them." @@ -1797,7 +1994,11 @@ msgstr "Advantages of OpenVPN are:" msgid "Advertise DNS server per https://tools.ietf.org/html/rfc6106" msgstr "Advertise DNS server per https://tools.ietf.org/html/rfc6106" -#: ../../configuration/service/router-advert.rst:53 +#: ../../configuration/service/router-advert.rst:78 +msgid "Advertising a NAT64 Prefix" +msgstr "Advertising a NAT64 Prefix" + +#: ../../configuration/service/router-advert.rst:54 msgid "Advertising a Prefix" msgstr "Advertising a Prefix" @@ -1805,7 +2006,7 @@ msgstr "Advertising a Prefix" msgid "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" msgstr "After commit the plaintext passwords will be hashed and stored in your configuration. The resulting CLI config will look like:" -#: ../../configuration/vrf/index.rst:325 +#: ../../configuration/vrf/index.rst:344 msgid "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." msgstr "After committing the configuration we can verify all leaked routes are installed, and try to ICMP ping PC1 from PC3." @@ -1813,10 +2014,18 @@ msgstr "After committing the configuration we can verify all leaked routes are i msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this example are validated to work on Windows 10." -#: ../../configuration/pki/index.rst:212 +#: ../../configuration/vpn/ipsec.rst:418 +msgid "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." +msgstr "After the PKI certs are all set up we can start configuring our IPSec/IKE proposals used for key-exchange end data encryption. The used encryption ciphers and integrity algorithms vary from operating system to operating system. The ones used in this post are validated to work on both Windows 10 and iOS/iPadOS 14 to 17." + +#: ../../configuration/pki/index.rst:214 msgid "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." msgstr "After we have imported the CA certificate(s) we can now import and add certificates used by services on this router." +#: ../../configuration/vpn/ipsec.rst:399 +msgid "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." +msgstr "After you obtained your server certificate you can import it from a file on the local filesystem, or paste it into the CLI. Please note that when entering the certificate manually you need to strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate or key needs to be presented in a single line without line breaks (``\\n``)." + #: ../../configuration/service/snmp.rst:39 msgid "Agent - software which runs on managed devices" msgstr "Agent - software which runs on managed devices" @@ -1825,7 +2034,7 @@ msgstr "Agent - software which runs on managed devices" msgid "Alert" msgstr "Alert" -#: ../../configuration/highavailability/index.rst:346 +#: ../../configuration/highavailability/index.rst:356 msgid "Algorithm" msgstr "Algorithm" @@ -1833,7 +2042,7 @@ msgstr "Algorithm" msgid "Aliases" msgstr "Aliases" -#: ../../configuration/service/dns.rst:167 +#: ../../configuration/service/dns.rst:154 msgid "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" msgstr "All DNS requests for example.com must be forwarded to a DNS server at 192.0.2.254 and 2001:db8:cafe::1" @@ -1861,7 +2070,7 @@ msgstr "All interfaces used for the DHCP relay must be configured. This includes msgid "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." msgstr "All items in a sync group should be similarly configured. If one VRRP group is set to a different preemption delay or priority, it would result in an endless transition loop." -#: ../../configuration/service/dns.rst:169 +#: ../../configuration/service/dns.rst:156 msgid "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" msgstr "All other DNS requests will be forwarded to a different set of DNS servers at 192.0.2.1, 192.0.2.2, 2001:db8::1:ffff and 2001:db8::2:ffff" @@ -1897,7 +2106,11 @@ msgstr "All traffic to and from an interface within a zone is permitted." msgid "All tunnel sessions can be checked via:" msgstr "All tunnel sessions can be checked via:" -#: ../../configuration/vpn/l2tp.rst:209 +#: ../../configuration/service/ipoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:193 +#: ../../configuration/vpn/l2tp.rst:236 +#: ../../configuration/vpn/pptp.rst:176 +#: ../../configuration/vpn/sstp.rst:209 msgid "Allocation clients ip addresses by RADIUS" msgstr "Allocation clients ip addresses by RADIUS" @@ -1913,7 +2126,7 @@ msgstr "Allow access to sites in a domain without retrieving them from the Proxy msgid "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." msgstr "Allow bgp to negotiate the extended-nexthop capability with it’s peer. If you are peering over a IPv6 Link-Local address then this capability is turned on automatically. If you are peering over a IPv6 Global Address then turning on this command will allow BGP to install IPv4 routes with IPv6 nexthops if you do not have IPv4 configured on interfaces." -#: ../../configuration/service/dns.rst:359 +#: ../../configuration/service/dns.rst:362 msgid "Allow explicit IPv6 address for the interface." msgstr "Allow explicit IPv6 address for the interface." @@ -1933,7 +2146,7 @@ msgstr "Allow this BFD peer to not be directly connected" msgid "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." msgstr "Allowed values fpr TCP flags: ``SYN``, ``ACK``, ``FIN``, ``RST``, ``URG``, ``PSH``, ``ALL`` When specifying more than one flag, flags should be comma separated. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:812 +#: ../../configuration/firewall/ipv4.rst:835 #: ../../configuration/firewall/ipv6.rst:821 #: ../../configuration/system/conntrack.rst:199 msgid "Allowed values fpr TCP flags: ``ack``, ``cwr``, ``ecn``, ``fin``, ``psh``, ``rst``, ``syn`` and ``urg``. Multiple values are supported, and for inverted selection use ``not``, as shown in the example." @@ -1947,11 +2160,11 @@ msgstr "Allows specific VLAN IDs to pass through the bridge member interface. Th msgid "Allows to define URL path matching rules for a specific service." msgstr "Allows to define URL path matching rules for a specific service." -#: ../../configuration/protocols/static.rst:69 +#: ../../configuration/protocols/static.rst:92 msgid "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv4 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." -#: ../../configuration/protocols/static.rst:89 +#: ../../configuration/protocols/static.rst:112 msgid "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." msgstr "Allows you to configure the next-hop interface for an interface-based IPv6 static route. `<interface>` will be the next-hop interface where traffic is routed for the given `<subnet>`." @@ -1977,11 +2190,11 @@ msgstr "Also, for those who haven't updated to newer version, legacy documentati msgid "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." msgstr "Also, in :ref:`destination-nat`, redirection to localhost is supported. The redirect statement is a special form of dnat which always translates the destination address to the local host’s one." -#: ../../configuration/protocols/static.rst:138 +#: ../../configuration/protocols/static.rst:171 msgid "Alternate Routing Tables" msgstr "Alternate Routing Tables" -#: ../../configuration/protocols/static.rst:142 +#: ../../configuration/protocols/static.rst:175 msgid "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." msgstr "Alternate routing tables are used with policy based routing by utilizing :ref:`vrf`." @@ -2037,7 +2250,7 @@ msgstr "An agent is a network-management software module that resides on a manag msgid "An alternate command could be \"mpls-te on\" (Traffic Engineering)" msgstr "An alternate command could be \"mpls-te on\" (Traffic Engineering)" -#: ../../configuration/firewall/ipv4.rst:373 +#: ../../configuration/firewall/ipv4.rst:396 msgid "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." msgstr "An arbitrary netmask can be applied to mask addresses to only match against a specific portion." @@ -2062,7 +2275,7 @@ msgstr "An basic introduction to zone-based firewalls can be found `here <https: #: ../../configuration/interfaces/tunnel.rst:71 #: ../../configuration/interfaces/tunnel.rst:93 #: ../../configuration/interfaces/tunnel.rst:194 -#: ../../configuration/system/login.rst:195 +#: ../../configuration/system/login.rst:199 msgid "An example:" msgstr "An example:" @@ -2074,7 +2287,7 @@ msgstr "An example of a configuration that sends ``telegraf`` metrics to remote msgid "An example of creating a VLAN-aware bridge is as follows:" msgstr "An example of creating a VLAN-aware bridge is as follows:" -#: ../../configuration/system/login.rst:149 +#: ../../configuration/system/login.rst:153 msgid "An example of key generation:" msgstr "An example of key generation:" @@ -2102,6 +2315,10 @@ msgstr "And base chain for traffic generated by the router is ``set firewall ipv msgid "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" msgstr "And base chain for traffic generated by the router is ``set firewall ipv6 output filter ...``" +#: ../../configuration/service/ids.rst:138 +msgid "And content of the script:" +msgstr "And content of the script:" + #: ../../configuration/policy/route.rst:76 msgid "And for ipv6:" msgstr "And for ipv6:" @@ -2114,7 +2331,7 @@ msgstr "And next, some configuration example where groups are used:" msgid "And op-mode commands:" msgstr "And op-mode commands:" -#: ../../configuration/system/ip.rst:84 +#: ../../configuration/system/ip.rst:97 msgid "And the different IPv4 **reset** commands available:" msgstr "And the different IPv4 **reset** commands available:" @@ -2131,6 +2348,10 @@ msgstr "Another term often used for DNAT is **1-to-1 NAT**. For a 1-to-1 NAT con msgid "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." msgstr "Another thing to keep in mind with LDP is that much like BGP, it is a protocol that runs on top of TCP. It however does not have an ability to do something like a refresh capability like BGPs route refresh capability. Therefore one might have to reset the neighbor for a capability change or a configuration change to work." +#: ../../configuration/vpn/ipsec.rst:549 +msgid "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Apple iOS/iPadOS expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/vrf/index.rst:52 #: ../../configuration/vrf/index.rst:62 msgid "Apply a route-map filter to routes for the specified protocol." @@ -2221,11 +2442,15 @@ msgstr "As a result, the processing of each packet becomes more efficient, poten msgid "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." msgstr "As an alternative to applying policy to an interface directly, a zone-based firewall can be created to simplify configuration when multiple interfaces belong to the same security zone. Instead of applying rule-sets to interfaces, they are applied to source zone-destination zone pairs." +#: ../../configuration/vpn/ipsec.rst:523 +msgid "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." +msgstr "As both Microsoft Windows and Apple iOS/iPadOS only support a certain set of encryption ciphers and integrity algorithms we will validate the configured IKE/ESP proposals and only list the compatible ones to the user — if multiple are defined. If there are no matching proposals found — we can not generate a profile for you." + #: ../../configuration/firewall/flowtables.rst:109 msgid "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." msgstr "As described, first packet will be evaluated by all the firewall path, so desired connection should be explicitely accepted. Same thing should be taken into account for traffic in reverse order. In most cases state policies are used in order to accept connection in reverse patch." -#: ../../configuration/system/option.rst:80 +#: ../../configuration/system/option.rst:110 msgid "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." msgstr "As more and more routers run on Hypervisors, expecially with a :abbr:`NOS (Network Operating System)` as VyOS, it makes fewer and fewer sense to use static resource bindings like ``smp-affinity`` as present in VyOS 1.2 and earlier to pin certain interrupt handlers to specific CPUs." @@ -2265,7 +2490,7 @@ msgstr "As the example image below shows, the device was configured with rules b msgid "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." msgstr "As the name implies, it's IPv4 encapsulated in IPv6, as simple as that." -#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/l2tp.rst:86 msgid "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" msgstr "As well as the below to allow NAT-traversal (when NAT is detected by the VPN client, ESP is encapsulated in UDP for NAT-traversal):" @@ -2301,7 +2526,7 @@ msgstr "Assign `<member>` interface to bridge `<interface>`. A completion helper msgid "Assign a specific backend to a rule" msgstr "Assign a specific backend to a rule" -#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:98 msgid "Assign interface identified by `<interface>` to VRF named `<name>`." msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." @@ -2309,7 +2534,10 @@ msgstr "Assign interface identified by `<interface>` to VRF named `<name>`." msgid "Assign member interfaces to PortChannel" msgstr "Assign member interfaces to PortChannel" -#: ../../configuration/vpn/sstp.rst:80 +#: ../../configuration/service/pppoe-server.rst:437 +#: ../../configuration/vpn/l2tp.rst:381 +#: ../../configuration/vpn/pptp.rst:305 +#: ../../configuration/vpn/sstp.rst:339 msgid "Assign static IP address to `<user>` account." msgstr "Assign static IP address to `<user>` account." @@ -2317,7 +2545,7 @@ msgstr "Assign static IP address to `<user>` account." msgid "Assign the IP address to this machine for `<time>` seconds." msgstr "Assign the IP address to this machine for `<time>` seconds." -#: ../../configuration/system/login.rst:62 +#: ../../configuration/system/login.rst:66 msgid "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." msgstr "Assign the SSH public key portion `<key>` identified by per-key `<identifier>` to the local user `<username>`." @@ -2401,6 +2629,14 @@ msgstr "Attaches user-defined network to a container. Only one network must be s msgid "Authentication" msgstr "Authentication" +#: ../../configuration/service/ipoe-server.rst:310 +#: ../../configuration/service/pppoe-server.rst:428 +#: ../../configuration/vpn/l2tp.rst:372 +#: ../../configuration/vpn/pptp.rst:296 +#: ../../configuration/vpn/sstp.rst:330 +msgid "Authentication Advanced Options" +msgstr "Authentication Advanced Options" + #: ../../configuration/interfaces/ethernet.rst:99 msgid "Authentication (EAPoL)" msgstr "Authentication (EAPoL)" @@ -2437,11 +2673,11 @@ msgstr "Authentication – to verify that the message is from a valid source." msgid "Authorization token" msgstr "Authorization token" -#: ../../configuration/service/pppoe-server.rst:159 +#: ../../configuration/service/pppoe-server.rst:228 msgid "Automatic VLAN Creation" msgstr "Automatic VLAN Creation" -#: ../../configuration/service/ipoe-server.rst:96 +#: ../../configuration/service/ipoe-server.rst:97 msgid "Automatic VLAN creation" msgstr "Automatic VLAN creation" @@ -2469,7 +2705,7 @@ msgstr "Azure-data-explorer" msgid "BFD" msgstr "BFD" -#: ../../configuration/protocols/bfd.rst:136 +#: ../../configuration/protocols/bfd.rst:143 msgid "BFD Static Route Monitoring" msgstr "BFD Static Route Monitoring" @@ -2505,7 +2741,7 @@ msgstr "BGP Example" msgid "BGP Router Configuration" msgstr "BGP Router Configuration" -#: ../../configuration/protocols/bgp.rst:888 +#: ../../configuration/protocols/bgp.rst:910 msgid "BGP Scaling Configuration" msgstr "BGP Scaling Configuration" @@ -2517,7 +2753,7 @@ msgstr "BGP aggregator attribute: AS number or IP address of an aggregation." msgid "BGP as-path list to match." msgstr "BGP as-path list to match." -#: ../../configuration/policy/route-map.rst:216 +#: ../../configuration/policy/route-map.rst:219 msgid "BGP atomic aggregate attribute." msgstr "BGP atomic aggregate attribute." @@ -2533,11 +2769,11 @@ msgstr "BGP extended community to match." msgid "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" msgstr "BGP roles are defined in RFC :rfc:`9234` and provide an easy way to add route leak prevention, detection and mitigation. The local Role value is negotiated with the new BGP Role capability which has a built-in check of the corresponding value. In case of a mismatch the new OPEN Roles Mismatch Notification <2, 11> would be sent. The correct Role pairs are:" -#: ../../configuration/protocols/bgp.rst:890 +#: ../../configuration/protocols/bgp.rst:912 msgid "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." msgstr "BGP routers connected inside the same AS through BGP belong to an internal BGP session, or IBGP. In order to prevent routing table loops, IBGP speaker does not advertise IBGP-learned routes to other IBGP speaker (Split Horizon mechanism). As such, IBGP requires a full mesh of all peers. For large networks, this quickly becomes unscalable." -#: ../../configuration/vrf/index.rst:413 +#: ../../configuration/vrf/index.rst:432 msgid "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." msgstr "BGP routes may be leaked (i.e. copied) between a unicast VRF RIB and the VPN SAFI RIB of the default VRF for use in MPLS-based L3VPNs. Unicast routes may also be leaked between any VRFs (including the unicast RIB of the default BGP instance). A shortcut syntax is also available for specifying leaking from one VRF to another VRF using the default instance’s VPN RIB as the intemediary . A common application of the VRF-VRF feature is to connect a customer’s private routing domain to a provider’s VPN service. Leaking is configured from the point of view of an individual VRF: import refers to routes leaked from VPN to a unicast VRF, whereas export refers to routes leaked from a unicast VRF to VPN." @@ -2569,18 +2805,16 @@ msgstr "Balancing Rules" msgid "Balancing based on domain name" msgstr "Balancing based on domain name" -#: ../../configuration/service/ipoe-server.rst:122 -#: ../../configuration/service/pppoe-server.rst:182 -#: ../../configuration/vpn/l2tp.rst:113 +#: ../../configuration/service/pppoe-server.rst:251 msgid "Bandwidth Shaping" msgstr "Bandwidth Shaping" -#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/ipoe-server.rst:129 #: ../../configuration/vpn/l2tp.rst:118 msgid "Bandwidth Shaping for local users" msgstr "Bandwidth Shaping for local users" -#: ../../configuration/service/pppoe-server.rst:184 +#: ../../configuration/service/pppoe-server.rst:253 msgid "Bandwidth rate limits can be set for local users or RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or RADIUS based attributes." @@ -2588,7 +2822,7 @@ msgstr "Bandwidth rate limits can be set for local users or RADIUS based attribu msgid "Bandwidth rate limits can be set for local users or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users or via RADIUS based attributes." -#: ../../configuration/service/ipoe-server.rst:124 +#: ../../configuration/service/ipoe-server.rst:125 msgid "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." msgstr "Bandwidth rate limits can be set for local users within the configuration or via RADIUS based attributes." @@ -2648,7 +2882,7 @@ msgstr "Before enabling any hardware segmentation offload a corresponding softwa msgid "Before you are able to apply a rule-set to a zone you have to create the zones first." msgstr "Before you are able to apply a rule-set to a zone you have to create the zones first." -#: ../../configuration/vpn/site2site_ipsec.rst:422 +#: ../../configuration/vpn/site2site_ipsec.rst:425 msgid "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." msgstr "Below flow-chart could be a quick reference for the close-action combination depending on how the peer is configured." @@ -2672,6 +2906,10 @@ msgstr "Bidirectional NAT" msgid "Binary value" msgstr "Binary value" +#: ../../configuration/container/index.rst:153 +msgid "Bind container network to a given VRF instance." +msgstr "Bind container network to a given VRF instance." + #: ../../configuration/protocols/bfd.rst:39 msgid "Bind listener to specific interface/address, mandatory for IPv6" msgstr "Bind listener to specific interface/address, mandatory for IPv6" @@ -2680,7 +2918,7 @@ msgstr "Bind listener to specific interface/address, mandatory for IPv6" msgid "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." msgstr "Binds eth1.241 and vxlan241 to each other by making them both member interfaces of the same bridge." -#: ../../configuration/protocols/static.rst:108 +#: ../../configuration/protocols/static.rst:142 msgid "Blackhole" msgstr "Blackhole" @@ -2708,11 +2946,11 @@ msgstr "Bond / Link Aggregation" msgid "Bond options" msgstr "Bond options" -#: ../../configuration/service/dhcp-server.rst:306 +#: ../../configuration/service/dhcp-server.rst:312 msgid "Boot image length in 512-octet blocks" msgstr "Boot image length in 512-octet blocks" -#: ../../configuration/service/dhcp-server.rst:301 +#: ../../configuration/service/dhcp-server.rst:307 msgid "Bootstrap file name" msgstr "Bootstrap file name" @@ -2761,6 +2999,14 @@ msgstr "Bridge answers on IP address 192.0.2.1/24 and 2001:db8::ffff/64" msgid "Bridge maximum aging `<time>` in seconds (default: 20)." msgstr "Bridge maximum aging `<time>` in seconds (default: 20)." +#: ../../configuration/service/ipoe-server.rst:360 +#: ../../configuration/service/pppoe-server.rst:526 +#: ../../configuration/vpn/l2tp.rst:480 +#: ../../configuration/vpn/pptp.rst:404 +#: ../../configuration/vpn/sstp.rst:438 +msgid "Burst count" +msgstr "Burst count" + #: ../../configuration/interfaces/pppoe.rst:41 msgid "Business Users" msgstr "Business Users" @@ -2777,11 +3023,11 @@ msgstr "By default, FRR will bring up peering with minimal common capability for msgid "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." msgstr "By default, VyOS does not advertise a default route (0.0.0.0/0) even if it is in routing table. When you want to announce default routes to the peer, use this command. Using optional argument :cfgcmd:`route-map` you can inject the default route to given neighbor only if the conditions in the route map are met." -#: ../../configuration/system/login.rst:126 +#: ../../configuration/system/login.rst:130 msgid "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." msgstr "By default, a new token is generated every 30 seconds by the mobile application. In order to compensate for possible time-skew between the client and the server, an extra token before and after the current time is allowed. This allows for a time skew of up to 30 seconds between authentication server and client." -#: ../../configuration/service/dns.rst:393 +#: ../../configuration/service/dns.rst:401 msgid "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." msgstr "By default, ddclient_ will update a dynamic dns record using the IP address directly attached to the interface. If your VyOS instance is behind NAT, your record will be updated to point to your internal IP." @@ -2794,6 +3040,10 @@ msgstr "By default, enabling RPKI does not change best path selection. In partic msgid "By default, it supports both planned and unplanned outages." msgstr "By default, it supports both planned and unplanned outages." +#: ../../configuration/protocols/bgp.rst:661 +msgid "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." +msgstr "By default, locally advertised prefixes use the implicit-null label to encode in the outgoing NLRI." + #: ../../configuration/service/https.rst:45 msgid "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." msgstr "By default, nginx exposes the local API on all virtual servers. Use this to restrict nginx to one or more virtual hosts." @@ -2839,7 +3089,7 @@ msgstr "By using Pseudo-Ethernet interfaces there will be less system overhead c msgid "Bypassing the webproxy" msgstr "Bypassing the webproxy" -#: ../../configuration/pki/index.rst:170 +#: ../../configuration/pki/index.rst:172 msgid "CA (Certificate Authority)" msgstr "CA (Certificate Authority)" @@ -2860,20 +3110,20 @@ msgstr "Capability Negotiation" msgid "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." msgstr "Certain vendors use broadcasts to identify their equipment within one ethernet segment. Unfortunately if you split your network with multiple VLANs you loose the ability of identifying your equipment." -#: ../../configuration/pki/index.rst:33 +#: ../../configuration/pki/index.rst:35 msgid "Certificate Authority (CA)" msgstr "Certificate Authority (CA)" -#: ../../configuration/pki/index.rst:185 +#: ../../configuration/pki/index.rst:187 msgid "Certificate revocation list in PEM format." msgstr "Certificate revocation list in PEM format." -#: ../../configuration/pki/index.rst:63 +#: ../../configuration/pki/index.rst:65 #: ../../configuration/vpn/sstp.rst:27 msgid "Certificates" msgstr "Certificates" -#: ../../configuration/system/option.rst:66 +#: ../../configuration/system/option.rst:96 msgid "Change system keyboard layout to given language." msgstr "Change system keyboard layout to given language." @@ -2889,7 +3139,7 @@ msgstr "Changes in BGP policies require the BGP session to be cleared. Clearing msgid "Changes to the NAT system only affect newly established connections. Already established connections are not affected." msgstr "Changes to the NAT system only affect newly established connections. Already established connections are not affected." -#: ../../configuration/system/option.rst:70 +#: ../../configuration/system/option.rst:100 msgid "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." msgstr "Changing the keymap only has an effect on the system console, using SSH or Serial remote access to the device is not affected as the keyboard layout here corresponds to your access system." @@ -2909,11 +3159,11 @@ msgstr "Check if the Intel® QAT device is up and ready to do the job." msgid "Check status" msgstr "Check status" -#: ../../configuration/system/ipv6.rst:64 +#: ../../configuration/system/ipv6.rst:77 msgid "Check the many parameters available for the `show ipv6 route` command:" msgstr "Check the many parameters available for the `show ipv6 route` command:" -#: ../../configuration/service/pppoe-server.rst:307 +#: ../../configuration/service/pppoe-server.rst:315 msgid "Checking connections" msgstr "Checking connections" @@ -2945,11 +3195,11 @@ msgstr "Class treatment" msgid "Classes" msgstr "Classes" -#: ../../configuration/service/dhcp-server.rst:326 +#: ../../configuration/service/dhcp-server.rst:332 msgid "Classless static route" msgstr "Classless static route" -#: ../../configuration/policy/route-map.rst:269 +#: ../../configuration/policy/route-map.rst:272 msgid "Clear all BGP extcommunities." msgstr "Clear all BGP extcommunities." @@ -2973,7 +3223,15 @@ msgstr "Client Authentication" msgid "Client Configuration" msgstr "Client Configuration" -#: ../../configuration/vpn/sstp.rst:289 +#: ../../configuration/service/ipoe-server.rst:328 +#: ../../configuration/service/pppoe-server.rst:446 +#: ../../configuration/vpn/l2tp.rst:400 +#: ../../configuration/vpn/pptp.rst:324 +#: ../../configuration/vpn/sstp.rst:358 +msgid "Client IP Pool Advanced Options" +msgstr "Client IP Pool Advanced Options" + +#: ../../configuration/vpn/sstp.rst:358 msgid "Client IP addresses will be provided from pool `192.0.2.0/25`" msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" @@ -2981,15 +3239,15 @@ msgstr "Client IP addresses will be provided from pool `192.0.2.0/25`" msgid "Client Side" msgstr "Client Side" -#: ../../configuration/service/ipoe-server.rst:184 +#: ../../configuration/service/ipoe-server.rst:186 msgid "Client configuration" msgstr "Client configuration" -#: ../../configuration/service/dhcp-server.rst:266 +#: ../../configuration/service/dhcp-server.rst:272 msgid "Client domain name" msgstr "Client domain name" -#: ../../configuration/service/dhcp-server.rst:321 +#: ../../configuration/service/dhcp-server.rst:327 msgid "Client domain search" msgstr "Client domain search" @@ -3001,7 +3259,7 @@ msgstr "Client isolation can be used to prevent low-level bridging of frames bet msgid "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" msgstr "Clients are identified by the CN field of their x.509 certificates, in this example the CN is ``client0``:" -#: ../../configuration/service/dhcp-server.rst:514 +#: ../../configuration/service/dhcp-server.rst:520 msgid "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." msgstr "Clients receiving advertise messages from multiple servers choose the server with the highest preference value. The range for this value is ``0...255``." @@ -3019,11 +3277,11 @@ msgstr "Command completion can be used to list available time zones. The adjustm msgid "Command for disabling a rule but keep it in the configuration." msgstr "Command for disabling a rule but keep it in the configuration." -#: ../../configuration/vrf/index.rst:128 +#: ../../configuration/vrf/index.rst:147 msgid "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." msgstr "Command should probably be extended to list also the real interfaces assigned to this one VRF to get a better overview." -#: ../../configuration/firewall/ipv4.rst:1179 +#: ../../configuration/firewall/ipv4.rst:1202 #: ../../configuration/firewall/ipv6.rst:1195 msgid "Command used to update GeoIP database and firewall sets." msgstr "Command used to update GeoIP database and firewall sets." @@ -3032,7 +3290,7 @@ msgstr "Command used to update GeoIP database and firewall sets." msgid "Commands" msgstr "Commands" -#: ../../configuration/service/dhcp-server.rst:379 +#: ../../configuration/service/dhcp-server.rst:385 msgid "Common configuration, valid for both primary and secondary node." msgstr "Common configuration, valid for both primary and secondary node." @@ -3059,7 +3317,7 @@ msgstr "Common interface configuration" msgid "Common parameters" msgstr "Common parameters" -#: ../../configuration/protocols/bgp.rst:927 +#: ../../configuration/protocols/bgp.rst:949 msgid "Confederation Configuration" msgstr "Confederation Configuration" @@ -3098,7 +3356,7 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/policy/local-route.rst:9 #: ../../configuration/policy/prefix-list.rst:16 #: ../../configuration/policy/route-map.rst:10 -#: ../../configuration/protocols/bfd.rst:143 +#: ../../configuration/protocols/bfd.rst:150 #: ../../configuration/protocols/bgp.rst:164 #: ../../configuration/protocols/igmp-proxy.rst:14 #: ../../configuration/protocols/isis.rst:28 @@ -3111,15 +3369,15 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/service/dhcp-relay.rst:19 #: ../../configuration/service/dhcp-relay.rst:137 #: ../../configuration/service/dhcp-server.rst:22 -#: ../../configuration/service/dhcp-server.rst:510 +#: ../../configuration/service/dhcp-server.rst:516 #: ../../configuration/service/dns.rst:8 -#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:214 #: ../../configuration/service/https.rst:14 -#: ../../configuration/service/ipoe-server.rst:28 +#: ../../configuration/service/ids.rst:20 #: ../../configuration/service/lldp.rst:36 #: ../../configuration/service/mdns.rst:19 #: ../../configuration/service/ntp.rst:40 -#: ../../configuration/service/pppoe-server.rst:17 +#: ../../configuration/service/router-advert.rst:28 #: ../../configuration/service/salt-minion.rst:25 #: ../../configuration/service/ssh.rst:36 #: ../../configuration/service/tftp-server.rst:14 @@ -3127,18 +3385,18 @@ msgstr "Confidentiality – Encryption of packets to prevent snooping by an unau #: ../../configuration/system/default-route.rst:12 #: ../../configuration/system/flow-accounting.rst:43 #: ../../configuration/system/lcd.rst:17 -#: ../../configuration/system/login.rst:241 -#: ../../configuration/system/login.rst:310 +#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:314 #: ../../configuration/system/sflow.rst:12 #: ../../configuration/system/updates.rst:8 #: ../../configuration/vpn/dmvpn.rst:38 #: ../../configuration/vpn/dmvpn.rst:182 #: ../../configuration/vpn/openconnect.rst:21 -#: ../../configuration/vpn/sstp.rst:65 +#: ../../configuration/vpn/sstp.rst:40 #: ../../configuration/vrf/index.rst:16 -#: ../../configuration/vrf/index.rst:253 -#: ../../configuration/vrf/index.rst:288 -#: ../../configuration/vrf/index.rst:436 +#: ../../configuration/vrf/index.rst:272 +#: ../../configuration/vrf/index.rst:307 +#: ../../configuration/vrf/index.rst:455 msgid "Configuration" msgstr "Configuration" @@ -3148,8 +3406,8 @@ msgstr "Configuration" #: ../../configuration/protocols/pim6.rst:78 #: ../../configuration/protocols/rip.rst:239 #: ../../configuration/protocols/segment-routing.rst:187 -#: ../../configuration/system/login.rst:279 -#: ../../configuration/system/login.rst:350 +#: ../../configuration/system/login.rst:283 +#: ../../configuration/system/login.rst:354 msgid "Configuration Example" msgstr "Configuration Example" @@ -3171,7 +3429,7 @@ msgstr "Configuration Options" msgid "Configuration commands covered in this section:" msgstr "Configuration commands covered in this section:" -#: ../../configuration/vpn/ipsec.rst:284 +#: ../../configuration/vpn/ipsec.rst:288 msgid "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" msgstr "Configuration commands for the private and public key will be displayed on the screen which needs to be set on the router first. Note the command with the public key (set pki key-pair ipsec-LEFT public key 'MIIBIjANBgkqh...'). Then do the same on the opposite router:" @@ -3183,7 +3441,7 @@ msgstr "Configuration commands will display. Note the command with the public ke msgid "Configuration example:" msgstr "Configuration example:" -#: ../../configuration/vrf/index.rst:430 +#: ../../configuration/vrf/index.rst:449 msgid "Configuration for these exported routes must, at a minimum, specify these two parameters." msgstr "Configuration for these exported routes must, at a minimum, specify these two parameters." @@ -3191,15 +3449,15 @@ msgstr "Configuration for these exported routes must, at a minimum, specify thes msgid "Configuration of :ref:`routing-static`" msgstr "Configuration of :ref:`routing-static`" -#: ../../configuration/service/dhcp-server.rst:371 +#: ../../configuration/service/dhcp-server.rst:377 msgid "Configuration of a DHCP failover pair" msgstr "Configuration of a DHCP failover pair" -#: ../../configuration/vrf/index.rst:438 +#: ../../configuration/vrf/index.rst:457 msgid "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." msgstr "Configuration of route leaking between a unicast VRF RIB and the VPN SAFI RIB of the default VRF is accomplished via commands in the context of a VRF address-family." -#: ../../configuration/protocols/static.rst:166 +#: ../../configuration/protocols/static.rst:199 #: ../../configuration/system/conntrack.rst:12 msgid "Configure" msgstr "Configure" @@ -3208,11 +3466,11 @@ msgstr "Configure" msgid "Configure BFD" msgstr "Configure BFD" -#: ../../configuration/service/dns.rst:258 +#: ../../configuration/service/dns.rst:245 msgid "Configure DNS `<record>` which should be updated. This can be set multiple times." msgstr "Configure DNS `<record>` which should be updated. This can be set multiple times." -#: ../../configuration/service/dns.rst:253 +#: ../../configuration/service/dns.rst:241 msgid "Configure DNS `<zone>` to be updated." msgstr "Configure DNS `<zone>` to be updated." @@ -3230,15 +3488,27 @@ msgstr "Configure Graceful Restart :rfc:`3623` helper support. By default, helpe msgid "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." msgstr "Configure Graceful Restart :rfc:`3623` restarting support. When enabled, the default grace period is 120 seconds." +#: ../../configuration/service/ids.rst:69 +msgid "Configure ICMP threshold parameters." +msgstr "Configure ICMP threshold parameters." + #: ../../configuration/service/dhcp-relay.rst:40 msgid "Configure IP address of the DHCP `<server>` which will handle the relayed packets." msgstr "Configure IP address of the DHCP `<server>` which will handle the relayed packets." -#: ../../configuration/vpn/sstp.rst:214 +#: ../../configuration/service/ipoe-server.rst:162 +#: ../../configuration/service/pppoe-server.rst:124 +#: ../../configuration/vpn/l2tp.rst:167 +#: ../../configuration/vpn/pptp.rst:107 +#: ../../configuration/vpn/sstp.rst:140 msgid "Configure RADIUS `<server>` and its required port for authentication requests." msgstr "Configure RADIUS `<server>` and its required port for authentication requests." -#: ../../configuration/vpn/sstp.rst:218 +#: ../../configuration/service/ipoe-server.rst:128 +#: ../../configuration/service/pppoe-server.rst:90 +#: ../../configuration/vpn/l2tp.rst:133 +#: ../../configuration/vpn/pptp.rst:73 +#: ../../configuration/vpn/sstp.rst:106 msgid "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for communicating with the RADIUS server." @@ -3246,23 +3516,39 @@ msgstr "Configure RADIUS `<server>` and its required shared `<secret>` for commu msgid "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." msgstr "Configure SNAT rule (40) to only NAT packets with a destination address of 192.0.2.1." +#: ../../configuration/service/ids.rst:74 +msgid "Configure TCP threshold parameters" +msgstr "Configure TCP threshold parameters" + +#: ../../configuration/service/ids.rst:79 +msgid "Configure UDP threshold parameters" +msgstr "Configure UDP threshold parameters" + #: ../../_include/interface-mtu.txt:4 msgid "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." msgstr "Configure :abbr:`MTU (Maximum Transmission Unit)` on given `<interface>`. It is the size (in bytes) of the largest ethernet frame sent on this link." -#: ../../configuration/system/login.rst:375 +#: ../../configuration/system/login.rst:379 msgid "Configure `<message>` which is shown after user has logged in to the system." msgstr "Configure `<message>` which is shown after user has logged in to the system." -#: ../../configuration/system/login.rst:370 +#: ../../configuration/system/login.rst:374 msgid "Configure `<message>` which is shown during SSH connect and before a user is logged in." msgstr "Configure `<message>` which is shown during SSH connect and before a user is logged in." -#: ../../configuration/service/dns.rst:341 +#: ../../configuration/service/dns.rst:346 +msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:355 msgid "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." msgstr "Configure `<password>` used when authenticating the update request for DynDNS service identified by `<service>`." -#: ../../configuration/service/dns.rst:334 +#: ../../configuration/service/dns.rst:341 +msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." +msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:348 msgid "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." msgstr "Configure `<username>` used when authenticating the update request for DynDNS service identified by `<service>`. For Namecheap, set the <domain> you wish to update." @@ -3274,13 +3560,13 @@ msgstr "Configure a URL that contains information about images." msgid "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." msgstr "Configure a sFlow agent address. It can be IPv4 or IPv6 address, but you must set the same protocol, which is used for sFlow collector addresses. By default, using router-id from BGP or OSPF protocol, or the primary IP address from the first interface." -#: ../../configuration/protocols/bfd.rst:154 -#: ../../configuration/protocols/bfd.rst:167 +#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:174 msgid "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> , use source address to indentify the peer when is multi-hop session and the gateway address as BFD peer destination address." -#: ../../configuration/protocols/bfd.rst:148 -#: ../../configuration/protocols/bfd.rst:161 +#: ../../configuration/protocols/bfd.rst:155 +#: ../../configuration/protocols/bfd.rst:168 msgid "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." msgstr "Configure a static route for <subnet> using gateway <address> and use the gateway address as BFD peer destination address." @@ -3304,6 +3590,10 @@ msgstr "Configure agent IP address associated with this interface." msgid "Configure aggregation delay timer interval." msgstr "Configure aggregation delay timer interval." +#: ../../configuration/service/ids.rst:24 +msgid "Configure alert script that will be executed when an attack is detected." +msgstr "Configure alert script that will be executed when an attack is detected." + #: ../../configuration/vpn/openconnect.rst:285 msgid "Configure an accounting server and enable accounting with:" msgstr "Configure an accounting server and enable accounting with:" @@ -3328,6 +3618,10 @@ msgstr "Configure backend `<name>` mode TCP or HTTP" msgid "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" msgstr "Configure both routers (a and b) for DHCPv6-PD via dummy interface:" +#: ../../configuration/service/ids.rst:33 +msgid "Configure direction for processing traffic." +msgstr "Configure direction for processing traffic." + #: ../../configuration/service/console-server.rst:49 msgid "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." msgstr "Configure either one or two stop bits. This defaults to one stop bits if left unconfigured." @@ -3336,6 +3630,14 @@ msgstr "Configure either one or two stop bits. This defaults to one stop bits if msgid "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." msgstr "Configure either seven or eight data bits. This defaults to eight data bits if left unconfigured." +#: ../../configuration/service/ids.rst:64 +msgid "Configure general threshold parameters." +msgstr "Configure general threshold parameters." + +#: ../../configuration/service/ids.rst:28 +msgid "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." +msgstr "Configure how long an IP (attacker) should be kept in blocked state. Default value is 1900." + #: ../../configuration/interfaces/bridge.rst:46 msgid "Configure individual bridge port `<priority>`." msgstr "Configure individual bridge port `<priority>`." @@ -3353,6 +3655,14 @@ msgstr "Configure interface-specific Host/Router behaviour. If set, the interfac msgid "Configure interface `<interface>` with one or more interface addresses." msgstr "Configure interface `<interface>` with one or more interface addresses." +#: ../../configuration/service/ids.rst:42 +msgid "Configure listen interface for mirroring traffic." +msgstr "Configure listen interface for mirroring traffic." + +#: ../../configuration/service/ids.rst:55 +msgid "Configure local IPv4 address to listen for sflow." +msgstr "Configure local IPv4 address to listen for sflow." + #: ../../configuration/service/snmp.rst:148 msgid "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" msgstr "Configure new SNMP user named \"vyos\" with password \"vyos12345678\"" @@ -3369,7 +3679,7 @@ msgstr "Configure next-hop `<address>` for an IPv4 static route. Multiple static msgid "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." msgstr "Configure next-hop `<address>` for an IPv6 static route. Multiple static routes can be created." -#: ../../configuration/system/option.rst:95 +#: ../../configuration/system/option.rst:125 msgid "Configure one of the predefined system performance profiles." msgstr "Configure one of the predefined system performance profiles." @@ -3381,7 +3691,7 @@ msgstr "Configure one or more attributes to the given NTP server." msgid "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." msgstr "Configure one or more servers for synchronisation. Server name can be either an IP address or :abbr:`FQDN (Fully Qualified Domain Name)`." -#: ../../configuration/service/dns.rst:264 +#: ../../configuration/service/dns.rst:249 msgid "Configure optional TTL value on the given resource record. This defaults to 600 seconds." msgstr "Configure optional TTL value on the given resource record. This defaults to 600 seconds." @@ -3405,6 +3715,10 @@ msgstr "Configure port mirroring for `interface` outbound traffic and copy the t msgid "Configure port number of remote VXLAN endpoint." msgstr "Configure port number of remote VXLAN endpoint." +#: ../../configuration/service/ids.rst:59 +msgid "Configure port number to be used for sflow conection. Default port is 6343." +msgstr "Configure port number to be used for sflow conection. Default port is 6343." + #: ../../configuration/system/syslog.rst:73 msgid "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." msgstr "Configure protocol used for communication to remote syslog host. This can be either UDP or TCP." @@ -3429,7 +3743,7 @@ msgstr "Configure service `<name>` mode TCP or HTTP" msgid "Configure service `<name>` to use the backend <name>" msgstr "Configure service `<name>` to use the backend <name>" -#: ../../configuration/system/login.rst:394 +#: ../../configuration/system/login.rst:398 msgid "Configure session timeout after which the user will be logged out." msgstr "Configure session timeout after which the user will be logged out." @@ -3445,7 +3759,7 @@ msgstr "Configure the A-side router for NPTv6 using the prefixes above:" msgid "Configure the B-side router for NPTv6 using the prefixes above:" msgstr "Configure the B-side router for NPTv6 using the prefixes above:" -#: ../../configuration/service/dns.rst:247 +#: ../../configuration/service/dns.rst:236 msgid "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." msgstr "Configure the DNS `<server>` IP/FQDN used when updating this dynamic assignment." @@ -3457,11 +3771,11 @@ msgstr "Configure the IPv4 or IPv6 listen address of the TFTP server. Multiple I msgid "Configure the connection tracking protocol helper modules. All modules are enable by default." msgstr "Configure the connection tracking protocol helper modules. All modules are enable by default." -#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:256 msgid "Configure the discrete port under which the RADIUS server can be reached." msgstr "Configure the discrete port under which the RADIUS server can be reached." -#: ../../configuration/system/login.rst:321 +#: ../../configuration/system/login.rst:325 msgid "Configure the discrete port under which the TACACS server can be reached." msgstr "Configure the discrete port under which the TACACS server can be reached." @@ -3469,6 +3783,10 @@ msgstr "Configure the discrete port under which the TACACS server can be reached msgid "Configure the load-balancing reverse-proxy service for HTTP." msgstr "Configure the load-balancing reverse-proxy service for HTTP." +#: ../../configuration/service/ids.rst:46 +msgid "Configure traffic capture mode." +msgstr "Configure traffic capture mode." + #: ../../_include/interface-mac.txt:4 msgid "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." msgstr "Configure user defined :abbr:`MAC (Media Access Control)` address on given `<interface>`." @@ -3489,10 +3807,54 @@ msgstr "Configured value" msgid "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." msgstr "Configures the BGP speaker so that it only accepts inbound connections from, but does not initiate outbound connections to the peer or peer group." +#: ../../configuration/service/ipoe-server.rst:27 +msgid "Configuring IPoE Server" +msgstr "Configuring IPoE Server" + +#: ../../configuration/vpn/l2tp.rst:57 +msgid "Configuring IPsec" +msgstr "Configuring IPsec" + +#: ../../configuration/vpn/l2tp.rst:12 +msgid "Configuring L2TP Server" +msgstr "Configuring L2TP Server" + +#: ../../configuration/vpn/l2tp.rst:270 +msgid "Configuring LNS (L2TP Network Server)" +msgstr "Configuring LNS (L2TP Network Server)" + +#: ../../configuration/service/pppoe-server.rst:18 +msgid "Configuring PPPoE Server" +msgstr "Configuring PPPoE Server" + +#: ../../configuration/vpn/pptp.rst:13 +msgid "Configuring PPTP Server" +msgstr "Configuring PPTP Server" + #: ../../configuration/vpn/openconnect.rst:279 msgid "Configuring RADIUS accounting" msgstr "Configuring RADIUS accounting" +#: ../../configuration/service/ipoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:76 +#: ../../configuration/vpn/l2tp.rst:119 +#: ../../configuration/vpn/pptp.rst:59 +#: ../../configuration/vpn/sstp.rst:92 +msgid "Configuring RADIUS authentication" +msgstr "Configuring RADIUS authentication" + +#: ../../configuration/vpn/sstp.rst:24 +msgid "Configuring SSTP Server" +msgstr "Configuring SSTP Server" + +#: ../../configuration/vpn/sstp.rst:476 +msgid "Configuring SSTP client" +msgstr "Configuring SSTP client" + +#: ../../configuration/vpn/ipsec.rst:494 +msgid "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." +msgstr "Configuring VyOS to act as your IPSec access concentrator is one thing, but you probably need to setup your client connecting to the server so they can talk to the IPSec gateway." + #: ../../configuration/service/tftp-server.rst:39 msgid "Configuring a listen-address is essential for the service to work." msgstr "Configuring a listen-address is essential for the service to work." @@ -3502,11 +3864,15 @@ msgstr "Configuring a listen-address is essential for the service to work." msgid "Connect/Disconnect" msgstr "Connect/Disconnect" -#: ../../configuration/vpn/sstp.rst:155 +#: ../../configuration/service/ipoe-server.rst:376 +#: ../../configuration/service/pppoe-server.rst:546 +#: ../../configuration/vpn/l2tp.rst:500 +#: ../../configuration/vpn/pptp.rst:424 +#: ../../configuration/vpn/sstp.rst:458 msgid "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." msgstr "Connected client should use `<address>` as their DNS server. This command accepts both IPv4 and IPv6 addresses. Up to two nameservers can be configured for IPv4, up to three for IPv6." -#: ../../configuration/protocols/rpki.rst:129 +#: ../../configuration/protocols/rpki.rst:143 msgid "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." msgstr "Connections to the RPKI caching server can not only be established by HTTP/TLS but you can also rely on a secure SSH session to the server. To enable SSH, first you need to create an SSH client keypair using ``generate ssh client-key /config/auth/id_rsa_rpki``. Once your key is created you can setup the connection." @@ -3542,7 +3908,7 @@ msgstr "Console" msgid "Console Server" msgstr "Console Server" -#: ../../configuration/container/index.rst:106 +#: ../../configuration/container/index.rst:111 msgid "Constrain the memory available to the container." msgstr "Constrain the memory available to the container." @@ -3550,6 +3916,14 @@ msgstr "Constrain the memory available to the container." msgid "Container" msgstr "Container" +#: ../../configuration/container/index.rst:136 +msgid "Container Networks" +msgstr "Container Networks" + +#: ../../configuration/container/index.rst:156 +msgid "Container Registry" +msgstr "Container Registry" + #: ../../configuration/system/conntrack.rst:65 msgid "Contrack Timeouts" msgstr "Contrack Timeouts" @@ -3590,7 +3964,10 @@ msgstr "Create DHCP address range with a range id of `<n>`. DHCP leases are take msgid "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" msgstr "Create DNS record per client lease, by adding clients to /etc/hosts file. Entry will have format: `<shared-network-name>_<hostname>.<domain-name>`" -#: ../../configuration/vpn/sstp.rst:70 +#: ../../configuration/service/pppoe-server.rst:49 +#: ../../configuration/vpn/l2tp.rst:36 +#: ../../configuration/vpn/pptp.rst:38 +#: ../../configuration/vpn/sstp.rst:63 msgid "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." msgstr "Create `<user>` for local authentication on this system. The users password will be set to `<pass>`." @@ -3606,6 +3983,10 @@ msgstr "Create a file named ``VyOS-1.3.6.1.4.1.44641.ConfigMgmt-Commands`` using msgid "Create a load balancing rule, it can be a number between 1 and 9999:" msgstr "Create a load balancing rule, it can be a number between 1 and 9999:" +#: ../../configuration/service/dhcp-server.rst:189 +msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." +msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its DHCP unique identifier (DUID) `<identifier>`." + #: ../../configuration/service/dhcp-server.rst:183 msgid "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." msgstr "Create a new DHCP static mapping named `<description>` which is valid for the host identified by its MAC `<address>`." @@ -3614,31 +3995,31 @@ msgstr "Create a new DHCP static mapping named `<description>` which is valid fo msgid "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." msgstr "Create a new VLAN interface on interface `<interface>` using the VLAN number provided via `<vlan-id>`." -#: ../../configuration/pki/index.rst:40 -#: ../../configuration/pki/index.rst:45 +#: ../../configuration/pki/index.rst:42 +#: ../../configuration/pki/index.rst:47 msgid "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." msgstr "Create a new :abbr:`CA (Certificate Authority)` and output the CAs public and private key on the console." -#: ../../configuration/pki/index.rst:67 -#: ../../configuration/pki/index.rst:71 +#: ../../configuration/pki/index.rst:69 +#: ../../configuration/pki/index.rst:73 msgid "Create a new public/private keypair and output the certificate on the console." msgstr "Create a new public/private keypair and output the certificate on the console." -#: ../../configuration/pki/index.rst:89 -#: ../../configuration/pki/index.rst:94 +#: ../../configuration/pki/index.rst:91 +#: ../../configuration/pki/index.rst:96 msgid "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." msgstr "Create a new public/private keypair which is signed by the CA referenced by `ca-name`. The signed certificate is then output to the console." -#: ../../configuration/pki/index.rst:77 -#: ../../configuration/pki/index.rst:82 +#: ../../configuration/pki/index.rst:79 +#: ../../configuration/pki/index.rst:84 msgid "Create a new self-signed certificate. The public/private is then shown on the console." msgstr "Create a new self-signed certificate. The public/private is then shown on the console." -#: ../../configuration/pki/index.rst:52 +#: ../../configuration/pki/index.rst:54 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `ca-name`." -#: ../../configuration/pki/index.rst:57 +#: ../../configuration/pki/index.rst:59 msgid "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." msgstr "Create a new subordinate :abbr:`CA (Certificate Authority)` and sign it using the private key referenced by `name`." @@ -3686,10 +4067,15 @@ msgstr "Create named `<alias>` for the configured static mapping for `<hostname> msgid "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." msgstr "Create new VRF instance with `<name>`. The name is used when placing individual interfaces into the VRF." -#: ../../configuration/service/dns.rst:234 +#: ../../configuration/service/dns.rst:248 msgid "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." msgstr "Create new :rfc:`2136` DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +#: ../../configuration/service/dns.rst:221 +#: ../../configuration/service/dns.rst:326 +msgid "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." +msgstr "Create new dynamic DNS update configuration which will update the IP address assigned to `<interface>` on the service you configured under `<service-name>`." + #: ../../configuration/system/login.rst:21 msgid "Create new system user with username `<name>` and real-name specified by `<string>`." msgstr "Create new system user with username `<name>` and real-name specified by `<string>`." @@ -3698,10 +4084,14 @@ msgstr "Create new system user with username `<name>` and real-name specified by msgid "Create service `<name>` to listen on <port>" msgstr "Create service `<name>` to listen on <port>" -#: ../../configuration/container/index.rst:132 +#: ../../configuration/container/index.rst:140 msgid "Creates a named container network" msgstr "Creates a named container network" +#: ../../configuration/service/ipoe-server.rst:55 +msgid "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" +msgstr "Creates local IPoE user with username=**<interface>** and password=**<MAC>** (mac-address)" + #: ../../configuration/vpn/dmvpn.rst:83 msgid "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." msgstr "Creates static peer mapping of protocol-address to :abbr:`NBMA (Non-broadcast multiple-access network)` address." @@ -3722,6 +4112,10 @@ msgstr "Creating a traffic policy" msgid "Creating rules for using flow tables:" msgstr "Creating rules for using flow tables:" +#: ../../configuration/container/index.rst:173 +msgid "Credentials can be defined here and will only be used when adding a container image to the system." +msgstr "Credentials can be defined here and will only be used when adding a container image to the system." + #: ../../configuration/system/syslog.rst:178 msgid "Critical" msgstr "Critical" @@ -3754,7 +4148,7 @@ msgstr "Cur Hop Limit" msgid "Currently does not do much as caching is not implemented." msgstr "Currently does not do much as caching is not implemented." -#: ../../configuration/vrf/index.rst:86 +#: ../../configuration/vrf/index.rst:105 msgid "Currently dynamic routing is supported for the following protocols:" msgstr "Currently dynamic routing is supported for the following protocols:" @@ -3778,7 +4172,7 @@ msgstr "Custom firewall chains can be created, with commands ``set firewall ipv4 msgid "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." msgstr "Custom firewall chains can be created, with commands ``set firewall ipv6 name <name> ...``. In order to use such custom chain, a rule with **action jump**, and the appropiate **target** should be defined in a base chain." -#: ../../configuration/highavailability/index.rst:373 +#: ../../configuration/highavailability/index.rst:383 msgid "Custom health-check script allows checking real-server availability" msgstr "Custom health-check script allows checking real-server availability" @@ -3794,6 +4188,10 @@ msgstr "DCO can be enabled for both new and existing tunnels,VyOS adds an option msgid "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." msgstr "DCO support is a per-tunnel option and it is not automatically enabled by default for new or upgraded tunnels. Existing tunnels will continue to function as they have in the past." +#: ../../configuration/service/ids.rst:5 +msgid "DDoS Protection" +msgstr "DDoS Protection" + #: ../../configuration/service/dhcp-relay.rst:5 msgid "DHCP Relay" msgstr "DHCP Relay" @@ -3802,15 +4200,15 @@ msgstr "DHCP Relay" msgid "DHCP Server" msgstr "DHCP Server" -#: ../../configuration/service/dhcp-server.rst:351 +#: ../../configuration/service/dhcp-server.rst:357 msgid "DHCP failover parameters" msgstr "DHCP failover parameters" -#: ../../configuration/service/dhcp-server.rst:341 +#: ../../configuration/service/dhcp-server.rst:347 msgid "DHCP lease range" msgstr "DHCP lease range" -#: ../../configuration/service/dhcp-server.rst:377 +#: ../../configuration/service/dhcp-server.rst:383 msgid "DHCP range spans from `192.168.189.10` - `192.168.189.250`" msgstr "DHCP range spans from `192.168.189.10` - `192.168.189.250`" @@ -3822,7 +4220,7 @@ msgstr "DHCP relay example" msgid "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." msgstr "DHCP server is located at IPv4 address 10.0.1.4 on ``eth2``." -#: ../../configuration/service/dhcp-server.rst:584 +#: ../../configuration/service/dhcp-server.rst:590 msgid "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." msgstr "DHCPv6 address pools must be configured for the system to act as a DHCPv6 server. The following example describes a common scenario." @@ -3887,11 +4285,11 @@ msgstr "DNS name servers" msgid "DNS search list to advertise" msgstr "DNS search list to advertise" -#: ../../configuration/service/dhcp-server.rst:261 +#: ../../configuration/service/dhcp-server.rst:267 msgid "DNS server IPv4 address" msgstr "DNS server IPv4 address" -#: ../../configuration/service/dhcp-server.rst:591 +#: ../../configuration/service/dhcp-server.rst:597 msgid "DNS server is located at ``2001:db8::ffff``" msgstr "DNS server is located at ``2001:db8::ffff``" @@ -3903,7 +4301,7 @@ msgstr "DSCP values as per :rfc:`2474` and :rfc:`4595`:" msgid "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" msgstr "DSSS/CCK Mode in 40 MHz, this sets ``[DSSS_CCK-40]``" -#: ../../configuration/firewall/ipv4.rst:444 +#: ../../configuration/firewall/ipv4.rst:467 #: ../../configuration/firewall/ipv6.rst:451 msgid "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." msgstr "Data is provided by DB-IP.com under CC-BY-4.0 license. Attribution required, permits redistribution so we can include a database in images(~3MB compressed). Includes cron script (manually callable by op-mode update geoip) to keep database and rules updated." @@ -3940,15 +4338,18 @@ msgstr "Default Gateway/Route" msgid "Default Router Preference" msgstr "Default Router Preference" -#: ../../configuration/vpn/sstp.rst:201 +#: ../../configuration/service/pppoe-server.rst:509 +#: ../../configuration/vpn/l2tp.rst:463 +#: ../../configuration/vpn/pptp.rst:387 +#: ../../configuration/vpn/sstp.rst:421 msgid "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." msgstr "Default behavior - don't ask client for mppe, but allow it if client wants. Please note that RADIUS may override this option by MS-MPPE-Encryption-Policy attribute." -#: ../../configuration/service/dhcp-server.rst:374 +#: ../../configuration/service/dhcp-server.rst:380 msgid "Default gateway and DNS server is at `192.0.2.254`" msgstr "Default gateway and DNS server is at `192.0.2.254`" -#: ../../configuration/container/index.rst:108 +#: ../../configuration/container/index.rst:113 msgid "Default is 512 MB. Use 0 MB for unlimited memory." msgstr "Default is 512 MB. Use 0 MB for unlimited memory." @@ -3976,7 +4377,7 @@ msgstr "Defaults to 'uid'" msgid "Defaults to 225.0.0.50." msgstr "Defaults to 225.0.0.50." -#: ../../configuration/system/option.rst:68 +#: ../../configuration/system/option.rst:98 msgid "Defaults to ``us``." msgstr "Defaults to ``us``." @@ -3988,6 +4389,10 @@ msgstr "Define Conection Timeouts" msgid "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." msgstr "Define IPv4/IPv6 management address transmitted via LLDP. Multiple addresses can be defined. Only addresses connected to the system will be transmitted." +#: ../../configuration/container/index.rst:148 +msgid "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." +msgstr "Define IPv4 or IPv6 prefix for a given network name. Only one IPv4 and one IPv6 prefix can be used per network name." + #: ../../configuration/firewall/groups.rst:52 msgid "Define a IPv4 or IPv6 Network group." msgstr "Define a IPv4 or IPv6 Network group." @@ -4040,6 +4445,10 @@ msgstr "Define different modes for sending replies in response to received ARP r msgid "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." msgstr "Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface." +#: ../../configuration/service/ntp.rst:88 +msgid "Define how to handle leaf-seonds." +msgstr "Define how to handle leaf-seonds." + #: ../../configuration/firewall/flowtables.rst:71 msgid "Define interfaces to be used in the flowtable." msgstr "Define interfaces to be used in the flowtable." @@ -4080,7 +4489,7 @@ msgstr "Define the zone as a local zone. A local zone has no interfaces and will msgid "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." msgstr "Define type of offload to be used by the flowtable: ``hardware`` or ``software``. By default, ``software`` offload is used." -#: ../../configuration/protocols/rpki.rst:114 +#: ../../configuration/protocols/rpki.rst:128 msgid "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." msgstr "Defined the IPv4, IPv6 or FQDN and port number of the caching RPKI caching instance which is used." @@ -4092,26 +4501,47 @@ msgstr "Defines alternate sources for multicasting and IGMP data. The network ad msgid "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." msgstr "Defines an off-NBMA network prefix for which the GRE interface will act as a gateway. This an alternative to defining local interfaces with shortcut-destination flag." -#: ../../configuration/protocols/static.rst:120 -#: ../../configuration/protocols/static.rst:133 +#: ../../configuration/protocols/static.rst:154 +#: ../../configuration/protocols/static.rst:167 msgid "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines blackhole distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:496 +#: ../../configuration/vpn/l2tp.rst:450 +#: ../../configuration/vpn/pptp.rst:374 +#: ../../configuration/vpn/sstp.rst:408 +msgid "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." +msgstr "Defines minimum acceptable MTU. If client will try to negotiate less then specified MTU then it will be NAKed or disconnected if rejects greater MTU. Default value is **100**." + #: ../../configuration/protocols/static.rst:34 #: ../../configuration/protocols/static.rst:54 -#: ../../configuration/protocols/static.rst:81 -#: ../../configuration/protocols/static.rst:101 +#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:124 msgid "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." msgstr "Defines next-hop distance for this route, routes with smaller administrative distance are elected prior to those with a higher distance." +#: ../../configuration/service/pppoe-server.rst:515 +#: ../../configuration/vpn/l2tp.rst:469 +#: ../../configuration/vpn/pptp.rst:393 +#: ../../configuration/vpn/sstp.rst:427 +msgid "Defines preferred MRU. By default is not defined." +msgstr "Defines preferred MRU. By default is not defined." + #: ../../configuration/protocols/failover.rst:31 msgid "Defines protocols for checking ARP, ICMP, TCP" msgstr "Defines protocols for checking ARP, ICMP, TCP" -#: ../../configuration/vpn/sstp.rst:178 +#: ../../configuration/vpn/sstp.rst:184 msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset." +#: ../../configuration/service/pppoe-server.rst:479 +#: ../../configuration/vpn/l2tp.rst:433 +#: ../../configuration/vpn/pptp.rst:357 +#: ../../configuration/vpn/sstp.rst:391 +msgid "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." +msgstr "Defines the maximum `<number>` of unanswered echo requests. Upon reaching the value `<number>`, the session will be reset. Default value is **3**." + #: ../../configuration/system/console.rst:21 msgid "Defines the specified device as a system console. Available console devices can be (see completion helper):" msgstr "Defines the specified device as a system console. Available console devices can be (see completion helper):" @@ -4120,15 +4550,15 @@ msgstr "Defines the specified device as a system console. Available console devi msgid "Defining Peers" msgstr "Defining Peers" -#: ../../configuration/service/dhcp-server.rst:579 +#: ../../configuration/service/dhcp-server.rst:585 msgid "Delegate prefixes from the range indicated by the start and stop qualifier." msgstr "Delegate prefixes from the range indicated by the start and stop qualifier." -#: ../../configuration/policy/route-map.rst:231 +#: ../../configuration/policy/route-map.rst:234 msgid "Delete BGP communities matching the community-list." msgstr "Delete BGP communities matching the community-list." -#: ../../configuration/policy/route-map.rst:246 +#: ../../configuration/policy/route-map.rst:249 msgid "Delete BGP communities matching the large-community-list." msgstr "Delete BGP communities matching the large-community-list." @@ -4136,11 +4566,15 @@ msgstr "Delete BGP communities matching the large-community-list." msgid "Delete Logs" msgstr "Delete Logs" -#: ../../configuration/policy/route-map.rst:226 +#: ../../configuration/container/index.rst:211 +msgid "Delete a particular container image based on it's image ID. You can also delete all container images at once." +msgstr "Delete a particular container image based on it's image ID. You can also delete all container images at once." + +#: ../../configuration/policy/route-map.rst:229 msgid "Delete all BGP communities" msgstr "Delete all BGP communities" -#: ../../configuration/policy/route-map.rst:241 +#: ../../configuration/policy/route-map.rst:244 msgid "Delete all BGP large-communities" msgstr "Delete all BGP large-communities" @@ -4205,15 +4639,37 @@ msgstr "Devices evaluating whether an IPv4 address is public must be updated to msgid "Different NAT Types" msgstr "Different NAT Types" -#: ../../configuration/pki/index.rst:100 +#: ../../configuration/pki/index.rst:102 msgid "Diffie-Hellman parameters" msgstr "Diffie-Hellman parameters" +#: ../../configuration/service/ids.rst:93 +msgid "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." +msgstr "Direction: **in** and **out**. Protect public network from external attacks, and identify internal attacks towards internet." + +#: ../../configuration/system/option.rst:46 +msgid "Disable CPU power saving mechanisms also known as C states." +msgstr "Disable CPU power saving mechanisms also known as C states." + +#: ../../configuration/service/pppoe-server.rst:457 +#: ../../configuration/vpn/l2tp.rst:411 +#: ../../configuration/vpn/pptp.rst:335 +#: ../../configuration/vpn/sstp.rst:369 +msgid "Disable Compression Control Protocol (CCP). CCP is enabled by default." +msgstr "Disable Compression Control Protocol (CCP). CCP is enabled by default." + #: ../../configuration/protocols/pim6.rst:37 msgid "Disable MLD reports and query on the interface." msgstr "Disable MLD reports and query on the interface." -#: ../../configuration/vpn/sstp.rst:75 +#: ../../configuration/system/login.rst:39 +msgid "Disable (lock) account. User will not be able to log in." +msgstr "Disable (lock) account. User will not be able to log in." + +#: ../../configuration/service/pppoe-server.rst:432 +#: ../../configuration/vpn/l2tp.rst:376 +#: ../../configuration/vpn/pptp.rst:300 +#: ../../configuration/vpn/sstp.rst:334 msgid "Disable `<user>` account." msgstr "Disable `<user>` account." @@ -4221,11 +4677,23 @@ msgstr "Disable `<user>` account." msgid "Disable a BFD peer" msgstr "Disable a BFD peer" -#: ../../configuration/container/index.rst:128 +#: ../../configuration/container/index.rst:133 msgid "Disable a container." msgstr "Disable a container." -#: ../../configuration/firewall/ipv4.rst:930 +#: ../../configuration/container/index.rst:166 +msgid "Disable a given container registry" +msgstr "Disable a given container registry" + +#: ../../configuration/system/option.rst:35 +msgid "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." +msgstr "Disable all optional CPU mitigations. This improves system performance, but it may also expose users to several CPU vulnerabilities." + +#: ../../configuration/service/conntrack-sync.rst:103 +msgid "Disable connection logging via Syslog." +msgstr "Disable connection logging via Syslog." + +#: ../../configuration/firewall/ipv4.rst:953 #: ../../configuration/firewall/ipv6.rst:939 msgid "Disable conntrack loose track option" msgstr "Disable conntrack loose track option" @@ -4242,7 +4710,7 @@ msgstr "Disable dhcpv6-relay service." msgid "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." msgstr "Disable given `<interface>`. It will be placed in administratively down (``A/D``) state." -#: ../../configuration/protocols/bgp.rst:616 +#: ../../configuration/protocols/bgp.rst:628 msgid "Disable immediate session reset if peer's connected link goes down." msgstr "Disable immediate session reset if peer's connected link goes down." @@ -4286,11 +4754,11 @@ msgstr "Disabled by default - no kernel module loaded." msgid "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." msgstr "Disables caching of peer information from forwarded NHRP Resolution Reply packets. This can be used to reduce memory consumption on big NBMA subnets." -#: ../../configuration/protocols/static.rst:76 +#: ../../configuration/protocols/static.rst:99 msgid "Disables interface-based IPv4 static route." msgstr "Disables interface-based IPv4 static route." -#: ../../configuration/protocols/static.rst:96 +#: ../../configuration/protocols/static.rst:119 msgid "Disables interface-based IPv6 static route." msgstr "Disables interface-based IPv6 static route." @@ -4306,7 +4774,7 @@ msgstr "Disables web filtering without discarding configuration." msgid "Disables web proxy transparent mode at a listening address." msgstr "Disables web proxy transparent mode at a listening address." -#: ../../configuration/service/router-advert.rst:73 +#: ../../configuration/service/router-advert.rst:99 msgid "Disabling Advertisements" msgstr "Disabling Advertisements" @@ -4326,11 +4794,11 @@ msgstr "Disadvantages are:" msgid "Disassociate stations based on excessive transmission failures or other indications of connection loss." msgstr "Disassociate stations based on excessive transmission failures or other indications of connection loss." -#: ../../configuration/vrf/index.rst:142 +#: ../../configuration/vrf/index.rst:161 msgid "Display IPv4 routing table for VRF identified by `<name>`." msgstr "Display IPv4 routing table for VRF identified by `<name>`." -#: ../../configuration/vrf/index.rst:161 +#: ../../configuration/vrf/index.rst:180 msgid "Display IPv6 routing table for VRF identified by `<name>`." msgstr "Display IPv6 routing table for VRF identified by `<name>`." @@ -4338,7 +4806,7 @@ msgstr "Display IPv6 routing table for VRF identified by `<name>`." msgid "Display Logs" msgstr "Display Logs" -#: ../../configuration/system/login.rst:188 +#: ../../configuration/system/login.rst:192 msgid "Display OTP key for user" msgstr "Display OTP key for user" @@ -4346,11 +4814,11 @@ msgstr "Display OTP key for user" msgid "Display all authorization attempts of the specified image" msgstr "Display all authorization attempts of the specified image" -#: ../../configuration/protocols/static.rst:200 +#: ../../configuration/protocols/static.rst:233 msgid "Display all known ARP table entries on a given interface only (`eth1`):" msgstr "Display all known ARP table entries on a given interface only (`eth1`):" -#: ../../configuration/protocols/static.rst:188 +#: ../../configuration/protocols/static.rst:221 msgid "Display all known ARP table entries spanning across all interfaces" msgstr "Display all known ARP table entries spanning across all interfaces" @@ -4382,7 +4850,7 @@ msgstr "Displays information about all neighbors discovered via LLDP." msgid "Displays queue information for a PPPoE interface." msgstr "Displays queue information for a PPPoE interface." -#: ../../configuration/vrf/index.rst:213 +#: ../../configuration/vrf/index.rst:232 msgid "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." msgstr "Displays the route packets taken to a network host utilizing VRF instance identified by `<name>`. When using the IPv4 or IPv6 option, displays the route packets taken to the given hosts IP address family. This option is useful when the host is specified as a hostname rather than an IP address." @@ -4390,14 +4858,28 @@ msgstr "Displays the route packets taken to a network host utilizing VRF instanc msgid "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." msgstr "Do *not* manually edit `/etc/hosts`. This file will automatically be regenerated on boot based on the settings in this section, which means you'll lose all your manual edits. Instead, configure static host mappings as follows." +#: ../../configuration/system/ip.rst:55 +#: ../../configuration/vrf/index.rst:79 +#: ../../configuration/vrf/index.rst:85 +msgid "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv4 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + +#: ../../configuration/system/ipv6.rst:51 +msgid "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." +msgstr "Do not allow IPv6 nexthop tracking to resolve via the default route. This parameter is configured per-VRF, so the command is also available in the VRF subnode." + #: ../../_include/interface-ipv6.txt:37 msgid "Do not assign a link-local IPv6 address to this interface." msgstr "Do not assign a link-local IPv6 address to this interface." -#: ../../configuration/trafficpolicy/index.rst:1208 +#: ../../configuration/trafficpolicy/index.rst:1210 msgid "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." msgstr "Do not configure IFB as the first step. First create everything else of your traffic-policy, and then you can configure IFB. Otherwise you might get the ``RTNETLINK answer: File exists`` error, which can be solved with ``sudo ip link delete ifb0``." +#: ../../configuration/protocols/bgp.rst:609 +msgid "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." +msgstr "Do not send Hard Reset CEASE Notification for \"Administrative Reset\" events. When set and Graceful Restart Notification capability is exchanged between the peers, Graceful Restart procedures apply, and routes will be retained." + #: ../../configuration/service/dns.rst:103 msgid "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." msgstr "Do not use the local ``/etc/hosts`` file in name resolution. VyOS DHCP server will use this file to add resolvers to assigned addresses." @@ -4426,7 +4908,7 @@ msgstr "Domain name(s) for which to obtain certificate" msgid "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." msgstr "Domain names can include letters, numbers, hyphens and periods with a maximum length of 253 characters." -#: ../../configuration/pki/index.rst:259 +#: ../../configuration/pki/index.rst:290 msgid "Domain names to apply, multiple domain-names can be specified." msgstr "Domain names to apply, multiple domain-names can be specified." @@ -4435,19 +4917,19 @@ msgstr "Domain names to apply, multiple domain-names can be specified." msgid "Domain search order" msgstr "Domain search order" -#: ../../configuration/pki/index.rst:25 +#: ../../configuration/pki/index.rst:27 msgid "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" msgstr "Don't be afraid that you need to re-do your configuration. Key transformation is handled, as always, by our migration scripts, so this will be a smooth transition for you!" -#: ../../configuration/protocols/bgp.rst:1172 +#: ../../configuration/protocols/bgp.rst:1194 msgid "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement **MUST exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/protocols/bgp.rst:1126 +#: ../../configuration/protocols/bgp.rst:1148 msgid "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" msgstr "Don't forget, the CIDR declared in the network statement MUST **exist in your routing table (dynamic or static), the best way to make sure that is true is creating a static route:**" -#: ../../configuration/vpn/site2site_ipsec.rst:299 +#: ../../configuration/vpn/site2site_ipsec.rst:302 msgid "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." msgstr "Don't get confused about the used /31 tunnel subnet. :rfc:`3021` gives you additional information for using /31 subnets on point-to-point links." @@ -4459,10 +4941,17 @@ msgstr "Download/Update complete blacklist" msgid "Download/Update partial blacklist." msgstr "Download/Update partial blacklist." -#: ../../configuration/vpn/sstp.rst:85 +#: ../../configuration/service/pppoe-server.rst:262 +#: ../../configuration/vpn/l2tp.rst:386 +#: ../../configuration/vpn/pptp.rst:310 +#: ../../configuration/vpn/sstp.rst:344 msgid "Download bandwidth limit in kbit/s for `<user>`." msgstr "Download bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:320 +msgid "Download bandwidth limit in kbit/s for user on interface `<interface>`." +msgstr "Download bandwidth limit in kbit/s for user on interface `<interface>`." + #: ../../configuration/policy/route-map.rst:202 msgid "Drop AS-NUMBER from the BGP AS path." msgstr "Drop AS-NUMBER from the BGP AS path." @@ -4479,7 +4968,7 @@ msgstr "Drop rate" msgid "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" msgstr "Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets" -#: ../../configuration/service/pppoe-server.rst:367 +#: ../../configuration/service/pppoe-server.rst:625 msgid "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" msgstr "Dual-Stack IPv4/IPv6 provisioning with Prefix Delegation" @@ -4495,19 +4984,23 @@ msgstr "Dummy interface" msgid "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." msgstr "Dummy interfaces can be used as interfaces that always stay up (in the same fashion to loopbacks in Cisco IOS), or for testing purposes." -#: ../../configuration/vrf/index.rst:193 +#: ../../configuration/vrf/index.rst:212 msgid "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." msgstr "Duplicate packets are not included in the packet loss calculation, although the round-trip time of these packets is used in calculating the minimum/ average/maximum round-trip time numbers." -#: ../../configuration/pki/index.rst:285 +#: ../../configuration/pki/index.rst:316 msgid "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" msgstr "During initial deployment we recommend using the staging API of LetsEncrypt to prevent and blacklisting of your system. The API endpoint is https://acme-staging-v02.api.letsencrypt.org/directory" +#: ../../configuration/vpn/ipsec.rst:568 +msgid "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." +msgstr "During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile." + #: ../../configuration/service/ssh.rst:113 msgid "Dynamic-protection" msgstr "Dynamic-protection" -#: ../../configuration/service/dns.rst:212 +#: ../../configuration/service/dns.rst:199 msgid "Dynamic DNS" msgstr "Dynamic DNS" @@ -4519,11 +5012,11 @@ msgstr "EAPoL comes with an identify option. We automatically use the interface msgid "ESP Phase:" msgstr "ESP Phase:" -#: ../../configuration/vpn/ipsec.rst:111 +#: ../../configuration/vpn/ipsec.rst:113 msgid "ESP (Encapsulating Security Payload) Attributes" msgstr "ESP (Encapsulating Security Payload) Attributes" -#: ../../configuration/vpn/ipsec.rst:112 +#: ../../configuration/vpn/ipsec.rst:115 msgid "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" msgstr "ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. https://datatracker.ietf.org/doc/html/rfc4303" @@ -4587,7 +5080,7 @@ msgstr "Eenables the Generic Protocol extension (VXLAN-GPE). Currently, this is msgid "Email address to associate with certificate" msgstr "Email address to associate with certificate" -#: ../../configuration/pki/index.rst:265 +#: ../../configuration/pki/index.rst:296 msgid "Email used for registration and recovery contact." msgstr "Email used for registration and recovery contact." @@ -4599,35 +5092,35 @@ msgstr "Embedding one policy into another one" msgid "Emergency" msgstr "Emergency" -#: ../../configuration/protocols/bfd.rst:89 +#: ../../configuration/protocols/bfd.rst:96 msgid "Enable BFD for ISIS on an interface" msgstr "Enable BFD for ISIS on an interface" -#: ../../configuration/protocols/bfd.rst:77 +#: ../../configuration/protocols/bfd.rst:84 msgid "Enable BFD for OSPF on an interface" msgstr "Enable BFD for OSPF on an interface" -#: ../../configuration/protocols/bfd.rst:81 +#: ../../configuration/protocols/bfd.rst:88 msgid "Enable BFD for OSPFv3 on an interface" msgstr "Enable BFD for OSPFv3 on an interface" -#: ../../configuration/protocols/bfd.rst:61 +#: ../../configuration/protocols/bfd.rst:68 msgid "Enable BFD in BGP" msgstr "Enable BFD in BGP" -#: ../../configuration/protocols/bfd.rst:85 +#: ../../configuration/protocols/bfd.rst:92 msgid "Enable BFD in ISIS" msgstr "Enable BFD in ISIS" -#: ../../configuration/protocols/bfd.rst:73 +#: ../../configuration/protocols/bfd.rst:80 msgid "Enable BFD in OSPF" msgstr "Enable BFD in OSPF" -#: ../../configuration/protocols/bfd.rst:69 +#: ../../configuration/protocols/bfd.rst:76 msgid "Enable BFD on a BGP peer group" msgstr "Enable BFD on a BGP peer group" -#: ../../configuration/protocols/bfd.rst:65 +#: ../../configuration/protocols/bfd.rst:72 msgid "Enable BFD on a single BGP neighbor" msgstr "Enable BFD on a single BGP neighbor" @@ -4651,7 +5144,7 @@ msgstr "Enable IGMP and MLD querier." msgid "Enable IGMP and MLD snooping." msgstr "Enable IGMP and MLD snooping." -#: ../../configuration/service/dhcp-server.rst:271 +#: ../../configuration/service/dhcp-server.rst:277 msgid "Enable IP forwarding on client" msgstr "Enable IP forwarding on client" @@ -4705,7 +5198,7 @@ msgstr "Enable OSPF with Segment Routing (Experimental):" msgid "Enable OSPF with route redistribution of the loopback and default originate:" msgstr "Enable OSPF with route redistribution of the loopback and default originate:" -#: ../../configuration/system/login.rst:103 +#: ../../configuration/system/login.rst:107 msgid "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE32 encoded 2FA/MFA key specified by `<key>`." @@ -4713,6 +5206,18 @@ msgstr "Enable OTP 2FA for user `username` with default settings, using the BASE msgid "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." msgstr "Enable OpenVPN Data Channel Offload feature by loading the appropriate kernel module." +#: ../../configuration/service/router-advert.rst:82 +msgid "Enable PREF64 option as outlined in :rfc:`8781`." +msgstr "Enable PREF64 option as outlined in :rfc:`8781`." + +#: ../../configuration/service/ipoe-server.rst:386 +#: ../../configuration/service/pppoe-server.rst:575 +#: ../../configuration/vpn/l2tp.rst:510 +#: ../../configuration/vpn/pptp.rst:434 +#: ../../configuration/vpn/sstp.rst:468 +msgid "Enable SNMP" +msgstr "Enable SNMP" + #: ../../configuration/service/lldp.rst:59 msgid "Enable SNMP queries of the LLDP database" msgstr "Enable SNMP queries of the LLDP database" @@ -4833,15 +5338,19 @@ msgstr "Enabled on-demand PPPoE connections bring up the link only when traffic msgid "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." msgstr "Enables Cisco style authentication on NHRP packets. This embeds the secret plaintext password to the outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless the secret password is present. Maximum length of the secret is 8 characters." -#: ../../configuration/vrf/index.rst:461 +#: ../../configuration/vrf/index.rst:480 msgid "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." msgstr "Enables an MPLS label to be attached to a route exported from the current unicast VRF to VPN. If the value specified is auto, the label value is automatically assigned from a pool maintained." -#: ../../configuration/vpn/sstp.rst:277 +#: ../../configuration/service/ipoe-server.rst:220 +#: ../../configuration/service/pppoe-server.rst:182 +#: ../../configuration/vpn/l2tp.rst:225 +#: ../../configuration/vpn/pptp.rst:165 +#: ../../configuration/vpn/sstp.rst:198 msgid "Enables bandwidth shaping via RADIUS." msgstr "Enables bandwidth shaping via RADIUS." -#: ../../configuration/vrf/index.rst:483 +#: ../../configuration/vrf/index.rst:502 msgid "Enables import or export of routes between the current unicast VRF and VPN." msgstr "Enables import or export of routes between the current unicast VRF and VPN." @@ -4853,6 +5362,10 @@ msgstr "Enables the Generic Protocol extension (VXLAN-GPE). Currently, this is o msgid "Enables the echo transmission mode" msgstr "Enables the echo transmission mode" +#: ../../configuration/system/option.rst:27 +msgid "Enables the root partition auto-extension and resizes to the maximum available space on system boot." +msgstr "Enables the root partition auto-extension and resizes to the maximum available space on system boot." + #: ../../configuration/service/router-advert.rst:27 msgid "Enabling Advertisments" msgstr "Enabling Advertisments" @@ -4877,7 +5390,7 @@ msgstr "Enforce strict path checking" msgid "Enslave `<member>` interface to bond `<interface>`." msgstr "Enslave `<member>` interface to bond `<interface>`." -#: ../../configuration/protocols/bgp.rst:764 +#: ../../configuration/protocols/bgp.rst:786 msgid "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." msgstr "Ensure that when comparing routes where both are equal on most metrics, including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken based on router-ID." @@ -4945,11 +5458,11 @@ msgstr "Every NAT rule has a translation command defined. The address defined fo msgid "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" msgstr "Every SNAT66 rule has a translation command defined. The prefix defined for the translation is the prefix used when the address information in a packet is replaced.ã€" -#: ../../configuration/system/login.rst:47 +#: ../../configuration/system/login.rst:51 msgid "Every SSH key comes in three parts:" msgstr "Every SSH key comes in three parts:" -#: ../../configuration/system/login.rst:68 +#: ../../configuration/system/login.rst:72 msgid "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" msgstr "Every SSH public key portion referenced by `<identifier>` requires the configuration of the `<type>` of public-key used. This type can be any of:" @@ -4965,12 +5478,16 @@ msgstr "Every Virtual Ethernet interfaces behaves like a real Ethernet interface msgid "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." msgstr "Every WWAN connection requires an :abbr:`APN (Access Point Name)` which is used by the client to dial into the ISPs network. This is a mandatory parameter. Contact your Service Provider for correct APN." +#: ../../configuration/vpn/ipsec.rst:439 +msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." +msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the 192.0.2.128/25 prefix and an IPv6 address from the 2001:db8:2000::/64 prefix. We can also send some DNS nameservers down to our clients used on their connection." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:98 msgid "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." msgstr "Every connection/remote-access pool we configure also needs a pool where we can draw our client IP addresses from. We provide one IPv4 and IPv6 pool. Authorized clients will receive an IPv4 address from the configured IPv4 prefix and an IPv6 address from the IPv6 prefix. We can also send some DNS nameservers down to our clients used on their connection." #: ../../configuration/firewall/bridge.rst:321 -#: ../../configuration/highavailability/index.rst:397 +#: ../../configuration/highavailability/index.rst:407 #: ../../configuration/interfaces/bonding.rst:291 #: ../../configuration/interfaces/l2tpv3.rst:86 #: ../../configuration/interfaces/pppoe.rst:323 @@ -4980,23 +5497,24 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/protocols/failover.rst:63 #: ../../configuration/protocols/igmp-proxy.rst:61 #: ../../configuration/protocols/pim.rst:217 -#: ../../configuration/protocols/rpki.rst:156 +#: ../../configuration/protocols/rpki.rst:166 #: ../../configuration/service/broadcast-relay.rst:55 -#: ../../configuration/service/conntrack-sync.rst:186 +#: ../../configuration/service/conntrack-sync.rst:190 #: ../../configuration/service/dhcp-relay.rst:85 #: ../../configuration/service/dhcp-relay.rst:174 -#: ../../configuration/service/dhcp-server.rst:362 -#: ../../configuration/service/dns.rst:160 -#: ../../configuration/service/dns.rst:276 +#: ../../configuration/service/dhcp-server.rst:368 +#: ../../configuration/service/dns.rst:147 +#: ../../configuration/service/dns.rst:260 #: ../../configuration/service/eventhandler.rst:83 -#: ../../configuration/service/ipoe-server.rst:150 +#: ../../configuration/service/ids.rst:82 #: ../../configuration/service/mdns.rst:50 #: ../../configuration/service/monitoring.rst:134 +#: ../../configuration/service/router-advert.rst:108 #: ../../configuration/service/snmp.rst:94 #: ../../configuration/service/snmp.rst:145 #: ../../configuration/service/tftp-server.rst:47 #: ../../configuration/system/acceleration.rst:58 -#: ../../configuration/system/login.rst:397 +#: ../../configuration/system/login.rst:401 #: ../../configuration/system/name-server.rst:28 #: ../../configuration/system/name-server.rst:63 #: ../../configuration/system/sflow.rst:49 @@ -5005,9 +5523,8 @@ msgstr "Every connection/remote-access pool we configure also needs a pool where #: ../../configuration/trafficpolicy/index.rst:1122 #: ../../configuration/vpn/dmvpn.rst:161 #: ../../configuration/vpn/openconnect.rst:97 -#: ../../configuration/vpn/sstp.rst:286 -#: ../../configuration/vrf/index.rst:99 -#: ../../configuration/vrf/index.rst:232 +#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:251 msgid "Example" msgstr "Example" @@ -5028,16 +5545,18 @@ msgstr "Example, from radius-server send command for disconnect client with user #: ../../configuration/nat/nat44.rst:425 #: ../../configuration/nat/nat66.rst:78 #: ../../configuration/nat/nat66.rst:96 -#: ../../configuration/protocols/static.rst:174 -#: ../../configuration/service/dns.rst:363 +#: ../../configuration/protocols/static.rst:67 +#: ../../configuration/protocols/static.rst:135 +#: ../../configuration/protocols/static.rst:207 +#: ../../configuration/service/dns.rst:366 #: ../../configuration/service/monitoring.rst:69 #: ../../configuration/service/monitoring.rst:98 #: ../../configuration/service/ssh.rst:165 #: ../../configuration/service/ssh.rst:200 #: ../../configuration/system/flow-accounting.rst:164 -#: ../../configuration/vpn/l2tp.rst:41 -#: ../../configuration/vpn/site2site_ipsec.rst:162 -#: ../../configuration/vpn/site2site_ipsec.rst:273 +#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:276 #: ../../_include/interface-address-with-dhcp.txt:22 #: ../../_include/interface-address.txt:9 #: ../../_include/interface-description.txt:7 @@ -5121,13 +5640,12 @@ msgstr "Example: Set `eth0` member port to be native VLAN 2" msgid "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." msgstr "Example: to be appended is set to ``vyos.net`` and the URL received is ``www/foo.html``, the system will use the generated, final URL of ``www.vyos.net/foo.html``." -#: ../../configuration/container/index.rst:177 +#: ../../configuration/container/index.rst:216 #: ../../configuration/service/https.rst:77 -#: ../../configuration/service/router-advert.rst:80 msgid "Example Configuration" msgstr "Example Configuration" -#: ../../configuration/service/dns.rst:378 +#: ../../configuration/service/dns.rst:384 msgid "Example IPv6 only:" msgstr "Example IPv6 only:" @@ -5135,7 +5653,7 @@ msgstr "Example IPv6 only:" msgid "Example Network" msgstr "Example Network" -#: ../../configuration/firewall/ipv4.rst:1130 +#: ../../configuration/firewall/ipv4.rst:1153 #: ../../configuration/firewall/ipv6.rst:1153 msgid "Example Partial Config" msgstr "Example Partial Config" @@ -5156,7 +5674,7 @@ msgstr "Example for configuring a simple L2TP over IPsec VPN for remote access ( msgid "Example of redirection:" msgstr "Example of redirection:" -#: ../../configuration/firewall/ipv4.rst:925 +#: ../../configuration/firewall/ipv4.rst:948 #: ../../configuration/firewall/ipv6.rst:934 msgid "Example synproxy" msgstr "Example synproxy" @@ -5167,16 +5685,16 @@ msgstr "Example synproxy" #: ../../configuration/interfaces/wireless.rst:541 #: ../../configuration/loadbalancing/reverse-proxy.rst:187 #: ../../configuration/policy/index.rst:46 -#: ../../configuration/protocols/bgp.rst:1096 +#: ../../configuration/protocols/bgp.rst:1118 #: ../../configuration/protocols/isis.rst:336 #: ../../configuration/protocols/ospf.rst:834 -#: ../../configuration/service/pppoe-server.rst:343 +#: ../../configuration/service/pppoe-server.rst:601 #: ../../configuration/service/webproxy.rst:419 msgid "Examples" msgstr "Examples" #: ../../configuration/nat/nat44.rst:154 -#: ../../configuration/vpn/site2site_ipsec.rst:157 +#: ../../configuration/vpn/site2site_ipsec.rst:160 msgid "Examples:" msgstr "Examples:" @@ -5224,6 +5742,10 @@ msgstr "External DHCPv6 server is at 2001:db8::4" msgid "External Route Summarisation" msgstr "External Route Summarisation" +#: ../../configuration/service/ids.rst:101 +msgid "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" +msgstr "External attack: an attack from the internet towards an internal IP is identify. In this case, all connections towards such IP will be blocked" + #: ../../configuration/trafficpolicy/index.rst:441 msgid "FQ-CoDel" msgstr "FQ-CoDel" @@ -5275,7 +5797,7 @@ msgstr "Facility Code" #: ../../configuration/loadbalancing/wan.rst:218 #: ../../configuration/protocols/failover.rst:3 #: ../../configuration/service/dhcp-server.rst:136 -#: ../../configuration/service/dhcp-server.rst:369 +#: ../../configuration/service/dhcp-server.rst:375 msgid "Failover" msgstr "Failover" @@ -5303,6 +5825,14 @@ msgstr "Fair Queue is a non-shaping (work-conserving) policy, so it will only be msgid "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." msgstr "Fair Queue is a work-conserving scheduler which schedules the transmission of packets based on flows, that is, it balances traffic distributing it through different sub-queues in order to ensure fairness so that each flow is able to send data in turn, preventing any single one from drowning out the rest." +#: ../../configuration/service/ids.rst:9 +msgid "FastNetMon" +msgstr "FastNetMon" + +#: ../../configuration/service/ids.rst:11 +msgid "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." +msgstr "FastNetMon is a high-performance DDoS detector/sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror). It can detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and perform a configurable action to handle that event, such as calling a custom script." + #: ../../configuration/protocols/rpki.rst:78 msgid "Features of the Current Implementation" msgstr "Features of the Current Implementation" @@ -5311,11 +5841,15 @@ msgstr "Features of the Current Implementation" msgid "Field" msgstr "Field" -#: ../../configuration/service/dns.rst:241 +#: ../../configuration/service/dns.rst:231 +msgid "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." +msgstr "File identified by `<filename>` containing the TSIG authentication key for RFC2136 nsupdate on remote DNS server." + +#: ../../configuration/service/dns.rst:255 msgid "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." msgstr "File identified by `<keyfile>` containing the secret RNDC key shared with remote DNS server." -#: ../../configuration/service/pppoe-server.rst:228 +#: ../../configuration/service/pppoe-server.rst:302 msgid "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" msgstr "Filter-Id=2000/3000 (means 2000Kbit down-stream rate and 3000Kbit up-stream rate)" @@ -5404,7 +5938,7 @@ msgstr "Firewall groups represent collections of IP addresses, networks, ports, msgid "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." msgstr "Firewall groups represent collections of IP addresses, networks, ports, mac addresses or domains. Once created, a group can be referenced by firewall, nat and policy route rules as either a source or destination matcher. Members can be added or removed from a group without changes to, or the need to reload, individual firewall rules." -#: ../../configuration/highavailability/index.rst:381 +#: ../../configuration/highavailability/index.rst:391 msgid "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" msgstr "Firewall mark. It possible to loadbalancing traffic based on ``fwmark`` value" @@ -5428,7 +5962,7 @@ msgstr "Firmware Update" msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair nam>>\". You may choose different length than 2048 of course." -#: ../../configuration/vpn/ipsec.rst:267 +#: ../../configuration/vpn/ipsec.rst:271 msgid "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." msgstr "First, on both routers run the operational command \"generate pki key-pair install <key-pair name>\". You may choose different length than 2048 of course." @@ -5544,15 +6078,15 @@ msgstr "For Hashing:" msgid "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." msgstr "For IS-IS top operate correctly, one must do the equivalent of a Router ID in CLNS. This Router ID is called the :abbr:`NET (Network Entity Title)`. This must be unique for each and every router that is operating in IS-IS. It also must not be duplicated otherwise the same issues that occur within OSPF will occur within IS-IS when it comes to said duplication." -#: ../../configuration/policy/route-map.rst:311 +#: ../../configuration/policy/route-map.rst:314 msgid "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." msgstr "For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop." -#: ../../configuration/service/pppoe-server.rst:188 +#: ../../configuration/service/pppoe-server.rst:257 msgid "For Local Users" msgstr "For Local Users" -#: ../../configuration/service/pppoe-server.rst:223 +#: ../../configuration/service/pppoe-server.rst:297 msgid "For RADIUS users" msgstr "For RADIUS users" @@ -5592,7 +6126,7 @@ msgstr "For a simple home network using just the ISP's equipment, this is usuall msgid "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." msgstr "For connectionless protocols as like ICMP and UDP, a flow is considered complete once no more packets for this flow appear after configurable timeout." -#: ../../configuration/system/login.rst:132 +#: ../../configuration/system/login.rst:136 msgid "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." msgstr "For example, if problems with poor time synchronization are experienced, the window can be increased from its default size of 3 permitted codes (one previous code, the current code, the next code) to 17 permitted codes (the 8 previous codes, the current code, and the 8 next codes). This will permit for a time skew of up to 4 minutes between client and server." @@ -5618,7 +6152,7 @@ msgstr "For fragmented TCP or UDP packets and all other IPv4 and IPv6 protocol t msgid "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" msgstr "For generating an OTP key in VyOS, you can use the CLI command (operational mode):" -#: ../../configuration/protocols/bgp.rst:823 +#: ../../configuration/protocols/bgp.rst:845 msgid "For inbound updates the order of preference is:" msgstr "For inbound updates the order of preference is:" @@ -5642,7 +6176,11 @@ msgstr "For latest releases, refer the `firewall (interface-groups) <https://doc msgid "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." msgstr "For more information on how MPLS label switching works, please go visit `Wikipedia (MPLS)`_." -#: ../../configuration/service/pppoe-server.rst:299 +#: ../../configuration/protocols/bfd.rst:61 +msgid "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." +msgstr "For multi hop sessions only. Configure the minimum expected TTL for an incoming BFD control packet." + +#: ../../configuration/service/pppoe-server.rst:307 msgid "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." msgstr "For network maintenance, it's a good idea to direct users to a backup server so that the primary server can be safely taken out of service. It's possible to switch your PPPoE server to maintenance mode where it maintains already established connections, but refuses new connection attempts." @@ -5650,7 +6188,7 @@ msgstr "For network maintenance, it's a good idea to direct users to a backup se msgid "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." msgstr "For optimal scalability, Multicast shouldn't be used at all, but instead use BGP to signal all connected devices between leaves. Unfortunately, VyOS does not yet support this." -#: ../../configuration/protocols/bgp.rst:829 +#: ../../configuration/protocols/bgp.rst:851 msgid "For outbound updates the order of preference is:" msgstr "For outbound updates the order of preference is:" @@ -5695,7 +6233,7 @@ msgstr "For the average user a serial console has no advantage over a console of msgid "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." msgstr "For the ingress traffic of an interface, there is only one policy you can directly apply, a **Limiter** policy. You cannot apply a shaping policy directly to the ingress traffic of any interface because shaping only works for outbound traffic." -#: ../../configuration/container/index.rst:179 +#: ../../configuration/container/index.rst:218 msgid "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." msgstr "For the sake of demonstration, `example #1 in the official documentation <https://www.zabbix.com/documentation/current/manual/installation/containers>`_ to the declarative VyOS CLI syntax." @@ -5737,7 +6275,7 @@ msgstr "Formally, a virtual link looks like a point-to-point network connecting msgid "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." msgstr "Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes." -#: ../../configuration/highavailability/index.rst:362 +#: ../../configuration/highavailability/index.rst:372 msgid "Forward method" msgstr "Forward method" @@ -5765,7 +6303,7 @@ msgstr "From a security perspective, it is not recommended to let a third party msgid "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" msgstr "From main structure defined in :doc:`Firewall Overview</configuration/firewall/index>` in this section you can find detailed information only for the next part of the general structure:" -#: ../../configuration/highavailability/index.rst:380 +#: ../../configuration/highavailability/index.rst:390 msgid "Fwmark" msgstr "Fwmark" @@ -5806,6 +6344,11 @@ msgstr "GRE is often seen as a one size fits all solution when it comes to class msgid "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." msgstr "Genearate a new OpenVPN shared secret. The generated secred is the output to the console." +#: ../../configuration/pki/index.rst:123 +#: ../../configuration/pki/index.rst:128 +msgid "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." +msgstr "Genearate a new OpenVPN shared secret. The generated secret is the output to the console." + #: ../../configuration/protocols/isis.rst:25 #: ../../configuration/protocols/ospf.rst:25 #: ../../configuration/protocols/ospf.rst:1081 @@ -5835,18 +6378,18 @@ msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key." msgid "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." msgstr "Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits." -#: ../../configuration/pki/index.rst:153 -#: ../../configuration/pki/index.rst:157 +#: ../../configuration/pki/index.rst:155 +#: ../../configuration/pki/index.rst:159 msgid "Generate a WireGuard pre-shared secret used for peers to communicate." msgstr "Generate a WireGuard pre-shared secret used for peers to communicate." -#: ../../configuration/pki/index.rst:136 -#: ../../configuration/pki/index.rst:141 +#: ../../configuration/pki/index.rst:138 +#: ../../configuration/pki/index.rst:143 msgid "Generate a new WireGuard public/private key portion and output the result to the console." msgstr "Generate a new WireGuard public/private key portion and output the result to the console." -#: ../../configuration/pki/index.rst:104 -#: ../../configuration/pki/index.rst:111 +#: ../../configuration/pki/index.rst:106 +#: ../../configuration/pki/index.rst:113 msgid "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." msgstr "Generate a new set of :abbr:`DH (Diffie-Hellman)` parameters. The key size is requested by the CLI and defaults to 2048 bit." @@ -5898,6 +6441,14 @@ msgstr "Given the following example we have one VyOS router acting as OpenVPN se msgid "Gloabal" msgstr "Gloabal" +#: ../../configuration/service/ipoe-server.rst:352 +#: ../../configuration/service/pppoe-server.rst:518 +#: ../../configuration/vpn/l2tp.rst:472 +#: ../../configuration/vpn/pptp.rst:396 +#: ../../configuration/vpn/sstp.rst:430 +msgid "Global Advanced options" +msgstr "Global Advanced options" + #: ../../configuration/firewall/general.rst:84 msgid "Global Options" msgstr "Global Options" @@ -5956,7 +6507,7 @@ msgstr "HTTP based services" msgid "HTTP basic authentication username" msgstr "HTTP basic authentication username" -#: ../../configuration/system/option.rst:27 +#: ../../configuration/system/option.rst:57 msgid "HTTP client" msgstr "HTTP client" @@ -5968,7 +6519,7 @@ msgstr "HT (High Throughput) capabilities (802.11n)" msgid "Hairpin NAT/NAT Reflection" msgstr "Hairpin NAT/NAT Reflection" -#: ../../configuration/service/dhcp-server.rst:573 +#: ../../configuration/service/dhcp-server.rst:579 msgid "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." msgstr "Hand out prefixes of size `<length>` to clients in subnet `<prefix>` when they request for prefix delegation." @@ -5980,7 +6531,7 @@ msgstr "Handling and monitoring" msgid "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." msgstr "Having control over the matching of INVALID state traffic, e.g. the ability to selectively log, is an important troubleshooting tool for observing broken protocol behavior. For this reason, VyOS does not globally drop invalid state traffic, instead allowing the operator to make the determination on how the traffic is handled." -#: ../../configuration/highavailability/index.rst:372 +#: ../../configuration/highavailability/index.rst:382 msgid "Health-check" msgstr "Health-check" @@ -6024,7 +6575,7 @@ msgstr "Here is a second example of a dual-stack tunnel over IPv6 between a VyOS msgid "Here is an example :abbr:`NET (Network Entity Title)` value:" msgstr "Here is an example :abbr:`NET (Network Entity Title)` value:" -#: ../../configuration/protocols/rpki.rst:167 +#: ../../configuration/protocols/rpki.rst:177 msgid "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." msgstr "Here is an example route-map to apply to routes learned at import. In this filter we reject prefixes with the state `invalid`, and set a higher `local-preference` if the prefix is RPKI `valid` rather than merely `notfound`." @@ -6074,7 +6625,7 @@ msgstr "Host Information" msgid "Host name" msgstr "Host name" -#: ../../configuration/service/dhcp-server.rst:630 +#: ../../configuration/service/dhcp-server.rst:638 msgid "Host specific mapping shall be named ``client1``" msgstr "Host specific mapping shall be named ``client1``" @@ -6094,7 +6645,7 @@ msgstr "How to configure Event Handler" msgid "How to make it work" msgstr "How to make it work" -#: ../../configuration/vpn/ipsec.rst:263 +#: ../../configuration/vpn/ipsec.rst:267 msgid "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." msgstr "However, now you need to make IPsec work with dynamic address on one side. The tricky part is that pre-shared secret authentication doesn't work with dynamic address, so we'll have to use RSA keys." @@ -6158,14 +6709,18 @@ msgstr "IKE (Internet Key Exchange) Attributes" msgid "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" msgstr "IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry. https://datatracker.ietf.org/doc/html/rfc5996" -#: ../../configuration/vpn/site2site_ipsec.rst:160 +#: ../../configuration/vpn/site2site_ipsec.rst:163 msgid "IKEv1" msgstr "IKEv1" -#: ../../configuration/vpn/site2site_ipsec.rst:271 +#: ../../configuration/vpn/site2site_ipsec.rst:274 msgid "IKEv2" msgstr "IKEv2" +#: ../../configuration/vpn/ipsec.rst:372 +msgid "IKEv2 IPSec road-warriors remote-access VPN" +msgstr "IKEv2 IPSec road-warriors remote-access VPN" + #: ../../configuration/system/ip.rst:3 msgid "IP" msgstr "IP" @@ -6198,11 +6753,11 @@ msgstr "IPSec IKE and ESP Groups;" msgid "IPSec IKEv2 Remote Access VPN" msgstr "IPSec IKEv2 Remote Access VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN" msgstr "IPSec IKEv2 site2site VPN" -#: ../../configuration/vpn/site2site_ipsec.rst:285 +#: ../../configuration/vpn/site2site_ipsec.rst:288 msgid "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" msgstr "IPSec IKEv2 site2site VPN (source ./draw.io/vpn_s2s_ikev2.drawio)" @@ -6218,7 +6773,7 @@ msgstr "IPSec VPN tunnels." msgid "IP address" msgstr "IP address" -#: ../../configuration/service/dhcp-server.rst:202 +#: ../../configuration/service/dhcp-server.rst:208 msgid "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named ``client1``" @@ -6227,19 +6782,19 @@ msgstr "IP address ``192.168.1.100`` shall be statically mapped to client named msgid "IP address ``192.168.2.1/24``" msgstr "IP address ``192.168.2.1/24``" -#: ../../configuration/service/dhcp-server.rst:286 +#: ../../configuration/service/dhcp-server.rst:292 msgid "IP address for DHCP server identifier" msgstr "IP address for DHCP server identifier" -#: ../../configuration/service/dhcp-server.rst:276 +#: ../../configuration/service/dhcp-server.rst:282 msgid "IP address of NTP server" msgstr "IP address of NTP server" -#: ../../configuration/service/dhcp-server.rst:316 +#: ../../configuration/service/dhcp-server.rst:322 msgid "IP address of POP3 server" msgstr "IP address of POP3 server" -#: ../../configuration/service/dhcp-server.rst:311 +#: ../../configuration/service/dhcp-server.rst:317 msgid "IP address of SMTP server" msgstr "IP address of SMTP server" @@ -6255,7 +6810,7 @@ msgstr "IP address of route to match, based on prefix-list." msgid "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." msgstr "IP address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." -#: ../../configuration/service/dhcp-server.rst:346 +#: ../../configuration/service/dhcp-server.rst:352 msgid "IP address to exclude from DHCP lease range" msgstr "IP address to exclude from DHCP lease range" @@ -6295,7 +6850,7 @@ msgstr "IP next-hop of route to match, based on type." msgid "IP precedence as defined in :rfc:`791`:" msgstr "IP precedence as defined in :rfc:`791`:" -#: ../../configuration/vpn/l2tp.rst:33 +#: ../../configuration/vpn/l2tp.rst:83 msgid "IP protocol number 50 (ESP)" msgstr "IP protocol number 50 (ESP)" @@ -6307,19 +6862,19 @@ msgstr "IP route source of route to match, based on access-list." msgid "IP route source of route to match, based on prefix-list." msgstr "IP route source of route to match, based on prefix-list." -#: ../../configuration/service/ipoe-server.rst:7 +#: ../../configuration/service/ipoe-server.rst:5 msgid "IPoE Server" msgstr "IPoE Server" -#: ../../configuration/service/ipoe-server.rst:30 +#: ../../configuration/service/ipoe-server.rst:29 msgid "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." msgstr "IPoE can be configure on different interfaces, it will depend on each specific situation which interface will provide IPoE to clients. The clients mac address and the incoming interface is being used as control parameter, to authenticate a client." -#: ../../configuration/service/ipoe-server.rst:13 +#: ../../configuration/service/ipoe-server.rst:11 msgid "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." msgstr "IPoE is a method of delivering an IP payload over an Ethernet-based access network or an access network using bridged Ethernet over Asynchronous Transfer Mode (ATM) without using PPPoE. It directly encapsulates the IP datagrams in Ethernet frames, using the standard :rfc:`894` encapsulation." -#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:153 msgid "IPoE server will listen on interfaces eth1.50 and eth1.51" msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" @@ -6327,11 +6882,11 @@ msgstr "IPoE server will listen on interfaces eth1.50 and eth1.51" msgid "IPsec" msgstr "IPsec" -#: ../../configuration/vpn/ipsec.rst:172 +#: ../../configuration/vpn/ipsec.rst:176 msgid "IPsec policy matching GRE" msgstr "IPsec policy matching GRE" -#: ../../configuration/service/pppoe-server.rst:346 +#: ../../configuration/service/pppoe-server.rst:604 msgid "IPv4" msgstr "IPv4" @@ -6343,11 +6898,11 @@ msgstr "IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, msgid "IPv4 Firewall Configuration" msgstr "IPv4 Firewall Configuration" -#: ../../configuration/service/dhcp-server.rst:291 +#: ../../configuration/service/dhcp-server.rst:297 msgid "IPv4 address of next bootstrap server" msgstr "IPv4 address of next bootstrap server" -#: ../../configuration/service/dhcp-server.rst:251 +#: ../../configuration/service/dhcp-server.rst:257 msgid "IPv4 address of router on the client's subnet" msgstr "IPv4 address of router on the client's subnet" @@ -6355,7 +6910,7 @@ msgstr "IPv4 address of router on the client's subnet" msgid "IPv4 or IPv6 source address of NetFlow packets" msgstr "IPv4 or IPv6 source address of NetFlow packets" -#: ../../configuration/protocols/bgp.rst:1099 +#: ../../configuration/protocols/bgp.rst:1121 msgid "IPv4 peering" msgstr "IPv4 peering" @@ -6376,8 +6931,12 @@ msgid "IPv4 server" msgstr "IPv4 server" #: ../../configuration/interfaces/pppoe.rst:244 -#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/service/ipoe-server.rst:256 +#: ../../configuration/service/pppoe-server.rst:341 #: ../../configuration/system/ipv6.rst:3 +#: ../../configuration/vpn/l2tp.rst:286 +#: ../../configuration/vpn/pptp.rst:210 +#: ../../configuration/vpn/sstp.rst:244 msgid "IPv6" msgstr "IPv6" @@ -6385,6 +6944,13 @@ msgstr "IPv6" msgid "IPv6 Access List" msgstr "IPv6 Access List" +#: ../../configuration/service/pppoe-server.rst:381 +#: ../../configuration/vpn/l2tp.rst:325 +#: ../../configuration/vpn/pptp.rst:249 +#: ../../configuration/vpn/sstp.rst:283 +msgid "IPv6 Advanced Options" +msgstr "IPv6 Advanced Options" + #: ../../configuration/interfaces/pppoe.rst:379 msgid "IPv6 DHCPv6-PD Example" msgstr "IPv6 DHCPv6-PD Example" @@ -6417,7 +6983,7 @@ msgstr "IPv6 SLAAC and IA-PD" msgid "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" msgstr "IPv6 TCP filters will only match IPv6 packets with no header extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers" -#: ../../configuration/service/dhcp-server.rst:628 +#: ../../configuration/service/dhcp-server.rst:636 msgid "IPv6 address ``2001:db8::101`` shall be statically mapped" msgstr "IPv6 address ``2001:db8::101`` shall be statically mapped" @@ -6434,10 +7000,18 @@ msgid "IPv6 address of route to match, based on specified prefix-length. Note th msgstr "IPv6 address of route to match, based on specified prefix-length. Note that this can be used for kernel routes only. Do not apply to the routes of dynamic routing protocols (e.g. BGP, RIP, OSFP), as this can lead to unexpected results.." #: ../../configuration/service/pppoe-server.rst:270 +msgid "IPv6 client's prefix" +msgstr "IPv6 client's prefix" + +#: ../../configuration/service/pppoe-server.rst:270 msgid "IPv6 client's prefix assignment" msgstr "IPv6 client's prefix assignment" -#: ../../configuration/protocols/bgp.rst:1144 +#: ../../configuration/service/pppoe-server.rst:295 +msgid "IPv6 default client's pool assignment" +msgstr "IPv6 default client's pool assignment" + +#: ../../configuration/protocols/bgp.rst:1166 msgid "IPv6 peering" msgstr "IPv6 peering" @@ -6445,7 +7019,7 @@ msgstr "IPv6 peering" msgid "IPv6 prefix." msgstr "IPv6 prefix." -#: ../../configuration/service/dhcp-server.rst:629 +#: ../../configuration/service/dhcp-server.rst:637 msgid "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" msgstr "IPv6 prefix ``2001:db8:0:101::/64`` shall be statically mapped" @@ -6457,7 +7031,7 @@ msgstr "IPv6 relay" msgid "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." msgstr "IPv6 route source: bgp, connected, eigrp, isis, kernel, nhrp, ospfv3, ripng, static." -#: ../../configuration/service/dhcp-server.rst:502 +#: ../../configuration/service/dhcp-server.rst:508 msgid "IPv6 server" msgstr "IPv6 server" @@ -6477,7 +7051,7 @@ msgstr "IS-IS Global Configuration" msgid "IS-IS SR Configuration" msgstr "IS-IS SR Configuration" -#: ../../configuration/service/dhcp-server.rst:233 +#: ../../configuration/service/dhcp-server.rst:239 msgid "ISC-DHCP Option name" msgstr "ISC-DHCP Option name" @@ -6493,7 +7067,7 @@ msgstr "If **max-threshold** is set but **min-threshold is not, then **min-thres msgid "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." msgstr "If ARP monitoring is used in an etherchannel compatible mode (modes round-robin and xor-hash), the switch should be configured in a mode that evenly distributes packets across all links. If the switch is configured to distribute the packets in an XOR fashion, all replies from the ARP targets will be received on the same link which could cause the other team members to fail." -#: ../../configuration/pki/index.rst:249 +#: ../../configuration/pki/index.rst:251 msgid "If CA is present, this certificate will be included in generated CRLs" msgstr "If CA is present, this certificate will be included in generated CRLs" @@ -6517,7 +7091,11 @@ msgstr "If :cfgcmd:`strict` is set the BGP session won’t become established un msgid "If ``alias`` is set, it can be used instead of the device when connecting." msgstr "If ``alias`` is set, it can be used instead of the device when connecting." -#: ../../configuration/vpn/l2tp.rst:29 +#: ../../configuration/policy/route-map.rst:204 +msgid "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." +msgstr "If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP path's NLRI." + +#: ../../configuration/vpn/l2tp.rst:79 msgid "If a local firewall policy is in place on your external interface you will need to allow the ports below:" msgstr "If a local firewall policy is in place on your external interface you will need to allow the ports below:" @@ -6530,7 +7108,7 @@ msgstr "If a registry is not specified, Docker.io will be used as the container msgid "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." msgstr "If a response is heard, the lease is abandoned, and the server does not respond to the client. The lease will remain abandoned for a minimum of abandon-lease-time seconds (defaults to 24 hours)." -#: ../../configuration/protocols/bgp.rst:771 +#: ../../configuration/protocols/bgp.rst:793 msgid "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." msgstr "If a route has an ORIGINATOR_ID attribute because it has been reflected, that ORIGINATOR_ID will be used. Otherwise, the router-ID of the peer the route was received from will be used." @@ -6660,11 +7238,46 @@ msgstr "If the AS-Path for the route has only private ASNs, the private ASNs are msgid "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." msgstr "If the IP prefix mask is present, it directs opennhrp to use this peer as a next hop server when sending Resolution Requests matching this subnet." +#: ../../configuration/service/ipoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:205 +#: ../../configuration/vpn/l2tp.rst:248 +#: ../../configuration/vpn/pptp.rst:188 +#: ../../configuration/vpn/sstp.rst:221 +msgid "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Delegated-IPv6-Prefix-Pool``, IPv6 delegation pefix will be allocated from a predefined IPv6 pool ``delegate`` whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:233 +#: ../../configuration/service/pppoe-server.rst:195 +#: ../../configuration/vpn/l2tp.rst:238 +#: ../../configuration/vpn/pptp.rst:178 +#: ../../configuration/vpn/sstp.rst:211 +msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." +msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ``default-pool`` within the CLI config is being ignored." + #: ../../configuration/vpn/l2tp.rst:211 msgid "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." msgstr "If the RADIUS server sends the attribute ``Framed-IP-Address`` then this IP address will be allocated to the client and the option ip-pool within the CLI config is being ignored." -#: ../../configuration/vpn/l2tp.rst:218 +#: ../../configuration/service/ipoe-server.rst:237 +#: ../../configuration/service/pppoe-server.rst:199 +#: ../../configuration/vpn/l2tp.rst:242 +#: ../../configuration/vpn/pptp.rst:182 +#: ../../configuration/vpn/sstp.rst:215 +msgid "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Framed-Pool``, IP address will be allocated from a predefined IP pool whose name equals the attribute value." + +#: ../../configuration/service/ipoe-server.rst:240 +#: ../../configuration/service/pppoe-server.rst:202 +#: ../../configuration/vpn/l2tp.rst:245 +#: ../../configuration/vpn/pptp.rst:185 +#: ../../configuration/vpn/sstp.rst:218 +msgid "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." +msgstr "If the RADIUS server sends the attribute ``Stateful-IPv6-Address-Pool``, IPv6 address will be allocated from a predefined IPv6 pool ``prefix`` whose name equals the attribute value." + +#: ../../configuration/service/pppoe-server.rst:219 +#: ../../configuration/vpn/l2tp.rst:262 +#: ../../configuration/vpn/pptp.rst:202 +#: ../../configuration/vpn/sstp.rst:235 msgid "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." msgstr "If the RADIUS server uses the attribute ``NAS-Port-Id``, ppp tunnels will be renamed." @@ -6688,6 +7301,10 @@ msgstr "If the current queue size is larger than **queue-limit**, then packets w msgid "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" msgstr "If the interface where the packet was received is part of a bridge, then packetis processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +#: ../../configuration/firewall/index.rst:83 +msgid "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" +msgstr "If the interface where the packet was received is part of a bridge, then the packet is processed at the **Bridge Layer**, which contains a basic setup for bridge filtering:" + #: ../../configuration/firewall/index.rst:26 msgid "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" msgstr "If the interface where the packet was received isn't part of a bridge, then packetis processed at the **IP Layer**:" @@ -6705,7 +7322,7 @@ msgstr "If the statically mapped peer is running Cisco IOS, specify the cisco ke msgid "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." msgstr "If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode." -#: ../../configuration/service/conntrack-sync.rst:126 +#: ../../configuration/service/conntrack-sync.rst:130 msgid "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" msgstr "If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. :cfgcmd:`set firewall state-policy established action accept`" @@ -6713,7 +7330,7 @@ msgstr "If the table is empty and you have a warning message, it means conntrack msgid "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." msgstr "If there are no free addresses but there are abandoned IP addresses, the DHCP server will attempt to reclaim an abandoned IP address regardless of the value of abandon-lease-time." -#: ../../configuration/vpn/site2site_ipsec.rst:241 +#: ../../configuration/vpn/site2site_ipsec.rst:244 msgid "If there is SNAT rules on eth1, need to add exclude rule" msgstr "If there is SNAT rules on eth1, need to add exclude rule" @@ -6726,14 +7343,21 @@ msgstr "If this command is invoked from configure mode with the ``run`` prefix t msgid "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." msgstr "If this is set the relay agent will insert the interface ID. This option is set automatically if more than one listening interfaces are in use." -#: ../../configuration/protocols/bgp.rst:768 +#: ../../configuration/protocols/bgp.rst:790 msgid "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." msgstr "If this option is enabled, then the already-selected check, where already selected eBGP routes are preferred, is skipped." -#: ../../configuration/vpn/sstp.rst:183 +#: ../../configuration/vpn/sstp.rst:189 msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds." +#: ../../configuration/service/pppoe-server.rst:484 +#: ../../configuration/vpn/l2tp.rst:438 +#: ../../configuration/vpn/pptp.rst:362 +#: ../../configuration/vpn/sstp.rst:396 +msgid "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." +msgstr "If this option is specified and is greater than 0, then the PPP module will send LCP pings of the echo request every `<interval>` seconds. Default value is **30**." + #: ../../_include/interface-ip.txt:75 msgid "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." msgstr "If this option is unset (default), incoming IP directed broadcast packets will not be forwarded." @@ -6750,11 +7374,11 @@ msgstr "If this parameter is not set, the default holdoff time is 30 seconds." msgid "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." msgstr "If this parameter is not set or 0, an on-demand link will not be taken down when it is idle and after the initial establishment of the connection. It will stay up forever." -#: ../../configuration/system/login.rst:270 +#: ../../configuration/system/login.rst:274 msgid "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the RADIUS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." -#: ../../configuration/system/login.rst:339 +#: ../../configuration/system/login.rst:343 msgid "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." msgstr "If unset, incoming connections to the TACACS server will use the nearest interface address pointing towards the server - making it error prone on e.g. OSPF networks when a link fails and a backup route is taken." @@ -6786,10 +7410,17 @@ msgstr "If you are responsible for the global addresses assigned to your network msgid "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." msgstr "If you are using FQ-CoDel embedded into Shaper_ and you have large rates (100Mbit and above), you may consider increasing `quantum` to 8000 or higher so that the scheduler saves CPU." -#: ../../configuration/vpn/l2tp.rst:165 +#: ../../configuration/service/ipoe-server.rst:146 +#: ../../configuration/service/pppoe-server.rst:108 +#: ../../configuration/vpn/l2tp.rst:151 msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +#: ../../configuration/vpn/pptp.rst:91 +#: ../../configuration/vpn/sstp.rst:124 +msgid "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." +msgstr "If you are using OSPF as IGP, always the closest interface connected to the RADIUS server is used. You can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface." + #: ../../configuration/interfaces/openvpn.rst:306 msgid "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." msgstr "If you change the default encryption and hashing algorithms, be sure that the local and remote ends have matching configurations, otherwise the tunnel will not come up." @@ -6813,6 +7444,10 @@ msgstr "If you enable this, you will probably want to set diversity-factor and c msgid "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." msgstr "If you enter a value smaller than 60 seconds be aware that this can and will affect convergence at scale." +#: ../../configuration/vpn/ipsec.rst:483 +msgid "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." +msgstr "If you feel better forwarding all authentication requests to your enterprises RADIUS server, use the commands below." + #: ../../configuration/interfaces/bonding.rst:312 msgid "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." msgstr "If you happen to run this in a virtual environment like by EVE-NG you need to ensure your VyOS NIC is set to use the e1000 driver. Using the default ``virtio-net-pci`` or the ``vmxnet3`` driver will not work. ICMP messages will not be properly processed. They are visible on the virtual wire but will not make it fully up the networking stack." @@ -6849,10 +7484,26 @@ msgstr "If you only want to check if the user account is enabled and can authent msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client, which is the vyos router in our example." +#: ../../configuration/service/ipoe-server.rst:215 +#: ../../configuration/service/pppoe-server.rst:177 +#: ../../configuration/vpn/l2tp.rst:220 +#: ../../configuration/vpn/pptp.rst:160 +#: ../../configuration/vpn/sstp.rst:193 +msgid "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." +msgstr "If you set a custom RADIUS attribute you must define it on both dictionaries at RADIUS server and client." + #: ../../configuration/system/console.rst:41 msgid "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." msgstr "If you use USB to serial converters for connecting to your VyOS appliance please note that most of them use software emulation without flow control. This means you should start with a common baud rate (most likely 9600 baud) as otherwise you probably can not connect to the device using high speed baud rates as your serial converter simply can not process this data rate." +#: ../../configuration/vpn/sstp.rst:482 +msgid "If you use a self-signed certificate, do not forget to install CA on the client side." +msgstr "If you use a self-signed certificate, do not forget to install CA on the client side." + +#: ../../configuration/vpn/ipsec.rst:538 +msgid "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." +msgstr "If you want, need, and should use more advanced encryption ciphers (default is still 3DES) you need to provision your device using a so-called \"Device Profile\". A profile is a simple text file containing XML nodes with a ``.mobileconfig`` file extension that can be sent and opened on any device from an E-Mail." + #: ../../configuration/system/flow-accounting.rst:140 msgid "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." msgstr "If you want to change the maximum number of flows, which are tracking simultaneously, you may do this with this command (default 8192)." @@ -6861,7 +7512,7 @@ msgstr "If you want to change the maximum number of flows, which are tracking si msgid "If you want to disable a rule but let it in the configuration." msgstr "If you want to disable a rule but let it in the configuration." -#: ../../configuration/system/login.rst:294 +#: ../../configuration/system/login.rst:298 msgid "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." msgstr "If you want to have admin users to authenticate via RADIUS it is essential to sent the ``Cisco-AV-Pair shell:priv-lvl=15`` attribute. Without the attribute you will only get regular, non privilegued, system users." @@ -6873,7 +7524,7 @@ msgstr "If you want to use existing blacklists you have to create/download a dat msgid "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." msgstr "If you want your router to forward DHCP requests to an external DHCP server you can configure the system to act as a DHCP relay agent. The DHCP relay agent works with IPv4 and IPv6 addresses." -#: ../../configuration/protocols/bgp.rst:760 +#: ../../configuration/protocols/bgp.rst:782 msgid "Ignore AS_PATH length when selecting a route" msgstr "Ignore AS_PATH length when selecting a route" @@ -6885,7 +7536,7 @@ msgstr "Ignore VRRP main interface faults" msgid "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" msgstr "Image thankfully borrowed from https://en.wikipedia.org/wiki/File:SNMP_communication_principles_diagram.PNG which is under the GNU Free Documentation License" -#: ../../configuration/vpn/site2site_ipsec.rst:279 +#: ../../configuration/vpn/site2site_ipsec.rst:282 msgid "Imagine the following topology" msgstr "Imagine the following topology" @@ -6893,11 +7544,35 @@ msgstr "Imagine the following topology" msgid "Immediate" msgstr "Immediate" +#: ../../configuration/pki/index.rst:254 +msgid "Import files to PKI format" +msgstr "Import files to PKI format" + +#: ../../configuration/pki/index.rst:265 +msgid "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." +msgstr "Import the CAs private key portion to the CLI. This should never leave the system as it is used to decrypt the data. The key is required if you use VyOS as your certificate generator." + +#: ../../configuration/pki/index.rst:280 +msgid "Import the OpenVPN shared secret stored in file to the VyOS CLI." +msgstr "Import the OpenVPN shared secret stored in file to the VyOS CLI." + +#: ../../configuration/pki/index.rst:271 +msgid "Import the certificate from the file to VyOS CLI." +msgstr "Import the certificate from the file to VyOS CLI." + +#: ../../configuration/pki/index.rst:275 +msgid "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." +msgstr "Import the private key of the certificate to the VyOS CLI. This should never leave the system as it is used to decrypt the data." + +#: ../../configuration/pki/index.rst:261 +msgid "Import the public CA certificate from the defined file to VyOS CLI." +msgstr "Import the public CA certificate from the defined file to VyOS CLI." + #: ../../configuration/protocols/rpki.rst:46 msgid "Imported prefixes during the validation may have values:" msgstr "Imported prefixes during the validation may have values:" -#: ../../configuration/protocols/static.rst:158 +#: ../../configuration/protocols/static.rst:191 msgid "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP)." @@ -6905,7 +7580,7 @@ msgstr "In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP msgid "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." msgstr "In Priority Queue we do not define clases with a meaningless class ID number but with a class priority number (1-7). The lower the number, the higher the priority." -#: ../../configuration/vpn/ipsec.rst:117 +#: ../../configuration/vpn/ipsec.rst:120 msgid "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." msgstr "In VyOS, ESP attributes are specified through ESP groups. Multiple proposals can be specified in a single group." @@ -6945,7 +7620,7 @@ msgstr "In a nutshell, the current implementation provides the following feature msgid "In addition, you can specify many other parameters to get BGP information:" msgstr "In addition, you can specify many other parameters to get BGP information:" -#: ../../configuration/system/login.rst:301 +#: ../../configuration/system/login.rst:305 msgid "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service)`, :abbr:`TACACS (Terminal Access Controller Access Control System)` can also be found in large deployments." @@ -6953,12 +7628,16 @@ msgstr "In addition to :abbr:`RADIUS (Remote Authentication Dial-In User Service msgid "In addition to displaying flow accounting information locally, one can also exported them to a collection server." msgstr "In addition to displaying flow accounting information locally, one can also exported them to a collection server." -#: ../../configuration/pki/index.rst:144 -#: ../../configuration/pki/index.rst:159 +#: ../../configuration/pki/index.rst:146 +#: ../../configuration/pki/index.rst:161 #: ../../configuration/pki/pki_cli_import_help.txt:1 msgid "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." msgstr "In addition to the command above, the output is in a format which can be used to directly import the key into the VyOS CLI by simply copy-pasting the output from op-mode into configuration mode." +#: ../../configuration/interfaces/pppoe.rst:388 +msgid "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." +msgstr "In addition we setup IPv6 :abbr:`RA (Router Advertisements)` to make the prefix known on the eth0 link." + #: ../../configuration/service/broadcast-relay.rst:48 msgid "In addition you can also disable the whole service without the need to remove it from the current configuration." msgstr "In addition you can also disable the whole service without the need to remove it from the current configuration." @@ -7003,7 +7682,7 @@ msgstr "In firewall bridge rules, the action can be:" msgid "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." msgstr "In general, OSPF protocol requires a backbone area (area 0) to be coherent and fully connected. I.e. any backbone area router must have a route to any other backbone area router. Moreover, every ABR must have a link to backbone area. However, it is not always possible to have a physical link to a backbone area. In this case between two ABR (one of them has a link to the backbone area) in the area (not stub area) a virtual link is organized." -#: ../../configuration/system/login.rst:236 +#: ../../configuration/system/login.rst:240 msgid "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." msgstr "In large deployments it is not reasonable to configure each user individually on every system. VyOS supports using :abbr:`RADIUS (Remote Authentication Dial-In User Service)` servers as backend for user authentication." @@ -7023,7 +7702,7 @@ msgstr "In order for the system to use and complete unqualified host names, a li msgid "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." msgstr "In order to allow for LDP on the local router to exchange label advertisements with other routers, a TCP session will be established between automatically discovered and statically assigned routers. LDP will try to establish a TCP session to the **transport address** of other routers. Therefore for LDP to function properly please make sure the transport address is shown in the routing table and reachable to traffic at all times." -#: ../../configuration/protocols/bgp.rst:820 +#: ../../configuration/protocols/bgp.rst:842 msgid "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." msgstr "In order to control and modify routing information that is exchanged between peers you can use route-map, filter-list, prefix-list, distribute-list." @@ -7039,7 +7718,7 @@ msgstr "In order to have VyOS Traffic Control working you need to follow 2 steps msgid "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." msgstr "In order to have full control and make use of multiple static public IP addresses, your VyOS will have to initiate the PPPoE connection and control it. In order for this method to work, you will have to figure out how to make your DSL Modem/Router switch into a Bridged Mode so it only acts as a DSL Transceiver device to connect between the Ethernet link of your VyOS and the phone cable. Once your DSL Transceiver is in Bridge Mode, you should get no IP address from it. Please make sure you connect to the Ethernet Port 1 if your DSL Transceiver has a switch, as some of them only work this way." -#: ../../configuration/service/dhcp-server.rst:623 +#: ../../configuration/service/dhcp-server.rst:631 msgid "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." msgstr "In order to map specific IPv6 addresses to specific hosts static mappings can be created. The following example explains the process." @@ -7079,6 +7758,10 @@ msgstr "In our example, we used the key name ``openvpn-1`` which we will referen msgid "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" msgstr "In our example, we will be forwarding web server traffic to an internal web server on 192.168.0.100. HTTP traffic makes use of the TCP protocol on port 80. For other common port numbers, see: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers" +#: ../../configuration/vpn/ipsec.rst:411 +msgid "In our example the certificate name is called vyos:" +msgstr "In our example the certificate name is called vyos:" + #: ../../configuration/trafficpolicy/index.rst:906 msgid "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." msgstr "In principle, values must be :code:`min-threshold` < :code:`max-threshold` < :code:`queue-limit`." @@ -7123,7 +7806,11 @@ msgstr "In the case you want to apply some kind of **shaping** to your **inbound msgid "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." msgstr "In the command above, we set the type of policy we are going to work with and the name we choose for it; a class (so that we can differentiate some traffic) and an identifiable number for that class; then we configure a matching rule (or filter) and a name for it." -#: ../../configuration/service/pppoe-server.rst:259 +#: ../../configuration/vpn/ipsec.rst:564 +msgid "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." +msgstr "In the end, an XML structure is generated which can be saved as ``vyos.mobileconfig`` and sent to the device by E-Mail where it later can be imported." + +#: ../../configuration/service/pppoe-server.rst:333 msgid "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." msgstr "In the example above, the first 499 sessions connect without delay. PADO packets will be delayed 50 ms for connection from 500 to 999, this trick allows other PPPoE servers send PADO faster and clients will connect to other servers. Last command says that this PPPoE server can serve only 3000 clients." @@ -7131,7 +7818,7 @@ msgstr "In the example above, the first 499 sessions connect without delay. PADO msgid "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" msgstr "In the example used for the Quick Start configuration above, we demonstrate the following configuration:" -#: ../../configuration/system/login.rst:399 +#: ../../configuration/system/login.rst:403 msgid "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." msgstr "In the following example, both `User1` and `User2` will be able to SSH into VyOS as user ``vyos`` using their very own keys. `User1` is restricted to only be able to connect from a single IP address. In addition if password base login is wanted for the ``vyos`` user a 2FA/MFA keycode is required in addition to the password." @@ -7151,7 +7838,7 @@ msgstr "In the following example we can see a basic multicast setup:" msgid "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." msgstr "In the future this is expected to be a very useful protocol (though there are `other proposals`_)." -#: ../../configuration/highavailability/index.rst:400 +#: ../../configuration/highavailability/index.rst:410 msgid "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" msgstr "In the next example all traffic destined to ``203.0.113.1`` and port ``8280`` protocol TCP is balanced between 2 real servers ``192.0.2.11`` and ``192.0.2.12`` to port ``80``" @@ -7175,7 +7862,7 @@ msgstr "In this example, we use **masquerade** as the translation address instea msgid "In this example, we will be using the example Quick Start configuration above as a starting point." msgstr "In this example, we will be using the example Quick Start configuration above as a starting point." -#: ../../configuration/highavailability/index.rst:430 +#: ../../configuration/highavailability/index.rst:440 msgid "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." msgstr "In this example all traffic destined to ports \"80, 2222, 8888\" protocol TCP marks to fwmark \"111\" and balanced between 2 real servers. Port \"0\" is required if multiple ports are used." @@ -7191,7 +7878,7 @@ msgstr "In this example we will use the most complicated case: a setup where eac msgid "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." msgstr "In this method, the DSL Modem/Router connects to the ISP for you with your credentials preprogrammed into the device. This gives you an :rfc:`1918` address, such as ``192.168.1.0/24`` by default." -#: ../../configuration/service/dns.rst:165 +#: ../../configuration/service/dns.rst:152 msgid "In this scenario:" msgstr "In this scenario:" @@ -7319,6 +8006,10 @@ msgstr "Intel® QAT" msgid "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" msgstr "Interconnect the global VRF with vrf \"red\" using the veth10 <-> veth 11 pair" +#: ../../configuration/service/ids.rst:96 +msgid "Interface **eth0** used to connect to upstream." +msgstr "Interface **eth0** used to connect to upstream." + #: ../../configuration/protocols/isis.rst:146 #: ../../configuration/protocols/ospf.rst:356 #: ../../configuration/protocols/ospf.rst:1139 @@ -7329,7 +8020,7 @@ msgstr "Interface Configuration" msgid "Interface Groups" msgstr "Interface Groups" -#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:87 msgid "Interface Routes" msgstr "Interface Routes" @@ -7367,7 +8058,7 @@ msgid "Interface weight" msgstr "Interface weight" #: ../../configuration/interfaces/index.rst:3 -#: ../../configuration/vrf/index.rst:71 +#: ../../configuration/vrf/index.rst:90 msgid "Interfaces" msgstr "Interfaces" @@ -7388,10 +8079,18 @@ msgstr "Interfaces that participate in the DHCP relay process. If this command i msgid "Interfaces whose DHCP client nameservers to forward requests to." msgstr "Interfaces whose DHCP client nameservers to forward requests to." +#: ../../configuration/service/ids.rst:105 +msgid "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." +msgstr "Internal attack: an attack from the internal network (generated by a customer) towards the internet is identify. In this case, all connections from this particular IP/Customer will be blocked." + #: ../../configuration/system/flow-accounting.rst:70 msgid "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" msgstr "Internally, in flow-accounting processes exist a buffer for data exchanging between core process and plugins (each export target is a separated plugin). If you have high traffic levels or noted some problems with missed records or stopping exporting, you may try to increase a default buffer size (10 MiB) with the next command:" +#: ../../configuration/vpn/ipsec.rst:374 +msgid "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." +msgstr "Internet Key Exchange version 2, IKEv2 for short, is a request/response protocol developed by both Cisco and Microsoft. It is used to establish and secure IPv4/IPv6 connections, be it a site-to-site VPN or from a road-warrior connecting to a hub site. IKEv2, when run in point-to-multipoint, or remote-access/road-warrior mode, secures the server-side with another layer by using an x509 signed server certificate." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:6 msgid "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." msgstr "Internet Key Exchange version 2 (IKEv2) is a tunneling protocol, based on IPsec, that establishes a secure VPN communication between VPN devices, and defines negotiation and authentication processes for IPsec security associations (SAs). It is often known as IKEv2/IPSec or IPSec IKEv2 remote-access — or road-warriors as others call it." @@ -7412,7 +8111,7 @@ msgstr "Interval in milliseconds" msgid "Interval in minutes between updates (default: 60)" msgstr "Interval in minutes between updates (default: 60)" -#: ../../configuration/protocols/bgp.rst:906 +#: ../../configuration/protocols/bgp.rst:928 msgid "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." msgstr "Introducing route reflectors removes the need for the full-mesh. When you configure a route reflector you have to tell the router whether the other IBGP router is a client or non-client. A client is an IBGP router that the route reflector will “reflect†routes to, the non-client is just a regular IBGP neighbor. Route reflectors mechanism is described in :rfc:`4456` and updated by :rfc:`7606`." @@ -7432,11 +8131,11 @@ msgstr "It's slower than IPsec due to higher protocol overhead and the fact it r msgid "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" msgstr "It's time to check conntrack table, to see if any connection was accepted, and if was properly offloaded" -#: ../../configuration/system/option.rst:111 +#: ../../configuration/system/option.rst:141 msgid "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." msgstr "It disables transparent huge pages, and automatic NUMA balancing. It also uses cpupower to set the performance cpufreq governor, and requests a cpu_dma_latency value of 1. It also sets busy_read and busy_poll times to 50 us, and tcp_fastopen to 3." -#: ../../configuration/system/option.rst:102 +#: ../../configuration/system/option.rst:132 msgid "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." msgstr "It enables transparent huge pages, and uses cpupower to set the performance cpufreq governor. It also sets ``kernel.sched_min_granularity_ns`` to 10 us, ``kernel.sched_wakeup_granularity_ns`` to 15 uss, and ``vm.dirty_ratio`` to 40%." @@ -7457,11 +8156,11 @@ msgstr "It helps to think of the syntax as: (see below). The 'rule-set' should b msgid "It is compatible with Cisco (R) AnyConnect (R) clients." msgstr "It is compatible with Cisco (R) AnyConnect (R) clients." -#: ../../configuration/service/dhcp-server.rst:590 +#: ../../configuration/service/dhcp-server.rst:596 msgid "It is connected to ``eth1``" msgstr "It is connected to ``eth1``" -#: ../../configuration/system/login.rst:42 +#: ../../configuration/system/login.rst:46 msgid "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." msgstr "It is highly recommended to use SSH key authentication. By default there is only one user (``vyos``), and you can assign any number of keys to that user. You can generate a ssh key with the ``ssh-keygen`` command on your local machine, which will (by default) save it as ``~/.ssh/id_rsa.pub``." @@ -7477,11 +8176,11 @@ msgstr "It is important to note that when creating firewall rules, the DNAT tran msgid "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." msgstr "It is important to note that when creating firewall rules that the DNAT translation occurs **before** traffic traverses the firewall. In other words, the destination address has already been translated to 192.168.0.100." -#: ../../configuration/vrf/index.rst:505 +#: ../../configuration/vrf/index.rst:524 msgid "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a L3VPN VRFs but L3VPN VRFs must be maintained, too.For L3VPN VRF maintenance the following operational commands are in place." -#: ../../configuration/vrf/index.rst:113 +#: ../../configuration/vrf/index.rst:132 msgid "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained, too. For VRF maintenance the following operational commands are in place." @@ -7489,14 +8188,19 @@ msgstr "It is not sufficient to only configure a VRF but VRFs must be maintained msgid "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" msgstr "It is not valid to use the `vif 1` option for VLAN aware bridges because VLAN aware bridges assume that all unlabeled packets belong to the default VLAN 1 member and that the VLAN ID of the bridge's parent interface is always 1" -#: ../../configuration/system/login.rst:93 +#: ../../configuration/system/login.rst:97 msgid "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." msgstr "It is possible to enhance authentication security by using the :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` feature together with :abbr:`OTP (One-Time-Pad)` on VyOS. :abbr:`2FA (Two-factor authentication)`/:abbr:`MFA (Multi-factor authentication)` is configured independently per each user. If an OTP key is configured for a user, 2FA/MFA is automatically enabled for that particular user. If a user does not have an OTP key configured, there is no 2FA/MFA check for that user." -#: ../../configuration/vrf/index.rst:496 +#: ../../configuration/vrf/index.rst:515 msgid "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." msgstr "It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected." +#: ../../configuration/protocols/static.rst:64 +#: ../../configuration/protocols/static.rst:132 +msgid "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." +msgstr "It is possible to specify a static route for ipv6 prefixes using an SRv6 segments instruction. The `/` separator can be used to specify multiple segment instructions." + #: ../../configuration/service/conntrack-sync.rst:30 msgid "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" msgstr "It is possible to use either Multicast or Unicast to sync conntrack traffic. Most examples below show Multicast, but unicast can be specified by using the \"peer\" keywork after the specificed interface, as in the following example:" @@ -7517,7 +8221,7 @@ msgstr "It uses a stochastic model to classify incoming packets into different f msgid "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." msgstr "It will be combined with the delegated prefix and the sla-id to form a complete interface address. The default is to use the EUI-64 address of the interface." -#: ../../configuration/vrf/index.rst:220 +#: ../../configuration/vrf/index.rst:239 msgid "Join a given VRF. This will open a new subshell within the specified VRF." msgstr "Join a given VRF. This will open a new subshell within the specified VRF." @@ -7529,15 +8233,19 @@ msgstr "Jump to a different rule in this route-map on a match." msgid "Juniper EX Switch" msgstr "Juniper EX Switch" +#: ../../configuration/system/option.rst:31 +msgid "Kernel" +msgstr "Kernel" + #: ../../configuration/system/syslog.rst:112 msgid "Kernel messages" msgstr "Kernel messages" -#: ../../configuration/system/login.rst:40 +#: ../../configuration/system/login.rst:44 msgid "Key Based Authentication" msgstr "Key Based Authentication" -#: ../../configuration/pki/index.rst:30 +#: ../../configuration/pki/index.rst:32 msgid "Key Generation" msgstr "Key Generation" @@ -7545,7 +8253,7 @@ msgstr "Key Generation" msgid "Key Management" msgstr "Key Management" -#: ../../configuration/vpn/site2site_ipsec.rst:383 +#: ../../configuration/vpn/site2site_ipsec.rst:386 msgid "Key Parameters:" msgstr "Key Parameters:" @@ -7557,11 +8265,15 @@ msgstr "Key Points:" msgid "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." msgstr "Key exchange and payload encryption is done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back). Authentication can be achieved with X.509 certificates." -#: ../../configuration/pki/index.rst:167 +#: ../../configuration/vpn/ipsec.rst:381 +msgid "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." +msgstr "Key exchange and payload encryption is still done using IKE and ESP proposals as known from IKEv1 but the connections are faster to establish, more reliable, and also support roaming from IP to IP (called MOBIKE which makes sure your connection does not drop when changing networks from e.g. WIFI to LTE and back)." + +#: ../../configuration/pki/index.rst:169 msgid "Key usage (CLI)" msgstr "Key usage (CLI)" -#: ../../configuration/system/option.rst:58 +#: ../../configuration/system/option.rst:88 msgid "Keyboard Layout" msgstr "Keyboard Layout" @@ -7574,7 +8286,7 @@ msgstr "Keypairs" msgid "Keyword" msgstr "Keyword" -#: ../../configuration/vpn/l2tp.rst:4 +#: ../../configuration/vpn/l2tp.rst:5 msgid "L2TP" msgstr "L2TP" @@ -7606,7 +8318,7 @@ msgstr "L2TPv3 is described in :rfc:`3931`." msgid "L2TPv3 options" msgstr "L2TPv3 options" -#: ../../configuration/vrf/index.rst:399 +#: ../../configuration/vrf/index.rst:418 msgid "L3VPN VRFs" msgstr "L3VPN VRFs" @@ -7635,7 +8347,7 @@ msgstr "LLDP performs functions similar to several proprietary protocols, such a msgid "LNS (L2TP Network Server)" msgstr "LNS (L2TP Network Server)" -#: ../../configuration/vpn/l2tp.rst:91 +#: ../../configuration/vpn/l2tp.rst:272 msgid "LNS are often used to connect to a LAC (L2TP Access Concentrator)." msgstr "LNS are often used to connect to a LAC (L2TP Access Concentrator)." @@ -7647,11 +8359,11 @@ msgstr "Label Distribution Protocol" msgid "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." msgstr "Layer 2 Tunnelling Protocol Version 3 is an IETF standard related to L2TP that can be used as an alternative protocol to :ref:`mpls` for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. Like L2TP, L2TPv3 provides a pseudo-wire service but is scaled to fit carrier requirements." -#: ../../configuration/service/dhcp-server.rst:593 +#: ../../configuration/service/dhcp-server.rst:599 msgid "Lease time will be left at the default value which is 24 hours" msgstr "Lease time will be left at the default value which is 24 hours" -#: ../../configuration/service/dhcp-server.rst:336 +#: ../../configuration/service/dhcp-server.rst:342 msgid "Lease timeout in seconds (default: 86400)" msgstr "Lease timeout in seconds (default: 86400)" @@ -7699,15 +8411,19 @@ msgstr "Lifetime in days; default is 365" msgid "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" msgstr "Lifetime is decremented by the number of seconds since the last RA - use in conjunction with a DHCPv6-PD prefix" +#: ../../configuration/vpn/ipsec.rst:535 +msgid "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." +msgstr "Like on Microsoft Windows, Apple iOS/iPadOS out of the box does not expose all available VPN options via the device GUI." + #: ../../configuration/loadbalancing/reverse-proxy.rst:162 msgid "Limit allowed cipher algorithms used during SSL/TLS handshake" msgstr "Limit allowed cipher algorithms used during SSL/TLS handshake" -#: ../../configuration/system/login.rst:112 +#: ../../configuration/system/login.rst:116 msgid "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." msgstr "Limit logins to `<limit>` per every ``rate-time`` seconds. Rate limit must be between 1 and 10 attempts." -#: ../../configuration/system/login.rst:118 +#: ../../configuration/system/login.rst:122 msgid "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." msgstr "Limit logins to ``rate-limit`` attemps per every `<seconds>`. Rate time must be between 15 and 600 seconds." @@ -7723,7 +8439,7 @@ msgstr "Limiter" msgid "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." msgstr "Limiter is one of those policies that uses classes_ (Ingress qdisc is actually a classless policy but filters do work in it)." -#: ../../configuration/system/login.rst:381 +#: ../../configuration/system/login.rst:385 msgid "Limits" msgstr "Limits" @@ -7767,7 +8483,7 @@ msgstr "List of supported algorithms: ``diffie-hellman-group1-sha1``, ``diffie-h msgid "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" msgstr "List of supported ciphers: ``3des-cbc``, ``aes128-cbc``, ``aes192-cbc``, ``aes256-cbc``, ``aes128-ctr``, ``aes192-ctr``, ``aes256-ctr``, ``arcfour128``, ``arcfour256``, ``arcfour``, ``blowfish-cbc``, ``cast128-cbc``" -#: ../../configuration/policy/route-map.rst:362 +#: ../../configuration/policy/route-map.rst:365 msgid "List of well-known communities" msgstr "List of well-known communities" @@ -7775,7 +8491,7 @@ msgstr "List of well-known communities" msgid "Listen for DHCP requests on interface ``eth1``." msgstr "Listen for DHCP requests on interface ``eth1``." -#: ../../configuration/vrf/index.rst:118 +#: ../../configuration/vrf/index.rst:137 msgid "Lists VRFs that have been created" msgstr "Lists VRFs that have been created" @@ -7787,7 +8503,7 @@ msgstr "Load-balancing" msgid "Load-balancing algorithms to be used for distributind requests among the vailable servers" msgstr "Load-balancing algorithms to be used for distributind requests among the vailable servers" -#: ../../configuration/highavailability/index.rst:347 +#: ../../configuration/highavailability/index.rst:357 msgid "Load-balancing schedule algorithm:" msgstr "Load-balancing schedule algorithm:" @@ -7795,11 +8511,11 @@ msgstr "Load-balancing schedule algorithm:" msgid "Load Balance" msgstr "Load Balance" -#: ../../configuration/service/pppoe-server.rst:243 +#: ../../configuration/service/pppoe-server.rst:317 msgid "Load Balancing" msgstr "Load Balancing" -#: ../../configuration/system/login.rst:422 +#: ../../configuration/system/login.rst:426 msgid "Load the container image in op-mode." msgstr "Load the container image in op-mode." @@ -7848,11 +8564,11 @@ msgstr "Local User Account" msgid "Local path that includes the known hosts file." msgstr "Local path that includes the known hosts file." -#: ../../configuration/protocols/rpki.rst:145 +#: ../../configuration/protocols/rpki.rst:155 msgid "Local path that includes the private key file of the router." msgstr "Local path that includes the private key file of the router." -#: ../../configuration/protocols/rpki.rst:149 +#: ../../configuration/protocols/rpki.rst:159 msgid "Local path that includes the public key file of the router." msgstr "Local path that includes the public key file of the router." @@ -7864,7 +8580,7 @@ msgstr "Local route" msgid "Locally connect to serial port identified by `<device>`." msgstr "Locally connect to serial port identified by `<device>`." -#: ../../configuration/policy/route-map.rst:273 +#: ../../configuration/policy/route-map.rst:276 msgid "Locally significant administrative distance." msgstr "Locally significant administrative distance." @@ -7918,11 +8634,11 @@ msgstr "Logging to a remote host leaves the local logging configuration intact, msgid "Login/User Management" msgstr "Login/User Management" -#: ../../configuration/system/login.rst:363 +#: ../../configuration/system/login.rst:367 msgid "Login Banner" msgstr "Login Banner" -#: ../../configuration/system/login.rst:383 +#: ../../configuration/system/login.rst:387 msgid "Login limits" msgstr "Login limits" @@ -7981,7 +8697,7 @@ msgstr "MACsec options" msgid "MDI power" msgstr "MDI power" -#: ../../configuration/system/login.rst:91 +#: ../../configuration/system/login.rst:95 msgid "MFA/2FA authentication using OTP (one time passwords)" msgstr "MFA/2FA authentication using OTP (one time passwords)" @@ -8024,11 +8740,11 @@ msgstr "Main structure VyOS firewall cli is shown next:" msgid "Main structure is shown next:" msgstr "Main structure is shown next:" -#: ../../configuration/service/pppoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:303 msgid "Maintenance mode" msgstr "Maintenance mode" -#: ../../configuration/service/conntrack-sync.rst:107 +#: ../../configuration/service/conntrack-sync.rst:111 msgid "Make sure conntrack is enabled by running and show connection tracking table." msgstr "Make sure conntrack is enabled by running and show connection tracking table." @@ -8048,7 +8764,7 @@ msgstr "Mandatory Settings" msgid "Manual Neighbor Configuration" msgstr "Manual Neighbor Configuration" -#: ../../configuration/pki/index.rst:336 +#: ../../configuration/pki/index.rst:367 msgid "Manually trigger certificate renewal. This will be done twice a day." msgstr "Manually trigger certificate renewal. This will be done twice a day." @@ -8056,15 +8772,19 @@ msgstr "Manually trigger certificate renewal. This will be done twice a day." msgid "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." msgstr "Maps the VNI to the specified VLAN id. The VLAN can then be consumed by a bridge." -#: ../../configuration/vpn/sstp.rst:223 +#: ../../configuration/service/ipoe-server.rst:166 +#: ../../configuration/service/pppoe-server.rst:128 +#: ../../configuration/vpn/l2tp.rst:171 +#: ../../configuration/vpn/pptp.rst:111 +#: ../../configuration/vpn/sstp.rst:144 msgid "Mark RADIUS server as offline for this given `<time>` in seconds." msgstr "Mark RADIUS server as offline for this given `<time>` in seconds." -#: ../../configuration/pki/index.rst:206 +#: ../../configuration/pki/index.rst:208 msgid "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the CAs private key as password protected. User is asked for the password when the key is referenced." -#: ../../configuration/pki/index.rst:244 +#: ../../configuration/pki/index.rst:246 msgid "Mark the private key as password protected. User is asked for the password when the key is referenced." msgstr "Mark the private key as password protected. User is asked for the password when the key is referenced." @@ -8076,7 +8796,7 @@ msgstr "Match BGP large communities." msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_." -#: ../../configuration/firewall/ipv4.rst:440 +#: ../../configuration/firewall/ipv4.rst:463 #: ../../configuration/firewall/ipv6.rst:447 msgid "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." msgstr "Match IP addresses based on its geolocation. More info: `geoip matching <https://wiki.nftables.org/wiki-nftables/index.php/GeoIP_matching>`_. Use inverse-match to match anything except the given country-codes." @@ -8089,17 +8809,21 @@ msgstr "Match RPKI validation result." msgid "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is defined in: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negates the selected protocol." -#: ../../configuration/firewall/ipv4.rst:773 +#: ../../configuration/firewall/ipv4.rst:796 #: ../../configuration/firewall/ipv6.rst:783 msgid "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." msgstr "Match a protocol criteria. A protocol number or a name which is here defined: ``/etc/protocols``. Special names are ``all`` for all protocols and ``tcp_udp`` for tcp and udp based packets. The ``!`` negate the selected protocol." -#: ../../configuration/firewall/ipv4.rst:831 +#: ../../configuration/firewall/ipv4.rst:854 #: ../../configuration/firewall/ipv6.rst:840 msgid "Match against the state of a packet." msgstr "Match against the state of a packet." -#: ../../configuration/firewall/ipv4.rst:620 +#: ../../configuration/firewall/ipv4.rst:336 +msgid "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." +msgstr "Match based on connection tracking protocol helper module to secure use of that helper module. See below for possible completions `<module>`." + +#: ../../configuration/firewall/ipv4.rst:643 #: ../../configuration/firewall/ipv6.rst:630 msgid "Match based on dscp value." msgstr "Match based on dscp value." @@ -8108,16 +8832,16 @@ msgstr "Match based on dscp value." msgid "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." msgstr "Match based on dscp value criteria. Multiple values from 0 to 63 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:631 +#: ../../configuration/firewall/ipv4.rst:654 #: ../../configuration/firewall/ipv6.rst:641 msgid "Match based on fragment criteria." msgstr "Match based on fragment criteria." -#: ../../configuration/firewall/ipv4.rst:642 +#: ../../configuration/firewall/ipv4.rst:665 msgid "Match based on icmp code and type." msgstr "Match based on icmp code and type." -#: ../../configuration/firewall/ipv4.rst:653 +#: ../../configuration/firewall/ipv4.rst:676 msgid "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." msgstr "Match based on icmp type-name criteria. Use tab for information about what **type-name** criteria are supported." @@ -8147,18 +8871,18 @@ msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:239 -#: ../../configuration/firewall/ipv4.rst:663 +#: ../../configuration/firewall/ipv4.rst:686 #: ../../configuration/firewall/ipv6.rst:673 msgid "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on inbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:248 -#: ../../configuration/firewall/ipv4.rst:674 +#: ../../configuration/firewall/ipv4.rst:697 #: ../../configuration/firewall/ipv6.rst:684 msgid "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on inbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:707 +#: ../../configuration/firewall/ipv4.rst:730 #: ../../configuration/firewall/ipv6.rst:717 msgid "Match based on ipsec criteria." msgstr "Match based on ipsec criteria." @@ -8168,35 +8892,35 @@ msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``" #: ../../configuration/firewall/bridge.rst:256 -#: ../../configuration/firewall/ipv4.rst:684 +#: ../../configuration/firewall/ipv4.rst:707 #: ../../configuration/firewall/ipv6.rst:694 msgid "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" msgstr "Match based on outbound interface. Wilcard ``*`` can be used. For example: ``eth2*``. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!eth2``" #: ../../configuration/firewall/bridge.rst:265 -#: ../../configuration/firewall/ipv4.rst:695 +#: ../../configuration/firewall/ipv4.rst:718 #: ../../configuration/firewall/ipv6.rst:705 msgid "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" msgstr "Match based on outbound interface group. Prepending character ``!`` for inverted matching criteria is also supportd. For example ``!IFACE_GROUP``" -#: ../../configuration/firewall/ipv4.rst:750 +#: ../../configuration/firewall/ipv4.rst:773 #: ../../configuration/firewall/ipv6.rst:760 #: ../../configuration/policy/route.rst:176 msgid "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." msgstr "Match based on packet length criteria. Multiple values from 1 to 65535 and ranges are supported." -#: ../../configuration/firewall/ipv4.rst:762 +#: ../../configuration/firewall/ipv4.rst:785 #: ../../configuration/firewall/ipv6.rst:772 #: ../../configuration/policy/route.rst:184 msgid "Match based on packet type criteria." msgstr "Match based on packet type criteria." -#: ../../configuration/firewall/ipv4.rst:729 +#: ../../configuration/firewall/ipv4.rst:752 #: ../../configuration/firewall/ipv6.rst:739 msgid "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" msgstr "Match based on the maximum average rate, specified as **integer/unit**. For example **5/minutes**" -#: ../../configuration/firewall/ipv4.rst:718 +#: ../../configuration/firewall/ipv4.rst:741 #: ../../configuration/firewall/ipv6.rst:728 msgid "Match based on the maximum number of packets to allow in excess of rate." msgstr "Match based on the maximum number of packets to allow in excess of rate." @@ -8209,7 +8933,7 @@ msgstr "Match based on vlan ID. Range is also supported." msgid "Match based on vlan priority(pcp). Range is also supported." msgstr "Match based on vlan priority(pcp). Range is also supported." -#: ../../configuration/firewall/ipv4.rst:801 +#: ../../configuration/firewall/ipv4.rst:824 #: ../../configuration/firewall/ipv6.rst:810 msgid "Match bases on recently seen sources." msgstr "Match bases on recently seen sources." @@ -8224,7 +8948,7 @@ msgstr "Match criteria based on connection mark." msgid "Match criteria based on nat connection status." msgstr "Match criteria based on nat connection status." -#: ../../configuration/firewall/ipv4.rst:345 +#: ../../configuration/firewall/ipv4.rst:368 #: ../../configuration/firewall/ipv6.rst:345 msgid "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." msgstr "Match criteria based on source and/or destination address. This is similar to the network groups part, but here you are able to negate the matching addresses." @@ -8237,6 +8961,14 @@ msgstr "Match criteria based on source and/or destination mac-address." msgid "Match domain name" msgstr "Match domain name" +#: ../../configuration/service/ipoe-server.rst:382 +#: ../../configuration/service/pppoe-server.rst:571 +#: ../../configuration/vpn/l2tp.rst:506 +#: ../../configuration/vpn/pptp.rst:430 +#: ../../configuration/vpn/sstp.rst:464 +msgid "Match firewall mark value" +msgstr "Match firewall mark value" + #: ../../configuration/firewall/ipv6.rst:894 #: ../../configuration/policy/route.rst:234 msgid "Match hop-limit parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." @@ -8250,12 +8982,12 @@ msgstr "Match local preference." msgid "Match route metric." msgstr "Match route metric." -#: ../../configuration/firewall/ipv4.rst:885 +#: ../../configuration/firewall/ipv4.rst:908 #: ../../configuration/policy/route.rst:229 msgid "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." msgstr "Match time to live parameter, where 'eq' stands for 'equal'; 'gt' stands for 'greater than', and 'lt' stands for 'less than'." -#: ../../configuration/firewall/ipv4.rst:906 +#: ../../configuration/firewall/ipv4.rst:929 #: ../../configuration/firewall/ipv6.rst:915 msgid "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." msgstr "Match when 'count' amount of connections are seen within 'time'. These matching criteria can be used to block brute-force attempts." @@ -8275,11 +9007,24 @@ msgstr "Matching traffic" msgid "Maximum A-MSDU length 3839 (default) or 7935 octets" msgstr "Maximum A-MSDU length 3839 (default) or 7935 octets" +#: ../../configuration/vpn/l2tp.rst:492 +#: ../../configuration/vpn/pptp.rst:416 +msgid "Maximum Transmission Unit (MTU) (default: **1436**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1436**)" + +#: ../../configuration/service/pppoe-server.rst:538 +msgid "Maximum Transmission Unit (MTU) (default: **1492**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1492**)" + +#: ../../configuration/vpn/sstp.rst:450 +msgid "Maximum Transmission Unit (MTU) (default: **1500**)" +msgstr "Maximum Transmission Unit (MTU) (default: **1500**)" + #: ../../configuration/service/dns.rst:108 msgid "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." msgstr "Maximum number of DNS cache entries. 1 million per CPU core will generally suffice for most installations." -#: ../../configuration/vpn/sstp.rst:159 +#: ../../configuration/vpn/sstp.rst:165 msgid "Maximum number of IPv4 nameservers" msgstr "Maximum number of IPv4 nameservers" @@ -8287,6 +9032,14 @@ msgstr "Maximum number of IPv4 nameservers" msgid "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." msgstr "Maximum number of authenticator processes to spawn. If you start too few Squid will have to wait for them to process a backlog of credential verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes." +#: ../../configuration/service/ipoe-server.rst:372 +#: ../../configuration/service/pppoe-server.rst:542 +#: ../../configuration/vpn/l2tp.rst:496 +#: ../../configuration/vpn/pptp.rst:420 +#: ../../configuration/vpn/sstp.rst:454 +msgid "Maximum number of concurrent session start attempts" +msgstr "Maximum number of concurrent session start attempts" + #: ../../configuration/interfaces/wireless.rst:77 msgid "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." msgstr "Maximum number of stations allowed in station table. New stations will be rejected after the station table is full. IEEE 802.11 has a limit of 2007 different association IDs, so this number should not be larger than that." @@ -8295,7 +9048,11 @@ msgstr "Maximum number of stations allowed in station table. New stations will b msgid "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." msgstr "Maximum number of times an expired record’s TTL is extended by 30s when serving stale. Extension only occurs if a record cannot be refreshed. A value of 0 means the Serve Stale mechanism is not used. To allow records becoming stale to be served for an hour, use a value of 120." -#: ../../configuration/vpn/sstp.rst:250 +#: ../../configuration/service/ipoe-server.rst:190 +#: ../../configuration/service/pppoe-server.rst:152 +#: ../../configuration/vpn/l2tp.rst:195 +#: ../../configuration/vpn/pptp.rst:135 +#: ../../configuration/vpn/sstp.rst:168 msgid "Maximum number of tries to send Access-Request/Accounting-Request queries" msgstr "Maximum number of tries to send Access-Request/Accounting-Request queries" @@ -8323,6 +9080,10 @@ msgstr "Messages generated internally by syslogd" msgid "Metris version, the default is ``2``" msgstr "Metris version, the default is ``2``" +#: ../../configuration/vpn/ipsec.rst:510 +msgid "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." +msgstr "Microsoft Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." + #: ../../configuration/service/router-advert.rst:1 msgid "Min and max intervals between unsolicited multicast RAs" msgstr "Min and max intervals between unsolicited multicast RAs" @@ -8351,7 +9112,12 @@ msgstr "Modify the time that pim will register suppress a FHR will send register msgid "Monitor, the system passively monitors any kind of wireless traffic" msgstr "Monitor, the system passively monitors any kind of wireless traffic" +#: ../../configuration/service/ipoe-server.rst:390 #: ../../configuration/service/monitoring.rst:2 +#: ../../configuration/service/pppoe-server.rst:583 +#: ../../configuration/vpn/l2tp.rst:518 +#: ../../configuration/vpn/pptp.rst:442 +#: ../../configuration/vpn/sstp.rst:538 msgid "Monitoring" msgstr "Monitoring" @@ -8371,7 +9137,7 @@ msgstr "Most operating systems include native client support for IPsec IKEv2 VPN msgid "Mount a volume into the container" msgstr "Mount a volume into the container" -#: ../../configuration/service/dhcp-server.rst:235 +#: ../../configuration/service/dhcp-server.rst:241 msgid "Multi" msgstr "Multi" @@ -8383,7 +9149,7 @@ msgstr "Multi-client server is the most popular OpenVPN mode on routers. It alwa msgid "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." msgstr "Multi-homed. In a multi-homed network environment, the NAT66 device connects to an internal network and simultaneously connects to different external networks. Address translation can be configured on each external network side interface of the NAT66 device to convert the same internal network address into different external network addresses, and realize the mapping of the same internal address to multiple external addresses." -#: ../../configuration/service/dhcp-server.rst:359 +#: ../../configuration/service/dhcp-server.rst:365 msgid "Multi: can be specified multiple times." msgstr "Multi: can be specified multiple times." @@ -8428,7 +9194,7 @@ msgstr "Multicast receivers will talk MLD to their local router, so, besides hav msgid "Multiple DNS servers can be defined." msgstr "Multiple DNS servers can be defined." -#: ../../configuration/protocols/rpki.rst:121 +#: ../../configuration/protocols/rpki.rst:135 msgid "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." msgstr "Multiple RPKI caching instances can be supplied and they need a preference in which their result sets are used." @@ -8460,16 +9226,16 @@ msgstr "Multiple interfaces may be specified." msgid "Multiple networks/client IP addresses can be configured." msgstr "Multiple networks/client IP addresses can be configured." -#: ../../configuration/system/login.rst:248 -#: ../../configuration/system/login.rst:317 +#: ../../configuration/system/login.rst:252 +#: ../../configuration/system/login.rst:321 msgid "Multiple servers can be specified." msgstr "Multiple servers can be specified." -#: ../../configuration/service/dns.rst:374 +#: ../../configuration/service/dns.rst:380 msgid "Multiple services can be used per interface. Just specify as many services per interface as you like!" msgstr "Multiple services can be used per interface. Just specify as many services per interface as you like!" -#: ../../configuration/firewall/ipv4.rst:494 +#: ../../configuration/firewall/ipv4.rst:517 #: ../../configuration/firewall/ipv6.rst:500 msgid "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" msgstr "Multiple source ports can be specified as a comma-separated list. The whole list can also be \"negated\" using ``!``. For example:" @@ -8487,22 +9253,22 @@ msgstr "Multiple users can connect to the same serial device but only one is all msgid "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." msgstr "Multiprotocol extensions enable BGP to carry routing information for multiple network layer protocols. BGP supports an Address Family Identifier (AFI) for IPv4 and IPv6." -#: ../../configuration/service/dhcp-server.rst:241 #: ../../configuration/service/dhcp-server.rst:247 -#: ../../configuration/service/dhcp-server.rst:252 -#: ../../configuration/service/dhcp-server.rst:272 -#: ../../configuration/service/dhcp-server.rst:287 -#: ../../configuration/service/dhcp-server.rst:292 -#: ../../configuration/service/dhcp-server.rst:297 -#: ../../configuration/service/dhcp-server.rst:302 -#: ../../configuration/service/dhcp-server.rst:307 -#: ../../configuration/service/dhcp-server.rst:327 -#: ../../configuration/service/dhcp-server.rst:332 -#: ../../configuration/service/dhcp-server.rst:337 +#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:293 +#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:308 +#: ../../configuration/service/dhcp-server.rst:313 +#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:338 +#: ../../configuration/service/dhcp-server.rst:343 msgid "N" msgstr "N" -#: ../../configuration/highavailability/index.rst:363 +#: ../../configuration/highavailability/index.rst:373 #: ../../configuration/nat/index.rst:5 msgid "NAT" msgstr "NAT" @@ -8523,6 +9289,10 @@ msgstr "NAT64" msgid "NAT64 client configuration:" msgstr "NAT64 client configuration:" +#: ../../configuration/service/router-advert.rst:84 +msgid "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." +msgstr "NAT64 prefix mask must be one of: /32, /40, /48, /56, /64 or 96." + #: ../../configuration/nat/nat64.rst:44 msgid "NAT64 server configuration:" msgstr "NAT64 server configuration:" @@ -8587,7 +9357,15 @@ msgstr "NTP supplies a warning of any impending leap second adjustment, but no i msgid "Name Server" msgstr "Name Server" -#: ../../configuration/service/dhcp-server.rst:356 +#: ../../configuration/vpn/sstp.rst:84 +msgid "Name of installed certificate authority certificate." +msgstr "Name of installed certificate authority certificate." + +#: ../../configuration/vpn/sstp.rst:88 +msgid "Name of installed server certificate." +msgstr "Name of installed server certificate." + +#: ../../configuration/service/dhcp-server.rst:362 msgid "Name of static mapping" msgstr "Name of static mapping" @@ -8595,11 +9373,11 @@ msgstr "Name of static mapping" msgid "Name of the single table Only if set group-metrics single-table." msgstr "Name of the single table Only if set group-metrics single-table." -#: ../../configuration/service/dhcp-server.rst:296 +#: ../../configuration/service/dhcp-server.rst:302 msgid "Name or IPv4 address of TFTP server" msgstr "Name or IPv4 address of TFTP server" -#: ../../configuration/service/dhcp-server.rst:281 +#: ../../configuration/service/dhcp-server.rst:287 msgid "NetBIOS over TCP/IP name server" msgstr "NetBIOS over TCP/IP name server" @@ -8677,6 +9455,10 @@ msgstr "Network management station (NMS) - software which runs on the manager" msgid "Network news subsystem" msgstr "Network news subsystem" +#: ../../configuration/service/ids.rst:87 +msgid "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" +msgstr "Network to be protected: 192.0.2.0/24 (public IPs use by customers)" + #: ../../configuration/service/monitoring.rst:47 msgid "Networks allowed to query this server" msgstr "Networks allowed to query this server" @@ -8693,11 +9475,11 @@ msgstr "Next-hop interface for the route" msgid "Next it is necessary to configure 2FA for OpenConnect:" msgstr "Next it is necessary to configure 2FA for OpenConnect:" -#: ../../configuration/policy/route-map.rst:279 +#: ../../configuration/policy/route-map.rst:282 msgid "Nexthop IP address." msgstr "Nexthop IP address." -#: ../../configuration/policy/route-map.rst:298 +#: ../../configuration/policy/route-map.rst:301 msgid "Nexthop IPv6 address." msgstr "Nexthop IPv6 address." @@ -8705,6 +9487,18 @@ msgstr "Nexthop IPv6 address." msgid "Nexthop IPv6 address to match." msgstr "Nexthop IPv6 address to match." +#: ../../configuration/system/ip.rst:47 +#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/vrf/index.rst:71 +msgid "Nexthop Tracking" +msgstr "Nexthop Tracking" + +#: ../../configuration/system/ip.rst:49 +#: ../../configuration/system/ipv6.rst:45 +#: ../../configuration/vrf/index.rst:73 +msgid "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." +msgstr "Nexthop tracking resolve nexthops via the default route by default. This is enabled by default for a traditional profile of FRR which we use. It and can be disabled if you do not wan't to e.g. allow BGP to peer across the default route." + #: ../../configuration/protocols/rpki.rst:59 msgid "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" msgstr "No ROA exists which covers that prefix. Unfortunately this is the case for about 80% of the IPv4 prefixes which were announced to the :abbr:`DFZ (default-free zone)` at the start of 2020" @@ -8713,7 +9507,7 @@ msgstr "No ROA exists which covers that prefix. Unfortunately this is the case f msgid "No VLAN tagging required by your ISP." msgstr "No VLAN tagging required by your ISP." -#: ../../configuration/protocols/bgp.rst:707 +#: ../../configuration/protocols/bgp.rst:729 msgid "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." msgstr "No route is suppressed indefinitely. Maximum-suppress-time defines the maximum time a route can be suppressed before it is re-advertised." @@ -8753,7 +9547,7 @@ msgstr "Note: certificate names don't matter, we use 'openvpn-local' and 'openvp msgid "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." msgstr "Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog :ref:`custom-file` command, and then delete the file." -#: ../../configuration/vpn/ipsec.rst:294 +#: ../../configuration/vpn/ipsec.rst:298 #: ../../configuration/vpn/rsa-keys.rst:35 msgid "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT public key 'FAAOCAQ8AMII...')." @@ -8762,11 +9556,11 @@ msgstr "Note the command with the public key (set pki key-pair ipsec-RIGHT publi msgid "Notice" msgstr "Notice" -#: ../../configuration/service/conntrack-sync.rst:194 +#: ../../configuration/service/conntrack-sync.rst:198 msgid "Now configure conntrack-sync service on ``router1`` **and** ``router2``" msgstr "Now configure conntrack-sync service on ``router1`` **and** ``router2``" -#: ../../configuration/vpn/ipsec.rst:297 +#: ../../configuration/vpn/ipsec.rst:301 msgid "Now the noted public keys should be entered on the opposite routers." msgstr "Now the noted public keys should be entered on the opposite routers." @@ -8786,7 +9580,7 @@ msgstr "Now when connecting the user will first be asked for the password and th msgid "Now you are ready to setup IPsec. The key points:" msgstr "Now you are ready to setup IPsec. The key points:" -#: ../../configuration/vpn/ipsec.rst:311 +#: ../../configuration/vpn/ipsec.rst:315 msgid "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of address for the peer." @@ -8794,6 +9588,10 @@ msgstr "Now you are ready to setup IPsec. You'll need to use an ID instead of ad msgid "Number of antennas on this card" msgstr "Number of antennas on this card" +#: ../../configuration/service/dns.rst:166 +msgid "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." +msgstr "Number of bits of client IPv4 address to pass when sending EDNS Client Subnet address information." + #: ../../configuration/system/syslog.rst:231 msgid "Number of lines to be displayed, default 10" msgstr "Number of lines to be displayed, default 10" @@ -8822,7 +9620,7 @@ msgstr "OSPFv2 (IPv4)" msgid "OSPFv3 (IPv6)" msgstr "OSPFv3 (IPv6)" -#: ../../configuration/system/login.rst:141 +#: ../../configuration/system/login.rst:145 msgid "OTP-key generation" msgstr "OTP-key generation" @@ -8830,7 +9628,7 @@ msgstr "OTP-key generation" msgid "Offloading" msgstr "Offloading" -#: ../../configuration/service/dhcp-server.rst:245 +#: ../../configuration/service/dhcp-server.rst:251 msgid "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" msgstr "Offset of the client's subnet in seconds from Coordinated Universal Time (UTC)" @@ -8842,7 +9640,7 @@ msgstr "Often we need to embed one policy into another one. It is possible to do msgid "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." msgstr "Often you will also have to configure your *default* traffic in the same way you do with a class. *Default* can be considered a class as it behaves like that. It contains any traffic that did not match any of the defined classes, so it is like an open class, a class without matching filters." -#: ../../configuration/service/conntrack-sync.rst:211 +#: ../../configuration/service/conntrack-sync.rst:215 msgid "On active router run:" msgstr "On active router run:" @@ -8858,7 +9656,7 @@ msgstr "On low rates (below 40Mbit) you may want to tune `quantum` down to somet msgid "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." msgstr "On most scenarios, there's no need to change specific parameters, and using default configuration is enough. But there are cases were extra configuration is needed." -#: ../../configuration/service/conntrack-sync.rst:242 +#: ../../configuration/service/conntrack-sync.rst:246 msgid "On standby router run:" msgstr "On standby router run:" @@ -8866,34 +9664,34 @@ msgstr "On standby router run:" msgid "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." msgstr "On systems with multiple redundant uplinks and routes, it's a good idea to use a dedicated address for management and dynamic routing protocols. However, assigning that address to a physical link is risky: if that link goes down, that address will become inaccessible. A common solution is to assign the management address to a loopback or a dummy interface and advertise that address via all physical links, so that it's reachable through any of them. Since in Linux-based systems, there can be only one loopback interface, it's better to use a dummy interface for that purpose, since they can be added, removed, and taken up and down independently." -#: ../../configuration/vpn/ipsec.rst:181 -#: ../../configuration/vpn/ipsec.rst:239 -#: ../../configuration/vpn/ipsec.rst:299 +#: ../../configuration/vpn/ipsec.rst:185 +#: ../../configuration/vpn/ipsec.rst:243 +#: ../../configuration/vpn/ipsec.rst:303 #: ../../configuration/vpn/rsa-keys.rst:40 msgid "On the LEFT:" msgstr "On the LEFT:" -#: ../../configuration/vpn/ipsec.rst:314 +#: ../../configuration/vpn/ipsec.rst:318 #: ../../configuration/vpn/rsa-keys.rst:59 msgid "On the LEFT (static address):" msgstr "On the LEFT (static address):" -#: ../../configuration/vpn/ipsec.rst:221 +#: ../../configuration/vpn/ipsec.rst:225 msgid "On the RIGHT, setup by analogy and swap local and remote addresses." msgstr "On the RIGHT, setup by analogy and swap local and remote addresses." -#: ../../configuration/vpn/ipsec.rst:250 -#: ../../configuration/vpn/ipsec.rst:305 +#: ../../configuration/vpn/ipsec.rst:254 +#: ../../configuration/vpn/ipsec.rst:309 #: ../../configuration/vpn/rsa-keys.rst:46 msgid "On the RIGHT:" msgstr "On the RIGHT:" -#: ../../configuration/vpn/ipsec.rst:339 +#: ../../configuration/vpn/ipsec.rst:343 #: ../../configuration/vpn/rsa-keys.rst:84 msgid "On the RIGHT (dynamic address):" msgstr "On the RIGHT (dynamic address):" -#: ../../configuration/service/conntrack-sync.rst:207 +#: ../../configuration/service/conntrack-sync.rst:211 msgid "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" msgstr "On the active router, you should have information in the internal-cache of conntrack-sync. The same current active connections number should be shown in the external-cache of the standby router" @@ -8921,7 +9719,7 @@ msgstr "Once a class has a filter configured, you will also have to define what msgid "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." msgstr "Once a neighbor has been found, the entry is considered to be valid for at least for this specific time. An entry's validity will be extended if it receives positive feedback from higher level protocols." -#: ../../configuration/protocols/bgp.rst:702 +#: ../../configuration/protocols/bgp.rst:724 msgid "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." msgstr "Once a route is assessed a penalty, the penalty is decreased by half each time a predefined amount of time elapses (half-life-time). When the accumulated penalties fall below a predefined threshold (reuse-value), the route is unsuppressed and added back into the BGP routing table." @@ -8957,6 +9755,10 @@ msgstr "Once the matching rules are set for a class, you can start configuring h msgid "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." msgstr "Once the user is connected, the user session is using the set limits and can be displayed via 'show pppoe-server sessions'." +#: ../../configuration/service/pppoe-server.rst:285 +msgid "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." +msgstr "Once the user is connected, the user session is using the set limits and can be displayed via ``show pppoe-server sessions``." + #: ../../configuration/vpn/openconnect.rst:257 msgid "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." msgstr "Once you commit the above changes you can create a config file in the /config/auth/ocserv/config-per-user directory that matches a username of a user you have created e.g. \"tst\". Now when logging in with the \"tst\" user the config options you set in this file will be loaded." @@ -8965,11 +9767,11 @@ msgstr "Once you commit the above changes you can create a config file in the /c msgid "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." msgstr "Once you have an Ethernet device connected, i.e. `eth0`, then you can configure it to open the PPPoE session for you and your DSL Transceiver (Modem/Router) just acts to translate your messages in a way that vDSL/aDSL understands." -#: ../../configuration/vpn/sstp.rst:307 +#: ../../configuration/vpn/sstp.rst:478 msgid "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." msgstr "Once you have setup your SSTP server there comes the time to do some basic testing. The Linux client used for testing is called sstpc_. sstpc_ requires a PPP configuration/peer file." -#: ../../configuration/protocols/rpki.rst:183 +#: ../../configuration/protocols/rpki.rst:193 msgid "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." msgstr "Once your routers are configured to reject RPKI-invalid prefixes, you can test whether the configuration is working correctly using the `RIPE Labs RPKI Test`_ experimental tool." @@ -9001,7 +9803,7 @@ msgstr "Only VRRP is supported. Required option." msgid "Only allow certain IP addresses or prefixes to access the https webserver." msgstr "Only allow certain IP addresses or prefixes to access the https webserver." -#: ../../configuration/firewall/ipv4.rst:459 +#: ../../configuration/firewall/ipv4.rst:482 #: ../../configuration/firewall/ipv6.rst:466 msgid "Only in the source criteria, you can specify a mac-address." msgstr "Only in the source criteria, you can specify a mac-address." @@ -9022,7 +9824,7 @@ msgstr "Only request an address from the PPPoE server but do not install any def msgid "Only request an address from the SSTP server but do not install any default route." msgstr "Only request an address from the SSTP server but do not install any default route." -#: ../../configuration/system/login.rst:51 +#: ../../configuration/system/login.rst:55 msgid "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note that the key will usually be several hundred characters long, and you will need to copy and paste it. Some terminal emulators may accidentally split this over several lines. Be attentive when you paste it that it only pastes as a single line. The third part is simply an identifier, and is for your own reference." @@ -9030,7 +9832,7 @@ msgstr "Only the type (``ssh-rsa``) and the key (``AAAB3N...``) are used. Note t msgid "Only works with a VXLAN device with external flag set." msgstr "Only works with a VXLAN device with external flag set." -#: ../../configuration/highavailability/index.rst:457 +#: ../../configuration/highavailability/index.rst:467 msgid "Op-mode check virtual-server status" msgstr "Op-mode check virtual-server status" @@ -9055,7 +9857,7 @@ msgid "OpenConnect supports a subset of it's configuration options to be applied msgstr "OpenConnect supports a subset of it's configuration options to be applied on a per user/group basis, for configuration purposes we refer to this functionality as \"Identity based config\". The following `OpenConnect Server Manual <https://ocserv.gitlab.io/www/manual.html#:~:text=Configuration%20files%20that% 20will%20be%20applied%20per%20user%20connection%20or%0A%23%20per%20group>`_ outlines the set of configuration options that are allowed. This can be leveraged to apply different sets of configs to different users or groups of users." #: ../../configuration/interfaces/openvpn.rst:7 -#: ../../configuration/pki/index.rst:117 +#: ../../configuration/pki/index.rst:119 msgid "OpenVPN" msgstr "OpenVPN" @@ -9105,23 +9907,23 @@ msgstr "Operating Modes" #: ../../configuration/interfaces/virtual-ethernet.rst:55 #: ../../configuration/interfaces/wireless.rst:416 #: ../../configuration/interfaces/wwan.rst:79 -#: ../../configuration/pki/index.rst:290 +#: ../../configuration/pki/index.rst:321 #: ../../configuration/protocols/igmp-proxy.rst:73 -#: ../../configuration/protocols/static.rst:183 -#: ../../configuration/service/conntrack-sync.rst:103 +#: ../../configuration/protocols/static.rst:216 +#: ../../configuration/service/conntrack-sync.rst:107 #: ../../configuration/service/console-server.rst:76 #: ../../configuration/service/dhcp-relay.rst:124 #: ../../configuration/service/dhcp-relay.rst:201 -#: ../../configuration/service/dns.rst:195 +#: ../../configuration/service/dns.rst:182 #: ../../configuration/service/lldp.rst:71 #: ../../configuration/service/mdns.rst:79 #: ../../configuration/service/ssh.rst:145 #: ../../configuration/service/webproxy.rst:330 #: ../../configuration/system/default-route.rst:25 #: ../../configuration/system/flow-accounting.rst:175 -#: ../../configuration/vrf/index.rst:111 -#: ../../configuration/vrf/index.rst:323 -#: ../../configuration/vrf/index.rst:503 +#: ../../configuration/vrf/index.rst:130 +#: ../../configuration/vrf/index.rst:342 +#: ../../configuration/vrf/index.rst:522 msgid "Operation" msgstr "Operation" @@ -9131,17 +9933,17 @@ msgid "Operation-mode" msgstr "Operation-mode" #: ../../configuration/firewall/bridge.rst:284 -#: ../../configuration/firewall/ipv4.rst:954 +#: ../../configuration/firewall/ipv4.rst:977 #: ../../configuration/firewall/ipv6.rst:962 msgid "Operation-mode Firewall" msgstr "Operation-mode Firewall" -#: ../../configuration/container/index.rst:143 +#: ../../configuration/container/index.rst:179 msgid "Operation Commands" msgstr "Operation Commands" -#: ../../configuration/service/dhcp-server.rst:412 -#: ../../configuration/service/dhcp-server.rst:664 +#: ../../configuration/service/dhcp-server.rst:418 +#: ../../configuration/service/dhcp-server.rst:672 #: ../../configuration/system/acceleration.rst:42 msgid "Operation Mode" msgstr "Operation Mode" @@ -9151,12 +9953,12 @@ msgid "Operation mode of wireless radio." msgstr "Operation mode of wireless radio." #: ../../configuration/interfaces/wireguard.rst:338 -#: ../../configuration/protocols/bfd.rst:94 -#: ../../configuration/protocols/bfd.rst:175 +#: ../../configuration/protocols/bfd.rst:101 +#: ../../configuration/protocols/bfd.rst:182 msgid "Operational Commands" msgstr "Operational Commands" -#: ../../configuration/protocols/bgp.rst:950 +#: ../../configuration/protocols/bgp.rst:972 #: ../../configuration/protocols/mpls.rst:218 #: ../../configuration/protocols/ospf.rst:609 #: ../../configuration/protocols/ospf.rst:1268 @@ -9164,8 +9966,8 @@ msgstr "Operational Commands" msgid "Operational Mode Commands" msgstr "Operational Mode Commands" -#: ../../configuration/system/ip.rst:47 -#: ../../configuration/system/ipv6.rst:43 +#: ../../configuration/system/ip.rst:60 +#: ../../configuration/system/ipv6.rst:56 msgid "Operational commands" msgstr "Operational commands" @@ -9177,11 +9979,11 @@ msgstr "Option" msgid "Option 43 for UniFI" msgstr "Option 43 for UniFI" -#: ../../configuration/service/dhcp-server.rst:234 +#: ../../configuration/service/dhcp-server.rst:240 msgid "Option description" msgstr "Option description" -#: ../../configuration/service/dhcp-server.rst:232 +#: ../../configuration/service/dhcp-server.rst:238 msgid "Option number" msgstr "Option number" @@ -9211,7 +10013,7 @@ msgstr "Optional" msgid "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." msgstr "Optional, if you want to enable uploads, else TFTP server will act as a read-only server." -#: ../../configuration/system/login.rst:107 +#: ../../configuration/system/login.rst:111 msgid "Optional/default settings" msgstr "Optional/default settings" @@ -9231,12 +10033,11 @@ msgstr "Optionally set a specific static IPv4 or IPv6 address for the container. #: ../../configuration/interfaces/openvpn.rst:631 #: ../../configuration/service/dhcp-relay.rst:53 #: ../../configuration/service/dhcp-relay.rst:160 -#: ../../configuration/service/dhcp-server.rst:224 -#: ../../configuration/vpn/sstp.rst:230 +#: ../../configuration/service/dhcp-server.rst:230 msgid "Options" msgstr "Options" -#: ../../configuration/vpn/ipsec.rst:159 +#: ../../configuration/vpn/ipsec.rst:162 msgid "Options (Global IPsec settings) Attributes" msgstr "Options (Global IPsec settings) Attributes" @@ -9256,7 +10057,7 @@ msgstr "Or **binary** prefixes." msgid "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." msgstr "Originate an AS-External (type-5) LSA describing a default route into all external-routing capable areas, of the specified metric and metric type. If the :cfgcmd:`always` keyword is given then the default is always advertised, even when there is no default present in the routing table. The argument :cfgcmd:`route-map` specifies to advertise the default route if the route map is satisfied." -#: ../../configuration/service/pppoe-server.rst:238 +#: ../../configuration/service/pppoe-server.rst:312 msgid "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." msgstr "Other attributes can be used, but they have to be in one of the dictionaries in */usr/share/accel-ppp/radius*." @@ -9325,15 +10126,15 @@ msgstr "Overview of defined groups. You see the type, the members, and where the msgid "PBR multiple uplinks" msgstr "PBR multiple uplinks" -#: ../../configuration/vrf/index.rst:244 +#: ../../configuration/vrf/index.rst:263 msgid "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" msgstr "PC1 is in the ``default`` VRF and acting as e.g. a \"fileserver\"" -#: ../../configuration/vrf/index.rst:245 +#: ../../configuration/vrf/index.rst:264 msgid "PC2 is in VRF ``blue`` which is the development department" msgstr "PC2 is in VRF ``blue`` which is the development department" -#: ../../configuration/vrf/index.rst:246 +#: ../../configuration/vrf/index.rst:265 msgid "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." msgstr "PC3 and PC4 are connected to a bridge device on router ``R1`` which is in VRF ``red``. Say this is the HR department." @@ -9369,7 +10170,7 @@ msgstr "PIM – Protocol Independent Multicast" msgid "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." msgstr "PIMv6 (Protocol Independent Multicast for IPv6) must be configured in every interface of every participating router. Every router must also have the location of the Rendevouz Point manually configured. Then, unidirectional shared trees rooted at the Rendevouz Point will automatically be built for multicast distribution." -#: ../../configuration/pki/index.rst:7 +#: ../../configuration/pki/index.rst:9 msgid "PKI" msgstr "PKI" @@ -9377,7 +10178,14 @@ msgstr "PKI" msgid "PPDU" msgstr "PPDU" -#: ../../configuration/vpn/sstp.rst:174 +#: ../../configuration/service/pppoe-server.rst:453 +#: ../../configuration/vpn/l2tp.rst:407 +#: ../../configuration/vpn/pptp.rst:331 +#: ../../configuration/vpn/sstp.rst:365 +msgid "PPP Advanced Options" +msgstr "PPP Advanced Options" + +#: ../../configuration/vpn/sstp.rst:180 msgid "PPP Settings" msgstr "PPP Settings" @@ -9393,7 +10201,7 @@ msgstr "PPPoE Server" msgid "PPPoE options" msgstr "PPPoE options" -#: ../../configuration/vpn/pptp.rst:4 +#: ../../configuration/vpn/pptp.rst:5 msgid "PPTP-Server" msgstr "PPTP-Server" @@ -9409,11 +10217,11 @@ msgstr "Particularly large networks may wish to run their own RPKI certificate a msgid "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." msgstr "Path `<cost>` value for Spanning Tree Protocol. Each interface in a bridge could have a different speed and this value is used when deciding which link to use. Faster interfaces should have lower costs." -#: ../../configuration/vpn/sstp.rst:166 +#: ../../configuration/vpn/sstp.rst:172 msgid "Path to `<file>` pointing to the certificate authority certificate." msgstr "Path to `<file>` pointing to the certificate authority certificate." -#: ../../configuration/vpn/sstp.rst:170 +#: ../../configuration/vpn/sstp.rst:176 msgid "Path to `<file>` pointing to the servers certificate (public portion)." msgstr "Path to `<file>` pointing to the servers certificate (public portion)." @@ -9457,11 +10265,11 @@ msgstr "Per default VyOSs has minimal syslog logging enabled which is stored and msgid "Per default every packet is sampled (that is, the sampling rate is 1)." msgstr "Per default every packet is sampled (that is, the sampling rate is 1)." -#: ../../configuration/service/pppoe-server.rst:323 +#: ../../configuration/service/pppoe-server.rst:556 msgid "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." msgstr "Per default the user session is being replaced if a second authentication request succeeds. Such session requests can be either denied or allowed entirely, which would allow multiple sessions for a user in the latter case. If it is denied, the second session is being rejected even if the authentication succeeds, the user has to terminate its first session and can then authentication again." -#: ../../configuration/system/option.rst:78 +#: ../../configuration/system/option.rst:108 msgid "Performance" msgstr "Performance" @@ -9469,11 +10277,11 @@ msgstr "Performance" msgid "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." msgstr "Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network." -#: ../../configuration/vrf/index.rst:197 +#: ../../configuration/vrf/index.rst:216 msgid "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." msgstr "Ping command can be interrupted at any given time using ``<Ctrl>+c``. A brief statistic is shown afterwards." -#: ../../configuration/vrf/index.rst:183 +#: ../../configuration/vrf/index.rst:202 msgid "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." msgstr "Ping uses ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (pings) will have an IP and ICMP header, followed by \"struct timeval\" and an arbitrary number of pad bytes used to fill out the packet." @@ -9497,7 +10305,7 @@ msgstr "Please, refer to appropiate section for more information about firewall msgid "Please, refer to appropriate section for more information about firewall configuration:" msgstr "Please, refer to appropriate section for more information about firewall configuration:" -#: ../../configuration/service/ipoe-server.rst:23 +#: ../../configuration/service/ipoe-server.rst:21 msgid "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." msgstr "Please be aware, due to an upstream bug, config changes/commits will restart the ppp daemon and will reset existing IPoE sessions, in order to become effective." @@ -9513,7 +10321,7 @@ msgstr "Please refer to the :ref:`ipsec` documentation for the individual IPSec msgid "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." msgstr "Please refer to the :ref:`tunnel-interface` documentation for the individual tunnel related options." -#: ../../configuration/service/dhcp-server.rst:364 +#: ../../configuration/service/dhcp-server.rst:370 msgid "Please see the :ref:`dhcp-dns-quick-start` configuration." msgstr "Please see the :ref:`dhcp-dns-quick-start` configuration." @@ -9571,7 +10379,11 @@ msgstr "Port Groups" msgid "Port Mirror (SPAN)" msgstr "Port Mirror (SPAN)" -#: ../../configuration/vpn/sstp.rst:242 +#: ../../configuration/service/ipoe-server.rst:182 +#: ../../configuration/service/pppoe-server.rst:144 +#: ../../configuration/vpn/l2tp.rst:187 +#: ../../configuration/vpn/pptp.rst:127 +#: ../../configuration/vpn/sstp.rst:160 msgid "Port for Dynamic Authorization Extension server (DM/CoA)" msgstr "Port for Dynamic Authorization Extension server (DM/CoA)" @@ -9656,7 +10468,7 @@ msgstr "Preference associated with the default router" msgid "Prefix Conversion" msgstr "Prefix Conversion" -#: ../../configuration/service/dhcp-server.rst:564 +#: ../../configuration/service/dhcp-server.rst:570 msgid "Prefix Delegation" msgstr "Prefix Delegation" @@ -9696,11 +10508,11 @@ msgstr "Prefix to match against." msgid "Prefixes" msgstr "Prefixes" -#: ../../configuration/policy/route-map.rst:212 +#: ../../configuration/policy/route-map.rst:215 msgid "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." msgstr "Prepend the existing last AS number (the leftmost ASN) to the AS_PATH." -#: ../../configuration/policy/route-map.rst:207 +#: ../../configuration/policy/route-map.rst:210 msgid "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI." @@ -9708,11 +10520,11 @@ msgstr "Prepend the given string of AS numbers to the AS_PATH of the BGP path's msgid "Principle of SNMP Communication" msgstr "Principle of SNMP Communication" -#: ../../configuration/vrf/index.rst:532 +#: ../../configuration/vrf/index.rst:551 msgid "Print a summary of neighbor connections for the specified AFI/SAFI combination." msgstr "Print a summary of neighbor connections for the specified AFI/SAFI combination." -#: ../../configuration/vrf/index.rst:511 +#: ../../configuration/vrf/index.rst:530 msgid "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." msgstr "Print active IPV4 or IPV6 routes advertised via the VPN SAFI." @@ -9733,6 +10545,10 @@ msgstr "Priority Queue, as other non-shaping policies, is only useful if your ou msgid "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." msgstr "Private VLAN proxy arp. Basically allow proxy arp replies back to the same interface (from which the ARP request/solicitation was received)." +#: ../../configuration/vpn/ipsec.rst:544 +msgid "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." +msgstr "Profile generation happens from the operational level and is as simple as issuing the following command to create a profile to connect to the IKEv2 access server at ``vpn.vyos.net`` with the configuration for the ``rw`` remote-access connection group." + #: ../../configuration/service/monitoring.rst:38 msgid "Prometheus-client" msgstr "Prometheus-client" @@ -9841,7 +10657,7 @@ msgstr "Pseudo Ethernet/MACVLAN options" msgid "Publish a port for the container." msgstr "Publish a port for the container." -#: ../../configuration/container/index.rst:147 +#: ../../configuration/container/index.rst:183 msgid "Pull a new image for container" msgstr "Pull a new image for container" @@ -9875,7 +10691,7 @@ msgstr "R1:" msgid "R1 has 192.0.2.1/24 & 2001:db8::1/64" msgstr "R1 has 192.0.2.1/24 & 2001:db8::1/64" -#: ../../configuration/vrf/index.rst:248 +#: ../../configuration/vrf/index.rst:267 msgid "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" msgstr "R1 is managed through an out-of-band network that resides in VRF ``mgmt``" @@ -9887,12 +10703,11 @@ msgstr "R2:" msgid "R2 has 192.0.2.2/24 & 2001:db8::2/64" msgstr "R2 has 192.0.2.2/24 & 2001:db8::2/64" -#: ../../configuration/system/login.rst:234 -#: ../../configuration/vpn/sstp.rst:207 +#: ../../configuration/system/login.rst:238 msgid "RADIUS" msgstr "RADIUS" -#: ../../configuration/service/ipoe-server.rst:111 +#: ../../configuration/service/ipoe-server.rst:112 msgid "RADIUS Setup" msgstr "RADIUS Setup" @@ -9900,6 +10715,14 @@ msgstr "RADIUS Setup" msgid "RADIUS advanced features" msgstr "RADIUS advanced features" +#: ../../configuration/service/ipoe-server.rst:158 +#: ../../configuration/service/pppoe-server.rst:120 +#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/vpn/pptp.rst:103 +#: ../../configuration/vpn/sstp.rst:136 +msgid "RADIUS advanced options" +msgstr "RADIUS advanced options" + #: ../../configuration/vpn/l2tp.rst:139 msgid "RADIUS authentication" msgstr "RADIUS authentication" @@ -9916,11 +10739,15 @@ msgstr "RADIUS provides the IP addresses in the example above via Framed-IP-Addr msgid "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" msgstr "RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword``" -#: ../../configuration/system/login.rst:266 +#: ../../configuration/system/login.rst:270 msgid "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." msgstr "RADIUS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each RADIUS query can be configured." -#: ../../configuration/vpn/l2tp.rst:163 +#: ../../configuration/service/ipoe-server.rst:144 +#: ../../configuration/service/pppoe-server.rst:106 +#: ../../configuration/vpn/l2tp.rst:149 +#: ../../configuration/vpn/pptp.rst:89 +#: ../../configuration/vpn/sstp.rst:122 msgid "RADIUS source address" msgstr "RADIUS source address" @@ -9928,7 +10755,7 @@ msgstr "RADIUS source address" msgid "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." msgstr "RFC 3768 defines a virtual MAC address to each VRRP virtual router. This virtual router MAC address will be used as the source in all periodic VRRP messages sent by the active node. When the rfc3768-compatibility option is set, a new VRRP interface is created, to which the MAC address and the virtual IP address is automatically assigned." -#: ../../configuration/service/dhcp-server.rst:256 +#: ../../configuration/service/dhcp-server.rst:262 msgid "RFC 868 time server IPv4 address" msgstr "RFC 868 time server IPv4 address" @@ -9970,8 +10797,8 @@ msgstr "Random-Detect could be useful for heavy traffic. One use of this algorit #: ../../configuration/protocols/static.rst:37 #: ../../configuration/protocols/static.rst:57 -#: ../../configuration/protocols/static.rst:84 -#: ../../configuration/protocols/static.rst:104 +#: ../../configuration/protocols/static.rst:107 +#: ../../configuration/protocols/static.rst:127 msgid "Range is 1 to 255, default is 1." msgstr "Range is 1 to 255, default is 1." @@ -10016,15 +10843,15 @@ msgstr "Re-generated the public/private keyportion which SSH uses to secure conn msgid "Reachable Time" msgstr "Reachable Time" -#: ../../configuration/highavailability/index.rst:388 +#: ../../configuration/highavailability/index.rst:398 msgid "Real server" msgstr "Real server" -#: ../../configuration/highavailability/index.rst:389 +#: ../../configuration/highavailability/index.rst:399 msgid "Real server IP address and port" msgstr "Real server IP address and port" -#: ../../configuration/highavailability/index.rst:404 +#: ../../configuration/highavailability/index.rst:414 msgid "Real server is auto-excluded if port check with this server fail." msgstr "Real server is auto-excluded if port check with this server fail." @@ -10032,7 +10859,11 @@ msgstr "Real server is auto-excluded if port check with this server fail." msgid "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." msgstr "Receive traffic from connections created by the server is also balanced. When the local system sends an ARP Request the bonding driver copies and saves the peer's IP information from the ARP packet. When the ARP Reply arrives from the peer, its hardware address is retrieved and the bonding driver initiates an ARP reply to this peer assigning it to one of the slaves in the bond. A problematic outcome of using ARP negotiation for balancing is that each time that an ARP request is broadcast it uses the hardware address of the bond. Hence, peers learn the hardware address of the bond and the balancing of receive traffic collapses to the current slave. This is handled by sending updates (ARP Replies) to all the peers with their individually assigned hardware address such that the traffic is redistributed. Receive traffic is also redistributed when a new slave is added to the bond and when an inactive slave is re-activated. The receive load is distributed sequentially (round robin) among the group of highest speed slaves in the bond." -#: ../../configuration/vpn/l2tp.rst:205 +#: ../../configuration/service/ipoe-server.rst:227 +#: ../../configuration/service/pppoe-server.rst:189 +#: ../../configuration/vpn/l2tp.rst:232 +#: ../../configuration/vpn/pptp.rst:172 +#: ../../configuration/vpn/sstp.rst:205 msgid "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." msgstr "Received RADIUS attributes have a higher priority than parameters defined within the CLI configuration, refer to the explanation below." @@ -10068,7 +10899,7 @@ msgstr "Redistribution Configuration" msgid "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." msgstr "Redundancy and load sharing. There are multiple NAT66 devices at the edge of an IPv6 network to another IPv6 network. The path through the NAT66 device to another IPv6 network forms an equivalent route, and traffic can be load-shared on these NAT66 devices. In this case, you can configure the same source address translation rules on these NAT66 devices, so that any NAT66 device can handle IPv6 traffic between different sites." -#: ../../configuration/service/dns.rst:278 +#: ../../configuration/service/dns.rst:262 msgid "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" msgstr "Register DNS record ``example.vyos.io`` on DNS server ``ns1.vyos.io``" @@ -10159,7 +10990,10 @@ msgstr "Remote port" msgid "Remote transmission interval will be multiplied by this value" msgstr "Remote transmission interval will be multiplied by this value" -#: ../../configuration/vpn/l2tp.rst:216 +#: ../../configuration/service/pppoe-server.rst:217 +#: ../../configuration/vpn/l2tp.rst:260 +#: ../../configuration/vpn/pptp.rst:200 +#: ../../configuration/vpn/sstp.rst:233 msgid "Renaming clients interfaces by RADIUS" msgstr "Renaming clients interfaces by RADIUS" @@ -10179,7 +11013,10 @@ msgstr "Request only a temporary address and not form an IA_NA (Identity Associa msgid "Requests are forwarded through ``eth2`` as the `upstream interface`" msgstr "Requests are forwarded through ``eth2`` as the `upstream interface`" -#: ../../configuration/vpn/sstp.rst:95 +#: ../../configuration/service/pppoe-server.rst:442 +#: ../../configuration/vpn/l2tp.rst:396 +#: ../../configuration/vpn/pptp.rst:320 +#: ../../configuration/vpn/sstp.rst:354 msgid "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." msgstr "Require the peer to authenticate itself using one of the following protocols: pap, chap, mschap, mschap-v2." @@ -10191,12 +11028,12 @@ msgstr "Requirements" msgid "Requirements:" msgstr "Requirements:" -#: ../../configuration/firewall/ipv4.rst:926 +#: ../../configuration/firewall/ipv4.rst:949 #: ../../configuration/firewall/ipv6.rst:935 msgid "Requirements to enable synproxy:" msgstr "Requirements to enable synproxy:" -#: ../../configuration/protocols/bgp.rst:1064 +#: ../../configuration/protocols/bgp.rst:1086 #: ../../configuration/protocols/mpls.rst:248 msgid "Reset" msgstr "Reset" @@ -10205,11 +11042,11 @@ msgstr "Reset" msgid "Reset OpenVPN" msgstr "Reset OpenVPN" -#: ../../configuration/system/ipv6.rst:150 +#: ../../configuration/system/ipv6.rst:163 msgid "Reset commands" msgstr "Reset commands" -#: ../../configuration/service/dns.rst:199 +#: ../../configuration/service/dns.rst:186 msgid "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." msgstr "Resets the local DNS forwarding cache database. You can reset the cache for all entries or only for entries to a specific domain." @@ -10225,7 +11062,7 @@ msgstr "Restart DHCP relay service" msgid "Restart DHCPv6 relay agent immediately." msgstr "Restart DHCPv6 relay agent immediately." -#: ../../configuration/container/index.rst:167 +#: ../../configuration/container/index.rst:203 msgid "Restart a given container" msgstr "Restart a given container" @@ -10233,7 +11070,7 @@ msgstr "Restart a given container" msgid "Restart mDNS repeater service." msgstr "Restart mDNS repeater service." -#: ../../configuration/service/dhcp-server.rst:428 +#: ../../configuration/service/dhcp-server.rst:434 msgid "Restart the DHCP server" msgstr "Restart the DHCP server" @@ -10245,7 +11082,7 @@ msgstr "Restart the IGMP proxy process." msgid "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." msgstr "Restart the SSH daemon process, the current session is not affected, only the background daemon is restarted." -#: ../../configuration/service/dns.rst:204 +#: ../../configuration/service/dns.rst:191 msgid "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." msgstr "Restarts the DNS recursor process. This also invalidates the local DNS forwarding cache." @@ -10263,11 +11100,11 @@ msgstr "Results in:" msgid "Retransmit Timer" msgstr "Retransmit Timer" -#: ../../configuration/service/conntrack-sync.rst:140 +#: ../../configuration/service/conntrack-sync.rst:144 msgid "Retrieve current statistics of connection tracking subsystem." msgstr "Retrieve current statistics of connection tracking subsystem." -#: ../../configuration/service/conntrack-sync.rst:173 +#: ../../configuration/service/conntrack-sync.rst:177 msgid "Retrieve current status of connection tracking subsystem." msgstr "Retrieve current status of connection tracking subsystem." @@ -10287,15 +11124,15 @@ msgstr "Round Robin" msgid "Route Aggregation Configuration" msgstr "Route Aggregation Configuration" -#: ../../configuration/protocols/bgp.rst:682 +#: ../../configuration/protocols/bgp.rst:704 msgid "Route Dampening" msgstr "Route Dampening" -#: ../../configuration/protocols/bgp.rst:1189 +#: ../../configuration/protocols/bgp.rst:1211 msgid "Route Filtering" msgstr "Route Filtering" -#: ../../configuration/protocols/bgp.rst:818 +#: ../../configuration/protocols/bgp.rst:840 msgid "Route Filtering Configuration" msgstr "Route Filtering Configuration" @@ -10311,7 +11148,7 @@ msgstr "Route Map Policy" msgid "Route Redistribution" msgstr "Route Redistribution" -#: ../../configuration/protocols/bgp.rst:904 +#: ../../configuration/protocols/bgp.rst:926 msgid "Route Reflector Configuration" msgstr "Route Reflector Configuration" @@ -10319,7 +11156,7 @@ msgstr "Route Reflector Configuration" msgid "Route Selection" msgstr "Route Selection" -#: ../../configuration/protocols/bgp.rst:737 +#: ../../configuration/protocols/bgp.rst:759 msgid "Route Selection Configuration" msgstr "Route Selection Configuration" @@ -10327,11 +11164,11 @@ msgstr "Route Selection Configuration" msgid "Route and Route6 Policy" msgstr "Route and Route6 Policy" -#: ../../configuration/protocols/bgp.rst:690 +#: ../../configuration/protocols/bgp.rst:712 msgid "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." msgstr "Route dampening wich described in :rfc:`2439` enables you to identify routes that repeatedly fail and return. If route dampening is enabled, an unstable route accumulates penalties each time the route fails and returns. If the accumulated penalties exceed a threshold, the route is no longer advertised. This is route suppression. Routes that have been suppressed are re-entered into the routing table only when the amount of their penalty falls below a threshold." -#: ../../configuration/protocols/bgp.rst:1191 +#: ../../configuration/protocols/bgp.rst:1213 msgid "Route filter can be applied using a route-map:" msgstr "Route filter can be applied using a route-map:" @@ -10363,7 +11200,7 @@ msgstr "Router Lifetime" msgid "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." msgstr "Router receives DHCP client requests on ``eth1`` and relays them to the server at 10.0.1.4 on ``eth2``." -#: ../../configuration/vrf/index.rst:425 +#: ../../configuration/vrf/index.rst:444 msgid "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" msgstr "Routes exported from a unicast VRF to the VPN RIB must be augmented by two parameters:" @@ -10375,7 +11212,7 @@ msgstr "Routes on Node 2:" msgid "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." msgstr "Routes that are sent from provider, rs-server, or the peer local-role (or if received by customer, rs-client, or the peer local-role) will be marked with a new Only to Customer (OTC) attribute." -#: ../../configuration/protocols/bgp.rst:662 +#: ../../configuration/protocols/bgp.rst:684 #: ../../configuration/protocols/ospf.rst:92 #: ../../configuration/protocols/rip.rst:64 #: ../../configuration/protocols/static.rst:39 @@ -10391,7 +11228,7 @@ msgstr "Routes with this attribute can only be sent to your neighbor if your loc msgid "Routine" msgstr "Routine" -#: ../../configuration/vrf/index.rst:82 +#: ../../configuration/vrf/index.rst:101 msgid "Routing" msgstr "Routing" @@ -10404,7 +11241,7 @@ msgid "Rule-Sets" msgstr "Rule-Sets" #: ../../configuration/firewall/bridge.rst:287 -#: ../../configuration/firewall/ipv4.rst:957 +#: ../../configuration/firewall/ipv4.rst:980 #: ../../configuration/firewall/ipv6.rst:965 msgid "Rule-set overview" msgstr "Rule-set overview" @@ -10447,7 +11284,7 @@ msgstr "Rules allow to control and route incoming traffic to specific backend ba msgid "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." msgstr "Rules will be created for both :ref:`source-nat` and :ref:`destination-nat`." -#: ../../configuration/service/dns.rst:391 +#: ../../configuration/service/dns.rst:399 msgid "Running Behind NAT" msgstr "Running Behind NAT" @@ -10511,7 +11348,7 @@ msgstr "SNMPv3 (version 3 of the SNMP protocol) introduced a whole slew of new s msgid "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." msgstr "SPAN port mirroring can copy the inbound/outbound traffic of the interface to the specified interface, usually the interface can be connected to some special equipment, such as behavior control system, intrusion detection system and traffic collector, and can copy all related traffic from this port. The benefit of mirroring the traffic is that the application is isolated from the source traffic and so application processing does not affect the traffic or the system performance." -#: ../../configuration/protocols/rpki.rst:127 +#: ../../configuration/protocols/rpki.rst:141 #: ../../configuration/service/ssh.rst:5 msgid "SSH" msgstr "SSH" @@ -10520,11 +11357,11 @@ msgstr "SSH" msgid "SSH :ref:`ssh_key_based_authentication`" msgstr "SSH :ref:`ssh_key_based_authentication`" -#: ../../configuration/system/login.rst:57 +#: ../../configuration/system/login.rst:61 msgid "SSH :ref:`ssh_operation`" msgstr "SSH :ref:`ssh_operation`" -#: ../../configuration/system/option.rst:44 +#: ../../configuration/system/option.rst:74 msgid "SSH client" msgstr "SSH client" @@ -10532,7 +11369,7 @@ msgstr "SSH client" msgid "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." msgstr "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2." -#: ../../configuration/protocols/rpki.rst:137 +#: ../../configuration/protocols/rpki.rst:151 msgid "SSH username to establish an SSH connection to the cache server." msgstr "SSH username to establish an SSH connection to the cache server." @@ -10545,7 +11382,6 @@ msgid "SSID to be used in IEEE 802.11 management frames" msgstr "SSID to be used in IEEE 802.11 management frames" #: ../../configuration/vpn/openconnect.rst:24 -#: ../../configuration/vpn/sstp.rst:162 msgid "SSL Certificates" msgstr "SSL Certificates" @@ -10609,7 +11445,44 @@ msgstr "Scanning is not supported on all wireless drivers and wireless hardware. msgid "Script execution" msgstr "Script execution" +#: ../../configuration/service/ipoe-server.rst:299 +#: ../../configuration/service/pppoe-server.rst:417 +#: ../../configuration/vpn/l2tp.rst:361 +#: ../../configuration/vpn/pptp.rst:285 +#: ../../configuration/vpn/sstp.rst:319 +msgid "Script to run before session interface comes up" +msgstr "Script to run before session interface comes up" + +#: ../../configuration/service/ipoe-server.rst:291 +#: ../../configuration/service/pppoe-server.rst:409 +#: ../../configuration/vpn/l2tp.rst:353 +#: ../../configuration/vpn/pptp.rst:277 +#: ../../configuration/vpn/sstp.rst:311 +msgid "Script to run when session interface changed by RADIUS CoA handling" +msgstr "Script to run when session interface changed by RADIUS CoA handling" + +#: ../../configuration/service/ipoe-server.rst:295 +#: ../../configuration/service/pppoe-server.rst:413 +#: ../../configuration/vpn/l2tp.rst:357 +#: ../../configuration/vpn/pptp.rst:281 +#: ../../configuration/vpn/sstp.rst:315 +msgid "Script to run when session interface going to terminate" +msgstr "Script to run when session interface going to terminate" + +#: ../../configuration/service/ipoe-server.rst:303 +#: ../../configuration/service/pppoe-server.rst:421 +#: ../../configuration/vpn/l2tp.rst:365 +#: ../../configuration/vpn/pptp.rst:289 +#: ../../configuration/vpn/sstp.rst:323 +msgid "Script to run when session interface is completely configured and started" +msgstr "Script to run when session interface is completely configured and started" + #: ../../configuration/highavailability/index.rst:299 +#: ../../configuration/service/ipoe-server.rst:287 +#: ../../configuration/service/pppoe-server.rst:405 +#: ../../configuration/vpn/l2tp.rst:349 +#: ../../configuration/vpn/pptp.rst:273 +#: ../../configuration/vpn/sstp.rst:307 msgid "Scripting" msgstr "Scripting" @@ -10617,7 +11490,11 @@ msgstr "Scripting" msgid "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." msgstr "Second scenario: apply source NAT for all outgoing connections from LAN 10.0.0.0/8, using 3 public addresses and equal distribution. We will generate the hash randomly." -#: ../../configuration/vpn/sstp.rst:246 +#: ../../configuration/service/ipoe-server.rst:186 +#: ../../configuration/service/pppoe-server.rst:148 +#: ../../configuration/vpn/l2tp.rst:191 +#: ../../configuration/vpn/pptp.rst:131 +#: ../../configuration/vpn/sstp.rst:164 msgid "Secret for Dynamic Authorization Extension server (DM/CoA)" msgstr "Secret for Dynamic Authorization Extension server (DM/CoA)" @@ -10634,7 +11511,7 @@ msgstr "Security/authentication messages" msgid "See :rfc:`7761#section-4.1` for details." msgstr "See :rfc:`7761#section-4.1` for details." -#: ../../configuration/system/ip.rst:52 +#: ../../configuration/system/ip.rst:65 msgid "See below the different parameters available for the IPv4 **show** command:" msgstr "See below the different parameters available for the IPv4 **show** command:" @@ -10670,7 +11547,7 @@ msgstr "Select TLS version used." msgid "Select cipher suite used for cryptographic operations. This setting is mandatory." msgstr "Select cipher suite used for cryptographic operations. This setting is mandatory." -#: ../../configuration/vrf/index.rst:468 +#: ../../configuration/vrf/index.rst:487 msgid "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." msgstr "Select how labels are allocated in the given VRF. By default, the per-vrf mode is selected, and one label is used for all prefixes from the VRF. The per-nexthop will use a unique label for all prefixes that are reachable via the same nexthop." @@ -10694,6 +11571,10 @@ msgstr "Send all DNS queries to the IPv4/IPv6 DNS server specified under `<addre msgid "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." msgstr "Send empty SSID in beacons and ignore probe request frames that do not specify full SSID, i.e., require stations to know SSID." +#: ../../configuration/vpn/l2tp.rst:276 +msgid "Sent to the client (LAC) in the Host-Name attribute" +msgstr "Sent to the client (LAC) in the Host-Name attribute" + #: ../../configuration/system/console.rst:5 msgid "Serial Console" msgstr "Serial Console" @@ -10703,7 +11584,6 @@ msgid "Serial interfaces can be any interface which is directly connected to the msgstr "Serial interfaces can be any interface which is directly connected to the CPU or chipset (mostly known as a ttyS interface in Linux) or any other USB to serial converter (Prolific PL2303 or FTDI FT232/FT4232 based chips)." #: ../../configuration/interfaces/openvpn.rst:325 -#: ../../configuration/vpn/sstp.rst:210 msgid "Server" msgstr "Server" @@ -10711,7 +11591,7 @@ msgstr "Server" msgid "Server:" msgstr "Server:" -#: ../../configuration/pki/index.rst:210 +#: ../../configuration/pki/index.rst:212 msgid "Server Certificate" msgstr "Server Certificate" @@ -10723,7 +11603,7 @@ msgstr "Server Configuration" msgid "Server Side" msgstr "Server Side" -#: ../../configuration/service/ipoe-server.rst:156 +#: ../../configuration/service/ipoe-server.rst:157 msgid "Server configuration" msgstr "Server configuration" @@ -10748,19 +11628,19 @@ msgstr "Set BFD peer IPv4 address or IPv6 address" msgid "Set BGP community-list to exactly match." msgstr "Set BGP community-list to exactly match." -#: ../../configuration/policy/route-map.rst:318 +#: ../../configuration/policy/route-map.rst:321 msgid "Set BGP local preference attribute." msgstr "Set BGP local preference attribute." -#: ../../configuration/policy/route-map.rst:336 +#: ../../configuration/policy/route-map.rst:339 msgid "Set BGP origin code." msgstr "Set BGP origin code." -#: ../../configuration/policy/route-map.rst:341 +#: ../../configuration/policy/route-map.rst:344 msgid "Set BGP originator ID attribute." msgstr "Set BGP originator ID attribute." -#: ../../configuration/policy/route-map.rst:359 +#: ../../configuration/policy/route-map.rst:362 msgid "Set BGP weight attribute" msgstr "Set BGP weight attribute" @@ -10776,7 +11656,7 @@ msgstr "Set IPSec inbound match criterias, where:" msgid "Set IP fragment match, where:" msgstr "Set IP fragment match, where:" -#: ../../configuration/policy/route-map.rst:331 +#: ../../configuration/policy/route-map.rst:334 msgid "Set OSPF external metric-type." msgstr "Set OSPF external metric-type." @@ -10796,12 +11676,12 @@ msgstr "Set SNAT rule 30 to only NAT packets arriving from the 203.0.113.0/24 ne msgid "Set SSL certeficate <name> for service <name>" msgstr "Set SSL certeficate <name> for service <name>" -#: ../../configuration/firewall/ipv4.rst:918 +#: ../../configuration/firewall/ipv4.rst:941 #: ../../configuration/firewall/ipv6.rst:927 msgid "Set TCP-MSS (maximum segment size) for the connection" msgstr "Set TCP-MSS (maximum segment size) for the connection" -#: ../../configuration/service/dns.rst:280 +#: ../../configuration/service/dns.rst:264 msgid "Set TTL to 300 seconds" msgstr "Set TTL to 300 seconds" @@ -10825,7 +11705,7 @@ msgstr "Set a destination and/or source port. Accepted input:" msgid "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." msgstr "Set a human readable, descriptive alias for this connection. Alias is used by e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools." -#: ../../configuration/system/login.rst:387 +#: ../../configuration/system/login.rst:391 msgid "Set a limit on the maximum number of concurrent logged-in users on the system." msgstr "Set a limit on the maximum number of concurrent logged-in users on the system." @@ -10864,11 +11744,16 @@ msgstr "Set action to take on entries matching this rule." msgid "Set an API-KEY is the minimal configuration to get a working API Endpoint." msgstr "Set an API-KEY is the minimal configuration to get a working API Endpoint." -#: ../../configuration/vpn/sstp.rst:100 +#: ../../configuration/service/ipoe-server.rst:60 +#: ../../configuration/service/ipoe-server.rst:88 +#: ../../configuration/service/pppoe-server.rst:38 +#: ../../configuration/vpn/l2tp.rst:26 +#: ../../configuration/vpn/pptp.rst:27 +#: ../../configuration/vpn/sstp.rst:53 msgid "Set authentication backend. The configured authentication backend is used for all queries." msgstr "Set authentication backend. The configured authentication backend is used for all queries." -#: ../../configuration/container/index.rst:117 +#: ../../configuration/container/index.rst:122 msgid "Set container capabilities or permissions." msgstr "Set container capabilities or permissions." @@ -10880,6 +11765,19 @@ msgstr "Set delay between gratuitous ARP messages sent on an interface." msgid "Set delay for second set of gratuitous ARPs after transition to MASTER." msgstr "Set delay for second set of gratuitous ARPs after transition to MASTER." +#: ../../configuration/service/ipoe-server.rst:356 +#: ../../configuration/service/pppoe-server.rst:522 +#: ../../configuration/vpn/l2tp.rst:476 +#: ../../configuration/vpn/pptp.rst:400 +#: ../../configuration/vpn/sstp.rst:434 +msgid "Set description." +msgstr "Set description." + +#: ../../configuration/service/dns.rst:227 +#: ../../configuration/service/dns.rst:332 +msgid "Set description `<text>` for dynamic DNS service being configured." +msgstr "Set description `<text>` for dynamic DNS service being configured." + #: ../../configuration/policy/as-path-list.rst:21 msgid "Set description for as-path-list policy." msgstr "Set description for as-path-list policy." @@ -10956,7 +11854,7 @@ msgstr "Set eth1 to be the listening interface for the DHCPv6 relay." msgid "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." msgstr "Set execution time in common cron_ time format. A cron `<spec>` of ``30 */6 * * *`` would execute the `<task>` at minute 30 past every 6th hour." -#: ../../configuration/policy/route-map.rst:251 +#: ../../configuration/policy/route-map.rst:254 msgid "Set extcommunity bandwidth" msgstr "Set extcommunity bandwidth" @@ -11025,6 +11923,10 @@ msgstr "Set maximum number of packets to alow in excess of rate." msgid "Set minimum time interval for refreshing gratuitous ARPs while MASTER." msgstr "Set minimum time interval for refreshing gratuitous ARPs while MASTER." +#: ../../configuration/vpn/l2tp.rst:72 +msgid "Set mode for IPsec authentication between VyOS and L2TP clients." +msgstr "Set mode for IPsec authentication between VyOS and L2TP clients." + #: ../../configuration/highavailability/index.rst:285 msgid "Set number of gratuitous ARP messages to send at a time after transition to MASTER." msgstr "Set number of gratuitous ARP messages to send at a time after transition to MASTER." @@ -11055,7 +11957,11 @@ msgstr "Set packet modifications: Packet Differentiated Services Codepoint (DSCP msgid "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." msgstr "Set parameters for matching recently seen sources. This match could be used by seeting count (source address seen more than <1-255> times) and/or time (source address seen in the last <0-4294967295> seconds)." -#: ../../configuration/policy/route-map.rst:350 +#: ../../configuration/vpn/l2tp.rst:76 +msgid "Set predefined shared secret phrase." +msgstr "Set predefined shared secret phrase." + +#: ../../configuration/policy/route-map.rst:353 msgid "Set prefixes to table." msgstr "Set prefixes to table." @@ -11063,7 +11969,7 @@ msgstr "Set prefixes to table." msgid "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." msgstr "Set proxy for all connections initiated by VyOS, including HTTP, HTTPS, and FTP (anonymous ftp)." -#: ../../configuration/policy/route-map.rst:260 +#: ../../configuration/policy/route-map.rst:263 msgid "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11080,7 +11986,7 @@ msgstr "Set rule action to drop." msgid "Set service to bind on IP address, by default listen on any IPv4 and IPv6" msgstr "Set service to bind on IP address, by default listen on any IPv4 and IPv6" -#: ../../configuration/policy/route-map.rst:265 +#: ../../configuration/policy/route-map.rst:268 msgid "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." msgstr "Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``." @@ -11096,7 +12002,7 @@ msgstr "Set some metric to routes learned from a particular neighbor." msgid "Set source-address to your local IP (LAN)." msgstr "Set source-address to your local IP (LAN)." -#: ../../configuration/policy/route-map.rst:346 +#: ../../configuration/policy/route-map.rst:349 msgid "Set source IP/IPv6 address for route." msgstr "Set source IP/IPv6 address for route." @@ -11105,7 +12011,7 @@ msgstr "Set source IP/IPv6 address for route." msgid "Set source address or prefix to match." msgstr "Set source address or prefix to match." -#: ../../configuration/policy/route-map.rst:354 +#: ../../configuration/policy/route-map.rst:357 msgid "Set tag value for routing protocol." msgstr "Set tag value for routing protocol." @@ -11113,8 +12019,8 @@ msgstr "Set tag value for routing protocol." msgid "Set the \"recursion desired\" bit in requests to the upstream nameserver." msgstr "Set the \"recursion desired\" bit in requests to the upstream nameserver." -#: ../../configuration/policy/route-map.rst:290 -#: ../../configuration/policy/route-map.rst:303 +#: ../../configuration/policy/route-map.rst:293 +#: ../../configuration/policy/route-map.rst:306 msgid "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." msgstr "Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor." @@ -11175,6 +12081,10 @@ msgstr "Set the Segment Routing Local Block i.e. the label range used by MPLS to msgid "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." msgstr "Set the Segment Routing Local Block i.e. the low label range used by MPLS to store label in the MPLS FIB for Prefix SID. Note that the block size may not exceed 65535.Segment Routing Local Block, The negative command always unsets both." +#: ../../configuration/container/index.rst:99 +msgid "Set the User ID or Group ID of the container" +msgstr "Set the User ID or Group ID of the container" + #: ../../configuration/protocols/pim.rst:147 msgid "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." msgstr "Set the :abbr:`DR (Designated Router)` Priority for the interface. This command is useful to allow the user to influence what node becomes the DR for a LAN segment." @@ -11259,7 +12169,7 @@ msgstr "Set the name of the x509 client keypair used to authenticate against the msgid "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" msgstr "Set the native VLAN ID flag of the interface. When a data packet without a VLAN tag enters the port, the data packet will be forced to add a tag of a specific vlan id. When the vlan id flag flows out, the tag of the vlan id will be stripped" -#: ../../configuration/policy/route-map.rst:284 +#: ../../configuration/policy/route-map.rst:287 msgid "Set the next-hop as unchanged. Pass through the route-map without changing its value" msgstr "Set the next-hop as unchanged. Pass through the route-map without changing its value" @@ -11271,7 +12181,15 @@ msgstr "Set the number of TCP maximum retransmit attempts." msgid "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." msgstr "Set the number of health check failures before an interface is marked as unavailable, range for number is 1 to 10, default 1. Or set the number of successful health checks before an interface is added back to the interface pool, range for number is 1 to 10, default 1." -#: ../../configuration/system/login.rst:84 +#: ../../configuration/protocols/rpki.rst:121 +msgid "Set the number of seconds the router waits until retrying to connect to the cache server." +msgstr "Set the number of seconds the router waits until retrying to connect to the cache server." + +#: ../../configuration/protocols/rpki.rst:114 +msgid "Set the number of seconds the router waits until the router expires the cache." +msgstr "Set the number of seconds the router waits until the router expires the cache." + +#: ../../configuration/system/login.rst:88 msgid "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." msgstr "Set the options for this public key. See the ssh ``authorized_keys`` man page for details of what you can specify here. To place a ``\"`` character in the options field, use ``"``, for example ``from="10.0.0.0/24"`` to restrict where the user may connect from when using this key." @@ -11291,11 +12209,11 @@ msgstr "Set the peer's key used to receive (RX) traffic" msgid "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." msgstr "Set the peer-session-id, which is a 32-bit integer value assigned to the session by the peer. The value used must match the session_id value being used at the peer." -#: ../../configuration/container/index.rst:98 +#: ../../configuration/container/index.rst:103 msgid "Set the restart behavior of the container." msgstr "Set the restart behavior of the container." -#: ../../configuration/policy/route-map.rst:323 +#: ../../configuration/policy/route-map.rst:326 msgid "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." msgstr "Set the route metric. When used with BGP, set the BGP attribute MED to a specific value. Use ``+/-`` to add or subtract the specified value to/from the existing/MED. Use ``rtt`` to set the MED to the round trip time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED." @@ -11328,12 +12246,12 @@ msgstr "Set the timeout in secounds for a protocol or state in a custom rule." msgid "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." msgstr "Set the tunnel id, which is a 32-bit integer value. Uniquely identifies the tunnel into which the session will be created." -#: ../../configuration/firewall/ipv4.rst:922 +#: ../../configuration/firewall/ipv4.rst:945 #: ../../configuration/firewall/ipv6.rst:931 msgid "Set the window scale factor for TCP window scaling" msgstr "Set the window scale factor for TCP window scaling" -#: ../../configuration/system/login.rst:124 +#: ../../configuration/system/login.rst:128 msgid "Set window of concurrently valid codes." msgstr "Set window of concurrently valid codes." @@ -11357,7 +12275,7 @@ msgstr "Sets the unique id for this vxlan-interface. Not sure how it correlates msgid "Setting VRRP group priority" msgstr "Setting VRRP group priority" -#: ../../configuration/service/dhcp-server.rst:231 +#: ../../configuration/service/dhcp-server.rst:237 msgid "Setting name" msgstr "Setting name" @@ -11389,7 +12307,12 @@ msgstr "Setting up certificates:" msgid "Setting up tunnel:" msgstr "Setting up tunnel:" -#: ../../configuration/service/dhcp-server.rst:373 +#: ../../configuration/system/option.rst:42 +#: ../../configuration/system/option.rst:53 +msgid "Setting will only become active with the next reboot!" +msgstr "Setting will only become active with the next reboot!" + +#: ../../configuration/service/dhcp-server.rst:379 msgid "Setup DHCP failover for network 192.0.2.0/24" msgstr "Setup DHCP failover for network 192.0.2.0/24" @@ -11397,15 +12320,19 @@ msgstr "Setup DHCP failover for network 192.0.2.0/24" msgid "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." msgstr "Setup encrypted password for given username. This is useful for transferring a hashed password from system to system." -#: ../../configuration/system/login.rst:262 +#: ../../configuration/system/login.rst:266 msgid "Setup the `<timeout>` in seconds when querying the RADIUS server." msgstr "Setup the `<timeout>` in seconds when querying the RADIUS server." -#: ../../configuration/system/login.rst:331 +#: ../../configuration/system/login.rst:335 msgid "Setup the `<timeout>` in seconds when querying the TACACS server." msgstr "Setup the `<timeout>` in seconds when querying the TACACS server." -#: ../../configuration/service/dns.rst:327 +#: ../../configuration/service/dns.rst:336 +msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." +msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service-name>`." + +#: ../../configuration/service/dns.rst:341 msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on address `<interface>` changes." @@ -11413,11 +12340,11 @@ msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS p msgid "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." msgstr "Setup the dynamic DNS hostname `<hostname>` associated with the DynDNS provider identified by `<service>` when the IP address on interface `<interface>` changes." -#: ../../configuration/system/option.rst:31 +#: ../../configuration/system/option.rst:61 msgid "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." msgstr "Several commands utilize cURL to initiate transfers. Configure the local source IPv4/IPv6 address used for all cURL operations." -#: ../../configuration/system/option.rst:36 +#: ../../configuration/system/option.rst:66 msgid "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." msgstr "Several commands utilize curl to initiate transfers. Configure the local source interface used for all CURL operations." @@ -11445,25 +12372,25 @@ msgstr "Short GI capabilities for 20 and 40 MHz" msgid "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." msgstr "Short bursts can be allowed to exceed the limit. On creation, the Rate-Control traffic is stocked with tokens which correspond to the amount of traffic that can be burst in one go. Tokens arrive at a steady rate, until the bucket is full." -#: ../../configuration/vrf/index.rst:488 +#: ../../configuration/vrf/index.rst:507 msgid "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." msgstr "Shortcut syntax for specifying automatic leaking from vrf VRFNAME to the current VRF using the VPN RIB as intermediary. The RD and RT are auto derived and should not be specified explicitly for either the source or destination VRF’s." -#: ../../configuration/protocols/bgp.rst:953 +#: ../../configuration/protocols/bgp.rst:975 #: ../../configuration/protocols/mpls.rst:225 msgid "Show" msgstr "Show" -#: ../../configuration/service/dhcp-server.rst:416 +#: ../../configuration/service/dhcp-server.rst:422 msgid "Show DHCP server daemon log file" msgstr "Show DHCP server daemon log file" -#: ../../configuration/service/dhcp-server.rst:668 +#: ../../configuration/service/dhcp-server.rst:676 msgid "Show DHCPv6 server daemon log file" msgstr "Show DHCPv6 server daemon log file" #: ../../configuration/firewall/bridge.rst:306 -#: ../../configuration/firewall/ipv4.rst:1115 +#: ../../configuration/firewall/ipv4.rst:1138 #: ../../configuration/firewall/ipv6.rst:1138 msgid "Show Firewall log" msgstr "Show Firewall log" @@ -11528,23 +12455,23 @@ msgstr "Show WWAN module model." msgid "Show WWAN module signal strength." msgstr "Show WWAN module signal strength." -#: ../../configuration/container/index.rst:163 +#: ../../configuration/container/index.rst:199 msgid "Show a list available container networks" msgstr "Show a list available container networks" -#: ../../configuration/pki/index.rst:297 +#: ../../configuration/pki/index.rst:328 msgid "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." msgstr "Show a list of installed :abbr:`CA (Certificate Authority)` certificates." -#: ../../configuration/pki/index.rst:332 +#: ../../configuration/pki/index.rst:363 msgid "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." msgstr "Show a list of installed :abbr:`CRLs (Certificate Revocation List)`." -#: ../../configuration/pki/index.rst:315 +#: ../../configuration/pki/index.rst:346 msgid "Show a list of installed certificates" msgstr "Show a list of installed certificates" -#: ../../configuration/protocols/bfd.rst:98 +#: ../../configuration/protocols/bfd.rst:105 msgid "Show all BFD peers" msgstr "Show all BFD peers" @@ -11572,7 +12499,7 @@ msgstr "Show bridge `<name>` mdb displays the current multicast group membership msgid "Show brief interface information." msgstr "Show brief interface information." -#: ../../configuration/system/ipv6.rst:46 +#: ../../configuration/system/ipv6.rst:59 msgid "Show commands" msgstr "Show commands" @@ -11584,11 +12511,11 @@ msgstr "Show configured serial ports and their respective interface configuratio msgid "Show connection data of load balanced traffic:" msgstr "Show connection data of load balanced traffic:" -#: ../../configuration/service/conntrack-sync.rst:132 +#: ../../configuration/service/conntrack-sync.rst:136 msgid "Show connection syncing external cache entries" msgstr "Show connection syncing external cache entries" -#: ../../configuration/service/conntrack-sync.rst:136 +#: ../../configuration/service/conntrack-sync.rst:140 msgid "Show connection syncing internal cache entries" msgstr "Show connection syncing internal cache entries" @@ -11654,44 +12581,44 @@ msgstr "Show list of IPs currently blocked by SSH dynamic-protection." msgid "Show logs for mDNS repeater service." msgstr "Show logs for mDNS repeater service." -#: ../../configuration/container/index.rst:159 +#: ../../configuration/container/index.rst:195 msgid "Show logs from a given container" msgstr "Show logs from a given container" -#: ../../configuration/service/dhcp-server.rst:420 +#: ../../configuration/service/dhcp-server.rst:426 msgid "Show logs from all DHCP client processes." msgstr "Show logs from all DHCP client processes." -#: ../../configuration/service/dhcp-server.rst:672 +#: ../../configuration/service/dhcp-server.rst:680 msgid "Show logs from all DHCPv6 client processes." msgstr "Show logs from all DHCPv6 client processes." -#: ../../configuration/service/dhcp-server.rst:424 +#: ../../configuration/service/dhcp-server.rst:430 msgid "Show logs from specific `interface` DHCP client process." msgstr "Show logs from specific `interface` DHCP client process." -#: ../../configuration/service/dhcp-server.rst:676 +#: ../../configuration/service/dhcp-server.rst:684 msgid "Show logs from specific `interface` DHCPv6 client process." msgstr "Show logs from specific `interface` DHCPv6 client process." -#: ../../configuration/pki/index.rst:311 +#: ../../configuration/pki/index.rst:342 msgid "Show only information for specified Certificate Authority." msgstr "Show only information for specified Certificate Authority." -#: ../../configuration/pki/index.rst:328 +#: ../../configuration/pki/index.rst:359 msgid "Show only information for specified certificate." msgstr "Show only information for specified certificate." -#: ../../configuration/service/dhcp-server.rst:478 -#: ../../configuration/service/dhcp-server.rst:699 +#: ../../configuration/service/dhcp-server.rst:484 +#: ../../configuration/service/dhcp-server.rst:707 msgid "Show only leases in the specified pool." msgstr "Show only leases in the specified pool." -#: ../../configuration/service/dhcp-server.rst:708 +#: ../../configuration/service/dhcp-server.rst:716 msgid "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" msgstr "Show only leases with the specified state. Possible states: abandoned, active, all, backup, expired, free, released, reset (default = active)" -#: ../../configuration/service/dhcp-server.rst:496 +#: ../../configuration/service/dhcp-server.rst:502 msgid "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" msgstr "Show only leases with the specified state. Possible states: all, active, free, expired, released, abandoned, reset, backup (default = active)" @@ -11703,23 +12630,23 @@ msgstr "Show routing table entry for the default route." msgid "Show specific MACsec interface information" msgstr "Show specific MACsec interface information" -#: ../../configuration/vpn/site2site_ipsec.rst:221 +#: ../../configuration/vpn/site2site_ipsec.rst:224 msgid "Show status of new setup:" msgstr "Show status of new setup:" -#: ../../configuration/service/dhcp-server.rst:447 +#: ../../configuration/service/dhcp-server.rst:453 msgid "Show statuses of all active leases:" msgstr "Show statuses of all active leases:" -#: ../../configuration/service/dhcp-server.rst:465 +#: ../../configuration/service/dhcp-server.rst:471 msgid "Show statuses of all active leases granted by local (this server) or remote (failover server):" msgstr "Show statuses of all active leases granted by local (this server) or remote (failover server):" -#: ../../configuration/service/dhcp-server.rst:432 +#: ../../configuration/service/dhcp-server.rst:438 msgid "Show the DHCP server statistics:" msgstr "Show the DHCP server statistics:" -#: ../../configuration/service/dhcp-server.rst:443 +#: ../../configuration/service/dhcp-server.rst:449 msgid "Show the DHCP server statistics for the specified pool." msgstr "Show the DHCP server statistics for the specified pool." @@ -11731,11 +12658,11 @@ msgstr "Show the console server log." msgid "Show the full config uploaded to the QAT device." msgstr "Show the full config uploaded to the QAT device." -#: ../../configuration/container/index.rst:151 +#: ../../configuration/container/index.rst:187 msgid "Show the list of all active containers." msgstr "Show the list of all active containers." -#: ../../configuration/container/index.rst:155 +#: ../../configuration/container/index.rst:191 msgid "Show the local container images." msgstr "Show the local container images." @@ -11747,7 +12674,7 @@ msgstr "Show the logs of a specific Rule-Set." msgid "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all bridge firewall logs; show all logs for forward hook; show all logs for forward hook and priority filter; show all logs for particular custom chain; show logs for specific Rule-Set." -#: ../../configuration/firewall/ipv4.rst:1125 +#: ../../configuration/firewall/ipv4.rst:1148 msgid "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." msgstr "Show the logs of all firewall; show all ipv4 firewall logs; show all logs for particular hook; show all logs for particular hook and priority; show all logs for particular custom chain; show logs for specific Rule-Set." @@ -11764,11 +12691,11 @@ msgstr "Show the route" msgid "Show transceiver information from plugin modules, e.g SFP+, QSFP" msgstr "Show transceiver information from plugin modules, e.g SFP+, QSFP" -#: ../../configuration/protocols/bfd.rst:179 +#: ../../configuration/protocols/bfd.rst:186 msgid "Showing BFD monitored static routes" msgstr "Showing BFD monitored static routes" -#: ../../configuration/service/dhcp-server.rst:684 +#: ../../configuration/service/dhcp-server.rst:692 msgid "Shows status of all assigned leases:" msgstr "Shows status of all assigned leases:" @@ -11796,7 +12723,7 @@ msgstr "Sierra Wireless AirPrime MC7455 miniPCIe card (LTE)" msgid "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" msgstr "Sierra Wireless AirPrime MC7710 miniPCIe card (LTE)" -#: ../../configuration/vpn/site2site_ipsec.rst:427 +#: ../../configuration/vpn/site2site_ipsec.rst:430 msgid "Similar combinations are applicable for the dead-peer-detection." msgstr "Similar combinations are applicable for the dead-peer-detection." @@ -11828,6 +12755,14 @@ msgstr "Since it's a HQ and branch offices setup, we will want all clients to ha msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially." +#: ../../configuration/service/ipoe-server.rst:131 +#: ../../configuration/service/pppoe-server.rst:93 +#: ../../configuration/vpn/l2tp.rst:136 +#: ../../configuration/vpn/pptp.rst:76 +#: ../../configuration/vpn/sstp.rst:109 +msgid "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" +msgstr "Since the RADIUS server would be a single point of failure, multiple RADIUS servers can be setup and will be used subsequentially. For example:" + #: ../../configuration/service/mdns.rst:13 msgid "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the AA records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." @@ -11836,6 +12771,10 @@ msgstr "Since the mDNS protocol sends the AA records in the packet itself, the r msgid "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." msgstr "Since the mDNS protocol sends the :abbr:`AA(Authoritative Answer)` records in the packet itself, the repeater does not need to forge the source address. Instead, the source address is of the interface that repeats the packet." +#: ../../configuration/service/ids.rst:98 +msgid "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" +msgstr "Since we are analyzing attacks to and from our internal network, two types of attacks can be identified, and differents actions are needed:" + #: ../../configuration/interfaces/vxlan.rst:157 msgid "Single VXLAN device (SVD)" msgstr "Single VXLAN device (SVD)" @@ -11857,7 +12796,7 @@ msgstr "Site-to-site mode supports x.509 but doesn't require it and can also wor msgid "Site to Site VPN" msgstr "Site to Site VPN" -#: ../../configuration/pki/index.rst:275 +#: ../../configuration/pki/index.rst:306 msgid "Size of the RSA key." msgstr "Size of the RSA key." @@ -11865,6 +12804,10 @@ msgstr "Size of the RSA key." msgid "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." msgstr "Slave selection for outgoing traffic is done according to the transmit hash policy, which may be changed from the default simple XOR policy via the :cfgcmd:`hash-policy` option, documented below." +#: ../../configuration/service/ids.rst:110 +msgid "So, firewall configuration needed for this setup:" +msgstr "So, firewall configuration needed for this setup:" + #: ../../configuration/nat/nat44.rst:554 msgid "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." msgstr "So in our firewall policy, we want to allow traffic coming in on the outside interface, destined for TCP port 80 and the IP address of 192.168.0.100." @@ -11885,7 +12828,14 @@ msgstr "Some ISPs by default only delegate a /64 prefix. To request for a specif msgid "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." msgstr "Some IT environments require the use of a proxy to connect to the Internet. Without this configuration VyOS updates could not be installed directly by using the :opcmd:`add system image` command (:ref:`update_vyos`)." -#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/service/ipoe-server.rst:140 +#: ../../configuration/service/pppoe-server.rst:102 +#: ../../configuration/vpn/pptp.rst:85 +#: ../../configuration/vpn/sstp.rst:118 +msgid "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." +msgstr "Some RADIUS severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." + +#: ../../configuration/vpn/l2tp.rst:145 msgid "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." msgstr "Some RADIUS_ severs use an access control list which allows or denies queries, make sure to add your VyOS router to the allowed client list." @@ -11893,6 +12843,10 @@ msgstr "Some RADIUS_ severs use an access control list which allows or denies qu msgid "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." msgstr "Some application service providers (ASPs) operate a VPN gateway to provide access to their internal resources, and require that a connecting organisation translate all traffic to the service provider network to a source address provided by the ASP." +#: ../../configuration/container/index.rst:171 +msgid "Some container registries require credentials to be used." +msgstr "Some container registries require credentials to be used." + #: ../../configuration/firewall/general-legacy.rst:38 msgid "Some firewall settings are global and have an affect on the whole system." msgstr "Some firewall settings are global and have an affect on the whole system." @@ -11933,11 +12887,11 @@ msgstr "Some users tend to connect their mobile devices using WireGuard to their msgid "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." msgstr "Sometimes option lines in the generated OpenVPN configuration require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement." -#: ../../configuration/service/dhcp-server.rst:703 +#: ../../configuration/service/dhcp-server.rst:711 msgid "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" msgstr "Sort the output by the specified key. Possible keys: expires, iaid_duid, ip, last_comm, pool, remaining, state, type (default = ip)" -#: ../../configuration/service/dhcp-server.rst:491 +#: ../../configuration/service/dhcp-server.rst:497 msgid "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" msgstr "Sort the output by the specified key. Possible keys: ip, hardware_address, state, start, end, remaining, pool, hostname (default = ip)" @@ -11949,7 +12903,16 @@ msgstr "Source Address" msgid "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." msgstr "Source IP address used for VXLAN underlay. This is mandatory when using VXLAN via L2VPN/EVPN." -#: ../../configuration/vpn/sstp.rst:268 +#: ../../configuration/service/ipoe-server.rst:152 +#: ../../configuration/service/ipoe-server.rst:208 +#: ../../configuration/service/pppoe-server.rst:114 +#: ../../configuration/service/pppoe-server.rst:170 +#: ../../configuration/vpn/l2tp.rst:157 +#: ../../configuration/vpn/l2tp.rst:213 +#: ../../configuration/vpn/pptp.rst:97 +#: ../../configuration/vpn/pptp.rst:153 +#: ../../configuration/vpn/sstp.rst:130 +#: ../../configuration/vpn/sstp.rst:186 msgid "Source IPv4 address used in all RADIUS server queires." msgstr "Source IPv4 address used in all RADIUS server queires." @@ -11961,11 +12924,11 @@ msgstr "Source NAT rules" msgid "Source Prefix" msgstr "Source Prefix" -#: ../../configuration/system/login.rst:276 +#: ../../configuration/system/login.rst:280 msgid "Source all connections to the RADIUS servers from given VRF `<name>`." msgstr "Source all connections to the RADIUS servers from given VRF `<name>`." -#: ../../configuration/system/login.rst:345 +#: ../../configuration/system/login.rst:349 msgid "Source all connections to the TACACS servers from given VRF `<name>`." msgstr "Source all connections to the TACACS servers from given VRF `<name>`." @@ -11973,7 +12936,7 @@ msgstr "Source all connections to the TACACS servers from given VRF `<name>`." msgid "Source protocol to match." msgstr "Source protocol to match." -#: ../../configuration/vpn/ipsec.rst:225 +#: ../../configuration/vpn/ipsec.rst:229 msgid "Source tunnel from dummy interface" msgstr "Source tunnel from dummy interface" @@ -12001,15 +12964,48 @@ msgstr "Spatial Multiplexing Power Save (SMPS) settings" msgid "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." msgstr "Specfying nhs makes all multicast packets to be repeated to each statically configured next hop." -#: ../../configuration/vpn/sstp.rst:238 +#: ../../configuration/service/ipoe-server.rst:178 +#: ../../configuration/service/pppoe-server.rst:140 +#: ../../configuration/vpn/l2tp.rst:183 +#: ../../configuration/vpn/pptp.rst:123 +#: ../../configuration/vpn/sstp.rst:156 msgid "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" msgstr "Specifies IP address for Dynamic Authorization Extension server (DM/CoA)" -#: ../../configuration/vpn/sstp.rst:194 +#: ../../configuration/service/pppoe-server.rst:470 +#: ../../configuration/vpn/l2tp.rst:424 +#: ../../configuration/vpn/pptp.rst:348 +#: ../../configuration/vpn/sstp.rst:382 +msgid "Specifies IPv4 negotiation preference." +msgstr "Specifies IPv4 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:345 +#: ../../configuration/vpn/l2tp.rst:289 +#: ../../configuration/vpn/pptp.rst:213 +#: ../../configuration/vpn/sstp.rst:247 +msgid "Specifies IPv6 negotiation preference." +msgstr "Specifies IPv6 negotiation preference." + +#: ../../configuration/service/pppoe-server.rst:552 +msgid "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" +msgstr "Specifies Service-Name to respond. If absent any Service-Name is acceptable and client’s Service-Name will be sent back. Also possible set multiple service-names: `sn1,sn2,sn3`" + +#: ../../configuration/service/pppoe-server.rst:502 +#: ../../configuration/vpn/l2tp.rst:456 +#: ../../configuration/vpn/pptp.rst:380 +#: ../../configuration/vpn/sstp.rst:414 +msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." +msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotiation preference." + +#: ../../configuration/vpn/sstp.rst:200 msgid "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." msgstr "Specifies :abbr:`MPPE (Microsoft Point-to-Point Encryption)` negotioation preference." -#: ../../configuration/vrf/index.rst:477 +#: ../../configuration/service/ipoe-server.rst:81 +msgid "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." +msgstr "Specifies address to be used as server ip address if radius can assign only client address. In such case if client address is matched network and mask then specified address and mask will be used. You can specify multiple such options." + +#: ../../configuration/vrf/index.rst:496 msgid "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." msgstr "Specifies an optional route-map to be applied to routes imported or exported between the current unicast VRF and VPN." @@ -12017,6 +13013,13 @@ msgstr "Specifies an optional route-map to be applied to routes imported or expo msgid "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." msgstr "Specifies an upstream network `<interface>` from which replies from `<server>` and other relay agents will be accepted." +#: ../../configuration/service/pppoe-server.rst:388 +#: ../../configuration/vpn/l2tp.rst:332 +#: ../../configuration/vpn/pptp.rst:256 +#: ../../configuration/vpn/sstp.rst:290 +msgid "Specifies fixed or random interface identifier for IPv6. By default is fixed." +msgstr "Specifies fixed or random interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:173 msgid "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." msgstr "Specifies how long squid assumes an externally validated username:password pair is valid for - in other words how often the helper program is called for that user. Set this low to force revalidation with short lived passwords." @@ -12025,15 +13028,36 @@ msgstr "Specifies how long squid assumes an externally validated username:passwo msgid "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." msgstr "Specifies if unknown source link layer addresses and IP addresses are entered into the VXLAN device forwarding database." +#: ../../configuration/service/pppoe-server.rst:462 +#: ../../configuration/vpn/l2tp.rst:416 +#: ../../configuration/vpn/pptp.rst:340 +#: ../../configuration/vpn/sstp.rst:374 +msgid "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." +msgstr "Specifies number of interfaces to keep in cache. It means that don’t destroy interface after corresponding session is destroyed, instead place it to cache and use it later for new sessions repeatedly. This should reduce kernel-level interface creation/deletion rate lack. Default value is **0**." + #: ../../configuration/interfaces/bonding.rst:40 msgid "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" msgstr "Specifies one of the bonding policies. The default is 802.3ad. Possible values are:" +#: ../../configuration/service/pppoe-server.rst:396 +#: ../../configuration/vpn/l2tp.rst:340 +#: ../../configuration/vpn/pptp.rst:264 +#: ../../configuration/vpn/sstp.rst:298 +msgid "Specifies peer interface identifier for IPv6. By default is fixed." +msgstr "Specifies peer interface identifier for IPv6. By default is fixed." + #: ../../configuration/service/webproxy.rst:81 msgid "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." msgstr "Specifies proxy service listening address. The listen address is the IP address on which the web proxy service listens for client requests." -#: ../../configuration/vpn/sstp.rst:110 +#: ../../configuration/service/ipoe-server.rst:348 +msgid "Specifies relay agent IP addre" +msgstr "Specifies relay agent IP addre" + +#: ../../configuration/service/pppoe-server.rst:70 +#: ../../configuration/vpn/l2tp.rst:52 +#: ../../configuration/vpn/pptp.rst:54 +#: ../../configuration/vpn/sstp.rst:79 msgid "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." msgstr "Specifies single `<gateway>` IP address to be used as local address of PPP interfaces." @@ -12057,7 +13081,7 @@ msgstr "Specifies the available :abbr:`MAC (Message Authentication Code)` algori msgid "Specifies the base DN under which the users are located." msgstr "Specifies the base DN under which the users are located." -#: ../../configuration/service/dhcp-server.rst:239 +#: ../../configuration/service/dhcp-server.rst:245 msgid "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." msgstr "Specifies the clients subnet mask as per RFC 950. If unset, subnet declaration is used." @@ -12094,22 +13118,33 @@ msgstr "Specifies the port `<port>` that the SSTP port will listen on (default 4 msgid "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." msgstr "Specifies the protection scope (aka realm name) which is to be reported to the client for the authentication scheme. It is commonly part of the text the user will see when prompted for their username and password." -#: ../../configuration/vrf/index.rst:452 +#: ../../configuration/vrf/index.rst:471 msgid "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." msgstr "Specifies the route-target list to be attached to a route (export) or the route-target list to match against (import) when exporting/importing between the current unicast VRF and VPN.The RTLIST is a space-separated list of route-targets, which are BGP extended community values as described in Extended Communities Attribute." -#: ../../configuration/vrf/index.rst:445 +#: ../../configuration/vrf/index.rst:464 msgid "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." msgstr "Specifies the route distinguisher to be added to a route exported from the current unicast VRF to VPN." -#: ../../configuration/vpn/sstp.rst:281 +#: ../../configuration/service/ipoe-server.rst:224 +#: ../../configuration/service/pppoe-server.rst:186 +#: ../../configuration/vpn/l2tp.rst:229 +#: ../../configuration/vpn/pptp.rst:169 +#: ../../configuration/vpn/sstp.rst:202 msgid "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." msgstr "Specifies the vendor dictionary, dictionary needs to be in /usr/share/accel-ppp/radius." -#: ../../configuration/vpn/sstp.rst:188 +#: ../../configuration/vpn/sstp.rst:194 msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used." +#: ../../configuration/service/pppoe-server.rst:490 +#: ../../configuration/vpn/l2tp.rst:444 +#: ../../configuration/vpn/pptp.rst:368 +#: ../../configuration/vpn/sstp.rst:402 +msgid "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." +msgstr "Specifies timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and \"lcp-echo-failure\" is not used. Default value is **0**." + #: ../../configuration/interfaces/vxlan.rst:77 msgid "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." msgstr "Specifies whether an external control plane (e.g. BGP L2VPN/EVPN) or the internal FDB should be used." @@ -12122,28 +13157,47 @@ msgstr "Specifies whether the VXLAN device is capable of vni filtering." msgid "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." msgstr "Specifies whether this NSSA border router will unconditionally translate Type-7 LSAs into Type-5 LSAs. When role is Always, Type-7 LSAs are translated into Type-5 LSAs regardless of the translator state of other NSSA border routers. When role is Candidate, this router participates in the translator election to determine if it will perform the translations duties. When role is Never, this router will never translate Type-7 LSAs into Type-5 LSAs." -#: ../../configuration/vpn/sstp.rst:272 +#: ../../configuration/service/ipoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:217 +#: ../../configuration/vpn/pptp.rst:157 +#: ../../configuration/vpn/sstp.rst:190 msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is `Filter-Id`." +#: ../../configuration/service/pppoe-server.rst:174 +msgid "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." +msgstr "Specifies which RADIUS server attribute contains the rate limit information. The default attribute is ``Filter-Id``." + +#: ../../configuration/service/ipoe-server.rst:344 +msgid "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." +msgstr "Specify DHCPv4 relay IP address to pass requests to. If specified giaddr is also needed." + #: ../../configuration/service/ssh.rst:45 msgid "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." msgstr "Specify IPv4/IPv6 listen address of SSH server. Multiple addresses can be defined." -#: ../../configuration/firewall/ipv4.rst:401 +#: ../../configuration/service/ids.rst:51 +msgid "Specify IPv4 and/or IPv6 networks that should be protected/monitored." +msgstr "Specify IPv4 and/or IPv6 networks that should be protected/monitored." + +#: ../../configuration/service/ids.rst:38 +msgid "Specify IPv4 and/or IPv6 networks which are going to be excluded." +msgstr "Specify IPv4 and/or IPv6 networks which are going to be excluded." + +#: ../../configuration/firewall/ipv4.rst:424 #: ../../configuration/firewall/ipv6.rst:408 msgid "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." msgstr "Specify a Fully Qualified Domain Name as source/destination matcher. Ensure router is able to resolve such dns query." -#: ../../configuration/service/dhcp-server.rst:550 +#: ../../configuration/service/dhcp-server.rst:556 msgid "Specify a NIS+ server address for DHCPv6 clients." msgstr "Specify a NIS+ server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:545 +#: ../../configuration/service/dhcp-server.rst:551 msgid "Specify a NIS server address for DHCPv6 clients." msgstr "Specify a NIS server address for DHCPv6 clients." -#: ../../configuration/service/dhcp-server.rst:555 +#: ../../configuration/service/dhcp-server.rst:561 msgid "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." msgstr "Specify a :abbr:`SIP (Session Initiation Protocol)` server by IPv6 address of Fully Qualified Domain Name for all DHCPv6 clients." @@ -12167,6 +13221,14 @@ msgstr "Specify an alternate AS for this BGP process when interacting with the s msgid "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." msgstr "Specify an alternate TCP port where the ldap server is listening if other than the default LDAP port 389." +#: ../../configuration/service/dns.rst:254 +msgid "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." +msgstr "Specify interval in seconds to wait between Dynamic DNS updates. The default is 300 seconds." + +#: ../../configuration/service/ipoe-server.rst:339 +msgid "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" +msgstr "Specify local range of ip address to give to dhcp clients. First IP in range is router IP. If you need more customization use `client-ip-pool`" + #: ../../configuration/service/ntp.rst:84 #: ../../configuration/service/ssh.rst:110 #: ../../configuration/system/syslog.rst:79 @@ -12181,11 +13243,11 @@ msgstr "Specify nexthop on the path to the destination, ``ipv4-address`` can be msgid "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." msgstr "Specify static route into the routing table sending all non local traffic to the nexthop address `<address>`." -#: ../../configuration/system/login.rst:245 +#: ../../configuration/system/login.rst:249 msgid "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`." -#: ../../configuration/system/login.rst:314 +#: ../../configuration/system/login.rst:318 msgid "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." msgstr "Specify the IP `<address>` of the TACACS server user with the pre-shared-secret given in `<secret>`." @@ -12225,7 +13287,7 @@ msgstr "Specify the systems `<timezone>` as the Region/Location that best define msgid "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" msgstr "Specify the time interval when `<task>` should be executed. The interval is specified as number with one of the following suffixes:" -#: ../../configuration/service/dns.rst:269 +#: ../../configuration/service/dns.rst:283 msgid "Specify timeout / update interval to check if IP address changed." msgstr "Specify timeout / update interval to check if IP address changed." @@ -12233,6 +13295,10 @@ msgstr "Specify timeout / update interval to check if IP address changed." msgid "Specify timeout interval for keepalive message in seconds." msgstr "Specify timeout interval for keepalive message in seconds." +#: ../../configuration/service/ipoe-server.rst:97 +msgid "Specify where interface is shared by multiple users or it is vlan-per-user." +msgstr "Specify where interface is shared by multiple users or it is vlan-per-user." + #: ../../configuration/interfaces/vxlan.rst:191 msgid "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." msgstr "Spine1 is a Cisco IOS router running version 15.4, Leaf2 and Leaf3 is each a VyOS router running 1.2." @@ -12285,7 +13351,7 @@ msgstr "Starting with VyOS 1.2 a :abbr:`mDNS (Multicast DNS)` repeater functiona msgid "Static" msgstr "Static" -#: ../../configuration/service/dhcp-server.rst:189 +#: ../../configuration/service/dhcp-server.rst:195 msgid "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." msgstr "Static DHCP IP address assign to host identified by `<description>`. IP address must be inside the `<subnet>` which is defined but can be outside the dynamic range created with :cfgcmd:`set service dhcp-server shared-network-name <name> subnet <subnet> range <n>`. If no ip-address is specified, an IP from the dynamic pool is used." @@ -12314,12 +13380,12 @@ msgid "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured man msgstr "Static :abbr:`SAK (Secure Authentication Key)` mode can be configured manually on each device wishing to use MACsec. Keys must be set statically on all devices for traffic to flow properly. Key rotation is dependent on the administrator updating all keys manually across connected devices. Static SAK mode can not be used with MKA." #: ../../configuration/service/dhcp-server.rst:174 -#: ../../configuration/service/dhcp-server.rst:621 +#: ../../configuration/service/dhcp-server.rst:629 msgid "Static mappings" msgstr "Static mappings" -#: ../../configuration/service/dhcp-server.rst:460 -#: ../../configuration/service/dhcp-server.rst:694 +#: ../../configuration/service/dhcp-server.rst:466 +#: ../../configuration/service/dhcp-server.rst:702 msgid "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." msgstr "Static mappings aren't shown. To show all states, use ``show dhcp server leases state all``." @@ -12384,7 +13450,7 @@ msgstr "Supported versions of RIP are:" msgid "Supports as HELPER for configured grace period." msgstr "Supports as HELPER for configured grace period." -#: ../../configuration/vpn/ipsec.rst:178 +#: ../../configuration/vpn/ipsec.rst:182 msgid "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" msgstr "Suppose the LEFT router has external address 192.0.2.10 on its eth0 interface, and the RIGHT router is 203.0.113.45" @@ -12404,17 +13470,17 @@ msgstr "Synamic instructs to forward to all peers which we have a direct connect msgid "Sync groups" msgstr "Sync groups" -#: ../../configuration/firewall/ipv4.rst:911 +#: ../../configuration/firewall/ipv4.rst:934 #: ../../configuration/firewall/ipv6.rst:920 msgid "Synproxy" msgstr "Synproxy" -#: ../../configuration/firewall/ipv4.rst:912 +#: ../../configuration/firewall/ipv4.rst:935 #: ../../configuration/firewall/ipv6.rst:921 msgid "Synproxy connections" msgstr "Synproxy connections" -#: ../../configuration/firewall/ipv4.rst:929 +#: ../../configuration/firewall/ipv4.rst:952 #: ../../configuration/firewall/ipv6.rst:938 msgid "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" msgstr "Synproxy relies on syncookies and TCP timestamps, ensure these are enabled" @@ -12484,23 +13550,23 @@ msgstr "System identifier: ``1921.6800.1002`` - for system idetifiers we recomme msgid "System is unusable - a panic condition" msgstr "System is unusable - a panic condition" -#: ../../configuration/system/login.rst:299 +#: ../../configuration/system/login.rst:303 msgid "TACACS+" msgstr "TACACS+" -#: ../../configuration/system/login.rst:418 +#: ../../configuration/system/login.rst:422 msgid "TACACS Example" msgstr "TACACS Example" -#: ../../configuration/system/login.rst:305 +#: ../../configuration/system/login.rst:309 msgid "TACACS is defined in :rfc:`8907`." msgstr "TACACS is defined in :rfc:`8907`." -#: ../../configuration/system/login.rst:335 +#: ../../configuration/system/login.rst:339 msgid "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." msgstr "TACACS servers could be hardened by only allowing certain IP addresses to connect. As of this the source address of each TACACS query can be configured." -#: ../../configuration/protocols/static.rst:140 +#: ../../configuration/protocols/static.rst:173 #: ../../configuration/system/flow-accounting.rst:83 msgid "TBD" msgstr "TBD" @@ -12553,15 +13619,19 @@ msgstr "Tell hosts to use the administered (stateful) protocol (i.e. DHCP) for a msgid "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" msgstr "Tell hosts to use the administered stateful protocol (i.e. DHCP) for autoconfiguration" -#: ../../configuration/vpn/sstp.rst:227 +#: ../../configuration/service/ipoe-server.rst:170 +#: ../../configuration/service/pppoe-server.rst:132 +#: ../../configuration/vpn/l2tp.rst:175 +#: ../../configuration/vpn/pptp.rst:115 +#: ../../configuration/vpn/sstp.rst:148 msgid "Temporary disable this RADIUS server." msgstr "Temporary disable this RADIUS server." -#: ../../configuration/system/login.rst:258 +#: ../../configuration/system/login.rst:262 msgid "Temporary disable this RADIUS server. It won't be queried." msgstr "Temporary disable this RADIUS server. It won't be queried." -#: ../../configuration/system/login.rst:327 +#: ../../configuration/system/login.rst:331 msgid "Temporary disable this TACACS server. It won't be queried." msgstr "Temporary disable this TACACS server. It won't be queried." @@ -12589,7 +13659,7 @@ msgstr "Test disconnecting given connection-oriented interface. `<interface>` ca msgid "Test from the IPv6 only client:" msgstr "Test from the IPv6 only client:" -#: ../../configuration/vpn/sstp.rst:305 +#: ../../configuration/vpn/sstp.rst:374 msgid "Testing SSTP" msgstr "Testing SSTP" @@ -12621,7 +13691,7 @@ msgstr "The ASP has documented their IPSec requirements:" msgid "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." msgstr "The BGP router can connect to one or more RPKI cache servers to receive validated prefix to origin AS mappings. Advanced failover can be implemented by server sockets with different preference values." -#: ../../configuration/vrf/index.rst:94 +#: ../../configuration/vrf/index.rst:113 msgid "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." msgstr "The CLI configuration is same as mentioned in above articles. The only difference is, that each routing protocol used, must be prefixed with the `vrf name <name>` command." @@ -12661,7 +13731,7 @@ msgstr "The Intel AX200 card does not work out of the box in AP mode, see https: msgid "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." msgstr "The OID ``.1.3.6.1.4.1.8072.1.3.2.3.1.1.4.116.101.115.116``, once called, will contain the output of the extension." -#: ../../configuration/vpn/pptp.rst:6 +#: ../../configuration/vpn/pptp.rst:7 msgid "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." msgstr "The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. PPTP has many well known security issues and you should use one of the many other new VPN implementations." @@ -12701,19 +13771,19 @@ msgstr "The VXLAN specification was originally created by VMware, Arista Network msgid "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." msgstr "The VyOS DNS forwarder does not require an upstream DNS server. It can serve as a full recursive DNS server - but it can also forward queries to configurable upstream DNS servers. By not configuring any upstream DNS servers you also avoid being tracked by the provider of your upstream DNS server." -#: ../../configuration/service/dns.rst:173 +#: ../../configuration/service/dns.rst:160 msgid "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" msgstr "The VyOS DNS forwarder will only accept lookup requests from the LAN subnets - 192.168.1.0/24 and 2001:db8::/64" -#: ../../configuration/service/dns.rst:171 +#: ../../configuration/service/dns.rst:158 msgid "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" msgstr "The VyOS DNS forwarder will only listen for requests on the eth1 (LAN) interface addresses - 192.168.1.254 for IPv4 and 2001:db8::ffff for IPv6" -#: ../../configuration/service/dns.rst:175 +#: ../../configuration/service/dns.rst:162 msgid "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." msgstr "The VyOS DNS forwarder will pass reverse lookups for 10.in-addr.arpa, 168.192.in-addr.arpa, 16-31.172.in-addr.arpa zones to upstream server." -#: ../../configuration/pki/index.rst:254 +#: ../../configuration/pki/index.rst:285 msgid "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." msgstr "The VyOS PKI subsystem can also be used to automatically retrieve Certificates using the :abbr:`ACME (Automatic Certificate Management Environment)` protocol." @@ -12770,7 +13840,11 @@ msgstr "The ``https`` service listens on port 443 with backend `bk-default` to h msgid "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." msgstr "The ``persistent-tunnel`` directive will allow us to configure tunnel-related attributes, such as firewall policy as we would on any normal network interface." -#: ../../configuration/vpn/l2tp.rst:176 +#: ../../configuration/service/ipoe-server.rst:154 +#: ../../configuration/service/pppoe-server.rst:116 +#: ../../configuration/vpn/l2tp.rst:159 +#: ../../configuration/vpn/pptp.rst:99 +#: ../../configuration/vpn/sstp.rst:132 msgid "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." msgstr "The ``source-address`` must be configured on one of VyOS interface. Best practice would be a loopback or dummy interface." @@ -12787,11 +13861,11 @@ msgstr "The above directory and default-config must be a child directory of /con msgid "The action can be :" msgstr "The action can be :" -#: ../../configuration/pki/index.rst:271 +#: ../../configuration/pki/index.rst:302 msgid "The address the server listens to during http-01 challenge" msgstr "The address the server listens to during http-01 challenge" -#: ../../configuration/protocols/bgp.rst:775 +#: ../../configuration/protocols/bgp.rst:797 msgid "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." msgstr "The advantage of this is that the route-selection (at this point) will be more deterministic. The disadvantage is that a few or even one lowest-ID router may attract all traffic to otherwise-equal paths because of this check. It may increase the possibility of MED or IGP oscillation, unless other measures were taken to avoid these. The exact behaviour will be sensitive to the iBGP and reflection topology." @@ -12803,7 +13877,7 @@ msgstr "The allocated address block is 100.64.0.0/10." msgid "The amount of Duplicate Address Detection probes to send." msgstr "The amount of Duplicate Address Detection probes to send." -#: ../../configuration/protocols/bgp.rst:835 +#: ../../configuration/protocols/bgp.rst:857 msgid "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." msgstr "The attributes :cfgcmd:`prefix-list` and :cfgcmd:`distribute-list` are mutually exclusive, and only one command (distribute-list or prefix-list) can be applied to each inbound or outbound direction for a particular neighbor." @@ -12823,11 +13897,15 @@ msgstr "The bonding interface provides a method for aggregating multiple network msgid "The case of ingress shaping" msgstr "The case of ingress shaping" -#: ../../configuration/service/pppoe-server.rst:385 +#: ../../configuration/service/pppoe-server.rst:644 +msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." +msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the PPPoE endpoint on the client side and a /56 subnet for the clients internal use." + +#: ../../configuration/service/pppoe-server.rst:644 msgid "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." msgstr "The client, once successfully authenticated, will receive an IPv4 and an IPv6 /64 address to terminate the pppoe endpoint on the client side and a /56 subnet for the clients internal use." -#: ../../configuration/service/ipoe-server.rst:90 +#: ../../configuration/service/ipoe-server.rst:91 msgid "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." msgstr "The clients :abbr:`CPE (Customer Premises Equipment)` can now communicate via IPv4 or IPv6. All devices behind ``2001:db8::a00:27ff:fe2f:d806/64`` can use addresses from ``2001:db8:1::/56`` and can globally communicate without the need of any NAT rules." @@ -12839,7 +13917,7 @@ msgstr "The command :opcmd:`show interfaces wireguard wg01 public-key` will then msgid "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." msgstr "The command also generates a configuration snipped which can be copy/pasted into the VyOS CLI if needed. The supplied ``<name>`` on the CLI will become the peer name in the snippet." -#: ../../configuration/service/pppoe-server.rst:231 +#: ../../configuration/service/pppoe-server.rst:305 msgid "The command below enables it, assuming the RADIUS connection has been setup and is working." msgstr "The command below enables it, assuming the RADIUS connection has been setup and is working." @@ -12855,9 +13933,9 @@ msgstr "The command pon TESTUNNEL establishes the PPTP tunnel to the remote syst msgid "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" msgstr "The computers on an internal network can use any of the addresses set aside by the :abbr:`IANA (Internet Assigned Numbers Authority)` for private addressing (see :rfc:`1918`). These reserved IP addresses are not in use on the Internet, so an external machine will not directly route to them. The following addresses are reserved for private use:" -#: ../../configuration/service/dhcp-server.rst:210 -#: ../../configuration/service/dhcp-server.rst:601 -#: ../../configuration/service/dhcp-server.rst:644 +#: ../../configuration/service/dhcp-server.rst:216 +#: ../../configuration/service/dhcp-server.rst:608 +#: ../../configuration/service/dhcp-server.rst:652 msgid "The configuration will look as follows:" msgstr "The configuration will look as follows:" @@ -12881,6 +13959,10 @@ msgstr "The connection tracking table contains one entry for each connection bei msgid "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" msgstr "The current attribute 'Filter-Id' is being used as default and can be setup within RADIUS:" +#: ../../configuration/service/pppoe-server.rst:299 +msgid "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" +msgstr "The current attribute ``Filter-Id`` is being used as default and can be setup within RADIUS:" + #: ../../configuration/service/ntp.rst:29 msgid "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." msgstr "The current protocol is version 4 (NTPv4), which is a proposed standard as documented in :rfc:`5905`. It is backward compatible with version 3, specified in :rfc:`1305`." @@ -12905,7 +13987,7 @@ msgstr "The default hostname used is `vyos`." msgid "The default is 1492." msgstr "The default is 1492." -#: ../../configuration/service/dhcp-server.rst:526 +#: ../../configuration/service/dhcp-server.rst:532 msgid "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." msgstr "The default lease time for DHCPv6 leases is 24 hours. This can be changed by supplying a ``default-time``, ``maximum-time`` and ``minimum-time``. All values need to be supplied in seconds." @@ -12937,6 +14019,14 @@ msgstr "The default value is 3." msgid "The default value is 3 packets." msgstr "The default value is 3 packets." +#: ../../configuration/protocols/rpki.rst:124 +msgid "The default value is 600 seconds." +msgstr "The default value is 600 seconds." + +#: ../../configuration/protocols/rpki.rst:117 +msgid "The default value is 7200 seconds." +msgstr "The default value is 7200 seconds." + #: ../../configuration/service/dhcp-server.rst:99 msgid "The default value is 86400 seconds which corresponds to one day." msgstr "The default value is 86400 seconds which corresponds to one day." @@ -12987,15 +14077,19 @@ msgstr "The embedded Squid proxy can use LDAP to authenticate users against a co msgid "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." msgstr "The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` accomplishes that." -#: ../../configuration/service/pppoe-server.rst:369 +#: ../../configuration/service/pppoe-server.rst:627 +msgid "The example below covers a dual-stack configuration." +msgstr "The example below covers a dual-stack configuration." + +#: ../../configuration/service/pppoe-server.rst:627 msgid "The example below covers a dual-stack configuration via pppoe-server." msgstr "The example below covers a dual-stack configuration via pppoe-server." -#: ../../configuration/service/pppoe-server.rst:348 +#: ../../configuration/service/pppoe-server.rst:606 msgid "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." msgstr "The example below uses ACN as access-concentrator name, assigns an address from the pool 10.1.1.100-111, terminates at the local endpoint 10.1.1.1 and serves requests only on eth1." -#: ../../configuration/service/ipoe-server.rst:35 +#: ../../configuration/service/ipoe-server.rst:34 msgid "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." msgstr "The example configuration below will assign an IP to the client on the incoming interface eth2 with the client mac address 08:00:27:2f:d8:06. Other DHCP discovery requests will be ignored, unless the client mac has been enabled in the configuration." @@ -13023,7 +14117,7 @@ msgstr "The first IP in the container network is reserved by the engine and cann msgid "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." msgstr "The first address of the parameter ``client-subnet``, will be used as the default gateway. Connected sessions can be checked via the ``show ipoe-server sessions`` command." -#: ../../configuration/vpn/ipsec.rst:174 +#: ../../configuration/vpn/ipsec.rst:178 msgid "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." msgstr "The first and arguably cleaner option is to make your IPsec policy match GRE packets between external addresses of your routers. This is the best option if both routers have static external addresses." @@ -13039,14 +14133,18 @@ msgstr "The first ip address is the RP's address and the second value is the mat msgid "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." msgstr "The first registration request is sent to the protocol broadcast address, and the server's real protocol address is dynamically detected from the first registration reply." -#: ../../configuration/vpn/sstp.rst:311 +#: ../../configuration/vpn/sstp.rst:484 msgid "The following PPP configuration tests MSCHAP-v2:" msgstr "The following PPP configuration tests MSCHAP-v2:" -#: ../../configuration/system/login.rst:143 +#: ../../configuration/system/login.rst:147 msgid "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" msgstr "The following command can be used to generate the OTP key as well as the CLI commands to configure them:" +#: ../../configuration/protocols/bgp.rst:664 +msgid "The following command uses the explicit-null label value for all the BGP instances." +msgstr "The following command uses the explicit-null label value for all the BGP instances." + #: ../../configuration/interfaces/openvpn.rst:708 msgid "The following commands let you check tunnel status." msgstr "The following commands let you check tunnel status." @@ -13059,7 +14157,7 @@ msgstr "The following commands let you reset OpenVPN." msgid "The following commands translate to \"--net host\" when the container is created" msgstr "The following commands translate to \"--net host\" when the container is created" -#: ../../configuration/vrf/index.rst:101 +#: ../../configuration/vrf/index.rst:120 msgid "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" msgstr "The following commands would be required to set options for a given dynamic routing protocol inside a given vrf:" @@ -13083,6 +14181,10 @@ msgstr "The following configuration reverse-proxy terminate SSL." msgid "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." msgstr "The following configuration will assign a /64 prefix out of a /56 delegation to eth0. The IPv6 address assigned to eth0 will be <prefix>::ffff/64. If you do not know the prefix size delegated to you, start with sla-len 0." +#: ../../configuration/interfaces/pppoe.rst:383 +msgid "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." +msgstr "The following configuration will setup a PPPoE session source from eth1 and assign a /64 prefix out of a /56 delegation (requested from the ISP) to eth0. The IPv6 address assigned to eth0 will be <prefix>::1/64. If you do not know the prefix size delegated to you, start with sla-len 0." + #: ../../configuration/policy/examples.rst:155 msgid "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." msgstr "The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple ISP's and VyOS router will respond from the same interface that the packet was received. Also, it used, if we want that one VPN tunnel to be through one provider, and the second through another." @@ -13095,7 +14197,7 @@ msgstr "The following example creates a WAP. When configuring multiple WAP inter msgid "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." msgstr "The following example is based on a Sierra Wireless MC7710 miniPCIe card (only the form factor in reality it runs UBS) and Deutsche Telekom as ISP. The card is assembled into a :ref:`pc-engines-apu4`." -#: ../../configuration/vrf/index.rst:237 +#: ../../configuration/vrf/index.rst:256 msgid "The following example topology was built using EVE-NG." msgstr "The following example topology was built using EVE-NG." @@ -13140,7 +14242,7 @@ msgstr "The forwarding delay time is the time spent in each of the listening and msgid "The generated configuration will look like:" msgstr "The generated configuration will look like:" -#: ../../configuration/pki/index.rst:107 +#: ../../configuration/pki/index.rst:109 msgid "The generated parameters are then output to the console." msgstr "The generated parameters are then output to the console." @@ -13168,7 +14270,7 @@ msgstr "The hostname can be up to 63 characters. A hostname must start and end w msgid "The hostname or IP address of the master" msgstr "The hostname or IP address of the master" -#: ../../configuration/service/dhcp-server.rst:632 +#: ../../configuration/service/dhcp-server.rst:640 msgid "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." msgstr "The identifier is the device's DUID: colon-separated hex list (as used by isc-dhcp option dhcpv6.client-id). If the device already has a dynamic lease from the DHCPv6 server, its DUID can be found with ``show service dhcpv6 server leases``. The DUID begins at the 5th octet (after the 4th colon) of IAID_DUID." @@ -13212,7 +14314,7 @@ msgstr "The legacy and zone-based firewall configuration options is not longer s msgid "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." msgstr "The limiter performs basic ingress policing of traffic flows. Multiple classes of traffic can be defined and traffic limits can be applied to each class. Although the policer uses a token bucket mechanism internally, it does not have the capability to delay a packet as a shaping mechanism does. Traffic exceeding the defined bandwidth limits is directly dropped. A maximum allowed burst can be configured too." -#: ../../configuration/policy/route-map.rst:255 +#: ../../configuration/policy/route-map.rst:258 msgid "The link bandwidth extended community is encoded as non-transitive" msgstr "The link bandwidth extended community is encoded as non-transitive" @@ -13240,6 +14342,10 @@ msgstr "The main points regarding this packet flow and terminology used in VyOS msgid "The main structure VyOS firewall cli is shown next:" msgstr "The main structure VyOS firewall cli is shown next:" +#: ../../configuration/firewall/index.rst:92 +msgid "The main structure of the VyOS firewall CLI is shown next:" +msgstr "The main structure of the VyOS firewall CLI is shown next:" + #: ../../configuration/interfaces/bonding.rst:271 msgid "The maximum number of targets that can be specified is 16. The default value is no IP address." msgstr "The maximum number of targets that can be specified is 16. The default value is no IP address." @@ -13272,11 +14378,15 @@ msgstr "The multicast-group used by all leaves for this vlan extension. Has to b msgid "The name of the service can be different, in this example it is only for convenience." msgstr "The name of the service can be different, in this example it is only for convenience." +#: ../../configuration/service/dns.rst:171 +msgid "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." +msgstr "The netmask or domain that EDNS Client Subnet should be enabled for in outgoing queries." + #: ../../configuration/service/dhcp-server.rst:13 msgid "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." msgstr "The network topology is declared by shared-network-name and the subnet declarations. The DHCP service can serve multiple shared networks, with each shared network having 1 or more subnets. Each subnet must be present on an interface. A range can be declared inside a subnet to define a pool of dynamic addresses. Multiple ranges can be defined and can contain holes. Static mappings can be set to assign \"static\" addresses to clients based on their MAC address." -#: ../../configuration/service/conntrack-sync.rst:188 +#: ../../configuration/service/conntrack-sync.rst:192 msgid "The next example is a simple configuration of conntrack-sync." msgstr "The next example is a simple configuration of conntrack-sync." @@ -13324,7 +14434,7 @@ msgstr "The outgoing interface to perform the translation on" msgid "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." msgstr "The peer name must be an alphanumeric and can have hypen or underscore as special characters. It is purely informational." -#: ../../configuration/vpn/ipsec.rst:235 +#: ../../configuration/vpn/ipsec.rst:239 msgid "The peer names RIGHT and LEFT are used as informational text." msgstr "The peer names RIGHT and LEFT are used as informational text." @@ -13332,7 +14442,7 @@ msgstr "The peer names RIGHT and LEFT are used as informational text." msgid "The peer with lower priority will become the key server and start distributing SAKs." msgstr "The peer with lower priority will become the key server and start distributing SAKs." -#: ../../configuration/vrf/index.rst:181 +#: ../../configuration/vrf/index.rst:200 msgid "The ping command is used to test whether a network host is reachable or not." msgstr "The ping command is used to test whether a network host is reachable or not." @@ -13352,7 +14462,7 @@ msgstr "The prefix and ASN that originated it match a signed ROA. These are prob msgid "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." msgstr "The prefix or prefix length and ASN that originated it doesn't match any existing ROA. This could be the result of a prefix hijack, or merely a misconfiguration, but should probably be treated as untrustworthy route announcements." -#: ../../configuration/service/dhcp-server.rst:375 +#: ../../configuration/service/dhcp-server.rst:381 msgid "The primary DHCP server uses address `192.168.189.252`" msgstr "The primary DHCP server uses address `192.168.189.252`" @@ -13368,11 +14478,11 @@ msgstr "The primary option is only valid for active-backup, transmit-load-balanc msgid "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." msgstr "The priority must be an integer number from 1 to 255. Higher priority value increases router's precedence in the master elections." -#: ../../configuration/service/dhcp-server.rst:539 +#: ../../configuration/service/dhcp-server.rst:545 msgid "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" msgstr "The procedure to specify a :abbr:`NIS+ (Network Information Service Plus)` domain is similar to the NIS domain one:" -#: ../../configuration/vrf/index.rst:222 +#: ../../configuration/vrf/index.rst:241 msgid "The prompt is adjusted to reflect this change in both config and op-mode." msgstr "The prompt is adjusted to reflect this change in both config and op-mode." @@ -13400,7 +14510,7 @@ msgstr "The public IP address of the local side of the VPN will be 198.51.100.10 msgid "The public IP address of the remote side of the VPN will be 203.0.113.11." msgstr "The public IP address of the remote side of the VPN will be 203.0.113.11." -#: ../../configuration/service/ipoe-server.rst:130 +#: ../../configuration/service/ipoe-server.rst:131 #: ../../configuration/vpn/l2tp.rst:120 msgid "The rate-limit is set in kbit/sec." msgstr "The rate-limit is set in kbit/sec." @@ -13421,6 +14531,10 @@ msgstr "The remote site will have a subnet of 10.1.0.0/16." msgid "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." msgstr "The remote user will use the openconnect client to connect to the router and will receive an IP address from a VPN pool, allowing full access to the network." +#: ../../configuration/service/dns.rst:161 +msgid "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." +msgstr "The requestor netmask for which the requestor IP Address should be used as the EDNS Client Subnet for outgoing queries." + #: ../../configuration/interfaces/openvpn.rst:458 msgid "The required config file may look like this:" msgstr "The required config file may look like this:" @@ -13465,7 +14579,7 @@ msgstr "The sFlow accounting based on hsflowd https://sflow.net/" msgid "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." msgstr "The same configuration options apply when Identity based config is configured in group mode except that group mode can only be used with RADIUS authentication." -#: ../../configuration/vpn/ipsec.rst:227 +#: ../../configuration/vpn/ipsec.rst:231 msgid "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." msgstr "The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a loopback interface and use it as a source address for the GRE tunnel, then setup an IPsec policy to match those loopback addresses." @@ -13473,7 +14587,7 @@ msgstr "The scheme above doesn't work when one of the routers has a dynamic exte msgid "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." msgstr "The search filter can contain up to 15 occurrences of %s which will be replaced by the username, as in \"uid=%s\" for :rfc:`2037` directories. For a detailed description of LDAP search filter syntax see :rfc:`2254`." -#: ../../configuration/service/dhcp-server.rst:376 +#: ../../configuration/service/dhcp-server.rst:382 msgid "The secondary DHCP server uses address `192.168.189.253`" msgstr "The secondary DHCP server uses address `192.168.189.253`" @@ -13533,11 +14647,14 @@ msgstr "The type can be the following: asbr-summary, external, network, nssa-ext msgid "The ultimate goal of classifying traffic is to give each class a different treatment." msgstr "The ultimate goal of classifying traffic is to give each class a different treatment." -#: ../../configuration/service/ipoe-server.rst:18 +#: ../../configuration/service/ipoe-server.rst:16 msgid "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." msgstr "The use of IPoE addresses the disadvantage that PPP is unsuited for multicast delivery to multiple users. Typically, IPoE uses Dynamic Host Configuration Protocol and Extensible Authentication Protocol to provide the same functionality as PPPoE, but in a less robust manner." -#: ../../configuration/vpn/l2tp.rst:221 +#: ../../configuration/service/pppoe-server.rst:222 +#: ../../configuration/vpn/l2tp.rst:265 +#: ../../configuration/vpn/pptp.rst:205 +#: ../../configuration/vpn/sstp.rst:238 msgid "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." msgstr "The value of the attribute ``NAS-Port-Id`` must be less than 16 characters, otherwise the interface won't be renamed." @@ -13549,7 +14666,11 @@ msgstr "The vendor-class-id option can be used to request a specific class of ve msgid "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." msgstr "The veth devices are virtual Ethernet devices. They can act as tunnels between network namespaces to create a bridge to a physical network device in another namespace or VRF, but can also be used as standalone network devices." -#: ../../configuration/system/login.rst:138 +#: ../../configuration/service/router-advert.rst:86 +msgid "The well known NAT64 prefix is ``64:ff9b::/96``" +msgstr "The well known NAT64 prefix is ``64:ff9b::/96``" + +#: ../../configuration/system/login.rst:142 msgid "The window size must be between 1 and 21." msgstr "The window size must be between 1 and 21." @@ -13557,6 +14678,10 @@ msgstr "The window size must be between 1 and 21." msgid "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." msgstr "The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users." +#: ../../configuration/service/ids.rst:125 +msgid "Then, FastNetMon configuration:" +msgstr "Then, FastNetMon configuration:" + #: ../../configuration/nat/nat44.rst:621 msgid "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." msgstr "Then a corresponding SNAT rule is created to NAT outgoing traffic for the internal IP to a reserved external IP. This dedicates an external IP address to an internal IP address and is useful for protocols which don't have the notion of ports, such as GRE." @@ -13596,7 +14721,7 @@ msgstr "There are a lot of matching criteria against which the packet can be tes msgid "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." msgstr "There are a lot of matching criteria options available, both for ``policy route`` and ``policy route6``. These options are listed in this section." -#: ../../configuration/system/ipv6.rst:92 +#: ../../configuration/system/ipv6.rst:105 msgid "There are different parameters for getting prefix-list information:" msgstr "There are different parameters for getting prefix-list information:" @@ -13612,7 +14737,7 @@ msgstr "There are many parameters you will be able to use in order to match the msgid "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" msgstr "There are multiple versions available for the NetFlow data. The `<version>` used in the exported flow data can be configured here. The following versions are supported:" -#: ../../configuration/service/ipoe-server.rst:153 +#: ../../configuration/service/ipoe-server.rst:154 msgid "There are rate-limited and non rate-limited users (MACs)" msgstr "There are rate-limited and non rate-limited users (MACs)" @@ -13628,7 +14753,7 @@ msgstr "There are three modes of operation for a wireless interface:" msgid "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" msgstr "There are two types of Network Admins who deal with BGP, those who have created an international incident and/or outage, and those who are lying" -#: ../../configuration/protocols/bgp.rst:896 +#: ../../configuration/protocols/bgp.rst:918 msgid "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" msgstr "There are two ways that help us to mitigate the BGPs full-mesh requirement in a network:" @@ -13757,7 +14882,7 @@ msgstr "This command allows peerings between directly connected eBGP peers using msgid "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." msgstr "This command allows sessions to be established with eBGP neighbors when they are multiple hops away. When the neighbor is not directly connected and this knob is not enabled, the session will not establish. The number of hops range is 1 to 255. This command is mutually exclusive with :cfgcmd:`ttl-security hops`." -#: ../../configuration/protocols/bgp.rst:812 +#: ../../configuration/protocols/bgp.rst:834 msgid "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." msgstr "This command allows the router to prefer route to specified prefix learned via IGP through backdoor link instead of a route to the same prefix learned via EBGP." @@ -13814,19 +14939,19 @@ msgstr "This command allows you to select a specific access concentrator when yo msgid "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." msgstr "This command applies route-map to selectively unsuppress prefixes suppressed by summarisation." -#: ../../configuration/protocols/bgp.rst:867 +#: ../../configuration/protocols/bgp.rst:889 msgid "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." msgstr "This command applies the AS path access list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the AS path access list are applied." -#: ../../configuration/protocols/bgp.rst:843 +#: ../../configuration/protocols/bgp.rst:865 msgid "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." msgstr "This command applies the access list filters named in <number> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the access list are applied." -#: ../../configuration/protocols/bgp.rst:851 +#: ../../configuration/protocols/bgp.rst:873 msgid "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." msgstr "This command applies the prfefix list filters named in <name> to the specified BGP neighbor to restrict the routing information that BGP learns and/or advertises. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the prefix list are applied." -#: ../../configuration/protocols/bgp.rst:859 +#: ../../configuration/protocols/bgp.rst:881 msgid "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." msgstr "This command applies the route map named in <name> to the specified BGP neighbor to control and modify routing information that is exchanged between peers. The arguments :cfgcmd:`export` and :cfgcmd:`import` specify the direction in which the route map are applied." @@ -13854,7 +14979,7 @@ msgstr "This command can be used to filter the RIP path using prefix lists. :cfg msgid "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." msgstr "This command can be used with previous command to sets default RIP distance to specified value when the route source IP address matches the specified prefix and the specified access-list." -#: ../../configuration/protocols/bgp.rst:652 +#: ../../configuration/protocols/bgp.rst:674 msgid "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." msgstr "This command change distance value of BGP. The arguments are the distance values for external routes, internal routes and local routes respectively. The distance range is 1 to 255." @@ -13878,7 +15003,7 @@ msgstr "This command change distance value of OSPFv3 globally. The distance rang msgid "This command change the distance value of RIP. The distance range is 1 to 255." msgstr "This command change the distance value of RIP. The distance range is 1 to 255." -#: ../../configuration/protocols/bgp.rst:638 +#: ../../configuration/protocols/bgp.rst:650 msgid "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." msgstr "This command changes the eBGP behavior of FRR. By default FRR enables :rfc:`8212` functionality which affects how eBGP routes are advertised, namely no routes are advertised across eBGP sessions without some sort of egress route-map/policy in place. In VyOS however we have this RFC functionality disabled by default so that we can preserve backwards compatibility with older versions of VyOS. With this option one can enable :rfc:`8212` functionality to operate." @@ -13954,23 +15079,23 @@ msgstr "This command defines matching parameters for access list rule. Matching msgid "This command defines the IS-IS router behavior:" msgstr "This command defines the IS-IS router behavior:" -#: ../../configuration/protocols/bgp.rst:720 +#: ../../configuration/protocols/bgp.rst:742 msgid "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is re-advertised. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:726 +#: ../../configuration/protocols/bgp.rst:748 msgid "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." msgstr "This command defines the accumulated penalty amount at which the route is suppressed. The penalty range is 1 to 20000." -#: ../../configuration/protocols/bgp.rst:713 +#: ../../configuration/protocols/bgp.rst:735 msgid "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." msgstr "This command defines the amount of time in minutes after which a penalty is reduced by half. The timer range is 10 to 45 minutes." -#: ../../configuration/protocols/bgp.rst:595 +#: ../../configuration/protocols/bgp.rst:601 msgid "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." msgstr "This command defines the maximum number of parallel routes that the BGP can support. In order for BGP to use the second path, the following attributes have to match: Weight, Local Preference, AS Path (both AS number and AS path length), Origin code, MED, IGP metric. Also, the next hop address for each path must be different." -#: ../../configuration/protocols/bgp.rst:732 +#: ../../configuration/protocols/bgp.rst:754 msgid "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." msgstr "This command defines the maximum time in minutes that a route is suppressed. The timer range is 1 to 255 minutes." @@ -13997,7 +15122,7 @@ msgstr "This command disables check of the MTU value in the OSPF DBD packets. Th msgid "This command disables it." msgstr "This command disables it." -#: ../../configuration/protocols/bgp.rst:607 +#: ../../configuration/protocols/bgp.rst:619 msgid "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." msgstr "This command disables route reflection between route reflector clients. By default, the clients of a route reflector are not required to be fully meshed and the routes from a client are reflected to other clients. However, if the clients are fully meshed, route reflection is not required. In this case, use the :cfgcmd:`no-client-to-client-reflection` command to disable client-to-client reflection." @@ -14009,23 +15134,23 @@ msgstr "This command disables split-horizon on the interface. By default, VyOS d msgid "This command disables the load sharing across multiple LFA backups." msgstr "This command disables the load sharing across multiple LFA backups." -#: ../../configuration/protocols/bgp.rst:1009 +#: ../../configuration/protocols/bgp.rst:1031 msgid "This command displays BGP dampened routes." msgstr "This command displays BGP dampened routes." -#: ../../configuration/protocols/bgp.rst:1032 +#: ../../configuration/protocols/bgp.rst:1054 msgid "This command displays BGP received-routes that are accepted after filtering." msgstr "This command displays BGP received-routes that are accepted after filtering." -#: ../../configuration/protocols/bgp.rst:1022 +#: ../../configuration/protocols/bgp.rst:1044 msgid "This command displays BGP routes advertised to a neighbor." msgstr "This command displays BGP routes advertised to a neighbor." -#: ../../configuration/protocols/bgp.rst:1017 +#: ../../configuration/protocols/bgp.rst:1039 msgid "This command displays BGP routes allowed by the specified AS Path access list." msgstr "This command displays BGP routes allowed by the specified AS Path access list." -#: ../../configuration/protocols/bgp.rst:1026 +#: ../../configuration/protocols/bgp.rst:1048 msgid "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." msgstr "This command displays BGP routes originating from the specified BGP neighbor before inbound policy is applied. To use this command inbound soft reconfiguration must be enabled." @@ -14052,11 +15177,11 @@ msgstr "This command displays a summary table with a database contents (LSA)." msgid "This command displays a table of paths to area boundary and autonomous system boundary routers." msgstr "This command displays a table of paths to area boundary and autonomous system boundary routers." -#: ../../configuration/protocols/bgp.rst:957 +#: ../../configuration/protocols/bgp.rst:979 msgid "This command displays all entries in BGP routing table." msgstr "This command displays all entries in BGP routing table." -#: ../../configuration/protocols/bgp.rst:1036 +#: ../../configuration/protocols/bgp.rst:1058 msgid "This command displays dampened routes received from BGP neighbor." msgstr "This command displays dampened routes received from BGP neighbor." @@ -14064,27 +15189,27 @@ msgstr "This command displays dampened routes received from BGP neighbor." msgid "This command displays external information redistributed into OSPFv3" msgstr "This command displays external information redistributed into OSPFv3" -#: ../../configuration/protocols/bgp.rst:1040 +#: ../../configuration/protocols/bgp.rst:1062 msgid "This command displays information about BGP routes whose AS path matches the specified regular expression." msgstr "This command displays information about BGP routes whose AS path matches the specified regular expression." -#: ../../configuration/protocols/bgp.rst:1013 +#: ../../configuration/protocols/bgp.rst:1035 msgid "This command displays information about flapping BGP routes." msgstr "This command displays information about flapping BGP routes." -#: ../../configuration/protocols/bgp.rst:977 +#: ../../configuration/protocols/bgp.rst:999 msgid "This command displays information about the particular entry in the BGP routing table." msgstr "This command displays information about the particular entry in the BGP routing table." -#: ../../configuration/protocols/bgp.rst:1004 +#: ../../configuration/protocols/bgp.rst:1026 msgid "This command displays routes that are permitted by the BGP community list." msgstr "This command displays routes that are permitted by the BGP community list." -#: ../../configuration/protocols/bgp.rst:997 +#: ../../configuration/protocols/bgp.rst:1019 msgid "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." msgstr "This command displays routes that belong to specified BGP communities. Valid value is a community number in the range from 1 to 4294967200, or AA:NN (autonomous system-community number/2-byte number), no-export, local-as, or no-advertise." -#: ../../configuration/protocols/bgp.rst:993 +#: ../../configuration/protocols/bgp.rst:1015 msgid "This command displays routes with classless interdomain routing (CIDR)." msgstr "This command displays routes with classless interdomain routing (CIDR)." @@ -14126,7 +15251,7 @@ msgstr "This command displays the neighbors status." msgid "This command displays the neighbors status for a neighbor on the specified interface." msgstr "This command displays the neighbors status for a neighbor on the specified interface." -#: ../../configuration/protocols/bgp.rst:1045 +#: ../../configuration/protocols/bgp.rst:1067 msgid "This command displays the status of all BGP connections." msgstr "This command displays the status of all BGP connections." @@ -14134,7 +15259,7 @@ msgstr "This command displays the status of all BGP connections." msgid "This command enable/disables summarisation for the configured address range." msgstr "This command enable/disables summarisation for the configured address range." -#: ../../configuration/protocols/bgp.rst:603 +#: ../../configuration/protocols/bgp.rst:615 msgid "This command enable logging neighbor up/down changes and reset reason." msgstr "This command enable logging neighbor up/down changes and reset reason." @@ -14174,7 +15299,7 @@ msgstr "This command enables sending timestamps with each Hello and IHU message msgid "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." msgstr "This command enables support for dynamic hostname TLV. Dynamic hostname mapping determined as described in :rfc:`2763`, Dynamic Hostname Exchange Mechanism for IS-IS." -#: ../../configuration/protocols/bgp.rst:875 +#: ../../configuration/protocols/bgp.rst:897 msgid "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." msgstr "This command enables the ORF capability (described in :rfc:`5291`) on the local router, and enables ORF capability advertisement to the specified BGP peer. The :cfgcmd:`receive` keyword configures a router to advertise ORF receive capabilities. The :cfgcmd:`send` keyword configures a router to advertise ORF send capabilities. To advertise a filter from a sender, you must create an IP prefix list for the specified BGP peer applied in inbound derection." @@ -14198,7 +15323,7 @@ msgstr "This command generate a default route into the RIP." msgid "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command gives a brief status overview of a specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:632 +#: ../../configuration/protocols/bgp.rst:644 msgid "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." msgstr "This command goes hand in hand with the listen range command to limit the amount of BGP neighbors that are allowed to connect to the local router. The limit range is 1 to 5000." @@ -14241,7 +15366,7 @@ msgstr "This command is used for advertising IPv4 or IPv6 networks." msgid "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." msgstr "This command is used to retrieve information about WAP within the range of your wireless interface. This command is useful on wireless interfaces configured in station mode." -#: ../../configuration/protocols/bgp.rst:620 +#: ../../configuration/protocols/bgp.rst:632 msgid "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." msgstr "This command is useful if one desires to loosen the requirement for BGP to have strictly defined neighbors. Specifically what is allowed is for the local router to listen to a range of IPv4 or IPv6 addresses defined by a prefix and to accept BGP open messages. When a TCP connection (and subsequently a BGP open message) from within this range tries to connect the local router then the local router will respond and connect with the parameters that are defined within the peer group. One must define a peer-group for each range that is listed. If no peer-group is defined then an error will keep you from committing the configuration." @@ -14253,15 +15378,15 @@ msgstr "This command modifies the default metric (hop count) value for redistrib msgid "This command override AS number of the originating router with the local AS number." msgstr "This command override AS number of the originating router with the local AS number." -#: ../../configuration/protocols/bgp.rst:885 +#: ../../configuration/protocols/bgp.rst:907 msgid "This command prevents from sending back prefixes learned from the neighbor." msgstr "This command prevents from sending back prefixes learned from the neighbor." -#: ../../configuration/protocols/bgp.rst:804 +#: ../../configuration/protocols/bgp.rst:826 msgid "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." msgstr "This command provides to compare different MED values that advertised by neighbours in the same AS for routes selection. When this command is enabled, routes from the same autonomous system are grouped together, and the best entries of each group are compared." -#: ../../configuration/protocols/bgp.rst:741 +#: ../../configuration/protocols/bgp.rst:763 msgid "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." msgstr "This command provides to compare the MED on routes, even when they were received from different neighbouring ASes. Setting this option makes the order of preference of routes more defined, and should eliminate MED induced oscillations." @@ -14297,19 +15422,19 @@ msgstr "This command redistributes routing information from the given route sour msgid "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." msgstr "This command removes the private ASN of routes that are advertised to the configured peer. It removes only private ASNs on routes advertised to EBGP peers." -#: ../../configuration/protocols/bgp.rst:1068 +#: ../../configuration/protocols/bgp.rst:1090 msgid "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified neighbor IP address. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1088 +#: ../../configuration/protocols/bgp.rst:1110 msgid "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." msgstr "This command resets BGP connections to the specified peer group. With argument :cfgcmd:`soft` this command initiates a soft reset. If you do not specify the :cfgcmd:`in` or :cfgcmd:`out` options, both inbound and outbound soft reconfiguration are triggered." -#: ../../configuration/protocols/bgp.rst:1075 +#: ../../configuration/protocols/bgp.rst:1097 msgid "This command resets all BGP connections of given router." msgstr "This command resets all BGP connections of given router." -#: ../../configuration/protocols/bgp.rst:1084 +#: ../../configuration/protocols/bgp.rst:1106 msgid "This command resets all external BGP peers of given router." msgstr "This command resets all external BGP peers of given router." @@ -14389,7 +15514,7 @@ msgstr "This command sets number of seconds for RxmtInterval timer value. This v msgid "This command sets old-style (ISO 10589) or new style packet formats:" msgstr "This command sets old-style (ISO 10589) or new style packet formats:" -#: ../../configuration/protocols/bgp.rst:944 +#: ../../configuration/protocols/bgp.rst:966 msgid "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." msgstr "This command sets other confederations <nsubasn> as members of autonomous system specified by :cfgcmd:`confederation identifier <asn>`." @@ -14401,7 +15526,7 @@ msgstr "This command sets overload bit to avoid any transit traffic through this msgid "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." msgstr "This command sets priority for the interface for :abbr:`DIS (Designated Intermediate System)` election. The priority range is 0 to 127." -#: ../../configuration/protocols/bgp.rst:659 +#: ../../configuration/protocols/bgp.rst:681 msgid "This command sets the administrative distance for a particular route. The distance range is 1 to 255." msgstr "This command sets the administrative distance for a particular route. The distance range is 1 to 255." @@ -14461,7 +15586,7 @@ msgstr "This command should NOT be set normally." msgid "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." msgstr "This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999." -#: ../../configuration/protocols/bgp.rst:938 +#: ../../configuration/protocols/bgp.rst:960 msgid "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." msgstr "This command specifies a BGP confederation identifier. <asn> is the number of the autonomous system that internally includes multiple sub-autonomous systems (a confederation)." @@ -14517,11 +15642,11 @@ msgstr "This command specifies attributes to be left unchanged for advertisement msgid "This command specifies circuit type for interface:" msgstr "This command specifies circuit type for interface:" -#: ../../configuration/protocols/bgp.rst:920 +#: ../../configuration/protocols/bgp.rst:942 msgid "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." msgstr "This command specifies cluster ID which identifies a collection of route reflectors and their clients, and is used by route reflectors to avoid looping. By default cluster ID is set to the BGP router id value, but can be set to an arbitrary 32-bit value." -#: ../../configuration/protocols/bgp.rst:671 +#: ../../configuration/protocols/bgp.rst:693 msgid "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." msgstr "This command specifies hold-time in seconds. The timer range is 4 to 65535. The default value is 180 second. If you set value to 0 VyOS will not hold routes." @@ -14530,7 +15655,7 @@ msgstr "This command specifies hold-time in seconds. The timer range is 4 to 655 msgid "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." msgstr "This command specifies interface as passive. Passive interface advertises its address, but does not run the OSPF protocol (adjacencies are not formed and hello packets are not generated)." -#: ../../configuration/protocols/bgp.rst:677 +#: ../../configuration/protocols/bgp.rst:699 msgid "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." msgstr "This command specifies keep-alive time in seconds. The timer can range from 4 to 65535. The default value is 60 second." @@ -14558,15 +15683,15 @@ msgstr "This command specifies metric type for redistributed routes. Difference msgid "This command specifies network type to Point-to-Point. The default network type is broadcast." msgstr "This command specifies network type to Point-to-Point. The default network type is broadcast." -#: ../../configuration/protocols/bgp.rst:784 +#: ../../configuration/protocols/bgp.rst:806 msgid "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." msgstr "This command specifies that BGP considers the MED when comparing routes originated from different sub-ASs within the confederation to which this BGP speaker belongs. The default state, where the MED attribute is not considered." -#: ../../configuration/protocols/bgp.rst:754 +#: ../../configuration/protocols/bgp.rst:776 msgid "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." msgstr "This command specifies that BGP decision process should consider paths of equal AS_PATH length candidates for multipath computation. Without the knob, the entire AS_PATH must match for multipath computation." -#: ../../configuration/protocols/bgp.rst:791 +#: ../../configuration/protocols/bgp.rst:813 msgid "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." msgstr "This command specifies that a route with a MED is always considered to be better than a route without a MED by causing the missing MED attribute to have a value of infinity. The default state, where the missing MED attribute is considered to have a value of zero." @@ -14582,7 +15707,7 @@ msgstr "This command specifies that simple password authentication should be use msgid "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." msgstr "This command specifies that the community attribute should not be sent in route updates to a peer. By default community attribute is sent." -#: ../../configuration/protocols/bgp.rst:748 +#: ../../configuration/protocols/bgp.rst:770 msgid "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." msgstr "This command specifies that the length of confederation path sets and sequences should be taken into account during the BGP best path decision process." @@ -14622,7 +15747,7 @@ msgstr "This command specifies the base receive cost for this interface. For wir msgid "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." msgstr "This command specifies the decay factor for the exponential moving average of RTT samples, in units of 1/256. Higher values discard old samples faster. The default is 42." -#: ../../configuration/protocols/bgp.rst:799 +#: ../../configuration/protocols/bgp.rst:821 msgid "This command specifies the default local preference value. The local preference range is 0 to 4294967295." msgstr "This command specifies the default local preference value. The local preference range is 0 to 4294967295." @@ -14634,7 +15759,7 @@ msgstr "This command specifies the default metric value of redistributed routes. msgid "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." msgstr "This command specifies the garbage-collection timer. Upon expiration of the garbage-collection timer, the route is finally removed from the routing table. The time range is 5 to 2147483647. The default value is 120 seconds." -#: ../../configuration/protocols/bgp.rst:916 +#: ../../configuration/protocols/bgp.rst:938 msgid "This command specifies the given neighbor as route reflector client." msgstr "This command specifies the given neighbor as route reflector client." @@ -14658,7 +15783,7 @@ msgstr "This command specifies the minimum RTT, in milliseconds, starting from w msgid "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." msgstr "This command specifies the minimum route advertisement interval for the peer. The interval value is 0 to 600 seconds, with the default advertisement interval being 0." -#: ../../configuration/protocols/bgp.rst:589 +#: ../../configuration/protocols/bgp.rst:595 msgid "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." msgstr "This command specifies the router-ID. If router ID is not specified it will use the highest interface IP address." @@ -14714,7 +15839,7 @@ msgstr "This command summarizes intra area paths from specified area into one su msgid "This command to ensure not advertise the summary lsa for the matched external LSAs." msgstr "This command to ensure not advertise the summary lsa for the matched external LSAs." -#: ../../configuration/protocols/bgp.rst:1079 +#: ../../configuration/protocols/bgp.rst:1101 msgid "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." msgstr "This command uses to clear BGP route dampening information and to unsuppress suppressed routes." @@ -14763,7 +15888,7 @@ msgstr "This command will generate a default-route in L2 database." msgid "This command will give an overview of a rule in a single rule-set" msgstr "This command will give an overview of a rule in a single rule-set" -#: ../../configuration/firewall/ipv4.rst:1091 +#: ../../configuration/firewall/ipv4.rst:1114 msgid "This command will give an overview of a rule in a single rule-set, plus information for default action." msgstr "This command will give an overview of a rule in a single rule-set, plus information for default action." @@ -14771,7 +15896,7 @@ msgstr "This command will give an overview of a rule in a single rule-set, plus msgid "This command will give an overview of a rule in a single rule-set." msgstr "This command will give an overview of a rule in a single rule-set." -#: ../../configuration/firewall/ipv4.rst:1072 +#: ../../configuration/firewall/ipv4.rst:1095 #: ../../configuration/firewall/ipv6.rst:1088 msgid "This command will give an overview of a single rule-set." msgstr "This command will give an overview of a single rule-set." @@ -14805,7 +15930,7 @@ msgid "This configuration modifies the behavior of the network statement. If you msgstr "This configuration modifies the behavior of the network statement. If you have this configured the underlying network must exist in the routing table." #: ../../configuration/service/dhcp-server.rst:76 -#: ../../configuration/service/dhcp-server.rst:520 +#: ../../configuration/service/dhcp-server.rst:526 msgid "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." msgstr "This configuration parameter is required and must be unique to each subnet. It is required to map subnets to lease file entries." @@ -14825,7 +15950,7 @@ msgstr "This creates a route policy called FILTER-WEB with one rule to set the r msgid "This defaults to 10000." msgstr "This defaults to 10000." -#: ../../configuration/system/login.rst:254 +#: ../../configuration/system/login.rst:258 msgid "This defaults to 1812." msgstr "This defaults to 1812." @@ -14833,7 +15958,7 @@ msgstr "This defaults to 1812." msgid "This defaults to 2007." msgstr "This defaults to 2007." -#: ../../configuration/service/dns.rst:271 +#: ../../configuration/service/dns.rst:285 msgid "This defaults to 300 seconds." msgstr "This defaults to 300 seconds." @@ -14841,7 +15966,7 @@ msgstr "This defaults to 300 seconds." msgid "This defaults to 30 seconds." msgstr "This defaults to 30 seconds." -#: ../../configuration/system/login.rst:323 +#: ../../configuration/system/login.rst:327 msgid "This defaults to 49." msgstr "This defaults to 49." @@ -14857,7 +15982,7 @@ msgstr "This defaults to UDP" msgid "This defaults to both 1.2 and 1.3." msgstr "This defaults to both 1.2 and 1.3." -#: ../../configuration/pki/index.rst:283 +#: ../../configuration/pki/index.rst:314 msgid "This defaults to https://acme-v02.api.letsencrypt.org/directory" msgstr "This defaults to https://acme-v02.api.letsencrypt.org/directory" @@ -14893,15 +16018,27 @@ msgstr "This establishes our Port Forward rule, but if we created a firewall pol msgid "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." msgstr "This example shows how to target an MSS clamp (in our example to 1360 bytes) to a specific destination IP." +#: ../../configuration/vpn/ipsec.rst:392 +msgid "This example uses CACert as certificate authority." +msgstr "This example uses CACert as certificate authority." + +#: ../../configuration/vpn/ipsec.rst:386 +msgid "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." +msgstr "This feature closely works together with :ref:`pki` subsystem as you required a x509 certificate." + +#: ../../configuration/protocols/bfd.rst:64 +msgid "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." +msgstr "This feature serves the purpose of thightening the packet validation requirements to avoid receiving BFD control packets from other sessions." + #: ../../configuration/protocols/ospf.rst:476 msgid "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." msgstr "This feature summarises originated external LSAs (Type-5 and Type-7). Summary Route will be originated on-behalf of all matched external LSAs." -#: ../../configuration/service/dns.rst:404 +#: ../../configuration/service/dns.rst:418 msgid "This functionality is controlled by adding the following configuration:" msgstr "This functionality is controlled by adding the following configuration:" -#: ../../configuration/firewall/ipv4.rst:376 +#: ../../configuration/firewall/ipv4.rst:399 #: ../../configuration/firewall/ipv6.rst:378 msgid "This functions for both individual addresses and address groups." msgstr "This functions for both individual addresses and address groups." @@ -14946,13 +16083,13 @@ msgstr "This is a mandatory command. Sets regular expression to match against lo msgid "This is a mandatory command. Sets the full path to the script. The script file must be executable." msgstr "This is a mandatory command. Sets the full path to the script. The script file must be executable." -#: ../../configuration/pki/index.rst:261 -#: ../../configuration/pki/index.rst:267 +#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:298 msgid "This is a mandatory option" msgstr "This is a mandatory option" -#: ../../configuration/protocols/rpki.rst:117 -#: ../../configuration/protocols/rpki.rst:124 +#: ../../configuration/protocols/rpki.rst:131 +#: ../../configuration/protocols/rpki.rst:138 msgid "This is a mandatory setting." msgstr "This is a mandatory setting." @@ -15019,7 +16156,7 @@ msgstr "This is the LCD model used in your system." msgid "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." msgstr "This is the configuration parameter for the entire shared network definition. All subnets will inherit this configuration item if not specified locally." -#: ../../configuration/service/dhcp-server.rst:197 +#: ../../configuration/service/dhcp-server.rst:203 msgid "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." msgstr "This is the equivalent of the host block in dhcpd.conf of isc-dhcpd." @@ -15031,7 +16168,7 @@ msgstr "This is the name of the physical interface used to connect to your LCD d msgid "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" msgstr "This is the policy that requieres the lowest resources for the same amount of traffic. But **very likely you do not need it as you cannot get much from it. Sometimes it is used just to enable logging.**" -#: ../../configuration/service/dhcp-server.rst:195 +#: ../../configuration/service/dhcp-server.rst:201 msgid "This is useful, for example, in combination with hostfile update." msgstr "This is useful, for example, in combination with hostfile update." @@ -15088,7 +16225,7 @@ msgstr "This option is used by some DHCP clients as a way for users to specify i msgid "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." msgstr "This option is used by some DHCP clients to identify the vendor type and possibly the configuration of a DHCP client. The information is a string of bytes whose contents are specific to the vendor and are not specified in a standard." -#: ../../configuration/system/login.rst:390 +#: ../../configuration/system/login.rst:394 msgid "This option must be used with ``timeout`` option." msgstr "This option must be used with ``timeout`` option." @@ -15101,7 +16238,7 @@ msgstr "This option only affects 802.3ad mode." msgid "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." msgstr "This option specifies a delay in seconds before vrrp instances start up after keepalived starts." -#: ../../configuration/pki/index.rst:277 +#: ../../configuration/pki/index.rst:308 msgid "This options defaults to 2048" msgstr "This options defaults to 2048" @@ -15219,11 +16356,19 @@ msgstr "This the simplest queue possible you can apply to your traffic. Traffic msgid "This topology was built using GNS3." msgstr "This topology was built using GNS3." +#: ../../configuration/system/option.rst:38 +msgid "This will add the following option to the Kernel commandline:" +msgstr "This will add the following option to the Kernel commandline:" + +#: ../../configuration/system/option.rst:48 +msgid "This will add the following two options to the Kernel commandline:" +msgstr "This will add the following two options to the Kernel commandline:" + #: ../../configuration/interfaces/ethernet.rst:9 msgid "This will be the most widely used interface on a router carrying traffic to the real world." msgstr "This will be the most widely used interface on a router carrying traffic to the real world." -#: ../../configuration/protocols/static.rst:171 +#: ../../configuration/protocols/static.rst:204 msgid "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." msgstr "This will configure a static ARP entry always resolving `<address>` to `<mac>` for interface `<interface>`." @@ -15239,7 +16384,7 @@ msgstr "This will render the following ddclient_ configuration entry:" msgid "This will show you a basic firewall overview" msgstr "This will show you a basic firewall overview" -#: ../../configuration/firewall/ipv4.rst:961 +#: ../../configuration/firewall/ipv4.rst:984 msgid "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" msgstr "This will show you a basic firewall overview, for all ruleset, and not only for ipv4" @@ -15255,12 +16400,12 @@ msgstr "This will show you a basic summary of zones configuration." msgid "This will show you a rule-set statistic since the last boot." msgstr "This will show you a rule-set statistic since the last boot." -#: ../../configuration/firewall/ipv4.rst:1112 +#: ../../configuration/firewall/ipv4.rst:1135 #: ../../configuration/firewall/ipv6.rst:1135 msgid "This will show you a statistic of all rule-sets since the last boot." msgstr "This will show you a statistic of all rule-sets since the last boot." -#: ../../configuration/firewall/ipv4.rst:1016 +#: ../../configuration/firewall/ipv4.rst:1039 #: ../../configuration/firewall/ipv6.rst:1032 msgid "This will show you a summary of rule-sets and groups" msgstr "This will show you a summary of rule-sets and groups" @@ -15301,29 +16446,49 @@ msgstr "Time in seconds that the prefix will remain preferred (default 4 hours)" msgid "Time in seconds that the prefix will remain valid (default: 30 days)" msgstr "Time in seconds that the prefix will remain valid (default: 30 days)" +#: ../../configuration/service/router-advert.rst:1 +msgid "Time in seconds that the prefix will remain valid (default: 65528 seconds)" +msgstr "Time in seconds that the prefix will remain valid (default: 65528 seconds)" + #: ../../configuration/service/webproxy.rst:177 msgid "Time is in minutes and defaults to 60." msgstr "Time is in minutes and defaults to 60." -#: ../../configuration/firewall/ipv4.rst:874 +#: ../../configuration/firewall/ipv4.rst:897 #: ../../configuration/firewall/ipv6.rst:883 #: ../../configuration/policy/route.rst:225 msgid "Time to match the defined rule." msgstr "Time to match the defined rule." +#: ../../configuration/service/ipoe-server.rst:368 +#: ../../configuration/service/pppoe-server.rst:534 +#: ../../configuration/vpn/l2tp.rst:488 +#: ../../configuration/vpn/pptp.rst:412 +#: ../../configuration/vpn/sstp.rst:446 +msgid "Timeout in seconds" +msgstr "Timeout in seconds" + #: ../../configuration/protocols/failover.rst:24 msgid "Timeout in seconds between health target checks." msgstr "Timeout in seconds between health target checks." -#: ../../configuration/vpn/sstp.rst:234 +#: ../../configuration/service/ipoe-server.rst:174 +#: ../../configuration/service/pppoe-server.rst:136 +#: ../../configuration/vpn/l2tp.rst:179 +#: ../../configuration/vpn/pptp.rst:119 +#: ../../configuration/vpn/sstp.rst:152 msgid "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" msgstr "Timeout to wait reply for Interim-Update packets. (default 3 seconds)" -#: ../../configuration/vpn/sstp.rst:254 +#: ../../configuration/service/ipoe-server.rst:194 +#: ../../configuration/service/pppoe-server.rst:156 +#: ../../configuration/vpn/l2tp.rst:199 +#: ../../configuration/vpn/pptp.rst:139 +#: ../../configuration/vpn/sstp.rst:172 msgid "Timeout to wait response from server (seconds)" msgstr "Timeout to wait response from server (seconds)" -#: ../../configuration/protocols/bgp.rst:667 +#: ../../configuration/protocols/bgp.rst:689 #: ../../configuration/protocols/isis.rst:257 msgid "Timers" msgstr "Timers" @@ -15332,7 +16497,7 @@ msgstr "Timers" msgid "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" msgstr "To activate the VLAN aware bridge, you must activate this setting to use VLAN settings for the bridge" -#: ../../configuration/vpn/l2tp.rst:58 +#: ../../configuration/vpn/l2tp.rst:108 msgid "To allow VPN-clients access via your external address, a NAT rule is required:" msgstr "To allow VPN-clients access via your external address, a NAT rule is required:" @@ -15344,7 +16509,7 @@ msgstr "To allow listing additional custom domain, for example ``openthread.thre msgid "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" msgstr "To allow only specific services, for example ``_airplay._tcp`` or ``_ipp._tcp``, (instead of all services) to be re-broadcasted, use the following command:" -#: ../../configuration/vpn/site2site_ipsec.rst:257 +#: ../../configuration/vpn/site2site_ipsec.rst:260 msgid "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" msgstr "To allow traffic to pass through to clients, you need to add the following rules. (if you used the default configuration at the top of this page)" @@ -15442,11 +16607,11 @@ msgstr "To configure syslog, you need to switch into configuration mode." msgid "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." msgstr "To configure your LCD display you must first identify the used hardware, and connectivity of the display to your system. This can be any serial port (`ttySxx`) or serial via USB or even old parallel port interfaces." -#: ../../configuration/service/ipoe-server.rst:98 +#: ../../configuration/service/ipoe-server.rst:99 msgid "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." msgstr "To create VLANs per user during runtime, the following settings are required on a per interface basis. VLAN ID and VLAN range can be present in the configuration at the same time." -#: ../../configuration/system/login.rst:377 +#: ../../configuration/system/login.rst:381 msgid "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." msgstr "To create a new line in your login message you need to escape the new line character by using ``\\\\n``." @@ -15462,11 +16627,11 @@ msgstr "To create routing table 100 and add a new default gateway to be used by msgid "To define a zone setup either one with interfaces or a local zone." msgstr "To define a zone setup either one with interfaces or a local zone." -#: ../../configuration/service/router-advert.rst:75 +#: ../../configuration/service/router-advert.rst:101 msgid "To disable advertisements without deleting the configuration:" msgstr "To disable advertisements without deleting the configuration:" -#: ../../configuration/system/login.rst:190 +#: ../../configuration/system/login.rst:194 msgid "To display the configured OTP user key, use the command:" msgstr "To display the configured OTP user key, use the command:" @@ -15483,7 +16648,11 @@ msgstr "To enable/disable helper support for a specific neighbour, the router-id msgid "To enable MLD reports and query on interfaces `eth0` and `eth1`:" msgstr "To enable MLD reports and query on interfaces `eth0` and `eth1`:" -#: ../../configuration/vpn/l2tp.rst:141 +#: ../../configuration/service/ipoe-server.rst:116 +#: ../../configuration/service/pppoe-server.rst:78 +#: ../../configuration/vpn/l2tp.rst:121 +#: ../../configuration/vpn/pptp.rst:61 +#: ../../configuration/vpn/sstp.rst:94 msgid "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." msgstr "To enable RADIUS based authentication, the authentication mode needs to be changed within the configuration. Previous settings like the local users, still exists within the configuration, however they are not used if the mode has been changed from local to radius. Once changed back to local, it will use all local accounts again." @@ -15511,6 +16680,10 @@ msgstr "To enable the HTTP security headers in the configuration file, use the c msgid "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" msgstr "To exclude traffic from load balancing, traffic matching an exclude rule is not balanced but routed through the system routing table instead:" +#: ../../configuration/vpn/l2tp.rst:282 +msgid "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." +msgstr "To explain the usage of LNS follow our blueprint :ref:`examples-lac-lns`." + #: ../../configuration/service/snmp.rst:216 msgid "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." msgstr "To extend SNMP agent functionality, custom scripts can be executed every time the agent is being called. This can be achieved by using ``arbitrary extensioncommands``. The first step is to create a functional script of course, then upload it to your VyOS instance via the command ``scp your_script.sh vyos@your_router:/config/user-data``. Once the script is uploaded, it needs to be configured via the command below." @@ -15527,11 +16700,15 @@ msgstr "To generate the CA, the server private key and certificates the followin msgid "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." msgstr "To get it to work as an access point with this configuration you will need to set up a DHCP server to work with that network. You can - of course - also bridge the Wireless interface with any configured bridge (:ref:`bridge-interface`) on the system." -#: ../../configuration/service/dhcp-server.rst:566 +#: ../../configuration/service/dhcp-server.rst:572 msgid "To hand out individual prefixes to your clients the following configuration is used:" msgstr "To hand out individual prefixes to your clients the following configuration is used:" -#: ../../configuration/highavailability/index.rst:336 +#: ../../configuration/vpn/ipsec.rst:405 +msgid "To import it from the filesystem use:" +msgstr "To import it from the filesystem use:" + +#: ../../configuration/highavailability/index.rst:346 msgid "To know more about scripting, check the :ref:`command-scripting` section." msgstr "To know more about scripting, check the :ref:`command-scripting` section." @@ -15539,7 +16716,7 @@ msgstr "To know more about scripting, check the :ref:`command-scripting` section msgid "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" msgstr "To listen on both `eth0` and `eth1` mDNS packets and also repeat packets received on `eth0` to `eth1` (and vice-versa) use the following commands:" -#: ../../configuration/protocols/static.rst:161 +#: ../../configuration/protocols/static.rst:194 msgid "To manipulate or display ARP_ table entries, the following commands are implemented." msgstr "To manipulate or display ARP_ table entries, the following commands are implemented." @@ -15552,7 +16729,7 @@ msgstr "To perform a graceful shutdown, the FRR ``graceful-restart prepare ip os msgid "To request a /56 prefix from your ISP use:" msgstr "To request a /56 prefix from your ISP use:" -#: ../../configuration/service/dhcp-server.rst:680 +#: ../../configuration/service/dhcp-server.rst:688 msgid "To restart the DHCPv6 server" msgstr "To restart the DHCPv6 server" @@ -15568,7 +16745,7 @@ msgstr "To setup a destination NAT rule we need to gather:" msgid "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" msgstr "To update the firmware, VyOS also ships the `qmi-firmware-update` binary. To upgrade the firmware of an e.g. Sierra Wireless MC7710 module to the firmware provided in the file ``9999999_9999999_9200_03.05.14.00_00_generic_000.000_001_SPKG_MC.cwe`` use the following command:" -#: ../../configuration/service/ipoe-server.rst:113 +#: ../../configuration/service/ipoe-server.rst:114 msgid "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." msgstr "To use a RADIUS server for authentication and bandwidth-shaping, the following example configuration can be used." @@ -15596,6 +16773,10 @@ msgstr "Topology:" msgid "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" msgstr "Topology: PC4 - Leaf2 - Spine1 - Leaf3 - PC5" +#: ../../configuration/service/ipoe-server.rst:433 +msgid "Toubleshooting" +msgstr "Toubleshooting" + #: ../../configuration/highavailability/index.rst:171 msgid "Track" msgstr "Track" @@ -15644,7 +16825,7 @@ msgstr "Traffic from multicast sources will go to the Rendezvous Point, and rece msgid "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." msgstr "Traffic from multicast sources will go to the Rendezvous Point, and receivers will pull it from a shared tree using :abbr:`IGMP (Internet Group Management Protocol)`." -#: ../../configuration/firewall/ipv4.rst:928 +#: ../../configuration/firewall/ipv4.rst:951 #: ../../configuration/firewall/ipv6.rst:937 msgid "Traffic must be symmetric" msgstr "Traffic must be symmetric" @@ -15653,11 +16834,11 @@ msgstr "Traffic must be symmetric" msgid "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" msgstr "Traffic which is received by the router on an interface which is member of a bridge is processed on the **Bridge Layer**. A simplified packet flow diagram for this layer is shown next:" -#: ../../configuration/highavailability/index.rst:322 +#: ../../configuration/highavailability/index.rst:332 msgid "Transition scripts" msgstr "Transition scripts" -#: ../../configuration/highavailability/index.rst:324 +#: ../../configuration/highavailability/index.rst:334 msgid "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" msgstr "Transition scripts can help you implement various fixups, such as starting and stopping services, or even modifying the VyOS config on VRRP transition. This setup will make the VRRP process execute the ``/config/scripts/vrrp-fail.sh`` with argument ``Foo`` when VRRP fails, and the ``/config/scripts/vrrp-master.sh`` when the router becomes the master:" @@ -15667,6 +16848,8 @@ msgstr "Transparent Proxy" #: ../../configuration/interfaces/openvpn.rst:701 #: ../../configuration/interfaces/tunnel.rst:227 +#: ../../configuration/vpn/pptp.rst:484 +#: ../../configuration/vpn/sstp.rst:580 msgid "Troubleshooting" msgstr "Troubleshooting" @@ -15682,6 +16865,10 @@ msgstr "Tunnel" msgid "Tunnel keys" msgstr "Tunnel keys" +#: ../../configuration/vpn/l2tp.rst:280 +msgid "Tunnel password used to authenticate the client (LAC)" +msgstr "Tunnel password used to authenticate the client (LAC)" + #: ../../configuration/loadbalancing/wan.rst:257 msgid "Two environment variables are available:" msgstr "Two environment variables are available:" @@ -15714,15 +16901,15 @@ msgstr "UDP Broadcast Relay" msgid "UDP mode works better with NAT:" msgstr "UDP mode works better with NAT:" -#: ../../configuration/vpn/l2tp.rst:34 +#: ../../configuration/vpn/l2tp.rst:84 msgid "UDP port 1701 for IPsec" msgstr "UDP port 1701 for IPsec" -#: ../../configuration/vpn/l2tp.rst:39 +#: ../../configuration/vpn/l2tp.rst:89 msgid "UDP port 4500 (NAT-T)" msgstr "UDP port 4500 (NAT-T)" -#: ../../configuration/vpn/l2tp.rst:32 +#: ../../configuration/vpn/l2tp.rst:82 msgid "UDP port 500 (IKE)" msgstr "UDP port 500 (IKE)" @@ -15778,11 +16965,11 @@ msgstr "Up to seven queues -defined as classes_ with different priorities- can b msgid "Update" msgstr "Update" -#: ../../configuration/container/index.rst:171 +#: ../../configuration/container/index.rst:207 msgid "Update container image" msgstr "Update container image" -#: ../../configuration/firewall/ipv4.rst:1175 +#: ../../configuration/firewall/ipv4.rst:1198 #: ../../configuration/firewall/ipv6.rst:1191 msgid "Update geoip database" msgstr "Update geoip database" @@ -15795,10 +16982,17 @@ msgstr "Updates" msgid "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." msgstr "Updates from the RPKI cache servers are directly applied and path selection is updated accordingly. (Soft reconfiguration must be enabled for this to work)." -#: ../../configuration/vpn/sstp.rst:90 +#: ../../configuration/service/pppoe-server.rst:267 +#: ../../configuration/vpn/l2tp.rst:391 +#: ../../configuration/vpn/pptp.rst:315 +#: ../../configuration/vpn/sstp.rst:349 msgid "Upload bandwidth limit in kbit/s for `<user>`." msgstr "Upload bandwidth limit in kbit/s for `<user>`." +#: ../../configuration/service/ipoe-server.rst:325 +msgid "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." +msgstr "Upload bandwidth limit in kbit/s for for user on interface `<interface>`." + #: ../../configuration/loadbalancing/wan.rst:209 msgid "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" msgstr "Upon reception of an incoming packet, when a response is sent, it might be desired to ensure that it leaves from the same interface as the inbound one. This can be achieved by enabling sticky connections in the load balancing:" @@ -15816,7 +17010,7 @@ msgstr "Use 802.11n protocol" msgid "Use CA certificate from PKI subsystem" msgstr "Use CA certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:365 +#: ../../configuration/service/dns.rst:379 msgid "Use DynDNS as your preferred provider:" msgstr "Use DynDNS as your preferred provider:" @@ -15848,27 +17042,27 @@ msgstr "Use `delete system conntrack modules` to deactive all modules." msgid "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." msgstr "Use a persistent LDAP connection. Normally the LDAP connection is only open while validating a username to preserve resources at the LDAP server. This option causes the LDAP connection to be kept open, allowing it to be reused for further user validations." -#: ../../configuration/firewall/ipv4.rst:515 +#: ../../configuration/firewall/ipv4.rst:538 #: ../../configuration/firewall/ipv6.rst:525 msgid "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific address-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:578 +#: ../../configuration/firewall/ipv4.rst:601 #: ../../configuration/firewall/ipv6.rst:588 msgid "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific domain-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:599 +#: ../../configuration/firewall/ipv4.rst:622 #: ../../configuration/firewall/ipv6.rst:609 msgid "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific mac-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:536 +#: ../../configuration/firewall/ipv4.rst:559 #: ../../configuration/firewall/ipv6.rst:546 msgid "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific network-group. Prepend character ``!`` for inverted matching criteria." -#: ../../configuration/firewall/ipv4.rst:557 +#: ../../configuration/firewall/ipv4.rst:580 #: ../../configuration/firewall/ipv6.rst:567 msgid "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." msgstr "Use a specific port-group. Prepend character ``!`` for inverted matching criteria." @@ -15885,7 +17079,7 @@ msgstr "Use an automatically generated self-signed certificate" msgid "Use any local address, configured on any interface if this is not set." msgstr "Use any local address, configured on any interface if this is not set." -#: ../../configuration/service/dns.rst:279 +#: ../../configuration/service/dns.rst:263 msgid "Use auth key file at ``/config/auth/my.key``" msgstr "Use auth key file at ``/config/auth/my.key``" @@ -15893,10 +17087,14 @@ msgstr "Use auth key file at ``/config/auth/my.key``" msgid "Use certificate from PKI subsystem" msgstr "Use certificate from PKI subsystem" -#: ../../configuration/service/dns.rst:408 +#: ../../configuration/service/dns.rst:410 msgid "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." msgstr "Use configured `<url>` to determine your IP address. ddclient_ will load `<url>` and tries to extract your IP address from the response." +#: ../../configuration/service/dns.rst:368 +msgid "Use deSEC (dedyn.io) as your preferred provider:" +msgstr "Use deSEC (dedyn.io) as your preferred provider:" + #: ../../configuration/firewall/general-legacy.rst:478 msgid "Use inverse-match to match anything except the given country-codes." msgstr "Use inverse-match to match anything except the given country-codes." @@ -15905,7 +17103,7 @@ msgstr "Use inverse-match to match anything except the given country-codes." msgid "Use local socket for API" msgstr "Use local socket for API" -#: ../../configuration/vpn/sstp.rst:288 +#: ../../configuration/vpn/sstp.rst:357 msgid "Use local user `foo` with password `bar`" msgstr "Use local user `foo` with password `bar`" @@ -15913,7 +17111,7 @@ msgstr "Use local user `foo` with password `bar`" msgid "Use tab completion to get a list of categories." msgstr "Use tab completion to get a list of categories." -#: ../../configuration/system/option.rst:53 +#: ../../configuration/system/option.rst:83 msgid "Use the address of the specified interface on the local machine as the source address of the connection." msgstr "Use the address of the specified interface on the local machine as the source address of the connection." @@ -15925,7 +17123,7 @@ msgstr "Use the following topology to build a nat66 based isolated network betwe msgid "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." msgstr "Use the following topology to translate internal user local addresses (``fc::/7``) to DHCPv6-PD provided prefixes from an ISP connected to a VyOS HA pair." -#: ../../configuration/system/option.rst:48 +#: ../../configuration/system/option.rst:78 msgid "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." msgstr "Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address." @@ -15957,10 +17155,26 @@ msgstr "Use this PIM command to modify the time out value (31-60000 seconds) for msgid "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which a PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." -#: ../../configuration/vpn/sstp.rst:137 +#: ../../configuration/service/ipoe-server.rst:261 +msgid "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an IPoE client will get an IPv6 prefix of your defined length (mask) to terminate the IPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/service/pppoe-server.rst:355 +msgid "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPPoE client will get an IPv6 prefix of your defined length (mask) to terminate the PPPoE endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/pptp.rst:223 +msgid "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an PPTP client will get an IPv6 prefix of your defined length (mask) to terminate the PPTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + +#: ../../configuration/vpn/sstp.rst:257 msgid "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." msgstr "Use this comand to set the IPv6 address pool from which an SSTP client will get an IPv6 prefix of your defined length (mask) to terminate the SSTP endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +#: ../../configuration/vpn/l2tp.rst:299 +msgid "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." +msgstr "Use this comand to set the IPv6 address pool from which an l2tp client will get an IPv6 prefix of your defined length (mask) to terminate the l2tp endpoint at their side. The mask length can be set from 48 to 128 bit long, the default value is 64." + #: ../../configuration/service/pppoe-server.rst:93 msgid "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." msgstr "Use this command for every pool of client IP addresses you want to define. The addresses of this pool will be given to PPPoE clients. You must use CIDR notation." @@ -16005,7 +17219,7 @@ msgstr "Use this command to check the tunnel status for OpenVPN server interface msgid "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." msgstr "Use this command to check the tunnel status for OpenVPN site-to-site interfaces." -#: ../../configuration/system/ipv6.rst:154 +#: ../../configuration/system/ipv6.rst:167 msgid "Use this command to clear Border Gateway Protocol statistics or status." msgstr "Use this command to clear Border Gateway Protocol statistics or status." @@ -16013,16 +17227,32 @@ msgstr "Use this command to clear Border Gateway Protocol statistics or status." msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633). You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." -#: ../../configuration/vpn/sstp.rst:146 +#: ../../configuration/service/ipoe-server.rst:269 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on IPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/service/pppoe-server.rst:363 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPPoE. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/pptp.rst:231 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on PPTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + +#: ../../configuration/vpn/sstp.rst:265 msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on SSTP. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +#: ../../configuration/vpn/l2tp.rst:307 +msgid "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." +msgstr "Use this command to configure DHCPv6 Prefix Delegation (RFC3633) on l2tp. You will have to set your IPv6 pool and the length of the delegation prefix. From the defined IPv6 pool you will be handing out networks of the defined length (delegation-prefix). The length of the delegation prefix can be set from 32 to 64 bit long." + #: ../../configuration/service/pppoe-server.rst:120 msgid "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." msgstr "Use this command to configure Dynamic Authorization Extensions to RADIUS so that you can remotely disconnect sessions and change some authentication parameters." -#: ../../configuration/protocols/static.rst:112 -#: ../../configuration/protocols/static.rst:125 +#: ../../configuration/protocols/static.rst:146 +#: ../../configuration/protocols/static.rst:159 msgid "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." msgstr "Use this command to configure a \"black-hole\" route on the router. A black-hole route is a route for which the system silently discard packets that are matched. This prevents networks leaking out public interfaces, but it does not prevent them from being used as a more specific route inside your network." @@ -16226,6 +17456,10 @@ msgstr "Use this command to control the maximum number of equal cost paths to re msgid "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." msgstr "Use this command to create a Fair-Queue policy and give it a name. It is based on the Stochastic Fairness Queueing and can be applied to outbound traffic." +#: ../../configuration/vpn/l2tp.rst:68 +msgid "Use this command to define IPsec interface." +msgstr "Use this command to define IPsec interface." + #: ../../configuration/trafficpolicy/index.rst:425 msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of maximum packets allowed to wait in the queue. Any other packet will be dropped." @@ -16234,8 +17468,19 @@ msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic msgid "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." msgstr "Use this command to define a Fair-Queue policy, based on the Stochastic Fairness Queueing, and set the number of seconds at which a new queue algorithm perturbation will occur (maximum 4294967295)." -#: ../../configuration/service/pppoe-server.rst:81 -#: ../../configuration/vpn/sstp.rst:132 +#: ../../configuration/service/ipoe-server.rst:277 +#: ../../configuration/service/pppoe-server.rst:371 +#: ../../configuration/vpn/l2tp.rst:315 +#: ../../configuration/vpn/pptp.rst:239 +#: ../../configuration/vpn/sstp.rst:273 +msgid "Use this command to define default IPv6 address pool name." +msgstr "Use this command to define default IPv6 address pool name." + +#: ../../configuration/service/ipoe-server.rst:77 +#: ../../configuration/service/pppoe-server.rst:61 +#: ../../configuration/vpn/l2tp.rst:48 +#: ../../configuration/vpn/pptp.rst:50 +#: ../../configuration/vpn/sstp.rst:75 msgid "Use this command to define default address pool name." msgstr "Use this command to define default address pool name." @@ -16255,15 +17500,31 @@ msgstr "Use this command to define in the selected interface whether you choose msgid "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the IP address range to be given to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +#: ../../configuration/service/ipoe-server.rst:70 +msgid "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to IPoE clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + #: ../../configuration/service/pppoe-server.rst:73 msgid "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPPoE clients. It must be within a /24 subnet." -#: ../../configuration/vpn/sstp.rst:121 +#: ../../configuration/vpn/pptp.rst:43 +msgid "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to PPTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/vpn/sstp.rst:68 msgid "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." msgstr "Use this command to define the first IP address of a pool of addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." -#: ../../configuration/service/pppoe-server.rst:42 +#: ../../configuration/vpn/l2tp.rst:41 +msgid "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to l2tp clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:54 +msgid "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." +msgstr "Use this command to define the first IP address of a pool of addresses to be given to pppoe clients. If notation ``x.x.x.x-x.x.x.x``, it must be within a /24 subnet. If notation ``x.x.x.x/x`` is used there is possibility to set host/netmask." + +#: ../../configuration/service/pppoe-server.rst:65 msgid "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." msgstr "Use this command to define the interface the PPPoE server will use to listen for PPPoE clients." @@ -16283,8 +17544,11 @@ msgstr "Use this command to define the maximum number of entries to keep in the msgid "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." msgstr "Use this command to define the maximum number of entries to keep in the Neighbor cache (1024, 2048, 4096, 8192, 16384, 32768)." -#: ../../configuration/service/pppoe-server.rst:77 -#: ../../configuration/vpn/sstp.rst:128 +#: ../../configuration/service/ipoe-server.rst:332 +#: ../../configuration/service/pppoe-server.rst:450 +#: ../../configuration/vpn/l2tp.rst:404 +#: ../../configuration/vpn/pptp.rst:328 +#: ../../configuration/vpn/sstp.rst:362 msgid "Use this command to define the next address pool name." msgstr "Use this command to define the next address pool name." @@ -16352,7 +17616,7 @@ msgstr "Use this command to enable PIMv6 in the selected interface so that it ca msgid "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." msgstr "Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC)." -#: ../../configuration/service/pppoe-server.rst:236 +#: ../../configuration/service/pppoe-server.rst:310 msgid "Use this command to enable bandwidth shaping via RADIUS." msgstr "Use this command to enable bandwidth shaping via RADIUS." @@ -16364,7 +17628,7 @@ msgstr "Use this command to enable proxy Address Resolution Protocol (ARP) on th msgid "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." msgstr "Use this command to enable targeted LDP sessions to the local router. The router will then respond to any sessions that are trying to connect to it that are not a link local type of TCP connection." -#: ../../configuration/service/pppoe-server.rst:249 +#: ../../configuration/service/pppoe-server.rst:323 msgid "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." msgstr "Use this command to enable the delay of PADO (PPPoE Active Discovery Offer) packets, which can be used as a session balancing mechanism with other PPPoE servers." @@ -16386,7 +17650,7 @@ msgstr "Use this command to enable the logging of the default action on custom c msgid "Use this command to enable the logging of the default action on the specified chain." msgstr "Use this command to enable the logging of the default action on the specified chain." -#: ../../configuration/system/ipv6.rst:165 +#: ../../configuration/system/ipv6.rst:178 msgid "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." msgstr "Use this command to flush the kernel IPv6 route cache. An address can be added to flush it only for that route." @@ -16394,11 +17658,11 @@ msgstr "Use this command to flush the kernel IPv6 route cache. An address can be msgid "Use this command to get an overview of a zone." msgstr "Use this command to get an overview of a zone." -#: ../../configuration/system/ipv6.rst:120 +#: ../../configuration/system/ipv6.rst:133 msgid "Use this command to get information about OSPFv3." msgstr "Use this command to get information about OSPFv3." -#: ../../configuration/system/ipv6.rst:142 +#: ../../configuration/system/ipv6.rst:155 msgid "Use this command to get information about the RIPNG protocol" msgstr "Use this command to get information about the RIPNG protocol" @@ -16410,10 +17674,22 @@ msgstr "Use this command to instruct the system to establish a PPPoE connection msgid "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." msgstr "Use this command to link the PPPoE connection to a physical interface. Each PPPoE connection must be established over a physical interface. Interfaces can be regular Ethernet interfaces, VIFs or bonding interfaces/VIFs." -#: ../../configuration/service/pppoe-server.rst:311 +#: ../../configuration/service/ipoe-server.rst:394 +msgid "Use this command to locally check the active sessions in the IPoE server." +msgstr "Use this command to locally check the active sessions in the IPoE server." + +#: ../../configuration/service/pppoe-server.rst:587 msgid "Use this command to locally check the active sessions in the PPPoE server." msgstr "Use this command to locally check the active sessions in the PPPoE server." +#: ../../configuration/vpn/pptp.rst:446 +msgid "Use this command to locally check the active sessions in the PPTP server." +msgstr "Use this command to locally check the active sessions in the PPTP server." + +#: ../../configuration/vpn/sstp.rst:542 +msgid "Use this command to locally check the active sessions in the SSTP server." +msgstr "Use this command to locally check the active sessions in the SSTP server." + #: ../../configuration/protocols/igmp.rst:104 msgid "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." msgstr "Use this command to manually configure a Rendezvous Point for PIM so that join messages can be sent there. Set the Rendevouz Point address and the matching prefix of group ranges covered. These values must be shared with every router participating in the PIM network." @@ -16427,7 +17703,7 @@ msgstr "Use this command to not install advertised DNS nameservers into the loca msgid "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." msgstr "Use this command to prefer IPv4 for TCP peer transport connection for LDP when both an IPv4 and IPv6 LDP address are configured on the same interface." -#: ../../configuration/system/ipv6.rst:160 +#: ../../configuration/system/ipv6.rst:173 msgid "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." msgstr "Use this command to reset IPv6 Neighbor Discovery Protocol cache for an address or interface." @@ -16467,7 +17743,7 @@ msgstr "Use this command to see discovery hello information" msgid "Use this command to see the Label Information Base." msgstr "Use this command to see the Label Information Base." -#: ../../configuration/service/pppoe-server.rst:26 +#: ../../configuration/service/pppoe-server.rst:33 msgid "Use this command to set a name for this PPPoE-server access concentrator." msgstr "Use this command to set a name for this PPPoE-server access concentrator." @@ -16511,31 +17787,31 @@ msgstr "Use this command to set the username for authenticating with a remote PP msgid "Use this command to show IPv6 Border Gateway Protocol information." msgstr "Use this command to show IPv6 Border Gateway Protocol information." -#: ../../configuration/system/ipv6.rst:50 +#: ../../configuration/system/ipv6.rst:63 msgid "Use this command to show IPv6 Neighbor Discovery Protocol information." msgstr "Use this command to show IPv6 Neighbor Discovery Protocol information." -#: ../../configuration/system/ipv6.rst:58 +#: ../../configuration/system/ipv6.rst:71 msgid "Use this command to show IPv6 forwarding status." msgstr "Use this command to show IPv6 forwarding status." -#: ../../configuration/system/ipv6.rst:54 +#: ../../configuration/system/ipv6.rst:67 msgid "Use this command to show IPv6 multicast group membership." msgstr "Use this command to show IPv6 multicast group membership." -#: ../../configuration/system/ipv6.rst:62 +#: ../../configuration/system/ipv6.rst:75 msgid "Use this command to show IPv6 routes." msgstr "Use this command to show IPv6 routes." -#: ../../configuration/system/ipv6.rst:105 +#: ../../configuration/system/ipv6.rst:118 msgid "Use this command to show all IPv6 access lists" msgstr "Use this command to show all IPv6 access lists" -#: ../../configuration/system/ipv6.rst:90 +#: ../../configuration/system/ipv6.rst:103 msgid "Use this command to show all IPv6 prefix lists" msgstr "Use this command to show all IPv6 prefix lists" -#: ../../configuration/system/ipv6.rst:146 +#: ../../configuration/system/ipv6.rst:159 msgid "Use this command to show the status of the RIPNG protocol" msgstr "Use this command to show the status of the RIPNG protocol" @@ -16595,6 +17871,14 @@ msgstr "Used to block specific domains by the Proxy. Specifying \"vyos.net\" wil msgid "User-level messages" msgstr "User-level messages" +#: ../../configuration/service/ipoe-server.rst:250 +#: ../../configuration/service/pppoe-server.rst:212 +#: ../../configuration/vpn/l2tp.rst:255 +#: ../../configuration/vpn/pptp.rst:195 +#: ../../configuration/vpn/sstp.rst:228 +msgid "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." +msgstr "User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA. ``Accel-VRF-Name`` is used from these purposes. It is custom `ACCEL-PPP attribute`_. Define it in your RADIUS server." + #: ../../configuration/policy/examples.rst:18 msgid "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing the neighbor." @@ -16603,11 +17887,11 @@ msgstr "Using 'soft-reconfiguration' we get the policy update without bouncing t msgid "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." msgstr "Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur." -#: ../../configuration/protocols/bgp.rst:900 +#: ../../configuration/protocols/bgp.rst:922 msgid "Using BGP confederation" msgstr "Using BGP confederation" -#: ../../configuration/protocols/bgp.rst:899 +#: ../../configuration/protocols/bgp.rst:921 msgid "Using BGP route-reflectors" msgstr "Using BGP route-reflectors" @@ -16615,6 +17899,10 @@ msgstr "Using BGP route-reflectors" msgid "Using VLAN aware Bridge" msgstr "Using VLAN aware Bridge" +#: ../../configuration/vpn/sstp.rst:29 +msgid "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" +msgstr "Using our documentation chapter - :ref:`pki` generate and install CA and Server certificate" + #: ../../configuration/interfaces/bridge.rst:266 msgid "Using the operation mode command to view Bridge Information" msgstr "Using the operation mode command to view Bridge Information" @@ -16652,6 +17940,10 @@ msgstr "VHT operating channel center frequency - center freq 2 (for use with the msgid "VLAN" msgstr "VLAN" +#: ../../configuration/service/pppoe-server.rst:232 +msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." +msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named ``vlan_mon``, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." + #: ../../configuration/service/pppoe-server.rst:163 msgid "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." msgstr "VLAN's can be created by Accel-ppp on the fly via the use of a Kernel module named `vlan_mon`, which is monitoring incoming vlans and creates the necessary VLAN if required and allowed. VyOS supports the use of either VLAN ID's or entire ranges, both values can be defined at the same time for an interface." @@ -16668,6 +17960,10 @@ msgstr "VLAN Example" msgid "VLAN Options" msgstr "VLAN Options" +#: ../../configuration/service/ipoe-server.rst:315 +msgid "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" +msgstr "VLAN monitor for automatic creation of VLAN interfaces for specific user on specific <interface>" + #: ../../configuration/service/lldp.rst:28 msgid "VLAN name" msgstr "VLAN name" @@ -16688,32 +17984,32 @@ msgstr "VPN-clients will request configuration parameters, optionally you can DN msgid "VRF" msgstr "VRF" -#: ../../configuration/vrf/index.rst:411 +#: ../../configuration/vrf/index.rst:430 msgid "VRF Route Leaking" msgstr "VRF Route Leaking" -#: ../../configuration/vrf/index.rst:283 +#: ../../configuration/vrf/index.rst:302 msgid "VRF and NAT" msgstr "VRF and NAT" -#: ../../configuration/vrf/index.rst:380 +#: ../../configuration/vrf/index.rst:399 msgid "VRF blue routing table" msgstr "VRF blue routing table" -#: ../../configuration/vrf/index.rst:347 +#: ../../configuration/vrf/index.rst:366 msgid "VRF default routing table" msgstr "VRF default routing table" -#: ../../configuration/vrf/index.rst:363 +#: ../../configuration/vrf/index.rst:382 msgid "VRF red routing table" msgstr "VRF red routing table" -#: ../../configuration/vrf/index.rst:235 -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:254 +#: ../../configuration/vrf/index.rst:261 msgid "VRF route leaking" msgstr "VRF route leaking" -#: ../../configuration/vrf/index.rst:242 +#: ../../configuration/vrf/index.rst:261 msgid "VRF topology example" msgstr "VRF topology example" @@ -16769,11 +18065,19 @@ msgstr "Valid values are 0..255." msgid "Value" msgstr "Value" -#: ../../configuration/vpn/sstp.rst:263 +#: ../../configuration/service/ipoe-server.rst:203 +#: ../../configuration/service/pppoe-server.rst:165 +#: ../../configuration/vpn/l2tp.rst:208 +#: ../../configuration/vpn/pptp.rst:148 +#: ../../configuration/vpn/sstp.rst:181 msgid "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." msgstr "Value to send to RADIUS server in NAS-IP-Address attribute and to be matched in DM/CoA requests. Also DM/CoA server will bind to that address." -#: ../../configuration/vpn/sstp.rst:258 +#: ../../configuration/service/ipoe-server.rst:198 +#: ../../configuration/service/pppoe-server.rst:160 +#: ../../configuration/vpn/l2tp.rst:203 +#: ../../configuration/vpn/pptp.rst:143 +#: ../../configuration/vpn/sstp.rst:176 msgid "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." msgstr "Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests." @@ -16795,11 +18099,11 @@ msgstr "Verify that connections are hitting the rule on both sides:" msgid "Version" msgstr "Version" -#: ../../configuration/highavailability/index.rst:339 +#: ../../configuration/highavailability/index.rst:349 msgid "Virtual-server" msgstr "Virtual-server" -#: ../../configuration/highavailability/index.rst:398 +#: ../../configuration/highavailability/index.rst:408 msgid "Virtual-server can be configured with VRRP virtual address or without VRRP." msgstr "Virtual-server can be configured with VRRP virtual address or without VRRP." @@ -16807,7 +18111,7 @@ msgstr "Virtual-server can be configured with VRRP virtual address or without VR msgid "Virtual Ethernet" msgstr "Virtual Ethernet" -#: ../../configuration/highavailability/index.rst:342 +#: ../../configuration/highavailability/index.rst:352 msgid "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." msgstr "Virtual Server allows to Load-balance traffic destination virtual-address:port between several real servers." @@ -16823,11 +18127,11 @@ msgstr "VyOS 1.1 supported login as user ``root``. This has been removed due to msgid "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." msgstr "VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation is supported by most ISPs who provide native IPv6 for consumers on fixed networks." -#: ../../configuration/vrf/index.rst:84 +#: ../../configuration/vrf/index.rst:103 msgid "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." msgstr "VyOS 1.4 (sagitta) introduced dynamic routing support for VRFs." -#: ../../configuration/pki/index.rst:9 +#: ../../configuration/pki/index.rst:11 msgid "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." msgstr "VyOS 1.4 changed the way in how encrytion keys or certificates are stored on the system. In the pre VyOS 1.4 era, certificates got stored under /config and every service referenced a file. That made copying a running configuration from system A to system B a bit harder, as you had to copy the files and their permissions by hand." @@ -16839,7 +18143,7 @@ msgstr "VyOS 1.4 uses chrony instead of ntpd (see :vytask:`T3008`) which will no msgid "VyOS Arista EOS setup" msgstr "VyOS Arista EOS setup" -#: ../../configuration/vpn/ipsec.rst:120 +#: ../../configuration/vpn/ipsec.rst:123 msgid "VyOS ESP group has the next options:" msgstr "VyOS ESP group has the next options:" @@ -16883,10 +18187,14 @@ msgstr "VyOS SNMP supports both IPv4 and IPv6." msgid "VyOS also comes with a build in SSTP server, see :ref:`sstp`." msgstr "VyOS also comes with a build in SSTP server, see :ref:`sstp`." -#: ../../configuration/service/dhcp-server.rst:504 +#: ../../configuration/service/dhcp-server.rst:510 msgid "VyOS also provides DHCPv6 server functionality which is described in this section." msgstr "VyOS also provides DHCPv6 server functionality which is described in this section." +#: ../../configuration/vpn/ipsec.rst:474 +msgid "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." +msgstr "VyOS also supports (currently) two different modes of authentication, local and RADIUS. To create a new local user named ``vyos`` with password ``vyos`` use the following commands." + #: ../../configuration/vpn/remoteaccess_ipsec.rst:127 msgid "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." msgstr "VyOS also supports two different modes of authentication, local and RADIUS. To create a new local user named \"vyos\" with a password of \"vyos\" use the following commands." @@ -16928,7 +18236,11 @@ msgstr "VyOS facilitates IP Multicast by supporting **PIM Sparse Mode**, **IGMP* msgid "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." msgstr "VyOS facilitates IPv6 Multicast by supporting **PIMv6** and **MLD**." -#: ../../configuration/service/dns.rst:214 +#: ../../configuration/service/ids.rst:17 +msgid "VyOS includes the FastNetMon Community Edition." +msgstr "VyOS includes the FastNetMon Community Edition." + +#: ../../configuration/service/dns.rst:201 msgid "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." msgstr "VyOS is able to update a remote DNS record when an interface gets a new IP address. In order to do so, VyOS includes ddclient_, a Perl script written for this only one purpose." @@ -16952,15 +18264,15 @@ msgstr "VyOS makes use of Linux `netfilter <https://netfilter.org/>`_ for packet msgid "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" msgstr "VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank them for their effort!" -#: ../../configuration/pki/index.rst:21 +#: ../../configuration/pki/index.rst:23 msgid "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." msgstr "VyOS not only can now manage certificates issued by 3rd party Certificate Authorities, it can also act as a CA on its own. You can create your own root CA and sign keys with it by making use of some simple op-mode commands." -#: ../../configuration/pki/index.rst:35 +#: ../../configuration/pki/index.rst:37 msgid "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." msgstr "VyOS now also has the ability to create CAs, keys, Diffie-Hellman and other keypairs from an easy to access operational level command." -#: ../../configuration/pki/index.rst:292 +#: ../../configuration/pki/index.rst:323 msgid "VyOS operational mode commands are not only available for generating keys but also to display them." msgstr "VyOS operational mode commands are not only available for generating keys but also to display them." @@ -17000,6 +18312,10 @@ msgstr "VyOS provides some operational commands on OpenVPN." msgid "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." msgstr "VyOS provides support for DHCP failover. DHCP failover must be configured explicitly by the following statements." +#: ../../configuration/pki/index.rst:255 +msgid "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." +msgstr "VyOS provides this utility to import existing certificates/key files directly into PKI from op-mode. Previous to VyOS 1.4, certificates were stored under the /config folder permanently and will be retained post upgrade." + #: ../../configuration/loadbalancing/reverse-proxy.rst:8 msgid "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." msgstr "VyOS reverse-proxy is balancer and proxy server that provides high-availability, load balancing and proxying for TCP (level 4) and HTTP-based (level 7) applications." @@ -17020,6 +18336,10 @@ msgstr "VyOS supports both MLD version 1 and version 2 (which allows source-spec msgid "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." msgstr "VyOS supports flow-accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector." +#: ../../configuration/vpn/ipsec.rst:452 +msgid "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." +msgstr "VyOS supports multiple IKEv2 remote-access connections. Every connection can have its dedicated IKE/ESP ciphers, certificates or local listen address for e.g. inbound load balancing." + #: ../../configuration/system/updates.rst:5 msgid "VyOS supports online checking for updates" msgstr "VyOS supports online checking for updates" @@ -17060,11 +18380,11 @@ msgstr "VyOS uses the `mirror` option to configure port mirroring. The configura msgid "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide PPPoE server functionality. It can be used with local authentication or a connected RADIUS server." -#: ../../configuration/service/ipoe-server.rst:9 +#: ../../configuration/service/ipoe-server.rst:7 msgid "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." msgstr "VyOS utilizes `accel-ppp`_ to provide :abbr:`IPoE (Internet Protocol over Ethernet)` server functionality. It can be used with local authentication (mac-address) or a connected RADIUS server." -#: ../../configuration/vpn/l2tp.rst:6 +#: ../../configuration/vpn/l2tp.rst:7 msgid "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." msgstr "VyOS utilizes accel-ppp_ to provide L2TP server functionality. It can be used with local authentication or a connected RADIUS server." @@ -17076,7 +18396,7 @@ msgstr "VyOS utilizes accel-ppp_ to provide SSTP server functionality. We suppor msgid "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." msgstr "WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols." -#: ../../configuration/vpn/site2site_ipsec.rst:164 +#: ../../configuration/vpn/site2site_ipsec.rst:167 msgid "WAN interface on `eth1`" msgstr "WAN interface on `eth1`" @@ -17117,7 +18437,7 @@ msgstr "We'll configure OpenVPN using self-signed certificates, and then discuss msgid "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." msgstr "We'll use the IKE and ESP groups created above for this VPN. Because we need access to 2 different subnets on the far side, we will need two different tunnels. If you changed the names of the ESP group and IKE group in the previous step, make sure you use the correct names here too." -#: ../../configuration/vpn/ipsec.rst:232 +#: ../../configuration/vpn/ipsec.rst:236 msgid "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." msgstr "We assume that the LEFT router has static 192.0.2.10 address on eth0, and the RIGHT router has a dynamic address on eth0." @@ -17129,11 +18449,15 @@ msgstr "We can't support all displays from the beginning. If your display type i msgid "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." msgstr "We can also create the certificates using Cerbort which is an easy-to-use client that fetches a certificate from Let's Encrypt an open certificate authority launched by the EFF, Mozilla, and others and deploys it to a web server." -#: ../../configuration/protocols/rpki.rst:158 +#: ../../configuration/protocols/rpki.rst:168 msgid "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" msgstr "We can build route-maps for import based on these states. Here is a simple RPKI configuration, where `routinator` is the RPKI-validating \"cache\" server with ip `192.0.2.1`:" -#: ../../configuration/protocols/bgp.rst:1249 +#: ../../configuration/vpn/ipsec.rst:456 +msgid "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." +msgstr "We configure a new connection named ``rw`` for road-warrior, that identifies itself as ``192.0.2.1`` to the clients and uses the ``vyos`` certificate signed by the `CAcert_Class3_Root`` intermediate CA. We select our previously specified IKE/ESP groups and also link the IP address pool to draw addresses from." + +#: ../../configuration/protocols/bgp.rst:1271 msgid "We could expand on this and also deny link local and multicast in the rule 20 action deny." msgstr "We could expand on this and also deny link local and multicast in the rule 20 action deny." @@ -17145,6 +18469,10 @@ msgstr "We do not have CLI nodes for every single OpenVPN option. If an option i msgid "We don't recomend to use arguments. Using environments is more preffereble." msgstr "We don't recomend to use arguments. Using environments is more preffereble." +#: ../../configuration/vpn/ipsec.rst:506 +msgid "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." +msgstr "We generate a connection profile used by Windows clients that will connect to the \"rw\" connection on our VyOS server on the VPN servers IP address/fqdn `vpn.vyos.net`." + #: ../../configuration/interfaces/wireguard.rst:148 msgid "We listen on port 51820" msgstr "We listen on port 51820" @@ -17153,7 +18481,7 @@ msgstr "We listen on port 51820" msgid "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" msgstr "We need to generate the certificate which authenticates users who attempt to access the network resource through the SSL VPN tunnels. The following commands will create a self signed certificates and will be stored in configuration:" -#: ../../configuration/system/option.rst:85 +#: ../../configuration/system/option.rst:115 msgid "We now utilize `tuned` for dynamic resource balancing based on profiles." msgstr "We now utilize `tuned` for dynamic resource balancing based on profiles." @@ -17169,7 +18497,7 @@ msgstr "We only need a single step for this interface:" msgid "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" msgstr "We route all traffic for the 192.168.2.0/24 network to interface `wg01`" -#: ../../configuration/system/login.rst:420 +#: ../../configuration/system/login.rst:424 msgid "We use a vontainer providing the TACACS serve rin this example." msgstr "We use a vontainer providing the TACACS serve rin this example." @@ -17177,7 +18505,7 @@ msgstr "We use a vontainer providing the TACACS serve rin this example." msgid "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." msgstr "We will only accept traffic comming from interface eth0, protocol tcp and destination port 1122. All other traffic traspassing the router should be blocked." -#: ../../configuration/service/dhcp-server.rst:331 +#: ../../configuration/service/dhcp-server.rst:337 msgid "Web Proxy Autodiscovery (WPAD) URL" msgstr "Web Proxy Autodiscovery (WPAD) URL" @@ -17201,15 +18529,19 @@ msgstr "When LDP is working, you will be able to see label information in the ou msgid "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." msgstr "When PIM receives a register packet the source of the packet will be compared to the prefix-list specified, and if a permit is received normal processing continues. If a deny is returned for the source address of the register packet a register stop message is sent to the source." -#: ../../configuration/vrf/index.rst:73 +#: ../../configuration/vrf/index.rst:92 msgid "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." msgstr "When VRFs are used it is not only mandatory to create a VRF but also the VRF itself needs to be assigned to an interface." -#: ../../configuration/service/dns.rst:354 +#: ../../configuration/service/dns.rst:351 +msgid "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." +msgstr "When a ``custom`` DynDNS provider is used, the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper when entering above command for available protocols." + +#: ../../configuration/service/dns.rst:357 msgid "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." msgstr "When a ``custom`` DynDNS provider is used the `<server>` where update requests are being sent to must be specified." -#: ../../configuration/service/dns.rst:347 +#: ../../configuration/service/dns.rst:361 msgid "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." msgstr "When a ``custom`` DynDNS provider is used the protocol used for communicating to the provider must be specified under `<protocol>`. See the embedded completion helper for available protocols." @@ -17225,7 +18557,11 @@ msgstr "When a link is reconnected or a new slave joins the bond the receive tra msgid "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." msgstr "When a packet is to be sent, it will have to go through that queue, so the packet will be placed at the tail of it. When the packet completely goes through it, it will be dequeued emptying its place in the queue and being eventually handed to the NIC to be actually sent out." -#: ../../configuration/protocols/bgp.rst:684 +#: ../../configuration/protocols/bgp.rst:589 +msgid "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." +msgstr "When a peer receives a martian nexthop as part of the NLRI for a route permit the nexthop to be used as such, instead of rejecting and resetting the connection." + +#: ../../configuration/protocols/bgp.rst:706 msgid "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." msgstr "When a route fails, a routing update is sent to withdraw the route from the network's routing tables. When the route is re-enabled, the change in availability is also advertised. A route that continually fails and returns requires a great deal of network traffic to update the network about the route's status." @@ -17237,7 +18573,7 @@ msgstr "When adding IPv6 routing information exchange feature to BGP. There were msgid "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." msgstr "When an authoritative server does not answer a query or sends a reply the recursor does not like, it is throttled. Any servers matching the supplied netmasks will never be throttled." -#: ../../configuration/service/pppoe-server.rst:169 +#: ../../configuration/service/pppoe-server.rst:238 msgid "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." msgstr "When configured, PPPoE will create the necessary VLANs when required. Once the user session has been cancelled and the VLAN is not needed anymore, VyOS will remove it again." @@ -17271,17 +18607,21 @@ msgstr "When dequeuing, each hash-bucket with data is queried in a round robin f msgid "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." msgstr "When designing your NAT ruleset leave some space between consecutive rules for later extension. Your ruleset could start with numbers 10, 20, 30. You thus can later extend the ruleset and place new rules between existing ones." -#: ../../configuration/vrf/index.rst:188 +#: ../../configuration/vrf/index.rst:207 msgid "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." msgstr "When doing fault isolation with ping, you should first run it on the local host, to verify that the local network interface is up and running. Then, continue with hosts and gateways further down the road towards your destination. Round-trip time and packet loss statistics are computed." -#: ../../configuration/pki/index.rst:176 -#: ../../configuration/pki/index.rst:219 +#: ../../configuration/vpn/ipsec.rst:529 +msgid "When first connecting to the new VPN the user is prompted to enter proper credentials." +msgstr "When first connecting to the new VPN the user is prompted to enter proper credentials." + +#: ../../configuration/pki/index.rst:178 +#: ../../configuration/pki/index.rst:221 msgid "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" -#: ../../configuration/pki/index.rst:197 -#: ../../configuration/pki/index.rst:235 +#: ../../configuration/pki/index.rst:199 +#: ../../configuration/pki/index.rst:237 msgid "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" msgstr "When loading the certificate you need to manually strip the ``-----BEGIN KEY-----`` and ``-----END KEY-----`` tags. Also, the certificate/key needs to be presented in a single line without line breaks (``\\n``), this can be done using the following shell command:" @@ -17325,7 +18665,7 @@ msgstr "When set the interface is enabled for \"dial-on-demand\"." msgid "When specified, this should be the only keyword for the interface." msgstr "When specified, this should be the only keyword for the interface." -#: ../../configuration/system/option.rst:60 +#: ../../configuration/system/option.rst:90 msgid "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." msgstr "When starting a VyOS live system (the installation CD) the configured keyboard layout defaults to US. As this might not suite everyones use case you can adjust the used keyboard layout on the system console." @@ -17334,7 +18674,7 @@ msgstr "When starting a VyOS live system (the installation CD) the configured ke msgid "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." msgstr "When the DHCP server is considering dynamically allocating an IP address to a client, it first sends an ICMP Echo request (a ping) to the address being assigned. It waits for a second, and if no ICMP Echo response has been heard, it assigns the address." -#: ../../configuration/vpn/site2site_ipsec.rst:416 +#: ../../configuration/vpn/site2site_ipsec.rst:419 msgid "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." msgstr "When the close-action option is set on the peers, the connection-type of each peer has to considered carefully. For example, if the option is set on both peers, then both would attempt to initiate and hold open multiple copies of each child SA. This might lead to instability of the device or cpu/memory utilization." @@ -17346,6 +18686,10 @@ msgstr "When the command above is set, VyOS will answer every ICMP echo request msgid "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." msgstr "When the command above is set, VyOS will answer no ICMP echo request addressed to itself at all, no matter where it comes from or whether more specific rules are being applied to accept them." +#: ../../configuration/highavailability/index.rst:321 +msgid "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" +msgstr "When the vrrp group is a member of the sync group will use only the sync group health check script. This example shows how to configure it for the sync group:" + #: ../../_include/interface-address-with-dhcp.txt:14 msgid "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" msgstr "When using DHCP to retrieve IPv4 address and if local customizations are needed, they should be possible using the enter and exit hooks provided. The hook dirs are:" @@ -17366,6 +18710,10 @@ msgstr "When using NAT for a large number of host systems it recommended that a msgid "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." msgstr "When using SSH, known-hosts-file, private-key-file and public-key-file are mandatory options." +#: ../../configuration/protocols/rpki.rst:161 +msgid "When using SSH, private-key-file and public-key-file are mandatory options." +msgstr "When using SSH, private-key-file and public-key-file are mandatory options." + #: ../../configuration/vpn/openconnect.rst:222 msgid "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" msgstr "When using Time-based one-time password (TOTP) (OTP HOTP-time), be sure that the time on the server and the OTP token generator are synchronized by NTP" @@ -17450,12 +18798,23 @@ msgstr "Will be recorded only packets/flows on **incoming** direction in configu msgid "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" msgstr "Will drop `<shared-network-name>_` from client DNS record, using only the host declaration name and domain: `<hostname>.<domain-name>`" +#: ../../configuration/vpn/ipsec.rst:501 +msgid "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." +msgstr "Windows 10 does not allow a user to choose the integrity and encryption ciphers using the GUI and it uses some older proposals by default. A user can only change the proposals on the client side by configuring the IPSec connection profile via PowerShell." + +#: ../../configuration/service/pppoe-server.rst:579 +#: ../../configuration/vpn/l2tp.rst:514 +#: ../../configuration/vpn/pptp.rst:438 +#: ../../configuration/vpn/sstp.rst:472 +msgid "Windows Internet Name Service (WINS) servers propagated to client" +msgstr "Windows Internet Name Service (WINS) servers propagated to client" + #: ../../configuration/vpn/remoteaccess_ipsec.rst:147 msgid "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." msgstr "Windows expects the server name to be also used in the server's certificate common name, so it's best to use this DNS name for your VPN connection." #: ../../configuration/interfaces/wireguard.rst:7 -#: ../../configuration/pki/index.rst:132 +#: ../../configuration/pki/index.rst:134 msgid "WireGuard" msgstr "WireGuard" @@ -17524,17 +18883,17 @@ msgstr "With this command, you can specify how the URL path should be matched ag msgid "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." msgstr "With zone-based firewalls a new concept was implemented, in addtion to the standard in and out traffic flows, a local flow was added. This local was for traffic originating and destined to the router itself. Which means additional rules were required to secure the firewall itself from the network, in addition to the existing inbound and outbound rules from the traditional concept above." -#: ../../configuration/service/dhcp-server.rst:257 -#: ../../configuration/service/dhcp-server.rst:262 -#: ../../configuration/service/dhcp-server.rst:267 -#: ../../configuration/service/dhcp-server.rst:277 -#: ../../configuration/service/dhcp-server.rst:282 -#: ../../configuration/service/dhcp-server.rst:312 -#: ../../configuration/service/dhcp-server.rst:317 -#: ../../configuration/service/dhcp-server.rst:322 -#: ../../configuration/service/dhcp-server.rst:342 -#: ../../configuration/service/dhcp-server.rst:347 -#: ../../configuration/service/dhcp-server.rst:357 +#: ../../configuration/service/dhcp-server.rst:263 +#: ../../configuration/service/dhcp-server.rst:268 +#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:318 +#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:363 msgid "Y" msgstr "Y" @@ -17542,7 +18901,7 @@ msgstr "Y" msgid "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." msgstr "You apply a rule-set always to a zone from an other zone, it is recommended to create one rule-set for each zone pair." -#: ../../configuration/system/login.rst:365 +#: ../../configuration/system/login.rst:369 msgid "You are able to set post-login or pre-login banner messages to display certain information for this system." msgstr "You are able to set post-login or pre-login banner messages to display certain information for this system." @@ -17562,7 +18921,11 @@ msgstr "You can also define custom timeout values to apply to a specific subset msgid "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" msgstr "You can also keep different DNS zone updated. Just create a new config node: ``set service dns dynamic interface <interface> rfc2136 <other-service-name>``" -#: ../../configuration/system/ipv6.rst:107 +#: ../../configuration/service/router-advert.rst:58 +msgid "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." +msgstr "You can also opt for using `::/64` as prefix for your :abbr:`RAs (Router Advertisements)`. This will take the IPv6 GUA prefix assigned to the interface, which comes in handy when using DHCPv6-PD." + +#: ../../configuration/system/ipv6.rst:120 msgid "You can also specify which IPv6 access-list should be shown:" msgstr "You can also specify which IPv6 access-list should be shown:" @@ -17578,7 +18941,7 @@ msgstr "You can also use another attributes for identify client for disconnect, msgid "You can also write a description for a filter:" msgstr "You can also write a description for a filter:" -#: ../../configuration/system/login.rst:78 +#: ../../configuration/system/login.rst:82 msgid "You can assign multiple keys to the same user by using a unique identifier per SSH key." msgstr "You can assign multiple keys to the same user by using a unique identifier per SSH key." @@ -17614,7 +18977,7 @@ msgstr "You can create multiple VLAN interfaces on a physical interface. The VLA msgid "You can disable a VRRP group with ``disable`` option:" msgstr "You can disable a VRRP group with ``disable`` option:" -#: ../../configuration/system/ipv6.rst:122 +#: ../../configuration/system/ipv6.rst:135 msgid "You can get more specific OSPFv3 information by using the parameters shown below:" msgstr "You can get more specific OSPFv3 information by using the parameters shown below:" @@ -17626,11 +18989,11 @@ msgstr "You can not assign the same allowed-ips statement to multiple WireGuard msgid "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" msgstr "You can not run this in a VRRP setup, if multiple mDNS repeaters are launched in a subnet you will experience the mDNS packet storm death!" -#: ../../configuration/vpn/sstp.rst:332 +#: ../../configuration/vpn/sstp.rst:505 msgid "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." msgstr "You can now \"dial\" the peer with the follwoing command: ``sstpc --log-level 4 --log-stderr --user vyos --password vyos vpn.example.com -- call vyos``." -#: ../../configuration/system/login.rst:443 +#: ../../configuration/system/login.rst:447 msgid "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." msgstr "You can now SSH into your system using admin/admin as a default user supplied from the ``lfkeitel/tacacs_plus:latest`` container." @@ -17718,6 +19081,10 @@ msgstr "You will also need the public key of your peer as well as the network(s) msgid "Your ISPs modem is connected to port ``eth0`` of your VyOS box." msgstr "Your ISPs modem is connected to port ``eth0`` of your VyOS box." +#: ../../configuration/service/router-advert.rst:110 +msgid "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" +msgstr "Your LAN connected on eth0 uses prefix ``2001:db8:beef:2::/64`` with the router beeing ``2001:db8:beef:2::1``" + #: ../../configuration/system/ip.rst:31 #: ../../configuration/system/ipv6.rst:27 #: ../../configuration/vrf/index.rst:44 @@ -17758,7 +19125,7 @@ msgstr "(This can be useful when a called service has many and/or often changing msgid ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." msgstr ":abbr:`AFI (Address family authority identifier)` - ``49`` The AFI value 49 is what IS-IS uses for private addressing." -#: ../../configuration/protocols/static.rst:152 +#: ../../configuration/protocols/static.rst:185 msgid ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." msgstr ":abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by :rfc:`826` which is Internet Standard STD 37." @@ -17818,7 +19185,7 @@ msgstr ":abbr:`IPSec (IP Security)` - too many RFCs to list, but start with :rfc msgid ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." msgstr ":abbr:`IS-IS (Intermediate System to Intermediate System)` is a link-state interior gateway protocol (IGP) which is described in ISO10589, :rfc:`1195`, :rfc:`5308`. IS-IS runs the Dijkstra shortest-path first (SPF) algorithm to create a database of the network’s topology, and from that database to determine the best (that is, lowest cost) path to a destination. The intermediate systems (the name for routers) exchange topology information with their directly conencted neighbors. IS-IS runs directly on the data link layer (Layer 2). IS-IS addresses are called :abbr:`NETs (Network Entity Titles)` and can be 8 to 20 bytes long, but are generally 10 bytes long. The tree database that is created with IS-IS is similar to the one that is created with OSPF in that the paths chosen should be similar. Comparisons to OSPF are inevitable and often are reasonable ones to make in regards to the way a network will respond with either IGP." -#: ../../configuration/vrf/index.rst:401 +#: ../../configuration/vrf/index.rst:420 msgid ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." msgstr ":abbr:`L3VPN VRFs ( Layer 3 Virtual Private Networks )` bgpd supports for IPv4 RFC 4364 and IPv6 RFC 4659. L3VPN routes, and their associated VRF MPLS labels, can be distributed to VPN SAFI neighbors in the default, i.e., non VRF, BGP instance. VRF MPLS labels are reached using core MPLS labels which are distributed using LDP or BGP labeled unicast. bgpd also supports inter-VRF route leaking." @@ -18010,43 +19377,43 @@ msgstr ":lastproofread:2021-07-12" msgid ":opcmd:`generate pki wireguard key-pair`." msgstr ":opcmd:`generate pki wireguard key-pair`." -#: ../../configuration/vrf/index.rst:88 +#: ../../configuration/vrf/index.rst:107 msgid ":ref:`routing-bgp`" msgstr ":ref:`routing-bgp`" -#: ../../configuration/vrf/index.rst:104 +#: ../../configuration/vrf/index.rst:123 msgid ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" msgstr ":ref:`routing-bgp`: ``set vrf name <name> protocols bgp ...``" -#: ../../configuration/vrf/index.rst:89 +#: ../../configuration/vrf/index.rst:108 msgid ":ref:`routing-isis`" msgstr ":ref:`routing-isis`" -#: ../../configuration/vrf/index.rst:105 +#: ../../configuration/vrf/index.rst:124 msgid ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" msgstr ":ref:`routing-isis`: ``set vrf name <name> protocols isis ...``" -#: ../../configuration/vrf/index.rst:90 +#: ../../configuration/vrf/index.rst:109 msgid ":ref:`routing-ospf`" msgstr ":ref:`routing-ospf`" -#: ../../configuration/vrf/index.rst:106 +#: ../../configuration/vrf/index.rst:125 msgid ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" msgstr ":ref:`routing-ospf`: ``set vrf name <name> protocols ospf ...``" -#: ../../configuration/vrf/index.rst:91 +#: ../../configuration/vrf/index.rst:110 msgid ":ref:`routing-ospfv3`" msgstr ":ref:`routing-ospfv3`" -#: ../../configuration/vrf/index.rst:107 +#: ../../configuration/vrf/index.rst:126 msgid ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" msgstr ":ref:`routing-ospfv3`: ``set vrf name <name> protocols ospfv3 ...``" -#: ../../configuration/vrf/index.rst:92 +#: ../../configuration/vrf/index.rst:111 msgid ":ref:`routing-static`" msgstr ":ref:`routing-static`" -#: ../../configuration/vrf/index.rst:108 +#: ../../configuration/vrf/index.rst:127 msgid ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" @@ -18054,7 +19421,7 @@ msgstr ":ref:`routing-static`: ``set vrf name <name> protocols static ...``" msgid ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." msgstr ":rfc:`2131` states: The client MAY choose to explicitly provide the identifier through the 'client identifier' option. If the client supplies a 'client identifier', the client MUST use the same 'client identifier' in all subsequent messages, and the server MUST use that identifier to identify the client." -#: ../../configuration/service/dns.rst:230 +#: ../../configuration/service/dns.rst:217 msgid ":rfc:`2136` Based" msgstr ":rfc:`2136` Based" @@ -18062,7 +19429,7 @@ msgstr ":rfc:`2136` Based" msgid ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." msgstr ":rfc:`2328`, the successor to :rfc:`1583`, suggests according to section G.2 (changes) in section 16.4.1 a change to the path preference algorithm that prevents possible routing loops that were possible in the old version of OSPFv2. More specifically it demands that inter-area paths and intra-area backbone path are now of equal preference but still both preferred to external paths." -#: ../../configuration/pki/index.rst:15 +#: ../../configuration/pki/index.rst:17 msgid ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." msgstr ":vytask:`T3642` describes a new CLI subsystem that serves as a \"certstore\" to all services requiring any kind of encryption key(s). In short, public and private certificates are now stored in PKCS#8 format in the regular VyOS CLI. Keys can now be added, edited, and deleted using the regular set/edit/delete CLI commands." @@ -18086,19 +19453,19 @@ msgstr "`4. Add optional parameters`_" msgid "`<name>` must be identical on both sides!" msgstr "`<name>` must be identical on both sides!" -#: ../../configuration/pki/index.rst:202 +#: ../../configuration/pki/index.rst:204 msgid "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:181 +#: ../../configuration/pki/index.rst:183 msgid "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 ca.pem | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:240 +#: ../../configuration/pki/index.rst:242 msgid "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.key | head -n -1 | tr -d '\\n'``" -#: ../../configuration/pki/index.rst:224 +#: ../../configuration/pki/index.rst:226 msgid "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" msgstr "``$ tail -n +2 cert.pem | head -n -1 | tr -d '\\n'``" @@ -18202,7 +19569,7 @@ msgstr "``802.3ad`` - IEEE 802.3ad Dynamic link aggregation. Creates aggregation msgid "``9600`` - 9600 bps" msgstr "``9600`` - 9600 bps" -#: ../../configuration/vpn/ipsec.rst:149 +#: ../../configuration/vpn/ipsec.rst:152 msgid "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" @@ -18210,6 +19577,14 @@ msgstr "``< dh-group >`` defines a Diffie-Hellman group for PFS;" msgid "``Known limitations:``" msgstr "``Known limitations:``" +#: ../../configuration/service/ipoe-server.rst:247 +#: ../../configuration/service/pppoe-server.rst:209 +#: ../../configuration/vpn/l2tp.rst:252 +#: ../../configuration/vpn/pptp.rst:192 +#: ../../configuration/vpn/sstp.rst:225 +msgid "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." +msgstr "``Stateful-IPv6-Address-Pool`` and ``Delegated-IPv6-Prefix-Pool`` are defined in RFC6911. If they are not defined in your RADIUS server, add new dictionary_." + #: ../../configuration/loadbalancing/wan.rst:259 msgid "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" msgstr "``WLB_INTERFACE_NAME=[interfacename]``: Interface to be monitored" @@ -18226,11 +19601,11 @@ msgstr "``a`` - 802.11a - 54 Mbits/sec" msgid "``ac`` - 802.11ac - 1300 Mbits/sec" msgstr "``ac`` - 802.11ac - 1300 Mbits/sec" -#: ../../configuration/policy/route-map.rst:375 +#: ../../configuration/policy/route-map.rst:378 msgid "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" msgstr "``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008" -#: ../../configuration/policy/route-map.rst:368 +#: ../../configuration/policy/route-map.rst:371 msgid "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" msgstr "``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001" @@ -18256,7 +19631,7 @@ msgstr "``active-backup`` - Active-backup policy: Only one slave in the bond is msgid "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." msgstr "``adaptive-load-balance`` - Adaptive load balancing: includes transmit-load-balance plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server." -#: ../../configuration/vpn/ipsec.rst:96 +#: ../../configuration/vpn/ipsec.rst:98 msgid "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" msgstr "``aggressive`` use Aggressive mode for Key Exchanges in the IKEv1 protocol aggressive mode is much more insecure compared to Main mode;" @@ -18268,11 +19643,15 @@ msgstr "``all-available`` all checking target addresses must be available to pas msgid "``any-available`` any of the checking target addresses must be available to pass this check" msgstr "``any-available`` any of the checking target addresses must be available to pass this check" -#: ../../configuration/vpn/site2site_ipsec.rst:385 +#: ../../configuration/vpn/site2site_ipsec.rst:388 msgid "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." msgstr "``authentication local-id/remote-id`` - IKE identification is used for validation of VPN peer devices during IKE negotiation. If you do not configure local/remote-identity, the device uses the IPv4 or IPv6 address that corresponds to the local/remote peer by default. In certain network setups (like ipsec interface with dynamic address, or behind the NAT ), the IKE ID received from the peer does not match the IKE gateway configured on the device. This can lead to a Phase 1 validation failure. So, make sure to configure the local/remote id explicitly and ensure that the IKE ID is the same as the remote-identity configured on the peer device." #: ../../configuration/vpn/site2site_ipsec.rst:18 +msgid "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" +msgstr "``authentication`` - configure authentication between VyOS and a remote peer. If pre-shared-secret mode is used, the secret key must be defined in ``set vpn ipsec authentication`` and suboptions:" + +#: ../../configuration/vpn/site2site_ipsec.rst:18 msgid "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" msgstr "``authentication`` - configure authentication between VyOS and a remote peer. Suboptions:" @@ -18292,11 +19671,11 @@ msgstr "``begin`` Matches the beginning of the URL path" msgid "``bgp`` - Border Gateway Protocol (BGP)" msgstr "``bgp`` - Border Gateway Protocol (BGP)" -#: ../../configuration/vpn/site2site_ipsec.rst:147 +#: ../../configuration/vpn/site2site_ipsec.rst:150 msgid "``bind`` - select a VTI interface to bind to this peer;" msgstr "``bind`` - select a VTI interface to bind to this peer;" -#: ../../configuration/policy/route-map.rst:376 +#: ../../configuration/policy/route-map.rst:379 msgid "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" msgstr "``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A" @@ -18312,6 +19691,10 @@ msgstr "``burst``: Number of packets allowed to overshoot the limit within ``per msgid "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" msgstr "``ca-cert-file`` - CA certificate file. Using for authenticating remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:61 +msgid "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" +msgstr "``ca-certificate`` - CA certificate in PKI configuration. Using for authenticating remote peer;" + #: ../../configuration/service/lldp.rst:65 msgid "``cdp`` - Listen for CDP for Cisco routers/switches" msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" @@ -18320,6 +19703,14 @@ msgstr "``cdp`` - Listen for CDP for Cisco routers/switches" msgid "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" msgstr "``cert-file`` - certificate file, which will be used for authenticating local router on remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:64 +msgid "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" +msgstr "``certificate`` - certificate file in PKI configuration, which will be used for authenticating local router on remote peer;" + +#: ../../configuration/vpn/ipsec.rst:66 +msgid "``clear`` closes the CHILD_SA and does not take further action (default);" +msgstr "``clear`` closes the CHILD_SA and does not take further action (default);" + #: ../../configuration/vpn/ipsec.rst:65 msgid "``clear`` set action to clear;" msgstr "``clear`` set action to clear;" @@ -18328,11 +19719,15 @@ msgstr "``clear`` set action to clear;" msgid "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." msgstr "``close-action = none | clear | hold | restart`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +#: ../../configuration/vpn/site2site_ipsec.rst:414 +msgid "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." +msgstr "``close-action = none | clear | trap | start`` - defines the action to take if the remote peer unexpectedly closes a CHILD_SA (see above for meaning of values). A closeaction should not be used if the peer uses reauthentication or uniqueids." + #: ../../configuration/vpn/ipsec.rst:47 msgid "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" msgstr "``close-action`` defines the action to take if the remote peer unexpectedly closes a CHILD_SA:" -#: ../../configuration/vpn/ipsec.rst:122 +#: ../../configuration/vpn/ipsec.rst:125 msgid "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." msgstr "``compression`` Enables the IPComp(IP Payload Compression) protocol which allows compressing the content of IP packets." @@ -18344,7 +19739,7 @@ msgstr "``compression`` whether IPComp compression of content is proposed on the msgid "``connected`` - Connected routes (directly attached subnet or host)" msgstr "``connected`` - Connected routes (directly attached subnet or host)" -#: ../../configuration/vpn/site2site_ipsec.rst:72 +#: ../../configuration/vpn/site2site_ipsec.rst:69 msgid "``connection-type`` - how to handle this connection process. Possible variants:" msgstr "``connection-type`` - how to handle this connection process. Possible variants:" @@ -18366,39 +19761,43 @@ msgstr "``d`` - Execution interval in days" msgid "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." msgstr "``dead-peer-detection action = clear | hold | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, hold, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``hold`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +#: ../../configuration/vpn/site2site_ipsec.rst:403 +msgid "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." +msgstr "``dead-peer-detection action = clear | trap | restart`` - R_U_THERE notification messages(IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer. The values clear, trap, and restart all activate DPD and determine the action to perform on a timeout. With ``clear`` the connection is closed with no further actions taken. ``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the connection on demand. ``restart`` will immediately trigger an attempt to re-negotiate the connection." + #: ../../configuration/vpn/ipsec.rst:56 msgid "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" msgstr "``dead-peer-detection`` controls the use of the Dead Peer Detection protocol (DPD, RFC 3706) where R_U_THERE notification messages (IKEv1) or empty INFORMATIONAL messages (IKEv2) are periodically sent in order to check the liveliness of the IPsec peer:" -#: ../../configuration/vpn/site2site_ipsec.rst:88 +#: ../../configuration/vpn/site2site_ipsec.rst:85 msgid "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" msgstr "``default-esp-group`` - ESP group to use by default for traffic encryption. Might be overwritten by individual settings for tunnel or VTI interface binding;" -#: ../../configuration/vpn/site2site_ipsec.rst:92 +#: ../../configuration/vpn/site2site_ipsec.rst:89 msgid "``description`` - description for this peer;" msgstr "``description`` - description for this peer;" -#: ../../configuration/vpn/ipsec.rst:101 +#: ../../configuration/vpn/ipsec.rst:103 msgid "``dh-group`` dh-group;" msgstr "``dh-group`` dh-group;" -#: ../../configuration/vpn/site2site_ipsec.rst:23 +#: ../../configuration/vpn/site2site_ipsec.rst:24 msgid "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" msgstr "``dhcp-interface`` - ID for authentication generated from DHCP address dynamically;" -#: ../../configuration/vpn/site2site_ipsec.rst:94 +#: ../../configuration/vpn/site2site_ipsec.rst:91 msgid "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" msgstr "``dhcp-interface`` - use an IP address, received from DHCP for IPSec connection with this peer, instead of ``local-address``;" -#: ../../configuration/vpn/ipsec.rst:88 +#: ../../configuration/vpn/ipsec.rst:90 msgid "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." msgstr "``disable-mobike`` disables MOBIKE Support. MOBIKE is only available for IKEv2 and enabled by default." -#: ../../configuration/vpn/site2site_ipsec.rst:396 +#: ../../configuration/vpn/site2site_ipsec.rst:399 msgid "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." msgstr "``disable-route-autoinstall`` - This option when configured disables the routes installed in the default table 220 for site-to-site ipsec. It is mostly used with VTI configuration." -#: ../../configuration/vpn/ipsec.rst:162 +#: ../../configuration/vpn/ipsec.rst:166 msgid "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" msgstr "``disable-route-autoinstall`` Do not automatically install routes to remote networks;" @@ -18406,7 +19805,7 @@ msgstr "``disable-route-autoinstall`` Do not automatically install routes to rem msgid "``disable`` - disable this tunnel;" msgstr "``disable`` - disable this tunnel;" -#: ../../configuration/vpn/ipsec.rst:147 +#: ../../configuration/vpn/ipsec.rst:150 msgid "``disable`` Disable PFS;" msgstr "``disable`` Disable PFS;" @@ -18424,15 +19823,15 @@ msgstr "``disable`` disable MOBIKE;" msgid "``drop``: drop the packet." msgstr "``drop``: drop the packet." -#: ../../configuration/system/login.rst:71 +#: ../../configuration/system/login.rst:75 msgid "``ecdsa-sha2-nistp256``" msgstr "``ecdsa-sha2-nistp256``" -#: ../../configuration/system/login.rst:72 +#: ../../configuration/system/login.rst:76 msgid "``ecdsa-sha2-nistp384``" msgstr "``ecdsa-sha2-nistp384``" -#: ../../configuration/system/login.rst:73 +#: ../../configuration/system/login.rst:77 msgid "``ecdsa-sha2-nistp521``" msgstr "``ecdsa-sha2-nistp521``" @@ -18440,7 +19839,7 @@ msgstr "``ecdsa-sha2-nistp521``" msgid "``edp`` - Listen for EDP for Extreme routers/switches" msgstr "``edp`` - Listen for EDP for Extreme routers/switches" -#: ../../configuration/vpn/ipsec.rst:145 +#: ../../configuration/vpn/ipsec.rst:148 msgid "``enable`` Inherit Diffie-Hellman group from IKE group (default);" msgstr "``enable`` Inherit Diffie-Hellman group from IKE group (default);" @@ -18452,11 +19851,11 @@ msgstr "``enable`` enable IPComp compression;" msgid "``enable`` enable MOBIKE (default for IKEv2);" msgstr "``enable`` enable MOBIKE (default for IKEv2);" -#: ../../configuration/vpn/ipsec.rst:103 +#: ../../configuration/vpn/ipsec.rst:105 msgid "``encryption`` encryption algorithm;" msgstr "``encryption`` encryption algorithm;" -#: ../../configuration/vpn/ipsec.rst:153 +#: ../../configuration/vpn/ipsec.rst:156 msgid "``encryption`` encryption algorithm (default 128 bit AES-CBC);" msgstr "``encryption`` encryption algorithm (default 128 bit AES-CBC);" @@ -18468,7 +19867,7 @@ msgstr "``end`` Matches the end of the URL path." msgid "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" msgstr "``esp-group`` - define ESP group for encrypt traffic, defined by this tunnel;" -#: ../../configuration/vpn/site2site_ipsec.rst:149 +#: ../../configuration/vpn/site2site_ipsec.rst:152 msgid "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." msgstr "``esp-group`` - define ESP group for encrypt traffic, passed this VTI interface." @@ -18488,11 +19887,11 @@ msgstr "``file`` - path to the key file;" msgid "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/ipsec.rst:164 +#: ../../configuration/vpn/ipsec.rst:168 msgid "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" msgstr "``flexvpn`` Allows FlexVPN vendor ID payload (IKEv2 only). Send the Cisco FlexVPN vendor ID payload (IKEv2 only), which is required in order to make Cisco brand devices allow negotiating a local traffic selector (from strongSwan's point of view) that is not the assigned virtual IP address if such an address is requested by strongSwan. Sending the Cisco FlexVPN vendor ID prevents the peer from narrowing the initiator's local traffic selector and allows it to e.g. negotiate a TS of 0.0.0.0/0 == 0.0.0.0/0 instead. This has been tested with a \"tunnel mode ipsec ipv4\" Cisco template but should also work for GRE encapsulation;" -#: ../../configuration/vpn/site2site_ipsec.rst:97 +#: ../../configuration/vpn/site2site_ipsec.rst:94 msgid "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagrams. Useful in case if between local and remote side is firewall or NAT, which not allows passing plain ESP packets between them;" @@ -18500,7 +19899,7 @@ msgstr "``force-udp-encapsulation`` - force encapsulation of ESP into UDP datagr msgid "``g`` - 802.11g - 54 Mbits/sec (default)" msgstr "``g`` - 802.11g - 54 Mbits/sec (default)" -#: ../../configuration/policy/route-map.rst:367 +#: ../../configuration/policy/route-map.rst:370 msgid "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000" @@ -18508,11 +19907,11 @@ msgstr "``graceful-shutdown`` - Well-known communities value GRACEFUL msgid "``h`` - Execution interval in hours" msgstr "``h`` - Execution interval in hours" -#: ../../configuration/vpn/ipsec.rst:105 +#: ../../configuration/vpn/ipsec.rst:107 msgid "``hash`` hash algorithm." msgstr "``hash`` hash algorithm." -#: ../../configuration/vpn/ipsec.rst:155 +#: ../../configuration/vpn/ipsec.rst:158 msgid "``hash`` hash algorithm (default sha1)." msgstr "``hash`` hash algorithm (default sha1)." @@ -18536,23 +19935,23 @@ msgstr "``ht40-`` - Both 20 MHz and 40 MHz with secondary channel below the prim msgid "``hvc0`` - Xen console" msgstr "``hvc0`` - Xen console" -#: ../../configuration/vpn/site2site_ipsec.rst:25 +#: ../../configuration/vpn/site2site_ipsec.rst:26 msgid "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" msgstr "``id`` - static ID's for authentication. In general local and remote address ``<x.x.x.x>``, ``<h:h:h:h:h:h:h:h>`` or ``%any``;" -#: ../../configuration/vpn/site2site_ipsec.rst:101 +#: ../../configuration/vpn/site2site_ipsec.rst:98 msgid "``ike-group`` - IKE group to use for key exchanges;" msgstr "``ike-group`` - IKE group to use for key exchanges;" -#: ../../configuration/vpn/ipsec.rst:82 +#: ../../configuration/vpn/ipsec.rst:84 msgid "``ikev1`` use IKEv1 for Key Exchange;" msgstr "``ikev1`` use IKEv1 for Key Exchange;" -#: ../../configuration/vpn/site2site_ipsec.rst:103 +#: ../../configuration/vpn/site2site_ipsec.rst:100 msgid "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" msgstr "``ikev2-reauth`` - reauthenticate remote peer during the rekeying process. Can be used only with IKEv2. Create a new IKE_SA from the scratch and try to recreate all IPsec SAs;" -#: ../../configuration/vpn/ipsec.rst:73 +#: ../../configuration/vpn/ipsec.rst:75 msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. Setting this parameter enables remote host re-authentication during an IKE rekey." @@ -18560,7 +19959,7 @@ msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticat msgid "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" msgstr "``ikev2-reauth`` whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done:" -#: ../../configuration/vpn/ipsec.rst:84 +#: ../../configuration/vpn/ipsec.rst:86 msgid "``ikev2`` use IKEv2 for Key Exchange;" msgstr "``ikev2`` use IKEv2 for Key Exchange;" @@ -18568,23 +19967,27 @@ msgstr "``ikev2`` use IKEv2 for Key Exchange;" msgid "``in``: Ruleset for forwarded packets on an inbound interface" msgstr "``in``: Ruleset for forwarded packets on an inbound interface" -#: ../../configuration/vpn/site2site_ipsec.rst:75 +#: ../../configuration/vpn/site2site_ipsec.rst:72 msgid "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" msgstr "``initiate`` - does initial connection to remote peer immediately after configuring and after boot. In this mode the connection will not be restarted in case of disconnection, therefore should be used only together with DPD or another session tracking methods;" -#: ../../configuration/vpn/ipsec.rst:166 +#: ../../configuration/system/option.rst:50 +msgid "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" +msgstr "``intel_idle.max_cstate=0`` Disable intel_idle and fall back on acpi_idle" + +#: ../../configuration/vpn/ipsec.rst:170 msgid "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" msgstr "``interface`` Interface Name to use. The name of the interface on which virtual IP addresses should be installed. If not specified the addresses will be installed on the outbound interface;" -#: ../../configuration/pki/index.rst:148 +#: ../../configuration/pki/index.rst:150 msgid "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." msgstr "``interface`` is used for the VyOS CLI command to identify the WireGuard interface where this private key is to be used." -#: ../../configuration/policy/route-map.rst:366 +#: ../../configuration/policy/route-map.rst:369 msgid "``internet`` - Well-known communities value 0" msgstr "``internet`` - Well-known communities value 0" -#: ../../configuration/vpn/ipsec.rst:69 +#: ../../configuration/vpn/ipsec.rst:71 msgid "``interval`` keep-alive interval in seconds <2-86400> (default 30);" msgstr "``interval`` keep-alive interval in seconds <2-86400> (default 30);" @@ -18602,7 +20005,7 @@ msgstr "``jump``: jump to another custom chain." msgid "``kernel`` - Kernel routes" msgstr "``kernel`` - Kernel routes" -#: ../../configuration/vpn/ipsec.rst:78 +#: ../../configuration/vpn/ipsec.rst:80 msgid "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" msgstr "``key-exchange`` which protocol should be used to initialize the connection If not set both protocols are handled and connections will use IKEv2 when initiating, but accept any protocol version when responding:" @@ -18610,7 +20013,7 @@ msgstr "``key-exchange`` which protocol should be used to initialize the connect msgid "``key`` - a private key, which will be used for authenticating local router on remote peer:" msgstr "``key`` - a private key, which will be used for authenticating local router on remote peer:" -#: ../../configuration/system/option.rst:107 +#: ../../configuration/system/option.rst:137 msgid "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." msgstr "``latency``: A server profile focused on lowering network latency. This profile favors performance over power savings by setting ``intel_pstate`` and ``min_perf_pct=100``." @@ -18622,19 +20025,19 @@ msgstr "``least-connection`` Distributes requests to the server with the fewest msgid "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" msgstr "``least-connection`` Distributes requests tp tje server wotj the fewest active connections" -#: ../../configuration/vpn/ipsec.rst:125 +#: ../../configuration/vpn/ipsec.rst:128 msgid "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" msgstr "``life-bytes`` ESP life in bytes <1024-26843545600000>. Number of bytes transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:128 +#: ../../configuration/vpn/ipsec.rst:131 msgid "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" msgstr "``life-packets`` ESP life in packets <1000-26843545600000>. Number of packets transmitted over an IPsec SA before it expires;" -#: ../../configuration/vpn/ipsec.rst:131 +#: ../../configuration/vpn/ipsec.rst:134 msgid "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" msgstr "``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). How long a particular instance of a connection (a set of encryption/authentication keys for user packets) should last, from successful negotiation to expiry;" -#: ../../configuration/vpn/ipsec.rst:86 +#: ../../configuration/vpn/ipsec.rst:88 msgid "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" @@ -18642,22 +20045,26 @@ msgstr "``lifetime`` IKE lifetime in seconds <0-86400> (default 28800);" msgid "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" msgstr "``lifetime`` IKE lifetime in seconds <30-86400> (default 28800);" -#: ../../configuration/policy/route-map.rst:373 +#: ../../configuration/policy/route-map.rst:376 msgid "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" msgstr "``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006" -#: ../../configuration/vpn/site2site_ipsec.rst:107 +#: ../../configuration/vpn/site2site_ipsec.rst:104 msgid "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" msgstr "``local-address`` - local IP address for IPSec connection with this peer. If defined ``any``, then an IP address which configured on interface with default route will be used;" -#: ../../configuration/policy/route-map.rst:363 +#: ../../configuration/policy/route-map.rst:366 msgid "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" msgstr "``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03" -#: ../../configuration/vpn/site2site_ipsec.rst:31 +#: ../../configuration/vpn/site2site_ipsec.rst:32 msgid "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" msgstr "``local-id`` - ID for the local VyOS router. If defined, during the authentication it will be send to remote peer;" +#: ../../configuration/vpn/site2site_ipsec.rst:50 +msgid "``local-key`` - name of PKI key-pair with local private key" +msgstr "``local-key`` - name of PKI key-pair with local private key" + #: ../../configuration/firewall/general-legacy.rst:753 msgid "``local``: Ruleset for packets destined for this router" msgstr "``local``: Ruleset for packets destined for this router" @@ -18674,7 +20081,7 @@ msgstr "``m`` - Execution interval in minutes" msgid "``main`` Routing table used by VyOS and other interfaces not participating in PBR" msgstr "``main`` Routing table used by VyOS and other interfaces not participating in PBR" -#: ../../configuration/vpn/ipsec.rst:93 +#: ../../configuration/vpn/ipsec.rst:95 msgid "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommended Default);" @@ -18682,19 +20089,23 @@ msgstr "``main`` use Main mode for Key Exchanges in the IKEv1 Protocol (Recommen msgid "``message``: Full message that has triggered the script." msgstr "``message``: Full message that has triggered the script." +#: ../../configuration/system/option.rst:40 +msgid "``mitigations=off``" +msgstr "``mitigations=off``" + #: ../../configuration/vpn/ipsec.rst:92 msgid "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" msgstr "``mobike`` enable MOBIKE Support. MOBIKE is only available for IKEv2:" -#: ../../configuration/vpn/site2site_ipsec.rst:35 +#: ../../configuration/vpn/site2site_ipsec.rst:36 msgid "``mode`` - mode for authentication between VyOS and remote peer:" msgstr "``mode`` - mode for authentication between VyOS and remote peer:" -#: ../../configuration/vpn/ipsec.rst:91 +#: ../../configuration/vpn/ipsec.rst:93 msgid "``mode`` IKEv1 Phase 1 Mode Selection:" msgstr "``mode`` IKEv1 Phase 1 Mode Selection:" -#: ../../configuration/vpn/ipsec.rst:136 +#: ../../configuration/vpn/ipsec.rst:139 msgid "``mode`` the type of the connection:" msgstr "``mode`` the type of the connection:" @@ -18758,19 +20169,19 @@ msgstr "``net.ipv6.conf.all.accept_redirects``" msgid "``net.ipv6.conf.all.accept_source_route``" msgstr "``net.ipv6.conf.all.accept_source_route``" -#: ../../configuration/policy/route-map.rst:364 +#: ../../configuration/policy/route-map.rst:367 msgid "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" msgstr "``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02" -#: ../../configuration/policy/route-map.rst:365 +#: ../../configuration/policy/route-map.rst:368 msgid "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" msgstr "``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01" -#: ../../configuration/policy/route-map.rst:374 +#: ../../configuration/policy/route-map.rst:377 msgid "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" msgstr "``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007" -#: ../../configuration/policy/route-map.rst:377 +#: ../../configuration/policy/route-map.rst:380 msgid "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" msgstr "``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04" @@ -18782,7 +20193,7 @@ msgstr "``no`` disable remote host re-authenticaton during an IKE rekey;" msgid "``none`` - Execution interval in minutes" msgstr "``none`` - Execution interval in minutes" -#: ../../configuration/vpn/site2site_ipsec.rst:85 +#: ../../configuration/vpn/site2site_ipsec.rst:82 msgid "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." msgstr "``none`` - loads the connection only, which then can be manually initiated or used as a responder configuration." @@ -18798,7 +20209,7 @@ msgstr "``noselect`` marks the server as unused, except for display purposes. Th msgid "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" msgstr "``nts`` enables Network Time Security (NTS) for the server as specified in :rfc:`8915`" -#: ../../configuration/vpn/ipsec.rst:160 +#: ../../configuration/vpn/ipsec.rst:164 msgid "``options``" msgstr "``options``" @@ -18814,11 +20225,19 @@ msgstr "``ospfv3`` - Open Shortest Path First (IPv6) (OSPFv3)" msgid "``out``: Ruleset for forwarded packets on an outbound interface" msgstr "``out``: Ruleset for forwarded packets on an outbound interface" +#: ../../configuration/vpn/site2site_ipsec.rst:54 +msgid "``passphrase`` - local private key passphrase" +msgstr "``passphrase`` - local private key passphrase" + +#: ../../configuration/vpn/site2site_ipsec.rst:67 +msgid "``passphrase`` - private key passphrase, if needed." +msgstr "``passphrase`` - private key passphrase, if needed." + #: ../../configuration/vpn/site2site_ipsec.rst:70 msgid "``password`` - passphrase private key, if needed." msgstr "``password`` - passphrase private key, if needed." -#: ../../configuration/pki/index.rst:163 +#: ../../configuration/pki/index.rst:165 msgid "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer where this secred is to be used." @@ -18826,7 +20245,7 @@ msgstr "``peer`` is used for the VyOS CLI command to identify the WireGuard peer msgid "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." msgstr "``period``: Time window for rate calculation. Possible values: ``second`` (one second), ``minute`` (one minute), ``hour`` (one hour). Default is ``second``." -#: ../../configuration/vpn/ipsec.rst:142 +#: ../../configuration/vpn/ipsec.rst:145 msgid "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" msgstr "``pfs`` whether Perfect Forward Secrecy of keys is desired on the connection's keying channel and defines a Diffie-Hellman group for PFS:" @@ -18835,11 +20254,11 @@ msgid "``pool`` mobilizes persistent client mode association with a number of re msgstr "``pool`` mobilizes persistent client mode association with a number of remote servers." #: ../../configuration/vpn/site2site_ipsec.rst:126 -#: ../../configuration/vpn/site2site_ipsec.rst:136 +#: ../../configuration/vpn/site2site_ipsec.rst:139 msgid "``port`` - define port. Have effect only when used together with ``prefix``;" msgstr "``port`` - define port. Have effect only when used together with ``prefix``;" -#: ../../configuration/vpn/site2site_ipsec.rst:37 +#: ../../configuration/vpn/site2site_ipsec.rst:38 msgid "``pre-shared-secret`` - use predefined shared secret phrase;" msgstr "``pre-shared-secret`` - use predefined shared secret phrase;" @@ -18851,27 +20270,35 @@ msgstr "``prefer`` marks the server as preferred. All other things being equal, msgid "``prefix`` - IP network at local side." msgstr "``prefix`` - IP network at local side." -#: ../../configuration/vpn/site2site_ipsec.rst:138 +#: ../../configuration/vpn/site2site_ipsec.rst:141 msgid "``prefix`` - IP network at remote side." msgstr "``prefix`` - IP network at remote side." -#: ../../configuration/vpn/ipsec.rst:107 +#: ../../configuration/vpn/ipsec.rst:109 msgid "``prf`` pseudo-random function." msgstr "``prf`` pseudo-random function." -#: ../../configuration/vpn/ipsec.rst:151 +#: ../../configuration/vpn/site2site_ipsec.rst:130 +msgid "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" +msgstr "``priority`` - Add priority for policy-based IPSec VPN tunnels(lowest value more preferable)" + +#: ../../configuration/system/option.rst:51 +msgid "``processor.max_cstate=1`` Limit processor to maximum C-state 1" +msgstr "``processor.max_cstate=1`` Limit processor to maximum C-state 1" + +#: ../../configuration/vpn/ipsec.rst:154 msgid "``proposal`` ESP-group proposal with number <1-65535>:" msgstr "``proposal`` ESP-group proposal with number <1-65535>:" -#: ../../configuration/vpn/ipsec.rst:99 +#: ../../configuration/vpn/ipsec.rst:101 msgid "``proposal`` the list of proposals and their parameters:" msgstr "``proposal`` the list of proposals and their parameters:" -#: ../../configuration/vpn/site2site_ipsec.rst:130 +#: ../../configuration/vpn/site2site_ipsec.rst:133 msgid "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" msgstr "``protocol`` - define the protocol for match traffic, which should be encrypted and send to this peer;" -#: ../../configuration/vpn/site2site_ipsec.rst:21 +#: ../../configuration/vpn/site2site_ipsec.rst:22 msgid "``psk`` - Preshared secret key name:" msgstr "``psk`` - Preshared secret key name:" @@ -18890,7 +20317,7 @@ msgstr "``rate``: Number of packets. Default 5." msgid "``reject``: reject the packet." msgstr "``reject``: reject the packet." -#: ../../configuration/vpn/site2site_ipsec.rst:111 +#: ../../configuration/vpn/site2site_ipsec.rst:108 msgid "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. IPv4 or IPv6 address is used when a peer has a public static IP address. Hostname is a DNS name which could be used when a peer has a public IP address and DNS name, but an IP address could be changed from time to time." @@ -18898,10 +20325,18 @@ msgstr "``remote-address`` - remote IP address or hostname for IPSec connection. msgid "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" msgstr "``remote-id`` - define an ID for remote peer, instead of using peer name or address. Useful in case if the remote peer is behind NAT or if ``mode x509`` is used;" -#: ../../configuration/vpn/site2site_ipsec.rst:133 +#: ../../configuration/vpn/site2site_ipsec.rst:52 +msgid "``remote-key`` - name of PKI key-pair with remote public key" +msgstr "``remote-key`` - name of PKI key-pair with remote public key" + +#: ../../configuration/vpn/site2site_ipsec.rst:136 msgid "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" msgstr "``remote`` - define the remote destination for match traffic, which should be encrypted and send to this peer:" +#: ../../configuration/vpn/site2site_ipsec.rst:113 +msgid "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" +msgstr "``replay-window`` - IPsec replay window to configure for this CHILD_SA (default: 32), a value of 0 disables IPsec replay protection" + #: ../../configuration/loadbalancing/reverse-proxy.rst:64 msgid "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" @@ -18910,10 +20345,14 @@ msgstr "``req-ssl-sni`` SSL Server Name Indication (SNI) request match" msgid "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" msgstr "``resp-time``: the maximum response time for ping in seconds. Range 1...30, default 5" -#: ../../configuration/vpn/site2site_ipsec.rst:80 +#: ../../configuration/vpn/site2site_ipsec.rst:77 msgid "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." msgstr "``respond`` - does not try to initiate a connection to a remote peer. In this mode, the IPSec session will be established only after initiation from a remote peer. Could be useful when there is no direct connectivity to the peer due to firewall or NAT in the middle of the local and remote side." +#: ../../configuration/vpn/ipsec.rst:68 +msgid "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" +msgstr "``restart`` immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA;" + #: ../../configuration/vpn/ipsec.rst:54 #: ../../configuration/vpn/ipsec.rst:67 msgid "``restart`` set action to restart;" @@ -18941,19 +20380,19 @@ msgstr "``round-robin`` - Round-robin policy: Transmit packets in sequential ord msgid "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" msgstr "``round-robin`` Distributes requests in a circular manner, sequentially sending each request to the next server in line" -#: ../../configuration/policy/route-map.rst:369 +#: ../../configuration/policy/route-map.rst:372 msgid "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" msgstr "``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002" -#: ../../configuration/policy/route-map.rst:371 +#: ../../configuration/policy/route-map.rst:374 msgid "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" msgstr "``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004" -#: ../../configuration/policy/route-map.rst:370 +#: ../../configuration/policy/route-map.rst:373 msgid "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" msgstr "``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003" -#: ../../configuration/policy/route-map.rst:372 +#: ../../configuration/policy/route-map.rst:375 msgid "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005" @@ -18961,11 +20400,19 @@ msgstr "``route-filter-v6`` - Well-known communities value ROUTE_FI msgid "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa-key-name`` - shared RSA key for authentication. The key must be defined in the ``set vpn rsa-keys`` section;" +#: ../../configuration/vpn/site2site_ipsec.rst:48 +msgid "``rsa`` - options for RSA authentication mode:" +msgstr "``rsa`` - options for RSA authentication mode:" + +#: ../../configuration/vpn/site2site_ipsec.rst:40 +msgid "``rsa`` - use simple shared RSA key." +msgstr "``rsa`` - use simple shared RSA key." + #: ../../configuration/vpn/site2site_ipsec.rst:39 msgid "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" msgstr "``rsa`` - use simple shared RSA key. The key must be defined in the ``set vpn rsa-keys`` section;" -#: ../../configuration/vpn/site2site_ipsec.rst:27 +#: ../../configuration/vpn/site2site_ipsec.rst:28 msgid "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" msgstr "``secret`` - predefined shared secret. Used if configured mode ``pre-shared-secret``;" @@ -18978,10 +20425,13 @@ msgid "``set firewall ipv4 forward filter ...``." msgstr "``set firewall ipv4 forward filter ...``." #: ../../configuration/firewall/index.rst:54 -#: ../../configuration/firewall/index.rst:72 msgid "``set firewall ipv4 input filter ...``." msgstr "``set firewall ipv4 input filter ...``." +#: ../../configuration/firewall/index.rst:72 +msgid "``set firewall ipv4 output filter ...``." +msgstr "``set firewall ipv4 output filter ...``." + #: ../../configuration/firewall/index.rst:63 msgid "``set firewall ipv6 forward filter ...``." msgstr "``set firewall ipv6 forward filter ...``." @@ -19010,19 +20460,19 @@ msgstr "``sonmp`` - Listen for SONMP for Nortel routers/switches" msgid "``source-address`` Distributes requests based on the source IP address of the client" msgstr "``source-address`` Distributes requests based on the source IP address of the client" -#: ../../configuration/system/login.rst:74 +#: ../../configuration/system/login.rst:78 msgid "``ssh-dss``" msgstr "``ssh-dss``" -#: ../../configuration/system/login.rst:75 +#: ../../configuration/system/login.rst:79 msgid "``ssh-ed25519``" msgstr "``ssh-ed25519``" -#: ../../configuration/system/login.rst:49 +#: ../../configuration/system/login.rst:53 msgid "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" msgstr "``ssh-rsa AAAAB3NzaC1yc2EAAAABAA...VBD5lKwEWB username@host.example.com``" -#: ../../configuration/system/login.rst:76 +#: ../../configuration/system/login.rst:80 msgid "``ssh-rsa``" msgstr "``ssh-rsa``" @@ -19034,6 +20484,10 @@ msgstr "``ssl-fc-sni-end`` SSL frontend match end of connection Server Name" msgid "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" msgstr "``ssl-fc-sni`` SSL frontend connection Server Name Indication match" +#: ../../configuration/vpn/ipsec.rst:54 +msgid "``start`` tries to immediately re-create the CHILD_SA;" +msgstr "``start`` tries to immediately re-create the CHILD_SA;" + #: ../../configuration/policy/route-map.rst:173 msgid "``static`` - Statically configured routes" msgstr "``static`` - Statically configured routes" @@ -19083,11 +20537,11 @@ msgstr "``test-script``: A user defined script must return 0 to be considered su msgid "``threshold``: ``below`` or ``above`` the specified rate limit." msgstr "``threshold``: ``below`` or ``above`` the specified rate limit." -#: ../../configuration/system/option.rst:97 +#: ../../configuration/system/option.rst:127 msgid "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." msgstr "``throughput``: A server profile focused on improving network throughput. This profile favors performance over power savings by setting ``intel_pstate`` and ``max_perf_pct=100`` and increasing kernel network buffer sizes." -#: ../../configuration/vpn/ipsec.rst:71 +#: ../../configuration/vpn/ipsec.rst:73 msgid "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 only" @@ -19095,10 +20549,18 @@ msgstr "``timeout`` keep-alive timeout in seconds <2-86400> (default 120) IKEv1 msgid "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." msgstr "``transmit-load-balance`` - Adaptive transmit load balancing: channel bonding that does not require any special switch support." -#: ../../configuration/vpn/ipsec.rst:140 +#: ../../configuration/vpn/ipsec.rst:143 msgid "``transport`` transport mode;" msgstr "``transport`` transport mode;" +#: ../../configuration/vpn/ipsec.rst:63 +msgid "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" +msgstr "``trap`` installs a trap policy, which will catch matching traffic and tries to re-negotiate the tunnel on-demand;" + +#: ../../configuration/vpn/ipsec.rst:52 +msgid "``trap`` installs a trap policy for the CHILD_SA;" +msgstr "``trap`` installs a trap policy for the CHILD_SA;" + #: ../../configuration/loadbalancing/wan.rst:179 msgid "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" msgstr "``ttl-limit``: For the UDP TTL limit test the hop count limit must be specified. The limit must be shorter than the path length, an ICMP time expired message is needed to be returned for a successful test. default 1" @@ -19115,7 +20577,7 @@ msgstr "``ttyUSBX`` - USB Serial device name" msgid "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" msgstr "``tunnel`` - define criteria for traffic to be matched for encrypting and send it to a peer:" -#: ../../configuration/vpn/ipsec.rst:138 +#: ../../configuration/vpn/ipsec.rst:141 msgid "``tunnel`` tunnel mode (default);" msgstr "``tunnel`` tunnel mode (default);" @@ -19123,11 +20585,11 @@ msgstr "``tunnel`` tunnel mode (default);" msgid "``type``: Specify the type of test. type can be ping, ttl or a user defined script" msgstr "``type``: Specify the type of test. type can be ping, ttl or a user defined script" -#: ../../configuration/vpn/site2site_ipsec.rst:51 +#: ../../configuration/vpn/site2site_ipsec.rst:56 msgid "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" msgstr "``use-x509-id`` - use local ID from x509 certificate. Cannot be used when ``id`` is defined;" -#: ../../configuration/vpn/site2site_ipsec.rst:152 +#: ../../configuration/vpn/site2site_ipsec.rst:155 msgid "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." msgstr "``virtual-address`` - Defines a virtual IP address which is requested by the initiator and one or several IPv4 and/or IPv6 addresses are assigned from multiple pools by the responder." @@ -19135,7 +20597,7 @@ msgstr "``virtual-address`` - Defines a virtual IP address which is requested by msgid "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." msgstr "``virtual-ip`` Allow install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all." -#: ../../configuration/vpn/ipsec.rst:168 +#: ../../configuration/vpn/ipsec.rst:172 msgid "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated list of virtual IPs to request in IKEv2 configuration payloads or IKEv1 Mode Config. The wildcard addresses 0.0.0.0 and :: request an arbitrary address, specific addresses may be defined. The responder may return a different address, though, or none at all. Define the ``virtual-address`` option to configure the IP address in site-to-site hierarchy." @@ -19143,11 +20605,11 @@ msgstr "``virtual-ip`` Allows to install virtual-ip addresses. Comma separated l msgid "``vnc`` - Virtual Network Control (VNC)" msgstr "``vnc`` - Virtual Network Control (VNC)" -#: ../../configuration/vpn/site2site_ipsec.rst:140 +#: ../../configuration/vpn/site2site_ipsec.rst:143 msgid "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" msgstr "``vti`` - use a VTI interface for traffic encryption. Any traffic, which will be send to VTI interface will be encrypted and send to this peer. Using VTI makes IPSec configuration much flexible and easier in complex situation, and allows to dynamically add/delete remote networks, reachable via a peer, as in this mode router don't need to create additional SA/policy for each remote network:" -#: ../../configuration/vpn/site2site_ipsec.rst:54 +#: ../../configuration/vpn/site2site_ipsec.rst:59 msgid "``x509`` - options for x509 authentication mode:" msgstr "``x509`` - options for x509 authentication mode:" @@ -19163,10 +20625,26 @@ msgstr "``xor-hash`` - XOR policy: Transmit based on the selected transmit hash msgid "``yes`` enable remote host re-authentication during an IKE rekey;" msgstr "``yes`` enable remote host re-authentication during an IKE rekey;" -#: ../../configuration/system/option.rst:39 +#: ../../configuration/service/ntp.rst:90 +msgid "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." +msgstr "`ignore`: No correction is applied to the clock for the leap second. The clock will be corrected later in normal operation when new measurements are made and the estimated offset includes the one second error." + +#: ../../configuration/service/ntp.rst:94 +msgid "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." +msgstr "`smear`: When smearing a leap second, the leap status is suppressed on the server and the served time is corrected slowly by slewing instead of stepping. The clients do not need any special configuration as they do not know there is any leap second and they follow the server time which eventually brings them back to UTC. Care must be taken to ensure they use only NTP servers which smear the leap second in exactly the same way for synchronisation." + +#: ../../configuration/system/option.rst:69 msgid "`source-address` and `source-interface` can not be used at the same time." msgstr "`source-address` and `source-interface` can not be used at the same time." +#: ../../configuration/service/ntp.rst:102 +msgid "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." +msgstr "`system`: When inserting a leap second, the kernel steps the system clock backwards by one second when the clock gets to 00:00:00 UTC. When deleting a leap second, it steps forward by one second when the clock gets to 23:59:59 UTC." + +#: ../../configuration/service/ntp.rst:107 +msgid "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" +msgstr "`timezone`: This directive specifies a timezone in the system timezone database which chronyd can use to determine when will the next leap second occur and what is the current offset between TAI and UTC. It will periodically check if 23:59:59 and 23:59:60 are valid times in the timezone. This normally works with the right/UTC timezone which is the default" + #: ../../configuration/protocols/rpki.rst:12 msgid "`tweet by EvilMog`_, 2020-02-21" msgstr "`tweet by EvilMog`_, 2020-02-21" @@ -19194,7 +20672,7 @@ msgstr "alert" msgid "all" msgstr "all" -#: ../../configuration/vrf/index.rst:428 +#: ../../configuration/vrf/index.rst:447 msgid "an RD / RTLIST" msgstr "an RD / RTLIST" @@ -19234,23 +20712,23 @@ msgstr "bgpd" msgid "bonding" msgstr "bonding" -#: ../../configuration/service/dhcp-server.rst:305 +#: ../../configuration/service/dhcp-server.rst:311 msgid "boot-size" msgstr "boot-size" -#: ../../configuration/service/dhcp-server.rst:298 +#: ../../configuration/service/dhcp-server.rst:304 msgid "bootfile-name" msgstr "bootfile-name" -#: ../../configuration/service/dhcp-server.rst:300 +#: ../../configuration/service/dhcp-server.rst:306 msgid "bootfile-name, filename" msgstr "bootfile-name, filename" -#: ../../configuration/service/dhcp-server.rst:288 +#: ../../configuration/service/dhcp-server.rst:294 msgid "bootfile-server" msgstr "bootfile-server" -#: ../../configuration/service/dhcp-server.rst:303 +#: ../../configuration/service/dhcp-server.rst:309 msgid "bootfile-size" msgstr "bootfile-size" @@ -19258,7 +20736,7 @@ msgstr "bootfile-size" msgid "bridge" msgstr "bridge" -#: ../../configuration/service/dhcp-server.rst:236 +#: ../../configuration/service/dhcp-server.rst:242 msgid "client-prefix-length" msgstr "client-prefix-length" @@ -19286,15 +20764,19 @@ msgstr "cron" msgid "daemon" msgstr "daemon" -#: ../../configuration/service/dns.rst:384 +#: ../../configuration/service/dns.rst:405 msgid "ddclient_ has another way to determine the WAN IP address. This is controlled by:" msgstr "ddclient_ has another way to determine the WAN IP address. This is controlled by:" -#: ../../configuration/service/dns.rst:218 +#: ../../configuration/service/dns.rst:232 msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other similar website. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." -#: ../../configuration/service/dns.rst:413 +#: ../../configuration/service/dns.rst:205 +msgid "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." +msgstr "ddclient_ uses two methods to update a DNS record. The first one will send updates directly to the DNS daemon, in compliance with :rfc:`2136`. The second one involves a third party service, like DynDNS.com or any other such service provider. This method uses HTTP requests to transmit the new IP address. You can configure both in VyOS." + +#: ../../configuration/service/dns.rst:415 msgid "ddclient_ will skip any address located before the string set in `<pattern>`." msgstr "ddclient_ will skip any address located before the string set in `<pattern>`." @@ -19306,7 +20788,7 @@ msgstr "debug" msgid "decrement-lifetime" msgstr "decrement-lifetime" -#: ../../configuration/service/dhcp-server.rst:335 +#: ../../configuration/service/dhcp-server.rst:341 msgid "default-lease-time, max-lease-time" msgstr "default-lease-time, max-lease-time" @@ -19318,7 +20800,7 @@ msgstr "default-lifetime" msgid "default-preference" msgstr "default-preference" -#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:254 msgid "default-router" msgstr "default-router" @@ -19330,15 +20812,15 @@ msgstr "default min-threshold" msgid "deprecate-prefix" msgstr "deprecate-prefix" -#: ../../configuration/highavailability/index.rst:354 +#: ../../configuration/highavailability/index.rst:364 msgid "destination-hashing" msgstr "destination-hashing" -#: ../../configuration/service/dhcp-server.rst:285 +#: ../../configuration/service/dhcp-server.rst:291 msgid "dhcp-server-identifier" msgstr "dhcp-server-identifier" -#: ../../configuration/highavailability/index.rst:364 +#: ../../configuration/highavailability/index.rst:374 msgid "direct" msgstr "direct" @@ -19356,17 +20838,17 @@ msgstr "disable: No source validation" msgid "dnssl" msgstr "dnssl" -#: ../../configuration/service/dhcp-server.rst:263 -#: ../../configuration/service/dhcp-server.rst:265 +#: ../../configuration/service/dhcp-server.rst:269 +#: ../../configuration/service/dhcp-server.rst:271 msgid "domain-name" msgstr "domain-name" -#: ../../configuration/service/dhcp-server.rst:260 +#: ../../configuration/service/dhcp-server.rst:266 msgid "domain-name-servers" msgstr "domain-name-servers" -#: ../../configuration/service/dhcp-server.rst:318 -#: ../../configuration/service/dhcp-server.rst:320 +#: ../../configuration/service/dhcp-server.rst:324 +#: ../../configuration/service/dhcp-server.rst:326 msgid "domain-search" msgstr "domain-search" @@ -19402,11 +20884,11 @@ msgstr "ethernet" msgid "exact-match: exact match of the network prefixes." msgstr "exact-match: exact match of the network prefixes." -#: ../../configuration/service/dhcp-server.rst:343 +#: ../../configuration/service/dhcp-server.rst:349 msgid "exclude" msgstr "exclude" -#: ../../configuration/service/dhcp-server.rst:348 +#: ../../configuration/service/dhcp-server.rst:354 msgid "failover" msgstr "failover" @@ -19418,8 +20900,8 @@ msgstr "fast: Request partner to transmit LACPDUs every 1 second" msgid "file <file name>" msgstr "file <file name>" -#: ../../configuration/protocols/bgp.rst:826 -#: ../../configuration/protocols/bgp.rst:832 +#: ../../configuration/protocols/bgp.rst:848 +#: ../../configuration/protocols/bgp.rst:854 msgid "filter-list" msgstr "filter-list" @@ -19431,6 +20913,10 @@ msgstr "ftp" msgid "full - always use full-duplex" msgstr "full - always use full-duplex" +#: ../../configuration/service/router-advert.rst:16 +msgid "geneve" +msgstr "geneve" + #: ../../configuration/interfaces/ethernet.rst:32 msgid "half - always use half-duplex" msgstr "half - always use half-duplex" @@ -19443,7 +20929,7 @@ msgstr "hop-limit" msgid "host: single host IP address to match." msgstr "host: single host IP address to match." -#: ../../configuration/system/option.rst:89 +#: ../../configuration/system/option.rst:119 msgid "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" msgstr "https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf" @@ -19475,8 +20961,8 @@ msgstr "invalid" msgid "inverse-match: network/netmask to match (requires network be defined)." msgstr "inverse-match: network/netmask to match (requires network be defined)." -#: ../../configuration/service/dhcp-server.rst:268 -#: ../../configuration/service/dhcp-server.rst:270 +#: ../../configuration/service/dhcp-server.rst:274 +#: ../../configuration/service/dhcp-server.rst:276 msgid "ip-forwarding" msgstr "ip-forwarding" @@ -19496,7 +20982,7 @@ msgstr "it does not increase hardware device interrupt rate (although it does in msgid "kern" msgstr "kern" -#: ../../configuration/service/router-advert.rst:16 +#: ../../configuration/service/router-advert.rst:17 msgid "l2tpv3" msgstr "l2tpv3" @@ -19504,27 +20990,27 @@ msgstr "l2tpv3" msgid "ldpd" msgstr "ldpd" -#: ../../configuration/service/dhcp-server.rst:333 +#: ../../configuration/service/dhcp-server.rst:339 msgid "lease" msgstr "lease" -#: ../../configuration/highavailability/index.rst:351 +#: ../../configuration/highavailability/index.rst:361 msgid "least-connection" msgstr "least-connection" -#: ../../configuration/vpn/site2site_ipsec.rst:275 +#: ../../configuration/vpn/site2site_ipsec.rst:278 msgid "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" msgstr "left local_ip: 192.168.0.10 # VPN Gateway, behind NAT device" -#: ../../configuration/vpn/site2site_ipsec.rst:167 +#: ../../configuration/vpn/site2site_ipsec.rst:170 msgid "left local_ip: `198.51.100.3` # server side WAN IP" msgstr "left local_ip: `198.51.100.3` # server side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:276 +#: ../../configuration/vpn/site2site_ipsec.rst:279 msgid "left public_ip:172.18.201.10" msgstr "left public_ip:172.18.201.10" -#: ../../configuration/vpn/site2site_ipsec.rst:165 +#: ../../configuration/vpn/site2site_ipsec.rst:168 msgid "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" msgstr "left subnet: `192.168.0.0/24` site1, server side (i.e. locality, actually there is no client or server roles)" @@ -19592,7 +21078,7 @@ msgstr "local use 5 (local5)" msgid "local use 7 (local7)" msgstr "local use 7 (local7)" -#: ../../configuration/highavailability/index.rst:355 +#: ../../configuration/highavailability/index.rst:365 msgid "locality-based-least-connection" msgstr "locality-based-least-connection" @@ -19666,12 +21152,12 @@ msgstr "more information related IGP - :ref:`routing-isis`" msgid "more information related IGP - :ref:`routing-ospf`" msgstr "more information related IGP - :ref:`routing-ospf`" -#: ../../configuration/service/dhcp-server.rst:258 +#: ../../configuration/service/dhcp-server.rst:264 #: ../../configuration/service/router-advert.rst:1 msgid "name-server" msgstr "name-server" -#: ../../configuration/service/dhcp-server.rst:280 +#: ../../configuration/service/dhcp-server.rst:286 msgid "netbios-name-servers" msgstr "netbios-name-servers" @@ -19687,7 +21173,7 @@ msgstr "network: network/netmask to match (requires inverse-match be defined) BU msgid "news" msgstr "news" -#: ../../configuration/service/dhcp-server.rst:290 +#: ../../configuration/service/dhcp-server.rst:296 msgid "next-server" msgstr "next-server" @@ -19711,11 +21197,11 @@ msgstr "notice" msgid "ntp" msgstr "ntp" -#: ../../configuration/service/dhcp-server.rst:273 +#: ../../configuration/service/dhcp-server.rst:279 msgid "ntp-server" msgstr "ntp-server" -#: ../../configuration/service/dhcp-server.rst:275 +#: ../../configuration/service/dhcp-server.rst:281 msgid "ntp-servers" msgstr "ntp-servers" @@ -19723,7 +21209,7 @@ msgstr "ntp-servers" msgid "one rule with a LAN (inbound-interface) and the WAN (interface)." msgstr "one rule with a LAN (inbound-interface) and the WAN (interface)." -#: ../../configuration/service/router-advert.rst:17 +#: ../../configuration/service/router-advert.rst:18 msgid "openvpn" msgstr "openvpn" @@ -19763,8 +21249,8 @@ msgstr "policy extcommunity-list" msgid "policy large-community-list" msgstr "policy large-community-list" -#: ../../configuration/service/dhcp-server.rst:313 -#: ../../configuration/service/dhcp-server.rst:315 +#: ../../configuration/service/dhcp-server.rst:319 +#: ../../configuration/service/dhcp-server.rst:321 msgid "pop-server" msgstr "pop-server" @@ -19772,17 +21258,17 @@ msgstr "pop-server" msgid "preferred-lifetime" msgstr "preferred-lifetime" -#: ../../configuration/protocols/bgp.rst:827 -#: ../../configuration/protocols/bgp.rst:831 +#: ../../configuration/protocols/bgp.rst:849 +#: ../../configuration/protocols/bgp.rst:853 msgid "prefix-list, distribute-list" msgstr "prefix-list, distribute-list" -#: ../../configuration/service/router-advert.rst:18 +#: ../../configuration/service/router-advert.rst:19 msgid "pseudo-ethernet" msgstr "pseudo-ethernet" -#: ../../configuration/service/dhcp-server.rst:338 -#: ../../configuration/service/dhcp-server.rst:340 +#: ../../configuration/service/dhcp-server.rst:344 +#: ../../configuration/service/dhcp-server.rst:346 msgid "range" msgstr "range" @@ -19790,7 +21276,7 @@ msgstr "range" msgid "reachable-time" msgstr "reachable-time" -#: ../../configuration/system/ip.rst:82 +#: ../../configuration/system/ip.rst:95 msgid "reset commands" msgstr "reset commands" @@ -19798,7 +21284,7 @@ msgstr "reset commands" msgid "retrans-timer" msgstr "retrans-timer" -#: ../../configuration/service/dhcp-server.rst:325 +#: ../../configuration/service/dhcp-server.rst:331 msgid "rfc3442-static-route, windows-static-route" msgstr "rfc3442-static-route, windows-static-route" @@ -19806,15 +21292,15 @@ msgstr "rfc3442-static-route, windows-static-route" msgid "rfc3768-compatibility" msgstr "rfc3768-compatibility" -#: ../../configuration/vpn/site2site_ipsec.rst:277 +#: ../../configuration/vpn/site2site_ipsec.rst:280 msgid "right local_ip: 172.18.202.10 # right side WAN IP" msgstr "right local_ip: 172.18.202.10 # right side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:169 +#: ../../configuration/vpn/site2site_ipsec.rst:172 msgid "right local_ip: `203.0.113.2` # remote office side WAN IP" msgstr "right local_ip: `203.0.113.2` # remote office side WAN IP" -#: ../../configuration/vpn/site2site_ipsec.rst:168 +#: ../../configuration/vpn/site2site_ipsec.rst:171 msgid "right subnet: `10.0.0.0/24` site2,remote office side" msgstr "right subnet: `10.0.0.0/24` site2,remote office side" @@ -19822,16 +21308,16 @@ msgstr "right subnet: `10.0.0.0/24` site2,remote office side" msgid "ripd" msgstr "ripd" -#: ../../configuration/highavailability/index.rst:349 +#: ../../configuration/highavailability/index.rst:359 msgid "round-robin" msgstr "round-robin" -#: ../../configuration/protocols/bgp.rst:825 -#: ../../configuration/protocols/bgp.rst:833 +#: ../../configuration/protocols/bgp.rst:847 +#: ../../configuration/protocols/bgp.rst:855 msgid "route-map" msgstr "route-map" -#: ../../configuration/service/dhcp-server.rst:250 +#: ../../configuration/service/dhcp-server.rst:256 msgid "routers" msgstr "routers" @@ -19848,7 +21334,7 @@ msgstr "sFlow is a technology that enables monitoring of network traffic by send msgid "security" msgstr "security" -#: ../../configuration/service/dhcp-server.rst:283 +#: ../../configuration/service/dhcp-server.rst:289 msgid "server-identifier" msgstr "server-identifier" @@ -19865,11 +21351,11 @@ msgstr "set a destination and/or source address. Accepted input:" msgid "sha256 Hashes" msgstr "sha256 Hashes" -#: ../../configuration/system/ip.rst:50 +#: ../../configuration/system/ip.rst:63 msgid "show commands" msgstr "show commands" -#: ../../configuration/service/dhcp-server.rst:289 +#: ../../configuration/service/dhcp-server.rst:295 msgid "siaddr" msgstr "siaddr" @@ -19877,8 +21363,8 @@ msgstr "siaddr" msgid "slow: Request partner to transmit LACPDUs every 30 seconds" msgstr "slow: Request partner to transmit LACPDUs every 30 seconds" -#: ../../configuration/service/dhcp-server.rst:308 -#: ../../configuration/service/dhcp-server.rst:310 +#: ../../configuration/service/dhcp-server.rst:314 +#: ../../configuration/service/dhcp-server.rst:316 msgid "smtp-server" msgstr "smtp-server" @@ -19886,7 +21372,7 @@ msgstr "smtp-server" msgid "software filters can easily be added to hash over new protocols," msgstr "software filters can easily be added to hash over new protocols," -#: ../../configuration/highavailability/index.rst:353 +#: ../../configuration/highavailability/index.rst:363 msgid "source-hashing" msgstr "source-hashing" @@ -19898,11 +21384,11 @@ msgstr "spoke01-spoke04" msgid "spoke05" msgstr "spoke05" -#: ../../configuration/service/dhcp-server.rst:353 +#: ../../configuration/service/dhcp-server.rst:359 msgid "static-mapping" msgstr "static-mapping" -#: ../../configuration/service/dhcp-server.rst:323 +#: ../../configuration/service/dhcp-server.rst:329 msgid "static-route" msgstr "static-route" @@ -19912,7 +21398,7 @@ msgstr "static-route" msgid "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." msgstr "strict: Each incoming packet is tested against the FIB and if the interface is not the best reverse path the packet check will fail. By default failed packets are discarded." -#: ../../configuration/service/dhcp-server.rst:238 +#: ../../configuration/service/dhcp-server.rst:244 msgid "subnet-mask" msgstr "subnet-mask" @@ -19928,8 +21414,8 @@ msgstr "tail" msgid "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." msgstr "tc_ is a powerful tool for Traffic Control found at the Linux kernel. However, its configuration is often considered a cumbersome task. Fortunately, VyOS eases the job through its CLI, while using ``tc`` as backend." -#: ../../configuration/service/dhcp-server.rst:293 -#: ../../configuration/service/dhcp-server.rst:295 +#: ../../configuration/service/dhcp-server.rst:299 +#: ../../configuration/service/dhcp-server.rst:301 msgid "tftp-server-name" msgstr "tftp-server-name" @@ -19938,21 +21424,21 @@ msgstr "tftp-server-name" msgid "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." msgstr "this option allows to configure prefix-sid on SR. The ‘no-php-flag’ means NO Penultimate Hop Popping that allows SR node to request to its neighbor to not pop the label. The ‘explicit-null’ flag allows SR node to request to its neighbor to send IP packet with the EXPLICIT-NULL label. The ‘n-flag-clear’ option can be used to explicitly clear the Node flag that is set by default for Prefix-SIDs associated to loopback addresses. This option is necessary to configure Anycast-SIDs." -#: ../../configuration/service/dhcp-server.rst:242 -#: ../../configuration/service/dhcp-server.rst:244 +#: ../../configuration/service/dhcp-server.rst:248 +#: ../../configuration/service/dhcp-server.rst:250 msgid "time-offset" msgstr "time-offset" -#: ../../configuration/service/dhcp-server.rst:253 +#: ../../configuration/service/dhcp-server.rst:259 msgid "time-server" msgstr "time-server" -#: ../../configuration/service/dhcp-server.rst:255 +#: ../../configuration/service/dhcp-server.rst:261 msgid "time-servers" msgstr "time-servers" -#: ../../configuration/highavailability/index.rst:365 -#: ../../configuration/service/router-advert.rst:19 +#: ../../configuration/highavailability/index.rst:375 +#: ../../configuration/service/router-advert.rst:20 msgid "tunnel" msgstr "tunnel" @@ -19984,7 +21470,7 @@ msgstr "valid-lifetime" msgid "veth interfaces need to be created in pairs - it's called the peer name" msgstr "veth interfaces need to be created in pairs - it's called the peer name" -#: ../../configuration/service/router-advert.rst:20 +#: ../../configuration/service/router-advert.rst:21 msgid "vxlan" msgstr "vxlan" @@ -19996,11 +21482,11 @@ msgstr "warning" msgid "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." msgstr "we described the configuration SR ISIS / SR OSPF using 2 connected with them to share label information." -#: ../../configuration/highavailability/index.rst:352 +#: ../../configuration/highavailability/index.rst:362 msgid "weighted-least-connection" msgstr "weighted-least-connection" -#: ../../configuration/highavailability/index.rst:350 +#: ../../configuration/highavailability/index.rst:360 msgid "weighted-round-robin" msgstr "weighted-round-robin" @@ -20008,15 +21494,15 @@ msgstr "weighted-round-robin" msgid "while a *byte* is written as a single **b**." msgstr "while a *byte* is written as a single **b**." -#: ../../configuration/service/dhcp-server.rst:278 +#: ../../configuration/service/dhcp-server.rst:284 msgid "wins-server" msgstr "wins-server" -#: ../../configuration/service/router-advert.rst:21 +#: ../../configuration/service/router-advert.rst:22 msgid "wireguard" msgstr "wireguard" -#: ../../configuration/service/router-advert.rst:22 +#: ../../configuration/service/router-advert.rst:23 msgid "wireless" msgstr "wireless" @@ -20024,15 +21510,15 @@ msgstr "wireless" msgid "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." msgstr "with :cfgcmd:`set system acceleration qat` on both systems the bandwidth increases." -#: ../../configuration/service/dhcp-server.rst:328 +#: ../../configuration/service/dhcp-server.rst:334 msgid "wpad-url" msgstr "wpad-url" -#: ../../configuration/service/dhcp-server.rst:330 +#: ../../configuration/service/dhcp-server.rst:336 msgid "wpad-url, wpad-url code 252 = text" msgstr "wpad-url, wpad-url code 252 = text" -#: ../../configuration/service/router-advert.rst:23 +#: ../../configuration/service/router-advert.rst:24 msgid "wwan" msgstr "wwan" diff --git a/docs/_locale/uk/contributing.pot b/docs/_locale/uk/contributing.pot index 4db4247d..f3589f6a 100644 --- a/docs/_locale/uk/contributing.pot +++ b/docs/_locale/uk/contributing.pot @@ -207,6 +207,10 @@ msgstr "Bad: radius (unless it's about the distance between a center of a circle msgid "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." msgstr "Beeing brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow doen the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +#: ../../contributing/debugging.rst:160 +msgid "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." +msgstr "Being brave and running the latest rolling releases will sometimes trigger bugs due to corner cases we missed in our design. Those bugs should be filed via Phabricator_ but you can help us to narrow down the issue. Login to your VyOS system and change into configuration mode by typing ``configure``. Now re-load your boot configuration by simply typing ``load`` followed by return." + #: ../../contributing/debugging.rst:170 msgid "Boot Timing" msgstr "Boot Timing" @@ -884,6 +888,10 @@ msgid "Our StrongSWAN build differs from the upstream:" msgstr "Our StrongSWAN build differs from the upstream:" #: ../../contributing/testing.rst:20 +msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." +msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successful test drive." + +#: ../../contributing/testing.rst:20 msgid "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." msgstr "Our `VyOS CI`_ system is based on Jenkins and builds all our required packages for VyOS 1.2 to 1.4. In addition to the package build, there is the vyos-build Job which builds and tests the VyOS ISO image which is published after a successfull test drive." @@ -924,6 +932,10 @@ msgstr "Please submit your patches using the well-known GitHub pull-request agai msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Pyhon interface." +#: ../../contributing/development.rst:254 +msgid "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." +msgstr "Please use the following template as good starting point when developing new modules or even rewrite a whole bunch of code in the new style XML/Python interface." + #: ../../contributing/testing.rst:104 msgid "Port description" msgstr "Port description" @@ -1017,6 +1029,10 @@ msgstr "Smoketests executes predefined VyOS CLI commands and checks if the desir msgid "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." msgstr "So if you plan to build your own custom ISO image and wan't to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +#: ../../contributing/testing.rst:45 +msgid "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." +msgstr "So if you plan to build your own custom ISO image and want to make use of our smoketests, ensure that you have the `vyos-1x-smoketest` package installed." + #: ../../contributing/build-vyos.rst:202 msgid "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." msgstr "Some VyOS packages (namely vyos-1x) come with build-time tests which verify some of the internal library calls that they work as expected. Those tests are carried out through the Python Unittest module. If you want to build the ``vyos-1x`` package (which is our main development package) you need to start your Docker container using the following argument: ``--sysctl net.ipv6.conf.lo.disable_ipv6=0``, otherwise those tests will fail." @@ -1198,6 +1214,10 @@ msgid "The package ends up in deb_dist dir." msgstr "The package ends up in deb_dist dir." #: ../../contributing/debugging.rst:148 +msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" +msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When running individual migrators for testing, you need to convert the \"magic string\" on your own by:" + +#: ../../contributing/debugging.rst:148 msgid "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" msgstr "The reason is that the configuration migration backend is rewritten and uses a new form of \"magic string\" which is applied on demand when real config migration is run on boot. When runnint individual migrators for testing, you need to convert the \"magic string\" on your own by:" @@ -1314,10 +1334,18 @@ msgid "To debug issues in priorities or to see what's going on in the background msgstr "To debug issues in priorities or to see what's going on in the background you can use the ``/opt/vyatta/sbin/priority.pl`` script which lists to you the execution order of the scripts." #: ../../contributing/build-vyos.rst:373 +msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" +msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directory. This is explained in the following step by step procedure:" + +#: ../../contributing/build-vyos.rst:373 msgid "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" msgstr "To debug the build process and gain additional information of what could be the root cause, you need to use `chroot` to change into the build directry. This is explained in the following step by step procedure:" #: ../../contributing/debugging.rst:182 +msgid "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" +msgstr "To enable boot time graphing change the Kernel commandline and add the following string: ``init=/usr/lib/systemd/systemd-bootchart``" + +#: ../../contributing/debugging.rst:182 msgid "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" msgstr "To enable boot time graphing change the Kernel commandline and add the folowing string: ``init=/usr/lib/systemd/systemd-bootchart``" @@ -1409,6 +1437,10 @@ msgstr "Virtualization Platforms" msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to higest priority. This is good as this gives a deterministic behavior." +#: ../../contributing/debugging.rst:190 +msgid "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." +msgstr "VyOS CLI is all about priorities. Every CLI node has a corresponding ``node.def`` file and possibly an attached script that is executed when the node is present. Nodes can have a priority, and on system bootup - or any other ``commit`` to the config all scripts are executed from lowest to highest priority. This is good as this gives a deterministic behavior." + #: ../../contributing/build-vyos.rst:168 msgid "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." msgstr "VyOS has switched to Debian (12) Bookworm in its ``current`` branch, Due to software version updates, it is recommended to use the official Docker Hub image to build VyOS ISO." @@ -1485,6 +1517,10 @@ msgstr "When you are able to verify that it is actually a bug, spend some time t msgid "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." msgstr "When you are working on interface configuration and you also wan't to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +#: ../../contributing/testing.rst:109 +msgid "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." +msgstr "When you are working on interface configuration and you also want to test if the Smoketests pass you would normally loose the remote SSH connection to your :abbr:`DUT (Device Under Test)`. To handle this issue, some of the interface based tests can be called with an environment variable beforehand to limit the number of interfaces used in the test. By default all interface e.g. all Ethernet interfaces are used." + #: ../../contributing/issues-features.rst:21 msgid "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." msgstr "When you believe you have found a bug, it is always a good idea to verify the issue prior to opening a bug request." @@ -1550,6 +1586,10 @@ msgstr "You have your own custom kernel `*.deb` packages in the `packages` folde msgid "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." msgstr "You shoudl now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +#: ../../contributing/debugging.rst:166 +msgid "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." +msgstr "You should now see a Python backtrace which will help us to handle the issue, please attach it to the Phabricator_ task." + #: ../../contributing/development.rst:146 msgid "You then can proceed with cloning your fork or add a new remote to your local repository:" msgstr "You then can proceed with cloning your fork or add a new remote to your local repository:" @@ -1666,6 +1706,10 @@ msgstr "commit:expression:" msgid "contine execution using ``cont``" msgstr "contine execution using ``cont``" +#: ../../contributing/debugging.rst:128 +msgid "continue execution using ``cont``" +msgstr "continue execution using ``cont``" + #: ../../contributing/development.rst:675 msgid "default:" msgstr "default:" diff --git a/docs/_locale/uk/copyright.pot b/docs/_locale/uk/copyright.pot index c2e88942..664a17c2 100644 --- a/docs/_locale/uk/copyright.pot +++ b/docs/_locale/uk/copyright.pot @@ -13,6 +13,10 @@ msgid "Copyright Notice" msgstr "Copyright Notice" #: ../../copyright.md:3 +msgid "Copyright (C) 2018-2023 VyOS maintainers and contributors" +msgstr "Copyright (C) 2018-2023 VyOS maintainers and contributors" + +#: ../../copyright.md:3 msgid "Copyright (C) 2018-2024 VyOS maintainers and contributors" msgstr "Copyright (C) 2018-2024 VyOS maintainers and contributors" diff --git a/docs/_locale/uk/documentation.pot b/docs/_locale/uk/documentation.pot index 86105c1c..0bc0ca16 100644 --- a/docs/_locale/uk/documentation.pot +++ b/docs/_locale/uk/documentation.pot @@ -8,27 +8,47 @@ msgstr "" "Language: uk\n" "Plural-Forms: nplurals=3; plural=((n%10==1) && (n%100!=11)) ? 0 : ((n%10>=2 && n%10<=4) && ((n%100<12 || n%100>14))) ? 1 : 2;\n" -#: ../../documentation.rst:239 +#: ../../documentation.rst:216 msgid "16bit ASN: ``64496 - 64511``" msgstr "16bit ASN: ``64496 - 64511``" -#: ../../documentation.rst:240 +#: ../../documentation.rst:84 +msgid "1. Theoretical information" +msgstr "1. Theoretical information" + +#: ../../documentation.rst:92 +msgid "2. Configuration description" +msgstr "2. Configuration description" + +#: ../../documentation.rst:217 msgid "32bit ASN: ``65536 - 65551``" msgstr "32bit ASN: ``65536 - 65551``" -#: ../../documentation.rst:182 +#: ../../documentation.rst:99 +msgid "3. Configuration examples" +msgstr "3. Configuration examples" + +#: ../../documentation.rst:105 +msgid "4. Known issues" +msgstr "4. Known issues" + +#: ../../documentation.rst:113 +msgid "5. Debugging" +msgstr "5. Debugging" + +#: ../../documentation.rst:159 msgid "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." msgstr "A plugin will be used to generate a reference label for each headline. To reference a page or a section in the documentation use the ``:ref:`` command." -#: ../../documentation.rst:103 +#: ../../documentation.rst:408 msgid "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." msgstr "Add modified files to Git index ``$ git add path/to/filename`` or add all unstaged files ``$ git add .``. All files added to the Git index will be part of you following Git commit." -#: ../../documentation.rst:229 +#: ../../documentation.rst:206 msgid "Address space" msgstr "Address space" -#: ../../documentation.rst:390 +#: ../../documentation.rst:58 msgid "All RST files must follow the same TOC Level syntax and have to start with" msgstr "All RST files must follow the same TOC Level syntax and have to start with" @@ -36,7 +56,7 @@ msgstr "All RST files must follow the same TOC Level syntax and have to start wi msgid "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." msgstr "An optional section follows. Some commands have requirements like compatible hardware (e.g. Wifi) or some commands you have to set before. For example, it is recommended to set a route-map before configuring BGP." -#: ../../documentation.rst:53 +#: ../../documentation.rst:51 msgid "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." msgstr "And finally, remember that the reStructuredText files aren't exclusively for generating HTML and PDF. They should be human-readable and easily perused from a console." @@ -48,23 +68,23 @@ msgstr "Anything else" msgid "Anything else that is not a configuration or an operation command has no predefined structure." msgstr "Anything else that is not a configuration or an operation command has no predefined structure." -#: ../../documentation.rst:257 +#: ../../documentation.rst:234 msgid "Autolinter" msgstr "Autolinter" -#: ../../documentation.rst:94 +#: ../../documentation.rst:399 msgid "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." msgstr "Check your changes by locally building the documentation ``$ make livehtml``. Sphinx will build the html files in the ``docs/_build`` folder. We provide you with a Docker container for an easy-to-use user experience. Check the README.md_ file of this repository." -#: ../../documentation.rst:123 +#: ../../documentation.rst:428 msgid "Check your configured remote repositories:" msgstr "Check your configured remote repositories:" -#: ../../documentation.rst:78 +#: ../../documentation.rst:383 msgid "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" msgstr "Clone fork to local machine, then change to that directory ``$ cd vyos-documentation``" -#: ../../documentation.rst:107 +#: ../../documentation.rst:412 msgid "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." msgstr "Commit your changes with the message, ``$ git commit -m \"<commit message>\"`` or use ``$ git commit -v`` to have your configured editor launched. You can type in a commit message. Again please make yourself comfortable without rules (:ref:`prepare_commit`)." @@ -72,55 +92,67 @@ msgstr "Commit your changes with the message, ``$ git commit -m \"<commit messag msgid "Configuration mode pages" msgstr "Configuration mode pages" -#: ../../documentation.rst:84 +#: ../../documentation.rst:389 msgid "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" msgstr "Create a new branch for your work, use a descriptive name of your work: ``$ git checkout -b <branch-name>``" -#: ../../documentation.rst:180 +#: ../../documentation.rst:157 msgid "Cross-References" msgstr "Cross-References" -#: ../../documentation.rst:268 +#: ../../documentation.rst:245 msgid "Custom Sphinx-doc Markup" msgstr "Custom Sphinx-doc Markup" -#: ../../documentation.rst:270 +#: ../../documentation.rst:247 msgid "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." msgstr "Custom commands have been developed for writing the documentation. Please make yourself comfortable with those commands as this eases the way we render the documentation." -#: ../../documentation.rst:45 +#: ../../documentation.rst:94 +msgid "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." +msgstr "Describe CLI items related to the service or use case. Each config line or section must be explained, using information provided in the 1st part of the page." + +#: ../../documentation.rst:115 +msgid "Described procedures for debugging a service:" +msgstr "Described procedures for debugging a service:" + +#: ../../documentation.rst:43 msgid "Don't forget to update ``index.rst`` when adding a new node." msgstr "Don't forget to update ``index.rst`` when adding a new node." -#: ../../documentation.rst:259 +#: ../../documentation.rst:236 msgid "Each GitHub pull request is automatically linted to check the address space and line length." msgstr "Each GitHub pull request is automatically linted to check the address space and line length." -#: ../../documentation.rst:252 +#: ../../documentation.rst:81 +msgid "Each page must contain the following parts:" +msgstr "Each page must contain the following parts:" + +#: ../../documentation.rst:229 msgid "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." msgstr "Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and renders the same line format from the source rst file." -#: ../../documentation.rst:292 +#: ../../documentation.rst:269 msgid "For an inline configuration level command, use ``:cfgcmd:``" msgstr "For an inline configuration level command, use ``:cfgcmd:``" -#: ../../documentation.rst:328 +#: ../../documentation.rst:305 msgid "For an inline operational level command, use ``:opcmd:``" msgstr "For an inline operational level command, use ``:opcmd:``" -#: ../../documentation.rst:186 +#: ../../documentation.rst:163 msgid "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." msgstr "For example, you want to reference the headline **VLAN** in the **ethernet.rst** page. The plugin generates the label based on the headline and the file path." -#: ../../documentation.rst:405 +#: ../../documentation.rst:70 msgid "For example:" msgstr "For example:" -#: ../../documentation.rst:76 +#: ../../documentation.rst:381 msgid "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" msgstr "Fork this project on GitHub https://github.com/vyos/vyos-documentation/fork" -#: ../../documentation.rst:58 +#: ../../documentation.rst:363 msgid "Forking Workflow" msgstr "Forking Workflow" @@ -128,6 +160,10 @@ msgstr "Forking Workflow" msgid "Formating and Sphinxmarkup" msgstr "Formating and Sphinxmarkup" +#: ../../documentation.rst:127 +msgid "Formatting and Sphinxmarkup" +msgstr "Formatting and Sphinxmarkup" + #: ../../documentation.rst:432 msgid "General concepts for troubleshooting and detailed process descriptions belong here." msgstr "General concepts for troubleshooting and detailed process descriptions belong here." @@ -140,7 +176,7 @@ msgstr "Guidelines" msgid "If there some troubleshooting guides related to the commands. Explain it in the next optional part." msgstr "If there some troubleshooting guides related to the commands. Explain it in the next optional part." -#: ../../documentation.rst:143 +#: ../../documentation.rst:448 msgid "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" msgstr "If you also want to update your fork on GitHub, use the following: ``$ git push origin master``" @@ -152,43 +188,43 @@ msgstr "If you are willing to contribute to our documentation this is the defini msgid "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." msgstr "In contrast to submitting code patches, there is no requirement that you open up a Phabricator_ task prior to submitting a Pull-Request to the documentation." -#: ../../documentation.rst:417 +#: ../../documentation.rst:75 msgid "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." msgstr "In the configuration part of the page, all possible configuration options should be documented. Use ``.. cfgcmd::`` described above." -#: ../../documentation.rst:50 +#: ../../documentation.rst:48 msgid "Indent with two spaces." msgstr "Indent with two spaces." -#: ../../documentation.rst:81 +#: ../../documentation.rst:386 msgid "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" msgstr "Install the requirements ``$ pip install -r requirements.txt`` (or something similar)" -#: ../../documentation.rst:49 +#: ../../documentation.rst:47 msgid "Leave a newline before and after a header." msgstr "Leave a newline before and after a header." -#: ../../documentation.rst:250 +#: ../../documentation.rst:227 msgid "Limit all lines to a maximum of 80 characters." msgstr "Limit all lines to a maximum of 80 characters." -#: ../../documentation.rst:248 +#: ../../documentation.rst:225 msgid "Line length" msgstr "Line length" -#: ../../documentation.rst:87 +#: ../../documentation.rst:392 msgid "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." msgstr "Make all your changes - please keep our commit rules in mind (:ref:`prepare_commit`). This mainly applies to proper commit messages describing your change (how and why). Please check out the documentation of Sphinx-doc_ or reStructuredText_ if you are not familiar with it. This is used for writing our docs. Additional directives how to write in RST can be obtained from reStructuredTextDirectives_." -#: ../../documentation.rst:242 +#: ../../documentation.rst:219 msgid "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" msgstr "Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``" -#: ../../documentation.rst:231 +#: ../../documentation.rst:208 msgid "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" msgstr "Note the following RFCs (:rfc:`5737`, :rfc:`3849`, :rfc:`5389` and :rfc:`7042`), which describe the reserved public IP addresses and autonomous system numbers for the documentation:" -#: ../../documentation.rst:118 +#: ../../documentation.rst:423 msgid "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" msgstr "Once pull requests have been approved, you may want to locally update your forked repository too. First you'll have to add a second remote called `upstream` which points to our main repository. ``$ git remote add upstream https://github.com/vyos/vyos-documentation.git``" @@ -200,39 +236,43 @@ msgstr "Operation mode commands that do not fit in a related configuration mode msgid "Operation mode pages" msgstr "Operation mode pages" -#: ../../documentation.rst:385 +#: ../../documentation.rst:56 msgid "Page content" msgstr "Page content" -#: ../../documentation.rst:244 +#: ../../documentation.rst:221 msgid "Please do not use other public address space." msgstr "Please do not use other public address space." -#: ../../documentation.rst:47 +#: ../../documentation.rst:101 +msgid "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." +msgstr "Practical examples of the service or use case configuration. They must contain topology maps (if applicable) and short descriptions." + +#: ../../documentation.rst:45 msgid "Properly quote commands, filenames and brief code snippets with double backticks." msgstr "Properly quote commands, filenames and brief code snippets with double backticks." -#: ../../documentation.rst:112 +#: ../../documentation.rst:417 msgid "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" msgstr "Push commits to your GitHub project: ``$ git push -u origin <branch-name>``" -#: ../../documentation.rst:420 +#: ../../documentation.rst:78 msgid "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." msgstr "Related operation command must be documented in the next part of the article. Use ``::opcmd..`` for these commands." -#: ../../documentation.rst:262 +#: ../../documentation.rst:239 msgid "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." msgstr "Sometimes it is necessary to provide real IP addresses like in the :ref:`examples`. For this, please use the sphinx comment syntax ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start." -#: ../../documentation.rst:147 +#: ../../documentation.rst:124 msgid "Style Guide" msgstr "Style Guide" -#: ../../documentation.rst:114 +#: ../../documentation.rst:419 msgid "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." msgstr "Submit pull-request. In GitHub visit the main repository and you should see a banner suggesting to make a pull request. Fill out the form and describe what you do." -#: ../../documentation.rst:153 +#: ../../documentation.rst:130 msgid "TOC Level" msgstr "TOC Level" @@ -240,7 +280,7 @@ msgstr "TOC Level" msgid "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." msgstr "Take a look at the :doc:`/documentation` page for an intricate explanation of the documentation process." -#: ../../documentation.rst:60 +#: ../../documentation.rst:365 msgid "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." msgstr "The Forking Workflow is fundamentally different from other popular Git workflows. Instead of using a single server-side repository to act as the \"central\" codebase, it gives every developer their own server-side repository. This means that each contributor has not one, but two Git repositories: a private local one and a public server-side one." @@ -248,7 +288,7 @@ msgstr "The Forking Workflow is fundamentally different from other popular Git w msgid "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." msgstr "The article starts with a short introduction about the command or the technology. Please include some helpful links or background information." -#: ../../documentation.rst:401 +#: ../../documentation.rst:66 msgid "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." msgstr "The configuration mode folder and the articles cover the specific level of the commands. The exact level depends on the command. This should provide stability for URLs used in the forum or blogpost." @@ -260,51 +300,59 @@ msgstr "The documentation has 3 different types of pages. The same kind of pages msgid "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." msgstr "The documentation source is kept in the Git repository at https://github.com/vyos/vyos-documentation and you can follow the instructions in the README.md_ to build and test your changes." -#: ../../documentation.rst:41 +#: ../../documentation.rst:39 msgid "The following is a quick summary of the rules:" msgstr "The following is a quick summary of the rules:" -#: ../../documentation.rst:66 +#: ../../documentation.rst:371 msgid "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." msgstr "The main advantage of the Forking Workflow is that contributions can be integrated without the need for everybody to push to a single central repository. Developers push to their own server-side repositories, and only the project maintainer can push to the official repository. This allows the maintainer to accept commits from any developer without giving them write access to the official codebase." -#: ../../documentation.rst:199 +#: ../../documentation.rst:176 msgid "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." msgstr "The plugin will warn on build if a headline has a duplicate name in the same document. To prevent this warning, you have to put a custom link on top of the headline." +#: ../../documentation.rst:86 +msgid "Theoretical information required for users to understand the next document sections:" +msgstr "Theoretical information required for users to understand the next document sections:" + #: ../../documentation.rst:35 msgid "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." msgstr "There are a few things to keep in mind when contributing to the documentation, for the sake of consistency and readability." -#: ../../documentation.rst:299 +#: ../../documentation.rst:107 +msgid "This section must contain a list of:" +msgstr "This section must contain a list of:" + +#: ../../documentation.rst:276 msgid "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." msgstr "To extract a defaultvalue from the XML definitions add a ``:defaultvalue:`` to ``.. cfgcmd::`` directive. To have this feature locally, the vyos-1x submodule must be initialized before. Please be aware to not update the submodule in your PR." -#: ../../documentation.rst:337 +#: ../../documentation.rst:314 msgid "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." msgstr "To minimize redundancy, there is a special include directive. It includes a txt file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value." -#: ../../documentation.rst:46 +#: ../../documentation.rst:44 msgid "Try not to exceed 80 characters per line, but don't break URLs over this." msgstr "Try not to exceed 80 characters per line, but don't break URLs over this." -#: ../../documentation.rst:241 +#: ../../documentation.rst:218 msgid "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" msgstr "Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``" -#: ../../documentation.rst:73 +#: ../../documentation.rst:378 msgid "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." msgstr "Updates to our documentation should be delivered by a GitHub pull-request. This requires you already have a GitHub account." -#: ../../documentation.rst:43 +#: ../../documentation.rst:41 msgid "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." msgstr "Use American English at all times. It's always a good idea to run your text through a grammar and spell checker, such as `Grammarly`_." -#: ../../documentation.rst:48 +#: ../../documentation.rst:46 msgid "Use literal blocks for longer snippets." msgstr "Use literal blocks for longer snippets." -#: ../../documentation.rst:99 +#: ../../documentation.rst:404 msgid "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." msgstr "View modified files by calling ``$ git status``. You will get an overview of all files modified by you. You can add individual files to the Git Index in the next step." @@ -312,35 +360,39 @@ msgstr "View modified files by calling ``$ git status``. You will get an overvie msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition, as well as PDF files for offline use through LaTeX. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +#: ../../documentation.rst:20 +msgid "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." +msgstr "VyOS documentation is written in reStructuredText and generated to Read the Docs pages with Sphinx, as per the Python tradition. We welcome all sorts of contributions to the documentation. Not just new additions but also corrections to existing documentation." + #: ../../documentation.rst:9 msgid "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." msgstr "We encourage every VyOS user to help us improve our documentation as we have a deficit like most software projects. This not only helps you when reading but also everyone else." -#: ../../documentation.rst:155 +#: ../../documentation.rst:132 msgid "We use the following syntax for Headlines." msgstr "We use the following syntax for Headlines." -#: ../../documentation.rst:277 +#: ../../documentation.rst:254 msgid "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." msgstr "When documenting CLI commands, use the ``.. cfgcmd::`` directive for all configuration mode commands. An explanation of the described command should be added below this statement. Replace all variable contents with <value> or something similar." -#: ../../documentation.rst:316 +#: ../../documentation.rst:293 msgid "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." msgstr "When documenting operational level commands, use the ``.. opcmd::`` directive. An explanation of the described command should be added below this statement." -#: ../../documentation.rst:51 +#: ../../documentation.rst:49 msgid "When in doubt, follow the style of existing documentation." msgstr "When in doubt, follow the style of existing documentation." -#: ../../documentation.rst:375 +#: ../../documentation.rst:352 msgid "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." msgstr "When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup command called ``vytask`` that automatically renders to a proper Phabricator URL. This is heavily used in the :ref:`release-notes` section." -#: ../../documentation.rst:319 +#: ../../documentation.rst:296 msgid "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it is possible to render them in a more descriptive way in the resulting HTML/PDF manual." -#: ../../documentation.rst:282 +#: ../../documentation.rst:259 msgid "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." msgstr "With those custom commands, it will be possible to render them in a more descriptive way in the resulting HTML/PDF manual." @@ -352,66 +404,98 @@ msgstr "Write Documentation" msgid "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." msgstr "You can either install Sphinx (and TeX Live for PDF output) and build the documentation locally, or use the Dockerfile_ to build it in a container." -#: ../../documentation.rst:133 +#: ../../documentation.rst:29 +msgid "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." +msgstr "You can either install Sphinx and build the documentation locally, or use the Dockerfile_ to build it in a container." + +#: ../../documentation.rst:438 msgid "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." msgstr "Your remote repo on Github is called ``origin``, while the original repo you have forked is called ``upstream``. Now you can locally update your forked repo." -#: ../../documentation.rst:235 +#: ../../documentation.rst:212 msgid "``192.0.2.0/24``" msgstr "``192.0.2.0/24``" -#: ../../documentation.rst:236 +#: ../../documentation.rst:213 msgid "``198.51.100.0/24``" msgstr "``198.51.100.0/24``" -#: ../../documentation.rst:238 +#: ../../documentation.rst:215 msgid "``2001:db8::/32``" msgstr "``2001:db8::/32``" -#: ../../documentation.rst:237 +#: ../../documentation.rst:214 msgid "``203.0.113.0/24``" msgstr "``203.0.113.0/24``" -#: ../../documentation.rst:194 +#: ../../documentation.rst:171 msgid "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" msgstr "``:ref:`Check out VLAN<configuration/interfaces/ethernet:vlan>``" -#: ../../documentation.rst:190 +#: ../../documentation.rst:167 msgid "``:ref:`configuration/interfaces/ethernet:vlan``" msgstr "``:ref:`configuration/interfaces/ethernet:vlan``" -#: ../../documentation.rst:407 +#: ../../documentation.rst:72 msgid "``set firewall zone`` is written in ``firewall/zone.rst``" msgstr "``set firewall zone`` is written in ``firewall/zone.rst``" -#: ../../documentation.rst:408 +#: ../../documentation.rst:73 msgid "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" msgstr "``set interfaces ethernet`` is written in ``interfaces/ethernet.rst``" -#: ../../documentation.rst:275 +#: ../../documentation.rst:88 +msgid "a simple explanation of what is this page about, why or when it is required to be used" +msgstr "a simple explanation of what is this page about, why or when it is required to be used" + +#: ../../documentation.rst:252 msgid "cfgcmd" msgstr "cfgcmd" -#: ../../documentation.rst:335 +#: ../../documentation.rst:312 msgid "cmdinclude" msgstr "cmdinclude" -#: ../../documentation.rst:197 +#: ../../documentation.rst:174 msgid "handle build errors" msgstr "handle build errors" -#: ../../documentation.rst:314 +#: ../../documentation.rst:117 +msgid "how to collect logs or other debugging information (like `show` commands output)" +msgstr "how to collect logs or other debugging information (like `show` commands output)" + +#: ../../documentation.rst:118 +msgid "how to read and what to search for in logs and collected information" +msgstr "how to read and what to search for in logs and collected information" + +#: ../../documentation.rst:109 +msgid "known issues or potential problems for the service or use case" +msgstr "known issues or potential problems for the service or use case" + +#: ../../documentation.rst:291 msgid "opcmd" msgstr "opcmd" -#: ../../documentation.rst:346 +#: ../../documentation.rst:89 +msgid "references to standards, RFCs" +msgstr "references to standards, RFCs" + +#: ../../documentation.rst:323 msgid "the content of interface-address.txt looks like this" msgstr "the content of interface-address.txt looks like this" -#: ../../documentation.rst:192 +#: ../../documentation.rst:169 msgid "to use an alternative hyperlink use it this way:" msgstr "to use an alternative hyperlink use it this way:" -#: ../../documentation.rst:373 +#: ../../documentation.rst:350 msgid "vytask" msgstr "vytask" + +#: ../../documentation.rst:119 +msgid "what are indicators of good and bad states in debugging outputs" +msgstr "what are indicators of good and bad states in debugging outputs" + +#: ../../documentation.rst:110 +msgid "workarounds for known issues (if any exist)" +msgstr "workarounds for known issues (if any exist)" diff --git a/docs/_locale/uk/installation.pot b/docs/_locale/uk/installation.pot index 4cf97525..ccb6a115 100644 --- a/docs/_locale/uk/installation.pot +++ b/docs/_locale/uk/installation.pot @@ -212,6 +212,10 @@ msgstr "Add one or more routes for networks you want to pass through the VyOS VM msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skeep this step." +#: ../../installation/cloud/aws.rst:27 +msgid "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." +msgstr "Additional storage. You can remove additional storage ``/dev/sdb``. First root device will be ``/dev/xvda``. You can skip this step." + #: ../../installation/vyos-on-baremetal.rst:394 msgid "Advanced > Serial Port Console Redirection > Console Redirection Settings:" msgstr "Advanced > Serial Port Console Redirection > Console Redirection Settings:" @@ -465,6 +469,10 @@ msgstr "Clients (where VyOS is to be installed) with a PXE-enabled NIC" msgid "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." msgstr "CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +#: ../../installation/cloud/aws.rst:88 +msgid "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." +msgstr "CloudWatchAgentServerRole is too permissive and should be used for single configuration creation and deployment. That's why after completion of step #3 highly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole." + #: ../../installation/cloud/aws.rst:82 msgid "CloudWatch SSM Configuration creation" msgstr "CloudWatch SSM Configuration creation" @@ -1303,6 +1311,10 @@ msgstr "Requirements" msgid "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." msgstr "Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +#: ../../installation/cloud/aws.rst:69 +msgid "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." +msgstr "Retrieve an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store." + #: ../../installation/install.rst:74 msgid "Rolling Release" msgstr "Rolling Release" diff --git a/docs/_locale/uk/quick-start.pot b/docs/_locale/uk/quick-start.pot index dd040c21..ae9fdc6a 100644 --- a/docs/_locale/uk/quick-start.pot +++ b/docs/_locale/uk/quick-start.pot @@ -101,6 +101,10 @@ msgid "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAG msgstr "Configure a rule on the ``input`` hook filter to jump to the ``VyOS_MANAGEMENT`` chain when new connections are addressed to port 22 (SSH) on the router itself:" #: ../../quick-start.rst:243 +msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." +msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicitly allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." + +#: ../../quick-start.rst:243 msgid "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." msgstr "Create a new chain (``OUTSIDE-IN``) which will drop all traffic that is not explicity allowed at some point in the chain. Then, we can jump to that chain from the ``forward`` hook when traffic is coming from the ``WAN`` interface group and is addressed to our local network." @@ -292,6 +296,10 @@ msgstr "To make firewall configuration easier, we can create groups of interface msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be avaluated before any other rule defined in the firewall." +#: ../../quick-start.rst:164 +msgid "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." +msgstr "Using options defined in ``set firewall global-options state-policy``, state policy rules that applies for both IPv4 and IPv6 are created. These global state policies also applies for all traffic that passes through the router (transit) and for traffic originated/destinated to/from the router itself, and will be evaluated before any other rule defined in the firewall." + #: ../../quick-start.rst:90 msgid "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" msgstr "VyOS will serve as a full DNS recursor, replacing the need to utilize Google, Cloudflare, or other public DNS servers (which is good for privacy)" |