From dbddfe85adaa70552607b38706b39238b465ac4e Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Fri, 23 Jul 2021 11:17:55 -0300 Subject: Index file updated and splitted into new files. Indent and lenght on every file was verified --- docs/configuration/policy/route-map.rst | 262 ++++++++++++++++++++++++++++++++ 1 file changed, 262 insertions(+) create mode 100644 docs/configuration/policy/route-map.rst (limited to 'docs/configuration/policy/route-map.rst') diff --git a/docs/configuration/policy/route-map.rst b/docs/configuration/policy/route-map.rst new file mode 100644 index 00000000..14cace25 --- /dev/null +++ b/docs/configuration/policy/route-map.rst @@ -0,0 +1,262 @@ +################ +Route Map Policy +################ + +Route map is a powerfull command, that gives network administrators a very +useful and flexible tool for traffic manipulation. + +************* +Configuration +************* + +Route Map +========= + +.. cfgcmd:: set policy route-map + + This command creates a new route-map policy, identified by . + +.. cfgcmd:: set policy route-map description + + Set description for the route-map policy. + +.. cfgcmd:: set policy route-map rule <1-65535> action + + Set action for the route-map policy. + +.. cfgcmd:: set policy route-map rule <1-65535> call + + Call another route-map policy on match. + +.. cfgcmd:: set policy route-map rule <1-65535> continue <1-65535> + + Jump to a different rule in this route-map on a match. + +.. cfgcmd:: set policy route-map rule <1-65535> description + + Set description for the rule in the route-map policy. + +.. cfgcmd:: set policy route-map rule <1-65535> match as-path + + BGP as-path list to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match community + community-list + + BGP community-list to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match community + exact-match + + Set BGP community-list to exactly match. + +.. cfgcmd:: set policy route-map rule <1-65535> match extcommunity + + + BGP extended community to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match interface + + First hop interface of a route to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match ip address + access-list <1-2699> + + IP address of route to match, based on access-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ip address + prefix-list + + IP address of route to match, based on prefix-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ip nexthop + access-list <1-2699> + + IP next-hop of route to match, based on access-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ip nexthop + prefix-list + + IP next-hop of route to match, based on prefix-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ip route-source + access-list <1-2699> + + IP route source of route to match, based on access-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ip route-source + prefix-list + + IP route source of route to match, based on prefix-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ipv6 address + access-list + + IPv6 address of route to match, based on IPv6 access-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ipv6 address + prefix-list + + IPv6 address of route to match, based on IPv6 prefix-list. + +.. cfgcmd:: set policy route-map rule <1-65535> match ipv6 nexthop + + + Nexthop IPv6 address to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match large-community + large-community-list + + Match BGP large communities. + +.. cfgcmd:: set policy route-map rule <1-65535> match local-preference + <0-4294967295> + + Match local preference. + +.. cfgcmd:: set policy route-map rule <1-65535> match metric <1-65535> + + Match route metric. + +.. cfgcmd:: set policy route-map rule <1-65535> match origin + + + Boarder Gateway Protocol (BGP) origin code to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match peer + + Peer IP address to match. + +.. cfgcmd:: set policy route-map rule <1-65535> match rpki + + + Match RPKI validation result. + +.. cfgcmd:: set policy route-map rule <1-65535> match tag <1-65535> + + Route tag to match. + +.. cfgcmd:: set policy route-map rule <1-65535> on-match goto <1-65535> + + Exit policy on match: go to rule <1-65535> + +.. cfgcmd:: set policy route-map rule <1-65535> on-match next + + Exit policy on match: go to next sequence number. + +.. cfgcmd:: set policy route-map rule <1-65535> set aggregator + <1-4294967295|x.x.x.x> + + BGP aggregator attribute: AS number or IP address of an aggregation. + +.. cfgcmd:: set policy route-map rule <1-65535> set as-path-exclude + + + Remove ASN(s) from a BGP AS-path attribute. For example "456 64500 45001". + +.. cfgcmd:: set policy route-map rule <1-65535> set as-path-prepend + + + Prepend string for a BGP AS-path attribute. For example "64501 64501". + +.. cfgcmd:: set policy route-map rule <1-65535> set atomic-aggregate + + BGP atomic aggregate attribute. + +.. cfgcmd:: set policy route-map rule <1-65535> set bgp-extcommunity-rt + + + Set route target value. ExtCommunity in format: asn:value. + +.. cfgcmd:: set policy route-map rule <1-65535> set comm-list comm-list + + + BGP communities with a community-list. + +.. cfgcmd:: set policy route-map rule <1-65535> set comm-list delete + + Delete BGP communities matching the community-list. + +.. cfgcmd:: set policy route-map rule <1-65535> set community + + + Set BGP community attribute. + +.. cfgcmd:: set policy route-map rule <1-65535> set distance <0-255> + + Locally significant administrative distance. + +.. cfgcmd:: set policy route-map rule <1-65535> set extcommunity-rt + + + Set route target value. + +.. cfgcmd:: set policy route-map rule <1-65535> set extcommunity-soo + + + Set site of origin value. + +.. cfgcmd:: set policy route-map rule <1-65535> set ip-next-hop + + + Nexthop IP address. + +.. cfgcmd:: set policy route-map rule <1-65535> set ipv6-next-hop + + + Nexthop IPv6 address. + +.. cfgcmd:: set policy route-map rule <1-65535> set large-community + + + Set BGP large community value. + +.. cfgcmd:: set policy route-map rule <1-65535> set local-preference + <0-4294967295> + + Set BGP local preference attribute. + +.. cfgcmd:: set policy route-map rule <1-65535> set metric + <+/-metric|0-4294967295> + + Set destination routing protocol metric. Add or subtract metric, or set + metric value. + +.. cfgcmd:: set policy route-map rule <1-65535> set metric-type + + + Set OSPF external metric-type. + +.. cfgcmd:: set policy route-map rule <1-65535> set origin + + + Set BGP origin code. + +.. cfgcmd:: set policy route-map rule <1-65535> set originator-id + + + Set BGP originator ID attribute. + +.. cfgcmd:: set policy route-map rule <1-65535> set src + + + Set source IP/IPv6 address for route. + +.. cfgcmd:: set policy route-map rule <1-65535> set table <1-200> + + Set prefixes to table. + +.. cfgcmd:: set policy route-map rule <1-65535> set tag <1-65535> + + Set tag value for routing protocol. + +.. cfgcmd:: set policy route-map rule <1-65535> set weight + <0-4294967295> + + Set BGP weight attribute + +******** +Examples +******** + +Examples would be uploaded soon. \ No newline at end of file -- cgit v1.2.3 From fb2225147ee1cb822bafda1f4da7e2969c3a6379 Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Mon, 26 Jul 2021 16:13:24 -0300 Subject: bgp-policies.rst deletted, and its content was divided in as-path-list.rst, community-list.rst, extcommunity-list.rst and larg-community-list.rst; Examples sections on every files removed; examples-rst changed, ir order to have the list of example on left menu --- docs/configuration/policy/access-list.rst | 11 +- docs/configuration/policy/as-path-list.rst | 33 ++++++ docs/configuration/policy/bgp-policies.rst | 124 --------------------- docs/configuration/policy/community-list.rst | 35 ++++++ docs/configuration/policy/examples.rst | 13 ++- docs/configuration/policy/extcommunity-list.rst | 40 +++++++ docs/configuration/policy/index.rst | 5 +- docs/configuration/policy/large-community-list.rst | 36 ++++++ docs/configuration/policy/prefix-list.rst | 7 -- docs/configuration/policy/route-map.rst | 6 - docs/configuration/policy/route.rst | 7 -- 11 files changed, 157 insertions(+), 160 deletions(-) create mode 100644 docs/configuration/policy/as-path-list.rst delete mode 100644 docs/configuration/policy/bgp-policies.rst create mode 100644 docs/configuration/policy/community-list.rst create mode 100644 docs/configuration/policy/extcommunity-list.rst create mode 100644 docs/configuration/policy/large-community-list.rst (limited to 'docs/configuration/policy/route-map.rst') diff --git a/docs/configuration/policy/access-list.rst b/docs/configuration/policy/access-list.rst index 41c35986..0af9b911 100644 --- a/docs/configuration/policy/access-list.rst +++ b/docs/configuration/policy/access-list.rst @@ -33,7 +33,7 @@ Access Lists This command defines matching parameters for access list rule. Matching - criteria could be applied to destinarion or source parameters: + criteria could be applied to destination or source parameters: * any: any IP address to match. * host: single host IP address to match. @@ -67,11 +67,4 @@ Basic filtering could also be applied to IPv6 traffic. * any: any IPv6 address to match. * exact-match: exact match of the network prefixes. * network: network/netmask to match (requires inverse-match be defined) BUG, - NO invert-match option in access-list6 - - -******** -Examples -******** - -Examples would be uploaded soon. \ No newline at end of file + NO invert-match option in access-list6 \ No newline at end of file diff --git a/docs/configuration/policy/as-path-list.rst b/docs/configuration/policy/as-path-list.rst new file mode 100644 index 00000000..ceeb8e01 --- /dev/null +++ b/docs/configuration/policy/as-path-list.rst @@ -0,0 +1,33 @@ +#################### +BGP - AS Path Policy +#################### + +VyOS provides policies commands exclusively for BGP traffic filtering and +manipulation: **as-path-list** is one of them. + +************* +Configuration +************* + +policy as-path-list +=================== + +.. cfgcmd:: set policy as-path-list + + Create as-path-policy identified by name . + +.. cfgcmd:: set policy as-path-list description + + Set description for as-path-list policy. + +.. cfgcmd:: set policy as-path-list rule <1-65535> action + + Set action to take on entries matching this rule. + +.. cfgcmd:: set policy as-path-list rule <1-65535> description + + Set description for rule. + +.. cfgcmd:: set policy as-path-list rule <1-65535> regex + + Regular expression to match against an AS path. For example "64501 64502". diff --git a/docs/configuration/policy/bgp-policies.rst b/docs/configuration/policy/bgp-policies.rst deleted file mode 100644 index 72b612cb..00000000 --- a/docs/configuration/policy/bgp-policies.rst +++ /dev/null @@ -1,124 +0,0 @@ -#################### -BGP Related Policies -#################### - -VyOS provides policies commands exclusively for BGP traffic filtering and -manipulation. In this section, all those commands are covered. - -************* -Configuration -************* - -policy as-path-list -=================== - -.. cfgcmd:: set policy as-path-list - - Create as-path-policy identified by name . - -.. cfgcmd:: set policy as-path-list description - - Set description for as-path-list policy. - -.. cfgcmd:: set policy as-path-list rule <1-65535> action - - Set action to take on entries matching this rule. - -.. cfgcmd:: set policy as-path-list rule <1-65535> description - - Set description for rule. - -.. cfgcmd:: set policy as-path-list rule <1-65535> regex - - Regular expression to match against an AS path. For example "64501 64502". - - -policy community-list -===================== - -.. cfgcmd:: set policy community-list - - Creat community-list policy identified by name . - -.. cfgcmd:: set policy community-list description - - Set description for community-list policy. - -.. cfgcmd:: set policy community-list rule <1-65535> action - - - Set action to take on entries matching this rule. - -.. cfgcmd:: set policy community-list rule <1-65535> description - - Set description for rule. - -.. cfgcmd:: set policy community-list rule <1-65535> regex - - - Regular expression to match against a community-list. - - -policy extcommunity-list -======================== - -.. cfgcmd:: set policy extcommunity-list - - Creat extcommunity-list policy identified by name . - -.. cfgcmd:: set policy extcommunity-list description - - Set description for extcommunity-list policy. - -.. cfgcmd:: set policy extcommunity-list rule <1-65535> action - - - Set action to take on entries matching this rule. - -.. cfgcmd:: set policy extcommunity-list rule <1-65535> description - - - Set description for rule. - -.. cfgcmd:: set policy extcommunity-list rule <1-65535> regex - - Regular expression to match against an extended community list, where text - could be: - - * : Extended community list regular expression. - * : Route Target regular expression. - * : Site of Origin regular expression. - - -policy large-community-list -=========================== - -.. cfgcmd:: set policy large-community-list - - Creat large-community-list policy identified by name . - -.. cfgcmd:: set policy large-community-list description - - Set description for large-community-list policy. - -.. cfgcmd:: set policy large-community-list rule <1-65535> action - - - Set action to take on entries matching this rule. - -.. cfgcmd:: set policy large-community-list rule <1-65535> description - - - Set description for rule. - -.. cfgcmd:: set policy large-community-list rule <1-65535> regex - - - Regular expression to match against a large community list. - - -******** -Examples -******** - -Examples would be uploaded soon. \ No newline at end of file diff --git a/docs/configuration/policy/community-list.rst b/docs/configuration/policy/community-list.rst new file mode 100644 index 00000000..e53abeb3 --- /dev/null +++ b/docs/configuration/policy/community-list.rst @@ -0,0 +1,35 @@ +#################### +BGP - Community List +#################### + +VyOS provides policies commands exclusively for BGP traffic filtering and +manipulation: **community-list** is one of them. + +************* +Configuration +************* + +policy community-list +===================== + +.. cfgcmd:: set policy community-list + + Creat community-list policy identified by name . + +.. cfgcmd:: set policy community-list description + + Set description for community-list policy. + +.. cfgcmd:: set policy community-list rule <1-65535> action + + + Set action to take on entries matching this rule. + +.. cfgcmd:: set policy community-list rule <1-65535> description + + Set description for rule. + +.. cfgcmd:: set policy community-list rule <1-65535> regex + + + Regular expression to match against a community-list. \ No newline at end of file diff --git a/docs/configuration/policy/examples.rst b/docs/configuration/policy/examples.rst index 88715a0a..a1d40db4 100644 --- a/docs/configuration/policy/examples.rst +++ b/docs/configuration/policy/examples.rst @@ -1,5 +1,6 @@ +########### BGP Example -=========== +########### **Policy definition:** @@ -50,9 +51,9 @@ neighbor. You now see the longer AS path. - +################# Transparent Proxy -================= +################# The following example will show how VyOS can be used to redirect web traffic to an external transparent proxy: @@ -84,9 +85,9 @@ interface, we use: set interfaces ethernet eth1 policy route FILTER-WEB - +################ Multiple Uplinks -================ +################ VyOS Policy-Based Routing (PBR) works by matching source IP address ranges and forwarding the traffic using different routing tables. @@ -146,7 +147,7 @@ These commands allow the VLAN10 and VLAN20 hosts to communicate with each other using the main routing table. Local route ------------ +=========== The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)` for traffic, which originated from the router itself. That solution for multiple diff --git a/docs/configuration/policy/extcommunity-list.rst b/docs/configuration/policy/extcommunity-list.rst new file mode 100644 index 00000000..c413b8b5 --- /dev/null +++ b/docs/configuration/policy/extcommunity-list.rst @@ -0,0 +1,40 @@ +############################# +BGP - Extended Community List +############################# + +VyOS provides policies commands exclusively for BGP traffic filtering and +manipulation: **extcommunity-list** is one of them. + +************* +Configuration +************* + +policy extcommunity-list +======================== + +.. cfgcmd:: set policy extcommunity-list + + Creat extcommunity-list policy identified by name . + +.. cfgcmd:: set policy extcommunity-list description + + Set description for extcommunity-list policy. + +.. cfgcmd:: set policy extcommunity-list rule <1-65535> action + + + Set action to take on entries matching this rule. + +.. cfgcmd:: set policy extcommunity-list rule <1-65535> description + + + Set description for rule. + +.. cfgcmd:: set policy extcommunity-list rule <1-65535> regex + + Regular expression to match against an extended community list, where text + could be: + + * : Extended community list regular expression. + * : Route Target regular expression. + * : Site of Origin regular expression. diff --git a/docs/configuration/policy/index.rst b/docs/configuration/policy/index.rst index fc1c1366..51f60479 100644 --- a/docs/configuration/policy/index.rst +++ b/docs/configuration/policy/index.rst @@ -35,8 +35,11 @@ Policy Sections prefix-list route route-map - bgp-policies local-route + as-path-list + community-list + extcommunity-list + large-community-list ******** Examples diff --git a/docs/configuration/policy/large-community-list.rst b/docs/configuration/policy/large-community-list.rst new file mode 100644 index 00000000..39da0815 --- /dev/null +++ b/docs/configuration/policy/large-community-list.rst @@ -0,0 +1,36 @@ +########################## +BGP - Large Community List +########################## + +VyOS provides policies commands exclusively for BGP traffic filtering and +manipulation: **large-community-list** is one of them. + +************* +Configuration +************* + +policy large-community-list +=========================== + +.. cfgcmd:: set policy large-community-list + + Creat large-community-list policy identified by name . + +.. cfgcmd:: set policy large-community-list description + + Set description for large-community-list policy. + +.. cfgcmd:: set policy large-community-list rule <1-65535> action + + + Set action to take on entries matching this rule. + +.. cfgcmd:: set policy large-community-list rule <1-65535> description + + + Set description for rule. + +.. cfgcmd:: set policy large-community-list rule <1-65535> regex + + + Regular expression to match against a large community list. diff --git a/docs/configuration/policy/prefix-list.rst b/docs/configuration/policy/prefix-list.rst index ebc02ea2..63b6510e 100644 --- a/docs/configuration/policy/prefix-list.rst +++ b/docs/configuration/policy/prefix-list.rst @@ -78,10 +78,3 @@ IPv6 Prefix Lists .. cfgcmd:: set policy prefix-list6 rule <1-65535> le <0-128> Netmask less than lenght - - -******** -Examples -******** - -Examples would be uploaded soon. \ No newline at end of file diff --git a/docs/configuration/policy/route-map.rst b/docs/configuration/policy/route-map.rst index 14cace25..7c236cf7 100644 --- a/docs/configuration/policy/route-map.rst +++ b/docs/configuration/policy/route-map.rst @@ -254,9 +254,3 @@ Route Map <0-4294967295> Set BGP weight attribute - -******** -Examples -******** - -Examples would be uploaded soon. \ No newline at end of file diff --git a/docs/configuration/policy/route.rst b/docs/configuration/policy/route.rst index 8f54a47b..ffbe85b2 100644 --- a/docs/configuration/policy/route.rst +++ b/docs/configuration/policy/route.rst @@ -419,10 +419,3 @@ IPv6 Route Weekdays to match rule on. Format for weekdays: Mon,Thu,Sat. To negate add ! at the front eg. !Mon,Thu,Sat. - - -******** -Examples -******** - -Examples would be uploaded soon. \ No newline at end of file -- cgit v1.2.3