diff options
| -rw-r--r-- | docs/configuration-overview.rst | 9 | ||||
| -rw-r--r-- | docs/firewall.rst | 12 | ||||
| -rw-r--r-- | docs/history.rst | 29 | ||||
| -rw-r--r-- | docs/services/dhcp.rst | 2 |
4 files changed, 34 insertions, 18 deletions
diff --git a/docs/configuration-overview.rst b/docs/configuration-overview.rst index cb5bf716..7d0e8767 100644 --- a/docs/configuration-overview.rst +++ b/docs/configuration-overview.rst @@ -221,7 +221,7 @@ These commands are also relative to the level where they are executed and all re These two commands above are essentially the same, just executed from different levels in the hierarchy. To delete a configuration entry use the `delete` command, this also deletes all sub-levels under the current level you've specified in the `delete` command. -Deleting an entry would also result in the element reverting back to its default value if one exist. +Deleting an entry will also result in the element reverting back to its default value if one exists. .. code-block:: sh @@ -351,6 +351,9 @@ To compare configuration revisions in configuration mode, use the compare comman [edit] vyos@vyos# +Comparing Revisions +""""""""""""""""""" + You can compare revisions with `compare X Y` command, where X and Y are revision numbers. The output will describe how the configuration X is when compared to Y, indicating with a plus sign (**+**) the additional parts X has when compared to y, and indicating with a minus sign (**-**) the lacking parts x misses when compared to y. .. code-block:: sh @@ -368,6 +371,8 @@ You can compare revisions with `compare X Y` command, where X and Y are revision - address 192.0.2.4/24 -} +Rolling Back Changes +"""""""""""""""""""" You can rollback configuration using the rollback command. This command will apply the selected revision and trigger a system reboot. @@ -386,7 +391,7 @@ command will apply the selected revision and trigger a system reboot. vyos@vyos# Configuring the archive size -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +"""""""""""""""""""""""""""" You can specify the number of revisions stored on disk with `set system config-management commit-revisions X`, where X is a number between 0 and 65535. When the number of revisions exceeds that number, the oldest revision is removed. diff --git a/docs/firewall.rst b/docs/firewall.rst index f875ad12..f4708b2a 100644 --- a/docs/firewall.rst +++ b/docs/firewall.rst @@ -37,7 +37,7 @@ or the need to reload individual firewall rules. .. note:: Groups can also be referenced by NAT configuration. -While network groups accept IP networks in CIDR notation, specific IP addresses +While **network groups** accept IP networks in CIDR notation, specific IP addresses can be added as a 32-bit prefix. If you foresee the need to add a mix of addresses and networks, the network group is recommended. @@ -49,7 +49,15 @@ internal network: set firewall group network-group NET-INSIDE network 192.168.0.0/24 set firewall group network-group NET-INSIDE network 192.168.1.0/24 -A port group represents only port numbers, not the protocol. Port groups can +Groups need to have unique names. Even though some contain IPv4 addresses and others contain IPv6 addresses, they still need to have unique names, so you may want to append "-v4" or "-v6" to your group names. + +.. code-block:: sh + + set firewall group network-group NET-INSIDE-v4 network 192.168.1.0/24 + set firewall group ipv6-network-group NET-INSIDE-v6 network 2001:db8::/64 + + +A **port group** represents only port numbers, not the protocol. Port groups can be referenced for either TCP or UDP. It is recommended that TCP and UDP groups are created separately to avoid accidentally filtering unnecessary ports. Ranges of ports can be specified by using `-`. diff --git a/docs/history.rst b/docs/history.rst index aa9bae7e..957cc6f3 100644 --- a/docs/history.rst +++ b/docs/history.rst @@ -15,28 +15,31 @@ edition of Vyatta. Here everyone loves learning, older managers and new users. VyOS is primarily based on `Debian GNU/Linux <http://www.debian.org/>`_ and the `Quagga <http://www.nongnu.org/quagga/>`_ routing engine. Its configuration syntax and :ref:`cli` are loosely derived from Juniper JUNOS as modelled by the -`XORP project <http://www.xorp.org/>`_ (which was the original routing engine -Vyatta was based upon). +`XORP project <http://www.xorp.org/>`_, which was the original routing engine for +Vyatta. -Vyatta changed to the Quagga routing engine for release 4.0. +In the 4.0 release of Vyatta, the routing engine was changed to Quagga. -VyOS changed the routing engine to `FRRouting <https://frrouting.org/>`_ in -version 1.2.0 +As of version 1.2.0, VyOS now uses `FRRouting <https://frrouting.org/>`_ as +the routing engine. -**How it's different from other router distros?** +**How it's different from other router distributions and platforms?** +- More than just a firewall and VPN, VyOS includes extended routing capabilities like OSPFv2, OSPFv3, BGP, + VRRP, and extensive route policy mapping and filtering. - Unified command line interface in the style of hardware routers. -- Scriptable CLI +- Scriptable CLI. - Stateful configuration system: prepare changes and commit at once or discard, view previous revisions or rollback to them, archive revisions to remote - server, execute hooks at commit time... + server and execute hooks at commit time. - Image-based upgrade: keep multiple versions on the same system and revert to - previous image if something went wrong. -- Not just firewall and VPN: includes routing protocols such as BGP and OSPF and - complex routing policy language. + previous image if a problem arises. +- Multiple VPN capabilities: OpenVPN, IPSec, Wireguard (in 1.2.0+), DPMVPN, and more. +- IPv4 and IPv6 support. - Runs on physical and virtual platforms alike: small x86 boards, big servers, - KVM, Xen, VMWare, Hyper-V... + KVM, Xen, VMWare, Hyper-V, and more. - Completely free and open source, with documented internal APIs and build procedures. -- Community driven: patches are welcome, all code, bugs, and nightly builds are +- Community driven. Patches are welcome and all code, bugs, and nightly builds are public. + diff --git a/docs/services/dhcp.rst b/docs/services/dhcp.rst index 0fc01f04..36162bbe 100644 --- a/docs/services/dhcp.rst +++ b/docs/services/dhcp.rst @@ -23,7 +23,7 @@ Interface Configuration .. code-block:: sh - set interface eth1 address 172.16.17.1/24 + set interface ethernet eth1 address 172.16.17.1/24 Multiple ranges can be defined and can contain holes. |