summaryrefslogtreecommitdiff
path: root/docs/configuration
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration')
-rw-r--r--docs/configuration/interfaces/ethernet.rst11
-rw-r--r--docs/configuration/service/monitoring.rst58
-rw-r--r--docs/configuration/service/ssh.rst6
3 files changed, 68 insertions, 7 deletions
diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst
index 30a13b5b..7288d9d2 100644
--- a/docs/configuration/interfaces/ethernet.rst
+++ b/docs/configuration/interfaces/ethernet.rst
@@ -20,6 +20,17 @@ Common interface configuration
:var0: ethernet
:var1: eth0
+.. cfgcmd:: set interface ethernet <interface> switchdev
+
+ Switches this interface to `switchdev` mode that allows network interfaces to offload
+ certain networking functions directly to hardware, like a network switch or a SmartNIC.
+ This enables higher performance and lower latency for network processing by
+ bypassing the kernel's network stack for supported operations.
+
+.. note:: This is only supported on certain physical network interfaces
+ and depends on specific models and drivers.
+
+
Ethernet options
================
diff --git a/docs/configuration/service/monitoring.rst b/docs/configuration/service/monitoring.rst
index 5c306903..0e4ddc61 100644
--- a/docs/configuration/service/monitoring.rst
+++ b/docs/configuration/service/monitoring.rst
@@ -212,34 +212,78 @@ Node Exporter
=============
Prometheus node_exporter_ which provides a wide range of hardware and OS metrics.
-.. cfgcmd:: set service monitoring node-exporter listen-address <address>
+.. cfgcmd:: set service monitoring prometheus node-exporter listen-address <address>
Configure the address node_exporter is listening on.
-.. cfgcmd:: set service monitoring node-exporter port <port>
+.. cfgcmd:: set service monitoring prometheus node-exporter port <port>
Configure the port number node_exporter is listening on.
-.. cfgcmd:: set service monitoring node-exporter vrf <name>
+.. cfgcmd:: set service monitoring prometheus node-exporter vrf <name>
Configure name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
+.. cfgcmd:: set service monitoring prometheus node-exporter collectors textfile
+
+ Configure textfile collector to export custom metrics read from
+ `/run/node_exporter/collector`
+
FRR Exporter
============
Prometheus frr_exporter_ which provides free range routing metrics.
-.. cfgcmd:: set service monitoring frr-exporter listen-address <address>
+.. cfgcmd:: set service monitoring prometheus frr-exporter listen-address <address>
Configure the address frr_exporter is listening on.
-.. cfgcmd:: set service monitoring frr-exporter port <port>
+.. cfgcmd:: set service monitoring prometheus frr-exporter port <port>
Configure the port number frr_exporter is listening on.
-.. cfgcmd:: set service monitoring frr-exporter vrf <name>
+.. cfgcmd:: set service monitoring prometheus frr-exporter vrf <name>
Configure name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
+
+Blackbox Exporter
+=================
+Prometheus blackbox_exporter_ which allows probing of endpoints over
+HTTP, HTTPS, DNS, TCP, ICMP and gRPC .
+
+.. cfgcmd:: set service monitoring prometheus blackbox-exporter listen-address <address>
+
+ Configure the address blackbox_exporter is listening on.
+
+.. cfgcmd:: set service monitoring prometheus blackbox-exporter port <port>
+
+ Configure the port number blackbox_exporter is listening on.
+
+.. cfgcmd:: set service monitoring prometheus blackbox-exporter vrf <name>
+
+ Configure name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
+
+Configuring modules
+-------------------
+Blackbox exporter can be configured with different modules for probing DNS or ICMP.
+
+DNS module example:
+
+.. code-block:: none
+
+ set service monitoring prometheus blackbox-exporter modules dns name dns4 preferred-ip-protocol ip4
+ set service monitoring prometheus blackbox-exporter modules dns name dns4 query-name vyos.io
+ set service monitoring prometheus blackbox-exporter modules dns name dns4 query-type A
+
+ICMP module example:
+
+.. code-block:: none
+
+ set service monitoring prometheus blackbox-exporter modules icmp name ping6 preferred-ip-protocol ip6
+ set service monitoring prometheus blackbox-exporter modules icmp name ping6 ip-protocol-fallback
+ set service monitoring prometheus blackbox-exporter modules icmp name ping6 timeout 3
+
.. _node_exporter: https://github.com/prometheus/node_exporter
-.. _frr_exporter: https://github.com/tynany/frr_exporter \ No newline at end of file
+.. _frr_exporter: https://github.com/tynany/frr_exporter
+.. _blackbox_exporter: https://github.com/prometheus/blackbox_exporter
diff --git a/docs/configuration/service/ssh.rst b/docs/configuration/service/ssh.rst
index e7642433..4fa44d3e 100644
--- a/docs/configuration/service/ssh.rst
+++ b/docs/configuration/service/ssh.rst
@@ -129,6 +129,12 @@ Configuration
``rsa-sha2-256-cert-v01@openssh.com``, ``rsa-sha2-512``,
``rsa-sha2-512-cert-v01@openssh.com``
+.. cfgcmd:: set service ssh trusted-user-ca-key ca-certificate <ca_cert_name>
+
+ Specify the name of the CA certificate that will be used to verify the user
+ certificates.
+ You can use it by adding the CA certificate with the PKI command.
+
Dynamic-protection
==================
Protects host from brute-force attacks against
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-28 02:13:43 +0000