4 files changed, 79 insertions, 7 deletions

diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst
index 30a13b5b..7288d9d2 100644
--- a/docs/configuration/interfaces/ethernet.rst
+++ b/docs/configuration/interfaces/ethernet.rst
@@ -20,6 +20,17 @@ Common interface configuration
    :var0: ethernet
    :var1: eth0
 
+.. cfgcmd:: set interface ethernet <interface> switchdev
+
+  Switches this interface to `switchdev` mode that allows network interfaces to offload
+  certain networking functions directly to hardware, like a network switch or a SmartNIC.
+  This enables higher performance and lower latency for network processing by
+  bypassing the kernel's network stack for supported operations.
+
+.. note:: This is only supported on certain physical network interfaces
+   and depends on specific models and drivers.
+
+
 Ethernet options
 ================
 
diff --git a/docs/configuration/service/monitoring.rst b/docs/configuration/service/monitoring.rst
index 5c306903..0e4ddc61 100644
--- a/docs/configuration/service/monitoring.rst
+++ b/docs/configuration/service/monitoring.rst
@@ -212,34 +212,78 @@ Node Exporter
 =============
 Prometheus node_exporter_ which provides a wide range of hardware and OS metrics.
 
-.. cfgcmd:: set service monitoring node-exporter listen-address <address>
+.. cfgcmd:: set service monitoring prometheus node-exporter listen-address <address>
 
   Configure the address node_exporter is listening on.
 
-.. cfgcmd:: set service monitoring node-exporter port <port>
+.. cfgcmd:: set service monitoring prometheus node-exporter port <port>
 
   Configure the port number node_exporter is listening on.
 
-.. cfgcmd:: set service monitoring node-exporter vrf <name>
+.. cfgcmd:: set service monitoring prometheus node-exporter vrf <name>
 
   Configure name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
 
+.. cfgcmd:: set service monitoring prometheus node-exporter collectors textfile
+
+  Configure textfile collector to export custom metrics read from
+  `/run/node_exporter/collector`
+
 
 FRR Exporter
 ============
 Prometheus frr_exporter_ which provides free range routing metrics.
 
-.. cfgcmd:: set service monitoring frr-exporter listen-address <address>
+.. cfgcmd:: set service monitoring prometheus frr-exporter listen-address <address>
 
   Configure the address frr_exporter is listening on.
 
-.. cfgcmd:: set service monitoring frr-exporter port <port>
+.. cfgcmd:: set service monitoring prometheus frr-exporter port <port>
 
   Configure the port number frr_exporter is listening on.
 
-.. cfgcmd:: set service monitoring frr-exporter vrf <name>
+.. cfgcmd:: set service monitoring prometheus frr-exporter vrf <name>
 
   Configure name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
 
+
+Blackbox Exporter
+=================
+Prometheus blackbox_exporter_ which allows probing of endpoints over
+HTTP, HTTPS, DNS, TCP, ICMP and gRPC .
+
+.. cfgcmd:: set service monitoring prometheus blackbox-exporter listen-address <address>
+
+  Configure the address blackbox_exporter is listening on.
+
+.. cfgcmd:: set service monitoring prometheus blackbox-exporter port <port>
+
+  Configure the port number blackbox_exporter is listening on.
+
+.. cfgcmd:: set service monitoring prometheus blackbox-exporter vrf <name>
+
+  Configure name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
+
+Configuring modules
+-------------------
+Blackbox exporter can be configured with different modules for probing DNS or ICMP.
+
+DNS module example:
+
+.. code-block:: none
+
+  set service monitoring prometheus blackbox-exporter modules dns name dns4 preferred-ip-protocol ip4
+  set service monitoring prometheus blackbox-exporter modules dns name dns4 query-name vyos.io
+  set service monitoring prometheus blackbox-exporter modules dns name dns4 query-type A
+
+ICMP module example:
+
+.. code-block:: none
+
+  set service monitoring prometheus blackbox-exporter modules icmp name ping6 preferred-ip-protocol ip6
+  set service monitoring prometheus blackbox-exporter modules icmp name ping6 ip-protocol-fallback
+  set service monitoring prometheus blackbox-exporter modules icmp name ping6 timeout 3
+
 .. _node_exporter: https://github.com/prometheus/node_exporter
-.. _frr_exporter: https://github.com/tynany/frr_exporter
\ No newline at end of file
+.. _frr_exporter: https://github.com/tynany/frr_exporter
+.. _blackbox_exporter: https://github.com/prometheus/blackbox_exporter
diff --git a/docs/configuration/service/ssh.rst b/docs/configuration/service/ssh.rst
index e7642433..4fa44d3e 100644
--- a/docs/configuration/service/ssh.rst
+++ b/docs/configuration/service/ssh.rst
@@ -129,6 +129,12 @@ Configuration
   ``rsa-sha2-256-cert-v01@openssh.com``, ``rsa-sha2-512``,
   ``rsa-sha2-512-cert-v01@openssh.com``
 
+.. cfgcmd:: set service ssh trusted-user-ca-key ca-certificate <ca_cert_name>
+
+  Specify the name of the CA certificate that will be used to verify the user
+  certificates.
+  You can use it by adding the CA certificate with the PKI command.
+
 Dynamic-protection
 ==================
 Protects host from brute-force attacks against
diff --git a/docs/installation/index.rst b/docs/installation/index.rst
index 9ab43b0e..7cdd9c29 100644
--- a/docs/installation/index.rst
+++ b/docs/installation/index.rst
@@ -2,6 +2,17 @@
 Installation and Image Management
 #################################
 
+.. note:: This is most likely only relevant for virtual installations:
+
+   When installing VyOS ensure that the MAC address selected for your NICs is
+   not a locally administered MAC address. Locally administered addresses are
+   distinguished from universally administered addresses by setting (assigning
+   the value of 1 to) the second-least-significant bit of the first octet of
+   the address:
+
+   Example: ``02:00:00:00:00:01``, where the second-least-significant bit
+   (``02`` in hex) is set to ``1``.
+
 .. toctree::
    :maxdepth: 2
    :caption: Content