Merge branch 'master' into sr-mpls-correction

4 files changed, 74 insertions, 4 deletions

diff --git a/docs/configuration/service/dns.rst b/docs/configuration/service/dns.rst
index 4315b6dc..5fe408f1 100644
--- a/docs/configuration/service/dns.rst
+++ b/docs/configuration/service/dns.rst
@@ -25,10 +25,11 @@ avoid being tracked by the provider of your upstream DNS server.
 
    Interfaces whose DHCP client nameservers to forward requests to.
 
-.. cfgcmd:: set service dns forwarding name-server <address>
+.. cfgcmd:: set service dns forwarding name-server <address> port <port>
 
-   Send all DNS queries to the IPv4/IPv6 DNS server specified under `<address>`.
-   You can configure multiple nameservers here.
+   Send all DNS queries to the IPv4/IPv6 DNS server specified under `<address>`
+   on optional port specified under `<port>`. The port defaults to 53. You can
+   configure multiple nameservers here.
 
 .. cfgcmd:: set service dns forwarding domain <domain-name> server <address>
 
@@ -167,8 +168,10 @@ In this scenario:
   set service dns forwarding domain example.com server 2001:db8:cafe::1
   set service dns forwarding name-server 192.0.2.1
   set service dns forwarding name-server 192.0.2.2
+  set service dns forwarding name-server 192.0.2.3 port 853
   set service dns forwarding name-server 2001:db8::1:ffff
   set service dns forwarding name-server 2001:db8::2:ffff
+  set service dns forwarding name-server 2001:db8::3:ffff port 8053
   set service dns forwarding listen-address 192.168.1.254
   set service dns forwarding listen-address 2001:db8::ffff
   set service dns forwarding allow-from 192.168.1.0/24
diff --git a/docs/configuration/service/ntp.rst b/docs/configuration/service/ntp.rst
index 5b718c4f..08be047c 100644
--- a/docs/configuration/service/ntp.rst
+++ b/docs/configuration/service/ntp.rst
@@ -50,13 +50,16 @@ Configuration
    * ``1.pool.ntp.org``
    * ``2.pool.ntp.org``
 
-.. cfgcmd:: set service ntp server <address> <noselect | pool | prefer>
+.. cfgcmd:: set service ntp server <address> <noselect | nts | pool | prefer>
 
    Configure one or more attributes to the given NTP server.
 
    * ``noselect`` marks the server as unused, except for display purposes. The
      server is discarded by the selection algorithm.
 
+   * ``nts`` enables Network Time Security (NTS) for the server as specified 
+     in :rfc:`8915`
+
    * ``pool`` mobilizes persistent client mode association with a number of
      remote servers.
 
diff --git a/docs/configuration/system/index.rst b/docs/configuration/system/index.rst
index 4df787a9..23edaa3f 100644
--- a/docs/configuration/system/index.rst
+++ b/docs/configuration/system/index.rst
@@ -19,6 +19,7 @@ System
    name-server
    option
    proxy
+   sflow
    syslog
    sysctl
    task-scheduler
diff --git a/docs/configuration/system/sflow.rst b/docs/configuration/system/sflow.rst
new file mode 100644
index 00000000..b131d8a9
--- /dev/null
+++ b/docs/configuration/system/sflow.rst
@@ -0,0 +1,63 @@
+.. _ntp:
+
+#####
+sFlow
+#####
+
+VyOS supports sFlow accounting for both IPv4 and IPv6 traffic. The system acts as a flow exporter, and you are free to use it with any compatible collector.
+
+sFlow is a technology that enables monitoring of network traffic by sending sampled packets to a collector device.
+
+The sFlow accounting based on hsflowd https://sflow.net/
+
+Configuration
+=============
+
+.. cfgcmd:: set system sflow agent-address <address>
+
+   Configure sFlow agent IPv4 or IPv6 address
+
+
+.. cfgcmd:: set system sflow agent-interface <interface>
+
+   Configure agent IP address associated with this interface.
+
+
+.. cfgcmd:: set system sflow drop-monitor-limit <limit>
+
+   Dropped packets reported on DROPMON Netlink channel by Linux kernel are exported via the standard sFlow v5 extension for reporting dropped packets
+
+.. cfgcmd:: set system sflow interface <interface>
+
+   Configure and enable collection of flow information for the interface identified by <interface>.
+
+   You can configure multiple interfaces which whould participate in sflow accounting.
+
+
+.. cfgcmd:: set system sflow polling <sec>
+
+   Configure schedule counter-polling in seconds (default: 30)
+
+.. cfgcmd:: set system sflow sampling-rate <rate>
+
+   Use this command to configure the sampling rate for sFlow accounting (default: 1000)
+
+.. cfgcmd:: set system sflow server <address> port <port>
+
+   Configure address of sFlow collector. sFlow server at <address> can be both listening on an IPv4 or IPv6 address.
+
+
+Example
+=======
+
+.. code-block:: none
+
+  set system sflow agent-address '192.0.2.14'
+  set system sflow agent-interface 'eth0'
+  set system sflow drop-monitor-limit '50'
+  set system sflow interface 'eth0'
+  set system sflow interface 'eth1'
+  set system sflow polling '30'
+  set system sflow sampling-rate '1000'
+  set system sflow server 192.0.2.1 port '6343'
+  set system sflow server 203.0.113.23 port '6343'