+<P><U><B>BGP configuration</B></U></P>
+
+<P>BGP routing configuration is entered by the command:
+The routing configuration section is entered by the command
+<DL><DD><B>router bgp</B> <I>as</I></DL>
+where <I>as</I> specifies the local AS number.
+
+<P>Subsequent lines prefixed with
+<DL><DD><B>neighbour</B> <I>peer</I></DL>
+define the attributes of BGP neighhbours. Valid commands are:
+<DL>
+ <DD><B>neighbour</B> <I>peer</I> <B>remote-as</B> <I>as</I>
+ <DD><B>neighbout</B> <I>peer</I> <B>timers</B> <I>keepalive hold</I>
+</DL>
+
+Where <I>peer</I> specifies the BGP neighbour as either a hostname or
+IP address, <I>as</I> is the remote AS number and <I>keepalive</I>,
+<I>hold</I> are the timer values in seconds.
+
+<P>Named access-lists are configured using one of the commands:
+<DL>
+ <DD><B>ip access-list standard</B> <I>name</I>
+ <DD><B>ip access-list extended</B> <I>name</I>
+</DL>
+
+<P>Subsequent lines prefixed with <B>permit</B> or <B>deny</B>
+define the body of the access-list. Standard access-list syntax:
+<DL>
+ <DD>{<B>permit</B>|<B>deny</B>}
+ {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
+ [{<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>}]
+</DL>
+
+Extended access-lists:
+
+<DIV STYLE="margin-left: 4em; text-indent: -2em">
+ <P>{<B>permit</B>|<B>deny</B>} <B>ip</B>
+ {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
+ {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>} [<B>fragments</B>]
+ <P>{<B>permit</B>|<B>deny</B>} <B>udp</B>
+ {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
+ [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
+ {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>}
+ [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
+ [<B>fragments</B>]
+ <P>{<B>permit</B>|<B>deny</B>} <B>tcp</B>
+ {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
+ [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
+ {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>}
+ [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
+ [{<B>established</B>|{<B>match-any</B>|<B>match-all</B>}
+ {<B>+</B>|<B>-</B>}{<B>fin</B>|<B>syn</B>|<B>rst</B>|<B>psh</B>|<B>ack</B>|<B>urg</B>}
+ ...|<B>fragments</B>]
+</DIV>
+
+<H3 ID="users">users</H3>
+
+Usernames and passwords for the command-line interface are stored in
+this file. The format is <I>username</I><B>:</B><I>password</I> where
+<I>password</I> may either by plain text, an MD5 digest (prefixed by
+<B>$1</B><I>salt</I><B>$</B>) or a DES password, distinguished from
+plain text by the prefix <B>{crypt}</B>.<P>
+
+The username <B>enable</B> has a special meaning and is used to set
+the enable password.<P>
+
+<B>Note:</B> If this file doesn't exist, then anyone who can get to
+port 23 will be allowed access without a username / password.<P>
+
+<H3 ID="ip-pool">ip_pool</H3>
+
+This file is used to configure the IP address pool which user
+addresses are assigned from. This file should contain either an IP
+address or a CIDR network per line. e.g.:<P>