diff options
Diffstat (limited to 'docs/routing')
| -rw-r--r-- | docs/routing/index.rst | 3 | ||||
| -rw-r--r-- | docs/routing/pbr.rst | 6 | ||||
| -rw-r--r-- | docs/routing/static.rst | 11 |
3 files changed, 10 insertions, 10 deletions
diff --git a/docs/routing/index.rst b/docs/routing/index.rst index 376e0919..1a1db43f 100644 --- a/docs/routing/index.rst +++ b/docs/routing/index.rst @@ -8,8 +8,7 @@ policy routing, and dynamic routing using standard protocols (RIP, OSPF, and BGP). .. toctree:: - :maxdepth: 2 - :hidden: + :maxdepth: 1 arp bgp diff --git a/docs/routing/pbr.rst b/docs/routing/pbr.rst index a8ee9e87..62dfcaec 100644 --- a/docs/routing/pbr.rst +++ b/docs/routing/pbr.rst @@ -73,9 +73,9 @@ Add policy route matching VLAN source addresses set policy route PBR rule 20 description 'Route VLAN10 traffic to table 10' set policy route PBR rule 20 source address '192.168.188.0/24' - set policy route PBR rule 20 set table '11' - set policy route PBR rule 20 description 'Route VLAN11 traffic to table 11' - set policy route PBR rule 20 source address '192.168.189.0/24' + set policy route PBR rule 30 set table '11' + set policy route PBR rule 30 description 'Route VLAN11 traffic to table 11' + set policy route PBR rule 30 source address '192.168.189.0/24' Apply routing policy to **inbound** direction of out VLAN interfaces diff --git a/docs/routing/static.rst b/docs/routing/static.rst index e1f96c31..4faa2451 100644 --- a/docs/routing/static.rst +++ b/docs/routing/static.rst @@ -13,11 +13,10 @@ not make use of DHCP or dynamic routing protocols: set protocols static route 0.0.0.0/0 next-hop 10.1.1.1 distance '1' Another common use of static routes is to blackhole (drop) traffic. In the -example below, RFC 1918 private IP networks are set as blackhole routes. This -does not prevent networks within these segments from being used, since the -most specific route is always used. It does, however, prevent traffic to -unknown private networks from leaving the router. Commonly refereed to as -leaking. +example below, RFC1918_ networks are set as blackhole routes. + +This prevents these networks leaking out public interfaces, but it does not prevent +them from being used as the most specific route has the highest priority. .. code-block:: sh @@ -27,3 +26,5 @@ leaking. .. note:: Routes with a distance of 255 are effectively disabled and not installed into the kernel. + +.. _RFC1918: https://tools.ietf.org/html/rfc1918 |