diff options
Diffstat (limited to 'docs')
28 files changed, 381 insertions, 260 deletions
diff --git a/docs/_include/interface-address-with-dhcp.txt b/docs/_include/interface-address-with-dhcp.txt index 28968bea..10838e72 100644 --- a/docs/_include/interface-address-with-dhcp.txt +++ b/docs/_include/interface-address-with-dhcp.txt @@ -1,20 +1,20 @@ .. cfgcmd:: set interfaces {{ var0 }} <interface> address <address | dhcp | dhcpv6> - Configure interface `<interface>` with one or more interface addresses. + Configure interface `<interface>` with one or more interface addresses. - * **address** can be specified multiple times as IPv4 and/or IPv6 - address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64 - * **dhcp** interface address is received by DHCP from a DHCP server - on this segment. - * **dhcpv6** interface address is received by DHCPv6 from a DHCPv6 - server on this segment. + * **address** can be specified multiple times as IPv4 and/or IPv6 + address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64 + * **dhcp** interface address is received by DHCP from a DHCP server + on this segment. + * **dhcpv6** interface address is received by DHCPv6 from a DHCPv6 + server on this segment. - Example: + Example: - .. code-block:: none + .. code-block:: none - set interfaces {{ var0 }} {{ var1 }} address 192.0.2.1/24 - set interfaces {{ var0 }} {{ var1 }} address 2001:db8::1/64 - set interfaces {{ var0 }} {{ var1 }} dhcp - set interfaces {{ var0 }} {{ var1 }} dhcpv6
\ No newline at end of file + set interfaces {{ var0 }} {{ var1 }} address 192.0.2.1/24 + set interfaces {{ var0 }} {{ var1 }} address 2001:db8::1/64 + set interfaces {{ var0 }} {{ var1 }} dhcp + set interfaces {{ var0 }} {{ var1 }} dhcpv6
\ No newline at end of file diff --git a/docs/_include/interface-address.txt b/docs/_include/interface-address.txt index 4ca75940..00a9ec09 100644 --- a/docs/_include/interface-address.txt +++ b/docs/_include/interface-address.txt @@ -1,14 +1,14 @@ .. cfgcmd:: set interfaces {{ var0 }} <interface> address <address> - Configure interface `<interface>` with one or more interface - addresses. + Configure interface `<interface>` with one or more interface + addresses. - * **address** can be specified multiple times as IPv4 and/or IPv6 - address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64 + * **address** can be specified multiple times as IPv4 and/or IPv6 + address, e.g. 192.0.2.1/24 and/or 2001:db8::1/64 - Example: + Example: - .. code-block:: none + .. code-block:: none - set interfaces {{ var0 }} {{ var1 }} address 192.0.2.1/24 - set interfaces {{ var0 }} {{ var1 }} address 2001:db8::1/64
\ No newline at end of file + set interfaces {{ var0 }} {{ var1 }} address 192.0.2.1/24 + set interfaces {{ var0 }} {{ var1 }} address 2001:db8::1/64
\ No newline at end of file diff --git a/docs/_include/interface-common-with-dhcp.txt b/docs/_include/interface-common-with-dhcp.txt index 1fe38a92..3e1394a3 100644 --- a/docs/_include/interface-common-with-dhcp.txt +++ b/docs/_include/interface-common-with-dhcp.txt @@ -1,19 +1,17 @@ .. cmdinclude:: ../_include/interface-address-with-dhcp.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-common.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} -**DHCP** +**DHCP(v6)** .. cmdinclude:: ../_include/interface-dhcp-options.txt - :var0: {{ var0 }} - :var1: {{ var1 }} - -**DHCPv6** + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-dhcpv6-options.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} diff --git a/docs/_include/interface-common-without-dhcp.txt b/docs/_include/interface-common-without-dhcp.txt index 8e995ee1..d861f003 100644 --- a/docs/_include/interface-common-without-dhcp.txt +++ b/docs/_include/interface-common-without-dhcp.txt @@ -1,7 +1,7 @@ .. cmdinclude:: ../_include/interface-address.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-common.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} diff --git a/docs/_include/interface-common.txt b/docs/_include/interface-common.txt index 052088df..de29356f 100644 --- a/docs/_include/interface-common.txt +++ b/docs/_include/interface-common.txt @@ -1,23 +1,36 @@ .. cmdinclude:: ../_include/interface-description.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-disable.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} + +.. cmdinclude:: ../_include/interface-disable-flow-control.txt + :var0: {{ var0 }} + :var1: {{ var1 }} + +.. cmdinclude:: ../_include/interface-disable-link-detect.txt + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-mac.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-mtu.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-ipv6-addr-autoconf.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} .. cmdinclude:: ../_include/interface-ipv6-addr-eui64.txt - :var0: {{ var0 }} - :var1: {{ var1 }} + :var0: {{ var0 }} + :var1: {{ var1 }} + +.. cmdinclude:: ../_include/interface-vrf.txt + :var0: {{ var0 }} + :var1: {{ var1 }} + diff --git a/docs/_include/interface-description.txt b/docs/_include/interface-description.txt index 992d4945..1c6a870f 100644 --- a/docs/_include/interface-description.txt +++ b/docs/_include/interface-description.txt @@ -1,10 +1,10 @@ .. cfgcmd:: set interfaces {{ var0 }} <interface> description <description> - Set a human readable, descriptive alias for this connection. Alias is used by - e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools. + Set a human readable, descriptive alias for this connection. Alias is used by + e.g. the :opcmd:`show interfaces` command or SNMP based monitoring tools. - Example: + Example: - .. code-block:: none + .. code-block:: none - set interfaces {{ var0 }} {{ var1 }} description 'This is an awesome interface running on VyOS'
\ No newline at end of file + set interfaces {{ var0 }} {{ var1 }} description 'This is an awesome interface running on VyOS'
\ No newline at end of file diff --git a/docs/_include/interface-dhcpv6-options.txt b/docs/_include/interface-dhcpv6-options.txt index 7213079a..94e80309 100644 --- a/docs/_include/interface-dhcpv6-options.txt +++ b/docs/_include/interface-dhcpv6-options.txt @@ -33,60 +33,6 @@ set interfaces {{ var0 }} {{ var1 }} dhcpv6-options temporary - - - -**DHCPv6-PD** - -VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation -is supported by most ISPs who provide native IPv6 for consumers on fixed networks. - -.. cfgcmd:: set interfaces {{ var0 }} <interface> dhcpv6-option pd <id> length <length> - - Some ISPs by default only delegate a /64 prefix. To request for a specific - prefix size use this option to request for a bigger delegation for this pd - `<id>`. This value is in the range from 32 - 64 so you could request up to a - /32 prefix (if your ISP allows this) down to a /64 delegation. - - The default value corresponds to 64. - - Example: - - To request a /56 prefix from your ISP use: - - .. code-block:: none - - set interfaces {{ var0 }} {{ var1 }} dhcpv6-options pd 0 length 56 - -.. cfgcmd:: set interfaces {{ var0 }} <interface> dhcpv6-option pd <id> interface <delegatee> address <address> - - Specify the interface address used locally on the interfcae where the prefix - has been delegated to. ID must be a decimal integer. - - It will be combined with the delegated prefix and the sla-id to form a - complete interface address. The default is to use the EUI-64 address of the - interface. - - Example: Delegate a /64 prefix to interface eth0.10 which will use a local - address on this router of ``<prefix>::ffff``, as the address 65534 will - correspond to ``ffff`` in hexadecimal notation. - - .. code-block:: none - - set interfaces {{ var0 }} {{ var1 }} dhcpv6-option pd 0 interface eth0.10 address 65534 - -.. cfgcmd:: set interfaces {{ var0 }} <interface> dhcpv6-option pd <id> interface <delegatee> sla-id <id> - - Specify the identifier value of the site-level aggregator (SLA) on the - interface. ID must be a decimal number greater then 0 which fits in the - length of SLA IDs (see below). - - Example: If ID is 1 and the client is delegated an IPv6 prefix - 2001:db8:ffff::/48, dhcp6c will combine the two values into a single IPv6 - prefix, 2001:db8:ffff:1::/64, and will configure the prefix on the specified - interface. - - .. code-block:: none - - set interfaces {{ var0 }} {{ var1 }} dhcpv6-option pd 0 interface eth0.10 sla-id 1 - +.. cmdinclude:: ../_include/interface-dhcpv6-prefix-delegation.txt + :var0: {{ var0 }} + :var1: {{ var1 }} diff --git a/docs/_include/interface-dhcpv6-prefix-delegation.txt b/docs/_include/interface-dhcpv6-prefix-delegation.txt new file mode 100644 index 00000000..61e6aaa2 --- /dev/null +++ b/docs/_include/interface-dhcpv6-prefix-delegation.txt @@ -0,0 +1,54 @@ +**DHCPv6 Prefix Delegation (PD)** + +VyOS 1.3 (equuleus) supports DHCPv6-PD (:rfc:`3633`). DHCPv6 Prefix Delegation +is supported by most ISPs who provide native IPv6 for consumers on fixed networks. + +.. cfgcmd:: set interfaces {{ var0 }} <interface> dhcpv6-option pd <id> length <length> + + Some ISPs by default only delegate a /64 prefix. To request for a specific + prefix size use this option to request for a bigger delegation for this pd + `<id>`. This value is in the range from 32 - 64 so you could request up to a + /32 prefix (if your ISP allows this) down to a /64 delegation. + + The default value corresponds to 64. + + Example: + + To request a /56 prefix from your ISP use: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} dhcpv6-options pd 0 length 56 + +.. cfgcmd:: set interfaces {{ var0 }} <interface> dhcpv6-option pd <id> interface <delegatee> address <address> + + Specify the interface address used locally on the interfcae where the prefix + has been delegated to. ID must be a decimal integer. + + It will be combined with the delegated prefix and the sla-id to form a + complete interface address. The default is to use the EUI-64 address of the + interface. + + Example: Delegate a /64 prefix to interface eth0.10 which will use a local + address on this router of ``<prefix>::ffff``, as the address 65534 will + correspond to ``ffff`` in hexadecimal notation. + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} dhcpv6-option pd 0 interface eth0.10 address 65534 + +.. cfgcmd:: set interfaces {{ var0 }} <interface> dhcpv6-option pd <id> interface <delegatee> sla-id <id> + + Specify the identifier value of the site-level aggregator (SLA) on the + interface. ID must be a decimal number greater then 0 which fits in the + length of SLA IDs (see below). + + Example: If ID is 1 and the client is delegated an IPv6 prefix + 2001:db8:ffff::/48, dhcp6c will combine the two values into a single IPv6 + prefix, 2001:db8:ffff:1::/64, and will configure the prefix on the specified + interface. + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} dhcpv6-option pd 0 interface eth0.10 sla-id 1 + diff --git a/docs/_include/interface-disable-flow-control.txt b/docs/_include/interface-disable-flow-control.txt new file mode 100644 index 00000000..2b319b22 --- /dev/null +++ b/docs/_include/interface-disable-flow-control.txt @@ -0,0 +1,22 @@ +.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }} disable-flow-control + + Ethernet flow control is a mechanism for temporarily stopping the transmission + of data on Ethernet family computer networks. The goal of this mechanism is to + ensure zero packet loss in the presence of network congestion. + + The first flow control mechanism, the pause frame, was defined by the IEEE + 802.3x standard. + + A sending station (computer or network switch) may be transmitting data faster + than the other end of the link can accept it. Using flow control, the receiving + station can signal the sender requesting suspension of transmissions until the + receiver catches up. + + Use this command to disable the generation of Ethernet flow control (pause + frames). + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} disable-flow-control
\ No newline at end of file diff --git a/docs/_include/interface-disable-link-detect.txt b/docs/_include/interface-disable-link-detect.txt new file mode 100644 index 00000000..a9c0e85f --- /dev/null +++ b/docs/_include/interface-disable-link-detect.txt @@ -0,0 +1,12 @@ +.. cfgcmd:: set interfaces {{ var0 }} {{ var2 }} {{ var3 }} <interface> disable-link-detect + + Use this command to direct an interface to not detect any physical state + changes on a link, for example, when the cable is unplugged. + + Default is to detects physical link state changes. + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} disable-link-detect
\ No newline at end of file diff --git a/docs/_include/interface-ipv6-addr-autoconf.txt b/docs/_include/interface-ipv6-addr-autoconf.txt index 22f9ee59..e16cff0e 100644 --- a/docs/_include/interface-ipv6-addr-autoconf.txt +++ b/docs/_include/interface-ipv6-addr-autoconf.txt @@ -1,14 +1,12 @@ .. cfgcmd:: set interfaces {{ var0 }} <interface> ipv6 address autoconf - - :abbr:`SLAAC (Stateless Address Autoconfiguration)` - :rfc:`4862`. IPv6 hosts can configure themselves automatically when connected - to an IPv6 network using the Neighbor Discovery Protocol via :abbr:`ICMPv6 - (Internet Control Message Protocol version 6)` router discovery messages. - When first connected to a network, a host sends a link-local router - solicitation multicast request for its configuration parameters; routers - respond to such a request with a router advertisement packet that contains - Internet Layer configuration parameters. + :abbr:`SLAAC (Stateless Address Autoconfiguration)` :rfc:`4862`. IPv6 hosts + can configure themselves automatically when connected to an IPv6 network using + the Neighbor Discovery Protocol via :abbr:`ICMPv6 (Internet Control Message + Protocol version 6)` router discovery messages. When first connected to a + network, a host sends a link-local router solicitation multicast request for + its configuration parameters; routers respond to such a request with a router + advertisement packet that contains Internet Layer configuration parameters. .. note:: This method automatically disables IPv6 traffic forwarding on the interface in question. diff --git a/docs/_include/interface-ipv6-addr-eui64.txt b/docs/_include/interface-ipv6-addr-eui64.txt index 40f22e5f..5f32ccad 100644 --- a/docs/_include/interface-ipv6-addr-eui64.txt +++ b/docs/_include/interface-ipv6-addr-eui64.txt @@ -1,8 +1,8 @@ .. cfgcmd:: set interfaces {{ var0 }} <interface> ipv6 address eui64 <prefix> - :abbr:`EUI-64 (64-Bit Extended Unique Identifier)` as specified in - :rfc:`4291` allows a host to assign iteslf a unique 64-Bit IPv6 address. + :abbr:`EUI-64 (64-Bit Extended Unique Identifier)` as specified in + :rfc:`4291` allows a host to assign iteslf a unique 64-Bit IPv6 address. - .. code-block:: none + .. code-block:: none - set interfaces {{ var0 }} {{ var1 }} ipv6 address eui64 2001:db8:beef::/64 + set interfaces {{ var0 }} {{ var1 }} ipv6 address eui64 2001:db8:beef::/64 diff --git a/docs/_include/interface-mac.txt b/docs/_include/interface-mac.txt index 29157555..de7f2d83 100644 --- a/docs/_include/interface-mac.txt +++ b/docs/_include/interface-mac.txt @@ -1,7 +1,7 @@ .. cfgcmd:: set interfaces {{ var0 }} <interface> mac <xx:xx:xx:xx:xx:xx> - Configure user defined :abbr:`MAC (Media Access Control)` address on given - `<interface>`. + Configure user defined :abbr:`MAC (Media Access Control)` address on given + `<interface>`. Example: diff --git a/docs/_include/interface-vlan.txt b/docs/_include/interface-vlan.txt new file mode 100644 index 00000000..c1472018 --- /dev/null +++ b/docs/_include/interface-vlan.txt @@ -0,0 +1,50 @@ +IEEE 802.1q, often referred to as Dot1q, is the networking standard that supports +virtual LANs (VLANs) on an IEEE 802.3 Ethernet network. The standard defines a +system of VLAN tagging for Ethernet frames and the accompanying procedures to be +used by bridges and switches in handling such frames. The standard also contains +provisions for a quality-of-service prioritization scheme commonly known as IEEE +802.1p and defines the Generic Attribute Registration Protocol. + +Portions of the network which are VLAN-aware (i.e., IEEE 802.1q conformant) can +include VLAN tags. When a frame enters the VLAN-aware portion of the network, a +tag is added to represent the VLAN membership. Each frame must be distinguishable +as being within exactly one VLAN. A frame in the VLAN-aware portion of the network +that does not contain a VLAN tag is assumed to be flowing on the native VLAN. + +The standard was developed by IEEE 802.1, a working group of the IEEE 802 +standards committee, and continues to be actively revised. One of the notable +revisions is 802.1Q-2014 which incorporated IEEE 802.1aq (Shortest Path Bridging) +and much of the IEEE 802.1d standard. + +802.1q VLAN interfaces are represented as virtual sub-interfaces in VyOS. The +term used for this is ``vif``. + +.. cfgcmd:: set interfaces {{ var0 }} <interface> vif <vlan-id> + + Create a new VLAN interface on interface `<interface>` using the VLAN number + provided via `<vlan-id>`. + + You can create multiple VLAN interfaces on a physical interface. The VLAN ID + range is from 0 to 4094. + + .. note:: Only 802.1Q-tagged packets are accepted on Ethernet vifs. + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} vif 10 + +.. cmdinclude:: ../_include/interface-address-with-dhcp.txt + :var0: {{ var0 }} + :var1: {{ var1 }} + :var2: vif + :var3: <vlan-id> + :var4: 10 + +.. cmdinclude:: ../_include/interface-common.txt + :var0: {{ var0 }} + :var1: {{ var1 }} + :var2: vif + :var3: <vlan-id> + :var4: 10
\ No newline at end of file diff --git a/docs/_include/interface-vrf.txt b/docs/_include/interface-vrf.txt new file mode 100644 index 00000000..92bfae93 --- /dev/null +++ b/docs/_include/interface-vrf.txt @@ -0,0 +1,12 @@ +.. cfgcmd:: set interfaces {{ var0 }} <interface> vrf <vrf> + + Place interface in given VRF instance. + + .. seealso:: There is an entire chapter about how to configure a :ref:`vrf`, + please check this for additional information. + + Example: + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} vrf red
\ No newline at end of file diff --git a/docs/interfaces/bond.rst b/docs/interfaces/bond.rst index 4565eafc..859c25c3 100644 --- a/docs/interfaces/bond.rst +++ b/docs/interfaces/bond.rst @@ -20,8 +20,15 @@ Common interface configuration :var0: bond :var1: bond0 -Link Administration -------------------- +Member Interfaces +----------------- + +.. cfgcmd:: set interfaces bonding <interface> member interface <member> + + Enslave `<member>` interface to bond `<interface>`. + +Bond options +------------ .. cfgcmd:: set interfaces bonding <interface> mode <mode> @@ -246,13 +253,6 @@ Link Administration The maximum number of targets that can be specified is 16. The default value is no IP addresses. -Member Interfaces ------------------ - -.. cfgcmd:: set interfaces bonding <interface> member interface <member> - - Enslave `<member>` interface to bond `<interface>`. - Example ------- diff --git a/docs/interfaces/bridge.rst b/docs/interfaces/bridge.rst index 8704d334..144e5f6d 100644 --- a/docs/interfaces/bridge.rst +++ b/docs/interfaces/bridge.rst @@ -24,29 +24,6 @@ Common interface configuration :var0: bridge :var1: br0 -.. cfgcmd:: set interfaces bridge <interface> aging <time> - - MAC address aging `<time`> in seconds (default: 300). - -.. cfgcmd:: set interfaces bridge <interface> max-age <time> - - Bridge maximum aging `<time>` in seconds (default: 20). - - If a another bridge in the spanning tree does not send out a hello - packet for a long period of time, it is assumed to be dead. - - -Link Administration -------------------- - -.. cfgcmd:: set interfaces bridge <interface> disable-flow-control - - Disable Ethernet flow control (pause frames). - -.. cfgcmd:: set interfaces bridge <interface> igmp querier - - Enable IGMP querier - Member Interfaces ----------------- @@ -82,7 +59,6 @@ Member Interfaces deciding which link to use. Faster interfaces should have lower costs. - .. _stp: STP Parameter @@ -118,9 +94,26 @@ links providing fault tolerance if an active link fails. Designated Bridges. Hello packets are used to communicate information about the topology throughout the entire Bridged Local Area Network. +Additional Bridge Options +------------------------- + +.. cfgcmd:: set interfaces bridge <interface> aging <time> + + MAC address aging `<time`> in seconds (default: 300). + +.. cfgcmd:: set interfaces bridge <interface> max-age <time> + + Bridge maximum aging `<time>` in seconds (default: 20). + + If a another bridge in the spanning tree does not send out a hello + packet for a long period of time, it is assumed to be dead. + +.. cfgcmd:: set interfaces bridge <interface> igmp querier + + Enable IGMP querier Example -------- +####### Creating a bridge interface is very simple. In this example we will have: @@ -155,7 +148,7 @@ This results in the active configuration: Operation -========= +######### .. opcmd:: show bridge diff --git a/docs/interfaces/dummy.rst b/docs/interfaces/dummy.rst index a3989138..e0557d1d 100644 --- a/docs/interfaces/dummy.rst +++ b/docs/interfaces/dummy.rst @@ -33,6 +33,14 @@ Common interface configuration :var0: dummy :var1: dum0 +.. cmdinclude:: ../_include/interface-disable.txt + :var0: dummy + :var1: dum0 + +.. cmdinclude:: ../_include/interface-vrf.txt + :var0: dummy + :var1: dum0 + Operation ========= diff --git a/docs/interfaces/ethernet.rst b/docs/interfaces/ethernet.rst index 578ac517..1d3aeda3 100644 --- a/docs/interfaces/ethernet.rst +++ b/docs/interfaces/ethernet.rst @@ -45,13 +45,12 @@ Speed/Duplex VyOS default will be `auto`. -Link Administration -------------------- - -.. cfgcmd:: set interfaces ethernet <interface> disable-flow-control - - Disable Ethernet flow control (pause frames). +VLAN (802.1q) configuration +--------------------------- +.. cmdinclude:: ../_include/interface-vlan.txt + :var0: ethernet + :var1: eth0 Operation ========= diff --git a/docs/interfaces/geneve.rst b/docs/interfaces/geneve.rst index 8518fcf0..b59bb311 100644 --- a/docs/interfaces/geneve.rst +++ b/docs/interfaces/geneve.rst @@ -42,6 +42,9 @@ Common interface configuration :var0: geneve :var1: gnv0 +GENEVE specific options +----------------------- + .. cfgcmd:: set interfaces geneve gnv0 remote <address> Configure GENEVE tunnel far end/remote tunnel endpoint. @@ -55,7 +58,3 @@ Common interface configuration decisions or MAY be used as a mechanism to distinguish between overlapping address spaces contained in the encapsulated packet when load balancing across CPUs. - -.. cfgcmd:: set interfaces geneve gnv0 mtu <mtu> - - Set interface :abbr:`MTU (Maximum Transfer Unit)` size. diff --git a/docs/interfaces/l2tpv3.rst b/docs/interfaces/l2tpv3.rst index ea540c01..c456a58e 100644 --- a/docs/interfaces/l2tpv3.rst +++ b/docs/interfaces/l2tpv3.rst @@ -2,8 +2,9 @@ .. _l2tpv3-interface: +###### L2TPv3 ------- +###### L2TPv3 is a pseudowire protocol, you can read more about on `Wikipedia L2TPv3`_ or in :rfc:`3921` @@ -11,6 +12,16 @@ or in :rfc:`3921` L2TPv3 can transport any traffic including ethernet frames. L2TPv2 is limited to PPP. +Configuration +############# + +Common interface configuration +------------------------------ + +.. cmdinclude:: ../_include/interface-common-without-dhcp.txt + :var0: l2tpv3 + :var1: l2tpeth0 + Over IP ^^^^^^^ diff --git a/docs/interfaces/macsec.rst b/docs/interfaces/macsec.rst index 242636f1..f841e17d 100644 --- a/docs/interfaces/macsec.rst +++ b/docs/interfaces/macsec.rst @@ -23,6 +23,9 @@ Common interface configuration :var0: macsec :var1: macsec0 +MACsec specific options +----------------------- + .. cfgcmd:: set interfaces macsec <interface> security cipher [gcm-aes-128] Select cipher suite used for cryptographic operations. This setting is @@ -41,9 +44,8 @@ Common interface configuration A physical interface is required to connect this MACsec instance to. Traffic leaving this interfac will now be authenticated/encrypted. - Key Management --------------- +^^^^^^^^^^^^^^ :abbr:`MKA (MACsec Key Agreement protocol)` is used to synchronize keys between individual peers. @@ -63,7 +65,7 @@ individual peers. distributing SAKs. Replay protection ------------------ +^^^^^^^^^^^^^^^^^ .. cfgcmd:: set interfaces macsec <interface> security replay-window <window> @@ -75,7 +77,7 @@ Replay protection - ``1-4294967295``: Number of packets that could be misordered Operation -========= +######### .. opcmd:: run generate macsec mka-cak @@ -122,7 +124,7 @@ Operation TXSC: 005056bfefaa0001 on SA 0 Examples -======== +######## * Two routers connected both via eth1 through an untrusted switch * R1 has 192.0.2.1/24 & 2001:db8::1/64 diff --git a/docs/interfaces/pppoe.rst b/docs/interfaces/pppoe.rst index 8fa35492..e85c16aa 100644 --- a/docs/interfaces/pppoe.rst +++ b/docs/interfaces/pppoe.rst @@ -54,6 +54,24 @@ vDSL/aDSL understands. Configuration ============= +Common interface configuration +------------------------------ + +.. cmdinclude:: ../_include/interface-description.txt + :var0: pppoe + :var1: pppoe0 + +.. cmdinclude:: ../_include/interface-disable.txt + :var0: pppoe + :var1: pppoe0 + +.. cmdinclude:: ../_include/interface-vrf.txt + :var0: pppoe + :var1: pppoe0 + +PPPoE specific configuration +---------------------------- + .. cfgcmd:: set interfaces pppoe <interface> access-concentrator <name> Use this command to restrict the PPPoE session on a given access @@ -102,16 +120,6 @@ Configuration **default:** A default route to the remote endpoint is automatically added when the link comes up (i.e. auto). -.. cfgcmd:: set interfaces pppoe <interface> description - - Assign given `<description>` to interface. Description will also be passed - to SNMP monitoring systems. - -.. cfgcmd:: set interfaces pppoe <interface> disable - - Disable given `<interface>`. It will be placed in administratively down - (``A/D``) state. - .. cfgcmd:: set interfaces pppoe <interface> idle-timeout <time> Use this command to set the idle timeout interval to be used with on-demand @@ -167,43 +175,9 @@ IPv6 Use this command to enable acquisition of IPv6 address using stateless autoconfig (SLAAC). -Prefix Delegation (DHCPv6-PD) -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -VyOS 1.3 (equuleus) supports DHCPv6-PD. DHCPv6 Prefix Delegation is supported -by most ISPs who provide native IPv6 for consumers on fixed networks. - -.. cfgcmd:: set interfaces pppoe <interface> dhcpv6-option pd <id> length <length> - - Some ISPs by default only delegate a /64 prefix. To request for a specific - prefix size use this option to request for a bigger delegation for this pd - `<id>`. This value - is in the range from 32 - 64 so you could request up to /32 down to a /64 - delegation. - - Default value is 64. - -.. cfgcmd:: set interfaces pppoe <interface> dhcpv6-option pd <id> interface <delegatee> address <address> - - Specify the interface address used locally on the interfcae where the prefix - has been delegated to. ID must be a decimal integer. - - It will be combined with the delegated prefix and the sla-id to form a complete - interface address. The default is to use the EUI-64 address of the interface. - - Example: - - Using ``<id>`` value 65535 will assign IPv6 address ``<prefix>::ffff`` to the - interface. - -.. cfgcmd:: set interfaces pppoe <interface> dhcpv6-option pd <id> interface <delegatee> sla-id <id> - - Specify the identifier value of the site-level aggregator (SLA) on the - interface. ID must be a decimal number greater then 0 which fits in the length - of SLA IDs (see below). For example, if ID is 1 and the client is delegated - an IPv6 prefix 2001:db8:ffff::/48, dhcp6c will combine the two values into a - single IPv6 prefix, 2001:db8:ffff:1::/64, and will configure the prefix on - the specified interface. +.. cmdinclude:: ../_include/interface-dhcpv6-prefix-delegation.txt + :var0: pppoe + :var1: pppoe0 Operation ========= diff --git a/docs/interfaces/pseudo-ethernet.rst b/docs/interfaces/pseudo-ethernet.rst index 52ba789b..26d8a364 100644 --- a/docs/interfaces/pseudo-ethernet.rst +++ b/docs/interfaces/pseudo-ethernet.rst @@ -48,8 +48,8 @@ Common interface configuration :var0: pseudo-ethernet :var1: peth0 -Physical Asignment ------------------- +Pseudo Ethernet/MACVLAN specific options +---------------------------------------- .. cfgcmd:: set interfaces pseudo-ethernet <interface> source-interface <ethX> diff --git a/docs/interfaces/tunnel.rst b/docs/interfaces/tunnel.rst index f20127f5..9674b0a8 100644 --- a/docs/interfaces/tunnel.rst +++ b/docs/interfaces/tunnel.rst @@ -13,6 +13,13 @@ GRE options that can be useful. All those protocols are grouped under ``interfaces tunnel`` in VyOS. Let's take a closer look at the protocols and options currently supported by VyOS. +Common interface configuration +------------------------------ + +.. cmdinclude:: ../_include/interface-common-without-dhcp.txt + :var0: tunnel + :var1: tun0 + IPIP ---- diff --git a/docs/interfaces/vxlan.rst b/docs/interfaces/vxlan.rst index 5ecfeb0a..40dc5400 100644 --- a/docs/interfaces/vxlan.rst +++ b/docs/interfaces/vxlan.rst @@ -40,55 +40,54 @@ Common interface configuration ------------------------------ .. cmdinclude:: ../_include/interface-common-without-dhcp.txt - :var0: vxlan - :var1: vxlan0 + :var0: vxlan + :var1: vxlan0 -.. cfgcmd:: set interfaces vxlan <interface> vni <number> - - Each VXLAN segment is identified through a 24-bit segment ID, termed the - :abbr:`VNI (VXLAN Network Identifier (or VXLAN Segment ID))`, This allows - up to 16M VXLAN segments to coexist within the same administrative domain. +VXLAN specific options +----------------------- -Multicast -^^^^^^^^^ +.. cfgcmd:: set interfaces vxlan <interface> vni <number> -.. cfgcmd:: set interfaces vxlan <interface> source-interface <interface> + Each VXLAN segment is identified through a 24-bit segment ID, termed the + :abbr:`VNI (VXLAN Network Identifier (or VXLAN Segment ID))`, This allows + up to 16M VXLAN segments to coexist within the same administrative domain. - Interface used for VXLAN underlay. This is mandatory when using VXLAN via - a multicast network. VXLAN traffic will always enter and exit this interface. +.. cfgcmd:: set interfaces vxlan <interface> port <port> + Configure port number of remote VXLAN endpoint. -.. cfgcmd:: set interfaces vxlan <interface> group <address> + .. note:: As VyOS is Linux based the default port used is not using 4789 + as the default IANA-assigned destination UDP port number. Instead VyOS + uses the Linux default port of 8472. - Multicast group address for VXLAN interface. VXLAN tunnels can be built - either via Multicast or via Unicast. +.. cfgcmd:: set interfaces vxlan <interface> source-address <interface> - Both IPv4 and IPv6 multicast is possible. + Source IP address used for VXLAN underlay. This is mandatory when using VXLAN + via L2VPN/EVPN. Unicast ^^^^^^^ .. cfgcmd:: set interfaces vxlan <interface> remote <address> - IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, the - remote IPv4/IPv6 address can set directly. + IPv4/IPv6 remote address of the VXLAN tunnel. Alternative to multicast, the + remote IPv4/IPv6 address can set directly. +Multicast +^^^^^^^^^ -.. cfgcmd:: set interfaces vxlan <interface> port <port> +.. cfgcmd:: set interfaces vxlan <interface> source-interface <interface> - Configure port number of remote VXLAN endpoint. + Interface used for VXLAN underlay. This is mandatory when using VXLAN via + a multicast network. VXLAN traffic will always enter and exit this interface. - .. note:: As VyOS is Linux based the default port used is not using 4789 - as the default IANA-assigned destination UDP port number. Instead VyOS - uses the Linux default port of 8472. -L2VVPN / EVPN -^^^^^^^^^^^^^ +.. cfgcmd:: set interfaces vxlan <interface> group <address> -.. cfgcmd:: set interfaces vxlan <interface> source-address <interface> + Multicast group address for VXLAN interface. VXLAN tunnels can be built + either via Multicast or via Unicast. - Source IP address used for VXLAN underlay. This is mandatory when using - VXLAN via L2VPN/EVPN. + Both IPv4 and IPv6 multicast is possible. Multicast VXLAN =============== diff --git a/docs/interfaces/wireless.rst b/docs/interfaces/wireless.rst index 8b1195fa..b146a21b 100644 --- a/docs/interfaces/wireless.rst +++ b/docs/interfaces/wireless.rst @@ -1,7 +1,10 @@ +.. include:: ../_include/need_improvement.txt + .. _wireless-interface: +################### Wireless LAN (WiFi) -------------------- +################### :abbr:`WLAN (Wireless LAN)` interface provide 802.11 (a/b/g/n/ac) wireless support (commonly referred to as Wi-Fi) by means of compatible hardware. If your @@ -22,17 +25,30 @@ If the system detects an unconfigured wireless device, it will be automatically added the configuration tree, specifying any detected settings (for example, its MAC address) and configured to run in monitor mode. +Configuration +############# + +Common interface configuration +------------------------------ + +.. cmdinclude:: ../_include/interface-common-with-dhcp.txt + :var0: wireless + :var1: wlan0 + +Wireless specific options +------------------------- + +Configuring Access-Point +^^^^^^^^^^^^^^^^^^^^^^^^ + To be able to use the wireless interfaces you will first need to set a regulatory domain with the country code of your location. -.. cfgcmd:: set system wifi-regulatory-domain DE +.. cfgcmd:: set interfaces wireless <interface> country-code <cc> Configure system wide Wi-Fi regulatory domain. A reboot is required for this change to be enabled. -Configuring Access-Point -^^^^^^^^^^^^^^^^^^^^^^^^ - The following example creates a WAP. When configuring multiple WAP interfaces, you must specify unique IP addresses, channels, Network IDs commonly referred to as :abbr:`SSID (Service Set Identifier)`, and MAC addresses. diff --git a/docs/interfaces/wirelessmodem.rst b/docs/interfaces/wirelessmodem.rst index eabb17b9..4590a3bb 100644 --- a/docs/interfaces/wirelessmodem.rst +++ b/docs/interfaces/wirelessmodem.rst @@ -18,8 +18,16 @@ Common interface configuration :var0: wirelessmodem :var1: wlm0 -Address -------- +.. cmdinclude:: ../_include/interface-disable.txt + :var0: wirelessmodem + :var1: wlm0 + +.. cmdinclude:: ../_include/interface-vrf.txt + :var0: wirelessmodem + :var1: wlm0 + +WWAN specific options +--------------------- .. cfgcmd:: set interfaces wirelessmodem <interface> apn <apn> |