diff options
| author | Johannes Erwerle <jo@swagspace.org> | 2025-04-25 10:12:17 +0200 |
|---|---|---|
| committer | Johannes Erwerle <jo@swagspace.org> | 2025-04-25 10:12:17 +0200 |
| commit | c369910ce0280bdcdb83d1fc8ea563112de96132 (patch) | |
| tree | 5f30b1ddc0b7195178665f955fd9a1faf8290f4f | |
| parent | 2b25c16ebf1c5749d850ca659d11133c023b40d4 (diff) | |
| download | vyos-documentation-c369910ce0280bdcdb83d1fc8ea563112de96132.tar.gz vyos-documentation-c369910ce0280bdcdb83d1fc8ea563112de96132.zip | |
policy: added set vrf and updated mark matching
| -rw-r--r-- | docs/configuration/policy/route.rst | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/docs/configuration/policy/route.rst b/docs/configuration/policy/route.rst index b818d238..1ddd04cf 100644 --- a/docs/configuration/policy/route.rst +++ b/docs/configuration/policy/route.rst @@ -51,6 +51,20 @@ in this section. Set match criteria based on connection mark. +.. cfgcmd:: set policy route <name> rule <n> mark <match_criteria> +.. cfgcmd:: set policy route6 <name> rule <n> mark <match_criteria> + + Match based on the firewall mark (fwmark), where <match_criteria> can be: + + * <0-2147483647> a single fwmark + * !<0-2147483647> everything except a single fwmark + * <start-end> a range of marks + * !<start-end> everything except the range of marks + + .. note:: When using the ``set table`` or ``set vrf`` commands the mark + settings are ignored and overwritten with a table-specific mark that + is set to 0x7FFFFFFF - the id of the table/VRF. + .. cfgcmd:: set policy route <name> rule <n> source address <match_criteria> .. cfgcmd:: set policy route <name> rule <n> destination address @@ -273,7 +287,20 @@ setting a different routing table. Set the routing table to forward packet with. + .. note:: When using the ``set table`` or ``set vrf`` commands matching + against the mark is not possible, because it gets overwritten with a + table-specific mark that is 0x7FFFFFFF - the id of the table/VRF. + .. cfgcmd:: set policy route <name> rule <n> set tcp-mss <500-1460> .. cfgcmd:: set policy route6 <name> rule <n> set tcp-mss <500-1460> Set packet modifications: Explicitly set TCP Maximum segment size value. + +.. cfgcmd:: set policy route <name> rule <n> set vrf <default | text > +.. cfgcmd:: set policy route6 <name> rule <n> set vrf <default | text > + + Set the VRF to forward packet with. + + .. note:: When using the ``set table`` or ``set vrf`` commands matching + against the mark is not possible, because it gets overwritten with a + table-specific mark that is 0x7FFFFFFF - the id of the table/VRF. |