diff options
Diffstat (limited to 'docs/appendix')
-rw-r--r-- | docs/appendix/commandtree/configmode.rst | 62 | ||||
-rw-r--r-- | docs/appendix/commandtree/operationmode.rst | 58 | ||||
-rw-r--r-- | docs/appendix/examples/azure-vpn-bgp.rst | 16 | ||||
-rw-r--r-- | docs/appendix/examples/azure-vpn-dual-bgp.rst | 16 | ||||
-rw-r--r-- | docs/appendix/examples/bgp-ipv6-unnumbered.rst | 20 | ||||
-rw-r--r-- | docs/appendix/examples/dmvpn.rst | 6 | ||||
-rw-r--r-- | docs/appendix/examples/ospf-unnumbered.rst | 12 | ||||
-rw-r--r-- | docs/appendix/examples/tunnelbroker-ipv6.rst | 12 | ||||
-rw-r--r-- | docs/appendix/examples/zone-policy.rst | 22 | ||||
-rw-r--r-- | docs/appendix/migrate-from-vyatta.rst | 6 | ||||
-rw-r--r-- | docs/appendix/troubleshooting.rst | 34 | ||||
-rw-r--r-- | docs/appendix/vyos-on-baremetal.rst | 12 |
12 files changed, 138 insertions, 138 deletions
diff --git a/docs/appendix/commandtree/configmode.rst b/docs/appendix/commandtree/configmode.rst index abb20f98..2eaa96fc 100644 --- a/docs/appendix/commandtree/configmode.rst +++ b/docs/appendix/commandtree/configmode.rst @@ -3,7 +3,7 @@ Configuration mode ------------------ -.. code-block:: sh +.. code-block:: console confirm Confirm prior commit-confirm comment Add comment to this configuration element @@ -39,21 +39,21 @@ The command cannot be used at the top of the configuration hierarchy, only on su To add a comment to a section, while being already at the proper section level: -.. code-block:: sh +.. code-block:: console [edit <section>] vyos@vyos# comment "Type Comment Here" To add a comment directly to a section, from the top or a higher section: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# comment <section> "Type Comment Here" To remove a comment, add a blank comment to overwrite: -.. code-block:: sh +.. code-block:: console [edit <section>] vyos@vyos# comment "" @@ -63,7 +63,7 @@ Examples To add a comment to the "interfaces" section: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# edit interfaces @@ -74,7 +74,7 @@ To add a comment to the "interfaces" section: The comment would then appear like this: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# show @@ -86,7 +86,7 @@ The comment would then appear like this: An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the ``show interfaces`` command would return starting after the "interfaces {" line, hiding the comment: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# show interfaces @@ -96,7 +96,7 @@ An important thing to note is that since the comment is added on top of the sect To add a comment to the interfaces section from the top: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# comment interfaces "test" @@ -104,7 +104,7 @@ To add a comment to the interfaces section from the top: The comment can be added to any node that already exists, even if it's multiple levels lower: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# comment interfaces ethernet eth0 vif 222 address "Far down comment" @@ -119,7 +119,7 @@ To discard the changes without committing, use the ``discard`` command. The ``co The confirm keyword can be added, see ``commit-confirm``. A comment can be entered, it will appear in the commit log. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# commit @@ -134,7 +134,7 @@ The ``commit-confirm`` command commits the proposed changes to the configuration If the ``confirm`` command is not entered before the timer expiration, the configuration will be rolled back and VyOS will reboot. The default timer value is 10 minutes, but a custom value can be entered. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# commit-confirm @@ -149,7 +149,7 @@ Compare VyOS maintains backups of previous configurations. To compare configuration revisions in configuration mode, use the compare command: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# compare @@ -178,7 +178,7 @@ The ``copy`` command allows you to copy a configuration object. Copy the configuration entrys from a firewall name WAN rule 1 to rule 2. -.. code-block:: sh +.. code-block:: console [edit firewall name WAN] vyos@vyos# show @@ -212,7 +212,7 @@ The ``delte`` command is to delete a configuration entry. This Example delete the hole ``service tftp-server`` section. -.. code-block:: sh +.. code-block:: console delete service tftp-server @@ -221,7 +221,7 @@ Discard The ``discard`` command removes all pending configuration changes. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# discard @@ -235,7 +235,7 @@ The ``edit`` command allows you to navigate down into the configuration tree. To get back to an upper level, use the ``up`` command or use the ``top`` command to get back to the upper most level. The ``[edit]`` text displays where the user is located in the configuration tree. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# edit interfaces @@ -255,7 +255,7 @@ The ``exit`` command doesn't save the configuration, only the ``save`` command d Exiting from a configuration level: -.. code-block:: sh +.. code-block:: console [edit interfaces ethernet eth0] vyos@vyos# exit @@ -264,7 +264,7 @@ Exiting from a configuration level: Exiting from configuration mode: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# exit @@ -273,14 +273,14 @@ Exiting from configuration mode: Exiting from operational mode: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ exit logout Error message when trying to exit with uncommitted changes: -.. code-block:: sh +.. code-block:: console vyos@vyos# exit Cannot exit: configuration modified. @@ -291,7 +291,7 @@ Error message when trying to exit with uncommitted changes: Warning message when exiting with unsaved changes: -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# exit @@ -304,7 +304,7 @@ Load The ``load`` command load a configuration from a local or remote file. You have to be use ``commit`` to make the change active -.. code-block:: sh +.. code-block:: console <Enter> Load from system config file <file> Load from file on local machine @@ -316,7 +316,7 @@ The ``load`` command load a configuration from a local or remote file. You have tftp://<host>/<file> Load from file on remote machine -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# load @@ -330,7 +330,7 @@ Loadkey Copies the content of a public key to the ~/.ssh/authorized_keys file. -.. code-block:: sh +.. code-block:: console loadkey <username> [tab] @@ -348,7 +348,7 @@ The ``merge`` command merge the config from a local or remote file with the runn In the example below exist a ``default-firewall.config`` file with some common firewall rules you saved earlier. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# show firewall @@ -392,7 +392,7 @@ The ``rename`` command allows you to rename or move a configuration object. See here how to move the configuration entrys from vlanid 3 to 2 -.. code-block:: sh +.. code-block:: console [edit interfaces ethernet eth1] vyos@vyos# show @@ -427,7 +427,7 @@ Rollback You can ``rollback`` configuration using the rollback command, however this command will currently trigger a system reboot. Use the compare command to verify the configuration you want to rollback to. -.. code-block:: sh +.. code-block:: console vyos@vyos# compare 1 [edit system] @@ -447,7 +447,7 @@ Run The ``run`` command allows you to execute any operational mode commands without exiting the configuration session. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# run show interfaces @@ -462,7 +462,7 @@ Save The ``save`` command saves the current configuration to non-volatile storage. VyOS also supports saving and loading configuration remotely using SCP, FTP, or TFTP. -.. code-block:: sh +.. code-block:: console <Enter> Save to system config file <file> Save to file on local machine @@ -476,7 +476,7 @@ Set The ``set`` command create all configuration entrys -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# set protocols static route 0.0.0.0/0 next-hop 192.168.1.1 @@ -488,7 +488,7 @@ The ``show`` command in the configuration mode displays the configuration and sh Show the hole config, the address and description of eth1 is moving to vlan 2 if you commit the changes. -.. code-block:: sh +.. code-block:: console [edit] vyos@vyos# show diff --git a/docs/appendix/commandtree/operationmode.rst b/docs/appendix/commandtree/operationmode.rst index 487df032..96c7a631 100644 --- a/docs/appendix/commandtree/operationmode.rst +++ b/docs/appendix/commandtree/operationmode.rst @@ -8,7 +8,7 @@ After this is the first view after the login. Please see :ref:`cli` for navigation in the CLI -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ [tab] @@ -44,7 +44,7 @@ Please see :ref:`cli` for navigation in the CLI Add ^^^ -.. code-block:: sh +.. code-block:: console raid Add a RAID set element system Add an item to a system facility @@ -52,7 +52,7 @@ Add Clear ^^^^^ -.. code-block:: sh +.. code-block:: console console Clear screen firewall Clear firewall statistics @@ -69,13 +69,13 @@ Clone The ``clone`` command allows you to clone a configuration from a system image to another one, or from the running config to another system image. To clone the running config to a system image: -.. code-block:: sh +.. code-block:: console clone system config <system-image> from running To clone from system image A to system image B: -.. code-block:: sh +.. code-block:: console clone system config <system-image-B> from <system-image-A> @@ -85,7 +85,7 @@ Configure The ``configure`` command allows you to enter configuration mode. -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ configure [edit] @@ -97,7 +97,7 @@ Connect The ``connect`` command allows you to bring up a connection oriented interface, like a pppoe interface. -.. code-block:: sh +.. code-block:: console connect interface <interface> @@ -108,7 +108,7 @@ The ``copy`` command allows you to copy a file to your running config or over im It can look like this example: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ copy file [tab] Possible completions: @@ -127,7 +127,7 @@ It can look like this example: To copy from file A to file B: -.. code-block:: sh +.. code-block:: console copy <file A> to <file B> @@ -135,7 +135,7 @@ To copy from file A to file B: Delete ^^^^^^ -.. code-block:: sh +.. code-block:: console conntrack Delete Conntrack entries file Delete files in a particular image @@ -149,14 +149,14 @@ Disconnect The ``disconnect`` command allows you to take down a connection oriented interface, like a pppoe interface. -.. code-block:: sh +.. code-block:: console disconnect interface <interface> Force ^^^^^ -.. code-block:: sh +.. code-block:: console arp Send gratuitous ARP request or reply cluster Force a cluster state transition @@ -167,14 +167,14 @@ Format The ``format`` command allows you to format a disk the same way as another one. -.. code-block:: sh +.. code-block:: console format disk <target> like <source> Generate ^^^^^^^^ -.. code-block:: sh +.. code-block:: console openvpn OpenVPN key generation tool ssh-server-key @@ -188,7 +188,7 @@ Install The ``install`` command allows you to install the system image on the disk. -.. code-block:: sh +.. code-block:: console install image @@ -198,7 +198,7 @@ Monitor ``monitor`` can be used to continually view what is happening on the router. -.. code-block:: sh +.. code-block:: console bandwidth Monitor interface bandwidth in real time bandwidth-test @@ -232,7 +232,7 @@ Ping The ``ping`` command allows you to send an ICMP-EchoRequest packet and display the ICMP-EchoReply received. -.. code-block:: sh +.. code-block:: console <hostname> Send Internet Control Message Protocol (ICMP) echo request <x.x.x.x> @@ -244,7 +244,7 @@ Poweroff The ``poweroff`` command allows you to properly shut down the VyOS instance. Without any modifier, the command is executed immediately. -.. code-block:: sh +.. code-block:: console <Enter> Execute the current command at Poweroff at a specific time @@ -256,7 +256,7 @@ Reboot ^^^^^^ The ``reboot`` command allows you to properly restart the VyOS instance. Without any modifier, the command is executed immediately. -.. code-block:: sh +.. code-block:: console <Enter> Execute the current command at Poweroff at a specific time @@ -269,7 +269,7 @@ Release The ``release`` command allows you to release a DHCP or DHCPv6 lease. -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ release dhcp interface <int> vyos@vyos:~$ release dhcpv6 interface <int> @@ -280,7 +280,7 @@ Rename The ``rename`` command allows you to rename a system image. -.. code-block:: sh +.. code-block:: console rename system image <currentname> <newname> @@ -290,7 +290,7 @@ Renew The ``renew`` command allows you to renew a DHCP or DHCPv6 lease. -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ renew dhcp interface <int> vyos@vyos:~$ renew dhcpv6 interface <int> @@ -298,7 +298,7 @@ The ``renew`` command allows you to renew a DHCP or DHCPv6 lease. Reset ^^^^^ -.. code-block:: sh +.. code-block:: console conntrack Reset all currently tracked connections conntrack-sync @@ -315,7 +315,7 @@ Reset Restart ^^^^^^^ -.. code-block:: sh +.. code-block:: console cluster Restart cluster node conntrack-sync @@ -335,7 +335,7 @@ Restart Set ^^^ -.. code-block:: sh +.. code-block:: console <OPTION> Bash builtin set command console Control console behaviors @@ -346,7 +346,7 @@ Set Show ^^^^ -.. code-block:: sh +.. code-block:: console arp Show Address Resolution Protocol (ARP) information bridge Show bridging information @@ -410,7 +410,7 @@ In the past the ``telnet`` command allowed you to connect remotely to another de Telnet is unencrypted and should not use anymore. But its nice to test if an TCP Port to a host is open. -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ telnet 192.168.1.3 443 Trying 192.168.1.3... @@ -426,7 +426,7 @@ Traceroute The ``traceroute`` command allows you to trace the path taken to a particular device. -.. code-block:: sh +.. code-block:: console <hostname> Track network path to specified node <x.x.x.x> @@ -438,7 +438,7 @@ The ``traceroute`` command allows you to trace the path taken to a particular de Update ^^^^^^ -.. code-block:: sh +.. code-block:: console dns Update DNS information webproxy Update webproxy
\ No newline at end of file diff --git a/docs/appendix/examples/azure-vpn-bgp.rst b/docs/appendix/examples/azure-vpn-bgp.rst index 818817ae..896f43d4 100644 --- a/docs/appendix/examples/azure-vpn-bgp.rst +++ b/docs/appendix/examples/azure-vpn-bgp.rst @@ -52,7 +52,7 @@ Vyos configuration - Configure the IKE and ESP settings to match a subset of those supported by Azure: -.. code-block:: sh +.. code-block:: console set vpn ipsec esp-group AZURE compression 'disable' set vpn ipsec esp-group AZURE lifetime '3600' @@ -73,26 +73,26 @@ Vyos configuration - Enable IPsec on eth0 -.. code-block:: sh +.. code-block:: console set vpn ipsec ipsec-interfaces interface 'eth0' - Configure a VTI with a dummy IP address -.. code-block:: sh +.. code-block:: console set interfaces vti vti1 address '10.10.1.5/32' set interfaces vti vti1 description 'Azure Tunnel' - Clamp the VTI's MSS to 1350 to avoid PMTU blackholes. -.. code-block:: sh +.. code-block:: console set firewall options interface vti1 adjust-mss 1350 - Configure the VPN tunnel -.. code-block:: sh +.. code-block:: console set vpn ipsec site-to-site peer 203.0.113.2 authentication id '198.51.100.3' set vpn ipsec site-to-site peer 203.0.113.2 authentication mode 'pre-shared-secret' @@ -108,13 +108,13 @@ Vyos configuration - **Important**: Add an interface route to reach Azure's BGP listener -.. code-block:: sh +.. code-block:: console set protocols static interface-route 10.0.0.4/32 next-hop-interface vti1 - Configure your BGP settings -.. code-block:: sh +.. code-block:: console set protocols bgp 64499 neighbor 10.0.0.4 remote-as '65540' set protocols bgp 64499 neighbor 10.0.0.4 address-family ipv4-unicast soft-reconfiguration 'inbound' @@ -123,6 +123,6 @@ Vyos configuration - **Important**: Disable connected check \ -.. code-block:: sh +.. code-block:: console set protocols bgp 64499 neighbor 10.0.0.4 disable-connected-check diff --git a/docs/appendix/examples/azure-vpn-dual-bgp.rst b/docs/appendix/examples/azure-vpn-dual-bgp.rst index 4cbcde3b..27007709 100644 --- a/docs/appendix/examples/azure-vpn-dual-bgp.rst +++ b/docs/appendix/examples/azure-vpn-dual-bgp.rst @@ -55,7 +55,7 @@ Vyos configuration - Configure the IKE and ESP settings to match a subset of those supported by Azure: -.. code-block:: sh +.. code-block:: console set vpn ipsec esp-group AZURE compression 'disable' set vpn ipsec esp-group AZURE lifetime '3600' @@ -76,13 +76,13 @@ Vyos configuration - Enable IPsec on eth0 -.. code-block:: sh +.. code-block:: console set vpn ipsec ipsec-interfaces interface 'eth0' - Configure two VTIs with a dummy IP address each -.. code-block:: sh +.. code-block:: console set interfaces vti vti1 address '10.10.1.5/32' set interfaces vti vti1 description 'Azure Primary Tunnel' @@ -92,14 +92,14 @@ Vyos configuration - Clamp the VTI's MSS to 1350 to avoid PMTU blackholes. -.. code-block:: sh +.. code-block:: console set firewall options interface vti1 adjust-mss 1350 set firewall options interface vti2 adjust-mss 1350 - Configure the VPN tunnels -.. code-block:: sh +.. code-block:: console set vpn ipsec site-to-site peer 203.0.113.2 authentication id '198.51.100.3' set vpn ipsec site-to-site peer 203.0.113.2 authentication mode 'pre-shared-secret' @@ -127,14 +127,14 @@ Vyos configuration - **Important**: Add an interface route to reach both Azure's BGP listeners -.. code-block:: sh +.. code-block:: console set protocols static interface-route 10.0.0.4/32 next-hop-interface vti1 set protocols static interface-route 10.0.0.5/32 next-hop-interface vti2 - Configure your BGP settings -.. code-block:: sh +.. code-block:: console set protocols bgp 64499 neighbor 10.0.0.4 remote-as '65540' set protocols bgp 64499 neighbor 10.0.0.4 address-family ipv4-unicast soft-reconfiguration 'inbound' @@ -149,7 +149,7 @@ Vyos configuration - **Important**: Disable connected check, otherwise the routes learned from Azure will not be imported into the routing table. -.. code-block:: sh +.. code-block:: console set protocols bgp 64499 neighbor 10.0.0.4 disable-connected-check set protocols bgp 64499 neighbor 10.0.0.5 disable-connected-check diff --git a/docs/appendix/examples/bgp-ipv6-unnumbered.rst b/docs/appendix/examples/bgp-ipv6-unnumbered.rst index 0682c91a..6049e0c1 100644 --- a/docs/appendix/examples/bgp-ipv6-unnumbered.rst +++ b/docs/appendix/examples/bgp-ipv6-unnumbered.rst @@ -10,7 +10,7 @@ Configuration - Router A: -.. code-block:: sh +.. code-block:: console set protocols bgp 65020 address-family ipv4-unicast redistribute connected set protocols bgp 65020 address-family ipv6-unicast redistribute connected @@ -29,7 +29,7 @@ Configuration - Router B: -.. code-block:: sh +.. code-block:: console set protocols bgp 65021 address-family ipv4-unicast redistribute connected set protocols bgp 65021 address-family ipv6-unicast redistribute connected @@ -51,7 +51,7 @@ Results - Router A: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down @@ -64,7 +64,7 @@ Results 192.168.0.1/32 ::1/128 -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, @@ -79,7 +79,7 @@ Results B>* 192.168.0.2/32 [20/0] via fe80::a00:27ff:fe3b:7ed2, eth2, 00:05:07 * via fe80::a00:27ff:fe7b:4000, eth1, 00:05:07 -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ ping 192.168.0.2 PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data. @@ -93,7 +93,7 @@ Results 5 packets transmitted, 5 received, 0% packet loss, time 4086ms rtt min/avg/max/mdev = 0.575/0.612/0.682/0.047 ms -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show ip bgp summary @@ -112,7 +112,7 @@ Results - Router B: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down @@ -125,7 +125,7 @@ Results 192.168.0.2/32 ::1/128 -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, @@ -140,7 +140,7 @@ Results * via fe80::a00:27ff:fe93:e142, eth2, 00:06:18 C>* 192.168.0.2/32 is directly connected, lo, 00:44:11 -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ ping 192.168.0.1 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. @@ -153,7 +153,7 @@ Results 4 packets transmitted, 4 received, 0% packet loss, time 3051ms rtt min/avg/max/mdev = 0.427/0.598/0.782/0.155 ms -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show ip bgp summary IPv4 Unicast Summary: diff --git a/docs/appendix/examples/dmvpn.rst b/docs/appendix/examples/dmvpn.rst index f247cade..4ccce3d9 100644 --- a/docs/appendix/examples/dmvpn.rst +++ b/docs/appendix/examples/dmvpn.rst @@ -9,7 +9,7 @@ General infomration can be found in the :ref:`vpn-dmvpn` chapter. Configuration ^^^^^^^^^^^^^ -.. code-block:: sh +.. code-block:: console set interfaces tunnel tun100 address '172.16.253.134/29' set interfaces tunnel tun100 encapsulation 'gre' @@ -54,7 +54,7 @@ Cisco IOS Spoke This example is verified with a Cisco 2811 platform running IOS 15.1(4)M9 and VyOS 1.1.7 (helium) up to VyOS 1.2 (Crux). -.. code-block:: sh +.. code-block:: console Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 15.1(4)M9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport @@ -65,7 +65,7 @@ VyOS 1.1.7 (helium) up to VyOS 1.2 (Crux). Use this configuration on your Cisco device: -.. code-block:: sh +.. code-block:: console crypto pki token default removal timeout 0 crypto keyring DMVPN diff --git a/docs/appendix/examples/ospf-unnumbered.rst b/docs/appendix/examples/ospf-unnumbered.rst index 04f2cb7e..13e5f961 100644 --- a/docs/appendix/examples/ospf-unnumbered.rst +++ b/docs/appendix/examples/ospf-unnumbered.rst @@ -10,7 +10,7 @@ Configuration - Router A: -.. code-block:: sh +.. code-block:: console set interfaces ethernet eth0 address '10.0.0.1/24' set interfaces ethernet eth1 address '192.168.0.1/32' @@ -27,7 +27,7 @@ Configuration - Router B: -.. code-block:: sh +.. code-block:: console set interfaces ethernet eth0 address '10.0.0.2/24' set interfaces ethernet eth1 address '192.168.0.2/32' @@ -48,7 +48,7 @@ Results - Router A: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down @@ -63,7 +63,7 @@ Results vyos@vyos:~$ -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, @@ -87,7 +87,7 @@ Results - Router B: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down @@ -102,7 +102,7 @@ Results vyos@vyos:~$ -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, diff --git a/docs/appendix/examples/tunnelbroker-ipv6.rst b/docs/appendix/examples/tunnelbroker-ipv6.rst index e05d77a5..234d9cf1 100644 --- a/docs/appendix/examples/tunnelbroker-ipv6.rst +++ b/docs/appendix/examples/tunnelbroker-ipv6.rst @@ -17,7 +17,7 @@ Setting up the initial tunnel - Set up the initial IPv6 tunnel. Replace the field below from the fields on the `Tunnelbroker.net <https://www.tunnelbroker.net/>`_ tunnel information page. -.. code-block:: sh +.. code-block:: console conf set interfaces tunnel tun0 address Client_IPv6_from_Tunnelbroker # This will be your VyOS install's public IPv6 address @@ -34,7 +34,7 @@ Setting up the initial tunnel - At this point you should be able to ping an IPv6 address. Try pinging Google: -.. code-block:: sh +.. code-block:: console ping6 -c2 2001:4860:4860::8888 @@ -47,7 +47,7 @@ Setting up the initial tunnel - Assuming the pings are successful, you need to add some DNS servers. Some options: -.. code-block:: sh +.. code-block:: console set system name-server 2001:4860:4860::8888 # Google set system name-server 2001:4860:4860::8844 # Google @@ -57,7 +57,7 @@ Setting up the initial tunnel - You should now be able to ping something by IPv6 DNS name: -.. code-block:: sh +.. code-block:: console # ping6 -c2 one.one.one.one PING one.one.one.one(one.one.one.one) 56 data bytes @@ -87,7 +87,7 @@ Single LAN Setup Single LAN setup where eth1 is your LAN interface. Use the /64 (all the xxxx should be replaced with the information from your `Routed /64` tunnel): -.. code-block:: sh +.. code-block:: console set interfaces ethernet eth1 address '2001:470:xxxx:xxxx::1/64' set interfaces ethernet eth1 ipv6 router-advert name-server '2001:4860:4860::8888' @@ -118,7 +118,7 @@ In the above examples, 1,2,ffff are all chosen by you. You can use 1-ffff (1-65 So, when your LAN is eth1, your DMZ is eth2, your cameras live on eth3, etc: -.. code-block:: sh +.. code-block:: console set interfaces ethernet eth1 address '2001:470:xxxx:1::1/64' set interfaces ethernet eth1 ipv6 router-advert name-server '2001:4860:4860::8888' diff --git a/docs/appendix/examples/zone-policy.rst b/docs/appendix/examples/zone-policy.rst index d159d02d..66cc3338 100644 --- a/docs/appendix/examples/zone-policy.rst +++ b/docs/appendix/examples/zone-policy.rst @@ -8,7 +8,7 @@ Native IPv4 and IPv6 We have three networks. -.. code-block:: sh +.. code-block:: console WAN - 172.16.10.0/24, 2001:0DB8:0:9999::0/64 LAN - 192.168.100.0/24, 2001:0DB8:0:AAAA::0/64 @@ -25,7 +25,7 @@ WAN is on VLAN 10, LAN on VLAN 20, and DMZ on VLAN 30. It will look something like this: -.. code-block:: sh +.. code-block:: console interfaces { ethernet eth0 { @@ -80,7 +80,7 @@ ruleset. In rules, it is good to keep them named consistently. As the number of rules you have grows, the more consistency you have, the easier your life will be. -.. code-block:: sh +.. code-block:: console Rule 1 - State Established, Related Rule 2 - State Invalid @@ -105,7 +105,7 @@ significant headaches when trying to troubleshoot a connectivity issue. To add logging to the default rule, do: -.. code-block:: sh +.. code-block:: console set firewall name <ruleSet> enable-default-log @@ -143,7 +143,7 @@ The following are the rules that were created for this example (may not be complete), both in IPv4 and IPv6. If there is no IP specified, then the source/destination address is not explicit. -.. code-block:: sh +.. code-block:: console WAN – DMZ:192.168.200.200 – tcp/80 WAN – DMZ:192.168.200.200 – tcp/443 @@ -195,7 +195,7 @@ then the source/destination address is not explicit. Since we have 4 zones, we need to setup the following rulesets. -.. code-block:: sh +.. code-block:: console Lan-wan Lan-local @@ -217,7 +217,7 @@ connection attempts. This is an example of the three base rules. -.. code-block:: sh +.. code-block:: console name wan-lan { default-action drop @@ -241,7 +241,7 @@ This is an example of the three base rules. Here is an example of an IPv6 DMZ-WAN ruleset. -.. code-block:: sh +.. code-block:: console ipv6-name dmz-wan-6 { default-action drop @@ -317,7 +317,7 @@ zone-policy. Start by setting the interface and default action for each zone. -.. code-block:: sh +.. code-block:: console set zone-policy zone dmz default-action drop set zone-policy zone dmz interface eth0.30 @@ -342,7 +342,7 @@ LAN, WAN, DMZ, local and TUN (tunnel) v6 pairs would be: -.. code-block:: sh +.. code-block:: console lan-tun lan-local @@ -363,7 +363,7 @@ You would have to add a couple of rules on your wan-local ruleset to allow proto Something like: -.. code-block:: sh +.. code-block:: console rule 400 { action accept diff --git a/docs/appendix/migrate-from-vyatta.rst b/docs/appendix/migrate-from-vyatta.rst index b1dee387..3ac75167 100644 --- a/docs/appendix/migrate-from-vyatta.rst +++ b/docs/appendix/migrate-from-vyatta.rst @@ -30,7 +30,7 @@ You just use ``add system image``, as if it was a new VC release (see is to verify the new images digital signature. You will have to add the public key manually once as it is not shipped the first time. -.. code-block:: sh +.. code-block:: console vyatta@vyatta:~$ wget http://wiki.vyos.net/so3group_maintainers.key Connecting to vyos.net (x.x.x.x:80) @@ -41,7 +41,7 @@ key manually once as it is not shipped the first time. For completion the key below corresponds to the key listed in the URL above. -.. code-block:: sh +.. code-block:: console -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.12 (GNU/Linux) @@ -101,7 +101,7 @@ Next add the VyOS image. This example uses VyOS 1.0.0, however, it's better to install the latest release. -.. code-block:: sh +.. code-block:: console vyatta@vyatta:~$ show system image The system currently has the following image(s) installed: diff --git a/docs/appendix/troubleshooting.rst b/docs/appendix/troubleshooting.rst index e5b9b7a9..cf0361ee 100644 --- a/docs/appendix/troubleshooting.rst +++ b/docs/appendix/troubleshooting.rst @@ -15,7 +15,7 @@ commands. The options for each are shown (the options for each command were displayed using the built-in help as described in the :ref:`cli` section and are omitted from the output here): -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ ping Possible completions: @@ -25,7 +25,7 @@ section and are omitted from the output here): Several options are available when more extensive troubleshooting is needed: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ ping 8.8.8.8 Possible completions: @@ -51,7 +51,7 @@ Several options are available when more extensive troubleshooting is needed: ttl verbose -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ traceroute Possible completions: @@ -64,7 +64,7 @@ Several options are available when more extensive troubleshooting is needed: However, another tool, mtr_, is available which combines ping and traceroute into a single tool. An example of its output is shown: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ mtr 10.62.212.12 @@ -95,7 +95,7 @@ It's possible to monitor network traffic, either at the flow level or protocol level. This can be useful when troubleshooting a variety of protocols and configurations. The following interface types can be monitored: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ monitor interfaces Possible completions: @@ -117,7 +117,7 @@ To monitor traffic flows, issue the :code:`monitor interfaces <type> <name> flow command, replacing `<type>` and `<name>` with your desired interface type and name, respectively. Output looks like the following: -.. code-block:: sh +.. code-block:: console 12.5Kb 25.0Kb 37.5Kb 50.0Kb 62.5Kb ???????????????????????????????????????????????????????????????????????????????????????????????????? @@ -145,7 +145,7 @@ traffic` command, replacing `<type>` and `<name>` with your desired interface type and name, respectively. This command invokes the familiar tshark_ utility and the following options are available: -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ monitor interfaces ethernet eth0 traffic Possible completions: @@ -169,13 +169,13 @@ Interface Bandwith to take a quick view on the used bandwith of an interface use the ``monitor bandwith`` command -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ monitor bandwidth interface eth0 show the following: -.. code-block:: sh +.. code-block:: console eth0 bmon 3.5 Interfaces │ RX bps pps %│ TX bps pps % @@ -210,7 +210,7 @@ Interface performance To take a look on the network bandwith between two nodes, the ``monitor bandwidth-test`` command is used to run iperf. -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ monitor bandwidth-test Possible completions: @@ -220,7 +220,7 @@ To take a look on the network bandwith between two nodes, the ``monitor bandwidt | The ``accept`` command open a listen iperf server on TCP Port 5001 | The ``initiate`` command conncet to this server. -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ monitor bandwidth-test initiate Possible completions: @@ -235,13 +235,13 @@ Monitor command The ``monitor command`` command allows you to repeatedly run a command to view a continuously refreshed output. The command is run and output every 2 seconds, allowing you to monitor the output continuously without having to re-run the command. This can be useful to follow routing adjacency formation. -.. code-block:: sh +.. code-block:: console vyos@router:~$ monitor command "show interfaces" Will clear the screen and show you the output of ``show interfaces`` every 2 seconds. -.. code-block:: sh +.. code-block:: console Every 2.0s: /opt/vyatta/bin/vyatta-op-cmd-wrapper s... Sun Mar 26 02:49:46 2019 @@ -264,13 +264,13 @@ To do this use the ``clear`` command in Operational mode. to clear the console output -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ clear console to clear interface counters -.. code-block:: sh +.. code-block:: console # clear all interfaces vyos@vyos:~$ clear interface ethernet counters @@ -279,7 +279,7 @@ to clear interface counters The command follow the same logic as the ``set`` command in configuration mode. -.. code-block:: sh +.. code-block:: console # clear all counters of a interface type vyos@vyos:~$ clear interface <interface_type> counters @@ -289,7 +289,7 @@ The command follow the same logic as the ``set`` command in configuration mode. to clear counters on firewall rulesets or single rules -.. code-block:: sh +.. code-block:: console vyos@vyos:~$ clear firewall name <ipv4 ruleset name> counters vyos@vyos:~$ clear firewall name <ipv4 ruleset name> rule <rule#> counters diff --git a/docs/appendix/vyos-on-baremetal.rst b/docs/appendix/vyos-on-baremetal.rst index 3d5814e4..2ace97c5 100644 --- a/docs/appendix/vyos-on-baremetal.rst +++ b/docs/appendix/vyos-on-baremetal.rst @@ -113,7 +113,7 @@ Create a bootable USB pendrive using e.g. Rufus_ on a Windows machine. Connect serial port to a PC through null modem cable (RXD / TXD crossed over). Set terminal emulator to 115200 8N1. -.. code-block:: sh +.. code-block:: console PC Engines apu4 coreboot build 20171130 @@ -134,7 +134,7 @@ Now boot from the ``USB MSC Drive Generic Flash Disk 8.07`` media by pressing ``2``, the VyOS boot menu will appear, just wait 10 seconds or press ``Enter`` to continue. -.. code-block:: sh +.. code-block:: console lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x VyOS - Boot Menu x @@ -146,7 +146,7 @@ to continue. The image will be loaded and the last lines you will get will be: -.. code-block:: sh +.. code-block:: console Loading /live/vmlinuz... ok Loading /live/initrd.img... @@ -154,7 +154,7 @@ The image will be loaded and the last lines you will get will be: The Kernel will now spin up using a different console setting. Set terminal emulator to 9600 8N1 and after a while your console will show: -.. code-block:: sh +.. code-block:: console Loading /live/vmlinuz... ok Loading /live/initrd.img... @@ -171,14 +171,14 @@ successful boot. Use the following command to adjust the :ref:`serial-console` settings: -.. code-block:: sh +.. code-block:: console set system console device ttyS0 speed 115200 .. note:: Once you ``commit`` the above changes access to the serial interface is lost until you set your terminal emulator to 115200 8N1 again. -.. code-block:: sh +.. code-block:: console vyos@vyos# show system console device ttyS0 { |