summaryrefslogtreecommitdiff
path: root/docs/configuration/interfaces
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration/interfaces')
-rw-r--r--docs/configuration/interfaces/macsec.rst5
-rw-r--r--docs/configuration/interfaces/tunnel.rst40
2 files changed, 21 insertions, 24 deletions
diff --git a/docs/configuration/interfaces/macsec.rst b/docs/configuration/interfaces/macsec.rst
index 2bf643aa..9a20c425 100644
--- a/docs/configuration/interfaces/macsec.rst
+++ b/docs/configuration/interfaces/macsec.rst
@@ -27,14 +27,11 @@ Common interface configuration
MACsec options
==============
-.. cfgcmd:: set interfaces macsec <interface> security cipher [gcm-aes-128]
+.. cfgcmd:: set interfaces macsec <interface> security cipher <gcm-aes-128|gcm-aes-256>
Select cipher suite used for cryptographic operations. This setting is
mandatory.
- .. note:: gcm-aes-256 support planned once iproute2 package is updated to
- version >=5.2.
-
.. cfgcmd:: set interfaces macsec <interface> security encrypt
MACsec only provides authentication by default, encryption is optional. This
diff --git a/docs/configuration/interfaces/tunnel.rst b/docs/configuration/interfaces/tunnel.rst
index d2d63ce2..36b1d70b 100644
--- a/docs/configuration/interfaces/tunnel.rst
+++ b/docs/configuration/interfaces/tunnel.rst
@@ -32,8 +32,8 @@ An example:
.. code-block:: none
set interfaces tunnel tun0 encapsulation ipip
- set interfaces tunnel tun0 local-ip 192.0.2.10
- set interfaces tunnel tun0 remote-ip 203.0.113.20
+ set interfaces tunnel tun0 source-address 192.0.2.10
+ set interfaces tunnel tun0 remote 203.0.113.20
set interfaces tunnel tun0 address 192.168.100.200/24
IP6IP6
@@ -50,8 +50,8 @@ An example:
.. code-block:: none
set interfaces tunnel tun0 encapsulation ip6ip6
- set interfaces tunnel tun0 local-ip 2001:db8:aa::1
- set interfaces tunnel tun0 remote-ip 2001:db8:aa::2
+ set interfaces tunnel tun0 source-address 2001:db8:aa::1
+ set interfaces tunnel tun0 remote 2001:db8:aa::2
set interfaces tunnel tun0 address 2001:db8:bb::1/64
IPIP6
@@ -67,8 +67,8 @@ An example:
.. code-block:: none
set interfaces tunnel tun0 encapsulation ipip6
- set interfaces tunnel tun0 local-ip 2001:db8:aa::1
- set interfaces tunnel tun0 remote-ip 2001:db8:aa::2
+ set interfaces tunnel tun0 source-address 2001:db8:aa::1
+ set interfaces tunnel tun0 remote 2001:db8:aa::2
set interfaces tunnel tun0 address 192.168.70.80/24
6in4 (SIT)
@@ -89,8 +89,8 @@ An example:
.. code-block:: none
set interfaces tunnel tun0 encapsulation sit
- set interfaces tunnel tun0 local-ip 192.0.2.10
- set interfaces tunnel tun0 remote-ip 192.0.2.20
+ set interfaces tunnel tun0 source-address 192.0.2.10
+ set interfaces tunnel tun0 remote 192.0.2.20
set interfaces tunnel tun0 address 2001:db8:bb::1/64
A full example of a Tunnelbroker.net config can be found at
@@ -112,8 +112,8 @@ over either IPv4 (gre) or IPv6 (ip6gre).
Configuration
^^^^^^^^^^^^^
-A basic configuration requires a tunnel source (local-ip), a tunnel destination
-(remote-ip), an encapsulation type (gre), and an address (ipv4/ipv6).Below is a
+A basic configuration requires a tunnel source (source-address), a tunnel destination
+(remote), an encapsulation type (gre), and an address (ipv4/ipv6).Below is a
basic IPv4 only configuration example taken from a VyOS router and a Cisco IOS
router. The main difference between these two configurations is that VyOS
requires you explicitly configure the encapsulation type. The Cisco router
@@ -125,8 +125,8 @@ defaults to gre ip otherwise it would have to be configured as well.
set interfaces tunnel tun100 address '10.0.0.1/30'
set interfaces tunnel tun100 encapsulation 'gre'
- set interfaces tunnel tun100 local-ip '198.51.100.2'
- set interfaces tunnel tun100 remote-ip '203.0.113.10'
+ set interfaces tunnel tun100 source-address '198.51.100.2'
+ set interfaces tunnel tun100 remote '203.0.113.10'
**Cisco IOS Router:**
@@ -147,8 +147,8 @@ and a Linux host using systemd-networkd.
set interfaces tunnel tun101 address '2001:db8:feed:beef::1/126'
set interfaces tunnel tun101 address '192.168.5.1/30'
set interfaces tunnel tun101 encapsulation 'ip6gre'
- set interfaces tunnel tun101 local-ip '2001:db8:babe:face::3afe:3'
- set interfaces tunnel tun101 remote-ip '2001:db8:9bb:3ce::5'
+ set interfaces tunnel tun101 source-address '2001:db8:babe:face::3afe:3'
+ set interfaces tunnel tun101 remote '2001:db8:9bb:3ce::5'
**Linux systemd-networkd:**
@@ -189,15 +189,15 @@ An example:
.. code-block:: none
- set interfaces tunnel tun0 local-ip 192.0.2.10
- set interfaces tunnel tun0 remote-ip 192.0.2.20
+ set interfaces tunnel tun0 source-address 192.0.2.10
+ set interfaces tunnel tun0 remote 192.0.2.20
set interfaces tunnel tun0 address 10.40.50.60/24
set interfaces tunnel tun0 parameters ip key 10
-
+
.. code-block:: none
- set interfaces tunnel tun0 local-ip 192.0.2.10
- set interfaces tunnel tun0 remote-ip 192.0.2.20
+ set interfaces tunnel tun0 source-address 192.0.2.10
+ set interfaces tunnel tun0 remote 192.0.2.20
set interfaces tunnel tun0 address 172.16.17.18/24
set interfaces tunnel tun0 parameters ip key 20
@@ -211,7 +211,7 @@ to make sure the configuration performs as expected. A common cause for GRE
tunnels to fail to come up correctly include ACL or Firewall configurations
that are discarding IP protocol 47 or blocking your source/desintation traffic.
-**1. Confirm IP connectivity between tunnel local-ip and remote-ip:**
+**1. Confirm IP connectivity between tunnel source-address and remote:**
.. code-block:: none