summaryrefslogtreecommitdiff
path: root/docs/configuration/interfaces
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration/interfaces')
-rw-r--r--docs/configuration/interfaces/bonding.rst8
-rw-r--r--docs/configuration/interfaces/ethernet.rst36
-rw-r--r--docs/configuration/interfaces/openvpn.rst16
3 files changed, 45 insertions, 15 deletions
diff --git a/docs/configuration/interfaces/bonding.rst b/docs/configuration/interfaces/bonding.rst
index 92601b37..bf7cfc2c 100644
--- a/docs/configuration/interfaces/bonding.rst
+++ b/docs/configuration/interfaces/bonding.rst
@@ -256,6 +256,13 @@ Bond options
The maximum number of targets that can be specified is 16. The default value
is no IP addresses.
+Offloading
+----------
+
+.. cmdinclude:: /_include/interface-xdp.txt
+ :var0: bonding
+ :var1: bond0
+
VLAN
====
@@ -265,6 +272,7 @@ VLAN
Port Mirror (SPAN)
==================
+
.. cmdinclude:: ../../_include/interface-mirror.txt
:var0: bonding
:var1: bond1
diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst
index 25eebf25..3eae0d95 100644
--- a/docs/configuration/interfaces/ethernet.rst
+++ b/docs/configuration/interfaces/ethernet.rst
@@ -92,13 +92,9 @@ Offloading
the IPv4 ID is not sequentially incrementing it will be altered so that it is
when a frame assembled via GRO is segmented via GSO.
- .. warning:: Recent 1.3 rolling images also support XDP offloading which
- stands for eXpress Data Path in the Linux Kernel. You must enable it for
- every interface which should participate in the XDP forwarding.
-
- Enabling this feature will break any form of NAT or Firewalling on this
- interface, as XDP is handled way earlier in the driver then NfTables.
-
+.. cmdinclude:: /_include/interface-xdp.txt
+ :var0: ethernet
+ :var1: eth0
VLAN
====
@@ -269,3 +265,29 @@ Operation
Vendor SN : FNS092xxxxx
Date code : 0506xx
+.. stop_vyoslinter
+
+.. opcmd:: show interfaces ethernet <interface> xdp
+
+ Display XDP forwarding statistics
+
+ .. code-block:: none
+
+ vyos@vyos:~$ show interfaces ethernet eth1 xdp
+
+ Collecting stats from BPF map
+ - BPF map (bpf_map_type:6) id:176 name:xdp_stats_map key_size:4 value_size:16 max_entries:5
+ XDP-action
+ XDP_ABORTED 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250340
+ XDP_DROP 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250317
+ XDP_PASS 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250314
+ XDP_TX 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250313
+ XDP_REDIRECT 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:0.250313
+
+ XDP-action
+ XDP_ABORTED 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000410
+ XDP_DROP 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
+ XDP_PASS 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
+ XDP_TX 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
+ XDP_REDIRECT 0 pkts ( 0 pps) 0 Kbytes ( 0 Mbits/s) period:2.000414
+
diff --git a/docs/configuration/interfaces/openvpn.rst b/docs/configuration/interfaces/openvpn.rst
index 0e4e9d74..2c273b34 100644
--- a/docs/configuration/interfaces/openvpn.rst
+++ b/docs/configuration/interfaces/openvpn.rst
@@ -317,16 +317,16 @@ commands:
vyos@vyos:/config/my-easy-rsa-config$./easyrsa revoke client1
vyos@vyos:/config/my-easy-rsa-config$ ./easyrsa gen-crl
-Copy the files to /config/auth/ovpn/ to use in OpenVPN tunnel creation
+Copy the files to /config/auth/openvpn/ to use in OpenVPN tunnel creation
.. code-block:: none
- vyos@vyos:/config/my-easy-rsa-config$ sudo mkdir /config/auth/ovpn
- vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/ca.crt /config/auth/ovpn
- vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/dh.pem /config/auth/ovpn
- vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/private/central.key /config/auth/ovpn
- vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/issued/central.crt /config/auth/ovpn
- vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/crl.pem /config/auth/ovpn
+ vyos@vyos:/config/my-easy-rsa-config$ sudo mkdir /config/auth/openvpn
+ vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/ca.crt /config/auth/openvpn
+ vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/dh.pem /config/auth/openvpn
+ vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/private/central.key /config/auth/openvpn
+ vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/issued/central.crt /config/auth/openvpn
+ vyos@vyos:/config/my-easy-rsa-config$ sudo cp pki/crl.pem /config/auth/openvpn
Additionally, each client needs a copy of ca.crt and its own client key and
cert files. The files are plaintext so they may be copied either manually,
@@ -336,7 +336,7 @@ For example, Branch 1's router might have the following files:
.. code-block:: none
- vyos@branch1-rtr:$ ls /config/auth/ovpn
+ vyos@branch1-rtr:$ ls /config/auth/openvpn
ca.crt branch1.crt branch1.key
Client Authentication