diff options
-rw-r--r-- | docs/configuration/protocols/bgp.rst | 14 | ||||
-rw-r--r-- | docs/configuration/protocols/static.rst | 6 | ||||
-rw-r--r-- | docs/installation/install.rst | 24 | ||||
-rw-r--r-- | docs/installation/virtual/gns3.rst | 6 | ||||
-rw-r--r-- | docs/installation/virtual/vmware.rst | 33 |
5 files changed, 55 insertions, 28 deletions
diff --git a/docs/configuration/protocols/bgp.rst b/docs/configuration/protocols/bgp.rst index f0550fd4..889ab2fa 100644 --- a/docs/configuration/protocols/bgp.rst +++ b/docs/configuration/protocols/bgp.rst @@ -1,3 +1,5 @@ +:lastproofread: 2021-07-24 + .. _routing-bgp: Border Gateway Protocol (BGP) @@ -114,8 +116,10 @@ Route filter can be applied using a route-map: set policy route-map AS65535-OUT rule 10 match ip address prefix-list 'AS65535-OUT' set policy route-map AS65535-OUT rule 10 match ipv6 address prefix-list 'AS65535-OUT' set policy route-map AS65535-OUT rule 20 action 'permit' - set protocols bgp 65534 neighbor 2001:db8::2 route-map export 'AS65535-OUT' - set protocols bgp 65534 neighbor 2001:db8::2 route-map import 'AS65535-IN' + set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv6-unicast route-map export 'AS65535-OUT' + set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv6-unicast route-map import 'AS65535-IN' + set protocols bgp 65534 neighbor 192.168.0.2 address-family ipv4-unicast route-map export 'AS65535-OUT' + set protocols bgp 65534 neighbor 192.168.0.2 address-family ipv4-unicast route-map import 'AS65535-IN' **Node2:** @@ -137,8 +141,10 @@ Route filter can be applied using a route-map: set policy route-map AS65534-OUT rule 10 match ip address prefix-list 'AS65534-OUT' set policy route-map AS65534-OUT rule 10 match ipv6 address prefix-list 'AS65534-OUT' set policy route-map AS65534-OUT rule 20 action 'permit' - set protocols bgp 65535 neighbor 2001:db8::1 route-map export 'AS65534-OUT' - set protocols bgp 65535 neighbor 2001:db8::1 route-map import 'AS65534-IN' + set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv6-unicast route-map export 'AS65534-OUT' + set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv6-unicast route-map import 'AS65534-IN' + set protocols bgp 65535 neighbor 192.168.0.1 address-family ipv4-unicast route-map export 'AS65534-OUT' + set protocols bgp 65535 neighbor 192.168.0.1 address-family ipv4-unicast route-map import 'AS65534-IN' We could expand on this and also deny link local and multicast in the rule 20 action deny. diff --git a/docs/configuration/protocols/static.rst b/docs/configuration/protocols/static.rst index 8415981b..3135e3d0 100644 --- a/docs/configuration/protocols/static.rst +++ b/docs/configuration/protocols/static.rst @@ -1,3 +1,5 @@ +:lastproofread: 2021-07-24 + .. _routing-static: ###### @@ -50,7 +52,7 @@ display arp table entries .. code-block:: none - show protocols static arp + show arp Address HWtype HWaddress Flags Mask Iface 10.1.1.1 ether 08:00:27:de:23:2e C eth1 @@ -58,7 +60,7 @@ display arp table entries .. code-block:: none - show protocols static arp interface eth1 + show arp interface eth1 Address HWtype HWaddress Flags Mask Iface 10.1.1.1 ether 08:00:27:de:23:2e C eth1 10.1.1.100 ether 08:00:27:de:23:aa CM eth1 diff --git a/docs/installation/install.rst b/docs/installation/install.rst index 8b567752..22a5d8da 100644 --- a/docs/installation/install.rst +++ b/docs/installation/install.rst @@ -1,3 +1,5 @@ +:lastproofread: 2021-07-24 + .. _installation: ############ @@ -62,7 +64,7 @@ LTS images are signed by VyOS lead package-maintainer private key. With the official public key, the authenticity of the package can be verified. :abbr:`GPG (GNU Privacy Guard)` is used for verification. -.. note:: This subsection only applies e applies to LTS images, for +.. note:: This subsection only applies to LTS images, for Rolling images please jump to :ref:`live_installation`. Preparing for the verification @@ -185,12 +187,12 @@ Live installation .. note:: A permanent VyOS installation always requires to go first through a live installation. -VyOS, as other GNU+Linux distributions, can be tasted without installing +VyOS, as other GNU+Linux distributions, can be tested without installing it in your hard drive. **With your downloaded VyOS .iso file you can create a bootable USB drive that will let you boot into a fully functional VyOS system**. Once you have tested it, you can either decide to begin a :ref:`permanent_installation` in your hard drive or power -your system off, remove the USB drive, and leave everythng as it was. +your system off, remove the USB drive, and leave everything as it was. If you have a GNU+Linux system, you can create your VyOS bootable USB @@ -252,7 +254,7 @@ Permanent installation Unlike general purpose Linux distributions, VyOS uses "image installation" that mimics the user experience of traditional hardware routers and allows keeping multiple VyOS versions installed simultaneously. This makes it possible to -switch to a previous version if something breaks or miss-behaves after an image +switch to a previous version if something breaks or misbehaves after an image upgrade. Every version is contained in its own squashfs image that is mounted in a union @@ -325,7 +327,7 @@ In order to proceed with a permanent installation: Done! - 3. After the installation is complete, remove the live USB stick or + 3. After the installation is completed, remove the live USB stick or CD. 4. Reboot the system. @@ -496,17 +498,19 @@ This is a list of known issues that can arise during installation. Black screen on install ----------------------- -GRUB attempts to redirect all output to a serial port for ease of installation on headless hosts. -This appears to cause an hard lockup on some hardware that lacks a serial port, with the result being a -black screen after selecting the `Live system` option from the installation image. +GRUB attempts to redirect all output to a serial port for ease of installation +on headless hosts. This appears to cause a hard lockup on some hardware that +lacks a serial port, with the result being a black screen after selecting the +`Live system` option from the installation image. -The workaround is to type `e` when the boot menu appears and edit the GRUB boot options. Specifically, remove the: +The workaround is to type `e` when the boot menu appears and edit the GRUB boot +options. Specifically, remove the: `console=ttyS0,115200` option, and type CTRL-X to boot. -Installation can then continue as outlined above. +Installation can be continued as outlined above. .. _SYSLINUX: http://www.syslinux.org/ .. _balenaEtcher: https://www.balena.io/etcher/ diff --git a/docs/installation/virtual/gns3.rst b/docs/installation/virtual/gns3.rst index 45e2633c..b601a49f 100644 --- a/docs/installation/virtual/gns3.rst +++ b/docs/installation/virtual/gns3.rst @@ -1,3 +1,5 @@ +:lastproofread: 2021-07-24 + .. _vyos-on-gns3: VyOS on GNS3 @@ -29,7 +31,7 @@ VM setup First, a virtual machine (VM) for the VyOS installation must be created in GNS3. -Go to the GNS3 **File** menu, click **New template** and choose select +Go to the GNS3 **File** menu, click **New template** and select **Manually create a new Template**. .. figure:: /_static/images/gns3-01.png @@ -101,7 +103,7 @@ you want to install. .. figure:: /_static/images/gns3-14.png -.. note:: You probably will want to accept to copy the .iso file to your +.. note:: You will probably want to accept, to copy the .iso file to your default image directory when you are asked. In the **Network** tab, set **0** as the number of adapters, set the diff --git a/docs/installation/virtual/vmware.rst b/docs/installation/virtual/vmware.rst index 6feb95ba..8f201920 100644 --- a/docs/installation/virtual/vmware.rst +++ b/docs/installation/virtual/vmware.rst @@ -1,3 +1,5 @@ +:lastproofread: 2021-07-24
+
.. _vyosonvmware:
Running on VMWare ESXi
@@ -6,20 +8,31 @@ Running on VMWare ESXi ESXi 5.5 or later
*****************
-.ova files are available for supporting users, and a VyOS can also be stood up using a generic Linux instance, and attaching the bootable ISO file and installing from the ISO
-using the normal process around `install image`.
+.ova files are available for supporting users, and a VyOS can also be stood up
+using a generic Linux instance, and attaching the bootable ISO file and
+installing from the ISO using the normal process around `install image`.
-.. NOTE:: There have been previous documented issues with GRE/IPSEC tunneling using the E1000 adapter on the VyOS guest, and use of the VMXNET3 has been advised.
+.. NOTE:: There have been previous documented issues with GRE/IPSEC tunneling
+ using the E1000 adapter on the VyOS guest, and use of the VMXNET3 has been
+ advised.
Memory Contention Considerations
--------------------------------
-When the underlying ESXi host is approaching ~92% memory utilisation it will start the balloon process in s a 'soft' state to start reclaiming memory from guest operating systems.
-This causes an artifical pressure using the vmmemctl driver on memory usage on the virtual guest. As VyOS by default does not have a swap file, this vmmemctl pressure is unable to
-force processes to move in memory data to the paging file, and blindly consumes memory forcing the virtual guest into a low memory state with no way to escape. The balloon can expand to 65% of
-guest allocated memory, so a VyOS guest running >35% of memory usage, can encounter an out of memory situation, and trigger the kernel oom_kill process. At this point a weighted
-lottery favouring memory hungry processes will be run with the unlucky winner being terminated by the kernel.
-
-It is advised that VyOS routers are configured in a resource group with adequate memory reservations so that ballooning is not inflicted on virtual VyOS guests.
+When the underlying ESXi host is approaching ~92% memory utilisation it will
+start the balloon process in a 'soft' state to start reclaiming memory from
+guest operating systems. This causes an artifical pressure using the vmmemctl
+driver on memory usage on the virtual guest. As VyOS by default does not have
+a swap file, this vmmemctl pressure is unable to force processes to move in
+memory data to the paging file, and blindly consumes memory forcing the
+virtual guest into a low memory state with no way to escape. The balloon can
+expand to 65% of guest allocated memory, so a VyOS guest running >35% of
+memory usage, can encounter an out of memory situation, and trigger the kernel
+oom_kill process. At this point a weighted lottery favouring memory hungry
+processes will be run with the unlucky winner being terminated by the kernel.
+
+It is advised that VyOS routers are configured in a resource group with
+adequate memory reservations so that ballooning is not inflicted on virtual
+VyOS guests.
|