diff options
| author | Christian Poessinger <christian@poessinger.com> | 2019-11-28 21:41:32 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2019-11-28 21:41:32 +0100 |
| commit | 269023845a5dcd936d406fbe1edc2edd45262a24 (patch) | |
| tree | 52787b010fff5e7090f9e4c9c36554851d7b3259 /docs/services/conntrack.rst | |
| parent | 03eaf80e6fb39a3bf76ae996b0c12c041c11a6a3 (diff) | |
| download | vyos-documentation-269023845a5dcd936d406fbe1edc2edd45262a24.tar.gz vyos-documentation-269023845a5dcd936d406fbe1edc2edd45262a24.zip | |
Refactor "code-block:: console" to "code-block:: none"
Diffstat (limited to 'docs/services/conntrack.rst')
| -rw-r--r-- | docs/services/conntrack.rst | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/docs/services/conntrack.rst b/docs/services/conntrack.rst index e949e909..0ee6eb16 100644 --- a/docs/services/conntrack.rst +++ b/docs/services/conntrack.rst @@ -27,7 +27,7 @@ will be mandatorily defragmented. Configuration ^^^^^^^^^^^^^ -.. code-block:: console +.. code-block:: none # Protocols only for which local conntrack entries will be synced (tcp, udp, icmp, sctp) set service conntrack-sync accept-protocol @@ -69,20 +69,20 @@ The next exemple is a simple configuration of conntrack-sync. First of all, make sure conntrack is enabled by running -.. code-block:: console +.. code-block:: none show conntrack table ipv4 If the table is empty and you have a warning message, it means conntrack is not enabled. To enable conntrack, just create a NAT or a firewall rule. -.. code-block:: console +.. code-block:: none set firewall state-policy established action accept You now should have a conntrack table -.. code-block:: console +.. code-block:: none $ show conntrack table ipv4 TCP state codes: SS - SYN SENT, SR - SYN RECEIVED, ES - ESTABLISHED, @@ -99,7 +99,7 @@ You now should have a conntrack table Now configure conntrack-sync service on ``router1`` **and** ``router2`` -.. code-block:: console +.. code-block:: none set service conntrack-sync accept-protocol 'tcp,udp,icmp' set service conntrack-sync event-listen-queue-size '8' @@ -110,7 +110,7 @@ Now configure conntrack-sync service on ``router1`` **and** ``router2`` If you are using VRRP, you need to define a VRRP sync-group, and use ``vrrp sync-group`` instead of ``cluster group``. -.. code-block:: console +.. code-block:: none set high-availablilty vrrp group internal virtual-address ... etc ... set high-availability vrrp sync-group syncgrp member 'internal' @@ -123,7 +123,7 @@ the external-cache of the standby router On active router run: -.. code-block:: console +.. code-block:: none $ show conntrack-sync statistics |