summaryrefslogtreecommitdiff
path: root/docs/configuration/policy
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration/policy')
-rw-r--r--docs/configuration/policy/access-list.rst11
-rw-r--r--docs/configuration/policy/as-path-list.rst33
-rw-r--r--docs/configuration/policy/bgp-policies.rst124
-rw-r--r--docs/configuration/policy/community-list.rst35
-rw-r--r--docs/configuration/policy/examples.rst13
-rw-r--r--docs/configuration/policy/extcommunity-list.rst40
-rw-r--r--docs/configuration/policy/index.rst5
-rw-r--r--docs/configuration/policy/large-community-list.rst36
-rw-r--r--docs/configuration/policy/prefix-list.rst7
-rw-r--r--docs/configuration/policy/route-map.rst6
-rw-r--r--docs/configuration/policy/route.rst7
11 files changed, 157 insertions, 160 deletions
diff --git a/docs/configuration/policy/access-list.rst b/docs/configuration/policy/access-list.rst
index 41c35986..0af9b911 100644
--- a/docs/configuration/policy/access-list.rst
+++ b/docs/configuration/policy/access-list.rst
@@ -33,7 +33,7 @@ Access Lists
<destination|source> <any|host|inverse-mask|network>
This command defines matching parameters for access list rule. Matching
- criteria could be applied to destinarion or source parameters:
+ criteria could be applied to destination or source parameters:
* any: any IP address to match.
* host: single host IP address to match.
@@ -67,11 +67,4 @@ Basic filtering could also be applied to IPv6 traffic.
* any: any IPv6 address to match.
* exact-match: exact match of the network prefixes.
* network: network/netmask to match (requires inverse-match be defined) BUG,
- NO invert-match option in access-list6
-
-
-********
-Examples
-********
-
-Examples would be uploaded soon. \ No newline at end of file
+ NO invert-match option in access-list6 \ No newline at end of file
diff --git a/docs/configuration/policy/as-path-list.rst b/docs/configuration/policy/as-path-list.rst
new file mode 100644
index 00000000..ceeb8e01
--- /dev/null
+++ b/docs/configuration/policy/as-path-list.rst
@@ -0,0 +1,33 @@
+####################
+BGP - AS Path Policy
+####################
+
+VyOS provides policies commands exclusively for BGP traffic filtering and
+manipulation: **as-path-list** is one of them.
+
+*************
+Configuration
+*************
+
+policy as-path-list
+===================
+
+.. cfgcmd:: set policy as-path-list <text>
+
+ Create as-path-policy identified by name <text>.
+
+.. cfgcmd:: set policy as-path-list <text> description <text>
+
+ Set description for as-path-list policy.
+
+.. cfgcmd:: set policy as-path-list <text> rule <1-65535> action <permit|deny>
+
+ Set action to take on entries matching this rule.
+
+.. cfgcmd:: set policy as-path-list <text> rule <1-65535> description <text>
+
+ Set description for rule.
+
+.. cfgcmd:: set policy as-path-list <text> rule <1-65535> regex <text>
+
+ Regular expression to match against an AS path. For example "64501 64502".
diff --git a/docs/configuration/policy/bgp-policies.rst b/docs/configuration/policy/bgp-policies.rst
deleted file mode 100644
index 72b612cb..00000000
--- a/docs/configuration/policy/bgp-policies.rst
+++ /dev/null
@@ -1,124 +0,0 @@
-####################
-BGP Related Policies
-####################
-
-VyOS provides policies commands exclusively for BGP traffic filtering and
-manipulation. In this section, all those commands are covered.
-
-*************
-Configuration
-*************
-
-policy as-path-list
-===================
-
-.. cfgcmd:: set policy as-path-list <text>
-
- Create as-path-policy identified by name <text>.
-
-.. cfgcmd:: set policy as-path-list <text> description <text>
-
- Set description for as-path-list policy.
-
-.. cfgcmd:: set policy as-path-list <text> rule <1-65535> action <permit|deny>
-
- Set action to take on entries matching this rule.
-
-.. cfgcmd:: set policy as-path-list <text> rule <1-65535> description <text>
-
- Set description for rule.
-
-.. cfgcmd:: set policy as-path-list <text> rule <1-65535> regex <text>
-
- Regular expression to match against an AS path. For example "64501 64502".
-
-
-policy community-list
-=====================
-
-.. cfgcmd:: set policy community-list <text>
-
- Creat community-list policy identified by name <text>.
-
-.. cfgcmd:: set policy community-list <text> description <text>
-
- Set description for community-list policy.
-
-.. cfgcmd:: set policy community-list <text> rule <1-65535> action
- <permit|deny>
-
- Set action to take on entries matching this rule.
-
-.. cfgcmd:: set policy community-list <text> rule <1-65535> description <text>
-
- Set description for rule.
-
-.. cfgcmd:: set policy community-list <text> rule <1-65535> regex
- <aa:nn|local-AS|no-advertise|no-export|internet|additive>
-
- Regular expression to match against a community-list.
-
-
-policy extcommunity-list
-========================
-
-.. cfgcmd:: set policy extcommunity-list <text>
-
- Creat extcommunity-list policy identified by name <text>.
-
-.. cfgcmd:: set policy extcommunity-list <text> description <text>
-
- Set description for extcommunity-list policy.
-
-.. cfgcmd:: set policy extcommunity-list <text> rule <1-65535> action
- <permit|deny>
-
- Set action to take on entries matching this rule.
-
-.. cfgcmd:: set policy extcommunity-list <text> rule <1-65535> description
- <text>
-
- Set description for rule.
-
-.. cfgcmd:: set policy extcommunity-list <text> rule <1-65535> regex <text>
-
- Regular expression to match against an extended community list, where text
- could be:
-
- * <aa:nn:nn>: Extended community list regular expression.
- * <rt aa:nn:nn>: Route Target regular expression.
- * <soo aa:nn:nn>: Site of Origin regular expression.
-
-
-policy large-community-list
-===========================
-
-.. cfgcmd:: set policy large-community-list <text>
-
- Creat large-community-list policy identified by name <text>.
-
-.. cfgcmd:: set policy large-community-list <text> description <text>
-
- Set description for large-community-list policy.
-
-.. cfgcmd:: set policy large-community-list <text> rule <1-65535> action
- <permit|deny>
-
- Set action to take on entries matching this rule.
-
-.. cfgcmd:: set policy large-community-list <text> rule <1-65535> description
- <text>
-
- Set description for rule.
-
-.. cfgcmd:: set policy large-community-list <text> rule <1-65535> regex
- <aa:nn:nn>
-
- Regular expression to match against a large community list.
-
-
-********
-Examples
-********
-
-Examples would be uploaded soon. \ No newline at end of file
diff --git a/docs/configuration/policy/community-list.rst b/docs/configuration/policy/community-list.rst
new file mode 100644
index 00000000..e53abeb3
--- /dev/null
+++ b/docs/configuration/policy/community-list.rst
@@ -0,0 +1,35 @@
+####################
+BGP - Community List
+####################
+
+VyOS provides policies commands exclusively for BGP traffic filtering and
+manipulation: **community-list** is one of them.
+
+*************
+Configuration
+*************
+
+policy community-list
+=====================
+
+.. cfgcmd:: set policy community-list <text>
+
+ Creat community-list policy identified by name <text>.
+
+.. cfgcmd:: set policy community-list <text> description <text>
+
+ Set description for community-list policy.
+
+.. cfgcmd:: set policy community-list <text> rule <1-65535> action
+ <permit|deny>
+
+ Set action to take on entries matching this rule.
+
+.. cfgcmd:: set policy community-list <text> rule <1-65535> description <text>
+
+ Set description for rule.
+
+.. cfgcmd:: set policy community-list <text> rule <1-65535> regex
+ <aa:nn|local-AS|no-advertise|no-export|internet|additive>
+
+ Regular expression to match against a community-list. \ No newline at end of file
diff --git a/docs/configuration/policy/examples.rst b/docs/configuration/policy/examples.rst
index 88715a0a..a1d40db4 100644
--- a/docs/configuration/policy/examples.rst
+++ b/docs/configuration/policy/examples.rst
@@ -1,5 +1,6 @@
+###########
BGP Example
-===========
+###########
**Policy definition:**
@@ -50,9 +51,9 @@ neighbor.
You now see the longer AS path.
-
+#################
Transparent Proxy
-=================
+#################
The following example will show how VyOS can be used to redirect web
traffic to an external transparent proxy:
@@ -84,9 +85,9 @@ interface, we use:
set interfaces ethernet eth1 policy route FILTER-WEB
-
+################
Multiple Uplinks
-================
+################
VyOS Policy-Based Routing (PBR) works by matching source IP address
ranges and forwarding the traffic using different routing tables.
@@ -146,7 +147,7 @@ These commands allow the VLAN10 and VLAN20 hosts to communicate with
each other using the main routing table.
Local route
------------
+===========
The following example allows VyOS to use :abbr:`PBR (Policy-Based Routing)`
for traffic, which originated from the router itself. That solution for multiple
diff --git a/docs/configuration/policy/extcommunity-list.rst b/docs/configuration/policy/extcommunity-list.rst
new file mode 100644
index 00000000..c413b8b5
--- /dev/null
+++ b/docs/configuration/policy/extcommunity-list.rst
@@ -0,0 +1,40 @@
+#############################
+BGP - Extended Community List
+#############################
+
+VyOS provides policies commands exclusively for BGP traffic filtering and
+manipulation: **extcommunity-list** is one of them.
+
+*************
+Configuration
+*************
+
+policy extcommunity-list
+========================
+
+.. cfgcmd:: set policy extcommunity-list <text>
+
+ Creat extcommunity-list policy identified by name <text>.
+
+.. cfgcmd:: set policy extcommunity-list <text> description <text>
+
+ Set description for extcommunity-list policy.
+
+.. cfgcmd:: set policy extcommunity-list <text> rule <1-65535> action
+ <permit|deny>
+
+ Set action to take on entries matching this rule.
+
+.. cfgcmd:: set policy extcommunity-list <text> rule <1-65535> description
+ <text>
+
+ Set description for rule.
+
+.. cfgcmd:: set policy extcommunity-list <text> rule <1-65535> regex <text>
+
+ Regular expression to match against an extended community list, where text
+ could be:
+
+ * <aa:nn:nn>: Extended community list regular expression.
+ * <rt aa:nn:nn>: Route Target regular expression.
+ * <soo aa:nn:nn>: Site of Origin regular expression.
diff --git a/docs/configuration/policy/index.rst b/docs/configuration/policy/index.rst
index fc1c1366..51f60479 100644
--- a/docs/configuration/policy/index.rst
+++ b/docs/configuration/policy/index.rst
@@ -35,8 +35,11 @@ Policy Sections
prefix-list
route
route-map
- bgp-policies
local-route
+ as-path-list
+ community-list
+ extcommunity-list
+ large-community-list
********
Examples
diff --git a/docs/configuration/policy/large-community-list.rst b/docs/configuration/policy/large-community-list.rst
new file mode 100644
index 00000000..39da0815
--- /dev/null
+++ b/docs/configuration/policy/large-community-list.rst
@@ -0,0 +1,36 @@
+##########################
+BGP - Large Community List
+##########################
+
+VyOS provides policies commands exclusively for BGP traffic filtering and
+manipulation: **large-community-list** is one of them.
+
+*************
+Configuration
+*************
+
+policy large-community-list
+===========================
+
+.. cfgcmd:: set policy large-community-list <text>
+
+ Creat large-community-list policy identified by name <text>.
+
+.. cfgcmd:: set policy large-community-list <text> description <text>
+
+ Set description for large-community-list policy.
+
+.. cfgcmd:: set policy large-community-list <text> rule <1-65535> action
+ <permit|deny>
+
+ Set action to take on entries matching this rule.
+
+.. cfgcmd:: set policy large-community-list <text> rule <1-65535> description
+ <text>
+
+ Set description for rule.
+
+.. cfgcmd:: set policy large-community-list <text> rule <1-65535> regex
+ <aa:nn:nn>
+
+ Regular expression to match against a large community list.
diff --git a/docs/configuration/policy/prefix-list.rst b/docs/configuration/policy/prefix-list.rst
index ebc02ea2..63b6510e 100644
--- a/docs/configuration/policy/prefix-list.rst
+++ b/docs/configuration/policy/prefix-list.rst
@@ -78,10 +78,3 @@ IPv6 Prefix Lists
.. cfgcmd:: set policy prefix-list6 <text> rule <1-65535> le <0-128>
Netmask less than lenght
-
-
-********
-Examples
-********
-
-Examples would be uploaded soon. \ No newline at end of file
diff --git a/docs/configuration/policy/route-map.rst b/docs/configuration/policy/route-map.rst
index 14cace25..7c236cf7 100644
--- a/docs/configuration/policy/route-map.rst
+++ b/docs/configuration/policy/route-map.rst
@@ -254,9 +254,3 @@ Route Map
<0-4294967295>
Set BGP weight attribute
-
-********
-Examples
-********
-
-Examples would be uploaded soon. \ No newline at end of file
diff --git a/docs/configuration/policy/route.rst b/docs/configuration/policy/route.rst
index 8f54a47b..ffbe85b2 100644
--- a/docs/configuration/policy/route.rst
+++ b/docs/configuration/policy/route.rst
@@ -419,10 +419,3 @@ IPv6 Route
Weekdays to match rule on. Format for weekdays: Mon,Thu,Sat. To negate add !
at the front eg. !Mon,Thu,Sat.
-
-
-********
-Examples
-********
-
-Examples would be uploaded soon. \ No newline at end of file