arrange examples

42 files changed, 776 insertions, 782 deletions

diff --git a/docs/common-references.rst b/docs/_include/common-references.txt
index 79881972..79881972 100644
--- a/docs/common-references.rst
+++ b/docs/_include/common-references.txt
diff --git a/docs/_include/interface-vlan-8021ad.txt b/docs/_include/interface-vlan-8021ad.txt
index 12925ad4..74bc2080 100644
--- a/docs/_include/interface-vlan-8021ad.txt
+++ b/docs/_include/interface-vlan-8021ad.txt
@@ -140,4 +140,4 @@ tag is the one closer/closest to the Ethernet header, its name is S-TAG
    :var6: <vlan-id>
    :var7: 20
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/_include/interface-vlan-8021q.txt b/docs/_include/interface-vlan-8021q.txt
index 37f652f3..db22a1ce 100644
--- a/docs/_include/interface-vlan-8021q.txt
+++ b/docs/_include/interface-vlan-8021q.txt
@@ -108,4 +108,4 @@ term used for this is ``vif``.
    :var3: <vlan-id>
    :var4: 10
 
-.. include:: /common-references.rst
\ No newline at end of file
+.. include:: /_include/common-references.txt
\ No newline at end of file
diff --git a/docs/cli.rst b/docs/cli.rst
index b138b18b..34ab3df6 100644
--- a/docs/cli.rst
+++ b/docs/cli.rst
@@ -97,3 +97,736 @@ To enter configuration mode use the ``configure`` command:
 
 See the configuration section of this document for more information on
 configuration mode.
+
+
+.. _configuration-overview:
+
+######################
+Configuration Overview
+######################
+
+VyOS makes use of a unified configuration file for the entire system's
+configuration: ``/config/config.boot``. This allows easy template
+creation, backup, and replication of system configuration. A system can
+thus also be easily cloned by simply copying the required configuration
+files.
+
+Terminology
+===========
+live
+A VyOS system has three major types of configurations:
+
+* **Active** or **running configuration** is the system configuration
+  that is loaded  and currently active (used by VyOS). Any change in
+  the configuration will have to be committed to belong to the
+  active/running configuration.
+
+* **Working configuration** is the one that is currently being modified
+  in configuration mode. Changes made to the working configuration do
+  not go into effect until the changes are committed with the
+  :cfgcmd:`commit` command. At which time the working configuration will
+  become the active or running configuration.
+
+* **Saved configuration** is the one saved to a file using the
+  :cfgcmd:`save` command. It allows you to keep safe a configuration for
+  future uses. There can be multiple configuration files. The default or
+  "boot" configuration is saved and loaded from the file
+  ``/config/config.boot``.
+
+Seeing and navigating the configuration
+=======================================
+
+.. opcmd:: show configuration
+
+   View the current active configuration, also known as the running
+   configuration, from the operational mode.
+
+   .. code-block:: none
+
+     vyos@vyos:~$ show configuration
+     interfaces {
+         ethernet eth0 {
+             address dhcp
+             hw-id 00:53:00:00:aa:01
+         }
+         loopback lo {
+         }
+     }
+     service {
+         ssh {
+             port 22
+         }
+     }
+     system {
+         config-management {
+             commit-revisions 20
+         }
+         console {
+             device ttyS0 {
+                 speed 9600
+             }
+         }
+         login {
+             user vyos {
+                 authentication {
+                     encrypted-password ****************
+                 }
+                 level admin
+             }
+         }
+         ntp {
+             server 0.pool.ntp.org {
+             }
+             server 1.pool.ntp.org {
+             }
+             server 2.pool.ntp.org {
+             }
+         }
+         syslog {
+             global {
+                 facility all {
+                     level notice
+                 }
+                 facility protocols {
+                     level debug
+                 }
+             }
+         }
+     }
+
+By default, the configuration is displayed in a hierarchy like the above
+example, this is only one of the possible ways to display the
+configuration. When the configuration is generated and the device is
+configured, changes are added through a collection of :cfgcmd:`set` and
+:cfgcmd:`delete` commands.
+
+.. opcmd:: show configuration commands
+
+   Get a collection of all the set commands required which led to the
+   running configuration.
+
+   .. code-block:: none
+
+     vyos@vyos:~$ show configuration commands
+     set interfaces ethernet eth0 address 'dhcp'
+     set interfaces ethernet eth0 hw-id '00:53:dd:44:3b:0f'
+     set interfaces loopback 'lo'
+     set service ssh port '22'
+     set system config-management commit-revisions '20'
+     set system console device ttyS0 speed '9600'
+     set system login user vyos authentication encrypted-password '$6$Vt68...QzF0'
+     set system login user vyos level 'admin'
+     set system ntp server '0.pool.ntp.org'
+     set system ntp server '1.pool.ntp.org'
+     set system ntp server '2.pool.ntp.org'
+     set system syslog global facility all level 'notice'
+     set system syslog global facility protocols level 'debug'
+
+Both these ``show`` commands should be executed when in operational
+mode, they do not work directly in configuration mode. There is a
+special way on how to :ref:`run_opmode_from_config_mode`.
+
+.. hint:: Use the ``show configuration commands | strip-private``
+   command when you want to hide private data. You may want to do so if
+   you want to share your configuration on the `forum`_.
+
+.. _`forum`: https://forum.vyos.io
+
+
+The config mode
+---------------
+
+When entering the configuration mode you are navigating inside a tree
+structure, to enter configuration mode enter the command
+:opcmd:`configure` when in operational mode.
+
+.. code-block:: none
+
+  vyos@vyos$ configure
+  [edit]
+  vyos@vyos#
+
+
+.. note:: When going into configuration mode, prompt changes from
+   ``$`` to ``#``.
+
+
+All commands executed here are relative to the configuration level you
+have entered. You can do everything from the top level, but commands
+will be quite lengthy when manually typing them.
+
+The current hierarchy level can be changed by the :cfgcmd:`edit`
+command.
+
+.. code-block:: none
+
+  [edit]
+  vyos@vyos# edit interfaces ethernet eth0
+
+  [edit interfaces ethernet eth0]
+  vyos@vyos#
+
+You are now in a sublevel relative to ``interfaces ethernet eth0``, all
+commands executed from this point on are relative to this sublevel. Use
+eithe the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top
+of the hierarchy. You can also use the :cfgcmd:`up` command to move only
+one level up at a time.
+
+.. cfgcmd:: show
+
+The :cfgcmd:`show` command within configuration mode will show the
+working configuration indicating line changes with ``+`` for additions,
+``>`` for replacements and ``-`` for deletions.
+
+**Example:**
+
+.. code-block:: none
+
+ vyos@vyos:~$ configure
+ [edit]
+ vyos@vyos# show interfaces
+  ethernet eth0 {
+      description MY_OLD_DESCRIPTION
+      disable
+      hw-id 00:53:dd:44:3b:03
+  }
+  loopback lo {
+  }
+ [edit]
+ vyos@vyos# set interfaces ethernet eth0 address dhcp
+ [edit]
+ vyos@vyos# set interfaces ethernet eth0 description MY_NEW_DESCRIPTION
+ [edit]
+ vyos@vyos# delete interfaces ethernet eth0 disable
+ [edit]
+ vyos@vyos# show interfaces
+  ethernet eth0 {
+ +    address dhcp
+ >    description MY_NEW_DESCRIPTION
+ -    disable
+      hw-id 00:53:dd:44:3b:03
+  }
+  loopback lo {
+  }
+
+It is also possible to display all `set` commands within configuration
+mode using :cfgcmd:`show | commands`
+
+.. code-block:: none
+
+  vyos@vyos# show interfaces ethernet eth0 | commands
+  set address dhcp
+  set hw-id 00:53:ad:44:3b:03
+
+These commands are also relative to the level you are inside and only 
+relevant configuration blocks will be displayed when entering a
+sub-level.
+
+.. code-block:: none
+
+  [edit interfaces ethernet eth0]
+  vyos@vyos# show
+   address dhcp
+   hw-id 00:53:ad:44:3b:03
+
+Exiting from the configuration mode is done via the :cfgcmd:`exit`
+command from the top level, executing :cfgcmd:`exit` from within a
+sub-level takes you back to the top level.
+
+.. code-block:: none
+
+  [edit interfaces ethernet eth0]
+  vyos@vyos# exit
+  [edit]
+  vyos@vyos# exit
+  Warning: configuration changes have not been saved.
+
+
+Editing the configuration
+=========================
+
+The configuration can be edited by the use of :cfgcmd:`set` and
+:cfgcmd:`delete` commands from within configuration mode.
+
+.. cfgcmd:: set
+
+   Use this command to set the value of a parameter or to create a new
+   element.
+
+Configuration commands are flattened from the tree into 'one-liner'
+commands shown in :opcmd:`show configuration commands` from operation
+mode. Commands are relative to the level where they are executed and all
+redundant information from the current level is removed from the command
+entered.
+
+.. code-block:: none
+
+  [edit]
+  vyos@vyos# set interface ethernet eth0 address 192.0.2.100/24
+
+
+.. code-block:: none
+
+  [edit interfaces ethernet eth0]
+  vyos@vyos# set address 203.0.113.6/24
+
+
+These two commands above are essentially the same, just executed from
+different levels in the hierarchy.
+
+.. cfgcmd:: delete
+
+   To delete a configuration entry use the :cfgcmd:`delete` command,
+   this also deletes all sub-levels under the current level you've
+   specified in the :cfgcmd:`delete` command. Deleting an entry will
+   also result in the element reverting back to its default value if one
+   exists.
+
+   .. code-block:: none
+
+     [edit interfaces ethernet eth0]
+     vyos@vyos# delete address 192.0.2.100/24
+
+.. cfgcmd:: commit
+
+  Any change you do on the configuration, will not take effect until
+  committed using the :cfgcmd:`commit` command in configuration mode.
+
+  .. code-block:: none
+
+    vyos@vyos# commit
+    [edit]
+    vyos@vyos# exit
+    Warning: configuration changes have not been saved.
+    vyos@vyos:~$
+
+.. _save:
+
+.. cfgcmd:: save
+
+   Use this command to preserve configuration changes upon reboot. By
+   default it is stored at */config/config.boot*. In the case you want
+   to store the configuration file somewhere else, you can add a local
+   path, an SCP address, an FTP address or a TFTP address. 
+
+   .. code-block:: none
+
+     vyos@vyos# save
+     Saving configuration to '/config/config.boot'...
+     Done
+
+   .. code-block:: none
+
+     vyos@vyos# save [tab]
+     Possible completions:
+       <Enter>       Save to system config file
+       <file>        Save to file on local machine
+       scp://<user>:<passwd>@<host>:/<file> Save to file on remote machine
+       ftp://<user>:<passwd>@<host>/<file> Save to file on remote machine
+       tftp://<host>/<file>      Save to file on remote machine
+     vyos@vyos# save tftp://192.168.0.100/vyos-test.config.boot
+     Saving configuration to 'tftp://192.168.0.100/vyos-test.config.boot'...
+     ######################################################################## 100.0%
+     Done
+
+.. cfgcmd:: exit [discard]
+
+   Configuration mode can not be exited while uncommitted changes exist.
+   To exit configuration mode without applying changes, the
+   :cfgcmd:`exit discard` command must be used.
+
+   All changes in the working config will thus be lost.
+
+   .. code-block:: none
+
+     vyos@vyos# exit
+     Cannot exit: configuration modified.
+     Use 'exit discard' to discard the changes and exit.
+     [edit]
+     vyos@vyos# exit discard
+
+
+.. cfgcmd:: commit-confirm <minutes>
+
+   Use this command to temporarily commit your changes and set the
+   number of minutes available for validation. ``confirm`` must
+   be entered within those minutes, otherwise the system will reboot
+   into the previous configuration. The default value is 10 minutes.
+
+
+   What if you are doing something dangerous? Suppose you want to setup
+   a firewall, and you are not sure there are no mistakes that will lock
+   you out of your system. You can use confirmed commit. If you issue
+   the ``commit-confirm`` command, your changes will be commited, and if
+   you don't issue issue the ``confirm`` command in 10 minutes, your
+   system will reboot into previous config revision.
+
+   .. code-block:: none
+   
+      vyos@router# set interfaces ethernet eth0 firewall local name FromWorld
+      vyos@router# commit-confirm 
+      commit confirm will be automatically reboot in 10 minutes unless confirmed
+      Proceed? [confirm]y
+      [edit]
+      vyos@router# confirm 
+      [edit]
+
+
+   .. note:: A reboot because you did not enter ``confirm`` will not
+      take you necessarily to the *saved configuration*, but to the
+      point before the unfortunate commit.
+
+
+.. cfgcmd:: copy
+
+   Copy a configuration element.
+
+   You can copy and remove configuration subtrees. Suppose you set up a
+   firewall ruleset ``FromWorld`` with one rule that allows traffic from
+   specific subnet. Now you want to setup a similar rule, but for
+   different subnet. Change your edit level to
+   ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then
+   modify rule 20.
+
+
+   .. code-block:: none
+   
+      vyos@router# show firewall name FromWorld 
+       default-action drop
+       rule 10 {
+           action accept
+           source {
+               address 203.0.113.0/24
+           }
+       }
+      [edit]
+      vyos@router# edit firewall name FromWorld 
+      [edit firewall name FromWorld]
+      vyos@router# copy rule 10 to rule 20
+      [edit firewall name FromWorld]
+      vyos@router# set rule 20 source address 198.51.100.0/24
+      [edit firewall name FromWorld]
+      vyos@router# commit
+      [edit firewall name FromWorld]
+
+
+.. cfgcmd:: rename
+
+   Rename a configuration element.
+
+   You can also rename config subtrees:
+
+   .. code-block:: none
+   
+      vyos@router# rename rule 10 to rule 5
+      [edit firewall name FromWorld]
+      vyos@router# commit
+      [edit firewall name FromWorld]
+
+   Note that ``show`` command respects your edit level and from this
+   level you can view the modified firewall ruleset with just ``show``
+   with no parameters.
+
+   .. code-block:: none
+   
+      vyos@router# show 
+       default-action drop
+       rule 5 {
+           action accept
+           source {
+               address 203.0.113.0/24
+           }
+       }
+       rule 20 {
+           action accept
+           source {
+               address 198.51.100.0/24
+           }
+       }
+
+
+.. cfgcmd:: comment <config node> "comment text"
+
+   Add comment as an annotation to a configuration node.
+
+   The ``comment`` command allows you to insert a comment above the
+   ``<config node>`` configuration section. When shown, comments are
+   enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments
+   need to be commited, just like other config changes.
+
+   To remove an existing comment from your current configuration,
+   specify an empty string enclosed in double quote marks (``""``) as
+   the comment text.
+
+   Example:
+
+   .. code-block:: none
+
+     vyos@vyos# comment firewall all-ping "Yes I know this VyOS is cool"
+     vyos@vyos# commit
+     vyos@vyos# show
+      firewall {
+          /* Yes I know this VyOS is cool */
+          all-ping enable
+          broadcast-ping disable
+          ...
+      }
+
+   .. note:: An important thing to note is that since the comment is
+      added on top of the section, it will not appear if the ``show
+      <section>`` command is used. With the above example, the `show
+      firewall` command would return starting after the ``firewall
+      {`` line, hiding the comment.
+
+
+
+
+   
+
+.. _run_opmode_from_config_mode:
+
+Access opmode from config mode
+==============================
+
+When inside configuration mode you are not directly able to execute
+operational commands.
+
+.. cfgcmd:: run
+
+  Access to these commands are possible through the use of the
+  ``run [command]`` command. From this command you will have access to
+  everything accessible from operational mode.
+
+  Command completion and syntax help with ``?`` and ``[tab]`` will also
+  work.
+
+  .. code-block:: none
+
+    [edit]
+    vyos@vyos# run show interfaces
+    Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
+    Interface        IP Address                        S/L  Description
+    ---------        ----------                        ---  -----------
+    eth0             0.0.0.0/0                         u/u
+
+Managing configurations
+=======================
+
+VyOS comes with an integrated versioning system for the system
+configuration. It automatically maintains a backup of every previous
+configuration which has been committed to the system. The configurations
+are versioned locally for rollback but they can also be stored on a
+remote host for archiving/backup reasons.
+
+Local Archive
+-------------
+
+Revisions are stored on disk. You can view, compare and rollback them to
+any previous revisions if something goes wrong.
+
+.. opcmd:: show system commit
+
+   View all existing revisions on the local system.
+
+   .. code-block:: none
+
+     vyos@vyos:~$ show system commit
+     0   2015-03-30 08:53:03 by vyos via cli
+     1   2015-03-30 08:52:20 by vyos via cli
+     2   2015-03-26 21:26:01 by root via boot-config-loader
+     3   2015-03-26 20:43:18 by root via boot-config-loader
+     4   2015-03-25 11:06:14 by root via boot-config-loader
+     5   2015-03-25 01:04:28 by root via boot-config-loader
+     6   2015-03-25 00:16:47 by vyos via cli
+     7   2015-03-24 23:43:45 by root via boot-config-loader
+
+
+.. cfgcmd:: set system config-management commit-revisions <N>
+
+   You can specify the number of revisions stored on disk. N can be in
+   the range of 0 - 65535. When the number of revisions exceeds the
+   configured value, the oldest revision is removed. The default setting
+   for this value is to store 100 revisions locally.
+
+
+Compare configurations
+----------------------
+
+VyOS lets you compare different configurations.
+
+.. cfgcmd:: compare <saved | N> <M>
+
+   Use this command to spot what the differences are between different
+   configurations.
+
+   .. code-block:: none
+
+     vyos@vyos# compare [tab]
+     Possible completions:
+       <Enter>	Compare working & active configurations
+       saved		Compare working & saved configurations
+       <N>		Compare working with revision N
+       <N> <M>	Compare revision N with M
+       Revisions:
+         0	   2013-12-17 20:01:37 root by boot-config-loader
+         1	   2013-12-13 15:59:31 root by boot-config-loader
+         2	   2013-12-12 21:56:22 vyos by cli
+         3	   2013-12-12 21:55:11 vyos by cli
+         4	   2013-12-12 21:27:54 vyos by cli
+         5	   2013-12-12 21:23:29 vyos by cli
+         6	   2013-12-12 21:13:59 root by boot-config-loader
+         7	   2013-12-12 16:25:19 vyos by cli
+         8	   2013-12-12 15:44:36 vyos by cli
+         9	   2013-12-12 15:42:07 root by boot-config-loader
+         10   2013-12-12 15:42:06 root by init
+
+   The command :cfgcmd:`compare` allows you to compare different type of
+   configurations. It also lets you compare different revisions through
+   the :cfgcmd:`compare N M` command, where N and M are revision
+   numbers. The output will describe how the configuration N is when
+   compared to M indicating with a plus sign (``+``) the additional
+   parts N has when compared to M, and indicating with a minus sign
+   (``-``) the lacking parts N misses when compared to M.
+
+   .. code-block:: none
+
+     vyos@vyos# compare 0 6
+     [edit interfaces]
+     +dummy dum1 {
+     +    address 10.189.0.1/31
+     +}
+     [edit interfaces ethernet eth0]
+     +vif 99 {
+     +    address 10.199.0.1/31
+     +}
+     -vif 900 {
+     -    address 192.0.2.4/24
+     -}
+
+
+.. opcmd:: show system commit diff <number>
+
+   Show commit revision difference.
+
+
+The command above also lets you see the difference between two commits.
+By default the difference with the running config is shown.
+
+.. code-block:: none
+
+   vyos@router# run show system commit diff 4
+   [edit system]
+   +ipv6 {
+   +    disable-forwarding
+   +}
+
+This means four commits ago we did ``set system ipv6 disable-forwarding``.
+
+
+Rollback Changes
+----------------
+
+You can rollback configuration changes using the rollback command. This
+will apply the selected revision and trigger a system reboot.
+
+.. cfgcmd:: rollback <N>
+
+   Rollback to revision N (currently requires reboot)
+
+   .. code-block:: none
+
+     vyos@vyos# compare 1
+     [edit system]
+     >host-name vyos-1
+     [edit]
+
+     vyos@vyos# rollback 1
+     Proceed with reboot? [confirm][y]
+     Broadcast message from root@vyos-1 (pts/0) (Tue Dec 17 21:07:45 2013):
+     The system is going down for reboot NOW!
+
+Remote Archive
+--------------
+
+VyOS can upload the configuration to a remote location after each call
+to :cfgcmd:`commit`. You will have to set the commit-archive location.
+TFTP, FTP, SCP and SFTP servers are supported. Every time a
+:cfgcmd:`commit` is successfull the ``config.boot`` file will be copied
+to the defined destination(s). The filename used on the remote host will
+be ``config.boot-hostname.YYYYMMDD_HHMMSS``. 
+
+.. cfgcmd:: set system config-management commit-archive location <URI>
+
+   Specify remote location of commit archive as any of the below
+   :abbr:`URI (Uniform Resource Identifier)`
+
+   * ``scp://<user>:<passwd>@<host>:/<dir>``
+   * ``sftp://<user>:<passwd>@<host>/<dir>``
+   * ``ftp://<user>:<passwd>@<host>/<dir>``
+   * ``tftp://<host>/<dir>``
+
+.. note:: The number of revisions don't affect the commit-archive.
+
+.. note:: You may find VyOS not allowing the secure connection because
+   it cannot verify the legitimacy of the remote server. You can use
+   the workaround below to quickly add the remote host's SSH
+   fingerprint to your ``~/.ssh/known_hosts`` file:
+
+   .. code-block:: none
+
+     vyos@vyos# ssh-keyscan <host> >> ~/.ssh/known_hosts
+
+Saving and loading manually
+---------------------------
+
+You can use the ``save`` and ``load`` commands if you want to manually
+manage specific configuration files.
+
+When using the save_ command, you can add a specific location where
+to store your configuration file. And, when needed it, you will be able
+to load it with the ``load`` command:
+
+.. cfgcmd:: load <URI>
+
+   Use this command to load a configuration which will replace the
+   running configuration. Define the location of the configuration file
+   to be loaded. You can use a path to a local file, an SCP address, an
+   SFTP address, an FTP address, an HTTP address, an HTTPS address or a
+   TFTP address.
+
+  .. code-block:: none
+
+     vyos@vyos# load 
+     Possible completions:
+       <Enter>				        Load from system config file
+       <file>			        	Load from file on local machine
+       scp://<user>:<passwd>@<host>:/<file>	Load from file on remote machine
+       sftp://<user>:<passwd>@<host>/<file>	Load from file on remote machine
+       ftp://<user>:<passwd>@<host>/<file>	Load from file on remote machine
+       http://<host>/<file>			Load from file on remote machine
+       https://<host>/<file>			Load from file on remote machine
+       tftp://<host>/<file>			Load from file on remote machine
+     
+
+
+Restore Default
+---------------
+
+In the case you want to completely delete your configuration and restore
+the default one, you can enter the following command in configuration
+mode:
+
+.. code-block:: none
+
+  load /opt/vyatta/etc/config.boot.default
+
+You will be asked if you want to continue. If you accept, you will have
+to use :cfgcmd:`commit` if you want to make the changes active.
+
+Then you may want to :cfgcmd:`save` in order to delete the saved
+configuration too.
+
+.. note:: If you are remotely connected, you will lose your connection.
+   You may want to copy first the config, edit it to ensure
+   connectivity, and load the edited config.
+
diff --git a/docs/command-list-configuration.rst b/docs/command-list-configuration.rst
deleted file mode 100644
index 7b981518..00000000
--- a/docs/command-list-configuration.rst
+++ /dev/null
@@ -1,7 +0,0 @@
-.. _configuration_level_commands:
-
-********************************
-Configuration Level Command List
-********************************
-
-.. cfgcmdlist::
diff --git a/docs/command-list-operation.rst b/docs/command-list-operation.rst
deleted file mode 100644
index bbb0298c..00000000
--- a/docs/command-list-operation.rst
+++ /dev/null
@@ -1,7 +0,0 @@
-.. _operational_level_commands:
-
-******************************
-Operational Level Command List
-******************************
-
-.. opcmdlist::
diff --git a/docs/appendix/examples/azure-vpn-bgp.rst b/docs/configexamples/azure-vpn-bgp.rst
index 176e0ae0..176e0ae0 100644
--- a/docs/appendix/examples/azure-vpn-bgp.rst
+++ b/docs/configexamples/azure-vpn-bgp.rst
diff --git a/docs/appendix/examples/azure-vpn-dual-bgp.rst b/docs/configexamples/azure-vpn-dual-bgp.rst
index 13d4b5a2..13d4b5a2 100644
--- a/docs/appendix/examples/azure-vpn-dual-bgp.rst
+++ b/docs/configexamples/azure-vpn-dual-bgp.rst
diff --git a/docs/appendix/examples/bgp-ipv6-unnumbered.rst b/docs/configexamples/bgp-ipv6-unnumbered.rst
index ccc1f69a..ccc1f69a 100644
--- a/docs/appendix/examples/bgp-ipv6-unnumbered.rst
+++ b/docs/configexamples/bgp-ipv6-unnumbered.rst
diff --git a/docs/appendix/examples/dhcp-relay-through-gre-bridge.rst b/docs/configexamples/dhcp-relay-through-gre-bridge.rst
index f94eb67f..f94eb67f 100644
--- a/docs/appendix/examples/dhcp-relay-through-gre-bridge.rst
+++ b/docs/configexamples/dhcp-relay-through-gre-bridge.rst
diff --git a/docs/appendix/examples/ha.rst b/docs/configexamples/ha.rst
index 702cb2b2..702cb2b2 100644
--- a/docs/appendix/examples/ha.rst
+++ b/docs/configexamples/ha.rst
diff --git a/docs/appendix/examples/index.rst b/docs/configexamples/index.rst
index b2f7bfde..b2f7bfde 100644
--- a/docs/appendix/examples/index.rst
+++ b/docs/configexamples/index.rst
diff --git a/docs/appendix/examples/ospf-unnumbered.rst b/docs/configexamples/ospf-unnumbered.rst
index 39f8f69a..39f8f69a 100644
--- a/docs/appendix/examples/ospf-unnumbered.rst
+++ b/docs/configexamples/ospf-unnumbered.rst
diff --git a/docs/appendix/examples/tunnelbroker-ipv6.rst b/docs/configexamples/tunnelbroker-ipv6.rst
index 868b225f..868b225f 100644
--- a/docs/appendix/examples/tunnelbroker-ipv6.rst
+++ b/docs/configexamples/tunnelbroker-ipv6.rst
diff --git a/docs/appendix/examples/wan-load-balancing.rst b/docs/configexamples/wan-load-balancing.rst
index 7093defe..7093defe 100644
--- a/docs/appendix/examples/wan-load-balancing.rst
+++ b/docs/configexamples/wan-load-balancing.rst
diff --git a/docs/appendix/examples/zone-policy.rst b/docs/configexamples/zone-policy.rst
index bfe77c2e..bfe77c2e 100644
--- a/docs/appendix/examples/zone-policy.rst
+++ b/docs/configexamples/zone-policy.rst
diff --git a/docs/configuration-overview.rst b/docs/configuration-overview.rst
deleted file mode 100644
index 5658cdbb..00000000
--- a/docs/configuration-overview.rst
+++ /dev/null
@@ -1,730 +0,0 @@
-.. _configuration-overview:
-
-######################
-Configuration Overview
-######################
-
-VyOS makes use of a unified configuration file for the entire system's
-configuration: ``/config/config.boot``. This allows easy template
-creation, backup, and replication of system configuration. A system can
-thus also be easily cloned by simply copying the required configuration
-files.
-
-Terminology
-===========
-live
-A VyOS system has three major types of configurations:
-
-* **Active** or **running configuration** is the system configuration
-  that is loaded  and currently active (used by VyOS). Any change in
-  the configuration will have to be committed to belong to the
-  active/running configuration.
-
-* **Working configuration** is the one that is currently being modified
-  in configuration mode. Changes made to the working configuration do
-  not go into effect until the changes are committed with the
-  :cfgcmd:`commit` command. At which time the working configuration will
-  become the active or running configuration.
-
-* **Saved configuration** is the one saved to a file using the
-  :cfgcmd:`save` command. It allows you to keep safe a configuration for
-  future uses. There can be multiple configuration files. The default or
-  "boot" configuration is saved and loaded from the file
-  ``/config/config.boot``.
-
-Seeing and navigating the configuration
-=======================================
-
-.. opcmd:: show configuration
-
-   View the current active configuration, also known as the running
-   configuration, from the operational mode.
-
-   .. code-block:: none
-
-     vyos@vyos:~$ show configuration
-     interfaces {
-         ethernet eth0 {
-             address dhcp
-             hw-id 00:53:00:00:aa:01
-         }
-         loopback lo {
-         }
-     }
-     service {
-         ssh {
-             port 22
-         }
-     }
-     system {
-         config-management {
-             commit-revisions 20
-         }
-         console {
-             device ttyS0 {
-                 speed 9600
-             }
-         }
-         login {
-             user vyos {
-                 authentication {
-                     encrypted-password ****************
-                 }
-                 level admin
-             }
-         }
-         ntp {
-             server 0.pool.ntp.org {
-             }
-             server 1.pool.ntp.org {
-             }
-             server 2.pool.ntp.org {
-             }
-         }
-         syslog {
-             global {
-                 facility all {
-                     level notice
-                 }
-                 facility protocols {
-                     level debug
-                 }
-             }
-         }
-     }
-
-By default, the configuration is displayed in a hierarchy like the above
-example, this is only one of the possible ways to display the
-configuration. When the configuration is generated and the device is
-configured, changes are added through a collection of :cfgcmd:`set` and
-:cfgcmd:`delete` commands.
-
-.. opcmd:: show configuration commands
-
-   Get a collection of all the set commands required which led to the
-   running configuration.
-
-   .. code-block:: none
-
-     vyos@vyos:~$ show configuration commands
-     set interfaces ethernet eth0 address 'dhcp'
-     set interfaces ethernet eth0 hw-id '00:53:dd:44:3b:0f'
-     set interfaces loopback 'lo'
-     set service ssh port '22'
-     set system config-management commit-revisions '20'
-     set system console device ttyS0 speed '9600'
-     set system login user vyos authentication encrypted-password '$6$Vt68...QzF0'
-     set system login user vyos level 'admin'
-     set system ntp server '0.pool.ntp.org'
-     set system ntp server '1.pool.ntp.org'
-     set system ntp server '2.pool.ntp.org'
-     set system syslog global facility all level 'notice'
-     set system syslog global facility protocols level 'debug'
-
-Both these ``show`` commands should be executed when in operational
-mode, they do not work directly in configuration mode. There is a
-special way on how to :ref:`run_opmode_from_config_mode`.
-
-.. hint:: Use the ``show configuration commands | strip-private``
-   command when you want to hide private data. You may want to do so if
-   you want to share your configuration on the `forum`_.
-
-.. _`forum`: https://forum.vyos.io
-
-
-The config mode
----------------
-
-When entering the configuration mode you are navigating inside a tree
-structure, to enter configuration mode enter the command
-:opcmd:`configure` when in operational mode.
-
-.. code-block:: none
-
-  vyos@vyos$ configure
-  [edit]
-  vyos@vyos#
-
-
-.. note:: When going into configuration mode, prompt changes from
-   ``$`` to ``#``.
-
-
-All commands executed here are relative to the configuration level you
-have entered. You can do everything from the top level, but commands
-will be quite lengthy when manually typing them.
-
-The current hierarchy level can be changed by the :cfgcmd:`edit`
-command.
-
-.. code-block:: none
-
-  [edit]
-  vyos@vyos# edit interfaces ethernet eth0
-
-  [edit interfaces ethernet eth0]
-  vyos@vyos#
-
-You are now in a sublevel relative to ``interfaces ethernet eth0``, all
-commands executed from this point on are relative to this sublevel. Use
-eithe the :cfgcmd:`top` or :cfgcmd:`exit` command to go back to the top
-of the hierarchy. You can also use the :cfgcmd:`up` command to move only
-one level up at a time.
-
-.. cfgcmd:: show
-
-The :cfgcmd:`show` command within configuration mode will show the
-working configuration indicating line changes with ``+`` for additions,
-``>`` for replacements and ``-`` for deletions.
-
-**Example:**
-
-.. code-block:: none
-
- vyos@vyos:~$ configure
- [edit]
- vyos@vyos# show interfaces
-  ethernet eth0 {
-      description MY_OLD_DESCRIPTION
-      disable
-      hw-id 00:53:dd:44:3b:03
-  }
-  loopback lo {
-  }
- [edit]
- vyos@vyos# set interfaces ethernet eth0 address dhcp
- [edit]
- vyos@vyos# set interfaces ethernet eth0 description MY_NEW_DESCRIPTION
- [edit]
- vyos@vyos# delete interfaces ethernet eth0 disable
- [edit]
- vyos@vyos# show interfaces
-  ethernet eth0 {
- +    address dhcp
- >    description MY_NEW_DESCRIPTION
- -    disable
-      hw-id 00:53:dd:44:3b:03
-  }
-  loopback lo {
-  }
-
-It is also possible to display all `set` commands within configuration
-mode using :cfgcmd:`show | commands`
-
-.. code-block:: none
-
-  vyos@vyos# show interfaces ethernet eth0 | commands
-  set address dhcp
-  set hw-id 00:53:ad:44:3b:03
-
-These commands are also relative to the level you are inside and only 
-relevant configuration blocks will be displayed when entering a
-sub-level.
-
-.. code-block:: none
-
-  [edit interfaces ethernet eth0]
-  vyos@vyos# show
-   address dhcp
-   hw-id 00:53:ad:44:3b:03
-
-Exiting from the configuration mode is done via the :cfgcmd:`exit`
-command from the top level, executing :cfgcmd:`exit` from within a
-sub-level takes you back to the top level.
-
-.. code-block:: none
-
-  [edit interfaces ethernet eth0]
-  vyos@vyos# exit
-  [edit]
-  vyos@vyos# exit
-  Warning: configuration changes have not been saved.
-
-
-Editing the configuration
-=========================
-
-The configuration can be edited by the use of :cfgcmd:`set` and
-:cfgcmd:`delete` commands from within configuration mode.
-
-.. cfgcmd:: set
-
-   Use this command to set the value of a parameter or to create a new
-   element.
-
-Configuration commands are flattened from the tree into 'one-liner'
-commands shown in :opcmd:`show configuration commands` from operation
-mode. Commands are relative to the level where they are executed and all
-redundant information from the current level is removed from the command
-entered.
-
-.. code-block:: none
-
-  [edit]
-  vyos@vyos# set interface ethernet eth0 address 192.0.2.100/24
-
-
-.. code-block:: none
-
-  [edit interfaces ethernet eth0]
-  vyos@vyos# set address 203.0.113.6/24
-
-
-These two commands above are essentially the same, just executed from
-different levels in the hierarchy.
-
-.. cfgcmd:: delete
-
-   To delete a configuration entry use the :cfgcmd:`delete` command,
-   this also deletes all sub-levels under the current level you've
-   specified in the :cfgcmd:`delete` command. Deleting an entry will
-   also result in the element reverting back to its default value if one
-   exists.
-
-   .. code-block:: none
-
-     [edit interfaces ethernet eth0]
-     vyos@vyos# delete address 192.0.2.100/24
-
-.. cfgcmd:: commit
-
-  Any change you do on the configuration, will not take effect until
-  committed using the :cfgcmd:`commit` command in configuration mode.
-
-  .. code-block:: none
-
-    vyos@vyos# commit
-    [edit]
-    vyos@vyos# exit
-    Warning: configuration changes have not been saved.
-    vyos@vyos:~$
-
-.. _save:
-
-.. cfgcmd:: save
-
-   Use this command to preserve configuration changes upon reboot. By
-   default it is stored at */config/config.boot*. In the case you want
-   to store the configuration file somewhere else, you can add a local
-   path, an SCP address, an FTP address or a TFTP address. 
-
-   .. code-block:: none
-
-     vyos@vyos# save
-     Saving configuration to '/config/config.boot'...
-     Done
-
-   .. code-block:: none
-
-     vyos@vyos# save [tab]
-     Possible completions:
-       <Enter>       Save to system config file
-       <file>        Save to file on local machine
-       scp://<user>:<passwd>@<host>:/<file> Save to file on remote machine
-       ftp://<user>:<passwd>@<host>/<file> Save to file on remote machine
-       tftp://<host>/<file>      Save to file on remote machine
-     vyos@vyos# save tftp://192.168.0.100/vyos-test.config.boot
-     Saving configuration to 'tftp://192.168.0.100/vyos-test.config.boot'...
-     ######################################################################## 100.0%
-     Done
-
-.. cfgcmd:: exit [discard]
-
-   Configuration mode can not be exited while uncommitted changes exist.
-   To exit configuration mode without applying changes, the
-   :cfgcmd:`exit discard` command must be used.
-
-   All changes in the working config will thus be lost.
-
-   .. code-block:: none
-
-     vyos@vyos# exit
-     Cannot exit: configuration modified.
-     Use 'exit discard' to discard the changes and exit.
-     [edit]
-     vyos@vyos# exit discard
-
-
-.. cfgcmd:: commit-confirm <minutes>
-
-   Use this command to temporarily commit your changes and set the
-   number of minutes available for validation. ``confirm`` must
-   be entered within those minutes, otherwise the system will reboot
-   into the previous configuration. The default value is 10 minutes.
-
-
-   What if you are doing something dangerous? Suppose you want to setup
-   a firewall, and you are not sure there are no mistakes that will lock
-   you out of your system. You can use confirmed commit. If you issue
-   the ``commit-confirm`` command, your changes will be commited, and if
-   you don't issue issue the ``confirm`` command in 10 minutes, your
-   system will reboot into previous config revision.
-
-   .. code-block:: none
-   
-      vyos@router# set interfaces ethernet eth0 firewall local name FromWorld
-      vyos@router# commit-confirm 
-      commit confirm will be automatically reboot in 10 minutes unless confirmed
-      Proceed? [confirm]y
-      [edit]
-      vyos@router# confirm 
-      [edit]
-
-
-   .. note:: A reboot because you did not enter ``confirm`` will not
-      take you necessarily to the *saved configuration*, but to the
-      point before the unfortunate commit.
-
-
-.. cfgcmd:: copy
-
-   Copy a configuration element.
-
-   You can copy and remove configuration subtrees. Suppose you set up a
-   firewall ruleset ``FromWorld`` with one rule that allows traffic from
-   specific subnet. Now you want to setup a similar rule, but for
-   different subnet. Change your edit level to
-   ``firewall name FromWorld`` and use ``copy rule 10 to rule 20``, then
-   modify rule 20.
-
-
-   .. code-block:: none
-   
-      vyos@router# show firewall name FromWorld 
-       default-action drop
-       rule 10 {
-           action accept
-           source {
-               address 203.0.113.0/24
-           }
-       }
-      [edit]
-      vyos@router# edit firewall name FromWorld 
-      [edit firewall name FromWorld]
-      vyos@router# copy rule 10 to rule 20
-      [edit firewall name FromWorld]
-      vyos@router# set rule 20 source address 198.51.100.0/24
-      [edit firewall name FromWorld]
-      vyos@router# commit
-      [edit firewall name FromWorld]
-
-
-.. cfgcmd:: rename
-
-   Rename a configuration element.
-
-   You can also rename config subtrees:
-
-   .. code-block:: none
-   
-      vyos@router# rename rule 10 to rule 5
-      [edit firewall name FromWorld]
-      vyos@router# commit
-      [edit firewall name FromWorld]
-
-   Note that ``show`` command respects your edit level and from this
-   level you can view the modified firewall ruleset with just ``show``
-   with no parameters.
-
-   .. code-block:: none
-   
-      vyos@router# show 
-       default-action drop
-       rule 5 {
-           action accept
-           source {
-               address 203.0.113.0/24
-           }
-       }
-       rule 20 {
-           action accept
-           source {
-               address 198.51.100.0/24
-           }
-       }
-
-
-.. cfgcmd:: comment <config node> "comment text"
-
-   Add comment as an annotation to a configuration node.
-
-   The ``comment`` command allows you to insert a comment above the
-   ``<config node>`` configuration section. When shown, comments are
-   enclosed with ``/*`` and ``*/`` as open/close delimiters. Comments
-   need to be commited, just like other config changes.
-
-   To remove an existing comment from your current configuration,
-   specify an empty string enclosed in double quote marks (``""``) as
-   the comment text.
-
-   Example:
-
-   .. code-block:: none
-
-     vyos@vyos# comment firewall all-ping "Yes I know this VyOS is cool"
-     vyos@vyos# commit
-     vyos@vyos# show
-      firewall {
-          /* Yes I know this VyOS is cool */
-          all-ping enable
-          broadcast-ping disable
-          ...
-      }
-
-   .. note:: An important thing to note is that since the comment is
-      added on top of the section, it will not appear if the ``show
-      <section>`` command is used. With the above example, the `show
-      firewall` command would return starting after the ``firewall
-      {`` line, hiding the comment.
-
-
-
-
-   
-
-.. _run_opmode_from_config_mode:
-
-Access opmode from config mode
-==============================
-
-When inside configuration mode you are not directly able to execute
-operational commands.
-
-.. cfgcmd:: run
-
-  Access to these commands are possible through the use of the
-  ``run [command]`` command. From this command you will have access to
-  everything accessible from operational mode.
-
-  Command completion and syntax help with ``?`` and ``[tab]`` will also
-  work.
-
-  .. code-block:: none
-
-    [edit]
-    vyos@vyos# run show interfaces
-    Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
-    Interface        IP Address                        S/L  Description
-    ---------        ----------                        ---  -----------
-    eth0             0.0.0.0/0                         u/u
-
-Managing configurations
-=======================
-
-VyOS comes with an integrated versioning system for the system
-configuration. It automatically maintains a backup of every previous
-configuration which has been committed to the system. The configurations
-are versioned locally for rollback but they can also be stored on a
-remote host for archiving/backup reasons.
-
-Local Archive
--------------
-
-Revisions are stored on disk. You can view, compare and rollback them to
-any previous revisions if something goes wrong.
-
-.. opcmd:: show system commit
-
-   View all existing revisions on the local system.
-
-   .. code-block:: none
-
-     vyos@vyos:~$ show system commit
-     0   2015-03-30 08:53:03 by vyos via cli
-     1   2015-03-30 08:52:20 by vyos via cli
-     2   2015-03-26 21:26:01 by root via boot-config-loader
-     3   2015-03-26 20:43:18 by root via boot-config-loader
-     4   2015-03-25 11:06:14 by root via boot-config-loader
-     5   2015-03-25 01:04:28 by root via boot-config-loader
-     6   2015-03-25 00:16:47 by vyos via cli
-     7   2015-03-24 23:43:45 by root via boot-config-loader
-
-
-.. cfgcmd:: set system config-management commit-revisions <N>
-
-   You can specify the number of revisions stored on disk. N can be in
-   the range of 0 - 65535. When the number of revisions exceeds the
-   configured value, the oldest revision is removed. The default setting
-   for this value is to store 100 revisions locally.
-
-
-Compare configurations
-----------------------
-
-VyOS lets you compare different configurations.
-
-.. cfgcmd:: compare <saved | N> <M>
-
-   Use this command to spot what the differences are between different
-   configurations.
-
-   .. code-block:: none
-
-     vyos@vyos# compare [tab]
-     Possible completions:
-       <Enter>	Compare working & active configurations
-       saved		Compare working & saved configurations
-       <N>		Compare working with revision N
-       <N> <M>	Compare revision N with M
-       Revisions:
-         0	   2013-12-17 20:01:37 root by boot-config-loader
-         1	   2013-12-13 15:59:31 root by boot-config-loader
-         2	   2013-12-12 21:56:22 vyos by cli
-         3	   2013-12-12 21:55:11 vyos by cli
-         4	   2013-12-12 21:27:54 vyos by cli
-         5	   2013-12-12 21:23:29 vyos by cli
-         6	   2013-12-12 21:13:59 root by boot-config-loader
-         7	   2013-12-12 16:25:19 vyos by cli
-         8	   2013-12-12 15:44:36 vyos by cli
-         9	   2013-12-12 15:42:07 root by boot-config-loader
-         10   2013-12-12 15:42:06 root by init
-
-   The command :cfgcmd:`compare` allows you to compare different type of
-   configurations. It also lets you compare different revisions through
-   the :cfgcmd:`compare N M` command, where N and M are revision
-   numbers. The output will describe how the configuration N is when
-   compared to M indicating with a plus sign (``+``) the additional
-   parts N has when compared to M, and indicating with a minus sign
-   (``-``) the lacking parts N misses when compared to M.
-
-   .. code-block:: none
-
-     vyos@vyos# compare 0 6
-     [edit interfaces]
-     +dummy dum1 {
-     +    address 10.189.0.1/31
-     +}
-     [edit interfaces ethernet eth0]
-     +vif 99 {
-     +    address 10.199.0.1/31
-     +}
-     -vif 900 {
-     -    address 192.0.2.4/24
-     -}
-
-
-.. opcmd:: show system commit diff <number>
-
-   Show commit revision difference.
-
-
-The command above also lets you see the difference between two commits.
-By default the difference with the running config is shown.
-
-.. code-block:: none
-
-   vyos@router# run show system commit diff 4
-   [edit system]
-   +ipv6 {
-   +    disable-forwarding
-   +}
-
-This means four commits ago we did ``set system ipv6 disable-forwarding``.
-
-
-Rollback Changes
-----------------
-
-You can rollback configuration changes using the rollback command. This
-will apply the selected revision and trigger a system reboot.
-
-.. cfgcmd:: rollback <N>
-
-   Rollback to revision N (currently requires reboot)
-
-   .. code-block:: none
-
-     vyos@vyos# compare 1
-     [edit system]
-     >host-name vyos-1
-     [edit]
-
-     vyos@vyos# rollback 1
-     Proceed with reboot? [confirm][y]
-     Broadcast message from root@vyos-1 (pts/0) (Tue Dec 17 21:07:45 2013):
-     The system is going down for reboot NOW!
-
-Remote Archive
---------------
-
-VyOS can upload the configuration to a remote location after each call
-to :cfgcmd:`commit`. You will have to set the commit-archive location.
-TFTP, FTP, SCP and SFTP servers are supported. Every time a
-:cfgcmd:`commit` is successfull the ``config.boot`` file will be copied
-to the defined destination(s). The filename used on the remote host will
-be ``config.boot-hostname.YYYYMMDD_HHMMSS``. 
-
-.. cfgcmd:: set system config-management commit-archive location <URI>
-
-   Specify remote location of commit archive as any of the below
-   :abbr:`URI (Uniform Resource Identifier)`
-
-   * ``scp://<user>:<passwd>@<host>:/<dir>``
-   * ``sftp://<user>:<passwd>@<host>/<dir>``
-   * ``ftp://<user>:<passwd>@<host>/<dir>``
-   * ``tftp://<host>/<dir>``
-
-.. note:: The number of revisions don't affect the commit-archive.
-
-.. note:: You may find VyOS not allowing the secure connection because
-   it cannot verify the legitimacy of the remote server. You can use
-   the workaround below to quickly add the remote host's SSH
-   fingerprint to your ``~/.ssh/known_hosts`` file:
-
-   .. code-block:: none
-
-     vyos@vyos# ssh-keyscan <host> >> ~/.ssh/known_hosts
-
-Saving and loading manually
----------------------------
-
-You can use the ``save`` and ``load`` commands if you want to manually
-manage specific configuration files.
-
-When using the save_ command, you can add a specific location where
-to store your configuration file. And, when needed it, you will be able
-to load it with the ``load`` command:
-
-.. cfgcmd:: load <URI>
-
-   Use this command to load a configuration which will replace the
-   running configuration. Define the location of the configuration file
-   to be loaded. You can use a path to a local file, an SCP address, an
-   SFTP address, an FTP address, an HTTP address, an HTTPS address or a
-   TFTP address.
-
-  .. code-block:: none
-
-     vyos@vyos# load 
-     Possible completions:
-       <Enter>				        Load from system config file
-       <file>			        	Load from file on local machine
-       scp://<user>:<passwd>@<host>:/<file>	Load from file on remote machine
-       sftp://<user>:<passwd>@<host>/<file>	Load from file on remote machine
-       ftp://<user>:<passwd>@<host>/<file>	Load from file on remote machine
-       http://<host>/<file>			Load from file on remote machine
-       https://<host>/<file>			Load from file on remote machine
-       tftp://<host>/<file>			Load from file on remote machine
-     
-
-
-Restore Default
----------------
-
-In the case you want to completely delete your configuration and restore
-the default one, you can enter the following command in configuration
-mode:
-
-.. code-block:: none
-
-  load /opt/vyatta/etc/config.boot.default
-
-You will be asked if you want to continue. If you accept, you will have
-to use :cfgcmd:`commit` if you want to make the changes active.
-
-Then you may want to :cfgcmd:`save` in order to delete the saved
-configuration too.
-
-.. note:: If you are remotely connected, you will lose your connection.
-   You may want to copy first the config, edit it to ensure
-   connectivity, and load the edited config.
diff --git a/docs/configuration/interfaces/openvpn.rst b/docs/configuration/interfaces/openvpn.rst
index 7646959c..f503ae84 100644
--- a/docs/configuration/interfaces/openvpn.rst
+++ b/docs/configuration/interfaces/openvpn.rst
@@ -581,4 +581,4 @@ The following commands let you reset OpenVPN.
 
 
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/configuration/nat/index.rst b/docs/configuration/nat/index.rst
index 85bd41d5..5aeffb63 100644
--- a/docs/configuration/nat/index.rst
+++ b/docs/configuration/nat/index.rst
@@ -606,7 +606,7 @@ The ASP requests that all connections from this company should come from
 172.29.41.89 - an address that is assigned by the ASP and not in use at
 the customer site.
 
-.. figure:: _static/images/nat_before_vpn_topology.png
+.. figure:: /_static/images/nat_before_vpn_topology.png
    :scale: 100 %
    :alt: NAT before VPN Topology
 
diff --git a/docs/configuration/policy/index.rst b/docs/configuration/policy/index.rst
index 557911d9..4b7d48ee 100644
--- a/docs/configuration/policy/index.rst
+++ b/docs/configuration/policy/index.rst
@@ -125,7 +125,7 @@ Routing tables that will be used in this example are:
 * ``main`` Routing table used by VyOS and other interfaces not
   participating in PBR
 
-.. figure:: ../_static/images/pbr_example_1.png
+.. figure:: /_static/images/pbr_example_1.png
    :scale: 80 %
    :alt: PBR multiple uplinks
 
diff --git a/docs/configuration/service/ipoe-server.rst b/docs/configuration/service/ipoe-server.rst
index 279f0c6d..3f794af8 100644
--- a/docs/configuration/service/ipoe-server.rst
+++ b/docs/configuration/service/ipoe-server.rst
@@ -146,4 +146,4 @@ The rate-limit is set in kbit/sec.
   -------+------------+-------------------+-------------+-----+--------+------------+--------+----------+------------------
   ipoe0  | eth2       | 08:00:27:2f:d8:06 | 192.168.0.2 |     |        | 500/500    | active | 00:00:05 | dccc870fd31349fb
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/configuration/service/pppoe-server.rst b/docs/configuration/service/pppoe-server.rst
index 4deb6c7e..28d1f097 100644
--- a/docs/configuration/service/pppoe-server.rst
+++ b/docs/configuration/service/pppoe-server.rst
@@ -394,4 +394,4 @@ a /56 subnet for the clients internal use.
   --------+----------+-------------+--------------------------+---------------------+-------------------+------------+--------+----------+----------+----------
    ppp0   | test     | 192.168.0.1 | 2001:db8:8002:0:200::/64 | 2001:db8:8003::1/56 | 00:53:00:12:42:eb |            | active | 00:00:49 | 875 B    | 2.1 KiB
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/configuration/system/lcd.rst b/docs/configuration/system/lcd.rst
index 2509946e..808d45a2 100644
--- a/docs/configuration/system/lcd.rst
+++ b/docs/configuration/system/lcd.rst
@@ -41,5 +41,5 @@ Configuration
    .. note:: We can't support all displays from the beginning. If your display
       type is missing, please create a feature request via Phabricator_.
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
 
diff --git a/docs/vpn/dmvpn.rst b/docs/configuration/vpn/dmvpn.rst
index 5100b92f..d6706421 100644
--- a/docs/vpn/dmvpn.rst
+++ b/docs/configuration/vpn/dmvpn.rst
@@ -26,7 +26,7 @@ peers.
    complete solution also incorporates the use of a routing protocol. BGP is
    particularly well suited for use with DMVPN.
 
-.. figure:: ../_static/images/vpn_dmvpn_topology01.png
+.. figure:: /_static/images/vpn_dmvpn_topology01.png
    :scale: 40 %
    :alt: Baseline DMVPN topology
 
diff --git a/docs/configuration/vpn/index.rst b/docs/configuration/vpn/index.rst
new file mode 100644
index 00000000..397093c2
--- /dev/null
+++ b/docs/configuration/vpn/index.rst
@@ -0,0 +1,15 @@
+###
+VPN
+###
+
+
+.. toctree::
+   :maxdepth: 1
+   :includehidden:
+
+   ipsec
+   l2tp
+   openconnect
+   pptp
+   rsa-keys
+   sstp
\ No newline at end of file
diff --git a/docs/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst
index 647f3753..647f3753 100644
--- a/docs/vpn/ipsec.rst
+++ b/docs/configuration/vpn/ipsec.rst
diff --git a/docs/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst
index 0d8dde08..0d8dde08 100644
--- a/docs/vpn/l2tp.rst
+++ b/docs/configuration/vpn/l2tp.rst
diff --git a/docs/vpn/openconnect.rst b/docs/configuration/vpn/openconnect.rst
index a409ed9d..a409ed9d 100644
--- a/docs/vpn/openconnect.rst
+++ b/docs/configuration/vpn/openconnect.rst
diff --git a/docs/vpn/pptp.rst b/docs/configuration/vpn/pptp.rst
index 72b3feb0..72b3feb0 100644
--- a/docs/vpn/pptp.rst
+++ b/docs/configuration/vpn/pptp.rst
diff --git a/docs/vpn/site2site_ipsec.rst b/docs/configuration/vpn/site2site_ipsec.rst
index 08ccc648..97f27b43 100644
--- a/docs/vpn/site2site_ipsec.rst
+++ b/docs/configuration/vpn/site2site_ipsec.rst
@@ -218,7 +218,7 @@ IKEv2
 
 Imagine the following topology
 
-.. figure:: ../_static/images/vpn_s2s_ikev2.png
+.. figure:: /_static/images/vpn_s2s_ikev2.png
    :scale: 50 %
    :alt: IPSec IKEv2 site2site VPN
 
diff --git a/docs/vpn/sstp.rst b/docs/configuration/vpn/sstp.rst
index f5e4ad05..dbaa41c0 100644
--- a/docs/vpn/sstp.rst
+++ b/docs/configuration/vpn/sstp.rst
@@ -344,4 +344,4 @@ A connection attempt will be shown as:
 
 .. _sstpc: https://github.com/reliablehosting/sstp-client
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/vrf.rst b/docs/configuration/vrf/index.rst
index 75075be6..a47175f2 100644
--- a/docs/vrf.rst
+++ b/docs/configuration/vrf/index.rst
@@ -304,4 +304,4 @@ For VR Fmaintenance the followin operational commands are in place.
    useful when the host specified is a hostname rather than an IP address.
 
 
-.. include:: common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/configuration/zonepolicy/index.rst b/docs/configuration/zonepolicy/index.rst
new file mode 100644
index 00000000..31784dc3
--- /dev/null
+++ b/docs/configuration/zonepolicy/index.rst
@@ -0,0 +1,8 @@
+###########
+Zone Policy
+###########
+
+
+.. toctree::
+   :maxdepth: 1
+   :includehidden:
\ No newline at end of file
diff --git a/docs/contributing/debugging.rst b/docs/contributing/debugging.rst
index fcd62c89..644545bf 100644
--- a/docs/contributing/debugging.rst
+++ b/docs/contributing/debugging.rst
@@ -143,4 +143,4 @@ order of the scripts.
 .. _vyatta-cfg: https://github.com/vyos/vyatta-cfg
 .. _bootchart.conf: https://github.com/vyos/vyos-build/blob/current/data/live-build-config/includes.chroot/etc/systemd/bootchart.conf
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/contributing/development.rst b/docs/contributing/development.rst
index 0a7fecb5..73b8b22e 100644
--- a/docs/contributing/development.rst
+++ b/docs/contributing/development.rst
@@ -711,4 +711,4 @@ http://dev.packages.vyos.net/repositories/.
 .. _`VLAN (VIF)`: https://github.com/vyos/vyos-1x/tree/current/interface-definitions/include/vif.xml.i
 .. _`MAC address`: https://github.com/vyos/vyos-1x/tree/current/interface-definitions/include/interface-mac.xml.i
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/contributing/documentation.rst b/docs/contributing/documentation.rst
index 0276a7d2..197f5b03 100644
--- a/docs/contributing/documentation.rst
+++ b/docs/contributing/documentation.rst
@@ -325,4 +325,4 @@ predefined structure.
 .. _reStructuredTextDirectives: https://docutils.sourceforge.io/docs/ref/rst/directives.html
 .. _README.md: https://github.com/vyos/vyos-documentation/blob/master/README.md
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/contributing/issues-features.rst b/docs/contributing/issues-features.rst
index 473d49d9..9b6602f9 100644
--- a/docs/contributing/issues-features.rst
+++ b/docs/contributing/issues-features.rst
@@ -77,4 +77,4 @@ the left side under the specific project.
 .. _Slack: https://slack.vyos.io
 .. _Forum: https://forum.vyos.io
 
-.. include:: /common-references.rst
+.. include:: /_include/common-references.txt
diff --git a/docs/coverage.rst b/docs/coverage.rst
index f003f9ff..01d51e90 100644
--- a/docs/coverage.rst
+++ b/docs/coverage.rst
@@ -1,5 +1,3 @@
-:orphan:
-
 ########
 Coverage
 ########
diff --git a/docs/index.rst b/docs/index.rst
index 96272fff..ed16b420 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -22,7 +22,7 @@ VyOS User Guide
    :caption: first steps
 
    installation/index
-   quickstart/index
+   quick-start
    cli
    
 .. toctree::
@@ -47,4 +47,5 @@ VyOS User Guide
 
 
    contributing/index
+   coverage
    copyright
diff --git a/docs/installation/upate.rst b/docs/installation/update.rst
index a3a887f0..a3a887f0 100644
--- a/docs/installation/upate.rst
+++ b/docs/installation/update.rst
diff --git a/docs/operation/index.rst b/docs/operation/index.rst
index b40f769d..647b5b25 100644
--- a/docs/operation/index.rst
+++ b/docs/operation/index.rst
@@ -7,4 +7,5 @@ Operation Mode
    :includehidden:
 
    information
-   ip-command
\ No newline at end of file
+   ip-commands
+   boot-options
\ No newline at end of file
diff --git a/docs/vpn/index.rst b/docs/vpn/index.rst
deleted file mode 100644
index c208b3c0..00000000
--- a/docs/vpn/index.rst
+++ /dev/null
@@ -1,18 +0,0 @@
-.. _vpn:
-
-###
-VPN
-###
-
-.. toctree::
-   :maxdepth: 2
-
-   dmvpn
-   ipsec
-   l2tp
-   openconnect
-   openvpn
-   pptp
-   site2site_ipsec
-   sstp
-   wireguard